We use cookies to give you the most personalized experience possible on our website, and to collect information about how visitors use our site. If you continue without changing your settings, we’ll assume that you’re ok with receiving cookies from the XMedius website. You can disable cookies in your browser settings at any time, but please note that parts of the site will not work properly if you disable cookies.

For more information on how we use cookies, read our privacy policy.


How financial institutions can easily comply with the SOX Act

 In Blog, General

The following article is the first one of a series of three about how the fax can help financial organizations to meet their legal obligations. This first text covers Sarbanes-Oxley, a legislation passed by the U.S. Congress to protect shareholders like you and me.

Despite what people might think, the fax is still an essential communication tool in the financial sector. From banks and insurance companies to investment management and advisory firms, financial service organizations share high volumes of sensitive data. Document transactions are part of complex workflows and information is manipulated by numerous people in different geographic locations, demanding anytime/anywhere access.

Finance-driven documents

  • Credit applications
  • Financial reports and statements
  • Fund transfers
  • Invoices
  • Loan approvals and denials
  • Mortgage documents
  • Trade confirmations
  • Regulatory disclosures and information
  • Securities reports

Decision makers are continuously seeking better ways to keep their IT infrastructure costs and operational risks under control while addressing security concerns and complying with stringent industry regulations. Many firms recognize the advantages of moving to the cloud in order to reduce costs, but are rightly concerned about the security of their confidential information.

The transmission of information by fax remains a critical component of an information system. Choosing a fax provider with a proven track record and demonstrated expertise in developing enterprise-class cloud fax services is of paramount importance.


Sarbanes-Oxley (SOX) was implemented in 2002 and legislates how business records are protected and preserved to prevent destruction and corruption. SOX has also set e-records management standards to which all businesses should adhere. SOX mandates that all electronic records (including faxes), be retained for a period of seven years. Furthermore, it requires tamper-proof resources to prevent the corruption and modification of records. This rule is designed to protect investors from fraudulent activity and to safeguard financial data.

Entities subject to SOX compliance include all US-based publicly traded companies and international companies that have registered equity or debt securities with the Securities and Exchange Commission. Accounting firms that provide auditing services to the above entities are also subject to SOX compliance.

How XM Fax® helps achieve SOX compliance standards

  • Offers secure and real-time fax transmission
  • Faxes are sent and received directly from any application to the intended recipient’s fax number, with notification of receipt and routing of incoming faxes to intended recipients’ email inboxes, network folders or secure printers.
  • Provides a centralized solution – XM Fax® allows for secure integration with corporate systems such as ERP, Document Management, Archiving, and virtually any other 3rd party network application to enable inbound and outbound document delivery via fax, email or the Internet.
  • Maintains electronic storage and an audit trail of fax transmission logs
  • XM Fax® can be configured to store all incoming and outgoing faxes electronically in a secure cloud-based storage environment, or on a network archiving system or database. It also allows users and administrators to track fax history and verify fax delivery.

Along with the ability to set up notifications for deliveries and receipts, a complete audit trail of fax activity is also provided.

XM Fax® is ISO 27001 certified for its Information Security Management System (ISMS). The infrastructure supporting the XM Fax® service meets the rigorous physical, technical, administrative, processes and management controls required to achieve the highest security standard. ISO 27001:2013 can therefore be used to help verify SOX compliance.

In short, XM Fax® offers a level of security and protection that very few fax cloud providers can match. Our clients operate across regulated industries and require an enterprise-grade faxing solution to achieve the highest security standards. XM Fax® is that solution.

Discover how XMedius helped KPMG Australia to reach a higher level of security while reducing their costs associated with faxing: https://www.xmedius.com/en/industries/banking-finance/