Still Not Working

CFO logoConfronted with shrinking revenue during the Great Recession, many U.S. companies made what seemed to be lasting improvements in their management of working capital. But today it appears that the improvements were simply a short-term fix.

That conclusion can be drawn from the findings of the latest working capital survey by REL Consulting. For the second straight year, REL’s annual survey of 1,000 large public U.S. companies reveals a pronounced lack of sustained working capital improvement.

Read the rest of the article at CFO. 

Healing the CFO-CIO Rift

Not long ago, CFOs and CIOs were a breed apart. The former thought and talked in the language of dollars and cents; the latter thought and talked in bits and bytes. A conversation between the two was like a bad “speed dating” encounter.

This is a bit of an exaggeration, but clearly the relationship between these two senior executive leaders was uncomfortable at best. Flash forward to today, and something has changed. For one thing, more CIOs now report up to CFO, rather than to Chief Executive. This has put some pressure on the two roles to smooth out their differences.

But, something else also is afoot. The advent of mobile business apps integrated to back end ERP systems or cloud-based finance, CRM and HRMS systems is altering the IT paradigm and, by extension, transforming the role of the CIO. No longer do companies want CIOs to focus exclusively on managing IT–implementing, maintaining and upgrading expensive on-premises systems, in addition to making them better, cheaper and faster. They want the CIO to be a strategy innovator.

Just like the CFO a generation ago moved from the back office to the front office, CIOs are being invited to grab a seat there, as well. At this strategy table the conversation is flowing—how can we take full advantage of business apps and mange the related risks, where best can we deploy our scant IT resources for marketing purposes, and is there a tool that can make demand forecasting more robust to improve planning?

Dollars and cents and bits and bytes are giving way to strategic discussions predicated on driving profitable business growth.

This is a best-case scenario, of course. And it requires that CIOs and CFOs simply get along better. Each must find ways of speaking the same language—CFOs getting in touch with their inner CIO and vice versa.

Interestingly, the complex technology and sophisticated finance that initially separated these two leaders due to their numbing nuances have been made simpler by, of all things, technology. Ten years from now, who knows? CFOs and CIOs—those strange bedfellows—just might be best pals.

Appraising Performance Appraisals

Providing employees with consistent, effective feedback is what often distinguishes good from great CEOs. Appraisals may, in fact, be a CEO’s most potent tool in aligning people and improving effectiveness. So why do most CEOs hate doing it and why is it done so poorly by so many of us?

We broke the process down and spoke with top-performing CEOs and companies of various sizes, including two of Chief Executive magazine’s CEOs of the Year, to help you improve your appraisal process and become an effective coach.

Read the rest of the article at


Weathering the Weather (CFO)

CFO logoIn the face of extreme weather and natural disasters, companies are reengineering their supply chains for added reliability.

Since Hurricane Katrina devastated New Orleans in 2005, catastrophes like the massive floods in Thailand and Pakistan, a prolonged drought in the Southwestern United States, and the one-two punch of hurricanes Irene and Sandy seem to be occurring with more frequency, with expensive consequences for many companies.

Read the rest of the article at CFO. 

Mobile Devices Offer Business On the Go, But the Risks Bear Mention

It’s astonishing when you think about all we accomplish today with a device half the size of a pack of playing cards. If you’re an intrepid person like me, you’re probably using your smartphone to do something that would have been absurd a decade ago—depositing checks into your checking account, transferring money from one account to another, and wondering just how the magical device will deliver cash in future. It already buys me coffee at Starbucks.

Mobile banking is just one of many business apps populating the tiny landscape of our smartphones and tablets. I use an app that organizes my reimbursable business expenses, snapping photos of my tax receipts and dinner bills. In the background, a genie attends to the clerical stuff I used to attend do with a half-inch thick wad of paper receipts. I am thus more personally productive.

Today, more than half of the 100 largest banks in the US offer mobile banking, and roughly 19 million US households use the service. The enhanced efficiency of mobile banking is evident in the 2,500 branches that banks closed last year, and an expected decline in the number of branches from 93,000 to 80,000 within the next decade. Other businesses have latched onto the ease and operational cost efficiencies of offering clients the ability to pay them using a mobile device.

We operate in the BYOD era, in which our companies want us to use the same device we text our teenagers on for business purposes—so long as IT is made aware and, even better, centrally manages this use. There are many reasons why IT and business unit leaders must be cognizant of these activities—the varied risks they produce. Offsetting this robust organizational effectiveness is the need to protect all that customer data and proprietary business information flying through the airwaves.  Serious privacy and security risks must be addressed since these devices are susceptible to being lost or stolen. Companies also must ensure their mobile solutions are secure from identity theft, viruses, malware and data transmission vulnerabilities, and comply with myriad federal and state regulations.

Certainly, anyone with a mobile device would be hard-pressed not to take advantage of the remarkable convenience of reviewing savings and checking account balances, depositing checks and transferring funds via their smartphones. And companies would lose competitive position if they did not continue to discover other new and innovative business apps. The goal is to seize these opportunities while managing the related risks.

The Shadow Knows: A look at the benefits and risks of Shadow IT

The intersection of mobile technology tools—pretty much every employee these days has a smartphone, laptop and tablet—with business apps has contributed to the phenomenon known as Shadow IT. As its mysterious name implies, executives are using personal productivity tools for work purposes, often without organizational approval, resulting in a murky flow of unofficial, uncontrolled data. IT, for the most part, is in the dark about this usage.

The positive side of these developments is less reliance on IT and associated programming resources and time. Business units and executives are empowered to find cost-efficient and much faster ways to do their jobs, without waiting for IT to fulfill their needs. As the iPhone demonstrated, millions of apps are there for taking—easily and inexpensively. Not surprisingly, executives want their business productivity tools to be as simple and efficient as the other apps they have running on their mobile phones.

This is a good thing, too: For many years, IT has been a powerful fiefdom within enterprises. Major technology initiatives like CRM, ERP and HRMS system implementations insisted on a level of trust and dependence on IT to pull off the task effectively, quickly and without breaking the bank. This reliance also extended to the vendors providing the on-premises software. But, in our cloud-based, mobile world, the old ways of buying and using technology seem increasingly hidebound.

As one CIO recently expressed to me, “We’ve had a traditional in-house ERP system running on the same version with no new features for 11 years, when we finally got an upgrade that cost us $11 million. And this was a technical upgrade, not a process reengineering where we could take advantage of new functionality. Why wait around when there is this new super-rapid way of innovation?

Indeed, if IT units and software vendors cannot deliver the goods as fast as executives need them, and business apps are there for the plucking, then pluck away. But, carefully and collaboratively—with IT, not behind its back. Why? Well, if IT is not aware of the tools and does not support them, compliance with Sarbanes-Oxley and other regulatory initiatives including Basel II, PCI, IFRS and HIPAA is threatened. Another challenge is the lack of centralized management of these apps and their integration with enterprise data. Cost efficiencies can be squandered if different people and units are using the same technology and not leveraging volume-based discounts or a central data repository.

While many organizations support BYOD—Bring Your Own Device (to work) initiatives—and understand that employees use Shadow IT because they think there is no other way to get the data they need to perform their tasks, protocols must be established to address the security risks, version control issues, data consistency problems and wasted investments. In this regard, it behooves CFOs, to whom IT increasingly reports, to work closely with CIOs to understand what these risks are and how they can be mitigated.

For What It’s Worth…

In the last couple years, I’ve had a great opportunity to moderate numerous Webcasts on diverse subjects for CFO magazine. Many are illuminating, as was the one this past Monday, March 11th on data breaches. The panel was a Who’s Who of security experts, including Larry Ponemon from the Ponemon Institute; Simon Hunt, chief technology officer of endpoint security at McAfee; Michael Kaiser, executive director of the National Cyber Security Alliance; and Stan Gatewood, chief of information security and e-privacy at the University System of Georgia, which comprises more than 30 colleges and universities.

We’ve all been reading about those pesky Chinese hackers spying on our government and last year’s hacking of the CIA, of all places. If the CIA can’t button up the files, how can businesses, which experience thousands of unsuccessful hackings each week (you read that right). Just one that pries open the lid invites a horde of punitive federal and state regulations, and sets in motion a downward spiral that can doom a company.

Forty-six states have data breach laws that require organizations to notify anyone whose personal data may have been inadvertently lost, stolen or leaked. Massachusetts has the stiffest law on the books, stipulating a possible court-imposed civil penalty of $5,000 per violation. Multiply this by potentially thousands of affected customers and the costs stagger. Now tack on potential expenses to notify victims, monitor their credit card activity, pay for legal defense and judgments/settlements, and hire forensic security experts to determine the cause of the breach. Some companies must retain a crisis management firm to offset the reputational risk.

These are not just large enterprises. Any organization, no matter its size, is susceptible to these exposures and the regulatory burdens, and may be even more vulnerable, given that hackers know they have scant resources to combat the problem. The perps aren’t all from the shady world of organized crime, either. Employees might resort to committing cyber fraud in the uncertain economic climate. Or they may simply make a mistake that inadvertently opens the books.

These eye-opening threats became clear during the Webcast. For all of my friends who missed the event, I thought this missive would help raise awareness in your organizations. Obviously, failing to proactively prepare for the growing threat of a data breach, especially as new technologies like the Cloud and mobility become more ingrained, more employees are permitted to BYOD—bring their own devices to work, for work—and the regulatory noose tightens, threatens all organizations’ survival.