TORONTO – They may have confidence in their IT department, but almost 50 per cent of finance executives in large companies don’t think they will be able to comply with regulations such as Sarbanes-Oxley and Bill 198, according to the results of a survey released Thursday.
According
to the data gathered from CFO.com on behalf of Ottawa-based Cognos, 72 per cent of financial executives are either extremely or very concerned about managing the costs associated with compliance, even though about 80 per cent of them said they would be focusing on automating business and financial controls in the next few years. CFO.com got responses from more than 300 executives for the survey, most of whom were in senior positions at companies with revenue of more than $1 billion.
CFO.com research director Sam Knox said Sarbanes-Oxley, which imposed stricter financial reporting standards on U.S. companies and their Canadian operations, could signal a new wave of IT spending as companies struggle to be more accountable for their data. Bill 198, which is expected to become law later this year, will introduce regulatory changes similar to Sarbanes-Oxley.
“In year one of Sarbanes-Oxley, companies did what they had to do to comply manually,” he told a conference of Cognos customers and partners. In the next three years, he added, companies surveyed by CFO.com said they would be focusing on improving document management, standardizing their enterprise resource planning (ERP) environments and automating the assessment of “controls” — the way companies measure how they collect and dispose of funds.
Approximately 59 per cent of respondents said their CIOs had an excellent or very good understanding of the financial dimensions of Sarbanes-Oxley compliance requirements, a figure which Knox said he wasn’t expecting. “In talking with others in the field, the vendors, they expressed more skepticism about that,” he said.
Lee Dittmar, co-leader of Deloitte’s Sarbanes-Oxley Initiative, put it more bluntly: “They mustn’t be our clients,” he said. Deloitte is working with more than 900 customers in the U.S. alone which are catching up on compliance, Dittmar said. The problem is that many of their technology projects were focused on customer transactions, not internal data, and in some cases there was little systems integrations as their firms merged or acquired competitors.
Deloitte recently held a series of roundtables on compliance with customers, Dittmar said, and at one of them a customer asked if they were able to automate certain controls themselves. “The feeling was, ‘If IT is monitoring it, I can’t get what I need to get,’” he said.
David Axon, president of consulting firm The Sonax Group and former head of corporate planning at Bank of America, said CIOs have had a thankless role in the last 10 years, and compliance pressures have exacerbated their sometimes adversarial relationship with finance departments. The response to regulatory requirements so far, he said, has been similar to the way large North American car manufacturers tried to improve the quality of vehicles when they were faced with competition from Japanese firms by throwing more money and human resources at the problem.
“All of a sudden you’d have a car come off the line and 35 people would descend on it and kick it to make sure it didn’t rattle,” he said. Eventually, he said, the automakers applied Six Sigma and other quality control principles to manage their processes more effectively. “We need to think about the same kinds of tools disciplines and tools as the manufacturing sector.”
Cognos product marketing vice-president Doug Barton said the problems associated with multi-year ERP deployments have soured some senior executives on expensive projects to tie technology systems together. “There was a sense that we needed to know the state of our controls before layering in new systems investment,” he said. “We’re starting to see a shift there.”
Michael Duffy, president of Open Pages, agreed. His firm, which makes software to help companies comply with Sarbanes-Oxley and other regulations, is tightly integrated with Cognos’s ReportNet product. He said there have already been a lot of lessons learned by those firms which have gotten a head start on compliance which can be passed on to other enterprises.
“We’re moving through the first phase,” said Duffy, whose Canadian customers include Russel Metals and Precision Drilling. “We’re seeing companies start to want to use that technology to automate testing, review and approval processes.”
The CFO.com survey indicated financial executives see improving system security and reporting on controls as key to reaching their compliance objectives, Knox said.
Comment: [email protected]