SOX compliance for a new company 1539

  • Hi,
    I, together with a team are implementing SOX 404 in a telco in Spain. Now, a new company is created with a separate legal entity from the existing one. It is expected to be operative by July 1st 2006. So if it is to be SOX compliant according to the materiality scope defined by the auditing company when should it be the time limit for the compliance?
    could anybody help me out with this, please??
    Thanks a lot

  • We probably need a little more background information in order to answer your question.
    Why are you implementing SOX 404? Are you a US registrant required to do this? When do you have to be compliant?
    Who owns the new legal entity? If it is the company that you are implementing SOX 404 on, the dealine will be the same.

  • Being a foreign registrant, composed by several legal entities, all of them already SOX compliant, a new legal entity is being created and is becoming operative by July 1st. Are there any time constraints for this new legal entity to be SOX compliant as the legal entities from the group are?

  • Assuming that the new legal entity was a part of the registrant’s consolidated reporting group, it would be required to be compliant as of the end of the year that it was formed. If you were acquiring a business instead of starting one from the beginning (like a new division, concept, etc.) you could get a bye on the need for that business to be compliant in the first year ending after acquisition. Starting a new business does not give you that option.
    Of course, everything is subject to materiality. If the new legal entity is not material to the consolidated group, then you could deem it to be out of scope and not have to do anything for it related to SOX 404.

  • As kymike states it is the US registrant company that needs to be SOx compliant.
    Any subsidiary of this company should assess controls over any processes material to the financial reporting of the group - this would form part of management’s assessment for s404 for the group as a whole .
    Subsidiaries never require to be compliant themselves.

Log in to reply