JUser: :_load: Unable to load user with ID: 2549

The game of risk Featured

10:58am EDT July 21, 2004
An online survey of The Sarbanes-Oxley Act Community Forum states that 38 percent of business owners are "just beginning research" at their organization with respect to Sarbanes-Oxley compliance; just under 4 percent of the survey-takers are "fully compliant."

Ted Frank's day began at 7 a.m., and the busy CEO has spent the morning in conference calls.

"It's been a heck of a morning," he says. "It's actually been a good day, just packed."

Frank's company, Warrensville Heights-based Axentis Inc., develops best practices to help CEOs organize and define their governance and compliance responsibilities. The company serves heavily regulated industries such as pharmaceutical, financial services, energy and utilities, telecommunications, health care, manufacturing and consumer packaged goods.

Axentis joined other industry leaders June 7 to launch the Compliance Consortium, of which Axentis Frank was named as the first chairman of the advisory committee. This cross-industry group plans to demystify the hype surrounding compliance with Sarbanes-Oxley and more than 100 other recently enacted regulations, including HIPAA, the U.S. Patriot Act and Basel II. Its goal is to help enterprises achieve long-term compliance and realize additional business benefits in the process.

"You've seen a substantial shift in the way people perceive risk, compliance and their governance responsibilities. It's not the way it used to be," Frank says. "People recognize this is a broken part of the organization that needs to be fixed, and when you're going to fix it, you might as well do it in a consistent, repeatable way because, if you do that, you're going to be able to drive efficiency and effectiveness."

Smart Business spoke with Frank about compliance and Axentis' newest corporate relationship.

How did your positions as vice president of KeyCorp and general partner and executive vice president of PlanSoft Corp. prepare you for your role as Axentis CEO?

I actually started at AmeriTrust and then, through mergers, was at Society and KeyCorp. The good thing about that is you learn how to manage broad, complex processes.

You really learn a lot of management diligence and operational (processes.) You learn how to manage things in a very large, complex organization that helps you manage when you're in an entrepreneurial environment. A lot of this is about creating an infrastructure that can scale. So it was a great experience.

You meet a lot of wonderful people when you're working in an environment like that, and I had the good fortune to have some very strong mentors while I was there.

PlanSoft was my first opportunity to be an entrepreneur. ... everything from raising capital to building teams, going to market to scaling a sales organization. (Working at those two places gave me) very different perspectives and very different skills.

(Things I've learned that I'm implementing at Axentis are) the whole way in which you build a business, the way you build operations, the type of people you need to bring in, the way you deal with a board and the way you raise capital.

Risk and compliance management is an ongoing challenge for business owners. When speaking with potential clients, how do you stress the importance of becoming compliant?

Our message is a little bit different than necessarily becoming compliant. That tends to be the way that companies used to look at it, as a box-checking exercise.

Our position is, you're dealing with a broad range of processes that, believe it or not, are fairly similar. Today -- forget about technology -- they're simply managed in a very fragmented, inconsistent way. There's very little technology applied, very little software used to manage these different processes, so therefore, you have very little visibility, you don't understand who owns what, who's responsible for what, and it's difficult to hold people accountable.

This is no different than all the other areas that have been automated over the last 20 years, and if you can, you should: You should have visibility, you should have consistency, and if you do that, you can drive business performance. Many companies that go through this exercise -- and yes, it's painful for companies to comply with Sarbanes-Oxley and other requirements -- but when they're done, if you had a conversation with them in confidence, they would say, 'I don't really understand how we did this the old way, how we didn't have better control over what the risks are and the controls that are in place.'

Our value proposition and the way we talk to clients is, 'Turn this into an opportunity to drive business performance. The expectations of the marketplace and boards have changed. Don't view it as a box-checking exercise.'

BP recently chose Axentis Enterprise software for compliance with the Sarbanes-Oxley Act. How were you able to secure that relationship?

We have a good reputation among large, complex companies for helping with compliance -- and Sarbanes-Oxley in particular. We were on a recommended list from their advisers. Most audit firms and risk management advisers put together a list of companies that they believe are viable providers in the space. We were on that list.

We met with the company, and we happen to do a very good job with those large, complex companies.

We've got companies like BP, Kodak, Novartis and Bombardier as clients, but BP provides a very important validation for the company in that it's a very large worldwide implementation for Sarbanes-Oxley. Clearly they're looking for best in class software; and it's nice to have BP say we're the best.

BP received the highest rating for corporate governance out of any large company, so they are clearly a market leader in the way they treat their governance responsibilities, and it's nice to have a company select you that is a leader in the field.

Axentis reports that more Fortune 1000 companies use its technology solution for compliance than that of any other company. What kind of responsibility does that place on your company?

The single largest impact of having such broad utilization of the product is the demands that these organizations place upon us for expanding and extending functionality. We have a remarkably broad set of customers managing many different processes using our solution.

The good news is that we get great feedback. We view it as an opportunity to continue to advance our product, as the thinking around effective management of this type of process evolves. We have an opportunity to take in all those requirements and make the product even better than it already is.

As a market leader, it's expected that you will take a lot of input and continue to extend product, versus other companies that are more niche-oriented, that may only address very narrow parts of Sarbanes-Oxley, for example, (and will) never be used for anything else. So it will continue to be a niche solution, and the demands placed upon them for extending functionality will be less.

How can CEOs better manage risk and compliance with their business?

Get engaged in understanding what's being done to manage risk and compliance, because your governance responsibilities are accelerating at a very rapid pace. In too many cases, this is a delegated activity.

Many companies would be surprised how myopically it's being addressed, which will create problems later. ... Don't be a person who gets an update once a quarter. That's not acceptable. HOW TO REACH: Axentis Inc., (800) 955-2706 or www.axentis.com