|
|
|
Features
< Back
Compliance : Sarbanes Oxley : Auditing : Thought Leader
Compliance For The Middle Market
Key Characteristics of a Compliance Solution for SMBs
By
Laurie Shufeldt
|
|
Laurie Shufeldt
Vice President of Business Development
FileVision
|
While Sarbanes-Oxley originally passed in the wake of large public corporation scandals, public and private small- and medium-sized businesses (SMBs) are increasingly feeling the pressure to be compliant with federal, state and industry regulations. Spending on financial compliance management technology will increase to between 10 and 15 percent of total IT budgets in 2006, up from less than 5 percent in 2004, according to a new survey by the market research firm Gartner Inc.
Unless a company is entirely family-owned and self-financed, at some point in the near future, it will be impacted by Sarbanes-Oxley. Regulations for SMBs also come from sources other than Sarbanes-Oxley including state governments, industries, partnering vendors, investors and insurance and liability coverage. If a company?s exit strategy is to sell the business, non-compliance will be a liability. Investors are hesitant to touch a company that lacks document retention, records management systems and audit trail capabilities, for example.
One of the inequities with most regulations is that there is only one set of rules, and not a separate or more flexible set of requirements based on the size of the company. Because these rules are written as one size fits all, SMBs spend a larger than average percentage of their net profits for compliance than the large public corporations the laws originally intended to target.
Now more than ever, SMBs need guidance on affordable compliance solutions. Not only is compliance expensive, the market lacks technology tools and solutions that are specifically designed and priced for the middle market. Large-scale, expensive enterprise solutions are simply out of reach for SMBs.
To help offset the hefty cost of compliance, SMBs can benefit in the long run by implementing technology solutions that not only help meet compliance regulations, but also solve business problems and improve business processes for the overall operation.
The first step for SMBs ready to address compliance regulations should be to have a clear understanding of exactly what they need to be compliant with before implementing a solution. Regulations will vary by geographic location, industry, company size and situation. A medium-sized firm that?s public will need to comply with specific sections of the Sarbanes-Oxley Act.
However, that same firm may need to monitor certain assets or processes based on industry regulations. Since compliance specifics vary from company to company in the SMB market, a successful solution is one that should address the overall needs within an organization, including audits, information management and monitoring, and reporting. Companies that enlist an information management system to enable internal audits will also enhance productivity if information management is incorporated into all aspects of their business processes.
Taking into consideration all of these issues, SMBs should evaluate compliance solutions that are not only quick, easy, accurate, painless and reliable, but those that also have the following characteristics:
1. Affordability. Software packages should be affordable based on the number of users, consultancy fees, customer service, and upgrades for the SMB market. Additionally, companies should evaluate off the shelf software instead of costly, more expensive customized solutions.
2. Flexibility. A compliance solution should be able to be used by a variety of industries and departments. SMBs should seek out technology solutions that are horizontal and are not limited to one particular industry.
3. Scalability. Compliance solutions should not only work for large enterprises, but for companies of all sizes, or even just one department within an organization.
4. Customizable. Effective solutions should offer SMBs the flexibility to create functions based on processes unique to each business? industry, office and employees. Overall the solution should be customizable according to the size, needs and requirements of each organization, as well as being easily configurable by individual users.
5. Integration. A compliance solution should integrate seamlessly with other business processes and enhance overall productivity and workflow within an organization.
Quick, Pain-free Implementation and Ease of Use
Unlike large corporations that employ full-time compliance professionals, SMBs often do not have the expertise on staff for IT implementations, and overall compliance requirements. For that reason, SMBs should first determine a prioritized set of rules and regulations it faces and then select a user-friendly compliance solution. A solution of that kind is built with the end-user in mind and will not require full-scale implementation and training by an on-staff IT department. Time is money for SMBs, and the most cost-effective solutions are also the ones that are up and running within a fast turnaround time. On average, solutions should take no more than 30 days to fully implement, train and be ready to use. A phased implementation is also more cost effective for an SMB.
Increased Impact on the Organization; Reduction of Overhead and Expenses
SMBs that set out to improve business processes and profitability along with compliance requirements will have a higher return-on-investment (ROI) for their technology purchase.
For example, from a compliance standpoint businesses that conduct internal audits with a technology solution help to guarantee that they will pass external audits should the occasion arise from an outside firm or regulator. In doing so, SMBs improve their processes by recognizing what areas need improvements from a timing standpoint in accounts receivable, or workflow of employees? productivity, because they are now using internal audits to regulate themselves as a business. In a like manner, SMBs that use a compliance solution to digitize data records to guarantee the safety of that information can now store the information electronically, which saves on the time and expense of retrieving paper files, lessens the risk of employee errors and misfiles and also dramatically saves the company the expense of physical storage space.
Measuring ROI
Traditionally for larger companies, the ROI of an effective compliance solution is proven by having the ability to comply with government and industry requirements with an automated process, which outweighs the fines and loss of business an organization may face if they do not comply, or do not comply due to missing a deadline. The same is true for the evaluation of an SMB compliance solution?s effectiveness. However, in addition to guaranteeing compliance, the true ROI for a smaller business is proven if the solution serves business needs other than compliance while simultaneously delivering increased productivity, greater electronic storage, improved contingency planning and disaster recovery and improved customer service. If solving business problems and improving processes are a side-effect of implementing a compliance solution, an SMB not only escapes the headaches experienced by their enterprise-level counterparts, but turns a necessary expense into a profit for the company.
Laurie Shufeldt
Vice President of Business Development
FileVision
Laurie Shufeldt is the Vice President of Business Development at FileVision. Laurie Shufeldt joined FileVision in 2001, bringing more than 14 years of information technology industry expertise.
With FileVision, Laurie helps SMB customers, especially those in the healthcare, financial services and government industries, bridge the gap between digital content and paper documents, helping them to intelligently link and match documents to important data objects such as people, companies, processes and assets, resulting in improved communications, enhanced customer service and immediate access to information and relationships within the data.
Laurie?s professional experience includes a versatile background in consultative sales, technology analysis and implementation, customer training and market analysis with a focus on the technology system integrator channel and the enterprise market.
Shufeldt has a bachelor?s degree in economics from Georgia Southern College and an associate degree in public administration from Middle Georgia College.
Shufeldt can be reached at lshufeldt@filevision.net.
|
|
|
|
|
