The Sarbanes-Oxley Act was passed by Congress in 2002 in response to a number of high profile financial scandals, such as those at Enron and WorldCom. Its goal is intended to make corporate accounting procedures more transparent to investors and regulators. Although the law includes a number of new mandates, there are two sections that have clear implications for corporate information systems. Section 404 (Management Assessment of Internal Controls), with a deadline at the end of 2003, requires management to assess each year the effectiveness of its own internal controls and procedures for financial reporting, and Section 409 (Real Time Disclosure) requires companies to disclose material changes in their financial condition or operations on a rapid and current basis. These two Sections each spell more spending on IT.
First, Section 404, which requires audit of internal controls, will likely lead executives to reexamine and possibly replace operational systems that are not well integrated with financial systems. For example, an A/P system that does not systematically match purchase orders and receivers to vendor invoices prior to payment might be vulnerable to fraud. Or, an invoicing system that is not integrated with shipping might allow a manager to improperly recognize revenue that was not yet earned.
Furthermore, the timeliness requirement of Section 409 seems to call for a much more transparent and integrated financial reporting system than many companies have today. For example, companies that are accustomed to working on a 10 day financial closing period would seem to be at risk for non-compliance with the real-time disclosure requirement, which is currently interpreted as demanding disclosure of material events within 48 hours.
The problem is particularly acute for firms with multiple operating units and decentralized systems. Such companies will either need to adopt a common financial reporting system, or integrate multiple systems with a financial reporting layer at the corporate level, and/or implement an enterprise performance management (EPM) solution to provide real-time analytics. In any case, Sarbanes-Oxley spells increased spending for enterprise systems.
In a recent survey of Fortune 1000 companies by AMR, 85% of respondents said that Sarbanes-Oxley will require changes to their IT and application infrastructure. This is reminiscent of the late 1990s, where companies made large investments in new systems to prepare for the Year 2000 (Y2K) date roll-over. If so, Sarbanes-Oxley comes none too soon for vendors of enterprise systems, who have been looking for the next Y2K since, well, Y2K.
May 2003
Avasant’s research and other publications are based on information from the best available sources and Avasant’s independent assessment and analysis at the time of publication. Avasant takes no responsibility and assumes no liability for any error/omission or the accuracy of information contained in its research publications. Avasant does not endorse any provider, product or service described in its RadarView™ publications or any other research publications that it makes available to its users, and does not advise users to select only those providers recognized in these publications. Avasant disclaims all warranties, expressed or implied, including any warranties of merchantability or fitness for a particular purpose. None of the graphics, descriptions, research, excerpts, samples or any other content provided in the report(s) or any of its research publications may be reprinted, reproduced, redistributed or used for any external commercial purpose without prior permission from Avasant, LLC. All rights are reserved by Avasant, LLC.
Login to get free content each month and build your personal library at Avasant.com
