Compliance

You are here: silicon.com > Research > Special Reports > Compliance

Compliance

'Jail or compliance? You decide', directors told

But will prison fears lead to conspiracy of silence... or apathy?

By Will Sturgeon

Published: 24 January 2005 17:35 GMT

Company directors have been reminded that a failure to comply with tightening regulations can and will land them in prison, despite continued apathy among many.

Under regulations such as Sarbanes-Oxley non-compliance can result in personal liability as well as fines and other punitive measures taken against their company and the individual responsible.

But while much has been written about SOX, one speaker at the Computer and Internet Crime Conference in London urged delegates not to take their eyes off less fashionable regulated areas as well, such as privacy.

Michael Colao, director of information management at Dresdner Kleinwort Wasserstein, urged his peers to "go back to the office and check their privacy policy".

"What data are you keeping on staff or customers?" he asked. "And how are you keeping it?"

"If your security provisions are not up to date and there is a breach, you, the individual responsible, could face liability," he said.

However, Colao expressed concerns that such rules may encourage some individuals to try brushing even more under the carpet, especially when it is their neck on the line.

Recent research from Compuware revealed that a third of IT directors believe they will miss important compliance deadlines and, with legislation such as SOX, Basel II, the Companies Bill and the forthcoming Operational and Financial Review all bearing down on them, the juggling act is only going to get tougher.

Although 94 per cent of respondents said they were aware of their increased liability, a worrying 72 per cent said they were not at all concerned about missing deadlines.

Colao said some countries are well ahead of the game on such issues while the strictness of regulations and penalties varies wildly around the globe.

He cited the case of Italian privacy laws. In Italy, the individual charged with ensuring the required security measures are in place can be jailed for three years for non-compliance – irrespective of whether or not there has been a breach.

Other European countries were singled out for having incredibly strict privacy laws.

The implications of such variation is clear for any company dealing with customers in those countries. "Local laws become global laws," said Colao.

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure
Compliance News

Decision on Microsoft antitrust fine to take "weeks"
€2m-per-day penalty on hold

Are compliance headaches only just beginning?
Financial services IT managers, get ready...

Gartner: SOX is boosting IT spend
'Budgets to increase by 10 to 15 per cent next year'

CIO Agenda, part 1: The 2006 IT shopping list
IT governance and compliance steal security's top spot

IT the key to cutting SOX costs
The compliance work isn't over yet...

Compliance Extra

Stories from around the web...

Relief from Sarbanes-Oxley on the way? CNET News.com

Chief risk officer: A valuable addition to the C-suite Globe and Mail

IT complexity confounds financial sector compliance Accounting and Finance 365 - registration required

The secret to success LegalWeek

Sarbox: The appliance of compliance Accountancy Age

RELATED RESEARCH

Make your voice heard

silicon.com and the Bathwick Group have created an opportunity for business and IT executives to share their experience with each other and thus enhance their knowledge of the IT marketplace.

Join our research panel, and you'll be asked to participate in short surveys - and then will be privy to the answers of all your colleagues, as we send you tailored versions of the results.

For more about the Research Panel and how to join, click here



Quick Sitemap Links: