Holding Yourself Accountable

The days of looking at the ledger book to determine how your business is doing are officially over. The new post-Sarbanes-Oxley world is measured by an entirely new yardstick. Corporate accountability is no longer the elephant in the room, or the canary in the coalmine. It’s a mission statement sent from up high (the boardroom) and higher (your customers) – and it isn’t a nice-to-do, but a must-have.

Pick your corporate scandal: Kickbacks, lead paint fiascos, and inappropriate accounting procedures have put pressure on organizations to become truly responsible from the top down and the inside out. The market is demanding that the buck not only stops at the top, but also at the back gate, on the manufacturing floor, and at the shipping port. Company shareholders are looking partners, executives, and employees in the eye and asking corporate accountability questions like, “Are we running our operations in a reliable, compliant, sound, environmentally valid, fiscally responsible manner?” The answer the boardroom wants to hear is that we have a way to manage our organization in a compliant manner, we have controls in place, and we can manage our risk in a predictive and preventative fashion.

Some companies are ready to answer that question with confidence, but many others are struggling to understand the breadth of their business as it relates to corporate accountability.

Doing what you should be doing

Before Sarbanes-Oxley arrived, companies were already supposed to be doing much of what it had set out to accomplish. “Sarbanes-Oxley is essentially a forced mechanism, ensuring that companies actually have policies and internal controls in place to monitor compliance and ensure through reporting and audit management that they are indeed operating in the manner they say they are,” says Narina Sippy, senior vice president/GM Governance, Risk, and Compliance (GRC) at SAP.

Sippy adds, “Sarbanes-Oxley was a very important milestone that put mandatory regulations in place to authenticate if companies were just talking the talk or walking the walk. But the larger issue on the table is overall governance, risk, and compliance, of which Sarbanes-Oxley is just one piece.” As organizations reach toward corporate accountability, they are doing so across multiple departments, geographical locations, and with many oars in the water – ethical issues, environmental challenges, and a whole host of social hurdles are all in the mix. While the prescription for a healthier corporate solution includes solutions for the more headline-making news: workers’ rights, pollution, and going green. The real foun-dation of corporate accountability is making these improvements while maintaining profitability and fiscal responsibility. This challenges companies to state with confidence and assurance that operations are in line with the values, policies, and strategies documented and revealed to stakeholders, as well as the growing volume of regulations.

At the end of the day, increasing shareholder value should be every company’s focus. And while GRC initiatives may not, on the surface, present themselves as providing value, if executed globally and managed correctly, they can save companies from fines, costly risk events, and overlapping administrative costs. They can even be used as a branding tool.

There used to be a “my department is clean” approach to risk and compliance. But the deeper companies dig into their organizations, the more fragmented managing GRC becomes. And the old methods of managing GRC with a siloed approach have proven to be inefficient, costly, and cumbersome.

“There are usually specialized or expert small teams looking at enterprise-wide risk, and they are usually buried within the finance organization. They are separated from where much of the risk actually is, like at the business operations level or in human resources,” says Sippy.

To meet the new challenges of corporate accountability, organizations need to automate and integrate – and that’s where SAP solutions for GRC come into play.

A foundation for accountability

Corporate accountability requires a unified approach to GRC across all systems – including HR, procurement, supply chain, and ERP – to manage risks and compliance within business processes across the enterprise. Often the most destructive aspect of unmanaged risk is not understanding how one department’s risk affects other departments and the entire enterprise. By adding transparency and structure across an entire organization, inefficiencies are weeded out and risks are seen at enterprise level instead of department level. SAP solutions for GRC provide that unified approach – managing enterprise-wide compliance and risk, while supporting the requirements of corporate accountability. This eli-minates the need for departments to stitch together spreadsheets and reports to determine compliance.

In today’s global economy, the ability to be proactively predictive is a necessity. Companies need to know at the request for proposal stage if there are issues with vendors – and not when the delivery driver is at the loading dock. There is no longer room or patience for the “I had no idea that was going on” defense. Public policing by consumers and policing agencies like Corporate Accountability International are watching over organizations right alongside shareholders.

Managing GRC initiatives requires that organizations look deeper into understanding how parts of the business work together. Supply chain and manufacturing departments need to work with global trade departments, which in turn need to work with procurement departments to accurately understand where business risks can occur, and how to mitigate them when they do.

Software solutions are proving to be a big piece of the corporate accountability puzzle, providing an integrated set of solutions to help meet, measure, and monitor corporate accountability standards. But software solutions are only as good as executive commitment and understanding, driving change from the warehouse to the boardroom.

Ian Alexander, freelance journalist,
Palmetto, Florida