IT Spending for Compliance: From SOX 404 to Comprehensive Compliance

IT Spending for Compliance: From SOX 404 to Comprehensive Compliance:

Financial Insights estimates that North American financial institutions spent over $100 million on enterprise performance management solutions in the U.S. and Canada in 2003. This number will grow to $174 million in 2004 and will reach $450 million 2008.

Beyond Sarbanes-Oxley, Comprehensive Compliance

Given the similarities in the applications and infrastructure components required to comply with new regulations impacting financial services firms, including the PATRIOT Act and Basel II, we estimate that a key long-term trend in the market for compliance solutions will be application and infrastructure integration.

On the infrastructure side, we foresee that the data infrastructure supporting compliance activities will become more and more integrated through data warehouses or through applications that can connect to disparate sources. On the application side, we are already seeing firms invest in solutions that meet both anti-money laundering requirements prescribed by the PATRIOT Act as well as SEC and Sarbanes-Oxley-related requirements to monitor for internal fraud and for compliance breaches with securities laws. Investments in such AML/Surveillance solutions have been particularly strong among securities firms.

Specific to Sarbanes-Oxley compliance, we estimate that SOX 404 solutions will become more and more integrated with enterprise performance management applications to facilitate the regulatory reporting process.

Integration will take time. Technologically, it is already here today and IT vendors have been ready with partnerships and attractive solutions. Culturally and organizationally, it is not. Financial services firms have much internal work to do before they can begin to combine disparate compliance processes. Until this time, investments in IT for compliance will continue to remain focused on specific regulations. "