UK SOX Compliance: What Some Finance Leaders Aren’t Doing Now That Will Cost Them

Finance leaders, are you prepared for the new regulations coming to the United Kingdom and do you have the right risk management in place? According to a recent poll done by Coupa in May, we found that many companies aren’t ready and still have a long way to go. Out of 143 UK finance leaders, 44% said they were only just aware of the new regulations and hadn’t started their planning. Only 10% said they felt confident that they’ll meet the compliance requirements*. With UK SOX-style regulations just around the corner, now is the time to ensure that your company has the necessary internal controls to meet compliance. 

What is UK SOX Compliance?

UK SOX is the unofficial name given to new corporate governance reforms, inspired by the United States’ Sarbanes-Oxley Act of 2002. While the exact details haven’t been finalized yet, the new rules are expected to closely align with US SOX, which aims to protect shareholders from fraudulent financial reporting by corporations. Similarly, the UK SOX version is meant to increase regulatory oversight. While the Financial Reporting Council (FRC) was historically in charge of regulating corporate reporting and auditing in the UK, a new authority, called the Audit, Reporting, and Governance Authority (ARGA), is replacing the FRC and leading this reform with stricter enforcement powers. This change puts increasing pressure on finance leaders as they remain at the forefront of ensuring compliance across their organization.

Why does UK SOX matter to finance, procurement, and IT departments?

The goals of UK SOX are to provide more control around audits, increase transparency for shareholders, ensure accurate reporting, identify risks sooner, and prevent fraud. Meeting SOX compliance also establishes trust, builds investor confidence, and encourages them to invest in your company. Such reform requires that these different departments have adequate controls over and visibility into corporate purchasing practices, an area that executives frequently overlook. It also heavily involves IT teams that must put new internal controls in place, manage integration, and fulfill tech implementations that help achieve compliance. While the changes may sound overwhelming, they shouldn’t be put off or overlooked as compliance is mandatory and can lead to large penalties and sanctions if not followed. 

Who is impacted?

The new regulations aren’t just limited to companies on the stock exchange. UK SOX particularly targets all larger, private companies that have more than 750 employees and over £750 million in annual turnover. This also includes the sum total of any subsidiary companies, employees, and turnover.

What’s the estimated timeline of UK SOX?

• Spring 2023: ARGA takes control of the legal proceedings.
• Late 2023: UK SOX legislation is finalized.
• Late 2024: UK SOX is in full effect. This estimate includes the time to finalize and implement the legislation and the grace period. Companies must be compliant and report by the end of their first financial year after the start of this legislation. 

What should you be doing now to prepare your organization?

When looking ahead to 2024, it may seem like there’s plenty of time, however, preparation and planning should already be happening right now. To meet SOX compliance, finance leaders need to have good financial controls and processes in place. This means keeping track of money coming in and going out, making sure financial records are accurate, having checks and balances to prevent any mistakes or fraud, and behaving like a public company sooner rather than later.

To ensure organization preparedness and appropriate resources, planning SOX compliance should happen well before an initial public offering (IPO) due to the hefty financial reporting and internal P2P controls needed to meet regulatory requirements. After all, business doesn’t stop just because new rules are put in place, and you’ll want to make sure your financial house is in order ahead of time. This preparation may involve segregation of duties, regular internal audits, and implementing robust financial systems with quality control measures that maintain proper documentation and ensure timely and accurate financial reporting. If an auditor finds that your company’s financial records are not in order, fixing the issue could take months – and one mistake can cost millions in fees and labor hours to correct. 

This is where a holistic Business Spend Management (BSM) platform can help organizations automate and streamline procure-to-pay processes, gain full visibility into spend and cash, and bring purchasing practices into compliance. Having everything on one platform allows teams to introduce approval workflows and controls, enforce separation of roles and duties, and unlock audit capabilities. A BSM platform also enables proactive risk management by providing real-time visibility into spending patterns, expense trends, and potential policy violations. Ultimately, a BSM platform drives efficiency at scale and ensures that an organization is ready to put their best foot forward as a public company. 

How Coupa’s BSM platform helps you achieve compliance

By streamlining and automating procure-to-pay processes onto a platform that provides a single source of truth, finance leaders can boost productivity while reducing manual errors, establish clear financial processes that prevent fraud and misuse, and proactively monitor risks by gaining unprecedented visibility into their company’s spending patterns. This enables a simpler, smoother compliance process. Coupa does this by: 

• Establishing robust and comprehensive financial processes: Coupa’s holistic BSM platform makes compliance easier by unlocking end-to-end visibility of purchases, invoices, payments, expenses, and scheduled accruals. The automated platform simplifies and streamlines compliance reporting because it integrates with financial data within an ERP, allows you to quickly generate detailed reports, and helps you maintain proper documentation every step of the way. By digitizing financial processes, finance teams are also equipped with tools that are more likely to catch fraud. For example, Coupa’s platform offers fraudulent spending detection and automated invoice matching, where customers can achieve a first-time match rate of 96.5%. 
• Improving workflows and strengthening controls: Coupa’s platform allows users to establish standardized and customized workflows and controls, distinguish a clear separation of roles, and enforce company policies and spending guidelines. These controls ensure that all expenses and purchases go through the correct approval channels and promote consistency across spending processes. Additionally, Coupa’s BSM platform enables customers to create a login for third-party auditors, which streamlines their access to the company’s financial accounting balance sheets and controls for the last two years, but limits their interaction to avoid corruption. 
• Making compliance simple: Users have out-of-the-box regulatory and tax compliance for over 50 foreign government-mandated electronic invoicing networks and clearance models, which reduces penalty risks. No other software, add-ons, or IT setup are required. Not only are tax functions streamlined on Coupa’s platform, but audit readiness becomes simplified with audit trails of all P2P processes, approvals, segregation of duties, controls, fraud and risk monitors, and financial reporting tools.

“Coupa has really helped us with our SOX [Sarbanes-Oxley] compliance because we can lock down the system; we have all kinds of audit records. Our auditors were very happy when we put in the system and obviously the paper-based system was completely unmanageable.” 
- VP Business Services, Molina Health

“Coupa Pay provides SOX compliant approval workflows for the creation, review, and approval of payments as well as supplying access to auditors for internal and external audit.”  
- Raquel Peasley, Corporate Controller, Thoughtspot

See how Coupa can make compliance easier.

*Poll was conducted during Coupa’s live webinar “Preparing For a UK SOX Style Regime” on May 17, 2023.