Differentiating between IT and bookkeeping

SEC. 302. CORPORATE RESPONSIBILITY FOR FINANCIAL REPORTS.

  1. are responsible for establishing and maintaining internal controls;
  2. have designed such internal controls to ensure that material information relating to the issuer and its consolidated subsidiaries is made known to such officers by others within those entities, particularly during the period in which the periodic reports are being prepared;
  3. have evaluated the effectiveness of the issuer’s internal controls as of a date within 90 days prior to the report; and
  4. have presented in the report their conclusions about the effectiveness of their internal controls based on their evaluation as of that date;
  5. ….an evaluation of whether such internal control structure and procedures —
    1. include maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the issuer;
    2. provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the issuer are being made only in accordance with authorizations of management and directors of the issuer; and
      1. bookkeeping or other services related to the accounting records or financial statements of the audit client;
      2. financial information systems design and implementation;

SEC. 404. MANAGEMENT ASSESSMENT OF INTERNAL CONTROLS.

…… to contain an internal control report, which shall

  1. state the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and
  2. contain an assessment, as of the end of the most recent fiscal year of the issuer, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.
    1. INTERNAL CONTROL EVALUATION AND REPORTING
      With respect to the internal control assessment required by subsection (a), each registered public accounting firm that prepares or issues the audit report for the issuer shall attest to, and report on, the assessment made by the management of the issuer. An attestation made under this subsection shall be made in accordance with standards for attestation engagements issued or adopted by the Board. Any such attestation shall not be the subject of a separate engagement.

SEC. 802. CRIMINAL PENALTIES FOR ALTERING DOCUMENTS.

  1. IN GENERAL
    Chapter 73 of title 18, United States Code, is amended by adding at the end the following:
    1. bookkeeping or other services related to the accounting records or financial statements of the audit client;
    2. financial information systems design and implementation;