Despite all the sound and fury on corporate governance, a global META Group survey has found that businesses aren't buying technology targeting US Sarbanes-Oxley (SOX) Act compliance.
Global analyst META Group has just released results of a worldwide poll which suggesting that 57 percent of business service providers and IT vendors hadn't seen SOX compliance fears turning into IT sales.
That's despite 97 percent of those polled viewing SOX compliance as a future business driver. Instead of buying specific 'solutions', at least 75 percent of businesses were re-organising their internal processes, META claimed.
John Brand, vice-president of technology research services at META in Australia, said Australian companies made up 5 to 7 percent of responses to the poll, which surveyed Europe, the Asia-Pacific and the US. “SOX means nothing in China,” he added.
Yet Brand argued that -- although companies were not buying related technologies and although the Australian government was releasing its own corporate governance guidelines as part of its CLERP 9 reforms -- SOX compliance here was no red herring.
“We are just doing some research on what companies should be doing locally. It is actually interesting because when you drive into it, what you find is that most companies now worry they should be doing something but they need a business case to attach to it,” he said.
SOX would affect accountants -- particularly auditors and taxation specialists -- more than anyone else. However, some companies -- especially Australian subsidiaries of US firms or doing business there -- would need to overhaul certain internal processes and systems to ensure compliance with the US law.
Certain technologies might help ensure compliance, he said, but many channel salespeople needed a better understanding of SOX to build a solid sales strategy around the IT packages offered.
“They think there is a sales message there [and] often ... go out there claiming to have more than a passing knowledge of the area,” Brand said.
Stan Lepeak, a global vice-president with META's technology research services, said in a statement that IT product vendors “chasing the SOX rainbow” must tie offerings directly to compliance requirements instead of simply pushing “warmed-over IT in a loose SOX wrapper”.
Alan Weintraub, senior director of business solutions at Canadian information management software vendor Hummingbird, said most companies would need a records management system to comply with SOX. Information systems in many companies needed reform.
Audit committees were “over-reliant” on email, manual processes and “questionable” security practices, yet C-level executives would be held more accountable than in the past. And successful SOX compliance would require a focus on “people, processes and purpose” rather than just technology, Weintraub confirmed.
Warwick James, a tax partner at Sydney accountancy firm BDO, said Australian companies doing business in the US and those that were US subsidiaries would be affected.
SOX had made company boards more accountable for money spent on relative “intangibles” such as marketing. Further, auditors were much more restricted in their roles than previously and kept under closer public scrutiny while companies were forced to publicly adopt a formal code of ethics.
More types of company records were now considered relevant and must be kept for seven years. For example, companies must now report on their internal controls. “Companies are expected to disclose any events affecting the business within 48 hours,” James said.
Australian companies seemed relatively unconcerned by possible ramifications of the US Act.
Steve Rust, managing director of Ingram Micro Australia, a subsidiary of US parent Ingram Micro, said in a statement that the broad-based distributor's arm here must comply with US accounting procedures but he was not able to comment specifically on SOX.
A spokesperson for Microsoft Australia said that the much of the related accounting policy and procedure was handled by the US parent. As such, Microsoft didn't see SOX affecting local operations much, he said.
META's Brand said Australian subsidiaries usually accounted for only a few percent of the revenue of any global operation. In any case, Australian laws were “punitive rather than prescriptive” so companies had always been expected to get accountancy issues right without having them spelt out.
“We probably have less of a problem than in the US as subsidiaries might be only 5 percent of a global operation and ... [also] we don't have as much of a mess to start with,” Brand said.
Meanwhile, a spokesperson for the Australian Securities and Investment Commission (ASIC) confirmed that CLERP 9 ramifications were “all a bit up in the air”. It remained unclear whether companies already complying with Australian standards and laws would also need to adopt SOX-compliance policies.
Government on 8 October released a draft of proposed CLERP 9 legislation on audit reform and corporate disclosure.