technology's role in the act: bridging sox to secure 2.0
technology's role in the act: bridging sox to secure 2.0
By King Kenney
By King Kenney
By King Kenney
By King Kenney
The late 90s saw an accounting industry bolstered by a relaxed regulatory environment, whereby the Big Four maneuvered with unprecedented ease. They, and other accountancies, reaped extraordinary profits from a range of services offered amid the irrational exuberance of the dot-com bubble. More pointedly, this period was marked (and marred) by generally unacceptable accounting practices that, while not illegal, skirted the edges of ethical bookkeeping. Guided by the leniency afforded them, companies frequently engaged in aggressive accounting techniques, utilized off-balance-sheet financing, and operated through complex corporate structures that made financial transparency challenging. Largely, the era is recalled for auditing that was less about rigorous scrutiny than the most basic compliance checks—along with its fair share of winks and business-firm handshakes.
And then, the bubble burst, and the nature and expanse of shoddy bookkeeping was laid plain.
The late 90s saw an accounting industry bolstered by a relaxed regulatory environment, whereby the Big Four maneuvered with unprecedented ease. They, and other accountancies, reaped extraordinary profits from a range of services offered amid the irrational exuberance of the dot-com bubble. More pointedly, this period was marked (and marred) by generally unacceptable accounting practices that, while not illegal, skirted the edges of ethical bookkeeping. Guided by the leniency afforded them, companies frequently engaged in aggressive accounting techniques, utilized off-balance-sheet financing, and operated through complex corporate structures that made financial transparency challenging. Largely, the era is recalled for auditing that was less about rigorous scrutiny than the most basic compliance checks—along with its fair share of winks and business-firm handshakes.
And then, the bubble burst, and the nature and expanse of shoddy bookkeeping was laid plain.
The resultant landscape dramatically shifted with a run of financial scandals at the turn of the millennium, involving news breaking fiascos at Enron, WorldCom, Tyco, and Adelphia. Such fiscal debacles brought to light glaring issues in corporate governance, financial reporting, and auditing standards. In response, the Sarbanes-Oxley Act, or SOX, was enacted in 2002, introducing a new era of stringent regulations designed to restore public trust in the financial markets. The legislation required C-level executives to personally certify the accuracy of financial reports, greatly enhanced the independence and accountability of auditors, and set stricter standards for internal control over financial reporting.
The resultant landscape dramatically shifted with a run of financial scandals at the turn of the millennium, involving news breaking fiascos at Enron, WorldCom, Tyco, and Adelphia. Such fiscal debacles brought to light glaring issues in corporate governance, financial reporting, and auditing standards. In response, the Sarbanes-Oxley Act, or SOX, was enacted in 2002, introducing a new era of stringent regulations designed to restore public trust in the financial markets. The legislation required C-level executives to personally certify the accuracy of financial reports, greatly enhanced the independence and accountability of auditors, and set stricter standards for internal control over financial reporting.
The introduction of SOX had a seismic impact on the accounting industry, targeting the ledgers of deception it aimed to dissuade. Firms were compelled to overhaul their audit processes, enforce stricter internal controls, and reassess their client relationships to uphold the newfound emphasis on auditor independence. SOX effectively reshaped the industry's approach to financial reporting and auditing, moving away from a trust-based system to one grounded in accountability and transparency. (Alas, entities like Lehman Brothers, figures like Frank Greenberg, Bernie Madoff, and others still found ways to circumvent these rules.)
The introduction of SOX had a seismic impact on the accounting industry, targeting the ledgers of deception it aimed to dissuade. Firms were compelled to overhaul their audit processes, enforce stricter internal controls, and reassess their client relationships to uphold the newfound emphasis on auditor independence. SOX effectively reshaped the industry's approach to financial reporting and auditing, moving away from a trust-based system to one grounded in accountability and transparency. (Alas, entities like Lehman Brothers, figures like Frank Greenberg, Bernie Madoff, and others still found ways to circumvent these rules.)
The adaptation of the accounting industry to SOX’s exacting standards was significantly facilitated by the advancement and strategic integration of specific technologies. The complexities in internal controls and reporting SOX mandated required the deployment of sophisticated tools. As such, firms invested in innovative audit management software like ACL and IDEA for efficient data analysis and audit trail management. ERP systems from Oracle and SAP became the standard for integrating financial processes and ensuring consistent reporting. Document management systems such as SharePoint and DocuWare streamlined the handling of financial documents. Additionally, risk management and compliance software like Thomson Reuters’ Accelus and Wolters Kluwer’s Compliance Solutions became essential for comprehensive risk assessments and staying updated with regulatory changes. These and other technologies collectively enabled firms to efficiently manage the increased workload and intricacies brought about by SOX, allowing for more thorough audits, effective data management, and ensuring sustained compliance with the new regulatory framework.
The adaptation of the accounting industry to SOX’s exacting standards was significantly facilitated by the advancement and strategic integration of specific technologies. The complexities in internal controls and reporting SOX mandated required the deployment of sophisticated tools. As such, firms invested in innovative audit management software like ACL and IDEA for efficient data analysis and audit trail management. ERP systems from Oracle and SAP became the standard for integrating financial processes and ensuring consistent reporting. Document management systems such as SharePoint and DocuWare streamlined the handling of financial documents. Additionally, risk management and compliance software like Thomson Reuters’ Accelus and Wolters Kluwer’s Compliance Solutions became essential for comprehensive risk assessments and staying updated with regulatory changes. These and other technologies collectively enabled firms to efficiently manage the increased workload and intricacies brought about by SOX, allowing for more thorough audits, effective data management, and ensuring sustained compliance with the new regulatory framework.
In the same vein, the enactment of SECURE 2.0—building upon its predecessor’s aims to incentivize savers amid widespread “hardship withdrawals” and waning faith in the overarching system—introduces a new era in retirement planning and administration, marked by heightened complexity and evolving challenges: This is particularly true for third-party administrators (TPAs) of retirement plans.
In the same vein, the enactment of SECURE 2.0—building upon its predecessor’s aims to incentivize savers amid widespread “hardship withdrawals” and waning faith in the overarching system—introduces a new era in retirement planning and administration, marked by heightened complexity and evolving challenges: This is particularly true for third-party administrators (TPAs) of retirement plans.
Rising Hardship Withdrawals
Source: Empower Retirement, Bloomberg
Historically, TPAs have navigated the labyrinth of regulatory compliance, continuously aligning retirement plans with shifting federal laws. However, SECURE 2.0 escalates this challenge beyond ERISA, PPA, and the first iteration of SECURE—integrating a spectrum of new rules and amendments, such as altered required minimum distribution ages, expanded auto-enrollment requirements, and revised catch-up contribution limits. This evolution in the regulatory framework not only augments the compliance burden but also necessitates swift adaptation and a profound understanding of these nuanced provisions.
Historically, TPAs have navigated the labyrinth of regulatory compliance, continuously aligning retirement plans with shifting federal laws. However, SECURE 2.0 escalates this challenge beyond ERISA, PPA, and the first iteration of SECURE—integrating a spectrum of new rules and amendments, such as altered required minimum distribution ages, expanded auto-enrollment requirements, and revised catch-up contribution limits. This evolution in the regulatory framework not only augments the compliance burden but also necessitates swift adaptation and a profound understanding of these nuanced provisions.
The role of TPAs in crafting and administering retirement plans has become further complicated with the introduction of SECURE 2.0’s diverse plan elements. These include integrating part-time employees into 401(k) plans and offering a variety of options for lifetime income strategies, each adding complexity to the already intricate process of plan design, while ensuring cost-efficiency and regulatory adherence. This complexity extends to participant communication and engagement, with the new rules and alternatives necessitating clear, concise communication from TPAs to guarantee full information and compliance from both plan sponsors and participants. Additionally, TPAs bear the responsibility of managing an ever-growing volume of sensitive PII.
The role of TPAs in crafting and administering retirement plans has become further complicated with the introduction of SECURE 2.0’s diverse plan elements. These include integrating part-time employees into 401(k) plans and offering a variety of options for lifetime income strategies, each adding complexity to the already intricate process of plan design, while ensuring cost-efficiency and regulatory adherence. This complexity extends to participant communication and engagement, with the new rules and alternatives necessitating clear, concise communication from TPAs to guarantee full information and compliance from both plan sponsors and participants. Additionally, TPAs bear the responsibility of managing an ever-growing volume of sensitive PII.
The operational challenges introduced by SECURE 2.0 to TPAs echo the adaptation accountants had to make during the SOX era, spurring a thorough revision of systems and processes. As SECURE 2.0 brings in complexities like integrating part-time employees into 401(k) plans and managing diverse lifetime income strategies, it tests the TPAs' ability to balance cost-efficiency with regulatory adherence and heightens the aforementioned need for enhanced participant communication. In navigating these changes, strategic planning and the adoption of advanced technology solutions are crucial. The agility and effectiveness of TPAs in adapting to these changes will be paramount in ensuring retirement plans are compliant, robust, and responsive in a complex legislative and economic environment.
The operational challenges introduced by SECURE 2.0 to TPAs echo the adaptation accountants had to make during the SOX era, spurring a thorough revision of systems and processes. As SECURE 2.0 brings in complexities like integrating part-time employees into 401(k) plans and managing diverse lifetime income strategies, it tests the TPAs' ability to balance cost-efficiency with regulatory adherence and heightens the aforementioned need for enhanced participant communication. In navigating these changes, strategic planning and the adoption of advanced technology solutions are crucial. The agility and effectiveness of TPAs in adapting to these changes will be paramount in ensuring retirement plans are compliant, robust, and responsive in a complex legislative and economic environment.
In response, TPAs are embracing a tech-forward future. Many are newly cognizant that retirement plan management software is crucial for handling the nuances of diverse plan elements and ensuring regulatory compliance. What is more, data analytics tools, secure data storage, encryption technologies, compliance management systems, participant communication platforms, and automated workflow systems are being integrated to improve operational efficiency and manage increased workloads without overextending resources.
In response, TPAs are embracing a tech-forward future. Many are newly cognizant that retirement plan management software is crucial for handling the nuances of diverse plan elements and ensuring regulatory compliance. What is more, data analytics tools, secure data storage, encryption technologies, compliance management systems, participant communication platforms, and automated workflow systems are being integrated to improve operational efficiency and manage increased workloads without overextending resources.
In addition to these technologies, AI is playing a transformative role for TPAs in this new environment. AI's capabilities are being leveraged to streamline complex tasks and calculations, augment predictive analytics for better outcomes, and optimize investment strategies tailored to individual needs. Furthermore, AI-driven chatbots, large-language models, and virtual assistants are revolutionizing participant engagement, offering personalized guidance and swift responses to inquiries made possible by rapid advances in machine learning. AI's integration into compliance tools is also crucial, enabling real-time monitoring and interpretation of regulatory changes, ensuring TPAs stay ahead in compliance management. Overall, AI stands as a cornerstone technology, empowering TPAs to navigate the complexities of SECURE 2.0—and future mandates—with greater efficiency, accuracy, and foresight.
In addition to these technologies, AI is playing a transformative role for TPAs in this new environment. AI's capabilities are being leveraged to streamline complex tasks and calculations, augment predictive analytics for better outcomes, and optimize investment strategies tailored to individual needs. Furthermore, AI-driven chatbots, large-language models, and virtual assistants are revolutionizing participant engagement, offering personalized guidance and swift responses to inquiries made possible by rapid advances in machine learning. AI's integration into compliance tools is also crucial, enabling real-time monitoring and interpretation of regulatory changes, ensuring TPAs stay ahead in compliance management. Overall, AI stands as a cornerstone technology, empowering TPAs to navigate the complexities of SECURE 2.0—and future mandates—with greater efficiency, accuracy, and foresight.
Given the trillions under management throughout the financial industry, strictures will continue to be enacted to ensure the health and safety of the economy. Whether influenced by rampant fraud or waning post-work sentiment, courses of action will make evolution a continual practice. Through it all, adopting the necessitated tech tools of the trade is key to traversing from one law to the next without incurring any ill effects.
Given the trillions under management throughout the financial industry, strictures will continue to be enacted to ensure the health and safety of the economy. Whether influenced by rampant fraud or waning post-work sentiment, courses of action will make evolution a continual practice. Through it all, adopting the necessitated tech tools of the trade is key to traversing from one law to the next without incurring any ill effects.
SECURE 3.0—or a differently named act fulfilling the same “next” aim—will inevitably emerge. Rest assured, the technology required for compliance is either already available or currently being developed.
SECURE 3.0—or a differently named act fulfilling the same “next” aim—will inevitably emerge. Rest assured, the technology required for compliance is either already available or currently being developed.
King Kenney is a multi-hyphenate writer, VP of Marketing & Growth at Stax•ai, and marketing professor at the University of Virginia.