Here's an example of how complex this issue can be:
Company X is in a volume business. Based on its summarized historic financial data and carefully developed forecasts, the CFO is confident the company will meet earnings expectations. He doesn't know, though, that one of the larger business units has achieved its results through a one-time price break made affordable by a new supplier agreement. Finding this information would require his drilling down to the transactional level in that business unit, additional analysis of contract terms, and moderately sophisticated period-over-period instrumentation that would show an otherwise unexpected change in cost of goods sold. The price break offsets an anticipated increase in unit cost as a result of a manufacturing volume/sales trend that's expected to decline 10% next quarter. Here again, the underlying trends are invisible in the summarized data, and there's no integrated system to provide the CFO with the line of sight into the business unit's actual results and forecasted volumes. The business-unit management, meanwhile, lacks an understanding of the impact of these items on share price and, therefore, doesn't clearly communicate these important factors to the CFO.
So the CFO reports in his quarterly presentation that performance is as projected and the company is on pace to meet the year's earnings forecast. At the end of the next quarter, though, the business unit is still operating at 10% lower volume, while supplier prices go back to their original levels. Suddenly, the financial results appear to have fallen. The CFO has to explain not only why this happened—which isn't so hard—but also why he didn't know about it a quarter earlier—which is hard.
The lesson in this example, of course, is that the enhanced disclosure requirements of Sarbox will force companies to deal with the accountability, process-management, and information-system issues they've been putting off. CFOs who look to move beyond merely complying, and CIOs who help provide a vision of technology that improves the bottom line rather than just explains it, will deliver significant, immediate benefits to their companies. The first step is a plan that incrementally improves investor confidence, internal and external communications, and training on the new business environment.
It's also a good time to consider prioritizing finance initiatives, especially around improved analytics and information integration. These will improve your understanding of the drivers of share price, your business decision making, and your communications to Wall Street. You'll have fewer financial surprises and improved risk management if you connect finance's analytic capabilities with business operations' need to rapidly and accurately assess the impact of surprises in the marketplace.
Still not convinced that Sarbanes-Oxley is a call to CIO action? Consider this: It may be financial legislation, but it's designed to ensure that the creation and documentation of financial statements is tracked by internal controls. As C-level executives, CIOs can be held responsible for inaccurate data. Although you may not be making the types of decisions whose ethics may be questioned, you are creating systems whose data is relied upon to make those decisions. If the systems generate inaccurate data, the onus could be on you. You must start thinking about the controls your company and your IT systems need to account for data cleanliness, to track and control processes, and to generate real-time outputs. Sarbanes-Oxley is about to make all of those things a bigger part of the CIO's job.
John Parkinson is chief technology officer and Stewart Bloom is vice president of technology services for the Americas at Cap Gemini Ernst & Young.
