For the last year and a half, regulatory issues are among the top IT management priorities with most attention focused on meeting the financial disclosure requirements set forth by Section 404 of the Sarbanes-Oxley Act. Consequently, spending has jumped tremendously for public companies, fueling regulatory compliance IT projects that can streamline compliance and help offset high audit fees and lost productivity.
An analysis of strategic IT project planning trends shows a bimodal increase over the past 12 months, likely in step with the push to meet Section 404 compliance deadlines. As the chart below illustrates, the first peak in compliance projects occurred in the months preceding the compliance deadline (November 15, 2004) for companies with greater than $75 million in market capitalization. The second spike is apparent in the months preceding the original compliance deadline for companies with less than or equal to $75 million capitalization and foreign firms. The Securities and Exchange Commission (SEC) extended the compliance deadline in March by an additional year, giving these companies until July 15, 2006 (or soon after) to report their internal control processes for the fiscal year.
With the unexpected relief, organizations pushed back, as suggested by the drop in compliance projects from May to the present. Nonetheless, since the start of the year, there still is a sizeable net increase in regulatory compliance spending, with projects rising from 10% to 45% of all current strategic planning implementations.