Stricter corporate governance requirements have substantially increased Procurement Leader responsibilities in ensuring compliance at various levels within the private and public sector. James Swiegelaar of CEC tells SmartProcurement that according to the Association of Certified Fraud Examiners (ACFE), common red flags for vendors which should be checked by CFOs and CPOs include the following:
- An employee’s home address matches a vendor’s
- An employee’s initials match a vendor’s name e.g. C. Jones (employee) and C.J Engineering (vendor)
- Details for cheque payments show the payee as “Cash”
- A vendor’s address contains only a P.O Box
- Vendor data is missing from the vendor data master file
- Data is formatted illogically e.g. jONe s EniNEERING or 99999999.99 etc
• Policies and Procedures:
Written procedures must be followed, and the correct authorizations must be obtained. It is of interest to note that asset misappropriations account for over 90% of all business fraud, with the Procure to Pay cycle accounting for the greatest share of this.
According to the ACFE, billing schemes relating to the delivery of fictitious goods and services make up 33.5% of all fraud cases in the USA – particularly worrying for all CFOs and CPOs, as this type of fraud cannot be perpetrated without the knowledge and collusion of staff involved in the Procure to Pay cycle.
• Process Change:
Enterprise processes must change and grow with the market, process changes must have the necessary authorizations and these changes must be adopted by everyone throughout the company.
• Compliance and Audit report packs:
The correct set of reports must be generated to prove compliance, and the least amount of time must be spent to generate them.”
COMPLIANCE ROLE PLAYERS AND THEIR REQUIREMENTS
He says that “Although the three main compliance role players, IT administrators, CFOs and auditors agree that the goal of compliance is to ensure the integrity of an organization’s financial results, they all look at compliance differently. The groups have similar issues but very different perspectives and they all see differing aspects of the compliance picture.
While CFOs (and CPO’s) and auditors deal with procedures, policies, workflows and processes, IT administrators, on the other hand, focus on the technological aspects of compliance:
• Security: There must be no internal or external tampering with corporate data sources or applications.
• Data integrity: Administrative control must be delivered to a myriad of administrators who need only certain data to be available on a server.
• Policies and Procedures: Compliance must be incorporated into everyday IT tasks, and best practices must be followed.
• Process Change: All changes to be accounted and controlled while maintaining speed and flexibility.
• Compliance and Audit report packs: Reports must be generated to prove compliance, and the least amount of time should be spent generating these reports.”
CEC’s Mohammed Mahomedy, says that “Business Intelligence tools offer solutions to all sides (in both the public and private sector) and in doing so allows these groups, who have spoken different languages for so long, to finally understand each other from a compliance perspective.
WHAT ARE BUSINESS INTELLIGENCE (BI) TOOLS?
Mohamedy says “A wide variety of Business Intelligence (BI) tools are currently available. These tools have the same purpose – to help managers ask questions about organisational data and to help them visualize the answers for more effective decision-making.
With the use of a BI tool, business managers can quickly and easily “slice and dice” organizational data from multiple ERP systems – something which was formerly only the domain of the highly skilled IT technicians. In fact, the use of a BI tools now allows users at all levels in the organization, to quickly obtain complete and factual answers to individual business problems – without the need for lengthy and advanced IT training.
To ensure the success of any BI implementation, organizations should look for the following characteristics in a BI tool:
• Access to all data throughout the entire enterprise;
• An easy-to-use interface that allows managers and executives to track key performance indicators measuring the health of the organization at any given moment;
• Powerful but easy to use data analysis enabling comprehensive “slice and dice” functionality;
• Pre-developed and ad hoc reports that help managers discover and quickly communicate changes in the business;
• The ability to export reports (e.g. to MS Excel which is a familiar tool for financial professionals and will prevent data entry errors);
• The capacity to view real-time posted transactions, enabling analysts to quickly and easily research problem areas in detail;
• A built-in audit trail that gives an in-depth view of finances at any moment;
• Role-based security to ensure the proper flow of information inside and outside the organization;
• The ability to report and consolidate data within 48 hours of material events that could affect a company’s performance;
• A shared view of information to facilitate collaboration between analysts, financial professionals and executives;
• The ability to deliver information to any party and in any electronic or print format; and
• Auditable report management that enables financial professionals to prove compliance if questioned.”
BUSINESS INTELLIGENCE (BI) AND COMPLIANCE TRENDS
“In many countries around the world, government regulations require publicly traded organizations and governmental institutions to provide organizational information quickly and accurately.
Often these regulatory stipulations carry clearly outlined penalties for executives and external auditors if financial information is not accurate and complete – a fact, which has made compliance a top issue for these organizations.
Even without the threat of penalties, many private companies are also becoming compliant because they recognize the value in unifying their data and presenting an accurate and consolidated view of their organization’s financial situation.
Statistics from an InformationWeek research article showed that, in approximately 40% of cases, the adoption of BI tools is driven by compliance and regulatory requirements.
In a report from Gartner (formerly META Group) entitled “Sarbanes-Oxley: The Impact on Financial Reporting,” it is recommended that organizations focus on the following financial-reporting criteria:
• Collecting financial data,
• Making financial details more accessible,
• Drilling down on accounting reports,
• Highlighting key analysis areas based on tolerance and financial metrics,
• Segmenting reporting into significant elements,
• Enabling workflow,
• Offering frequent flash reporting, and
• Instilling a financial management mindset within the organization.
Organizations are fast learning that BI tools are extremely useful if they want to leverage their reporting capabilities to help meet compliance measures and mitigate risk. And because these tools can help them to achieve this with little effort, they are also gaining a competitive advantage.”
ENVIRONMENTS FOR COMPLIANCE in Private and Public Sectors
Swiegelaar states that: “In many countries, financial compliance rules have been updated and often include examination procedures to determine compliance with the regulatory scheme enforced by governmental treasuries. And while it is true that at this stage it is not a legal requirement for South African companies to adopt the Sarbanes-Oxley (SOX) requirements, many are doing so in order to bring their compliance standards up to world’s best practice. This means developing internal procedures and controls, identifying high-risk areas and transactions, and creating employee training programs in order to become SOX compliant.
All financial institutions are
faced with increasing compliance requirements. Advanced BI tools and consolidated data sources allow the analysis and reporting processes to be conducted more efficiently and effectively with fewer flaws.
Government, with all its different departments, locations and responsibilities, is possibly the least integrated of all organizations. BI brings all of the information together, interprets it according to set queries and offers a complete account of what is really happening throughout the entire enterprise. From this, accurate information can be extracted, reviewed and interpreted, and informed decisions can be made.
In this context Business intelligence reduces training time by providing a simplified graphical interpretation of the entire database. This is especially helpful in government, as it enables users to ask for specific pieces of information without needing to understand the complexity of the underlying database.”
ACHIEVING COMPLIANCE WITH BI
“Compliance regulations are governmentally enforced and therefore auditing and reporting must become part of enterprise culture eventually.
The inherent advantage is the fact that other significant bonuses can be reaped if BI is used strategically.
As government and financial industries utilize BI to help ensure compliance measures and mitigate risk, they can also unleash the competitive edge they need to succeed in today’s business climate. Used as a strategic tool, BI can achieve compliance and unlock vast amounts of business knowledge that is currently disconnected data sitting in various silos of an organization. Collected and interpreted, this seemingly disparate information can be used to further an organization’s growth.”
“In the current competitive global economy, having “the right information at the right time” is critical to an organization’s ability to make appropriate and timely decisions. With the gluttony of information available in organizations, obtaining to correct information at in a timely fashion is a highly resource intensive undertaking. It is this extensive resource requirement that often make managers reluctant to commit to obtaining the information required to support organizational decision-making – and this is where appropriate business intelligence tools play a pivotal role”, says Mahomedy.
By Mohammed Mahomedy CA (SA) and James Swiegelaar PhD of Cutting Edge Commerce.
1. Weiss, Peter. “Employee Ability Shapes Business Intelligence.” InformationWeek. 8 August 2005.
2. Van Decker, John. “Sarbanes-Oxley: The Impact on Financial Reporting.” Gartner Research (formerly META Group)