Various respected sources have reported that the cost of complying with corporate regulations has doubled in the last three years, with the largest single expenditure (22% of the total) arising from the Sarbanes-Oxley Act.
The U.S. Securities Industry Association (SIA) recently published the results of a survey showing that the amount a company has to spend on compliance with industry regulations and legislative acts has increased from $13 billion in 2002 to $25 billion in 2005. The costs wiped out 5% of the industry's annual net revenues, the SIA said.
According to the association, the rise in costs is a result of inefficiencies and duplications among regulators. Some of the conditions set out in the regulations also contain inconsistencies and ambiguities, the SIA added.
The SIA's findings are complemented by the results of a study carried out by AMR Research, which found that compliance will cost $27.3 billion in 2006. Of that sum, “only" 22% ($6 billion) will be for Sarbanes-Oxley compliance, according to AMR.
Compliance with Securities and Exchange Commission (SEC) regulations amounts to a further 13% of the total. Customer compliance and document retention requirements will each get 12%. Food and Drug Administration (FDA) rules will account for 7%, as will security and privacy laws.
However, of those corporations that take compliance seriously, 36% report streamlined business processes, 28% report better quality, and 14% report better IT security.
The ARM Research study analyzed responses from 325 North American business leaders and IT professionals.
“To survive in today's highly competitive business world, organizations need a clearly-defined strategy for managing regulatory risks. The various acts and rules do duplicate each other, but choosing effective platforms to ensure regulatory compliance can reduce the costs that are incurred in meeting those repeated demands," says Denis Zenkin, marketing director at InfoWatch.
Source: IT Compliance Institute