Knowledge Center
 White Papers
 Data Sheets
 Advisors Research

Wednesday, August 31, 2005

Complying with multiple regulations and contending with conflicts

Complying with multiple regulations has become a way of life. Between the Gram-Leach-Bliley Act (GLBA), the Health Information Portability and Accountability Act (HIPAA), the Sarbanes-Oxley Act (SOX) and other state and federal regulations, organizations are finding it increasingly difficult to comply with conflicting regulations that govern day-to-day operations. Let's review how to comply with multiple regulations and what to do when there's a conflict.

The best approach to complying with multiple regulations is to evaluate each and determine which requirements are the same or similar, and which are different. For example, GLBA and HIPAA address privacy of customer or patient information. Instead of developing projects and separate policies to address each set of regulations, develop a set of policies that address the more stringent aspects of each, thus complying with the less stringent regulation at the same time. This is also true when state law intervenes and presents a more stringent regulation. Instead of approaching regulations as separate sets of rules to adhere to, look for a common approach to complying with multiple sets of regulations that often overlap.

posted by Brian Moran @ 7:07 AM   2 comments

Tuesday, August 30, 2005

Compliance, A Catalyst For Change

Compliance reaches into almost every corner of the business, from how information is captured, stored and reported, to systems security and business continuity planning.

It's a common analogy but ensuring regulatory compliance can be compared to painting the Forth Bridge - just when you think you've finished and can have a break, another law is passed and you have to start all over again. Not only is this a never-ending task, but the associated costs escalate, and every member of an organisation is culpable and at risk if corners are cut and it is not done properly.

Thinking about it like this makes it easy to look at regulatory compliance in a negative way. But, to cite another famous analogy, it may be time to stop thinking of the glass as half-empty when it could be half-full. If we turn the negative into a positive, the requirement to comply with legislation becomes an opportunity to make positive changes throughout the organisation.

Before we look at how compliance can act as a catalyst for change and the positive impact that complying with regulations can have on an organisation, we must first examine some of the negative issues. Compliance is often regarded as a necessary evil; regulation has always been around and you simply have to comply with it - end of story. But in the wake of recent corporate scandals the size of this burden has increased dramatically.

posted by Brian Moran @ 9:34 AM   0 comments

Friday, August 26, 2005

Solving the Process Puzzle

Once again, process takes center stage at IDS Scheer event; SOX has everyone's attention, but process reusability can take the headaches away

In the past, business process management (BPM) was considered a boring discipline. "It was considered part of the IT department," says Dr. Mathias Kirchmer, CEO of IDS Scheer for the Americas and Japan. "It was considered exotic."
That's changed, and in a big way. Sarbanes-Oxley has companies scrambling to apply BPM to their financial processes and, as a result, BPM has become mainstream.

According to polls, most companies see this as a bad wave, one that involves plenty of what they consider punitive spending. But the experienced BPM surfers at IDS Scheer see the wave as an opportunity to drive process definition, discipline, and value all across the enterprise.

posted by Brian Moran @ 1:21 PM   2 comments

Thursday, August 25, 2005

CIO Jury: Are high compliance costs worth it?

The high IT cost of compliance projects has proved worth it for the wider business benefits such projects have brought, according to UK CIOs.

The raft of regulations such as Basel II, International Accounting Standards (IAS) and Sarbanes-Oxley (SOX), introduced to prevent another Enron, have been a heavy drain on IT departments both in terms of time and budget.

Earlier this month industrial gases multinational BOC admitted that SOX compliance alone would cost £20m more than expected over the next two years.

posted by Brian Moran @ 1:12 PM   0 comments

Wednesday, August 24, 2005

Ethics means more than ticking boxes

Corporate governance codes have proliferated and business ethics is a fast-growing industry. But has corporate behaviour changed? The scandals just keep coming: Citigroup, AIG, Volkswagen and SK Corp have all had to defend themselves against allegations of ethical misconduct in recent months. Meanwhile, boardroom pay and golden goodbyes continue to escalate far beyond any corresponding improvement in corporate performance. The actors may have learnt their cues better, but they appear to have lost the plot. Why is this? And what can and should be done about the serious ethical shortcomings in finance and business?

In an environment where much boardroom pay is in the form of equity or stock options, most scandals today involve cooking the books to keep the share price up. Add in the fact that chief executives are under greater pressure than ever before from fund managers and analysts to “hit the numbers” and you have the nub of the problem. Incentive structures in the boardroom and below, and the business strategies of the consultants, all push in a direction that is at odds with ethical behaviour and, it should be said, long-run corporate performance. Ordinary financial market participants and business people feel penalised, not supported, for raising ethical questions.

posted by Brian Moran @ 8:39 AM   0 comments

Tuesday, August 23, 2005

Sarbanes-Oxley will be 2005's biggest time waster

The Sarbanes-Oxley rules will be the biggest waste of IT resources for public companies this year, according to a poll of 444 US companies by IBM user group Share.

Share polled those who were pre-registering for its Boston conference and asked people to imagine themselves transported to 2015 and looking back at 2005, and asked what they thought in retrospect would prove to be either an ineffective or wasteful use of their IT time.

A hefty 28 percent said Sarbanes-Oxley compliance, followed by deployment of unproven technologies (23 percent), purchase of unneeded technologies (19 percent), and continuing support for outdated technologies (17 percent). The fifth-rated bugbear cited by 10 percent of respondents was external consultants, with software upgrades only distressing one percent of those polled.

posted by Brian Moran @ 9:17 AM   0 comments

Friday, August 19, 2005

American Electric Power Reduces Fees to Recovery Firm by 75 Percent with Oversight 3.0 from Oversight Systems

ATLANTA (Aug. 15, 2005) – Oversight Systems Inc. today announced that American Electric Power (NYSE: AEP), the largest generator of electricity in the United States, has improved the quality and efficiency of its financial operations by deploying real-time transaction inspection from Oversight Systems.

AEP, based in Columbus, Ohio, deployed Oversight 3.0 to continuously monitor its procure-to-pay process for control exceptions and errors. Several months after deployment, AEP reports a 75 percent decrease in fees paid to its payment-error recovery firm and reduced effort to identify and correct errors.

"It’s encouraging to see this level of interest from the C-suite in the management of corporate risk, but the challenge in the coming years will be for corporate America to transform that interest into action that leads to better management and an improved bottom line," said Patrick Taylor, CEO of Oversight Systems.

"With Oversight, we reduced our payment processing costs by finding errors early in the process, eliminating their downstream effects and minimizing correction costs," said Mike Sullivan, director-accounting services for AEP. "As an independent system, Oversight assembles all related information into a single view and provides an exception-handling process that allows us to quickly assign, investigate and dispose of problems."

Oversight Systems provides a software solution for continuous monitoring of financial processes with real-time transaction inspection to identify errors, control exceptions and fraud. By automating the testing and analysis of auditors and fraud examiners against every transaction within financial systems, Oversight improves the quality of financial processes and a utomates controls testing. With detailed inspection of every transaction, Oversight validates all compliant transactions and accurately identifies control exceptions.

"Oversight continues to increase its market share in the Global 2000 by improving their financial operations, strengthening their internal controls and reducing their Sarbanes-Oxley compliance costs," said Patrick Taylor, CEO of Oversight Systems. "Like many other companies, AEP has taken the necessary steps to continually improve their financial processes and better manage enterprise risk."

posted by Brian Moran @ 8:51 AM   2 comments

Thursday, August 18, 2005

Oversight 3.5 Expands Continuous Monitoring to Capital Projects & Fixed Assets

ATLANTA – Aug. 15, 2005 – Oversight Systems Inc. today announced the launch of Oversight 3.5, which extends continuous monitoring to the accounting of capital projects and fixed assets. By inspecting all routine non-judgmental transactions Oversight identifies the errors that can cause overstatements of assets and of income and gives financial executives more time to evaluate discretionary items.

As a virtual auditor, the Oversight software identifies mismatches between capital project budgets and asset acquisitions, errors in depreciation calculations and recording, expenses that should be capitalized, capitalized items that should be treated as period expense and other non-compliant transactions. Correcting problems in real time prevents the violations that lead to financial misstatements.

"Oversight 3.5 builds on our strengths of automating an auditor’s manual tests and applying those tests across every transaction as they occur in business processes," Oversight Systems CEO Patrick Taylor said. "With continuous monitoring for capital projects and fixed assets, Oversight 3.5 drives the precision and quality of these financial processes."

Since 2003, Fortune 500 companies have relied on Oversight for real-time transaction inspection for their key business processes. The capital projects and fixed assets functionality in Oversight 3.5 identifies mistakes and violations, such as:

Segregation of duties violations within the recording, capitalization and transfer of assets
Manipulation and errors within asset depreciation
Invalid assets that do not meet requirements for capitalization and should be accounted for as expenses
Unauthorized disposal of assets
Capitalized assets that differ from the originating construction in progress register
Duplicate assets recorded in the financial system

In automating the testing and analysis of auditors and fraud examiners, Oversight continuously monitors the business processes and all underlying transactions that drive financial reporting. Financial executives are assured that any exceptions have been identified in routine transaction execution. During the time between period close and regulatory filing executives can be confident that errors in routine transactions have been already been addressed as part of normal operations.

Oversight captures and logs all activities, transactions and alerts in its Secure Audit Journal, which maintains a record of each step of every transaction. Oversight delivers more than 100 packaged reports for compliance and day-to-day operational requirements. Users can also create their own customized reports using either the Oversight interface or third-party reporting tools.

About Oversight Systems, Inc.
Oversight Systems is the leading provider of independent, automated transaction integrity monitoring solutions. By combining the expertise and experience from security, fraud, audit and enterprise software development professionals, Oversight Systems is redefining how enterprises satisfy Sarbanes-Oxley compliance requirements and enabling corporations to gain substantial returns from their compliance investments. For more information about Oversight visit

posted by Brian Moran @ 11:23 AM   1 comments

Friday, August 05, 2005

Sarbanes-Oxley boosts audit costs, turnover at the top

Three years after Congress passed a strict corporate-accountability measure designed to make it harder to defraud investors about corporate financial health, companies are experiencing higher audit fees and increased turnover among financial executives.

The Sarbanes-Oxley Act imposed new duties on corporate officials and subjected auditors to discipline from an independent panel. Analysts say the law has induced executives to pay more attention to financial data and prompted board members and accounting firms to take their work more seriously.

"Disclosure is more complete, more timely and more accurate, managers are more serious about their jobs, and boards are more active and questioning," Harvey Goldschmid, a departing Securities and Exchange Commission (SEC) member, said in an interview this week.

In recent months, business groups led by the U.S. Chamber of Commerce have stepped up pressure on the SEC to ease some of the law's requirements. Audit fees for the Fortune 1000 increased by an average of $2.3 million, or 66 percent, between 2003 and 2004, according to a study by professors at the University of Nebraska, Omaha.

posted by Brian Moran @ 2:17 PM   0 comments

Thursday, August 04, 2005

BOC faces £20m Sarbanes-Oxley compliance bill

Industrial gases group BOC said it faces higher than expected costs, totalling around £20m, over the next two years in order to bring the company into full compliance with the Sarbanes-Oxley (SOX) corporate governance regulations.

In the company's third-quarter results presentation to analysts, BOC chief executive Tony Isaac said he was "surprised" about the high corporate costs of compliance compared to first estimates.

The deadline for SOX compliance is September next year and BOC said it will have to spend £10m this year and another £10m in 2006 to bring its financial reporting and internal controls up to scratch.

In a conference call, Charles Spence, director of financial control at BOC, said of the group's increasing corporate costs: "One of the underlying drivers is the cost of compliance with Sarbanes-Oxley."

posted by Brian Moran @ 9:12 AM   0 comments

Wednesday, August 03, 2005

CEOs Say SOX Makes Better Boards; NYSE Survey Outlines 2006 Business Challenges

Compliance and governance issues are a major preoccupation with CEOs, but the rules have resulted in better boards of directors, according to a NYSE survey.

Eighty percent of the 100 CEOs surveyed for the "NYSE CEO Agenda 2006" said they spend more time on regulatory and compliance issues than five years ago. Almost 70 percent find compliance with section 404 of Sarbanes-Oxley the most demanding governance task, and while a majority of CEOs question the balance between the investment required and the resulting benefits, most CEOs agree that Sarbanes-Oxley and Exchange governance rules have contributed to board members being more informed (66 percent) and better engaged (72 percent).

"Anything that's going to regain investor confidence in Corporate America is worth it," said Richard Harrington, President & CEO of The Thomson Corporation.

posted by Brian Moran @ 10:17 AM   0 comments

Tuesday, August 02, 2005

CEOs Placing Greater Emphasis on Managing Risk; Companies Best Prepared to Tackle Financial Reporting and Credit Risks

Despite growing concern to manage risk, most companies struggle to take action

Oversight Systems Inc. today announced the results of the 2005 Oversight Systems Financial Executive Report on Risk Management, a survey of U.S. financial executives. The Oversight Systems report shows the majority of financial executives surveyed say their CEO is very interested in risk management, but corporate America has yet to act to address this concern.

The survey reveals that 68 percent of financial executives say their CEO is placing greater emphasis on the management of all types of risk on a holistic basis. Three out of five (60 percent) say their company has an enterprise risk management approach and philosophy that considers various interactions among different types of risk.

"It’s encouraging to see this level of interest from the C-suite in the management of corporate risk, but the challenge in the coming years will be for corporate America to transform that interest into action that leads to better management and an improved bottom line," said Patrick Taylor, CEO of Oversight Systems.

The survey shows that critical elements of risk management are not in place. Only 35 percent of financial executives say their company has formally trained executives and business line managers to assess the probability of various types of risk. Most (55 percent) companies do not have a member of senior management with explicit responsibilities to manage risk. Again the majority of those surveyed (55 percent) say their company does not have a widely communicated definition of risk.

posted by Brian Moran @ 9:42 AM   2 comments

Monday, August 01, 2005

Link Sarbanes-Oxley Compliance to Business Improvement

Compliance closely resembles the proven concepts of quality management. In the 1980’s Phil Crosby preached that by defining quality as conforming to expectations then “Quality is Free.”

Sarbanes-Oxley demands quality in financial reporting. While the initial costs of SOX compliance have been extraordinarily high, companies can achieve a return on investment by approaching their SOX compliance with a mindset to drive quality throughout their financial operations.

Companies can achieve a return on compliance spending by using SOX as a lever to improve business processes – processes mapped as part of their SOX documentation. While Sarbanes-Oxley remains a government mandate to prove that you run an honest business, compliance can be more than just a tax.

posted by Brian Moran @ 10:03 AM   2 comments


Previous Posts

12/01/2004 - 01/01/2005

01/01/2005 - 02/01/2005

02/01/2005 - 03/01/2005

03/01/2005 - 04/01/2005

04/01/2005 - 05/01/2005

05/01/2005 - 06/01/2005

06/01/2005 - 07/01/2005

07/01/2005 - 08/01/2005

08/01/2005 - 09/01/2005

09/01/2005 - 10/01/2005

10/01/2005 - 11/01/2005

11/01/2005 - 12/01/2005

12/01/2005 - 01/01/2006

01/01/2006 - 02/01/2006

02/01/2006 - 03/01/2006

03/01/2006 - 04/01/2006

04/01/2006 - 05/01/2006

05/01/2006 - 06/01/2006

06/01/2006 - 07/01/2006

07/01/2006 - 08/01/2006

08/01/2006 - 09/01/2006

09/01/2006 - 10/01/2006

04/01/2007 - 05/01/2007

05/01/2007 - 06/01/2007

07/01/2007 - 08/01/2007

08/01/2007 - 09/01/2007

Current Posts

Powered by Blogger