Since the introduction of the Sarbanes-Oxley Act of 2002 (SOX), there have been countless articles, new product solutions, and seminars focused on compliance and corporate governance in IT and finance bombarding executives. These resources provided important information to those scrambling to understand this new, complex legislation, as well as how to adhere to its stringent requirements. Companies were able to complete their year-one and year-two reporting, but many were concerned that this was an unsustainable effort due to higher-than-expected costs.
What’s driving action now? In addition to the usual pressures that companies have always faced to be competitive and profitable and to keep their customers happy, there are growing internal and external demands on financial executives. These stem from analysts, the Board, the CEO, investors, and regulators, who wish to ensure that compliance is sustainable and embedded in business processes. All of these stakeholders are looking for more accurate, frequent, relevant, and transparent financial disclosure. These demands are driven by a renewed appreciation that good governance and compliance can contribute significantly to business value.
Most organisations, however, are challenged to develop effective, scalable strategies to respond to the ever-expanding range of regulatory requirements. Many have yet to establish a coordinated approach to enterprise compliance, governance, and risk management, approaching each initiative in a separate organisational ‘silo’. These silos limit the ability to achieve integrated compliance, operational efficiencies, or overall improved business performance.
Companies must attempt to satisfy demands for greater financial transparency and corporate accountability in a business environment characterised by numerous challenges, including the following:
For compliance-related risk management to be effective, senior executives must develop IT and finance strategies that are linked to business performance management (BPM) at the corporate level.