2020 trends in SOX compliance

SOX & Internal Controls Professionals Group released a survey which measures the costs, execution, challenges and priorities faced by companies that comply with the Sarbanes-Oxley Act (SOX).

“In its fifth year, our survey reflects the broad experience of SOX professionals over time and presents a balanced perspective of the current state of SOX and internal controls management,” said Camille Kearns Rudy, National Director of the SOX & Internal Controls (IC) Professionals Group.

“Importantly, the survey confirms that the C-suite views SOX as highly valuable in their organizations. This acknowledgement ensures that SOX will have access to institutional capital needed to thrive and be effective.”

Improving efficiency in the SOX function was the top priority for SOX/IC practitioners in 2020. One-third of respondents reported they spend more than half their time on SOX, and that finding new ways to reduce the complexity of the controls processes and the time spent on manual testing was key.

Many still relying on spreadsheets and desktop publishing tools

Forty-four percent of respondents said they will focus heavily on controls automation, which ushers in the need for intelligent, cloud-based technology.

More than half of the market currently uses a SOX-specific software to execute their SOX compliance program, but one-third still rely on spreadsheets and desktop publishing tools.

While upgrading technology has been a concern, but not a priority in previous years, the high-risk environment created by COVID-19 has sparked a renewed sense of urgency to make changes to existing technologies and processes.

Cybersecurity and IT controls have also historically been among the top three areas of concern for SOX/IC professionals. These too have received increased attention in 2020, as over half of write-in comments highlighted the impacts of remote working and the ability to execute compliance.