Many European firms risk heavy fines and imprisonment for failing to comply with high-profile legislation, according to a survey.
Almost half, 46 percent, of European companies surveyed were not in compliance with Sarbanes-Oxley (SOX), compared to 11 percent of North American firms, the survey found.
The situation looks similar for Basel II, where over a third (36 percent) of European companies said they are not in compliance, compared to only 17 percent in North America.
The survey, sponsored by CA and conducted by independent research company GMG Insights, interviewed nearly 575 IT directors worldwide. More than 200 responses were from European companies.
Nearly 45 percent of companies surveyed reported an increase in the time and monetary resources required to ensure compliance with legislation. Forty percent of European companies report the introduction of new regulations as a reason for increasing resources dedicated to compliance.
Despite the complexity and costs of regulation, compliance efforts are still often carried out manually, the survey found.
More than two-thirds of the companies said they maintained IT compliance data in multiple spreadsheets and often with different business units. Around half said their companies do not have central repositories to help identify the regulations and controls that directly impact them.
Over 75 percent said that the operation, testing, monitoring and reporting of IT controls were at best a combination of automated and manual processes.
Chris Miller, CA area manager for the UK and Ireland, said European firms should look at automating processes that support proof of compliance countries. "Organisations are subject to significant business and cost risks when they adopt an ad-hoc approach to compliance.”