A United States law, passed in 2002, regulating the transparency of publicly held companies. In particular, public companies must establish a way for the company to confidentially receive and deal with complaints about actual or potential fraud from misappropriation of assets and/or material misstatements in financial reporting from so-called "whistle-blowers." U.S. companies with EU subsidiaries or affiliates are bound by both SOX and EU data protection law, thus potentially leading to conflicting obligations, specifically in regards to protecting the identity of the whistle-blower (SOX) vs. protecting the personal data of the employee accused of wrongdoing (EU data protection law).