Are you ready for C-SOX? surprise... it is Chinese SOX 2693
lekatis last edited by
The name: Basic Standard for Enterprise Internal Control… or C-SOX
China is one of the countries that has issued regulations specifying comprehensive requirements over a company’s internal control framework.
The C-SOX together with its three guidance documents will be effective from 1 July 2009 for listed companies in China.
The legislation was launched by the Chinese Ministry of Finance, the National Audit Office, the China Securities Regulatory Commission, the China Banking Regulatory Commission, and the China Insurance Regulatory Commission.
The usual SOX related elements are all present: Companies listed on the Shanghai or Shenzhen exchanges must conduct self-evaluations of their internal controls, must publish an evaluation report on an annual basis and must hire external auditors to audit the effectiveness of their internal controls. Policies, procedures, risk assessment, self assessments, testing, documentation…
C-SOX affects over 900 companies listed on the Shanghai Stock Exchange and 800 companies listed on the Shenzhen Stock Exchange.
The challenge: Many Chinese companies have never gone through this type of compliance process before.
Some Chinese companies understand SOX very well.
There are only about 50 Hong Kong or Chinese companies that are SEC registrants because of US debt or equity so they understand the US SOX
There are many companies in China that are subsidiaries or joint ventures of overseas SEC registrants.
There are some companies in China that comply with Sarbanes-Oxley as an indication of best practice in corporate governance.
Main Challenges and Opportunities in China:
The lack of IT control documentation and testing in many firms
The lack of an enterprice-wide, processed based approach in many firms
The shortage of qualified and experienced risk management professionals to work in internal control design, operation, testing, documentation and compliance management.