Navigation * Home / News / Continental Compliance

Continental Compliance

Companies in continental Europe have been grappling with corporate governance – in some cases, even before Sarbanes-Oxley.

French businesses have been grappling with the Loi sur la sécuritié financière (LSF) since it came into force in August 2003 - well before Sarbanes-Oxley's most challenging provisions. The LSF represents one of the toughest corporate governance regulations in the EU, according to Casper Steiner, Open Text's director responsible for compliance solutions in Europe. The law requires French companies to document all their main business processes - not just those related to the preparation of financial reporting - and is globally applicable to their overseas units as well.

In Germany, companies have been grappling with a law governing the retention and retrieval of financial data for even longer - laws that were initially opposed for going too far. The stimulus for the introduction of the German Data Access and Digital Signature Authentication Law (GDPdU) was the desire to improve the tax office's access to corporate financial documents so that the Ministry of Finance can ensure that German companies pay their fair share of tax.

"Historically, the financial authorities were merely 'paper boys'," says Jürgen Krippes, IT director for Europe and Asia/Pacific of Deutsche Asset management. When they needed to see a document, they would go to the company, ask for it and could wait days before it was delivered.

But under the terms of the GDPdU, the tax office can now access financial documents instantly. "Companies have to keep all their electronic records if they have pricing discussions in their emails with customers or if they do contracts over the Internet.

Compliance benefits

One positive aspect of the GDPdU, says Krippes, is that it has provided an opportunity for companies to re-examine their business processes, catalogue them so that they can be analysed, and also to re-evaluate their document and records management systems and processes.

As a result, when the new law was introduced, it led to a flurry of activity, with companies investing in a variety of document and records management systems, email archiving packages and even heavy-duty information lifecycle management (ILM) systems.

What is unique about the GDPdU is the requirement to keep certain data in electronic form, to make it instantly available to the authorities, and also the guidance about how it should be kept secured, such as digital signatures to ensure the integrity of the data.

When the proposed law was first published, there was an outcry among German businessmen - not least because of the structured way in which businesses in Germany are expected to operate. To many, particularly in the small and medium-sized business sector that dominates the German economy, it represented yet another bureaucratic burden.

"To the really large companies, such as engineering giant Siemens and car maker Volkswagen, it was less of a challenge because they could see right away the value of how it could improve their businesses," says Wichert.

But over time, even small companies were won over. Not by the thought of helping the German tax office, but by the efficiency savings that could be generated by wholeheartedly complying with the GDPdU.

"As time went on, organisations got a deeper insight that made them feel that it was more a governance issue, than purely in the interest of the state," says Krippes. "To be honest, it sometimes makes life much easier compared to what we had to do before."

German businesses' experience with the GDPdU means that many are far more sanguine about the prospect of corporate governance legislation coming from the EU - but many are doubtful that there is any on the way. "If there was anything in the pipeline I think I would have heard about it," says Wichert.

The production of an EU directive is, they point out, a long, drawn-out process, involving at least one year of consultation before it is rubber-stamped by the European Parliament; another year or two to be passed by national parliaments; followed by a further year - at least - before it finally becomes law.

 

 

Home »
Back to News »

Sarbanes Oxley Act

Ever since the Sarbanes-Oxley Act was introduced to the US Congress in the beginning of 2002, analysts have been warning that a similar directive from the European Union was on its way.

Analyst group Gartner, for example, caused considerable alarm among business leaders when it said in March 2004 that new EU-wide Sarbanes-Oxley auditing rules were on their way.

It was, however, a false alarm. The EU directive that Gartner was highlighting, commonly known as the 'eighth directive' on company law, focused purely on auditors - and lacked the wider corporate scope and stiff punishments that are the hallmark of Sarbanes-Oxley.

But that is not to say that many organisations in Europe have not had to deal with similar laws. Indeed, many of the home-grown corporate governance regulations that businesses in France and Germany have been grappling with not only pre-date Sarbanes-Oxley, but are arguably much tougher.

 

^ Top

 

 

 

 

 

^ Top
enquiries@bii-compliance.com ¦ consultancy@bii-compliance.com
Part of the Blue Ice Inspirations (BII) Group www.blue-ice.co.uk >> - All Rights Reserved 2004 - Privacy Policy >>