Compliance is a hot topic at the moment. There is a growing expectation of accountability for businesses. This is because of scandals such as Carillion. That accountability is both looked at internally through governance and by external eyes with compliance.
Tech companies are not immune to failure: Alta Motors, StumbleUpon and Path were closed down in 2018. Most recently, Travelex is suffering from a major cyberattack, the implications of which will go on for some time. FinancialForce have recently published a white paper, written by Enterprise Times that looked at five key compliance topics. It also posed thirteen questions that finance leaders need to ask when looking to purchase business software.
Cybersecurity must be top of mind for business today. There is still much to find out about the Travelex incident however finance leaders can no longer just ask vendors whether the software is secure in an RFP. This question looks increasingly naive. The CFO needs to continually ask deeper questions of both their own IT teams, the wider business and their vendors. In addition, it is not only about the technology but also about culture. Culture, not just within the organisation but also at suppliers. Third party risk is a growing threat to many businesses, especially as supply chains are becoming more complex and more integrated.
Many businesses have suffered some kind of data breach in the last ten years, whether it was an internal staff member taking customer lists or an external hack. The former is much more likely. Reporting of these breaches is now mandated so what does a company do? Yes it needs cybersecurity technology. It also needs to have the ability to detect a breach and an incident plan. If such an event occurs and no one knows what to do then it can be a complete disaster for the company.
Internally organisations need preventative and detective internal controls in place to ensure governance. Legacy software often has limited controls in place and these are often onerous to update. A modern finance solution will ease the burden of administration with simple user interfaces and automation to manage change. These systems should also leverage artificial intelligence to highlight not just financial insights for the business to thrive but also anomalies that historically have been missed. AI is unlikely to replace the entire accounting team in the short term, but it will help ease the burden of growth and mitigate some risks within finance teams.
Data protection and Data sovereignty
While data protection is tightly coupled with security the legislative landscape alone makes this a warranted section. As Sharon Dodson, Senior Corporate Counsel, EMEA & Privacy Officer at FinanacialForce stated: “If you are born global you really have to understand the compliance landscape and the risks associated with your business, as well as the kind of questions you are going to be asked at a compliance level by your customers and prospects.”
Understanding the local data protection and data sovereignty laws in the countries that the business operates in is important. Understanding where the data the company is responsible for is located is equally vital. For some technology companies there is additional legislation, both local and international that they need to be aware of. For example, HIPAA in the healthcare sector.
Finance teams need to prepare reports for internal control, auditors, government reporting. Those reporting standards include: UK FRS, IFRS and US GAAP. Annual changes, to the requirements rarely simplify them. Cloud-based finance solutions, with the ability to push upgrades to all users on a regular cadence, can help move the heavy lifting of report preparation away from finance teams and spreadsheets.
An example of this is revenue recognition. Significantly changed in IFRS 15 it requires complex calculations for technology companies, some with huge volumes of data to process. As business models changes and companies introduce new payment methods, this is a growing challenge that a spreadsheet is increasingly unable to fulfil. Financial Management software with revenue recognition built in can deliver time savings and greater accuracy in producing revenue recognition reports.
Finally, eGovernment is increasing in importance. Making Tax Digital (MTD) is now a reality in the UK and other governments are starting their own initiatives. Businesses are often born international today with the internet providing channels to market, especially for SaaS companies in many jurisdictions. Business can no longer consider local applications which just support foreign currency. Instead, they need to look for applications that are aware of and support the eGovernment initiatives not just in the UK but also abroad.
What should I buy?
The whitepaper mentioned earlier was created from a neutral standpoint. It posed thirteen questions that any vendor should be able to answer. These questions could be added to an RFP or equally asked during initial meetings. Many technologies work beyond national boundaries and the next generation of software needs to meet requirements not just of today but of tomorrow. Even if a business has a solution in place it should be able to answer all of the questions.
To find out more, the whitepaper can be download here.