Learning From Disaster | Part Two - Transparently Obvious

"I am incredibly nervous that we will implode in a wave of accounting scandals," she wrote in a letter to Kenneth Lay, the corporation's chief executive officer. Congressional investigators looking into the company's collapse revealed the letter's existence in February. The letter, said one, is "breathtaking in detail".

While accountants used to be the eyes and ears of shareholders, some of the worst scandals of "The Year of Corporate Collapses" might have taken much longer to come to light without the efforts of concerned insiders capable of assessing the true financial health of the company and prepared to speak up about their fears.

As the stories behind the scandals unfold there is growing awareness that CIOs have a crucial role to play in enabling these honest whistleblowers. In the future, analysts say, a CIO's credibility will depend on their ability to help keep the organisation honest and accountable by providing the tools to make financial information as transparent as possible.

"The number of articles devoted to the Enron debacle during the past months has been enormous, but the impact on CIOs has been poorly addressed," Gartner notes in a report. "CIOs will be caught between trying to prove the value of IT and trying to boost their own credibility at a time when systems are becoming complex, chaotic and risky. A handful of CIOs will enjoy a rebirth of credibility during the post-Enron period as they concentrate on accessing, integrating and facilitating insight into information. Many other CIOs, however, remain so enmeshed in managing technology, rather than in managing information, that their credibility will suffer."

Gartner notes that although CIOs may not be discussing esoteric changes in accounting standards and reporting regulations post-Enron, CIOs will certainly be affected by the resulting changes. "They must prepare to be active players in facilitating financial reporting, defining financial governance, dispelling technology myths created by financial analysts and implementing government regulations. Although details have not gelled, enterprises will likely be expected to disclose information about financial results more frequently. Visionary CEOs and CFOs will start to make those changes ahead of any forced regulatory change as a way of rebuilding shareholder confidence."

With all too many executives having been investigated, fired, jailed or just deeply humiliated, and with untold employees still trying to pick up the pieces of the accounting scandals of recent times, the public debate has been largely comprised of questions. How did all this happen? What happened to the auditors who were supposed to be assuring corporate integrity? How can companies spend so much money on financial information systems and still not know their own organisation's financial health? Why weren't there more concerned employees ready to blow the whistle? And pertinently, why did those with the power to act ignore those with the power to warn?

CIOs should play a critical role in answering some of those questions.

Auditors can be deceived or corrupted, and too many companies have made a habit of overriding or ignoring internal controls such as multiple crosschecks or approvals of accounting data designed to preserve financial integrity. The financial press can only play a limited role in uncovering scandal, while markets can only assess information on the public record, meaning it can take a long time to detect aggressive or irregular accounting. That makes the CIO's role in providing good technology capable of making the financial health of the company fully transparent, along with the IT governance to keep IS efforts fully aligned, essential.

Page Break

"I think the responsibility - and I think a lot of CIOs see this today - is not just at a systems level, but at a business level and at a cultural level," says PeopleSoft Australia New Zealand managing director David Webster. "And so when they weave those three things together, they really have a role which is highly influential on any organisation's business outcomes. They're not just providing the infrastructure and then saying: ?'You go and use it.' Their responsibility has got to be: here's the infrastructure, and by the way here's the data converted into information and delivered to the business guy who's making the business decision."

Of course if the CEO wants to behave fraudulently no amount of software will stop them, as Forrester Research senior analyst Jim Walker remarks. Alarms may go off, but will not help if the senior management wants to ignore those alarms. "Here's the bottom line," Walker says, "[financial information] software is good for the CEO and the CFO - C level people - to find out if there's people within their organisation that are playing games for whatever benefit. But at the C level, if they're going to be fraudulent, no amount of software is going to solve that problem."

Still, the Enron experience shows that having the right level of management information available makes it easier for every employee to assume some level of financial accountability to help keep the organisation out of trouble.

"I believe that the reason that some of the information that has come to light in the likes of the HIH and the One.Tels and so forth is because people at lower levels of the organisation called it out," says Webster. "They called out the fact that they felt there were funny things going on with some of the accounting practices and some of the financial measures and the financial management, and that to me is a positive thing.

Webster says that although a company's cultural aspects are not necessarily owned by the CIO, the CIO does have a responsibility to be involved in the culture side of accountability. He points out that growing numbers of organisations are devolving accountability for financial management to levels of management below the CFO. That reflects a new awareness that the responsibility for financial management needs to permeate an organisation; it is not just the domain of the CFO and the finance function.

"The CIO is not just delivering a system for the finance function. He or she is delivering a system and supporting a system for a business that very often encompasses not just the CFO function but all functions. So we see things like self-service. We see things like CFO portals and those sorts of technologies coming into play, where you have role-based accountabilities and responsibilities architected behind the portal, which enable people to get financial visibility at different levels," he says.

Page Break

Show Me The Problems

"What makes a good information system that can keep the company from collapsing?" asks Keith Skinner, chief operating officer Deloitte Touche Tohmatsu. "I think basically there's got to be good financial reporting information systems, and that means both from a planning stage - good budgetary systems that can do profit and loss balance sheet, cash flow plans and budgets - and then you need a good system to report against those financial systems. They've got to be flexible, in that you can continually update them, and do continuous planning and forecasting; good variance or exception analysis that shows where there are problems, so those can be investigated. That's the financial accounting side, if you like.

"Then there's management accounting systems that, depending on what business the company is in, can give you things like client profitability; product profitability, if there's standard costing, variance from standard. I could go on and on, depending on the type of corporate [entity] . . . but basically, it should be a system that can measure the key performance factors that really measure the firm's success and profitability."

Skinner advises CIOs to carefully examine their business and determine the critical performance factors: what needs to be measured and monitored. They should make sure their systems are not only capable of addressing those needs but of presenting meaningful reports. CEOs should do a risk analysis, either internally or with the help of an outside consultant, he says, to determine the key success factors for the business, communicate that to the CIO and then have them devise or purchase the appropriate system that will deliver that.

"They [CIOs] should really concentrate on reports. These systems can spit out voluminous reports that are very difficult to use and to read, and probably then people overlook the real issues because of that. So I think really communicating with the users of the information as to what their requirements are, so that you get reports that are very focused and highlight what the issues might be, is extremely important," Skinner says.

"In order to restore investor confidence, CFOs across all industries need to go beyond regulatory compliance and provide additional disclosure of financial and nonfinancial information," says Alan Landis, research director, Working Council for Chief Financial Officers. "As pressure to disclose intensifies, many CFOs are looking for automated solutions to improve external transparency to investors."

Gartner notes disclosure of financial information will affect back-office accounting systems. Many enterprises have adopted a "make do and mend" policy and patched legacy finance and accounting systems. In all likelihood, those systems will be unable to respond to frequent and detailed financial reporting.

Enterprises that have implemented financial applications from one of the ERP vendors will be in reasonable shape, but they will not be invulnerable. Although most ERP systems support the concept of a "virtual" close (that is, financial transactions are continually updated in real time or near real time), feeder systems that pass financial transactions to the ERP system may be sources of weakness. They may not pass sufficient detail (to support more detailed reporting) or they may work on fixed batch intervals.

Page Break

Top-Down, Bottom-Up Information

Of course transparent business means having many users of information. That is why some vendors are pushing enterprise planning and performance management software, claiming it is already changing the way enterprises operate by imposing collaborative top-down, bottom-up planning practices, business transparency and far-reaching accountability.

Enterprise planning and performance management is a methodology and practice based on company-wide collaboration and participation that allows hundreds of employees to become involved in the collection of data and planning future performance. This helps prevent people from any position within the company from massaging or misplacing financials.

"CEOs and CFOs are under enormous pressure from the threat of potential legislation and intense market scrutiny to demonstrate financial stability and reporting accuracy in the wake of recent corporate collapses," Adaytum global CEO Guy Haddleton says. "Their first port of call to achieve this is generally the CIO and finance department to establish a system that will provide them with job security by being able to adequately demonstrate: financial accuracy, business transparency and executive and employee accountability.

"Enterprise planning and performance management achieves these key criteria because it drives the collection and analysis of realtime data. It provides CIOs and their CEOs with greater confidence in predicting future operating performance. So, there's much less likelihood of the business missing its bottom-line numbers, or of having to issue reforecast profit warnings."

Haddleton, whose company provides enterprise business planning solutions, says enterprise planning and performance management replaces outdated technology - commonly Excel spreadsheets which are not suited to planning and data collection on a multi-user basis - and in doing so eradicates the common issues of data integrity.

Enterprise planning and performance management also provides senior management with the flexibility to track business against plan and allows them to take proactive steps to change the outcome of the business on a quarterly basis. This means that warning about missing profit or revenue targets comes early enough for CEOs to be able to take steps to readjust business strategy in order to try to meet original targets.

Capture and Analyse

Forrester Research says CIOs can help corporate officers and their auditors rebuild trust by building an electronic audit application. The application should intelligently capture and analyse enterprise and business segment data providing a daily audit of the firm. This application should siphon electronic data to monitor profitability drivers and alert the CFO to problems; provide a repository to manually log material events and provide pattern recognition algorithms to detect fraud.

Jim Walker, a senior analyst with Forrester, says companies need to fully digitise the business. "Companies tell us that while 80 per cent of their volume is done electronically with EDI, 80 per cent of their customers (20 per cent of their volume) still use phone and fax. If you're going to manage your business with an electronic audit committee application, you need to have the data in electronic form before you can even start that.

1 2 Page 1
Page 1 of 2
Security vs. innovation: IT's trickiest balancing act