From the late 1990s to the beginning of this century, fraud cases against large enterprises emerged in the United States. After such financial fraud was exposed, public enterprises such as Enron and WorldCom declared bankruptcy. Overnight, stock certificates growing rapidly in price turned into “scrap paper”. Investors were outraged by the lack of financial fraud regulation. In 2002, US Congress promoted the Sarbanes–Oxley (SOX) Act to protect the interests of investors and strengthen the responsibilities involved in enterprise integrity. The primary goal of the SOX Act is to protect investors by improving the accuracy and reliability of enterprise information disclosures. However, whether the specific mechanisms and provisions of the SOX Act prevent investors from achieving sustainable development of enterprises has become a topic of debate in theoretical, practical, and political aspects following its implementation.
In order to more comprehensively understand the relationship between internal control and enterprise sustainability under the SOX Act framework, this uses 84 English-language research from a core database, i.e., Web of Science between 2006 and 2021, as its research object, uses a research and bibliometric graph as the research method, uses Vosviewer software to trace the determinants of enterprise sustainability systematically, and uses the Sarbanes-Oxley Act as a manifestation of internal control to explore the role and controversies of internal control in the process of enterprise sustainable strategic layout. The results show that the factors affecting enterprise sustainability mainly include enterprise characteristics, managerial characteristics, social responsiveness, environmental responsiveness, and external effects. At the same time, internal control positively affects enterprise sustainability by improving the quality of financial information, derived effects, and spillover effects. However, it can be detrimental to enterprise sustainability as well due to increased compliance costs and legal liabilities. In addition, an analysis of the impact of internal control on enterprise sustainability under the SOX Act framework at the country level reveals that the SOX Act framework has been implemented to varying degrees in different countries, providing practical insights into the proper implementation of internal control in enterprises.
2. Determinants of Enterprise Sustainable Development
Sustainable enterprises are more efficient, have more resilient business models, and generate stable cash flow from an economic perspective. Regarding social and environmental perspectives, sustainability refers more to enterprise responsibility than an obligation. Many prior studies 
have examined the effects of enterprise characteristics, internal governance, social responsiveness, and environmental policies on sustainable enterprise development and explored their main influencing factors. For example, ref. 
found that government support for Chinese enterprises to develop financing guarantee services is one of the key external environmental factors constraining sustainable enterprise development. Furthermore, among the internal environmental factors, improvement at the management level has an important positive role in an enterprise’s sustainable development. Therefore, this explores the impact of internal and external factors on an enterprise’s sustainability. Furthermore, this is linked to the economic consequences of internal control in the following section.
First, an enterprise’s characteristics have an important impact on sustainable development. Ref. 
find that family enterprises have complex issues that affect their image and management. They pay more attention to factors that affect the long-term development of their enterprise, such as its reputation, brand image, and financial value. Ref. 
demonstrate that an enterprise’s age is associated with its perceptions of sustainability. The longer the enterprise is in business, the more profound the understanding of sustainable development, and the more it actively fulfills various social responsibilities to achieve long-term enterprise development. At the same time, resilience is a key organizational capability for sustainability. Making organizations more sustainable and resilient requires innovative responses to the marketplace through continuous reform and improvement 
. Enterprises must identify the environmental and social factors most relevant to their organizational operations through continuous learning 
. In addition, several previous studies 
argue that advanced technologies for product and service design and information and communication technologies increase opportunities for enterprise sustainability.
Second, managerial characteristics and transformational leadership play an important role in an enterprise’s sustainability. Ref. 
argue that managers can quickly become aware of the various problems encountered in enterprise development and act accordingly in favor of the enterprise, thus providing the impetus for enterprise development. Ref. 
find that managers view environmental sustainability as a competitive tool for enterprise growth. Ref. 
confirm the importance of sustainable leadership (SL) practices on enterprise financial performance, including shared vision, friendly labor relations, valuing employees, and social responsibility. Transformational leaders promote innovative behaviors among their subordinates through trust, empowerment, and work engagement to achieve sustainable enterprise growth 
. Behaviorally integrated top management teams facilitate interaction between professionals within the organization, promoting innovative solutions and strategies to develop core competencies to improve the enterprise’s sustainability. In addition, many prior studies 
suggest ways to improve organizational and entrepreneurial resilience to build positive sustainability performance relationships.
Finally, many previous studies suggest that enterprise stakeholders, social responsiveness, and environmental responsiveness impact enterprise sustainability. For example, several prior studies highlight the important influence of stakeholders on sustainability performance relationships in terms of achieving enterprise reputation, competitive advantage, customer satisfaction, and social engagement 
. In addition, ref. 
find that enterprises’ awareness of sustainability strategies and subsequent returns to practice is critical to positive sustainable financial performance relationships. Social issues need to be integrated with environmental and business issues to improve the sustainability of manufacturing SMEs 
finds that the good fulfillment of corporate social responsibility (CSR) can provide key resources for the strategy of enterprises, which can make consumers trust more in their products, attract more capital investment, and provide many aspects for further harmonious development. In addition, the ability to “eco-innovate” is becoming increasingly important under increasing global pressures, and could be a new source of competitive advantage to influence the sustainability of enterprises 
. Ref. 
find that strong assets and financial capacity strongly influenced 22 SMEs to adopt eco-innovation to improve their financial performance. Therefore, governments and other stakeholders need to consider the tolerance range of enterprises when putting pressure on them to enhance sustainability in order to achieve a win–win situation 
3. Economic Consequences of Internal Control in the SOX Act Framework
By establishing a sound and reliable internal control system and then strictly implementing it, enterprises can create a good business environment, monitor irregular activities, balance legitimate rights and interests among stakeholders, and achieve sustainable development. In addition, numerous empirical studies explore the economic consequences arising from the SOX Act. On the one hand, many prior studies argue that the introduction of the SOX Act benefits enterprises and other stakeholders and facilitates sustainable synergistic development of enterprises, society, and investors.
3.1. Positive Consequences
A large body of empirical literature in the US shows that implementing the SOX Act leads to several positive consequences for enterprises and investors due to internal control audits, thus contributing to a higher level of enterprise sustainability. First, the SOX Act can improve internal control objectives related to financial reporting objectives, effectively ensuring the quality of financial information and improving information transparency, as reflected in the direct impact of the SOX Act on improving the enterprise information environment. Second, the SOX Act can improve enterprise non-financial reporting-related objectives, such as compliance with operational and compliance objectives, as demonstrated by improvements to governance mechanisms.
Financial information quality and information transparency
One of the most important aspects of the SOX Act’s positive impact on enterprise sustainability is the improvement of enterprises’ internal control audits on the financial reporting information environment. This is closely related to the SOX Act’s requirement that auditors focus on the effectiveness of internal controls as identified with financial reporting objectives. Most of the existing literature follows information economics for theoretical derivation. Therefore, internal control directly affects the enterprise accounting information environment. Effective internal controls can improve the accuracy of forecast information and the quality characteristics of accounting information and reduce information asymmetry and agency costs between enterprises and investors, and thus contribute to the long-term synergy between enterprises and investors.
The primary goal of the SOX Act is “to protect investors by improving the accuracy and reliability of enterprise disclosures”. In addition, the SOX Act improves the quantity and quality of disclosed information through various disclosure requirements and corporate governance mandates 
. Internal control improves the quality of accounting information and enhances enterprise sustainability through investor protection. Previous studies focus on the ability of internal control audits to improve the accrual quality and conservatism of accounting information, earnings management forecasts, and analyst forecasts. For example, refs. 
argue that internal control can improve the accrual quality and prevent and correct misstatements and omissions that are intentional or unintentional. They find that enterprises that implemented a compulsory audit have improved earnings quality. In addition, ref. 
argue that internal control can improve conservatism, an important characteristic of accounting information quality. They find that the internal control of an enterprise increases with accounting conservatism. Finally, ref. 
explain that internal control can affect the enterprise information environment by examining management forecasts. The quality of internal control significantly affects the management forecast report, and those of enterprises with poor internal control are less accurate.
On the contrary, the better the internal control, the more accurate the management forecast. Refs. 
investigate the impact of the SOX Act’s implementation on analysts’ forecast accuracy and find that the SOX Act increases the information transparency of enterprises. Nevertheless, ref. 
argue that, on the one hand, serious deficiencies in internal control expose financially distressed enterprises to greater uncertainty. On the other hand, the information asymmetry caused by internal control deficiencies makes it more difficult for auditors to recognize the future evaluation of enterprises. Ref. 
examine the quality of financial information by comparing the accrual level of quarterly financial reports between the enterprises implementing the SOX 404 mandatory internal control audit before and after 2004 and those that do not. The results show that the quality of quarterly accounting information in enterprises implementing the SOX 404 mandatory internal control audit is significantly better than those that do not.
highlights that the SOX Act provides executives and auditors with new and powerful incentives to disclose control system weaknesses. In addition, the interaction between disclosure and liability risk further improves the incentives to eliminate weaknesses and invest more resources in internal controls. As a result, implementing the SOX 404 mandatory internal control audit significantly improves enterprises’ accounting information, which is conducive to their sustainable development.
Positive evidence of the SOX Act derivation effects
Good internal controls further strengthen corporate governance by improving the derivation effects of the information environment to enhance enterprise sustainability, which is in line with the COSO Committee’s internal control objectives of 1992. The derivation effect means that a subject performing a specific activity has the expected effects resulting from that activity and affects other subjects. COSO’s interpretation of the internal control structure considers that the effectiveness of internal control is reflected in the reasonable assurance of financial reporting objectives and requires that internal control provides reasonable assurance of the efficiency and effectiveness of enterprise operations and compliance with laws and regulations. The relevant empirical evidence is quite ample. The main theoretical logic is that the effectiveness of internal control first acts directly on the information environment for financial reporting. Changes in the financial reporting information environment further generate factors that affect the achievement of other enterprise objectives, such as operational and compliance objectives, thereby contributing to the enterprise’s sustainability in an improved external environment.
First, the SOX Act moves enterprises toward protecting investor interests by changing their governance decisions. For example, ref. 
, from the perspective of diversification discount, argue that enterprises with effective internal controls are more advantageous in terms of information communication and collaboration, which can increase the operational efficiency and overall enterprise value within diversified enterprises. Enterprises with deficient internal controls have higher levels of diversification discount. Ref. 
find that enterprises with high-quality internal controls have more inventory management. As evidenced by lower inventory turnover rates and higher inventory impairment allowances, deficient internal controls can lead to significant deficiencies and weaknesses in the recording, maintenance, valuation, and tracking of inventories. Ref. 
argue that disclosed material internal control deficiencies affect the capital costs of an enterprise. The higher the number of internal control deficiencies disclosed by an enterprise and the longer the duration of internal control deficiencies, the higher the enterprise’s cost of equity capital.
Conversely, after correcting internal control deficiencies, enterprises’ cost of equity is significantly lower. Thus, internal control significantly affects the financing cost of enterprises. Ref. 
examines how the increased internal control disclosure requirements mandated by the SOX Act affect the annual corporate governance decisions of the CFOs involved. The findings show that enterprises with weak internal controls have lower CFO compensation and suffer higher mandatory replacement rates following the passage of the SOX Act. In comparison, enterprises with strong internal controls have higher CFO compensation but no change in mandatory replacement rates. Thus, the findings suggest that mandatory internal control disclosure under the SOX Act is a credible mechanism for distinguishing between good and bad CFOs by disclosing the quality of an enterprise’s internal controls. In addition, the evidence supports the view that mandatory disclosure reduces information asymmetry in the managerial labor market.
Second, internal control can reduce manipulation of earnings, improve enterprises’ operating profits, and avoid market risks, thus promoting sustainable enterprise development. Ref. 
find that enterprises with internal control deficiencies are more likely to use real earnings management to manipulate earnings than other enterprises with good internal control. These manipulations do not perform as well as they should the following year. The findings suggest that enterprises with high quality internal controls can effectively inhibit such manipulations that deviate from production and business objectives, improving enterprises’ business objectives. Ref. 
argues that internal controls as a governance mechanism can unify objectives between shareholders and enterprise managers, reducing the associated agency costs regarding the quality of enterprise financial information and the enterprises’ tax avoidance derivation. These findings suggest that enterprises with significant tax-related internal control deficiencies lead to significantly lower levels of tax avoidance. This conclusion is only consistent with internal control deficiencies at the overall level of financial reporting.
Moreover, ref. 
interviewed 30 managers and partners (all auditors) from the Big 4 after the SOX Act. They found that auditors perceive that the enterprises’ governance environment improved significantly after the SOX Act. Audit committees have become more active, diligent, professional, and empowered. These findings indicate a significant enhancement of corporate governance after the SOX Act’s implementation. The SOX Act can improve compliance objectives as well. Ref. 
find that enterprises with effective internal controls comply more with the regularity and timeliness requirements when filing 8-K documents with the SEC. Refs. 
find that enterprises with internal control deficiencies after the SOX Act’s implementation are more likely to delay filing their 10-K and related audit reports with the SEC, suggesting that the improved quality of the SOX Act’s internal controls can provide incentives for enterprises to comply with laws and regulations, contributing to such enterprises’ sustainability.
Positive evidence of the SOX Act spillover effects
The SOX Act can achieve other goals, such as financial or operational goals and compliance goals, and create spillover effects through an improved information environment or spillover effects that affect different investors’ goals and the enterprise’s sustainability. For example, there is a large body of literature on whether the implementation of the SOX Act effectively enhances and protects the interests of small- and medium-sized investors in the capital markets, as well as on the impact of the SOX Act on the cost of capital and on the reactions of other stakeholders.
From an auditor’s perspective, ref. 
find a significant increase in the mean and median audit fees before and after implementing SOX 404, with significantly higher fees for enterprises with than those without internal control deficiencies. However, audit fees do not differ significantly with the enterprise’s type of internal control deficiency. These findings suggest that auditors make an effort to implement the SOX Act. Meanwhile, ref. 
examine the correlation between the disclosure of internal control deficiencies and auditor fees. They find that auditors can mitigate the inspection risk by increasing substantive testing when control risk rises. For clients who subsequently issue internal control deficiencies, the enterprise does not expend more effort, and therefore audit fees increase significantly after enterprises disclose internal control deficiencies.
From a market perspective, small- and medium-sized investors’ evaluations of the SOX Act after its implementation provide evidence of its positive impact. Ref. 
find a significantly negative market reaction when a permanent exemption from SOX 404 was announced for small enterprises, suggesting that auditors value the market for internal control audits, thus indirectly demonstrating the positive effect of the SOX Act. Ref. 
find that after disclosing information, the stock prices of enterprises with deficiencies in internal control fall, as do those of other enterprises in the same industry. Ref. 
find in examining the capital market that enterprises that disclose the existence of internal control deficiencies have poorer market performance and lower investor evaluations after implementing the SOX Act.
The literature assesses whether the SOX Act protects other stakeholders through financial costs and positively affects enterprise sustainability. Refs. 
find that internal control deficiencies increase the equity cost of enterprises. These findings suggest that internal control deficiencies lead to concerns among small- and medium-sized shareholders about enterprise risks and the protection of their legitimate rights and interests, which implies that the SOX Act’s requirements for the establishment and improvement of internal control have a positive effect on small- and medium-sized investors. Ref. 
suggest that deficiencies in internal controls result in lenders being less inclined to trust financial information when entering into terms, thus relying less on financial information and more on non-financial information terms to constrain and monitor capital borrowers. Refs. 
find that banks demand higher interest rates from borrowing enterprises when internal controls are deficient. These findings suggest that creditors are receptive to enterprises with better internal controls, illustrating the SOX Act’s positive effect on the protection of creditors.
3.2. Negative Consequences
The discussion of the negative impact of internal controls on enterprise sustainability is mainly based on the market efficiency hypothesis. However, much of the literature shows that the high compliance costs and legal liabilities of the SOX Act can be costly to enterprises. At the same time, using existing resources to bear high costs and social responsibility further reduces the level of enterprise risk-taking. As a result, it discourages various investors, which is detrimental to the long-term development of enterprises.
Negative evidence of the SOX Act and high compliance costs
The SOX Act includes many requirements requiring enterprise executives to disclose more detailed financial information and establishing a sound and effective internal control system. Legal compliance costs are particularly high for smaller enterprises and enterprises with high agency costs. Small enterprises with relatively simple operations can incur significant cost burdens when they strictly comply with the SOX Act and re-establish good internal controls 
. As a result, their survival may be seriously threatened. Ref. 
find that after the announcement of privatization earnings for small enterprises, the market is favorable towards privatizing these enterprises, suggesting that the cost–benefit ratio of the SOX Act is inappropriate for small enterprises. Ref. 
finds that the SOX Act damages SMEs values, implying that external legal compliance is costly and uneconomical for small enterprises. Ref. 
finds that the increase in audit fees after the SOX Act’s implementation is much larger than the increase in accrual quality. In addition, stock prices increase significantly when small enterprises defer and waive the SOX 404. Therefore, non-compliance with the SOX Act is a favorable choice for small enterprises’ value and their shareholders’ equity, thus contributing to the sustainable development of the enterprise.
In addition, enterprises with high agency costs that strictly enforce the SOX Act bear the challenge of external investors and strict scrutiny from regulators, damaging the enterprise’s value or de-listing. Ref. 
finds that more foreign private issuers (FPIs) de-list after implementing the SOX Act. The returns are negative for enterprises which announce de-listing before adopting the SOX Act and positive after its adoption, with a highly significant difference. Such enterprises’ fundamentals experience a significant improvement after their privatization. The evidence mentioned above indicates that the SOX Act’s implementation causes adverse effects on enterprise operations for cross-listed FPIs. Many studies in the literature support the view that the SOX Act reduces the attractiveness of enterprises to the US capital market, with listed enterprises undertaking privatization to avoid the Act. For example, ref. 
point out that enterprises choose to avoid SOX Act regulation by de-listing into the capital market purely to achieve two objectives. First, such enterprises’ poor fundamentals make it difficult to withstand the huge cost pressure brought by the SOX Act. Second, such enterprises face more scrutiny after the SOX Act, and reduce information transparency by de-listing into the capital market in order to avoid the risk of scrutiny and litigation and thereby maximize their interests. The post-SOX Act period leads many enterprises with poorer fundamentals or higher agency costs to go private or enter the capital market in order to avoid the impact of the SOX Act and seek sustainable development.
Negative evidence of the SOX Act and legal liability
The SOX Act increases the liability of enterprise management, such as the requirement to seek recovery of property proceeds from misleading statements and the requirement to disclose insider trading information for less than two days. Violations can result in large fines and up to 20 years in prison. For legal reasons, enterprise management may undertake more short-sighted actions, such as risky and innovative investments and negative enterprise value. Implementing these measures makes the enterprise think only about immediate benefits and not about its sustainable development. Ref. 
find that the SOX Act leads to lower CEO incentives, lower willingness of enterprises to take risks, and lower levels of investment, suggesting that the Act is detrimental to enterprise innovation and long-term growth. Ref. 
argue that at least two aspects of post-SOX Act regulations significantly constrain enterprise risk-taking and innovation. They find that US enterprises affected by the SOX Act are less willing to engage in risky investment, and have a significantly lower willingness to take risks compared to other countries at around the same time. Ref. 
finds that certain enterprises obtain exemptions from the SOX Act by reducing investments, paying more dividends to shareholders, reducing the shareholding of non-affiliates in their shares, disclosing more bad news, and reporting lower earnings to circumvent the SOX Act. Ref. 
find that CEOs and CFOs face a higher probability of being rotated out due to violations of laws and regulations after the SOX Act’s implementation. The implementation of the SOX Act put tremendous pressure on enterprises’ management and constrained their sustainable development.
Extensive evidence suggests that the SOX Act leads to a loss of enterprise wealth rather than increased enterprise wealth. Ref. 
finds that US capital market-listed enterprises reacted in a significantly negative way around significant points in time associated with the SOX Act, suggesting that the capital market does not view the SOX Act favorably. Ref. 
finds that enterprises subject to the SOX Act experienced a significant decline in stock prices before and after the passage of the SOX Act compared to enterprises not affected by it. Ref. 
find that the SOX Act does not improve the quality of accounting information for bondholders, and reduces bondholders’ value. This finding suggests that the SOX Act is significantly and negatively associated with the sustainability of both bondholders and enterprises.
4. Analysis at Different Country Levels
The SOX Act originates from the US implementation of a mandatory internal control audit system. However, the legislation in practice and the empirical evidence from academia show that the SOX Act has created a huge controversy regarding enterprise sustainability. Therefore, it is worth considering the future of the SOX Act and what it means for the sustainable development of Chinese enterprises. Based on this, the research summarizes and examines the impact of the SOX Act on enterprise sustainability in various countries through on a research.
4.1. The Impact of Internal Controls in the SOX Act Framework on the Sustainable Development of U.S. Enterprises
note that anti-SOX interests have taken several strategic actions to reshape the SOX Act, including the appointment of an enterprise-friendly SEC chair, threats to block SEC funding allocations, and several other strategic activities to effectively leverage its positive effects on enterprise sustainability and minimize or avoid negative impacts. In addition, the PCAOB has expressed concern about the declining disclosure of internal control deficiencies over the years due to continued delays in compliance with mandatory internal control audits by small enterprises before the permanent exemption and the replacement of AS2 by AS5 for internal control audits.
Meanwhile, ref. 
find that the quality inspections imposed by the PCAOB on auditor enterprises lead to a significant increase in auditor enterprises’ post hoc audits. The empirical evidence is consistent with 
assertion that financial scandals drive the SOX Act to reduce public outrage. Yet, financial fraud and insider trading in “repeated violations of the US securities laws” lead accounting historians to argue that many of these laws are symbolic and ineffective. The SOX Act may have been weakened after the emergency relief of investor fear and anger. On the other hand, the transient nature of inspections by the relevant regulators may have led to a significant improvement in the quality of internal controls of the regulated enterprises.
An important question is whether internal control audits and disclosure need to be enforced in the form of legislation. For example, ref. 
imply that although hedge funds are not subject to the SOX Act’s internal mandatory control audits, enterprises with higher ex ante agency costs, such as in places with poor offshore investor protection, managers actively seek internal control audits for institutional investors. This implication suggests that internal control audits as a governance mechanism to reduce agency costs are not externally imposed, and are rather the result of market demand. Conversely, enterprises that opt for privatization or de-listing tend to be small or fundamentally poor 
. Thus, the US SOX Act responds to the market demand of large enterprises and enterprises with good fundamentals, which is positive for their sustainable development, while burdening SMEs and enterprises with poor fundamentals, which is not conducive to their sustainable development.
4.2. The Impact of Internal Control on the Sustainable Development of Chinese Enterprises under the SOX Act Framework
This compares the economic consequences of China’s SOX Act in four dimensions: purpose and background, institutional provisions, theoretical evolution, and empirical investigation.
In terms of the purpose and background of the legislation, unlike in the US, internal controls in China are not implemented to prevent financial fraud in listed enterprises, but instead to better serve sustainable development. China’s capital market was established just over thirty years ago. It has rapidly grown from eight listed enterprises with a market capitalization of about USD 2.4 billion in 1990 to over 4000 listed enterprises with a total market capitalization of over USD 70 trillion in 2020. As a result, enterprises are becoming larger. Their business is becoming more complex. They urgently need a standardized system to control risks. In particular, the failure of many large SOEs to operate globally has led the Chinese government to consider introducing internal controls to reduce risk and develop a “Chinese-style Sarbanes–Oxley Act” to protect the sustainable development of enterprises and of the whole society and economy.
The Singapore CNA bankruptcy case is a typical case triggered by the lack of internal control. Founded in 1993, CNOOC Singapore is an overseas subsidiary of a large state-owned enterprise directly under the Central Government. In 2001, CNOOC Singapore was listed on the Singapore Exchange, becoming the first Chinese-owned enterprise to use its assets to list abroad. From a trading enterprise on the verge of bankruptcy, CNOOC Singapore developed into a combined industry and trade entity, expanding its business from a single purchase of imported jet fuel to international oil trading, growing its net assets from USD 219,000 in 1997 to over USD 100 million in 2003. However, in 2006, the president of CNOOC Singapore violated the law by trading high-risk oil options, resulting in serious losses and the eventual bankruptcy of the enterprise. The cause was a lack of internal control in the enterprise. The manager conducted high-risk business irregularities according to his wishes rather than following strict procedures, which ultimately led to the failure of the business.
In terms of the institution, the Chinese version of the SOX Act is less strict than the US and more flexible. The introduction of the SOX Act in China was marked in June 2008 by the Ministry of Finance, the Securities Regulatory Commission, the Audit Office, the Banking Regulatory Commission, and the Insurance Regulatory Commission, which jointly issued the “Basic Standard for Enterprise Internal Control” requiring the disclosure of internal control information by the above enterprises. In 2012, listed enterprises were formally required to implement a mandatory internal control audit system. Despite the short time that the this version of the SOX Act has been in force, there has been a great deal of research and discussion on topics related to internal control auditing and sustainability. However, the theoretical framework of internal control continues to be based primarily on an information economics perspective that explores the economic consequences of internal control. Related empirical studies focus on the positive effects of internal control, such as the information environment, spillover effects, and derivation effects. However, almost all studies show that improving the quality of internal control increases the positive impact of sustainable business growth. There is little empirical literature examining the negative effects of internal controls.
However, the Chinese version of the SOX Act is more flexible in its practical operation. For example, in practice, CPAs in China often carry out internal control audits during the auditing of financial reports, known as “integrated audits”, in order to reduce costs. In contrast, the US version states that audits of financial reporting and internal control reports cannot be performed as an integrated audit, and need to be completed by different auditors. In addition, in terms of audit scope CPAs need to focus on the effectiveness of internal control over financial and non-financial reporting, unlike in the US, where the emphasis is on the former.
In terms of theoretical evolution, there have been two major changes in studying the economic consequences of internal control in China. The first was in 2008, when empirical studies on the economic consequences of internal controls began to emerge. The reason for this is that in 2008, the Chinese government began to promote the construction of an internal control system by drawing on the COSO framework, which has sparked theoretical concerns. However, the disclosure of internal control information of listed enterprises was not fully implemented then, and the empirical data were mainly based on the information voluntarily disclosed by listed enterprises. The second time was in 2013, when research on internal control in China shifted from normative to empirical studies. As a result, 2013 is the second year of full implementation of internal control audits and disclosure for listed enterprises in China, for which access to data has now become easy. At this time, research on the economic consequences of internal control in China has shifted from a mainly normative to empirical research, and empirical research has become the main stream of research focus in China.
There are several distinctive features of domestic empirical studies on internal control. First, the research paradigm follows the US empirical research idea. The theoretical framework of internal control continues to be based primarily on an information economics perspective that explores the economic consequences of internal control. Second, while the empirical content framework is the same as that in the United States, the empirical findings are biased toward positive consequences. Related empirical studies focus on the positive effects of internal control, such as the information environment, spillover effects, and derived effects. However, almost all studies show that improving the quality of internal control increases the positive impact of sustainable enterprise growth. There is little empirical literature examining the negative effects of internal controls. A possible explanation is that China has become more flexible in its legal provisions and specific practices to reduce enterprise compliance costs, such as consolidation of audits and exemptions for SMEs, after taking into account the delayed or exempted implementation of the system in the US for this reason. The difficulty of directly estimating compliance costs is another possible reason. Third, more studies have been conducted in the context of local characteristics in China, such as how ownership attributes affect the role of internal control 
and exploring the role of internal control in the context of policy and regulatory enactments 
find that internal control can eliminate earning-management practices in financially distressed enterprises, significantly improving sustainability. Ref. 
examine changes in the quality of enterprise financial information before and after the mandatory implementation of China’s internal control audit and information disclosure system. They find that enterprises’ financial information quality significantly improves after implementing the Chinese SOX Act. Consistent with this, ref. 
find that Chinese listed enterprises began implementing internal control audits on a trial basis in 2007. The audit quality of enterprises that voluntarily implemented and disclosed internal control audits was significantly better than in the previous year.
Positive evidence of SOX derivation effects
find that high-quality internal control can improve stock liquidity in the capital market. For internal enterprise management, ref. 
find that internal control can effectively implement the time budget, although ex ante moral hazard increases the possibility of budget slack. Ref. 
find that internal controls effectively reduce redundant cash holdings or cash holding shortages, increasing the value of cash holdings. Ref. 
find that poor internal control exacerbates overinvestment and underinvestment in investment and financing. Finally, ref. 
find that internal control can significantly increase enterprise value. Various studies provide the positive impact of derivation effects on enterprise sustainability.
Positive evidence of SOX spillover effects
The quality of internal controls affects the decisions of stakeholders such as bondholders, suppliers, and auditors, and thus the level of enterprise sustainability. Ref. 
find that the more effective the internal control, the higher the quality of commercial credit liabilities and assets and the larger the size of commercial credit funding. These results suggest that a higher quality of internal control makes it easier to gain the trust of suppliers and obtain more high-quality credit funding. Ref. 
find a significant positive association between internal control deficiencies and debt financing costs. Their results indicate that enterprises with poor internal control quality trigger concern among debt holders, increasing the borrowing interest rate. From a litigation perspective, ref. 
find that the internal controls of offending enterprises are more likely to be deficient and to have higher audit fees. This suggests that internal control deficiencies affect auditors’ perception of risk.
4.3. The Impact of Internal Control under the SOX Act Framework on the Sustainable Development of Enterprises in Other Countries
The Japanese version of the SOX Act (J-SOX) was designed to prevent the growing number of financial fraud scandals, such as the Liverdoor and Seibu Railway scandals that occurred in Japan around 2000. In 2005, the Business Accounting Council in Japan began to explore ways to improve the quality of corporate financial reporting in Japan by drawing on the SOX Act.
The Japanese version of the SOX Act has the following characteristics in its theoretical construction, judicial practice, and findings of empirical studies. First, from the perspective of internal control framework theory, Japan advocates for comprehensive internal control, including non-financial internal control under the COSO framework. Second, judicial practice of internal control has significantly reduced the legal liability of auditors in Japan by focusing their responsibility on the effectiveness of internal control over financial reporting and by making them responsible only for the effectiveness of internal control as declared by management, rather than directly for the effectiveness of internal control audits. Third, the findings of the empirical study assert the positive consequences of internal control. For example, the enactment of the Japanese SOX Act was able to improve information quality and correct discontinuity in the distribution of profits due to corporate manipulation of accounting earnings 
, with spillover effects such as lower investor evaluations of enterprises with internal control deficiencies 
This is mainly because Japanese law allows management to establish a system of internal controls commensurate with its affordability, and does not bring about problems such as high implementation costs and the flight of foreign capital which occurred due to the implementation of SOX in the United States.