iOPEX
logo menu
close
arrow_back
Back

Bridging the SOX compliance gap with automation

Dec 11 2020 , Vivek Adikesavelu

SOX compliance is ripe for automation. Here is how you can inculcate Intelligent Process Automation (IPA) into your audit process. This will not only drive down your costs but also reduce errors and help you reuse your time on more strategic activities in place of the tedious process of manual SOX compliance.

Considering the fact that the Sarbanes-Oxley Act of the United States (SOX) has been around for almost two decades now, one would imagine an array of state-of-the-art tech innovations trying to disrupt the space. However, there is still a huge gap waiting to be filled.

One such gap is concerning the long hours and heavy costs consumed by the procedure for compliance to the SOX act- especially the stringent standards demanded by Section 404 of the Sarbanes-Oxley Act (SOX 404), which can be extremely taxing for many companies that are ill-equipped to meet the norms demanded by this benchmark legislation.

In the past 18 years, since its implementation, auditors have become proficient and skilled in steering compliance, but due to the rise in the requisites expected by the external auditor, the compliance hours and the consequent financial outlay is on the rise.

2019 survey on SOX by Protiviti says that many organizations experience a 10% year-on-year spike in the number of SOX compliance hours. Even though most organizations surveyed reported marginally lower financial costs in SOX compliance, as compared to the previous year, the overall costs remained significantly high.

Besides, the regulatory demands made by SOX are continuously evolving in a dynamic market environment, virtually making stable processes a moving target. Under such circumstances, companies seeking to enter new geographies, or getting into cross- border M&A deals will find SOX internal controls becoming an expensive affair in terms of both money and time. However, with automation, there is a way out of this ever-expanding maze.

Automation of these processes can save both time and money. Corporations would do well to rework their processes and delivery models to achieve quality SOX compliance with minimum use of resources

Let’s deep dive to understand how organizations globally are improving their governance standards and abiding by compliance standards.

Let’s deep dive to understand how organizations globally are improving their governance standards and abiding by compliance standards.

Organizational vision:

Quality SOX compliance typically entails a combination of strategic mindset and technical acumen. This framework driven mindset is where automation comes into play as it is better suited for basic compliance activities and has the propensity to optimize the use of highly skilled resources toward high-risk activities. Corporations could also deploy alternative delivery models to fill the resource gap, thereby driving greater capabilities and aligning limited resources to the right priorities. For instance, iOPEX’s automation solution, SOXET is an automation framework built to support the end-to-end SOX audit and compliance process to extract, prepare, operate, post validate, and close controls. The best practices used in the industry are to prioritize the high-risk areas and work on the remediation efforts, using platforms that are easily customizable to handle regulatory changes and can serve as a central repository for ownership confirmation and evidence collection/approval with automated notifications and SLA based escalations. This can be achieved using multiple technologies such as low code/no code, ETL, iPaaS (API based integrations), and RPA. There has been substantial growth in the use of technology tools for areas such as automated approval workflow (from 31% to 38%), and access controls such as user access provisioning/deprovisioning, user access review, and segregation of duties review (from 30% to 36%).

Why automation?

SOX compliance is rapidly evolving in order to meet the dynamics of the market. The underlying SOX controls are more often than not dovetailed to tight turnaround times that labor-intensive manual processes aren't usually equipped to handle due to the high cost and the risk of human error they entail. Automation would reduce such errors, increase financial gains and drive overall efficiency.

Barriers in Adopting Automation:

Despite the ostensible benefits, automation in the SOX compliance setting hasn’t been adopted considerably. The lag can largely be attributed to uncertainty surrounding the readiness of external auditors to deal with automated control testing. A bigger and basic lacuna exists around the data and access to it, some organisations are driving their organisations’ state of affairs digitally; hence automation is easy. On the contrary, many organisations are still not entirely digitised. In such a scenario, additional tools are needed to structure the data and digitise it.

Bridging the tech gap:

As per a report by Protiviti, a majority of organizations (53%) used technology tools to test SOX 404 controls in 2018, most frequently for accounts payable, IT general controls and account reconciliations processes.

However, SOX compliance demands a complete overhaul of automation, analytics, and continuous control-monitoring tools to enable compliance professionals work more efficiently towards the outcomes sought.

SOXET Automation Solution:

SOXET is an automation framework built to support the end-to-end SOX audit and compliance process to extract, prepare, operate, post validate, and close controls. It acts as a central repository for all IT Control audit tracking, storage of accounts and SLAs with automated rule driven segmentation, closure and workflow enabled with a dashboard for auditors and control owners.

Conclusion:

Automating your SOX compliance activities can provide up to 50%+ efficiency, thereby increasing speed, reducing costs, and increasing accuracy while ensuring that audit references are easily accessible. Lastly, if you are ready to get your SOX compliance automated, start your journey to make SOX compliance automation a reality.

iOPEX Technologies brings the right mix of compliance expertise and technology enablement to transform your SOX compliance processes.


Recent Post
Product Thinking – The Key to Engaging Users
Dec 11 2020 , Nagarajan Chakaravarthy
read more
Enhancing User Experience through Accessibility Design
Dec 11 2020 , Nagarajan Chakaravarthy
read more
Building a result oriented digital marketing campaign in 10 steps
Dec 11 2020 , Nagarajan Chakaravarthy
read more
Latest news
card

Avinash Lele joins iOPEX Technologies as President

Jan 27 2021

card

Shiva Ramani's Prediction on Machine Learning and Chatbots for 2021

Jan 27 2021