Accounting Standards

SOX Section 108 is the statutory hook for using SEC-recognized GAAP, which in practice means your issuer financial statements and internal reporting must follow accounting principles set by an SEC-recognized standard setter (commonly FASB). To operationalize it, you need a governed process to identify new GAAP, assess and approve impacts, implement changes in close/reporting, and retain evidence that your accounting positions are supportable and consistently applied. (Public Law 107-204)

Key takeaways:

• Treat “accounting standards requirement” as a governance-and-change-management control over GAAP adoption, not a one-time legal citation. (Public Law 107-204)
• Build an auditable workflow for accounting memos, policy updates, and disclosure controls tied to new standards and interpretations. (Public Law 107-204)
• Evidence quality matters: auditors and regulators look for contemporaneous analysis, approvals, and traceability from GAAP assessment to booked entries and disclosures. (Public Law 107-204)

SOX Section 108 does not list detailed accounting rules; it authorizes the SEC to recognize accounting principles established by a qualified private standard-setting body, effectively codifying the role of those standards as “generally accepted.” (Public Law 107-204) For a CCO or GRC lead, the practical requirement is straightforward: your organization needs a repeatable, controlled way to stay current with GAAP as recognized by the SEC, adopt changes correctly, and prove you did.

This becomes operational quickly because accounting standards change, interpretations evolve, and transactions rarely fit neatly into a checklist. The compliance risk is less about citing the right authority and more about process failure: missing a new standard’s effective impact, inconsistent application across subsidiaries, weak documentation for management judgments, or disclosures that do not align with accounting conclusions.

This page translates SOX Section 108 into an implementation playbook: who owns what, what steps to run each reporting cycle, what artifacts to retain for auditors and oversight, where teams get stuck, and how to set up a practical execution plan that survives scrutiny. (Public Law 107-204)

Regulatory text

Excerpt (SOX Section 108): “The Commission may recognize as generally accepted any accounting principles established by a standard-setting body meeting specified criteria.” (Public Law 107-204)

Operator interpretation (what you must do):

• Run your external financial reporting under SEC-recognized GAAP and treat updates from the recognized standard setter as authoritative for your accounting policies. (Public Law 107-204)
• Maintain controls that detect new or amended standards, evaluate applicability, approve adoption decisions, and implement changes in accounting policy, systems, and disclosures. (Public Law 107-204)
• Retain documentation that shows you followed an orderly process, applied the standards consistently, and can support key judgments. (Public Law 107-204)

This is a governance requirement with accounting consequences. It becomes enforceable through the quality of your financial reporting, disclosure controls, and internal control environment that supports correct GAAP application. (Public Law 107-204)

Plain-English requirement

For public companies, “Accounting Standards” under SOX Section 108 means: use SEC-recognized GAAP and have a disciplined way to keep up with it, adopt it, and document it. (Public Law 107-204)

If your accounting team is “following GAAP” informally but cannot show:

• how you monitored standards,
• how you concluded applicability,
• who approved judgments,
• and how you implemented changes,

you will struggle in audits, internal control testing, and any regulator inquiry that asks “why did you account for it that way?” (Public Law 107-204)

Who it applies to

In-scope entities

• Public companies (issuers) preparing financial statements for SEC reporting. (Public Law 107-204)

Operational contexts where this shows up

• Quarterly and annual close, consolidation, and reporting.
• New or complex transactions (revenue arrangements, leases, business combinations, impairments, equity instruments).
• Disclosure committee workflows and XBRL/financial statement tie-outs.
• Subsidiary and joint venture reporting packages.
• M&A integration and accounting policy alignment post-close.

Where the CCO/GRC lead fits

• You typically do not “own GAAP,” but you own the governance: control design expectations, documentation standards, accountability, and evidence readiness across Finance, Legal, and Internal Audit.

What you actually need to do (step-by-step)

1) Assign accountable ownership and decision rights

Set clear RACI for:

• Technical accounting (primary author of accounting conclusions).
• Controllership/SEC reporting (implementation into close and disclosures).
• Disclosure committee (review of material impacts and disclosure language).
• Internal audit/SOX (control testing approach; evidence standards).
• Legal (when accounting intersects with contract interpretation and risk disclosures).

Practical control: a documented “GAAP governance” charter that states who can approve accounting policy positions and who can accept deviations or elections permitted by the standards. (Public Law 107-204)

2) Establish a GAAP monitoring and intake process

Create a single intake channel for:

• newly issued standards,
• amendments,
• interpretations and staff views (tracked internally as items, even if sourced from multiple places).

Your control objective: no material standard change goes un-assessed. (Public Law 107-204)

Execution tip: maintain an “Accounting Standards Register” with fields for issuance date, effective date, early adoption options, impacted processes, and adoption status. Even a spreadsheet works if it’s controlled and reviewed.

3) Perform applicability and materiality assessment

For each new or amended standard, require a short-form assessment that answers:

• Does it apply to us (entity scope, transaction types, industry applicability)?
• Expected impact areas: recognition, measurement, presentation, disclosure, controls, systems, data needs.
• Adoption approach: early adopt vs adopt at required effective date (if applicable).
• Implementation complexity: policy updates, system configuration, training needs.

Common hangup: teams document “not applicable” without tying it to your actual facts (contracts, transaction inventory, balance sheet composition). Require references to your transaction landscape.

4) Produce a technical accounting memo for in-scope impacts

For applicable changes or complex judgments, require a memo that is:

• fact pattern specific,
• cites the relevant GAAP requirement (by the recognized standard setter’s guidance, as adopted in your policy),
• includes management judgment rationale,
• describes alternatives considered and why rejected,
• states the accounting conclusion and disclosure implications,
• includes review/approval evidence.

CCO/GRC value-add: standardize memo templates and minimum documentation thresholds so conclusions are comparable across the enterprise and survive staff turnover. (Public Law 107-204)

5) Translate conclusions into operational changes

Accounting conclusions must turn into execution steps:

• Update accounting policies and procedure narratives.
• Update close checklists and disclosure checklists.
• Configure systems or mapping (chart of accounts, consolidation rules, lease tools, revenue systems).
• Update internal controls (key reports, reconciliations, management review controls).
• Train impacted teams (GL accountants, FP&A, business unit finance).

Control design principle: every memo should have an “implementation section” that identifies exactly what changes in the close, where the numbers will come from, and who performs the new steps.

6) Run adoption testing and parallel runs where needed

Before a standard becomes effective for you:

• test calculation models,
• validate completeness of data capture,
• reconcile outputs to legacy treatments (for reasonableness),
• validate disclosures (tie to underlying support).

You are proving two things: the math works and the process is controlled.

7) Close-cycle controls and disclosure controls

Embed controls so GAAP application is consistent every reporting period:

• review of unusual entries and nonstandard journal entries,
• management review controls over key estimates and judgments (with documented criteria),
• disclosure committee review agenda that explicitly includes accounting standard changes and new judgments.

8) Retain evidence in an audit-ready repository

Store artifacts centrally with access control, retention, and versioning. Daydream can help by structuring the workflow and evidence collection across Finance and GRC so standards tracking, memo approvals, and control evidence stay connected to the reporting period and entity scope.

Required evidence and artifacts to retain

Minimum set (tailor to your risk profile):

• Accounting Standards Register (with review sign-offs).
• Applicability assessments (“not applicable” memos included).
• Technical accounting memos with approver sign-off and dates.
• Accounting policy manuals and dated revisions (with change logs).
• Close and disclosure checklists showing new steps embedded.
• System change tickets and configuration evidence where applicable.
• Key reports supporting judgments (inputs, outputs, validation steps).
• Training materials and attendance (where new processes are introduced).
• Disclosure committee minutes and materials tied to accounting impacts.

Evidence should be contemporaneous. Backfilled memos are a recurring audit pain point.

Common exam/audit questions and hangups

Expect auditors, internal audit, or oversight to ask:

• “Show me how you identify new accounting standards and decide applicability.”
• “Why was this standard assessed as not material or not applicable?”
• “Where is the support for this judgment/estimate, and who approved it?”
• “How did you update controls and disclosures after adopting the standard?”
• “How do you ensure subsidiaries apply the same accounting policy?”
• “Show the linkage from the memo to journal entries and disclosures.”

Hangup themes

• Missing approval evidence (draft memos circulating in email).
• Inconsistent policy application across business units.
• Weak linkage between standards assessment and disclosure drafting.

Frequent implementation mistakes and how to avoid them

1. Treating standards tracking as a passive newsletter function
   Fix: make it a controlled register with periodic review and required dispositions. (Public Law 107-204)

2. “Not applicable” with no facts
   Fix: require explicit mapping to transaction types, contracts, and account balances you actually have.

3. Technical memo doesn’t drive operational change
   Fix: require an implementation checklist section with owners and updated control points.

4. No control updates after adoption
   Fix: force a SOX impact assessment for each applicable standard: what controls change, what evidence changes, what reports change.

5. Documentation scattered across email and shared drives
   Fix: designate a system of record and enforce naming/version conventions; use workflow tooling (including Daydream) when cross-functional approvals and evidence collection break down.

Enforcement context and risk implications

SOX Section 108 itself is enabling language about SEC recognition of accounting principles. (Public Law 107-204) The practical risk is that failure to follow SEC-recognized GAAP can lead to misstated financial statements, deficient disclosures, restatements, and control deficiencies. Those outcomes create regulatory exposure and reputational harm even when the root cause is “just” weak process discipline.

Treat this requirement as part of your broader financial reporting governance: accounting policy management, disclosure controls, and internal control over financial reporting all intersect here. (Public Law 107-204)

Practical 30/60/90-day execution plan

First 30 days (Immediate stabilization)

• Assign RACI for technical accounting conclusions, approvals, and disclosure committee touchpoints.
• Stand up the Accounting Standards Register and define required fields.
• Publish memo templates: applicability assessment + technical accounting memo + implementation checklist.
• Inventory current-year standards already assessed and identify gaps in documentation.

By 60 days (Operationalize into the close)

• Embed standards assessment checkpoints into quarterly close and disclosure calendars.
• Define evidence requirements for key judgment areas (estimates, complex transactions).
• Align subsidiaries: issue an accounting policy alignment pack and require sign-off on adoption positions.
• Centralize evidence storage with version control and access management.

By 90 days (Audit-ready and repeatable)

• Run a tabletop test: pick one new/complex standard impact and trace from assessment to booked entries to disclosures.
• Have internal audit (or SOX owners) validate control design and evidence sufficiency.
• Implement workflow tooling if approvals and artifacts remain fragmented; Daydream is a practical fit when you need traceability from requirement to control to evidence across teams.

Frequently Asked Questions

Does SOX Section 108 require us to follow FASB specifically?

SOX Section 108 authorizes the SEC to recognize accounting principles established by a qualifying standard-setting body. (Public Law 107-204) Operationally, your obligation is to follow SEC-recognized GAAP and document how you keep current and apply it.

What’s the minimum documentation an auditor will expect for a new accounting standard?

Keep a recorded assessment of applicability and impact, plus a technical accounting memo for any standard that affects recognition, measurement, presentation, or disclosure. Retain evidence of review/approval and how the conclusion was implemented into close and disclosures. (Public Law 107-204)

We assessed a standard as “not applicable.” Do we still need a memo?

Yes, retain a short assessment that ties “not applicable” to your facts (transaction types, contract inventory, account balances). The goal is to show you saw the standard, evaluated it, and had a defensible basis for disposition. (Public Law 107-204)

Who should approve technical accounting memos?

Set approval based on risk: complex or material positions should be approved by technical accounting leadership and controllership/SEC reporting, with disclosure committee awareness when disclosures change. Document the decision rights in your governance charter. (Public Law 107-204)

How do we connect accounting standards compliance to SOX controls?

Require each applicable standard to include a SOX impact assessment: what processes, key reports, reconciliations, and management review controls change. Then update narratives, control language, and evidence expectations to match the new accounting treatment. (Public Law 107-204)

What if business units apply different interpretations of the same GAAP topic?

Treat it as an accounting policy governance failure. Publish a single enterprise policy position, require subsidiary sign-off, and test consistency through close analytics and targeted internal audit procedures. Retain the policy, approvals, and testing evidence. (Public Law 107-204)