Compliance Comes to CRM

On their surface the financial disclosure requirements of Sarbanes-Oxley may not appear to be a customer-facing problem, but as thousands of public companies and even many of their privately held peers adopt the requisite policies, customer strategies will inevitably be affected. "Most people view Sarbanes-Oxley compliance as mostly an issue for the finance department, but I think companies that view it that way are bound to fail the Sarbanes-Oxley test," says Zach Nelson, CEO of NetSuite. "We're seeing organizations spending a lot of time focusing on things like certifications of their workers, [making] sure that the people who are out servicing the customers understand how to deal with contracts and how to deal with any sort of financial transaction that might be involved with the service they're offering," says Jason Averbook, global director of product marketing for PeopleSoft. "So customers are going to see a more highly trained, more certified group of people servicing their accounts." Some are viewing the Sarbanes-Oxley governance rules as a happy coincidence for CRM strategists. "Companies will be closer to a single view of the customer than ever before," Nelson says. "It is an unintended consequence of Sarbanes-Oxley, but I think there will be an eye-opener for companies as they go through the process of [compliance] and see how much fragmented, incomplete data they have in their company." "That's the nice side effect--if you have to put your house in order--but the real reason is that you want to keep your CEO out of jail," says Bob Blumstein, research director at IDC. Further adhering to a single, agreed-upon standard for managing financial transactions, including how customer-facing employees like salespeople and call center agents handle those transactions, is also key to compliance. "Organizations that don't do that open themselves up to great risk, because when one thing can be done one way and at a different time could be done a different way, it starts to cause those irregularities," Averbook says. Blumstein emphasizes that Sarbanes-Oxley regulations are only some of the new challenges facing organizations. Businesses may also run aground on new privacy regulations, such as Gramm-Leach-Bliley and HIPAA. "If you're a marketer for a healthcare organization, you have to know what data is confidential and not confidential, and what you can say in print about [health] conditions that is legal." Exactly how this will play out in the front office remains to be seen. Mandatory data cleanups may result in more effective and streamlined communication, but customers accustomed to skipping over details with a familiar account manager may be in for a rude awakening as sales, marketing, and service increasingly become accountable as part of larger Sarbanes-Oxley campaigns. Averbrook says: "A customer might notice separation of powers, where there are multiple people in the organization they deal with instead of just one, because of compliance."