Sarbanes-Oxley, HIPAA, Basel II, J-Sox, Bill 198, Euro-Sox. The list of regulations that organizations need to comply with is long and growing. And the cost of compliance can be high – on average, USD 2.9 million for Sarbanes-Oxley (SOX) 404 compliance alone, according to a 2007 survey published by Financial Executives International (FEI).

Challenges
While there has always been a need for Governance, Risk and Compliance (GRC) oversight in businesses, the recent legislative changes have dramatically increased the level of scrutiny. Management is responsible for implementing GRC strategies, the Board must regularly assess their effectiveness, and internal and external audit must monitor the results. Although there is no shortage of technology vendors claiming to have the remedy for all of your compliance pain, there is, in fact, no panacea. Key factors in determining where to invest in this nascent market include finding a solution that will help to make your compliance efforts sustainable and cost effective year over year, and finding a solution that provides a financial return on the investment in technology.

ACL Solutions
Through the deployment of ACL solutions, organizations are able to comply with regulations such as SOX Section 404 that require management and the external auditor to report on the adequacy of the company's internal control over financial reporting. ACL provides organizations with a suite of pre-defined tests based on the Committee of Sponsoring Organizations (COSO) framework that are run automatically and continuously to monitor for anomalies in financial transactions. With this insight, management is not only able to attest that controls are in place and functioning – or not – as intended, but to uncover errors, abuse, fraud, and process inefficiencies. By correcting these control weaknesses and gaps, companies are able to earn back a return on their ACL technology investment through better cost management and reduced revenue leakage. And the automation of the controls monitoring makes the compliance process more cost-effective and sustainable.

ACL's financial transaction monitoring approach differs from technologies that focus solely on security and IT controls in that these technologies are not as effective at determining the health of an internal control and therefore do not provide the opportunity for an immediate, significant financial payback.

Regulatory Compliance in Action
Telus Communications, the second largest telecommunications firm in Canada, implemented ACL technology to support compliance with Sarbanes-Oxley Section 404 and to identify cost savings in its purchase-to-payment cycle and purchasing card program. The results: increased certainty over the effectiveness of internal controls and 5 times return in cost savings on its ACL investment within the first six months. Download the TELUS success story to learn more!

Learn why the continuous monitoring of financial transactions needs to be a priority for sustainable compliance. Download a white paper by John van Decker to find out more!