Back to Sarbanes-Oxley
The Wall Street Journal reports that an increasing number of US companies are looking to India's IT outsourcing firms to cut the cost and time needed to comply with SOX. Cost savings in excess of 60% are responsible for the growth in SOX related businesses, which, some Indian outsourcing companies say is growing at more than 50% a year. A large component of this outsourcing relates to the organizational systems that support SOX compliance including new technology needed for automation and testing, design and management of compliance databases and development of efficient transaction systems and software.
While the report provides evidence that outsourcing may reduce the costs of SOX compliance, it remains to be seen whether the converse is true. The journal reports that a lack of understanding about what exactly SOX requires still makes it difficult to offshore the most complicated steps of compliance. Some Indian IT and outsourcing companies attest to this when they state that their business was hurt last year as U.S. companies took longer to decide which parts of their operations they could run abroad while staying in compliance with the new law. However, it is my opinion that these are but the short-term ripples of the law. SOX compliance may increase the short-term costs of BPO (including learning and audit costs) but will decrease over a long-term period. After all, the user firm saves on service audit costs, and analogous to quality certifications such as CMM, the demonstration of adequate controls will help the service provider build trust with its clients and reduce the costs of multiple audits.
The list of sins is not over yet.
While the report provides evidence that outsourcing may reduce the costs of SOX compliance, it remains to be seen whether the converse is true. The journal reports that a lack of understanding about what exactly SOX requires still makes it difficult to offshore the most complicated steps of compliance. Some Indian IT and outsourcing companies attest to this when they state that their business was hurt last year as U.S. companies took longer to decide which parts of their operations they could run abroad while staying in compliance with the new law. However, it is my opinion that these are but the short-term ripples of the law. SOX compliance may increase the short-term costs of BPO (including learning and audit costs) but will decrease over a long-term period. After all, the user firm saves on service audit costs, and analogous to quality certifications such as CMM, the demonstration of adequate controls will help the service provider build trust with its clients and reduce the costs of multiple audits.
The list of sins is not over yet.