It’s been over six years since we began banging the drum around here to get Congress to repeal Sarbanes-Oxley, the law that was hastily written post-Enron to try to prevent such collapses again, but instead simply added a huge compliance tax, without doing much of anything to actually prevent corporate fraud. Corporate fraud is still rampant, and the law did absolutely nothing to prevent the financial collapse we see ourselves in today. There were, instead, massive unintended consequences, leading companies to go public elsewhere, go private or avoid the public markets altogether. The lack of IPOs, especially in the tech space over the past few years, even as the economy was looking strong, is incredibly telling.

So, it’s good to see a renewed effort to get Congress to repeal Sarbanes-Oxley, which simply created a massive tax in terms of compliance, with awful unintended (though, totally predictable) consequences — all while doing almost nothing to cut down on actual fraud.

I am a strong believer in the idea that fraud should be punished heavily — but Sarbanes-Oxley didn’t do that. It just moved the loopholes and punished the honest companies by dumping a huge compliance tax on them. It’s been bad for the economy, bad for startups and bad for innovation, and it’s time to go.

By Edward Prewitt | CIO.com

The effect of the Sarbanes-Oxley Act (Sox) on IT budgets is already receding, as compliance becomes just another cost of doing business, according to recent reports from AMR Research.

According to AMR’s June Tech Trends study, compliance has dropped sharply on the list of IT spending drivers. That’s a big change from the January edition of the study, when compliance with government regulations was the number-one initiative affecting IT investment. (The IT consultancy conducts the study three times a year.) In January, 26 percent of 252 IT and business execs surveyed said compliance was the most important business driver of IT spending, taking precedence over initiatives devoted to business-IT alignment, customer relationships, IT ROI and other concerns. But in last month’s report, just 14 percent of 203 respondents said compliance was the top initiative. Improving business-IT alignment, selected by 24 percent, took back its traditional top spot.

Government regulations have long been part of the corporate agenda, but Sox, with its threat of jail time for executives who aren’t paying proper attention to company filings, was behind the sudden interest in compliance, says Fenella Scott, a senior research analyst at AMR. But it’s not the case that compliance is no longer a concern, she says. Rather, the shock of Sox has worn off, and companies now view spending for compliance as part of the cost of doing business.

Another AMR study underscores this conclusion. "Spending in an Age of Compliance, 2005," released in March, found that companies are moving to a more structured approach to compliance. More than 80 percent of the 225 business and IT leaders in this survey said their companies would have an executive-level compliance officer in place during 2005.

Companies have to think about other regulations, including document retention requirements, the Health Insurance Portability and Accountability Act, and U.S. Food and Drug Administration rules. But Sox is the most expensive regulation, accounting for 39 percent of spending on compliance, according to AMR. With more regulations inevitable, a structured approach to compliance is a smart move.

To learn about the next steps for Sox compliance, see "How to Dig Out from Under Sarbanes-Oxley."