This week we launched an online course called Fundamentals of Islamic Finance, which is designed to build skills in a rapidly growing area. The course was built by our partner Knowledge Platform and we are the first to offer the course in Hong Kong and China.
Hong Kong has made a big push to establish itself as a center for Islamic Finance, and in so doing has to compete with Singapore, KL and Dubai for business in Asia. While many banks proclaim their desire to be in the Islamic Finance space, few have put together the training needed to build serious competency.
Fundamentals of Islamic Finance is made up of two courses - one for beginners and one that is more advanced. The course provides a comprehensive foundational learning experience on basic definitions, concepts, rules, transaction structures, cases and issues relating to the subject so it's perfect for companies that want to roll out some broad education. Knowledge Platform build it to be consistent with the standards as published by the Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI).
If you want to see a demo of the course, send me an email and I will arrange that for you.
Thursday, April 30, 2009
Wednesday, April 29, 2009
Chinese Authorities Announce Delay to Implementation of Basic Standard for Enterprise Internal Control
It looks like the Chinese government is going to announce a six-month delay to the implementation requirement of the Basic Standard for Enterprise Internal Control. This was originally due to go into effect on July 1st; but it now seems that the new implementation date will be January 1, 2010.
The reasons for the change are that many companies seemed very far behind in their preparations and that the government's resources are currently being used to tackle the financial crisis.
This is good news for listed companies because it gives them more breathing room and allows them to build their strategy over the rest of 2009. This will also give the government more time to prepare the implementation guidelines and make sure that industry has clear direction about this new rule.
For a Chinese news story on the delay, see cenn.cn.
The reasons for the change are that many companies seemed very far behind in their preparations and that the government's resources are currently being used to tackle the financial crisis.
This is good news for listed companies because it gives them more breathing room and allows them to build their strategy over the rest of 2009. This will also give the government more time to prepare the implementation guidelines and make sure that industry has clear direction about this new rule.
For a Chinese news story on the delay, see cenn.cn.
Wednesday, April 15, 2009
Reducing the Cost of China SOX Implementation
Implementing tools to comply with China’s Basic Standard for Enterprise Internal Control (C-SOX) may seem like an expensive and resource-intensive project, but there are several ways to cut down on the most obvious expenses.
Use hosted IT solutions if possible. If your IT vendors or systems integrators can offer software-as-a-service (SaaS) tools, this can reduce your internal hosting and IT support costs by up to 30 percent. SaaS means that the vendor takes care of hosting and maintaining your systems, and provides them as a “service” to you over the Internet. The benefit to you is that you don’t have to invest in hardware (servers) or software (databases, operating systems) to roll out the project – your vendor already has that taken care of. Furthermore, you need less internal IT support because the vendor looks after the hosting environment (usually 24 hours a day, 7 days a week) and manages the system for you. An added benefit of SaaS systems is that you always get the most up-to-date version of the software because the vendor is frequently upgrading the system.
While external hosting may sound risky, in fact it is very secure and the hardware and software used are constantly improving. Look for vendors that have had their hosting centers and processes certified (in SAS 70 or similar) to know you are in good hands. Many people initially think that only small companies opt for externally hosted systems, but research shows that an increasing number of large companies are moving in this direction. This is true in China and elsewhere.
Another way to reduce the cost of your C-SOX implementation is to adopt a phased approach to your project. This means starting small and building on your experience over time. This will help to keep personnel and resource costs down, and will also make it easier for your company to absorb the learning from the project as you go along. Since one of the key challenges of adhering to the Basic Standard for Enterprise Internal Control is creating a culture of risk awareness and responsibility you will want to take a measured pace to ensure that the fundamentals are being adopted across the enterprise.
Operationally, this means starting with “low hanging fruit” like employee training, organizational mapping and reviewing the current policies, processes and procedures that you have. These tasks can create a baseline that you can build on (i.e. implement new procedures, introduce IT controls) at a later stage.
Finally, a good way to get value while implementing C-SOX is to turn to experts who have done this sort of thing before. Of course, the Basic Standard for Enterprise Internal Control is a new regulation so there is no direct experience in the market. However, many companies have experience in implementing other controls and regulations such as Sarbanes Oxley, J-SOX (Japan’s version), ISO and others. Consulting and advisory companies can be useful guides for setting your strategy, plan and key metrics associated with your C-SOX project. Many of them have rich international experience that can benefit listed Chinese companies.
Hiring an outside consulting firm or advisor may seem expensive, but it is likely to save you considerable trouble and money in the long term. Look for a professional organization with proven international experience to help you get started and the result will be that you are able to accelerate you project. As with the Sarbanes Oxley regulation, the Basic Standard for Enterprise Internal Control says that consulting and advisory companies cannot do internal control audits for those same clients.
Use hosted IT solutions if possible. If your IT vendors or systems integrators can offer software-as-a-service (SaaS) tools, this can reduce your internal hosting and IT support costs by up to 30 percent. SaaS means that the vendor takes care of hosting and maintaining your systems, and provides them as a “service” to you over the Internet. The benefit to you is that you don’t have to invest in hardware (servers) or software (databases, operating systems) to roll out the project – your vendor already has that taken care of. Furthermore, you need less internal IT support because the vendor looks after the hosting environment (usually 24 hours a day, 7 days a week) and manages the system for you. An added benefit of SaaS systems is that you always get the most up-to-date version of the software because the vendor is frequently upgrading the system.
While external hosting may sound risky, in fact it is very secure and the hardware and software used are constantly improving. Look for vendors that have had their hosting centers and processes certified (in SAS 70 or similar) to know you are in good hands. Many people initially think that only small companies opt for externally hosted systems, but research shows that an increasing number of large companies are moving in this direction. This is true in China and elsewhere.
Another way to reduce the cost of your C-SOX implementation is to adopt a phased approach to your project. This means starting small and building on your experience over time. This will help to keep personnel and resource costs down, and will also make it easier for your company to absorb the learning from the project as you go along. Since one of the key challenges of adhering to the Basic Standard for Enterprise Internal Control is creating a culture of risk awareness and responsibility you will want to take a measured pace to ensure that the fundamentals are being adopted across the enterprise.
Operationally, this means starting with “low hanging fruit” like employee training, organizational mapping and reviewing the current policies, processes and procedures that you have. These tasks can create a baseline that you can build on (i.e. implement new procedures, introduce IT controls) at a later stage.
Finally, a good way to get value while implementing C-SOX is to turn to experts who have done this sort of thing before. Of course, the Basic Standard for Enterprise Internal Control is a new regulation so there is no direct experience in the market. However, many companies have experience in implementing other controls and regulations such as Sarbanes Oxley, J-SOX (Japan’s version), ISO and others. Consulting and advisory companies can be useful guides for setting your strategy, plan and key metrics associated with your C-SOX project. Many of them have rich international experience that can benefit listed Chinese companies.
Hiring an outside consulting firm or advisor may seem expensive, but it is likely to save you considerable trouble and money in the long term. Look for a professional organization with proven international experience to help you get started and the result will be that you are able to accelerate you project. As with the Sarbanes Oxley regulation, the Basic Standard for Enterprise Internal Control says that consulting and advisory companies cannot do internal control audits for those same clients.
Wednesday, April 8, 2009
Certifications for China SOX
Organizations that have undergone external certifications in the past will find it much easier to adopt and adhere to the regulations listed in the Basic Standard for Enterprise Internal Control (China SOX). The operational control rigor required to attain global, industry-specific and other certifications means that the company already has good control over their processes and quality systems.
Examples include the following:
• SAS 70 - auditing standard for service organizations.
• ISO 14000 – environmental management standards to help organizations minimize the environmental impact of their operations
• ISO 9000 – quality system standards and systems
• ISO/IEC 27000 - information security management, risks and controls
• CMM/CMMI - Capability Maturity Model for software development
• Six Sigma implementation – for manufacturing and business process defect reduction
• TQM - Total Quality Management process
• Sarbanes Oxley – reporting regulation for US-listed companies
Like China SOX, most of these standards require external audit and certification by authorized bodies. In addition, the level of resource required for proper implementation means that these standards and business practices have received high priority and visibility in the organization.
Examples include the following:
• SAS 70 - auditing standard for service organizations.
• ISO 14000 – environmental management standards to help organizations minimize the environmental impact of their operations
• ISO 9000 – quality system standards and systems
• ISO/IEC 27000 - information security management, risks and controls
• CMM/CMMI - Capability Maturity Model for software development
• Six Sigma implementation – for manufacturing and business process defect reduction
• TQM - Total Quality Management process
• Sarbanes Oxley – reporting regulation for US-listed companies
Like China SOX, most of these standards require external audit and certification by authorized bodies. In addition, the level of resource required for proper implementation means that these standards and business practices have received high priority and visibility in the organization.
Thursday, April 2, 2009
Compensation Policies for China SOX
C-SOX explicitly links executive compensation to effectiveness of internal controls. Chapter 1 Article 8 of the Basic Standard for Enterprise Internal Control says that companies should set clear policies on the rewards and disciplines related to the proper implementation of internal control. Effectiveness of internal control implementation should be treated as a key element of performance appraisals for department and staff levels. This is dramatic because it impacts managers where it counts – their wallet.
The implication is that compensation and rewards should be set according to achievement of company goals and effective business control. Therefore, companies in China need to be very clear in setting goals and metrics for measurement. If management’s bonus is going to depend on how well they enforce internal controls, they are going to want to have a lot of say in how they are measured, and make sure that they don’t pay for someone else’s mistakes.
One of the biggest challenges will be determining areas of responsibility and documenting who is in charge of what. Defining the organizational structure should be a centralized task, managed by top executives with the assistance of the HR department.
Furthermore, companies need to have the proper mechanisms to analyze and enforce enterprise control. This includes IT solutions and software tools, which have been widely deployed. However, more often than not, these tools are not integrated together and it is difficult for management to get a clear overall picture of the business. This represents a challenge because without hard data it will be difficult to measure performance (and therefore set variable compensation).
When implementing the compensation part of C-SOX, companies should look for performance appraisal and goal management tools allow for clear communication and implementation of reward policies. Goals should be set consistently across the enterprise, which improves transparency and highlights areas of risk or exposure. Also, because it is such a sensitive topic, companies should consider hiring external consultants and experts for this step.
Keep reading for more detail on how to start your China SOX implementation.
The implication is that compensation and rewards should be set according to achievement of company goals and effective business control. Therefore, companies in China need to be very clear in setting goals and metrics for measurement. If management’s bonus is going to depend on how well they enforce internal controls, they are going to want to have a lot of say in how they are measured, and make sure that they don’t pay for someone else’s mistakes.
One of the biggest challenges will be determining areas of responsibility and documenting who is in charge of what. Defining the organizational structure should be a centralized task, managed by top executives with the assistance of the HR department.
Furthermore, companies need to have the proper mechanisms to analyze and enforce enterprise control. This includes IT solutions and software tools, which have been widely deployed. However, more often than not, these tools are not integrated together and it is difficult for management to get a clear overall picture of the business. This represents a challenge because without hard data it will be difficult to measure performance (and therefore set variable compensation).
When implementing the compensation part of C-SOX, companies should look for performance appraisal and goal management tools allow for clear communication and implementation of reward policies. Goals should be set consistently across the enterprise, which improves transparency and highlights areas of risk or exposure. Also, because it is such a sensitive topic, companies should consider hiring external consultants and experts for this step.
Keep reading for more detail on how to start your China SOX implementation.
Subscribe to:
Posts (Atom)