Thursday, 8 January 2009

Increased control..is that really useful?

After the last financial meltdown (in the beginning of 2000 and the years after) many countries including the U.S sharpened the regulations for companies and financial organizations. We usually call those regulations “SOX” or in Europe “Euro-SOX”. In simple terms this is done by controlling who-does what, give individual access instead of general access and to have a clear “chain-of-command”. There should always be someone that is responsible. (I know I oversimplify the whole thing now..)
When these regulations came the common belief that this would prevent companies from overstating their assets or lie about their revenue, in the end protecting share holders and others that had a stake in the company.
I do not think that I would anger anyone by claiming that it did not prevent the worst financial crises ever….
Maybe the regulations added to problem by giving a false sense of security. Everybody has been compliant to regulations but no one has used common sense.
My conclusion is simple, there is no safe “systems” without common sense. To be able to be sensible you need to be trained and have the knowledge how to handle crises. This is the responsibility of the management. This goes for IT related crisis as well, they cannot be handed over to the IT people and for no-one else to worry about.
I wonder if all the consultancies that have sold SOX training now will start to sell “common sense” training instead. That could be fun to listen to.

No comments: