With few exceptions, SOX applies only to public companies. However, many different types of organizations have been affected by SOX. This is because SOX promotes good corporate governance practices. Many of these principles make sense for other organizations as well.
In addition to the certification provisions discussed earlier, SOX governance provisions include:
A private company might implement SOX controls because it hopes to become a public company someday. Following SOX principles will make the transition from private to public easier. If a private company follows SOX principles, it might be in a better position to attract investors, as it will have processes in place that allow investors to review the company’s financial condition. Investors will be more likely to invest in companies that show financial transparency.
Nonprofit organizations also have an incentive to follow SOX. Good governance in a nonprofit organization is very important. Nonprofits depend on grants from other entities to support their operations. They also depend on individual donations. People will not contribute to nonprofits that are not managed well. Nonprofits that adopt SOX governance principles can prove that they have controls in place to properly manage the organization and its finances. A reputation for good governance also will encourage more donations.
In some ways, SOX compliance has become synonymous with good governance. Companies that follow SOX practices prove that they have controls in place to prevent and detect wrongdoing. This can be important if a company is involved in litigation about bad governance practices. A plaintiff’s lawyer will surely point out if a board did not follow SOX good governance practices. It will not matter whether the company was required by law to follow SOX or not. Because SOX is a best practice that many companies follow, the implication that a company did not follow SOX can be damaging.