Asia-Pacific CIOs say regulatory compliance is a prioritiy for the New Year and that their organisations keen to leverage standards in a bid to gain competitive advantage.
In a survey of 148 CIOs in the Asia-Pacific region, 70% of respondents said compliance will be used to gain an advantage over competitors.
The survey, by content management vendor Serena Software, involved interviews with medium to large companies across Australia, China, Hong Kong, India, Japan, Korea and Singapore. It found the uptake of regulatory compliance programmes will increase significantly this year.
To date only 21% of those surveyed had implemented regulatory compliance programmes but 52% will have standards in place by the end of the year.
The survey was conducted in October and November.
Charles Rignall, Serena's Australia country manager, says the region is waking up to the relevance of international compliance requirements such as Sarbanes-Oxley and Basel II.
However, he Australia is yet to legislate mandatory compliance.
"Relevance for compliance will be driven by corporate headquarters' demands and global trade requirements," he says.
"If companies want to do business with a multinational corporation or trade with an overseas company they have to meet minimum standards. Assurance must be given to customers and partners that you can work at the same level."
The survey found IT will have a major role to play in meeting regulatory compliance standards, with more than three quarters of respondents saying compliance will be one of their top IT objectives to implement and maintain regularly over the next year.
Corporate governance consultant Mark Toomey wasn't surprised that Australia ranked fourth in the survey in terms of compliance leadership. "It is lamentable, but not surprising," he says.
"This poor result joins with other indicators to confirm that Australian organisations are weak in corporate governance of IT.
"Weak governance allows problem situations to develop, such as the disastrous implementation of the Australian Customs Service Imports module in October 2005 and it costs the Australian economy billions of dollars every year."
Toomey said effective corporate governance, from the boardroom down, should include formal systems of monitoring and control for compliance.
"These systems should ensure that both business and technology managers are properly engaged in identifying compliance requirements and planning compliance initiatives which typically involve complementary adjustments in systems, practices, training and organisation," he says.
"In the interests of efficiency and effectiveness, many organisations would benefit from adoption of software tools to underpin the ongoing monitoring and control of their compliance obligations."
However, Toomey warns that adoption of compliance and governance tools is not a panacea and says specific effort is required to do it successfully. Other key survey findings include:
- Most Asia-Pacific respondents (88%) think that IT has a major role to play in ensuring regulatory compliance.
- CFOs and CEOs may no longer be the only executives responsible for compliance activities. The survey revealed that 57% of Asia-Pacific CIOs feel that they may be held directly accountable for compliance activities in the future.
- The survey shows that Asia-Pacific CIOs currently spend a low proportion of their IT budget on compliance-related activities. Most companies (60%) say that they currently spend "less than 5 %" of their total IT budget on compliance-related activities with only 9% of companies saying they currently spend "more than 15%".
- Asia-Pacific companies surveyed will start to use more of their IT budgets on compliance-related activities over the next two years. Nearly 30% of companies (up from 9%) plan to spend "over 15%" of their total IT budgets on compliance-related activities in the next two years.