Compliance issues for enterprises

It is important that companies pay attention to the impact of regulations from the initial stages of deploying enterprise applications. Unstructured data that is often distributed across various PC’s in a department can often contain more useful information than structured data stored in secure databases.

Distributed servers for storing data can rack up a very high full-time-equivalent (FTE) labor cost. Architecture-wise too CIOs prefer to have consolidated database instead of several distributed databases.

According to researchers Foley & Lardner LLP, the introduction of Sarbanes-Oxley has increased the cost for a public company, it has increased by $ 1.6 million for companies that have revenues of less than $ 1 billion. There are some industries that are having to face a greater number of regulatory requirements. Financial services in the UK are to face more than 20 regulations in the period 2004-2006. Banks in the UK are using 15% of their IT outlay on compliance related activities.

Businesses usually create solutions that are targeted at individual regulations and soon end up with various regulation-solution combinations that are difficult to manage. A single architecture operating in an environment that facilitates meeting regulations and the legalities involved would be of great value to CIOs. Therefore, it is important that adaptability of the compliance architecture be given importance; interfaces based on open standards and a uniform structure for the data aid in the development of an adaptable compliance solution.

In implementing solutions for compliance, opportunities exist for reducing manual processes and increasing transparent automation of approval processes such that the processes are streamlined and risks are mitigated. Companies that have embarked upon content-consolidation programs usually start with the high-risk content that is critical with respect to regulatory compliance. Compliance related projects should ideally improve content consolidation, optimize the business processes, increase the adaptability of the systems, mitigate risks, and if possible aid in minimizing the amount of IT spending on non-discretionary issues.