AP CIOs feel responsible for compliance

SINGAPORE--The growing importance of IT in ensuring regulatory compliance is getting Asia-Pacific CIOs hot under the collar, even though CEOs and CFOs are the ones in the line of fire today, a survey finds.

Serena Software CEO Mark Woodward said: "Today, it is the CEO and CFO who are held accountable, but 57 percent of CIOs believe they would be held accountable in future because IT systems underpin all [compliance systems]."

Serena Software, a change management software company, commissioned a survey of 148 CIOs across the region between October and November last year. Conducted by research company MarketShare, the study found that 57 percent of respondents feel they may be held directly accountable for compliance activities in the future.

According to the survey, 88 percent of the respondents think IT has a major role to play in ensuring regulatory compliance.

Woodward, in Asia this week for a customer road show, said: "If you're the CEO of a public company, you'll often have to sign documents that say you know the [quarterly financial] statements are correct. The only way you can have any confidence [in signing the documents] is through using IT apps and automation."

Having the tools to manage compliance will force companies to "really improve" business processes, provide them with complete visibility and predictability, and in turn, help them improve their decision-making process, he said.

The problem is, not all CEOs know how important IT is in managing regulatory compliance. "There is a big disparity between IT and management," Woodward said.

In addition, lacking proper change management practices, which are an integral part of regulatory compliance, can lead to serious consequences, he noted.

The matter becomes grave, especially when something as simple as issuing invoices cannot be processed because of a new ERP (enterprise resource planning) implementation.

He also revealed that the CIO of a large U.S. bank once admitted that 80 percent of IT change within his organization is unmanaged.

The good news is, Woodward said, a fifth of the companies surveyed have already implemented regulatory compliance practices. "There's awareness of it. Some companies are spending, or planning to spend, money on [compliance]."

In another MarketShare study released earlier this year, 27 percent of businesses in the Asia-Pacific region said they plan to spend over 15 percent of their IT budgets on compliance-related activities over the next two years, compared to 9 percent last year.