This week I attended Oracle’s Modern Finance Experience conference here in Boston, where financial reporting professionals convened en masse to talk about risk management and new approaches in cloud-based IT to get that task done.
Attendees also had the raw thrill of a private concert with the Goo Goo Dolls on Wednesday night, a band I last thought about in 1997. We’ll just stick to observations about data analysis and managing financial reporting risks, but don’t ever say Oracle users don’t know how to have a good time.
The most interesting discussion I heard centered on use of the cloud, and how compliance and financial functions should then structure their financial and risk management processes on top of the cloud.
The good news is that the cloud offers great potential for corporations, whether you use Oracle or any number of other financial and compliance software vendors. The modern C-suite is under tremendous pressure to meet financial performance goals and to demonstrate compliance in a highly regulated world. Senior executives are already awash in key risk indicators and key performance indicators—and still they want more, fearful that they’re getting the right analysis to make the best decisions.
The cloud can do that—if you configure your analytics and financial processes to tap its full potential, which is no easy task.
For example, one great way to do that is data visualization. My complaint about most KPIs and KRIs is that they are two-dimensional: a ratio of this compared to that; or an average of some activity per period of time.
Visualization adds more context more easily: those first two dimensions plus analysis by geography, product line, employee seniority, past disciplinary actions, and so forth. It allows you to present more information about risk more concisely, and let’s remember that the human brain evolved to comprehend information visually. A picture really is worth 1,000 words, and probably more than 1,000 rows on a spreadsheet.
One speaker described it perfectly: her C-suite wanted “to get away from reporting, as in looking at a PDF,” in favor of strategic planning. That’s really the same as saying they want to play around with the data: what happens if we try this, or do that? Visualization tools let senior executives do that analysis more fully. It’s also especially useful in high-growth periods, when the company might be rapidly adding new types of risk, or introducing new risk correlations. By the time your KPIs and KRIs catches up, it’s too late.
I know, I know—sounds great, right? So how do you actually do it?
I’m sure the sales reps at Oracle and other vendors will happily tell you all about their products’ technical sophistication. Some of what they promise might even be true. The question for compliance, risk, and financial reporting executives is whether you know what you want to see. The data will be there in the cloud. The software coding will be there to display it. You need to know what you want the software to do.
The Cloud and Processes
Another speaker praised the cloud for helping him to wean his finance department off of customized financial applications and processes. His point is a good one. Companies can use the cloud to run applications as well as to store data. And once they do, the inexorable temptation is to use the processes that the cloud provider has developed—under the logic that the provider knows best practices better than you do.
We’ve already seen one example of this phenomenon with Microsoft Office 365. This spring Microsoft began rating every cloud customer’s security settings against an “ideal” configuration, based on Microsoft’s analysis of its 85 million Office 365 customers. A customer can still configure security the way it prefers, but that may go against the recommendations of the security gurus working at Microsoft.
A few people at the Oracle event voiced similar ideas for financial processes. Again, the point is a good one. As much as we all love our customized apps and reports, the plain truth is that most financial processes do involve a few standard steps. Nobody needs to reinvent the procure-to-pay process. Bank reconciliations and the quarterly close happen in roughly the same manner from one company to the next.
Customized apps to run customized processes increase risk. (Or they drive up your development costs to push that risk back down.) Auditors will give you a tougher time during audits for internal control over financial reporting. If your company ever merges, the integration work will be that much more of a headache.
I’m not here to flog Oracle’s financial apps specifically; plenty of vendors, large and small, can turn the same trick. But I will preach about the benefits of using the cloud, because the force of logic and technology are on the cloud’s side. As I saw at the Oracle show (and at other vendors’ tradeshows before), the cloud now lets companies make great strides in risk and compliance.
How can corporate compliance officers nudge these ideas along? Probably the best way is to maintain that friendship with the corporate controller or the VP of financial planning & analysis, because those functions are going to be the pioneers on this stuff. Your role will be to counsel them on what good compliance will require of the financial processes they want to move to the cloud. The Justice Department’s recent guidance on effective compliance programs did, after all, include a section on payment systems and the internal controls those systems use.
Anyway, that’s the dispatch from Oracle this year. Here’s hoping that in 2018 they bring Def Leppard to perform. That’s a show I’ll livestream.