Magazine article Information Management

The World Is Watching

Magazine article Information Management

The World Is Watching

Article excerpt

Can the U.S. and Western European regulatory environment help predict future global initiatives?

Regulatory compliance is no longer a new concept, especially in the United States. It is one of today's most popular buzzwords and a topic that is in the forefront of many business and IT professionals' minds. American companies are intimately familiar with legislation such as Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), and the SEC 17A-4 regulation and how these are dramatically changing the way organizations manage, secure, and store their information. In addition, many companies are knee-deep in establishing and reengineering policies and processes, and implementing technology to facilitate compliance with numerous regulations.

That is not the case, however, around the world. In many countries, compliance is an emerging trend that users and IT vendors are feverishly trying to understand due to the globalization of the business community. In doing so, the international community is closely watching the types of regulations being adopted in both the U.S. and Western European environments and asking a lot of questions, such as:

* How is compliance affecting U.S. companies?

* What steps are organizations taking to address the requirements?

* Are best practices emerging?

* What role does technology play in compliance?

U.S. organizations have been asking these same questions for the past 12 to 24 months.

The international feeling is that the regulatory environment has been primarily U.S.-driven and it is only a matter of time before others follow suit. Anticipating an increase in regulatory initiatives and laws in their own countries, companies in different regions are using the current regulatory activity to predict and prepare themselves for emerging regulations. Also, many believe that, as appropriate, their mandates will harmonize with U.S. initiatives.

This approach makes sense because the core elements and focus of many current regulations fall into a few categories, including information integrity, privacy, and records retention. Therefore, the high-level business and technology requirements will be similar throughout the world. It is for these same reasons that IT vendors have turned their attention worldwide. To reach the global market, technology providers want to ensure that their products and solutions address these emerging regulations.

Two categories of regulations are receiving the most attention worldwide:

* Internal controls: The United States leads the charge in terms of legislation such as SOX that attaches strict penalties and accountability to process and internal controls requirements around financial reporting. In Europe, the Basel Committee on Banking Supervision is taking similar steps to revise international capital measurement and capital standards as part of Basel II. Basel II introduces a new risk to measure: operational risk, broadening the scope of risk management for the international banking community beyond product-related risk to include internal processes and systems. Basel II will force firms to look at risk management from an enterprise perspective. Consequently, several countries, including Canada, Germany, and France, have passed their own internal controls regulation.

* Privacy and data protection: In many respects, Western Europe is the region that initially led the charge in terms of privacy and data protection regulations with the European Union Data Protection Directive. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.