Compliance

You are here: silicon.com > Research > Special Reports > Compliance

Compliance

'Jail or compliance? You decide', directors told

But will prison fears lead to conspiracy of silence... or apathy?

Printer Friendly Email Story RSS

By Will Sturgeon

Published: 24 January 2005 17:35 GMT

Company directors have been reminded that a failure to comply with tightening regulations can and will land them in prison, despite continued apathy among many.

Under regulations such as Sarbanes-Oxley non-compliance can result in personal liability as well as fines and other punitive measures taken against their company and the individual responsible.

But while much has been written about SOX, one speaker at the Computer and Internet Crime Conference in London urged delegates not to take their eyes off less fashionable regulated areas as well, such as privacy.

Michael Colao, director of information management at Dresdner Kleinwort Wasserstein, urged his peers to "go back to the office and check their privacy policy".

"What data are you keeping on staff or customers?" he asked. "And how are you keeping it?"

"If your security provisions are not up to date and there is a breach, you, the individual responsible, could face liability," he said.

However, Colao expressed concerns that such rules may encourage some individuals to try brushing even more under the carpet, especially when it is their neck on the line.

Recent research from Compuware revealed that a third of IT directors believe they will miss important compliance deadlines and, with legislation such as SOX, Basel II, the Companies Bill and the forthcoming Operational and Financial Review all bearing down on them, the juggling act is only going to get tougher.

Although 94 per cent of respondents said they were aware of their increased liability, a worrying 72 per cent said they were not at all concerned about missing deadlines.

Colao said some countries are well ahead of the game on such issues while the strictness of regulations and penalties varies wildly around the globe.

He cited the case of Italian privacy laws. In Italy, the individual charged with ensuring the required security measures are in place can be jailed for three years for non-compliance – irrespective of whether or not there has been a breach.

Other European countries were singled out for having incredibly strict privacy laws.

The implications of such variation is clear for any company dealing with customers in those countries. "Local laws become global laws," said Colao.

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In this Special Report
Leader: Why we need data loss disclosure laws
Leader: Get off the SOX compliance hamster wheel
Bank "maps" its way through SOX maze
Opinion: Something's rotten in the software economy
Hasbro sorts its SOX with content management software
Policy 'safe' keeps staff compliant
Leader: Don't let compliance blues drag you down
IF thunders ahead with document management

Back to Compliance Special Report


Reader Comments

Here's a fact from a recent course I attended: in ...
Stuart Wilson

Good points - particularly when it comes to email ...
Dexter Michael

Whilst the mountain of regulation apears huge and ...
Anonymous

SOX compliance covers both the retention and acces...
Gordon Stevenson

Gordon, I think SOX would help in preventing anoth...
Anonymous

Click here to see all

Related Links

Compliance test aims to tackle IT cock-ups

Post-SOX storage headache leaves firms dizzy

Leader: Compliance time

IT bosses told 'show me the money' in 2005

Leader: Do office gossips undermine compliance?


Quick Sitemap Links: