The Sarbanes-Oxley Act of 2002 or the American Competitiveness and Corporate Accountability Act of 2002. Sarbanes-Oxley requires that publicly traded companies tighten financial controls and audits; CEOs and CFOs must sign off on the accuracy and truth of financial reports. In particular, SOX Section 404 deals with certifying the sufficiency of controls for detecting fraudulent, questionable, or unauthorized activity that could impact company financial statements. In many cases, Section 404 requires companies to take responsibility for the internal controls of service providers in addition to their own. An SOC 1 (SSAE 16) Type II Audit is one way to accomplish this.