A public company that doesn’t conform to regulations like Sarbanes-Oxley (SOX) could be out of business. Complying, however, can cost the business at least a few million dollars.
“The last company I took public I watched the costs in the finance group go from $300,000 a year to $2.5 million a year,” said John Capobianco, president and CEO of Lumigent Technologies Inc. Acquiring the expertise to put controls and policies in place in order to achieve a passing grade during an audit resulted in a fourfold increase in internal staff and six outside consultants, he said.
In his new role at Lumigent — which hired him eight months ago to redirect the company from a tools vendor to an application provider — Capobianco is turning his own experience into a product offering that he hopes will alleviate the pain of CFOs, who too often must stand before their boards of directors to explain why the company is spending an enormous amount of money on compliance without any return to its own products, services, and customers.
Lumigent, a privately held company established in 2000 with a database audit tool that repairs data corruption problems, transformed itself in 2009 with a new portfolio of governance, risk, and compliance (GRC) product offerings. Earlier this year, the company introduced two business applications that continuously monitor a financial database and its control policies, and report on any changes to the data.
Last year, the company unveiled its App-GRC suite, which runs alongside a financial application that uses IBM DB2, Microsoft SQL Server, Oracle, or Sybase databases, to strengthen the integrity of critical business operations and reporting. A version for Deltek Costpoint rolled out in October, followed by APPGRC for People-Soft Financial Management, in January. Going forward, the company plans to introduce at least two applications per quarter.
The key to AppGRC is its ability to identify changes and, specifically, when there is no change at all. Knowing for sure that financial data has been untouched eliminates what Capobianco called “the scurry factor,” referring to testing 90 days’ worth of general ledger data at the end of a quarter because auditors are coming in.
Lumigent’s AppGRC not only has pre-defined controls and policies around specific regulations such as SOX, but also offers the infrastructure required to effectively discover data, as well as control, manage, and continuously monitor the source of information and policies that control it.
Lumigent recently launched a new partner program for ISVs and scored a $6 million round of funding from North Bridge Venture Partners.