When it comes to the topic of corporate governance, excuse Toronto lawyer Chris Koressis for sounding somewhat jaded.
After all, what is left to be said? Corporate governance is something every Canadian executive at every major corporation is quite aware — and maybe a little tired — of, given
recent headlines about accounting scandals and such.
But at the same time, Koressis, of the law firm Aylesworth Thompson Phelan O’Brien LLP, wonders how many executives are actually prepared. Now there’s even more reasons to be concerned.
As of March 31, 2004, new corporate governance rules have had the force of law in Canada. The CEO and CFO of any public company will personally be required to certify six representations regarding the financial statements and corporate governance of the company.
The new rules are, of course, designed to help restore investor confidence in Canadian financial reporting.
But what may not be understood is how all these issues will have an impact not only on IT, but ultimately also the role and the responsibilities of the chief information officer.
Evidently, it’s not just the employee who takes a kickback from a supplier that senior executives need to worry about.
It’s also that financial statements rely on technology, and as Koressis so dramatically states, “”An IT malfunction could produce an incorrrect financial statement, and who would know?”” That by itself is one reason for the CIO to get involved, he says.
It also has to do with all the financial reporting issues around risk management, and both internal and external auditing. This is where some of the biggest risks to a company’s financial health are, whether it’s wild fluctuations in currency rates, or unforeseen global events.
And it’s the combination of all the above that is overburdening both CEO and CFOs, raising concerns that it isn’t enough to assume that the established policy and procedures are being followed.
“”Remember, CEOs and CFOs are busy people,”” say Koressis. “”When new governance laws come on board, quite often what can happen is that these requirements get pushed down to a level of incompetency. And if the impact of non-compliance can be a jail term, can senior executives really afford to let that happen?””
Here’s another reason to be concerned. Under the new law, the definition of senior officer goes beyond those who are considered the “”alter ego”” or “”soul”” of the corporation. It includes everyone who has an important role in setting corporate policy, as well as everyone responsible for managing an integral part of the organization’s activities. The new definition focusses on the function of the individual, rather than on any particular title, and makes it clear that the directors, the CEO and the CFO are, by virtue of the position they hold, automatically senior officers. In other words, the scope of governance is greatly increasing.
Caroline Oliver, a governance consultant and author, is among those who believe there is an expanded role for CIOs to play when it comes to these issues.
Two years ago, Oliver co-authored a book called Corporate Boards That Create Value, and for all the tightening and increased regulation, she notes, perhaps sadly, nothing really has changed. “”CEOs are far more conscious about compliance but there’s also more on their plate than ever, and (the new rules and legislations) hasn’t helped them organize their plates any better.””
Oliver says most CEOs are too powerful in the first place, and “”let’s face it, there’s no great incentive for CEOs to think about good governance, nor is it their job.””
Oliver is among those who believe governance should be the primary responsibility of the board of directors, who are in turn accountable to the shareholders and ultimately “”are the only ones who will make any system right.””
And that’s exactly where the CIO comes in. As corporations practise open communications, maybe CIOs could bring information to the board “”that is easy to deal with in a manageable and suitable way,”” she says.
For Canadian corporations, the idea might not be as pie-in-the-sky as it sounds. If the issue is about who controls and has access to financial information, excepting the CEO and CFO, who but the CIO would most clearly fit the bill?
Another factor weighing in the CIO’s favour is the increased role of technology in financial auditing. There is now no shortage of software tools on the market that can help ensure compliance with the current and upcoming financial reporting requirements.
These tools include enhanced internal control features within enterprise resource planning systems, automated workflow tools, integrated enterprise data warehouses, business reporting tools with drill-back capability and document management tools.
“”The quality of the tools has improved significantly,”” says Tony Masella, partner, finance and performance management at Accenture, who is also clearly among those who believe “”the CIO has an important role to play”” when it comes to governance.
“”With these new tools, the CIO becomes a key advisor to the corporate officers on how to best discharge their obligations,”” he says. “”But to do this, the CIO will need to understand and balance what is available on the market. Specifically, the CIO will need to look at both costs and risks.””
For example, if a control can be automated by implementing a workflow tool, the CIO will need to evaluate the cost to implement and maintain the tool versus the cost of a manual control.
At the end of the day, as is rightly pointed out, technology can never and will never fully do the job that CEOs and CFOs should be doing for themselves.
But at least maybe with the right tools, CIOs can help.