SEC Extends Sarbanes-Oxley DeadlinesSEC Extends Sarbanes-Oxley Deadlines

The Securities and Exchange Commission (SEC) this week pushed back the compliance deadlines for the Sarbanes-Oxley Act, a financial reporting regulation that has sent some enterprises scrambling to deploy additional software and hardware to better account for security and employee access to information.

The SEC separates companies into two categories: accelerated filers and non-accelerated filers.

Accelerated filers, generally U.S. companies with equity market capitalization over $75 million that file at least one annual report with the SEC, now have until Nov. 15, 2004 to comply with Section 404 of Sarbanes-Oxley. The previous deadline was June 15.

Non-accelerated filers, on the other hand, now must begin to comply with Section 404 for their first fiscal years ending on or after July 15, 2005, rather than the original April 15, 2005 deadline.

The extensions weren't unexpected, since many companies have been lobbying the SEC for later deadlines, claiming that they wouldn't be ready to implement the required controls.

The SEC, in fact, has extended deadlines for Sarbanes-Oxley before; in May 2003, it shoved back a proposed October 2003, deadline into June 2004.

Numerous computer vendors have been pitching Sarbanes-Oxley compliance products as the deadlines approached, including IBM, Microsoft, and Sun. IBM, for instance, last week rolled out the TotalStorage Data Retention 450, a hardware-software bundle aimed at companies needing to comply with, among other regulations, Sarbanes-Oxley.