Some UK firms will need to act now to make IT changes that satisfy US corporate governance requirements. The Sarbanes-Oxley Act was pushed through by the US government last year and the approaching deadline for meeting key process changes may demand technology investment, according to a new report by AMR Research.
A number of UK corporates will need to comply with new processes required by the rules, primarily intended to restore the credibility of corporate governance in the wake of the Enron and WorldCom accounting scandals, the report says.
UK subsidiaries of US firms and UK firms that have a listing on US markets will need to make changes to harmonise with their parents. The report states that "85 percent of companies predict that [Sarbanes-Oxley] will require changes in IT and application infrastructure that support the business, which could potentially reach into the bowels of the company."
While initial Sarbanes-Oxley requirements simply made the chief executive officer and chief financial officer responsible for signing off financial reports, two further provisions are likely to require the help of IT.
Section 404 requires companies listed on US financial markets to certify reporting and associated controls by the end of this year. Section 409, for which there is no set deadline as yet, mandates that companies report events that could affect financial performance within two days.
Some observers believe that the need for compliance could spark other process-orientated IT overhauls.
"If you're a subsidiary of a US firm you're going to be touched in several ways," said John Hagerty, co-author of AMR's new report, CIOs: There Is a Sarbanes-Oxley Project in Your Future - Do You Know What It Is? "You'll see a lot of work done to streamline business process systems all the way back to source systems."
Others have predicted that chief executives and finance directors may also lean on IT and other departments to sign off statements that relate to them in order to show that they have acted in best faith.
"The CEO has to be more comfortable with the information he is given because he's got the liability," said George Gardiner, partner at law firm Stephenson Harwood.
Gardiner added that many firms will already be partially covered because they are complying with other regulations demanded by the Turnbull Report on corporate risk management, the Higgs Report on UK corporate governance, and Basel II on banking credit risk.
Some vendors are offering software to help. Hyperion has launched a tool aimed at delivering compliance while PeopleSoft is building support for Section 404 into the finance module of its enterprise software. Oracle, SAP and others will follow shortly.
reader comments