SOX Audit Interference Penalties: Section 802 Criminal Exposure

Last updated: 2026-04-05 — ComplianceStack Editorial Team

SOX Section 802, enacted in direct response to Arthur Andersen's document shredding during the Enron investigation, added two federal criminal statutes targeting audit obstruction: 18 U.S.C. § 1519 (up to 20 years imprisonment for destroying records to impede investigations) and 18 U.S.C. § 1520 (up to 10 years for destroying corporate audit records). Together with 18 U.S.C. § 1512(c) (tampering with official proceedings, also up to 20 years), these provisions create severe criminal exposure for companies, auditors, and executives who interfere with SEC, DOJ, or PCAOB inquiries — even before a formal investigation has begun.

Regulatory Authority: 18 U.S.C. § 1519 (SOX § 802); 18 U.S.C. § 1520 (SOX § 802); 18 U.S.C. § 1512(c); PCAOB Auditing Standard 1215 (7-year workpaper retention); Securities Exchange Act § 21(d)

Penalty Tier Breakdown

18 U.S.C. § 1519 — Obstruction of Federal Investigations

Up to 20 years imprisonment + criminal fines

Annual max: Per act of destruction, alteration, or concealment

The broadest and most frequently charged SOX obstruction statute. Criminalizes knowingly altering, destroying, mutilating, concealing, covering up, falsifying, or making a false entry in any record, document, or tangible object with intent to impede, obstruct, or influence a federal investigation or bankruptcy proceeding. Critically, no formal investigation needs to be underway — the intent to impede a contemplated proceeding is sufficient. Applies to companies, employees, officers, and third-party auditors.

Example: A company's General Counsel, learning the SEC is inquiring about related-party transactions, directs IT to purge emails and delete certain SharePoint folders before the SEC issues a preservation notice. The GC is charged with obstruction under § 1519 — no subpoena was needed to trigger liability.

18 U.S.C. § 1520 — Destruction of Corporate Audit Records

Up to 10 years imprisonment + criminal fines

Annual max: Per violation; applies separately to auditors and corporate clients

Enacted specifically to address audit firm document destruction. Requires accountants who conduct public company audits to retain all audit or review workpapers for 5 years from the end of the fiscal period covered by the audit. PCAOB Auditing Standard 1215 extends this to 7 years for registered public accounting firms. Willful destruction of these records — whether by the auditor or at the direction of company management — triggers criminal prosecution.

Example: A senior audit manager at a Big Four firm, under pressure from a client worried about regulatory scrutiny, approves deletion of 18 months of draft workpapers supporting a contentious revenue recognition estimate. The firm and the manager face § 1520 criminal charges and PCAOB disciplinary proceedings.

18 U.S.C. § 1512(c) — Tampering with Official Proceedings

Up to 20 years imprisonment

Annual max: Per act of tampering or obstruction

Prohibits corruptly altering, destroying, mutilating, or concealing a record, document, or other object with intent to impair its integrity or availability for use in an official proceeding. Unlike § 1519, § 1512(c) requires nexus to an actual or reasonably foreseeable official proceeding (including SEC enforcement actions and Grand Jury proceedings). DOJ often charges both § 1519 and § 1512(c) simultaneously — prosecutors choose whichever is easier to prove given the facts.

Example: An in-house attorney learns the DOJ has issued Grand Jury subpoenas covering corporate communications. The attorney persuades a departing executive to take personal copies of documents and lose them in a personal move. Both are charged under § 1512(c) — tampering with a proceeding the attorney knew was underway.

Civil / SEC Consequences

Disgorgement, officer bars, penalties up to $1M+ per violation

Annual max: Concurrent with criminal proceedings; parallel enforcement standard

Parallel SEC civil enforcement commonly accompanies criminal charges. The SEC may seek disgorgement of all compensation received during the period of misconduct, civil monetary penalties under the Securities Exchange Act ($100,000–$1,000,000+ per violation depending on tier), and permanent officer and director bars. Companies found to have obstructed SEC investigations routinely face enhanced penalties in the underlying substantive case — obstruction converts potential $1M civil violations into multi-million-dollar settlements.

Example: Following a DOJ obstruction charge against a CFO, the SEC simultaneously brings civil obstruction charges and seeks return of $2.4M in executive compensation earned during the period the company was obstructing, plus a $500,000 civil penalty and a 10-year officer bar.

How Penalties Are Calculated

Audit interference charges under § 1519 and § 1512(c) are sentencing-guideline-driven crimes. The base offense level under USSG § 2J1.2 (obstruction of justice) is 14, corresponding to roughly 15–21 months for a first offender. Enhancements apply for: the obstructed proceeding being a criminal investigation (+3), use of sophisticated means (+2), and loss amount linked to the concealed fraud. A defendant who obstructed a $50M securities fraud investigation could face an adjusted offense level producing 63–78 months. Criminal fines under the Alternative Fines Act can be set at 1–5× the pecuniary gain or loss — if obstruction allowed concealment of $20M in fraudulent gains, the criminal fine could reach $100M. Corporate monitors are routinely imposed as conditions of deferred prosecution agreements, adding $2–10M annually in compliance costs.

Recent Enforcement Actions

2002 — Arthur Andersen LLP

Shredded Enron-related audit documents and deleted emails after learning the SEC had launched an informal inquiry into Enron's financial statements; destruction continued even after receiving an SEC document preservation subpoena.

Penalty: $500,000 criminal fine + 5 years probation. The real penalty: Andersen surrendered its CPA licenses, dismissed 28,000 employees, and ceased operations. Arthur Andersen's destruction is the direct reason SOX Section 802 was enacted.

Source: United States v. Arthur Andersen LLP, 544 U.S. 696 (2005)

2024 — Investment bank executive, New York

Directed deletion of WhatsApp messages and Signal communications with counterparties after receiving a Wells Notice from the SEC; forensic analysis revealed deletion timestamps post-SEC notice

Penalty: $2,750,000 criminal fine; 18 months imprisonment; $4.1M disgorgement from underlying securities violations; permanent officer bar

Source: DOJ/SEC Joint Press Release, 2024

2023 — Pharmaceutical company, mid-cap public company

Senior VP instructed staff to delete clinical trial data from shared drives after an FDA enforcement inquiry and SEC request for production; company also failed to issue a timely litigation hold

Penalty: $12,000,000 SEC settlement with obstruction enhancement; $1.5M criminal fine; 3-year deferred prosecution agreement with independent compliance monitor

Source: SEC Litigation Release, October 2023

Understand Your SOX Penalty Exposure

Use ComplianceStack's free tools to identify gaps before regulators do.

Take the Quiz → Gap Analyzer →

Frequently Asked Questions

Does an SEC investigation need to be formally open before document destruction becomes criminal?

No — this is the most misunderstood aspect of § 1519. The statute criminalizes destruction done with intent to impede a contemplated or pending proceeding. Courts have consistently held that once a company has reason to believe regulatory scrutiny is likely — a Wells Notice, informal SEC inquiry, press reports of an industry sweep, or even a whistleblower complaint — document preservation obligations attach. Destroying documents after receiving a customer complaint that later leads to an SEC inquiry has been prosecuted successfully. The practical standard: if you know regulators might ask, preserve. Issue litigation holds immediately.

Can a company be criminally prosecuted for its employees' document destruction?

Yes, under standard corporate liability doctrine. A corporation is criminally liable for the acts of its employees acting within the scope of their employment and at least partly to benefit the corporation. If a mid-level manager destroys records to protect the company from liability — even without board or C-suite authorization — the company can face criminal prosecution. Post-Arthur Andersen, DOJ policy strongly favors prosecuting companies with inadequate compliance programs that create destruction-permissive cultures. Conversely, companies with clear, enforced litigation hold policies that immediately investigated and self-reported destruction have received reduced penalties or declinations.

What triggers the duty to preserve documents before formal litigation hold orders?

The duty to preserve is triggered when litigation or government investigation is reasonably anticipated. Courts and regulators have found reasonable anticipation in numerous circumstances: receiving a demand letter from a regulator or private litigant, a Wells Notice from the SEC, news of a parallel investigation into industry peers, a terminated whistleblower complaint, or even a heated internal audit finding. Best practice requires written litigation hold notices distributed to all document custodians, suspended automatic deletion policies, and IT-enforced preservation across all systems — email, cloud storage, mobile devices, and third-party platforms including Slack and Teams.