What is Sarbanes Oxley?

The Sarbanes-Oxley Act of 2002  also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly called SOX or Sarbox; is a United States federal law enacted on July 30, 2002 in response to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. These scandals, which cost investors billions of dollars when the share prices of the affected companies collapsed, shook public confidence in the nation's securities markets.

Statement on Auditing Standards No. 70: Service Organizations, commonly abbreviated as SAS 70, is an auditing statement issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA), officially titled “Reports on the Processing of Transactions by Service Organizations”. SAS 70 defines the professional standards used by a service auditor to assess the internal controls of a service organization and issue a service auditor’s report. Service organizations are typically entities that provide outsourcing services that impact the control environment of their customers. Examples of service organizations are insurance and medical claims processors, trust companies, hosted data centers, application service providers (ASPs), managed security providers, credit processing organizations and clearinghouses.

There are two types of service auditor reports. A Type I service auditor’s report includes the service auditor's opinion on the fairness of the presentation of the service organization's description of controls that had been placed in operation and the suitability of the design of the controls to achieve the specified control objectives. A Type II service auditor’s report includes the information contained in a Type I service auditor's report and also includes the service auditor's opinion on whether the specific controls were operating effectively during the period under review.

Why is Sarbanes Oxley important for mobile operators?

• It is mandatory for those operators that are listed on or have any financial connection to the US securities market to be compliant. Finance directors face jail time if they are found lacking in their responsibility for this.
• The additional benefit of having compliance is that key controls are in place and even for those operators who do not need SOX compliance it gives an additional reassurance of quality. Many European operators have adopted the standards of reporting to benefit from this approach even though it is time consuming to achieve and manage.

We have engaged one of the industry's most knowledgeable suppliers for our SAS compliance and audit and know that nothing will be missed ensuring the best quality for our clients.