Risk & Compliance

Who Should Lead Compliance?

Regulatory compliance is an increasingly visible, data-intensive, and costly management function that requires collaboration among business units, ...
10RuleDecember 20, 2005

U.S. companies have had to comply with international trade, federal, and state regulatory requirements for generations. But the combination of new regulations such as the Sarbanes-Oxley Act of 2002 and closer scrutiny from investors and boards of directors have made complying with regulation a more costly, higher-profile activity for companies — and one that poses substantial downside risk to companies and to their senior executives.

Advances in information technology and in the interdependencies among companies have made computerized information about business activities a primary source for demonstrating compliance with government regulation. As a result, regulatory compliance is an increasingly visible, data-intensive, and costly management function that requires collaboration among business units, IT, and finance functions.

Now, as most companies have passed through the first year of Sarbanes-Oxley compliance, senior managers are taking a closer look at their broad compliance activities, asking questions like, who within this organization should lead compliance efforts? Is this company well positioned to meet not just Sarbanes-Oxley requirements but also the broad combination of other regimens that we face? What is the optimal technology strategy for gathering and analyzing information for compliance?

With these questions in mind, we sought in this study to explore how finance executives view their role in regulatory compliance, to gauge their overall satisfaction with their compliance capabilities, and to examine their investment priorities for compliance-related activities. To do so, we executed an electronic survey to readers of CFO magazine in October 2005 and gathered 185 responses from senior finance executives, the majority of whom work for U.S. companies with annual revenue of more than $500 million. Nearly all respondents have senior finance titles such as CFO, vice president or director of finance, or controller. Respondents come from a broad cross-section of industries in the U.S. economy, with industrial manufacturing, financial services, high-technology, and health-care companies particularly well represented.

One-third of respondents say their companies have a standardized ERP platform — that is, they have adopted an enterprisewide solution from a single vendor. The other two-thirds of respondents report a combination of heterogeneous ERP platforms or none at all.

Among the top-line findings of this research:

• Finance executives see their function as playing a leadership role in complying with a broad array of regulations.

• Finance executives call for improving their existing ERP systems and processes that support regulatory compliance efforts, and show less enthusiasm for new classes of technology.

• Although most companies say they have invested appropriately, finance executives say they will continue to invest in process improvement and technology optimization.

• Companies that have adopted a single enterprise resource planning application say they are more readily able to comply with regulations and that they derive greater business benefit from their compliance efforts.