TowerGroup Views Sarbanes-Oxley as Catalyst for Long-Overdue Financial Institution Technology Upgrades

NEEDHAM, MA, February 24, 2004 � Despite enormous attention to the Sarbanes-Oxley Act itself, relatively little consideration has been paid to the role of technology in helping financial institutions meet compliance requirements � or to the long-term opportunities offered by the Act. New research from TowerGroup asserts that financial institutions should view the Act as a catalyst for long-delayed business transformation.

Sarbanes-Oxley does not specifically mandate investments in technology to meet its rigorous financial reporting requirements. Yet in most financial institutions, financial reporting is inextricably linked to information technology systems � meaning that stringent Sarbanes-Oxley financial reporting rules cannot be viewed independently from IT. Traditional financial statements summarize and reflect transactions in the aggregate, while Sarbanes-Oxley requires a means of linking financial statements with the specific transactions that make up the results.

�There�s a danger of Sarbanes-Oxley being over-hyped for all the wrong reasons,� said Virginia Garcia, senior analyst in the Financial Services Strategies & IT Investments practice at TowerGroup and author of the research. �There will be a tendency for financial institutions to focus on immediate-term IT solutions to meet compliance deadlines. However, firms should instead focus on the enormous long-term opportunities offered by these mandates, and view Sarbanes-Oxley as a catalyst for much-needed and long-delayed business transformation.�

Highlights of the new research include:

  • Contrary to other industries, much of what Sarbanes-Oxley requires in terms of internal controls over financial reporting is not necessarily new to financial services institutions. It is simply not documented, or is spread across a wide variety of IT systems and business units. The opportunity to leverage existing IT investments across diverse disciplines underscores the holistic value of Sarbanes-Oxley compliance: better utilization of IT assets.

  • Many of the technologies enabling Sarbanes-Oxley may already be in place in most financial institutions, though utilized for noncompliance purposes like customer insight or operational efficiency (e.g., data repositories conceived for marketing purposes during the heyday of customer relationship management projects). Investments made and since questioned may get new wind in their sails, as the value of data analytics for enterprise risk management and financial reporting purposes becomes evident. Data integration will assist financial institutions in fulfilling their Sarbanes-Oxley obligations by linking data from disparate systems in quasi-real time.

  • TowerGroup believes Sarbanes-Oxley may jumpstart delayed investments in enterprise general ledgers, single-instance enterprise resource planning (ERP) systems, legacy system replacement, sophisticated data mining technologies, information security, storage optimization and data integration solutions. Enterprise content management solutions will also prove useful as they combine necessary business process management capabilities with imaging and document management functionality.

  • TowerGroup further believes that after an initial tactical IT investment in Sarbanes-Oxley compliance, IT costs related to the Act will continue to increase over a period of four to five years by between 5% to 10%. These IT investments will be strategic in nature, with Sarbanes-Oxley fueling business improvement and overall IT upgrade projects. As a result, IT spending growth for the Act will not be measured separately, but rather will be integrated tightly into overall IT budgets.

  • The percentage of total IT costs that institutions direct toward Sarbanes-Oxley will range considerably: from 5% to 10% for financial institutions taking a more tactical approach to compliance versus 20% to 30% for institutions taking a broader strategic approach. The tactical approach will result in only 30% of related IT costs going to third-party providers, while nearly 50% of Act-related IT costs will be externally focused if an institution decides to combine compliance with overarching strategic goals. TowerGroup believes this is an important trend to watch over the next 12 months, as it could shift the overall dynamics of US financial industry IT spending. (See chart.)

Garcia continued, �Instead of thinking of IT investments related to the Act as yet another compliance burden, financial institutions should view them through the lens of lightening their administrative load while providing tangible opportunities to do business more efficiently and offer customers better service.�

About TowerGroup: TowerGroup is the leading research and consulting firm focused on the global financial services industry. A respected source for trusted information and advice, TowerGroup brings many of the world�s largest financial services, technology and professional services firms a deeper understanding of the business and technology issues impacting their organizations. Headquartered near Boston in Needham, Massachusetts, and with offices in New York, London, and Kuala Lumpur, TowerGroup serves a global client base. Visit TowerGroup online at