What is UK SOx?

All large businesses operating in the United Kingdom need to prepare for UK SOx by 1st January 2025. This article discusses the change-drivers and the main impacts for enterprises doing business in the UK.

Unlike the US Sarbanes-Oxley Act (SOx), which applies to companies with publicly quoted stock in the US and large overseas firms operating in the territory, UK SOx brings all large companies, including privately held as well as publicly quoted businesses, into scope.

For the purpose of UK SOx, these businesses are classified as Public Interest Entities (PIEs), when they have more than 750 employees and exceed the annual revenue threshold of £750m, commonly referred to as the 750:750 threshold.

UK SOx transposes the regulatory controls from the US Sarbanes-Oxley Act onto large businesses operating in the UK. It requires public companies to implement internal SOx controls over processes and systems that influence financial reporting, with the intention of preserving market value and safeguarding shareholders from fraudulent activities.

The primary goal of SOx regulations is to guarantee the accuracy and reliability of all financial information and financial reporting, which supports the keystone of market stability – investor trust. In the US and the UK, SOx is a response to prominent financial fraud cases and scandals.

Besides the UK Government restructuring corporate reporting and the audit regime in the United Kingdom, complementary measures to support UK SOx include a new regulator, greater accountability for big business, and measures to counter the dominance of the Big Four audit firms.

Why the UK is implementing SOx

Examination of the existing oversight model in the UK system brought to light the potential for significant shortcomings. Large-scale UK business failures, such as Carillion and BHS, brought the efficacy of audit and governance committees into question.

In parallel with the enactment of the US Sarbanes-Oxley Act in response to major corporate breakdowns in America, such as Enron in 2001, there is a compelling need to address the shortcomings of oversight in the UK by developing and implementing a stronger regulatory model.

How is UK SOx different from SOx in the US?


Both regulations strive to improve financial reporting, internal controls, and corporate governance. Although the UK SOx regime shares similar ideals with the US SOx, it is crucial to recognize that there are notable differences between the two regimes, and the laws are not identical.

UK SOx incorporates distinct requirements tailored to the UK market, drawing upon the UK Corporate Governance Code and the Financial Reporting Council’s guidance. It places emphasis on internal control effectiveness, risk management, and the responsibilities of directors and the audit committee.

Why is SOx in the UK different from the US?

The discrepancy between the specific codes for the two territories arises because UK companies resisted following the mandatory U.S. Sarbanes-Oxley rules, which compel US directors to take personal responsibility for the adequacy of internal controls.

How do controls in UK SOx differ from existing UK controls?

While UK SOx seeks to harmonize regulatory control between the US and the UK, it is not identical. The best way to understand UK SOx is to look at how it differs from existing standard internal controls already in place.

Who bears responsibility for enforcement and SOx compliance?

Regulatory stakeholders

A significant change for the UK is the establishment of the Audit, Reporting, and Governance Authority (ARGA), a major upheaval in corporate governance. This watchdog replaces the Financial Reporting Council (FRC).

Enterprise stakeholders

Generally, within the enterprise SOx compliance lands on the desk of internal management, internal auditors, or possibly both. Directors will confront heightened audit reporting responsibilities, necessitating substantial investments of time and resources to ensure comprehensive adherence to UK SOx compliance requirements.

Get ready for UK SOx with APMatching

Putting AP in the cloud with APMatching’s invoice-matching solutions fully supports enterprises in meeting the increased regulatory burden of UK SOx. Implementing automated accounts payable with APMatching’s complementary solutions lets enterprises close the loop in AP.

Take a personalised demo with one of our representatives. If you like what you see, we’ll give you full support so that you can more fully evaluate APMatching with a Proof of Concept (PoC), demonstrating how effective it is using your own data.