Gitlab hero border pattern left svg Gitlab hero border pattern right svg

Sarbanes-Oxley (SOX) Compliance

On this page

Sarbanes-Oxley Act of 2002

Sarbanes Oxley Act 2002 is a federal law that established auditing and financial regulations for financial reporting of public companies. This law was passed to increase transparency in financial reporting by corporations and to require a formalized system of checks and balances in each company, thereby helping protect investors from fraudulent financial reporting. SOX applies to all publicly traded companies in the United States as well as wholly-owned subsidiaries and foreign companies that are publicly traded and do business in the United States.

In order to build the confidence of the investors, the SOX regulations require the following:

Formal penalties for non-compliance with SOX can include fines, removal from listings on public stock exchanges and invalidation of D&O policies. Under the Act, CEOs and CFOs who wilfully submit an incorrect certification to a SOX compliance audit can face fines and/or imprisonment.

SOX Compliance Roadmap for Gitlab

As Gitlab is planning to go public in November 2020, it is important that we prepare to comply with SOX ahead of listing, as the consequences of non-compliance can be severe. Below are some of the important requirements we will need to adhere to:

Points to note:

Planned timelines for SOX Implementation: