Compliance Market to Pass the $21 Billion in 2010

The effects of the Enron, WorldCom and other high-profile accounting scandals that led to new financial regulations are going to cost for a long time to come.

The compliance infrastructure market is expected to pass the $21 billion mark in 2010, increasing at a compound annual growth rate (CAGR) of 18.4% from 2005 to 2010, a new IDC study reveals.

The study, Worldwide Compliance Infrastructure 2006-2010 Forecast: SOX 404 Requirements and the Emergence of the Records and Information Infrastructure Platform Define the Market , found that revenue contribution from services will continue to account for the largest portion of spending in 2006, as organizations continue to focus on the IT processes, configuration, and design of their IT infrastructure.

“Right now (companies) are going after the low hanging fruit; the low hanging fruit being the areas they are most likely to be investigated on,” said Vivian Tero, IDC’s senior research analyst for Compliance Infrastructure.

This trend however, will change in 2007 with software accounting for the largest product segment. Revenue from software is expected to post the fastest growth through 2010.

“The compliance infrastructure market looks at the convergence of technologies that enables organizations to demonstrate controls over four primary areas: information integrity, process integrity, controlled access, and information retention,” said Tero.

The following developments will continue to underpin spending:

  • End users learning from their experiences in the first two years of Sarbanes-Oxley (SOX) compliance are increasingly aware of the opportunity to automate key business processes and leverage common data sets and components across multiple regulatory compliance and legal requirements.
  • The upcoming amendments to the Federal Rules on Civil Procedure for Electronic Discovery, which go into effect on December 1, 2006, underscore the need for organizations to get their records and information house in order.
  • This last observation will have far reaching effects since it goes to the heart of IT’s ability to produce, in a timely fashion, documentation (ranging from emails and IMs to standard Word documents) that is asked for by plaintiff’s lawyers.

    “It effects (IT) in the sense it defines what their conduct (is), it impacts how well they are able to demonstrate they have protected the integrity of the information and the business process,” said Tero. “It’s a very different environment than it was five years ago. (Lawyers) can’t talk their way out of anything.”

    Meaning ignorance of where certain documentation is stored electronically is no longer a valid defense for not producing said documentation.

    “From an IT perspective, whoever is in charge or managing a particular information or application has to be (prepared).”