SOX compliance hours on the rise, despite technology

Register now

A majority of companies are finding that the number of hours required for complying with Sarbanes-Oxley requirements is increasing, but many audit teams are neglecting to implement new technologies that could reduce the time needed for compliance, according to a new survey.

In the 10th annual SOX Compliance Survey from consulting company Protiviti, 59 percent of the companies polled reported that their SOX compliance hours actually rose more than 10 percent year over year. Yet 47 percent of the audit teams surveyed are neglecting to adopt advanced technology such as robotic process automation and data analytics that could reduce the time spent on compliance activities for Sarbanes-Oxley.

Audit, compliance and finance leaders do recognize the need for further automation of the compliance process, with 46 percent of those surveyed planning to discuss automation with their outside auditor this fiscal year. Other factors beyond Sarbanes-Oxley are also contributing to increasing compliance hours, including inspections by the Public Company Accounting Oversight Board and new accounting standards, along with process and technology changes.

Compliance costs are generally trending downward, but they remain significant. The average annual internal SOX compliance costs for companies with more than a dozen unique locations declined from $1,501,300 last year to $1,316,000 this year.

“Looking back on the decade of information gathered since Protiviti first conducted the study, it’s evident the majority of companies still have a long way to go in their journey towards a more efficient SOX compliance program,” said Brian Christensen, executive vice president and global leader of Protiviti’s internal audit and financial advisory solution, in a statement. “The good news is that the technology required to ease SOX compliance processes is here. We recommend that audit and finance leaders identify the solutions best suited for their organizations and commit to transforming to a next-generation SOX compliance program sooner rather than later.”

Among the organizations that are already leveraging technology in their organization’s SOX compliance process, data analytics was cited as the most widely used tool (41 percent), followed by automated process approval workflow tools (38 percent) and access controls, user provisioning and segregation of duties review tools (36 percent).

Protiviti and software company AuditBoard surveyed 693 audit, compliance and finance leaders and professionals at U.S. public companies during the first quarter of 2019 for the report. It’s available at

For reprint and licensing requests for this article, click here.
Sarbanes-Oxley Audit preparation Audits Analytics RPA