« What is the difference between data-based, rule-based, and knowledge-based systems? (FAQ #15) | Main | Business Rules Revolution - Executives across all industries are using technology to rewrite the rules of business — literally. »

Sarbanes-Oxley panel discussion at the iCoast Tech Show 2006

Below is an excerpt of my opening remarks during the panel discussion on Sarbanes-Oxley Regulation at the iCoast Technology Show in Ft. Lauderdale on August 17th.

Success in the world of business depends on understanding the rules.
You need to know the internal rules and policies of your business. You have to comply with the external rules and regulations that govern your business, industry, and function. Your company must ensure that rules are followed. Your company must enforce the rules. Your company must give staff tools to help them follow the rules, make legal decisions, and prevent them from making illegal decisions.

Business rule management systems (BRMS) and business rule engines (BRE) help companies comply with rules and regulations like SOX.

How many of your companies have implemented a business rules management system or business rules engine?

Well, it’s very difficult to comply with SOX, especially 404, without rules technology.

Somebody somewhere is always changing a rule and redefining what it means to comply, and your business must continually adjust.

There is nothing usual about business as usual… because rules are always changing. SOX rules will keep changing. Companies are going from regulated to heavily regulated. The change is constant. And the rate of change is increasing faster and faster. The problem is that software code is very difficult and time-consuming to change. If SOX business rules are hard-wired in code, it takes IT programmers weeks and months to change rules in code.

If business rules are stored in a rulebase, however, instead of hard-wired in code, it takes business people minutes and hours to change the rules in the rulebase, with minimal or no IT involvement

So what? What does that mean to you?

Well, here's your take-away - Here's what your CEO needs to know about rules and SOX compliance:

If your competitor uses rule engines, that means they can change their business rules on-the-fly without having to recode and recompile. They can change their rules instantly, with zero time-to-market, as the business changes, as the world changes, as customers change, as regulations change.

If they can keep up with change, they can stay in the game.

If your company doesn't use rule engines that means you have to go through IT to change your business rules. You have to get a programmer to change the code, test it, debug it, recompile it, test it, debug it, recompile it, etc. It's going to take you a while to change the rules. It might take a few weeks or more likely a few months to change the business rules in the systems, as the business changes, as the market changes, as customers change, as regulations change.

If you can't keep up with change, you're out of the game.

You lose - - They win.

If you don’t have a rule engine that automatically prevents employees from breaking the rules, SOX rules, and instantly detects and prevents fraud, you’re out of the game. You’ll end up watching your stock go from $30 to $3 during lunch. You lose. You’re out of business.

The solution is business rules management.

Smart companies all around the world are using business rules to ensure compliance with the rules, and to enforce the rules, to increase agility so they can change faster, to prevent business mistakes, and to reduce IT system development costs by changing rules in days not months.

One of our clients, a fortune 10 company, is implementing business rule management systems and business rule engines for global statutory compliance, including Sarbanes-Oxley. A $3 million investment in business rule engines, rules harvesting, and knowledge engineering has helped this company greatly increase its chances of across-the-board compliance. This change done via the traditional hard-coding programming approach would have cost $30 million.

So… business rules technology helps business comply with rules and regulations like SOX, helps employees follow the rules, prevents employees from breaking the rules (either accidentally or on purpose), helps government educate people and business about what rules are, and helps government enforce the rules.

If government is using rule engines to catch honest mistakes and detect outright fraud, then the smart business will use rule engines to prevent mistakes and prevent fraud in the first place.

Rolando Hernandez


TrackBack URL for this entry:

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Locations of visitors to this page