Field Report: Sarbanes Oxley and the Value of SCM Solutions

There is no single software solution that will solve all the Sarbanes-Oxley regulation requirements, but supply chain management solutions can help.

The CFO IT Value Conference was held September 27th through the 29th in San Francisco. A variety of topics were discussed: the value proposition of On Demand software solutions, how to go about outsourcing IT, and, of course, the Sarbanes-Oxley (SOX) regulation.

Sarbanes-Oxley was passed by the US Congress last year. It's objective is to improve corporate governance after the financial reporting scandals -- Enron, Worldcom, etc. -- of the last few years. It is, of course, something strongly affecting CFOs. These regulations require:

  • Accelerated reporting (reduce the regulatory filing period by 50%)
  • That the CEO and CFO must certify the accuracy of the financial statements
  • That companies must attest that there are adequate internal controls in place that are documented and monitored
  • A minimum retention period for storage and retention of information, documents, and electronic records, and
  • Reporting of 'material events' within four days. Pending legislation is focused on defining these material events.

What is clear is that there is no one software solution that will solve all these requirements -- there is no SOX magic bullet application. The financial modules within ERP solutions will play a role of course, as will Corporate Performance Management solutions. But there will also be a role for supply chain analytics, event management, network design, and Business Performance Management solutions. CFOs are beginning to imagine, and ask for, a risk management portal that they can go to and get visibility to the kinds of events that could materially affect their quarterly results. In effect, they are asking for an integrated, enterprise approach to risk management.

Supply chain events, or course, can materially affect earnings. Over the last few years we have seen quarterly results of big companies affected by large, unexpected inventory write downs; quality problems leading to recalls; transportation problems (particularly at the ports and for those relying on rail); and supplier disruptions (one auto maker was adversely effected when the factory of a key supplier burned down).

Sometimes problems can be seen coming long before they occur. For example, the strike at the Long Wharf port in California was visible months before it occurred. In such cases, network design solutions can be used to do simulations and provide contingency planning. Questions such as "where should we preposition inventory on the assumption that the strike will occur?" can be answered with these solutions.

In other cases, forward visibility to a material event is not so obvious. Supply Chain analytics solutions can help identify non-obvious trends that could adversely affect financials. Sometimes these trends can be corrected before damage is done. If they can not prevent the material event, they could certainly help with providing the financial community with advanced warning that a problem is coming. Potential supply chain disruptions are almost infinite. The real trick is in discovering probabilities and correlations. Here solutions like Manugistics STATGRAPHICS solution can have a role to play. STATGRAPHICS can be used to mine large amounts of data for correlations.

Amazon, for example, uses this tool to allow them to tell prospective buyers, "if you liked this book you may like these books as well." An example of a supply chain equivilent might be to discover a potential shipping disruption by looking at how a particular carrier on a particular lane has performed at a particular time of year. The "neural net" technology of Pavilion can be used in this way to discover potential manufacturing disruptions for process manufacturers and, of course, large data mining companies like SAS and Teradata exist.

Supply Chain Event Management (SCEM) solutions can also play a role. First of all, unless Supply Chain analytics are based on real time data, they may be of limited use. SCEM can feed the analytics engines. Beyond that, the workflows in advanced Logistics Visibility and Control SCEM solutions are important. In the High Tech industry, for example, revenue recognition from large contracts can be an issue. A SCEM solution can identify quickly that a product has shipped. Events can be built to make sure that large contracts ship complete before the end of the quarter. Optum has built in functionality in their Logistics, Visibility and Control solution to do just this for one of their large customers. Similarly, Business Process Management (BPM) solutions can be built to capture new events and provide the appropriate workflows. For example, some companies may find that revenue recognition is affected by nonstandard contracts. Such contracts could be flagged and workflows could be kicked off to carefully scrutinize such contracts.

But when it comes to an integrated approach to risk management, there are difficulties. It is not enough to know that a supply chain risk is possible. CFOs really need to put a dollar figure on potential disruptions. What CFOs need is the ability to "dollarize" a wide range of risks, from credit and interest rate risks to supply chain and IT disruptions. Here the large number of quants with supply chain domain expertise at companies like i2 and Manugistics may be able to help.

This appears to be an area crying out for best practice research. We really need answers to questions like: What are the most common supply chain risks by industry? How do you quantify and dollarize these risks? And how do supply chain practitioners support an integrated approach to risk management? If you are interested in exploring such research in either the Chemical or the Food & Beverage industries, please contact Steve Banker at

About the Author

ARC Advisory Group ( is a Market Research, Advisory Service, and Consulting company.