Okay, that was a bit longer than two weeks. As well as taking some time off to entertain a friend visiting from Australia, I’ve been immersed in some client work and the development of a BPM course that I can offer on a wider basis, both of which have me looking at BPM, corporate performance management, compliance, enterprise architecture, process modeling, and a host of other things.
Compliance has been of particular interest lately, because every client that I deal with now is focussed on it. There’s a good deal of compliance mania going on, very reminiscent of Y2K mania, where vendors start every presentation with a picture of a CxO doing the perp walk and proceed to scare the bejeezus out of their customers until a blank cheque falls onto the table. I’m not saying that compliance isn’t a serious issue, and that there aren’t cases of non-compliant companies suffering under fines (and worse), but can we ease off a bit here? There’s a lot of other compliance selling points that don’t look like some corporate version of Fear Factor.
I think the worst part is that the vendors selling compliance solutions are not, to use the industry vernacular, eating their own dogfood. Friday’s business news recommended selling Open Text short, in part because of their lack-lustre performance lately, but mostly because they’re seeking an extension on meeting their SOX compliance requirements. As the analyst in the article points out, that’s not a good thing for a company that builds compliance software. Try to imagine, if you will, the hapless Open Text sales force the next time that they try to sell compliance to their customers: “do what we say, not what we do” isn’t a particularly credible marketing slogan.
Open Text is a public example of this, but if you dig into any of the compliance vendor organizations, you will almost certainly find non-compliance: irregularities in contract negotiation and management, failure to implement proper records management (especially email) policies, and countless other infractions. In other words, few (or none) of them are in any position to be taking the high ground when they’re talking about compliance.