By Rich Christensen, Chief Accounting Officer at TrueBlue, Inc.
With revenues of $1.8 billion, TrueBlue is North America's largest staffing company for industrial and on-demand staffing. We’re proud to put 750,000 people to work for 140,000 customers every year. At TrueBlue, risk management is a key strategy that keeps us competitive. Our enterprise risk management model requires us to monitor our entire business, flag risks, and create plans to mitigate them. We believe that an organization that lacks such a risk framework is going to be reactive, which is basically crisis mode. I like to say, “It's better to prepare and prevent than repair and repent.”
Part of TrueBlue’s risk strategy has been transitioning to Oracle Fusion Cloud applications. We originally adopted Oracle Cloud to consolidate the 25 disparate systems we’d accumulated over 10 years of acquisitions. Rather than migrating all of those old HR and finance systems, we started fresh with an out-of-the-box deployment to maximize best practices. We chose to move to Oracle Cloud ERP, Oracle Cloud EPM, and Oracle Cloud HCM.
In addition to having an always-up, cloud-enabled environment across multiple functions, we benefit from Oracle Cloud ERP’s built-in risk management solution and its integration throughout the Oracle Cloud. We process a huge number of transactions every day, and it would be impractical to review each and every one for error or fraud. Oracle Risk Management automates this process and helps us create a culture of continuous monitoring with advanced access controls, advanced financial controls, and financial reporting compliance.
Advanced Access Controls: Within Oracle Cloud, we have about 30 different accesses, and within each of those accesses, users are granted certain responsibilities and restricted from performing others. This helps separate duties and avoid conflicts of interest. For example, one person isn’t allowed to both change someone's pay and set up that employee within the HCM system. Advanced Access Controls monitors all of the roles that have been provisioned, and it flags conflicts so we can address them. Our teams don’t have to manually hunt across processes and users to find the conflicts. The conflicts find themselves.
Advanced Financial Controls: This function monitors all of the transactions that go through our systems to uncover inconsistencies that might be errors or even fraud. Advanced Financial Controls allows us to set specific requirements for individual documents or transactions and flag any anomalies across the millions of transactions we process every year. For example, if there's another invoice for the same amount that has a similar invoice number, the system will send a notification to a member of the payments team so they can investigate it.
Financial Reporting Compliance: As a public company, we have strict reporting requirements from the SEC. Meeting these requirements can take a lot of time and resources, particularly around period close. The compliance reporting features automate many of the labor-intensive tasks required to complete external certifications for SOX and other mandates.
As this pandemic slowly but surely moves into the rear-view mirror, we're preparing for what's next, and we're using Oracle Risk Management to help support that endeavor. We continue to grow in sophistication around risk assessment and fostering a risk-aware culture, and the tools are there to grow with us. We've just been through an extremely difficult year. More than once we’ve said to one another, “If we hadn't made this investment in 2018, this could have been a train wreck.” Managing the risks of a pandemic has helped us be better prepared for whatever the next crisis might be. With a more risk-intelligent culture, we're more confident that we can effectively take on anything that's thrown our way.