To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://www.silicon.com/research/specialreports/compliance/0,3800003180,39120183,00.htm

Leader: IT's part in the business of compliance
More important than mere implementation…

By silicon.com

Published: Thursday 22 April 2004

Compliance is clearly one of the big issues of 2004. Now throw in to the mix the related - though frequently inappropriately interchanged - terms governance and corporate social responsibility. Worried yet?

Odds are that if you work for a company of any size - and certainly one within the financial sector - these issues will have been the subject of lengthy board level discussions. In addition to the well-documented accounting scandals at Enron and WorldCom ("Those crazy Americans, eh"), recent months have shown that this is a business affliction, not a geographic one - witness Parmalat in Italy and recent jiggery-pokery on a lesser scale rather closer to home at Shell.

So the obvious question becomes: What to do? Well what not to do is relegate the IT department to the status of serf, there to carry out the orders from worried CEO and CFO, who will shortly face time in the big house if things go wrong and the necessary checks and balances haven't been put in place.

Sure, it isn't the CIO who'll be on the line but haven't we learned anything from the past? A survey of top-level business executives in the financial sector out this week shows most put issues other than IT investment in their compliance 'to do' list. This is understandable. Ultimately implementing technology comes down to cultural and people issues, something these pages frequently bang the drum about.

But how often have large mergers taken place - not only among banks - where the respective CIOs haven't been asked the big IT questions, mainly about integration? How often have the promised 'synergies' not come off because system A won't work as well as expected (by whom - the CFO?) with system B?

Compliance, whether we're talking IAS, Sarbanes-Oxley, the Patriot Act or Basel II accord, must be a business issue - but one in which IT, through a business-minded CIO, must be involved at every step.

When the first cases of compliance failure emerge, as a few are likely to do over coming years, it will be interesting to see if fingers are pointed at IT. And what those in IT will say.