The Sarbanes-Oxley Act of 2002 is a US law designed to restore public confidence in accounting standards following the Enron and WorldCom scandals.

It applies directly to US public companies and their auditors. It also applies to non-US companies with a US listing and non-US companies which are publicly listed but doing business in the US.

Establish a financial reporting system with readily verifiable reports and traceable source data that cannot undergo undocumented revisions.

Submit an annual assessment of the effectiveness of their internal financial and auditing controls to the SEC.

The CEO and CFO must review and sign-off on all financial reporting.

For company officers, non-compliance can result in fines of up to $1m and up to ten years imprisonment. If done on purpose, the penalties are higher.

Sections 404 and 302 of the Sarbanes-Oxley Act specify minimum requirements for internal controls on financial reporting. For many people, financial reporting involves spreadsheets at some stage.

Given that the CEO and CFO are personally liable for signing off on fiancial reporting controls, it is important to get them right.