In July 2002, President Bush signed into law the Sarbanes-Oxley Act of 2002. The Act, which applies in general to publicly held companies and their audit firms, dramatically affected the accounting profession and impacted not just the largest accounting firms, but any CPA actively working as an auditor of, or for, a publicly traded company.
The Act limited what kind of non-audit services a U.S. accounting firm can offer to an audit client, but did not forbid all of them. There is a school of thought that believes a firm that provides audit services to a client should be legally proscribed from providing any consulting services to the same client—that there needs to be independence in fact for audit firms. They should only be allowed to accept consulting engagements from clients for which they do not provide any audit services.
The relationship between accounting firms and their publicly held audit clients changed under Sarbanes-Oxley. Auditors now report to a company’s audit committee, not to its management; audit committees must preapprove all services (both audit and non-audit services not specifically prohibited) provided by its auditor; auditors must report new information to the audit committee. (This information includes: critical accounting policies and practices to be used, alternative treatments of financial information within GAAP that have been discussed with management, accounting disagreements between the auditor and management, and other relevant communications between the auditor and management.)
The law also prohibits auditors from offering certain non-audit services to audit clients. These services include: bookkeeping, information systems design and implementation, appraisals or valuation services, actuarial services, internal audits, management and human resources services, broker/dealer and investment banking services, legal or expert services unrelated to audit services and other services the board determines by rule to be impermissible. And the lead audit partner and audit review partner must be rotated every five years on public company engagements.
The Act also lists several types of services that are "unlawful" if provided to a publicly held company by its auditor, including, among others, bookkeeping, information systems design and implementation, appraisals or valuation services, actuarial services, internal audits, management and human resources services, broker/dealer and investment banking services, and legal or expert services related to audit services.