Technologists forced into cash-guzzling IT projects by corporate compliance requirements should brace for more budgetary pain, with Australia's former chief corporate cop warning legal requirements will only continue to escalate.
According to former Australian Competition and Consumer Commission (ACCC) chairman Professor Allan Fels, IT managers feeling the pain from implementing compliance measures - such as records and business process management - can expect regulations and new laws to increase by around 10 percent a year.
Fels now works as the dean of the Australian and New Zealand School of Government, a collaborative thinktank of 10 universities.
"There is an upward trend. It has been happening ever since the start of the de-regulation movement [in the mid 1980s]. Laws are being enforced more seriously ... it is a chronic feature of life," Fels told Computerworld, adding the Australian Productivity Commission estimated compliance requirement costs at around $20 billion.
Acknowledging IT shops often carry both the financial and process-related burden in enterprises for compliance projects, Fels warned business leaders must make compliance an enterprise-wide issue "rather than singling out any particular department."
Fels said in his experience, many earlier corporate compliance projects consisted of "token programs" where corporations paid lip service to requirements only to later find themselves exposed because of poorly scoped compliance requirements.
He added that this had now given way to a second wave of "more serious programs" with larger enterprises visibly deciding "to pull up their socks" which aimed to inculcate good governance deep into corporate culture and were encouraged by "considerable sanctions, jail, fines and legal entanglement."
Asked whether compliance initiatives deliver a return on investment for IT dollars rather than merely inflating operating costs, Fels maintained such measures contributed to overall corporate and economic health in a general sense, because they gave customers a better deal and promoted open competition.
However, Fels maintained that many compliance projects still contributed a "value-add" to individual businesses because they helped document, streamline and improve business processes.
Even so, he acknowledged pinning compliance requirements onto the IT department has limits.
"Technology on its own will not change culture. You can have compliance training programs, but there can't be one every week."
Capturing compliance: what to look forIT managers should check their enterprise has ready access to a number of compliance information tools, including:
- Relevant legislation
- Regulatory guidelines
- Regulatory policy statements
- Internal approvals and verification
- Acknowledgement of compliance