Is Compliance More Wishful Thinking Than A Reality?

September 19th, 2006: The Business Performance Management Forum has released the findings of a recent US study into compliance readiness, illustrating a gap between the expectations of management, and the ability of IT departments to implement effective compliance technologies and processes.

Titled "Compliance Enabled Enterprise (CEE) the Future: Building the Compliance-Enabled Enterprise," the report was conducted by BPM Forum and AXS-One and takes a close look at the issues surrounding the mission-critical problem that is compliance in the US.

It states that while there has been a marked increase in the visibility of compliance issues to chief executives, less than half of IT executives consider compliance to be a "critical initiative with full management support." At the same time, nearly 40% say their company's IT execs don't understand current regulations well enough to effectively implement compliance technologies and policies.

Compliance issues surrounding regulations like Sarbanes-Oxley are indeed top management priorities these days, however, many companies are yet to develop IT infrastructure, policies and processes to make compliance a reality and save them from lawsuits and audits.

“This issue clearly represents a serious threat to corporate America: More than just a matter of building appropriate IT infrastructures and managing information,” says Donovan Neale-May, executive director of the BPM Forum. “It represents the potential failure of top management to do the heavy lifting needed to achieve true compliance: allocate resources, implement the right technologies, develop viable policies and procedures, ensure enforcement.

“In recent years, courts and regulatory agencies alike have been willing to impose harsh penalties on enterprises that are not up to par. This study indicates that the apparent corporate focus on compliance has not translated into strategic and tactical initiatives that have an impact on business operations, and this leaves many companies vulnerable.”

In particular, the study reveals numerous potential weaknesses within corporate technologies and processes:

• Close to half, or 47.3%, of all senior executives are concerned that their companies' failure to effectively archive and manage all of their electronic content represents a critical liability for their organisation
• In a further sign of the ambiguity that still surrounds compliance activities, 35% of the respondents remain in the dark as to how much of their IT budget is tied to compliance-related technologies
• Fully a third of the respondents, 33%, say they have no corporate policy covering electronic records management (nearly 20% don't know whether they even have a policy)
• Barely 40% of the respondents feel their companies are effectively enforcing the electronic records management policies that actually are in place
• While lawsuits supposedly represent a constant threat, more than a third of the respondents, 36.4%, say their companies have no technologies or policies whatsoever in place to manage a legal discovery order involving electronic records
• Almost 41% of the respondents say it would take several days to a week or more to retrieve e-mails related to a particular transaction

“Each year there's a significant rise in government regulations and corporate guidelines, together with a steep climb in the amount of content generated,” says Bill Lyons, Chairman and CEO of AXS-One. “And it represents a collective migraine for compliance, legal and IT executives.

“Ultimately, this is a top-line management issue. From the CEO on down, the entire leadership team must take responsibility for providing the resources needed to develop compliance procedures, and ensure that the policies are not only enforced but effectively integrated into routine operations. Only then will companies be fully prepared for compliance investigations and legal orders, as well as reap the benefits that come with a complete overhaul of business procedures around content and compliance.”

Comment on this story