3. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
Executive Summary
Regulatory compliance is no longer solely the concern of banks and pharmaceutical
companies. Rather, post-911 reforms, the Sarbanes-Oxley Act, fallout from the so-called
“Great Recession”, increasingly global operations for businesses of all sizes, and many other
factors have led to regulatory pressures across virtually every industry. Complying with local,
national, and international regulations is time-consuming and labor-intensive and businesses
are adopting all manner of solutions to deal with the detailed recordkeeping and frequent
reporting associated with these regulations.
Although organizations use everything from a multitude of spreadsheets to dedicated
compliance software to fulfill regulatory obligations, solutions integrated with modern
Enterprise Resource Planning (ERP) applications arguably offer the most sensible and robust
approach to this challenge. ERP systems potentially touch all areas of an organization and,
when implemented correctly, streamline workflows and create a “culture of data” that lends
itself to compliance practices in ways that other solutions simply cannot. As the stakes get
higher for regulatory compliance with more substantial penalties and greater responsibilities,
the importance of powerful software capable of managing compliance increases
proportionately.
This paper explores the ways in which today’s ERP solutions support compliance in regulated
industries, all the while building efficiencies and capabilities that extend far beyond quarterly
reports or detailed logs. Instead, as we will see, the right ERP solution makes regulatory
considerations just one transparent component of business intelligence.
ziffdavis.com
3 of 11
4. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
Introduction: Regulation as a universal fact of life
In the United States alone, federal regulation costs businesses nearly $1 trillion dollars
per year. Consider several businesses that have traditionally borne considerable regulatory
responsibility:
• Healthcare is an incredibly broad industry encompassing everything from direct patient
care in hospitals to biomedical research. Whether universities conducting human drug
trials need to accurately report side effects to internal regulators, sponsors, and the FDA
or public health officials require improved disease reporting mechanisms, the level of
scrutiny on the healthcare systems as a whole has never been higher.
• Financial services have always garnered attention from regulators, but never more so
than following recent banking scandals and financial meltdowns during the last decade.
• Manufacturing, regardless of the particular good being developed, works under a
wide variety of regulations relating to safety, environmental issues, quality control, etc.
According to the National Association of Manufacturers (NAM), the industry bears
almost a fifth of the financial regulatory burden imposed by the US government.
While regulatory requirements continue to increase for these sectors, new industries are
reeling under the pressure of high-stakes regulation:
• High technology companies have often bumped up against regulations or security
issues but are now subject to higher levels of scrutiny, particularly as technology firms
become key drivers of our economy.
• Utility companies have been regulated, deregulated, and regulated again. Tides are
turning towards increasing regulation, “managed competition”, and calls for greater
transparency. Utilities now also often need to answer to Homeland Security as they
represent key infrastructure.
The bottom line is that regulatory compliance is now a fact of life that virtually all corporations
and many non-corporate entities must deal with proactively. As NAM puts it,
“Dollars spent by manufacturers on regulatory compliance with cumbersome
or duplicative regulations are dollars not spent on capital investment or hiring
new employees in America.”
While this is clearly an agenda-driven comment specific to the manufacturing sector, there
is little doubt that regulatory pressures represent a major cost center for many industries.
OSHA regulations, Good Manufacturing Practice (GMP) requirements, measures under the
Bioterrorism Act, Dodd-Frank, and Sarbanes-Oxley among many others affect manufacturers,
service industries, education, and many other vertical markets.
ziffdavis.com
4 of 11
5. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
Where organizations can introduce efficiencies and cost savings around regulation,
economic benefits are potentially quite large. This is where powerful ERP solutions with
specific capabilities focused on regulatory compliance come in. Such software enables
many organizations to eliminate manual processes and significantly reduce the resources
required for regulatory compliance. In fact, an ERP system is the ideal platform for managing
compliance because it is so critical to many essential lines of business in an organization. A
recent Deloitte study on compliance trends explained,
…for compliance executives…to succeed, they should master the art of
working with and leveraging resources in other functions (legal, IT, HR and
internal audit) to achieve compliance goals and they should continuously
communicate to management and the board that a strong compliance
function is a valuable strategic asset that not only focuses on risk avoidance,
but also looks to find ways to gain strategic advantage from intelligently
managing risk.
Key components of regulatory compliance
Regulatory compliance can have vastly different scopes and levels of importance depending
upon the industry under consideration. However, there are a few critical components of
compliance that can only be effectively addressed through robust ERP software.
Traceability
The term traceability is most often used in food distribution but has important applications in
manufacturing, distribution, and elsewhere. Traceability refers to the ability of an organization
to know the origin, history, and disposition of any portion of a good. For example, if a car
manufacturer begins receiving reports of brake problems in a vehicle, an ERP system that
includes traceability systems would allow them to isolate potential defects to a particular lot
of faulty brakes from a single supplier and recall only a small number of vehicles that were
manufactured with that lot.
Similarly, a produce distributor could use appropriate ERP software to rapidly determine the
farm, shipment, or even shipping vehicle associated with an outbreak of foodborne illness and
act swiftly to
1. Recall the affected produce,
2. Report the exact scope of the outbreak to public health authorities, and
3. Mitigate the impact both on public health and the distributor’s brand.
ziffdavis.com
5 of 11
6. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
Audit trails
Most companies conduct periodic audits, either proactively or as a result of specific
regulations. These audits may relate to financial issues, quality, processes, etc. Auditing is often
an ongoing process in which changes, transactions, and other activities are logged to improve
accountability, prevent fraud, and detect problems. ERP software, inherently a database
application, is adept at maintaining such audit trails and, more importantly, helping business
leaders and regulators make decisions and gain business insights from audit data.
In some cases, audit trails may be used to pinpoint “who did what when”. The best uses,
though, go beyond assigning blame and proactively identify systemic issues before they end
up in the hands of regulators.
Transparency
As with the audit trails described above, a major goal in regulated environments is to make an
organization’s operations highly transparent to outside observers. How does money move into
and out of a business? What are the processes for verifying quality or accuracy? What roles or
groups are responsible for particular transactions? ERP software can clearly document all of
this information and can often model and automate key processes, removing the guesswork
for regulators.
While we often think of transparency strictly in the sense of regulation, it also has important
benefits for the organization itself. Business leaders can examine and modify transparently
documented processes and make objective decisions in environments where financial
operations, transactional processes, etc., are clearly and promptly logged and reported.
Competitive advantages and proactive compliance
Regulatory compliance isn’t just about meeting government requirements. Proactive
compliance with and careful attention to regulations provide competitive advantages for
organizations on multiple levels.
Safety
Active safety monitoring campaigns represent essential best practices in many industries.
Would pharmaceutical companies rather find potential safety issues with medications and
work with healthcare providers to protect patients or have serious adverse events make the
front page of the New York Times? Airline passengers are far more willing to fly on Boeing’s
latest 787 Dreamliner if they know that the company has corrected battery issues on every
plane and is vigorously monitoring the safety of its new planes. Parents trust that toy
manufacturers will immediately recall any products that might pose a threat to their children,
no matter how minor.
ziffdavis.com
6 of 11
7. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
From a purely pragmatic perspective, safety monitoring is vital to a company’s brand. The sort
of intensive monitoring required in even moderately regulated industries cannot generate
useful business intelligence in a spreadsheet on a desktop PC. Instead, comprehensive ERP
software allows companies to solve problems across lines of business and coordinate recalls,
media relations, supply chain modifications, and many other factors that ensure the safety of
their customers.
International regulations
It’s the rare company now that does business in only a single country. Even small agricultural
cooperatives and cottage industries in developing countries export their products worldwide.
Conversely, businesses in established markets are scrambling to be competitive in developing
markets.
The companies best positioned to compete in growth markets in Africa, Latin America, and
rapidly expanding Asian economies are those that can comply from the outset with highly
variable sets of regulations and assure heterogeneous business partners of their compliance
capabilities. Again, strategic partners, governments, and investors will be looking for clear
documentation and complete transparency. Reporting and recordkeeping that can meet the
needs of not just their home countries but all of those in which they intend to do business
require a systematic, holistic approach best achieved with an ERP system that offers built-in
support for multinational requirements and operations. Today’s ERP solutions that support
multiple companies, sites, legislations, currencies, and languages make it simpler to expand
into global markets, connect to a global supply chain and increase sales.
The cost of compliance – reducing cost with ERP
Regulatory compliance isn’t cheap. Compliance with federal regulations in the United States
cost businesses on the order of $1 trillion every year. Healthcare conglomerate Johnson &
Johnson recently agreed to pay $2.2 billion in fines and forfeited profits to federal and state
agencies, in large part because of its failure to comply with drug marketing regulations for
a single medication. The FDIC recently studied the cost of Dodd-Frank regulations for the
banking industry and found that it couldn’t even quantify the true cost of the many industry
regulations, including Dodd-Frank, ironically finding that even tracking these costs could
impose a financial burden on banks.
The stakes are extremely high in heavily regulated industries and reducing the cost regulatory
compliance can have a dramatic effect on companies’ bottom lines.
Businesses are increasingly looking to eliminate manual processes, consolidate workflows,
and unify their approaches to the broader field of “governance, risk, and compliance” (GRC).
All of this requires software capable of generating business insights and detailed reports that
not only satisfy the needs of regulators but also provide important decision support data for
ziffdavis.com
7 of 11
8. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
businesses contending with, among many other challenges, intense regulatory pressures. ERP
software remains the only platform that can support business intelligence as easily as it can
support regulatory reporting because of its broad reach across lines of business.
Critical ERP considerations supporting compliance
Not every ERP system is equipped to meet regulatory compliance requirements. This leaves
organizations investing in ERP software to manage assets, financials, human resources, CRM,
and many other business functions while looking to third-party solutions for compliance needs.
Often, the additional software must either be connected to the ERP solution programmatically
or will require manual entry of data abstracted from the ERP application. It isn’t difficult to see
why regulated industries benefit from comprehensive ERP solutions that include compliance
tools out of the box.
Reporting
All ERP systems have major reporting components; the ability to generate reports on key
facets of an organization is fundamental to enterprise resource planning. However, ERP
software either designed to support compliance or with modules that specifically address
compliance-related reporting dramatically reduce deployment times. The fewer reports an
organization needs to develop on its own, the better. And compliance-tuned ERP software
will already have at least frameworks from which a complete set of necessary reports (both
those required by law and those useful to decision makers in regulated environments) can be
configured and generated.
Where business intelligence meets compliance
Business intelligence, though often handled with dedicated analytics software, is
fundamentally just the practice of turning organizational data into useful information. For many
organizations, a well thought-out ERP implementation is the best source of such data; at the
same time, compliance can’t simply be about checking off boxes for regulators. Rather, ERP
software, business intelligence, and compliance practices can all go hand-in-hand to improve
strategic and tactical decision-making.
There is certainly a place for dedicated business intelligence and analytics software, but the
kind of real-time quality, safety, supply chain, and resource data that can be obtained from
a great ERP system to support GRC can also provide meaningful decision support when
combined with appropriate reporting and workflows.
Workflow and business process automation
The idea of not just modeling business processes as so-called workflows in ERP software,
but actually automating these workflows is not particularly new. What is novel is the ease with
which workflows can now be automated via cost-effective ERP solutions suited to a wide
range of businesses and business sizes. This is especially true in regulated environments
ziffdavis.com
8 of 11
9. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
where automating the flow of data and information and programmatically managing tasks can
have dramatic impacts on accuracy and resource utilization.
For example, automatically channeling certain types of quality control data to appropriate
decision makers can head off problems before they become regulatory issues. Connecting
safety report data directly to regulatory filings prevents transcription errors and speeds
reporting processes.
The right ERP system
The real question for organizations managing regulatory compliance is “How much time and
money do you want to spend on customizing an ERP system?” As we’ve seen, ERP can play
a critical, time-saving, cost-cutting role in meeting regulatory requirements. The greatest and
most immediate benefits, however, occur when ERP software includes off-the-shelf modules
for handling compliance in a variety of industries and, for that matter, many countries.
As businesses look for better, more efficient ways of addressing ever-increasing regulatory
demands, choosing an ERP system that has robust, native capabilities surrounding compliance
and GRC more broadly is critical. These built-in capabilities significantly impact ROI and, more
importantly, the ease with which employees and leaders can make use of an ERP solution to
improve compliance, as well as deliver new efficiencies and better insights across all lines of
business.
Conclusion
While ERP software may have evolved out of the need for supply chain and production
line management in the manufacturing industry, the best ERP platforms are now the most
appropriate solutions for distributing ownership and responsibility for regulatory compliance
across an organization, regardless of its industry. Companies looking to reign in the costs of
compliance and proactively address local, national, and international regulations need look no
further than ERP software specifically customized with regulatory compliance in mind.
Sage ERP X3 is one of the best examples of a modern ERP solution that addresses
compliance out of the box. With solutions for verticals ranging from manufacturing,
distribution, food & beverage, services through to chemicals and life sciences Sage ERP X3 is
well-positioned to empower organizations to not only proactively meet regulatory requirements
but to turn compliance practices into high-value business intelligence and decision support. At
the same time, Sage ERP X3 provides all of the capabilities necessary to manage customer
relationship management, fixed assets and human resources in a single platform, reducing IT
complexity and bringing a common interface to many aspects of the business environment,
whether or not they impact compliance.
ziffdavis.com
9 of 11
10. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
For more information:
1.
2.
ziffdavis.com
Visit NA.Sage.com/Sage-ERP-X3
Read the InfoTech ERP Vendor Landscape Report
10 of 11
11. Ziff Davis | White Paper | Toolbox.com Expert’s Guide: ERP Tips for Managing Regulatory Compliance with Ease
About the Author: Chris Dawson
Chris is a writer, educator, consultant, and technologist, focused on the effective use of web
and mobile technologies for large businesses. In particular, his wide range of experience in
education and training, marketing and SEO, data analytics, and web-based voice and video
have left him with unique perspectives across several verticals. Chris has done everything
from teaching high school math to analyzing clinical drug trial data to heading up US
operations for an Indian startup.
About The Sage Group plc
Sage Group plc is a leading global provider of business management software to small and
medium sized companies, creating greater freedom for them to succeed. Sage understands
how and why each business is unique. We provide products and services that suit varying
needs, are a pleasure to use, and are secure and efficient. Formed in 1981, Sage was
floated on the London Stock Exchange in 1989 and entered the FTSE 100 in 1999. Sage
has over 6 million customers and more than 13,380 employees in 24 countries covering the
UK & Ireland, mainland Europe, North America, South Africa, Australia, Asia, and Brazil. For
further information please visit: www.sage.com
For more information about Sage in North America, please visit the company website at
NA.Sage.com. Follow Sage North America on Facebook, Facebook.com/Sage, and
Twitter, Twitter.com/SageNAmerica.
Sage
6361 Irvine Center Drive
Irvine, CA
92618-2301
866-530-7243
www.NA.Sage.com/Sage-ERP-X3
ziffdavis.com
11 of 11