The Statutory Audit and the Company Reporting Directives are commonly referred to as EuroSOX. These two European directives were issued by the European Union Council of Ministers, and aim to engender more transparency and public confidence in the operations of companies operating within the EU.
The Statutory Audit Directive aims to strengthen the standards and public accountability of the audit profession. The Company Reporting Directive meanwhile aims to enhance confidence in financial statements and annual reports from European companies.
The two EU Directives are required to incorporated into the national laws of EU member states this summer. States are expected to comply with the Statutory Audit Directive by 29 June, and the Company Reporting Directive by 5 September.
"Directives are not directly applicable (i.e. directly binding on individuals and companies etc) but EU member states must implement them into their national law by the stated deadlines," explained the UK department for Business, Enterprise and Regulatory Reform (BERR).
One of the most notable aspects of these Directives is the requirement that any new business created through either merger or acquisition should be able to produce consolidated accounts within a month of joining forces.
Earlier this year, the Information Security Forum (ISF) warned that the introduction of EuroSOX could be chaotic, as each state will have to interpret and translate the collection of directives that make up EuroSOX, leading to subtle divergences of law between different states.
But Touchpaper, which has recently been acquired by Avocent, is encouraging IT directors to view EuroSOX as an opportunity rather than a headache, with IT departments using the Directives to driver better IT governance. Its white paper aims to help companies understand the practical implications of the Directives, particularly from an IT service management perspective.
Touchpaper warns IT directors that while there is no technology-based 'magic bullet' solution for compliance with the Directives, the IT department nevertheless has a vital role to play in improving the general state of corporate governance in Europe.
"IT directors should be informed, so when the financial director asks them, they know a bit about it," said Marina Stedman, director at Touchpaper and the author of the white paper. "There wasn't enough information about EuroSOX, so we wanted to know more, hence the white paper. The paper offers short term actions IT directors can start thinking about."
"European directives are much less onerous than Sarbanes-Oxley," Stedman told Techworld. "They really just highlight best practises. You should be having trained auditors, should understand areas of high risk, fraud prevention etc."