The financial meltdown, fueled by a decade of exotic financing mechanisms that some say were designed to hide risk and pass it on to unwary buyers, will have a major impact on IT budgets, personnel, and reporting responsibilities. New regulations will put IT in the hot seat, much as the post-Enron Sarbanes-Oxley and other such rules did in the early 2000s as governments responded to that period's financial shenanigans.
"The country is clamoring for regulation. It's a popular mandate," says Josh Greenbaum, principal at Enterprise Applications Consulting. "It is not just about the collapse of the financial credit market. It is also the end of the road on deregulation across all industries." And it's IT that acts as the regulators' "beat cop," enforcing the rules through the technology systems they deploy and manage, he adds.
So, despite being battered by recession-linked cutbacks, IT will have to find a way to take on the heavy burden of new regulations expected to emerge from U.S. and other governments in 2009, analysts and industry executives agree.
Coming: A Greater IT Burden Than Sarbanes-Oxley and the Patriot Act
"The last two tsunamis to hit IT, the Patriot Act and Sarbanes-Oxley, required companies to know their customers and to know themselves and their [own] finances," says Larry Rafsky, CEO of Acquire Media, which distributes companies' financial news. "Now, the upcoming regulations will say, 'Know your customers' finances.'"
The fact is that no company -- not even the financial firms that created and sold them -- understood the true nature of how everyone was exposed to everybody else in those repackaged, sliced-and-diced financial instruments composed of subprime mortgages, credit default swaps, and off-balance-sheet investments. The consequences of this convoluted, opaque business will lead to regulations requiring more transparency. As these financial instruments were repackaged and resold, investors lost the ability to track what exactly was in each offering and what the actual risk was; even those trading in such instruments weren't exactly sure what they were selling or buying. "No one was aware of the links. Everyone was dependent on everyone else," says Rafsky.
To prevent a recurrence of such murky instruments will require transparency in how companies and what they trade are linked together. That in turn requires increased use of auditing and tracking applications and the business processes behind them, notes Rafsky. It will also require an unprecedented degree of business savvy in IT practices, because regulations will require companies to know the financial strength of their key corporate suppliers and customers. Monitoring those dependencies will be the job of IT.
Even companies not in the regulated financial industry will likely have to follow the regulations sure to come, says Craig Carpenter, general counsel at Recommind, a company that offers search-oriented compliance services. "Anybody that deals with brokers, banks, and credit-risk-based assets will have to be involved," he says. That includes everyone from hedge funds and insurers like AIG to municipalities and consumer companies like General Electric and General Motors.
Carpenter believes companies are also about to face a new wave of litigation due to the huge losses. That means IT professionals who also have legal expertise will be in great demand. "The competition for personnel will be from law firms, their clients and vendors all competing for the same talent," he says.
New regulations will touch a wide range of business operations. There will be regulatory reporting requirements with tighter scrutiny and an increased level of detail than what is required today, says Sinan Baskan, director of business development for financial services at Sybase, an enterprise software provider. For example, up until now, a company was not required to report on financial results by product line or business unit. But this will change, he says.