Efficient SOX 404 Compliance Requires Meticulous, Comprehensive Policy Framework (part 1) By Peter Culpepper

About Peter Culpepper: The Chief Financial Officer of Tennessee-based Provectus Pharmaceuticals, Pete Culpepper oversees all of the company’s SOX Section 404 activities. Bringing nearly 20 years of experience to his role at Provectus, Culpepper proves skilled in such undertakings as capital fundraising, management, investor relations, and business planning.

Section 404 of the Sarbanes-Oxley Act (or SOX for short), a federal law enacted in 2002 in reaction to several national accounting scandals, requires all publicly-traded companies to implement internal controls and policies for financial reporting. The rule also mandates that such organizations document and test these procedures and checks to ensure that they provide effective transparency and oversight of fiduciary activity. For most companies, compliance mandates absorb considerable time and energy in such areas as information technology, finance and accounting, and law.

As such, many organizations dedicate significant resources to confirm that they meet the terms of SOX Section 404. In addition to evaluation and refinement of their internal procedures, SOX Section 404 mandates that companies employ the services of independent accountants to verify the soundness of their financial controls. The wide-ranging demands of the rule often necessitate new investments in technology as well as new hires to administer the various components of their financial reporting policies.

Companies which hire external organizations for managed services in information technology (IT) need to keep in mind that these parties must adhere to SOX Section 404 IT standards. An integrated audit reviews IT controls as they relate to financial reporting procedures. This means that in retaining a managed services provider, compliance officers should ascertain whether its engineers and technicians understand SOX mandates and can deliver documentation and endure testing according to regulatory demands.


Efficient SOX 404 Compliance Requires Meticulous, Comprehensive Policy Framework (part 2)

By Peter Culpepper

Meeting regulatory requirements such as Section 404 of the Sarbanes-Oxley Act (SOX) necessitates the application of comprehensive procedures and controls. The sheer mass of information that must be processed under SOX 404 compels technology, finance, legal, and executive teams to develop a unified approach to compliance. Moreover, a clear understanding of goals facilitates success in maintaining adequate reporting systems and driving improvements.

Companies in industries like manufacturing and pharmaceuticals usually maintain documentation and procedures for regulatory compliance activities not related to SOX. By leveraging documentation associated with all compliance and reporting requirements, companies eliminate duplication of efforts and position themselves more effectively to implement solutions that enhance all reporting endeavors. Zealous communication between participants promotes effective translation of terms and objectives, and such communication proves beneficial in keeping SOX initiatives on track. It also helps to prioritize crucial tasks rather than rushing to put a more far-reaching, but untested, proposal into practice immediately.

About Peter Culpepper: A seasoned finance professional with nearly 20 years of experience, Pete Culpepper serves as the Chief Financial Officer of Provectus Pharmaceuticals, a Tennessee-based company which develops treatments for cancer and dermatological diseases. Culpepper belongs to the American Institute of Certified Public Accountants and Financial Executives International.