Only 10 per cent of top executives feel their peers are fully compliant
with C-SOX legislation
TORONTO, March 13 /CNW/ - A Canadian study commissioned by Symantec Corp.
(Nasdaq: SYMC) and conducted by Info-Tech Research Group has revealed that
only 10 per cent of executives believe Canadian businesses are fully prepared
to conform to Bill 198 compliance legislation. Moreover, only 67 per cent of
C-level respondents reported having a clearly defined role in supporting
compliance processes, while 45 per cent of executives polled regarded the
legislation as unnecessary.
Ontario's Bill 198 and sister legislation in other provinces were passed
to create a framework equivalent to the U.S. Sarbanes-Oxley Act. "C-SOX"
requires publicly held companies to disclose their processes for testing and
maintaining secure internal financial systems before implementing their plans
over the course of 2007.
The Symantec survey was conducted during the month leading up to and
immediately following a critical Dec. 31, 2006 deadline for companies to
report on investor protection processes they plan to implement in 2007.
Despite the deadline, stiff penalties, and the legislation's intentions, more
than half (55 per cent) of respondents from across Canada indicated their
companies were, at best, "mostly but not completely compliant." An additional
35 per cent indicated their companies were only partially compliant. At the
same time, 63 per cent of respondents indicated their companies spent less
than half of one per cent of revenue achieving C-SOX compliance, and one-fifth
of those spent nothing at all.
Additionally, 54 per cent of C-level executives were unsure how their
companies would meet C-SOX requirements and almost a third (31 per cent)
indicated they are not automating compliance processes with software despite
the business performance advantages of doing so.
Regionally, respondents from Quebec (52 per cent) felt the strongest that
Canadian companies had not done enough to prepare for the Dec. 31 deadline
while executives in Ontario were the most optimistic - with only 28 per cent
having the view that companies would not meet the deadline.
"The results of this survey indicate that companies are not working fast
enough to conform with Bill 198 despite the potential for major fines, damage
to reputation, and even jail terms of up to five years," said Constantine
Karbaliotis, Canadian senior compliance business specialist, Symantec Corp.
"There also seems to exist some confusion with regards to who within an
organization is responsible for compliance. It's undoubtedly a big job. That
being said, the expertise and solutions companies like Symantec offer are
designed to help businesses understand and capitalize on C-SOX-associated
advantages, such as improved trust and confidence from both customers and
With only nine months left until plans must be fully implemented,
Karbaliotis advises executives responsible for compliance to make the effort
an organizational priority. He also urges companies to carefully consider the
benefits offered by software-based automation tools intended to make financial
disclosure less labour intensive and less expensive to prove compliance to
auditors and regulators.
Not All Doom and Gloom
In spite of results that point to a general malaise about Canadian
corporate fiduciary responsibilities, the Symantec survey did find a
percentage of companies are meeting their legislative requirements as outlined
by Bill 198:
- Twenty-eight per cent of respondents indicated that, while some
differences exist, roles and responsibilities within the corporation
were aligned to effectively support compliance processes.
- Though seven per cent of executives admitted their company missed the
Dec. 31 deadline for submitting an action plan, 43 per cent met
deadlines with a bare minimum of effort, implying no investment in
processes or tools.
"Meeting first-year Bill 198 deadlines was only half the battle, and,
unfortunately, a high level of both inaction and resistance to Bill 198 has
forced many Canadian companies into a risky game of procrastination," said Ed
Daugavietis, senior analyst, Info-Tech Research Group. "Rather than wait any
longer, Canadian companies would benefit from process automation before manual
ones reach the breaking point. We expect to see growing numbers of companies
playing 'catch-up' as they embrace software automation to bring themselves up
to the regulatory benchmark and adjust their processes for greater clarity,
transparency and control."
Symantec is a global leader in infrastructure software, enabling
businesses and consumers to have confidence in a connected world. The company
helps customers protect their infrastructure, information, and interactions by
delivering software and services that address risks to security, availability,
compliance, and performance. Headquartered in Cupertino, Calif., Symantec has
operations in 40 countries. More information is available at www.symantec.com.
NOTE TO EDITORS: If you would like additional information on Symantec
Corporation and its products, please visit the Symantec News Room at
http://www.symantec.com/news. All prices noted are in U.S. dollars and
are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of
Symantec Corporation or its affiliates in the U.S. and other countries.
Other names may be trademarks of their respective owners.
For further information:
For further information: or to arrange an interview, please contact:
Chris Wood, MAVERICK Public Relations, (416) 640-5525 x243,