Government regulations and mandates are nothing new. Even before the English put a well-known tax on tea in the 1700s, American companies have been complying (or in that case, rebelling against) government regulations.
While no one has rebelled against it, the Sarbannes-Oxley Act of 2002 is one recent regulation that is impacting almost all U.S. companies. A series of questionable business practices in a limited number of high profile companies through the 1990s and early 2000s led the government to significantly tighten the reporting requirements and certification of controls and procedures for public companies in 2002, resulting in the Sarbannes-Oxley Act of 2002.
Intended to restore public confidence in corporate governance, the Sarbannes-Oxley Act (also commonly know as SOX) required all public companies, and many private ones, to improve the transparency and accuracy of financial accounting. For example, the act required CEOs and CFOs to sign off on their companies’ financials and to certify their financial controls and procedures. As a result, over the past couple of years public companies have been working to meet these new requirements through increased definition, accounting, and reporting of their financial processes.
SOX compliance includes different aspects (such as Section 302’s quarterly reporting requirements and 404’s annual reporting requirements with its evaluation of internal controls), but it all boils down to being able to define your financial processes, report on them, and manage change (and compliance) over time.
For many companies, SOX is a perfect opportunity to move towards a business process management platform. While initial requirements, such as defining processes and reporting on them, don’t require true business process management capabilities, the fit is obvious: by using a BPM solution to define and monitor their financial and reporting processes, organizations are automatically ready to take the next step of using a BPM product to manage change over time. Using a BPM solution as the underpinning for SOX compliance provides organizations with increased flexibility and potential competitive advantage in being able to reduce the cost of compliance over time (through automation) as well as the ability to ensure compliance even when financial or business structures are changing.
Realizing this opportunity, a number of BPM products have added support for SOX, including companies such as Handysoft, which has even built separate SOX-specific applications based on their BPM platform. In fact, Handysoft recently released version 2 of its SOXA Accelerator, highlighting the increasing maturity of BPM-based SOX solutions. Handysoft’s SOXA Accelerator 2.0 provides a number of new features, including compliance dashboards (making it easy for corporate managers to understand the status of the financial reporting systems), and SOX frameworks from major audit firms. Additional updated capabilities include new rollup and certification capabilities for section 302 and 404 compliance that allow business unit managers or executives to determine if material changes have taken place, as well as increased visibility and reporting options that provide pre-configured reports and key performance indicators for more rapid understanding of financial reporting status.
Upside Research believes that Handysoft’s SOXA Accelerator 2.0 is a sign of the maturing BPM/SOX market. It provides solid support for the required regulation compliance, but it can do much more. What’s more important is that companies begin to realize that they can take SOX compliance to the next level that by investing in a product such as Handysoft’s SOXA Accelerator (or other BPM/SOX solutions), they can lay the foundation for a dynamic business process management solution that provides benefits beyond compliance.
Modeling, auditing, and reporting on your financial processes is simply the first step-although it’s the big one for SOX compliance. Smart organizations will realize that once they’ve implemented it via a BPM solution, they’ll have the ongoing capability to dynamically modify, monitor, and manage those processes over time. More importantly, a BPM-enabled SOX solution provides the foundation for extending business process management beyond the financial reporting arena and linking it even more closely with other business processes, providing a way to reduce costs, institutionalize best practices, and provide a dynamic platform for increasing revenue.
While Upside Research believes that SOX solutions like Handysoft’s SOXA Accelerator are good, they are only the first step. Organizations must move beyond the mandated SOX reporting functions to utilizing the true business process management capabilities that underlie BPM-based SOX solutions. And, as with any technology solution to a business problem, organizations should not view the SOX solutions as a band-aid to fix their corporate financial processes, but rather an opportunity to review and create best practices around financial reporting.