EVERYBODY IN business watched in awe as one after another billionaire American executive was brought up on various fraud charges a few years ago. Enron, MCI, Parmalat and others were found to have executives who had broken the law. After the initial shock - and a few convictions - many lawmakers and executives in the US and Europe began working on ways to make companies more compliant with the law. One strategy that became immediately obvious was that IT could be a useful ally. Sponsored by Symantec's Veritas division, the Economist Intelligence Unit has published an extensive report on the role of IT in compliance. The study drew on a global online survey, conducted earlier this year, of 133 senior executives on the changing role of IT in compliance, and supplementary in-depth interviews with senior executives. 'The Sarbanes-Oxley Act in the US and similar laws elsewhere have led many companies to scramble to overhaul their financial reporting, internal controls and data storage in order to meet unprecedented requirements for speed, consistency and accuracy. Companies have found Section 404 of the act to be particularly demanding. It requires corporations and their auditors to report on the effectiveness of the former's internal control structures and procedures for financial reporting. In practice, this has meant describing, documenting and demonstrating the robustness of a vast number of processes, most of which use information technology,' the report said. Another regulation that is also causing a considerable amount of concern - Basel II - is aimed mainly at financial institutions. 'For banks, the Revised International Capital Framework (commonly known as Basel II) will radically change how financial services organisations calculate risk. Rather than using the same measures of risk across all banks, the accord will allow them to use their own performance data to measure risk and therefore capital requirements. Basel II also introduces the need to measure operational risk arising from internal or external problems,' the report said. This recent wave of new corporate rules has had a strong effect on the way technology is used and the role played by IT departments in compliance. According to the report, the use of IT to monitor business activity has been growing rapidly and expenditure on compliance-related IT has also been expanding at a fast clip. Moreover, the role adopted by IT departments in compliance efforts appears to be changing. According to the report, 36 per cent of executives surveyed said their IT departments were involved at a strategic level with tackling compliance and almost 25 per cent said the IT department was permanently represented on the core compliance team. Michael Chue Hoi-kwok, managing director of Symantec Hong Kong, said IT played a tremendous part in helping companies maintain compliance. 'Without doubt IT plays a key role in driving companies' compliance efforts. Compliance is largely process-driven which means that organisations need to look at the compliance challenge holistically. We're finding that many organisations are using the process of examining their compliance strategy as an opportunity to look at how they can improve their overall business efficiency in other areas as well,' he said. In Asia, there is a great deal of concern about these issues. 'There is a lot of uncertainty about what exactly compliance means and how organisations can put an effective compliance strategy in place. Companies face a multitude of regulations - by country and by industry. While most large organisations are putting in place proactive compliance strategies, most other organisations still have a very reactive approach,' Mr Chue said.