®
SOX Overview
MTAC Meeting
The Sarbanes-Oxley Act
 Enacted in 2002 as a result
of a series of large corporate
financial scandals
Paul
Sarbanes
 Improves confidence in financial reporting by
– Promoting effective execution of controls
– Increasing corporate governance
– Reducing fraudulent practices and accounting
inconsistencies
2
Michael
Oxley
What does SOX mean for the Postal Service?
 We are the only federal agency required
to comply with SOX
 As a result of the Postal Act of 2006
– We began quarterly Section 302
certifications in February 2008
– We must comply with Section
404 of SOX by Sept. 30, 2010
– We must file with the
Postal Regulatory Commission
(rather than the SEC)
3
Section 302 Certification
 Certification included in reports 10-Q and 10-K
 Under Section 302, the CEO and CFO must
– State that the financial statements fairly represent the
financial position and results of operations of the Postal
Service
– State their responsibility for establishing and
maintaining effective disclosure controls and procedures
 Broadens the current emphasis of integrity and
completeness of controls relating to financial reporting
Section 404 Certification
 Certification included in 10-K report annually beginning
September 30, 2010
 Under Section 404, the CEO and CFO must
– State their responsibility for establishing and
maintaining an adequate internal control structure over
financial reporting
– Make an assertion on the effectiveness of the internal
control structure with regard to financial reporting
– Provide annual 404 certifications for fiscal year 2010 and
beyond
 Public accountant audits the effectiveness of internal
controls over financial reporting
Impact of SOX
 Communicating the importance of SOX to the
organization
– Oversight Bodies
– All Hands Meetings
– Postmaster Conventions
– SOX Website
– Newsletter
SOX Timeline
FY 2007
Prepare
FY 2008
Document
FY 2009
Test
FY 2010
Report
Determine Materiality
and Scope
Prepare Documentation
Continue Gap
Remediation
Test Controls
Establish Steering
Committee
Develop
Communications &
Training Plan
Identify Controls
and Gaps
Readiness Testing
Initiate Gap Remediation
Update
Documentation
Update
Documentation
Report and Certify
Benefits of SOX Compliance
 Reinforce public trust in our financial reporting
 Standardize and streamline processes and systems
 Target areas of improvement and strengthen our
business practices
 Increase accountability and ownership of controls
 Improve cross-functional support to solve challenges
8
Questions
9
Questions
Email – [email protected]
10