Subscribe

Pulling up our Sox

Local corporate governance and compliance would benefit greatly from some legal power like Sarbanes-Oxley in the US.
Paul Furber
By Paul Furber, ITWeb contributor
Johannesburg, 14 Jan 2008

Movie critic Roger Ebert, in his review of The Smartest Guys in the Room, the scathing Oscar-nominated documentary about the collapse of Enron, pulls even fewer punches than the film itself. "The crisis, made possible because of deregulation engineered by Enron's lobbyists, is still being blamed on 'too much regulation'," he says. "If there was ever a corporation that needed more regulation, that corporation was Enron."

It is difficult to underestimate the impact the Enron scandal has had on corporate governance, not just in the US, but also around the world. The Sarbanes-Oxley Act of 2002, passed in the wake of general fury over Enron, was designed to prevent the kind of ongoing rampant fraud that it made famous. But, like any regulation, it has imposed costs on the day-to-day aspects of doing business. Internal controls, in particular, are under constant scrutiny for accuracy, lest the CEO and CFO have to face the public humiliation of a trial and possible fines or jail time. The number of accounting restatements has boomed as a result.

Sarbanes-Oxley and other governance legislation have changed at least some attitudes locally, says a senior Accenture executive.

According to DeWet Bisschoff, head of Accenture Technology Consulting, a number of the changes in the law have forced people to take it seriously, even if those laws only apply offshore.

"We service the blue-chip market, and most of them take it very seriously indeed," he says. "There's a high profile given to compliance, especially in financial services, and that is regardless of whether they're international or local."

Our very own Sox

The behaviour of local boards is guided, at least theoretically, by the Institute of Director's King II report of 2002, a follow-up to Judge Mervyn King's 1994 report on this country's corporate governance. Probably its strongest point is that King II recognises the balance between entrepreneurship and regulation. From the report: "Conforming to corporate governance standards results in constraints on management. Boards have to balance this with performance for financial success and the sustainability of the company's business. Tomorrow's Company in the United Kingdom developed the concept of three corporate sins: sloth, being a loss of flair when enterprise gives way to administration; greed, when executives might make a short-term decision because it has greater impact on their share options and bonuses, than a decision that might create longer-term prosperity for the company; and fear, where executives become subservient to investors and ignore the drive for sustainability and enterprise.

People who understand technology and legislative compliance as well will be in huge demand.

DeWet Bisschoff, head, Accenture Technology Consulting

"Corporate governance principles were developed, inter alia, because investors, with the era of the professional manager, were worried about the excessive concentration of power in the hands of management. This protection against greed could encourage the sins of sloth and fear, with an erosion of enterprise and an encouragement of subservience. A balance is needed."

Few could argue with this need for balance, but King II has a serious weakness: it lacks teeth of any kind. Without appropriate punishments for non-compliance, it is merely a set of guidelines - a 'nice to have' as pointed out by more than one attendee at ITWeb's roundtable discussion.

Until there's some headline news involving the local equivalents of Enron's Ken Lay and Jeff Skilling, some local managers will continue to do the minimum possible to comply. This is human nature: governance and compliance cost time and money to implement and, more importantly, keep up to date. It's a good business opportunity for vendors. IT underpins many of the processes that regulations watch, something that Bisschoff notes.

"Key processes are supported by software and applications, so those systems need to support the process and the process checkpoints," he says.

"That means lots of projects to upgrade those systems to be compliant. Another big challenge is to have the right information in the right place. This is leading to much overall consolidation. The other demand - which isn't new - is that IT people need to understand the requirements of the business. Experienced IT people are rare, but people who understand legislative compliance as well will be in huge demand."

The information architect or CIO who understands both technology and King III (when it arrives) will be ahead of the curve in more ways than one. Will one of his jobs be to ensure the CEO stays out of jail? If half the skinder about some of our big companies is to be believed, that will be no bad thing.

Share