|
|
|
Features
< Back
Sarbanes Oxley : Technology : Business Process Management
Making Lemonade
Sarbanes Oxley as an Opportunity for Business Process Optimization and Supply Chain Excellence
By
Anthony Tarantino
|
|
Anthony Tarantino
E2open
|
As the old adage goes, when life serves you lemons, make lemonade. In 2003, the impact of the Sarbanes Oxley Act (SOX) on finance and information technology was widely discussed as concerned professionals tried to understand the impact on their business operations. In 2004, supply chain professionals have come to understand that SOX will profoundly change their lives as well. However, the thought leaders in supply management are using this regulation to take an opportunistic view and see SOX as a means to facilitate business process optiminization and achieve supply management excellence. The laggards will take a more passive and reactive angle, viewing SOX as a passing fad or another example of government interference with no tangible benefits.
Three sections of SOX will directly impact supply management:
? Section 401a requires the listing of off-balance-sheet transactions and obligations and contingent off-balance-sheet obligations. The SEC final ruling also requires the disclosure of the nature and business purpose of the off-balance-sheet arrangements, and why and how they are needed for running a business. Some examples which may impact supply management include:
? Long-term purchase and lease agreements will need to be captured in a tabular format specified by the Security and Exchange Commission (SEC) ? year one, year two, etc.
? Cancellation and early termination charges imposed by suppliers will need to be reported using the 8-K form within 4 working days as specified in section 409.
? Contingent obligations may include contractual obligations from suppliers? suppliers such as minimum purchase requirements and early termination charges, even though the company is not directly a party to the agreement.
? Section 404 calls for the creation and maintenance of viable internal controls. Over the decades, the SEC has ruled that internal controls include policies, procedures, training programs and other processes beyond financial controls. The SEC has clearly defined internal controls to include ?the safeguarding of assets against unauthorized acquisition, use or disposition.? It also requires companies to document and test the adequacy of these controls. Some examples of inadequate process controls that may impact supply management include:
?
Inventory write-offs due to poor forecasting, planning, inventory and end-of-life practices.
?
Poor physical and logical control of assets such as inventory and capital equipment not physically or logically controlled in a timely manner.
?
Poor control of item and supplier masters such as identical suppliers and items existing under multiple numbers with no cross-reference.
?
Poor purchase commitments visibility, invalid due dates and quantities.
?
No viable system for approving suppliers and then monitoring their performance.
?
Violations of segregation of duties, e.g, a buyer with access to payables, receiving, supplier master, general ledger, etc.
? Section 409 requires the timely reporting of material events which impact financial reporting. ?Timely? has been interpreted to mean 4 working days. Once a company declares a material event, it must document a permanent corrective action before it can claim to have adequate process controls under Section 404. The following events may meet the reporting threshold:
? A key supplier misses a critical delivery date causing the company to miss its revenue projections.
? A physical inventory or cycle-counting process results in a major shortfall in inventory balances.
Supply management and IT professionals will be inundated with a host of software tools to improve their ability to comply with sections 401a, 404, 409 and 802. The general categories which should be considered include:
? Event management tools also known as risk management and internal control tools
? Advanced business intelligence and reporting tools with alerts for out of tolerance events
? Document management tools with access and revision controls
? Supplier and customer portals/extranets to automate and standardize order and inventory management
? Radio frequency identification (RFID) chips to capture much more product data than possible with barcoding
? Business process optimization (BPO) tools to automate controls enforcement such as segregation of duties
There will also be an acceleration of efforts to automate and standardize disparate ERP and other supply planning and execution systems as a means to meet reporting requirements and demonstrate efficient process controls. To this point, companies should implement solutions that can combine process management workflows with decision support tools that automatically enforce policies and exception management capabilities in an open, integrated platform.
In summary, SOX is here to stay. It can be used by forward-looking supply management professionals to improve and optimize processes and systems ? in essence, to make lemonade. The cost vs. benefits analysis will now be much more compelling with CEOs and CFOs facing severe criminal and civil penalties for noncompliance. Those who take a more passive and reactive posture ? and view this as another sour lemon ? will risk the displeasure of executive management and their own legal exposure.
Anthony Tarantino
E2open
Anthony Taratino is a well-recognized industry expert in all areas of supply chain management with a special focus in regulatory and compliance-related issues. Tarantino has nearly 30 years experience working in a variety of industries holding management positions in materials management and procurement for companies such as Eaton Corporation, Omnichrome Corp, MDT Medical Diagnostics, Masco Corporation and D?cor Concepts. Prior to joining E2open as Vice President, Sarbanes Oxley and Supply Chain, Tarantino was a senior supply chain consultant for KPMG Consulting/BearingPoint where he worked on clients such as Cadence Design Systems, Seagate Technologies, Motorola, Premier, Inc (Medical Purchasing Services), JDS Uniphase, Redback Networks.
Tarantino is a regular contributor to the Institute of Supply Management (ISM) and other supply chain management journals on topics such as corporate governance and Sarbanes Oxley (SOX) as well as informational supply chain and eBusiness topics. Tarantino holds a CPIM (Certified in Production and Inventory Management) certification from APICS, and a CPM (Certified Purchasing Manager) certificate from NAPM/ISM. Tarantino has a Ph.D. in Organizational Communications from the University of California, Irvine and a Bachelor?s degree in Political Science from the University of California, Santa Cruz.
|
|
|
|
|
