Thank you for sharing!

Your article was successfully shared with the contacts you provided.
The landmark Sarbanes-Oxley legislation is having a wide-ranging impact on public companies across the United States. Aimed at strengthening accounting oversight and businesses’ transparency, the act also compels corporate America to embrace the e-information age, now more than ever. Sarbanes-Oxley imposes new requirements on public companies when it comes to retaining and destroying certain financial records. Most notably, the act and the subsequent Securities and Exchange Commission rules implementing it are changing the way many companies handle electronic evidence. Here’s what your business needs to know: THE SKINNY Which provisions relate to electronic documents? Section 802 of the act amends the federal obstruction of justice statute by adding two new offenses. First, persons who knowingly alter, destroy, mutilate, conceal, or falsify any document or tangible object with the intent to impede, obstruct, or influence proceedings involving federal agencies or bankruptcy proceedings may be fined, imprisoned up to 20 years, or both. Another part of Section 802 concerns mandatory document retention. It directs accountants to maintain certain corporate audit records and work papers for a period of five years. It also instructs the SEC to promulgate any necessary rules and regulations relating to the retention of relevant records from an audit or review. To maintain consistency with other areas of the act, the SEC recently adopted a seven-year retention period for those documents. Section 802 imposes fines and/or a maximum ten-year prison sentence for violation of these provisions. Section 1102 of the act expands the obstruction of justice statute that prohibits tampering with witnesses. Acting or attempting to “corruptly” alter or destroy a record or other object “with the intent to impair the object’s integrity or availability for use in an official proceeding” is punishable with fines and/or imprisonment of up to 20 years. FEELING THE PINCH What is the impact of the rules? The effect of Sarbanes-Oxley on electronic data management is basically twofold. The first part of section 802 places criminal liability on any person who knowingly destroys documents or objects relating to a federal agency or Chapter 11 bankruptcy. Section 1102 prohibits persons from corruptly altering or destroying documents with the intent to impair an official proceeding. “Document” in these statutes is likely to be interpreted to mean electronic documents too. Given their breadth, these provisions give the federal government authority to prosecute cybercrimes and other computer hacking activity that result in information destruction relating to official proceedings. A study of case law reveals the federal government’s growing commitment to using computer forensic tools to bring hackers and cybercriminals to court. In U.S. v. Lloyd, the defendant was convicted on one count of computer sabotage for planting a computer-based “time bomb” in his employer’s computer systems. Computer experts were essential in recovering the evidence of the time bomb. The new provision in section 1102 is only likely to expand the government’s commitment to using computer forensic protocols to prosecute cybercrime and digital data destruction. Further, section 802 of Sarbanes-Oxley is likely to have a significant impact on the way in which accounting and auditing firms handle electronic documents. Most accounting firms already retain audit and review records for at least five years, so it is likely that the SEC’s seven-year retention rule will have only minimal impact. However, section 802 and the new SEC rules specifically reference the retention of electronic records (such as work papers, memoranda, and correspondence) that are created, sent, or received in connection with an audit or review. Together, these provisions could require accounting firms to retain many more documents than they have retained in the past. MITIGATING RISK What can my company do? To mitigate the risk associated with electronic information management, corporations should create a document retention policy that specifically addresses electronic data. The policy should start with an inventory of the firm’s electronic resources, including documentation of: all electronic hardware and software in use throughout the company (including cell phones, PDAs, laptops, etc.), all locations and storage formats of archived electronic data, and all methods in which data can be transferred to and from the company. The bulk of the retention policy should include methods for classifying documents, determining retention periods, setting the retention schedule and procedures, and selecting a records custodian. The policy should also create an index of active and inactive records and implement “log books” in which all destroyed documents are recorded. Most importantly, an organization must retain all relevant documents when they know or should have reason to know that the documents will become material at some point in the future. The Sarbanes-Oxley Act and the subsequent SEC rules require public companies, corporate counsel, and accounting/auditing professionals to consider the impact of electronic evidence with regard to certain financial records. No longer can e-mails and computer files be blindly destroyed. Instead, a balance must be found between appropriate destruction of outdated and nonregulated documents and the adequate preservation of potentially significant documents. That’s the best way to comply with this complicated and challenging new law. Michele C.S. Lange is a staff attorney for the electronic evidence services division of Kroll Ontrack, Inc., based in Eden Prairie, Minnesota. Lange can be reached at

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.