The law is often an ass and in times of knee jerk reactions, it can be worse then Eeyore, the world’s most miserable donkey.
The Sarbanes-Oxley Act of 2002 is a good example of an Equus asinus. Dismay from all sorts of organisations greeted the arrival of Sarbanes-Oxley, as the rickety and hurriedly passed law forced them to get their houses in some sort of order.
There are many governance laws now echoing around the globe but Sarbanes-Oxley is the one that people have moaned about most, probably because it affects more companies, since any company with US operations must comply.
There are claims that it is a bad law, poorly thought out, hastily passed and doomed to failure. But the ponderous Basel II and the International Accounting Standards are not that popular either, even though they have taken (seemingly) an age to progress and are more considered.
But a weird thing is happening. IT directors and CIOs, who only two years ago were predicting all sorts of doom and gloom, have seen major benefits from having to comply with these regulations. Let’s repeat that. There are benefits emerging from complying with tiresome regulations and many companies now know what kit and processes they actually have in place. Extraordinary.
Maybe it is a US thing. Americans are not very popular with most of the globe at the moment. The country’s legendary ‘can do!’ attitude has backfired with the Iraq war and its’ economic supremacy is being threatened by the growth of China and the EU. Tony Blair, when questioned recently by Michael Parkinson, said he enjoyed working with George Bush because he said something and just got on and did it. There was action. Hmmm.
This seems to be the difference between Sarbanes-Oxley and the others – the sheer speed of implementing such a complex law. As we all know, European laws take long years of discussion and counter discussion before anything actually gets done. We Europeans cite everything from different languages and cultures to saints’ days and holidays as reasons for delay.
Many large organisations – while not actually celebrating the arrival of Sarbanes-Oxley – have now admitted that they have a better understanding of their processes and systems because of it. BT, for example, has said it is turning compliance requirements into something positive.
The company adheres to the law first but also has been rethinking the way it delivers services. The new regulations have made it take a more methodical and measured approach.
Of course, BT is also concentrating on new Ofcom mandates, which it has said are ‘like Sarbanes-Oxley on steroids.’
Beleaguered IT departments have moved from doubting that they could achieve what Sarbanes-Oxley was asking them to do, to being pretty impressed with some of the results.
Cosmetics giant Avon says that regulatory compliance has shifted from being the background to being part of everything it does. It has actually begun to keep to its own procedures.
Avon sees itself as a highly ethical organisation, based on values that were developed more than 100 years ago. The thought of anyone perpetuating the sort of fraud that went on at Enron gives it the collywobbles.
It is too soon to tell whether Sarbanes-Oxley is a good law, as well as offering organisations unexpected benefits, but then maybe it is just better to do something, anything, than to take ages trying to perfect the legislation. To labour the metaphor, Sarbanes-Oxley will never be a thoroughbred, but as a workhorse, it is proving more productive than anyone first thought.