The new Companies Act will affect firms to different degrees but makes proper data management essential, says Jon Fell
On 6 April this year, the Companies (Audit, Investigations and Community Enterprise) Act 2004 came into force. The act is the UK's response to corporate collapses such as Enron and Worldcom and it is in part a response to several DTI consultation papers concerning the accounting profession and corporate governance.
It is part of the government's strategy to restore and maintain investor confidence in companies and financial markets.
The changes are made by amendments to the relevant provisions of the Companies Acts 1985 and 1989. The result is a disparate mix of provisions that will affect companies, auditors and directors in different ways.
The act imposes strict obligations on the directors of companies in relation to the management of the company's information and impacts on the way in which companies maintain their data.
The act extends the existing rights of auditors to have access to a company's books, accounts and officers.
In particular, the act entitles auditors to require information not only from officers of a company, but also from any employee, regardless of their position in the company concerned.
The enhanced rights are subject to a carve-out relating to information for which legal professional privilege could be claimed, although this exception can be waived.
These rights are underpinned by criminal offences for providing misleading, false or deceptive information or explanation.
Criminal sanctions will apply for failure to provide information or explanation required by the auditor, or failure to comply with the auditor's request for information or explanation "without delay".
The aim is that the enhanced powers will give auditors better access to information, thus ensuring greater transparency in their financial reporting and thereby improving investor confidence.
The act imposes stringent reporting standards on directors. For financial years beginning from April this year, the directors will need to state that there is, so far as they are aware, "no relevant audit information of which the company's auditors are unaware". This places the obligation firmly on the directors of a company to ensure that all necessary information is provided.
Specifically, each director must take all the steps "that he ought to have taken as a director in order to make himself aware of any relevant audit information and to establish that the company's auditors are aware of that information".
Enquiries will need to be made of fellow directors and auditors. Any director who knowingly makes a false statement or is reckless as to whether a statement was false, may face criminal sanctions unless it can be demonstrated that reasonable steps were taken to prevent incorrect or incomplete information being provided.
Although the act is not as far- reaching as the US Sarbanes-Oxley legislation, it is a classic example of English understatement.
While the obligation to state in the accounts that all relevant information has been provided does not seem very onerous, it is important to link this with the obligation to make sure that this information is not inaccurate or misleading. Directors will need to be able to rely upon the integrity and availability of their company's information.
As nearly all corporate information is stored electronically, all companies will need to ensure their IT systems include security measures, including access controls, and provide unimpeachable audit trails for key data.
In 2006 the US Sarbanes-Oxley legislation will impose a further set of corporate governancerequirements on UK companies with either US listings or US-listed parents. This, together with the requirements of the act, means that companies in the UK are going to have to review their data storage and management systems carefully.
Jon Fell is a partner at Pinsent Masons. He will present a leadership lecture on the Companies Act at Storage Expo, 4pm, 12 October
This was first published in October 2005