What It Is

REACH (Regulation (EC) No 1907/2006) is a directly applicable EU regulation managing chemical substances' lifecycle. Its primary purpose is protecting human health and environment by shifting responsibility to industry for identifying, registering, and controlling chemical risks. Scope covers substances, mixtures, and articles; key approach is tonnage-based, risk-proportionate data generation and controls.

Key Components

• Four pillars: Registration (>1 tonne/year dossiers), Evaluation (dossier/substance checks), Authorisation (SVHC permissions via Annex XIV), Restriction (bans/limits in Annex XVII).
• 17 technical annexes define data requirements, SDS rules, exemptions.
• Core principles: industry burden shift, supply-chain communication, continuous updates.
• Compliance model: no certification; ongoing ECHA submissions, national enforcement.

Why Organizations Use It

Legal obligation for EU market access; avoids fines, seizures, market bans. Reduces risks via hazard knowledge, substitution; builds supply-chain trust, ESG alignment, innovation in safer chemistries.

Implementation Overview

Phased: gap analysis, substance inventory, dossiers/CSRs via IUCLID, SDS management, monitoring Annex/Candidate Lists. Applies to manufacturers/importers/downstream users EU-wide; cross-functional, resource-intensive; audit readiness via self-assessments.

What It Is

The Sarbanes-Oxley Act of 2002 (SOX) is a US federal statute enacted post-Enron scandals to protect investors by improving corporate disclosure accuracy and reliability. It establishes a control-based, risk-assessed framework for financial reporting integrity.

Key Components

• **Three pillarsPCAOB oversight (Title I), auditor independence (Title II), executive accountability (Titles III-XI).
• Key sections: 302/906 (CEO/CFO certifications), 404 (ICFR assessments), 409 (real-time disclosures).
• Built on COSO framework; no fixed controls, focuses on effective ICFR.
• Annual management reports and auditor attestations (exemptions for smaller filers).

Why Organizations Use It

• Mandatory for US public companies, with criminal penalties for non-compliance.
• Enhances governance, reduces restatements, builds investor trust.
• Strategic gains: operational efficiency, M&A readiness, lower capital costs.

Implementation Overview

• Risk-based phases: scoping, documentation, testing, monitoring.
• Applies to US-listed issuers; scales by filer status.
• Requires annual Section 404 audits for accelerated filers.