Issue: March/May 2008
Watch those records!
It isn’t glamorous, but it simply must be done. Justice Nepfumbada, of Corporate Benefits Operations (Risk & Compliance) at Liberty Life, explains why.
Although not necessarily the most glamorous part of an operation, it needs the same levels of attention given to such key functions as financial reporting. Poorly managed, it can be as damaging as any crisis that might befall a company.
There are number of definitions of “record management” that various authorities use, based on their experience in this field. I define this concept as a strategy to control the records of a business or entity, throughout its lifecycle, to ensure operational and legislative requirements are met. Part of this means that data retrieval should be simple, accurate, reliable and protected. If there is a need to destroy data, this should be conducted through strictly defined procedures.
Why is data management so important today?
Every business has processes and procedures that have been formed through agreements. If one looks back into the agreements, they serve to describe the foundation of those businesses. They effectively provide a record for reference, especially in times of dispute. One can argue that information forms part of the assets of an organisation and should be treated with the same caution and care that organisations treat their physical assets. Some reasons that illustrate why sound record management definitely makes for good business practice:
Some reasons that illustrate why sound record management definitely makes for good business practice.
Decisions taken by those charged with running a business should obviously be based on reliable and detailed information. It is therefore logical that, since good decisions are based on sound information, records containing this information must be kept in a manner to ensure their integrity, accuracy and reliability are not compromised in any way. Good record management will ensure managers have as much accurate information as possible on which to base their decisions.
Unmanaged records make business activities more complex and uncertain. It can significantly increase the cost of running a business when decisions, based on unmanaged records, prove to be wrong.
Look, for example, at requirements for the banking sector under the Financial Intelligence Centre Act (FICA). There are many instances where clients are required to reverify themselves to the same institution simply to conduct their daily business. Ultimately, this can breed dissatisfaction and expose the institution to reputational risk because the client, rightly so, sees only the mother brand and not the sum of the internal departments, silos and business units.
The practice of good record management, coupled with effective record information retrieval, can therefore help drive a business towards more efficient, world-class customer service. Great customer service is one of the most difficult things to replicate and is a real competitive advantage. Importantly, good record management also allows staff to focus on actually transacting or serving, as opposed to spending unnecessary time reconfirming their own customers. More time productively spent with customers means more business.
The growth in electronic communications through faxes, e-mails, internet and cellular phones means companies are constantly faced with an array of new challenges such as data security and access management. Breaches and disputes in electronic communication can be hugely problematic and costly. Just about every business, even smaller enterprises, will have some sort of electronic communication. It is vital that they embrace an ERMP governed by prudent policies and guidelines. This protocol should be clearly defined by a company’s information risk service, strongly influenced by international best practice and communicated to all employees, third parties or anyone who has access to the organisation’s records and systems.
The 9/11 attacks in New York awakened many organisations to the risks associated with not having adequate business continuity management plans. In the event of a disaster, an organisation that has properly implemented record management can effortlessly recover corporate memory and so minimise the overall impact of the disaster on the business. Those that don’t are sometimes unable to operate at all, or have to rely on human memory, which can be subjective and complicated by different interpretations.
If these reasons aren’t enough to convince you that retaining and protecting your corporate memory is a business imperative, then consider that legally you are required to do so anyway. South African law requires that businesses store particular documents for defined periods. In a FICA environment, financial institutions are required to keep a record of all financial transaction for five years under the Electronic Communication & Transaction Act.
Ultimately record management practices are designed to protect all parties whether it is the business, the consumer or a retirement fund – trustees included!
Are you protected?