Finance’s job is getting bigger. With this comes greater complexity and a new level of accountability. New areas are emerging where the CFO is no longer just consulted but actually accountable, particularly when it comes to data security and compliance. And that shift means that finance leaders need to embrace a new mindset, where they actively embrace this new environment.
You might or not be familiar with the responsibility assignment matrix, with its four categories: responsible, accountable, consulted and informed. In the matrix, tasks are designated to individuals with one of these categories attached to ensure projects and processes run smoothly. All of them apply to a CFO.
Globalisation and specialisation have turned coherent ‘walled garden’ organisations into co-ordinators of extended supply chains. Nesting suppliers within suppliers, often in remote networks, brings risk. Being ‘informed’ and ‘consulted’ on this kind of extended organisation is a nerve-wracking proposition. Being ‘accountable’ or ‘responsible’ for it is even tougher.
It starts with operational issues and progresses to regulatory and reputational risks that, if anything, have an even greater potential to damage an organisation. How does a CFO report to the board with confidence that, say, their supplier’s supplier conforms to global bribery regulations – or even local labour laws?
Technology facilitated the shift towards more diffuse operations and is vital for making better decisions. But it’s also the foundation of regulatory compliance.
Oracle customer Marcura is a good example. It co-ordinates maritime services across eight different businesses – mostly around non-standard transactions, which makes data and process robustness even more important. Having a cloud-based ERP helps co-ordinate its different businesses and cater to a diverse global end-user base including ships’ crews, brokers and port authorities.
But one of CFO Karsten Gregory’s key considerations for choosing ERP Cloud was its ability to instil trust in all its stakeholders. “Our company is founded on the principles of compliance, independence, transparency and efficiency,” he says. The security of its systems and customers’ data has to come first.
For a global business such as Marcura, demonstrating compliance across many different jurisdictions is fundamental to its licence to operate. It has to monitor data to comply with bribery, money laundering and sanctions laws, as well as handling a range of customer interactions.
We know the right implementation of cloud systems can enhance security and data robustness. (When security assessment firm KuppingerCole reviewed Oracle Autonomous Data Warehouse Cloud, it concluded that its intelligent automation features massively reduced the potential for human error and malicious attacks.) We know it facilitates more timely and accurate compliance across a range of regulations.
But any approach to data has to offer the CFO those RACI elements. If they’re going to be responsible, accountable, consulted and informed – in other words, if they’re going to be confident their business is compliant with both regulations and customer expectations – they need to know that every part of the organisation is aligned, its data is timely and robust, and that it’s properly protected.