Chaucer Consulting

Thought leadership from Chaucer

Articles, Case studies,
Industry experience, Subject matter

Subject Matter

Regulatory compliance

Achieving Financial Compliance - The Ice Project

Meeting the Sarbanes Oxley 404 compliance standards

Chaucer provided the management of the Sarbanes Oxley 404 (SOx) compliance programme for ‘a global oil company’ from 2004 to 2007 for the downstream part of the business. The US-based SOx compliance programme requires that internal controls for financial reporting are adequate to prevent possible financial misstatement. The internal control evaluation (ICE) project would deliver the necessary compliance.

The method selected to ensure compliance with the legislation was to rely on self assessment via control evaluation templates, or CETs, which Chaucer helped to create.  The scope of this project was world-wide, and the challenge was to develop systems that could be embedded into every area of the downstream business some of which where highly complex, according to Neil O’Brien, Chaucer senior consultant. This amounted to approximately 250 projects, all needing completed CETs covering the in-scope financial processes.

Chaucer’s role was to set up a Programme Management Office (PMO) for the global oil company, thus programme assurance and governance retained independence from the content providers for compliance with SOx 404.

Chaucer ran the programme until this year, when it became firmly embedded into the global oil company way of working. “It’s part of people’s day jobs now,” notes O’Brien. “We also managed the implementation of a new tool to help with the process, and to make it easier to embed it within the company using minimal staff. The rollout was completed in September 2007.”

Chaucer helped develop the structure for Sarbanes Oxley compliance in several areas. For example, the consultants, in conjunction with the client, developed a risk template tool accompanied by a set of presentation materials, so that each regional locations could run their own risk workshops. Chaucer also helped set up and run workshops across Europe for the oil and gas giant. This tool was designed to monitor and gauge risk within financial change, and employs a risk themes checklist, which has since been customised throughout the group.

Another tool was the management of change document, developed in conjunction with the client. It was used to identify and give status on the changes happening within the group and pinpoint the risk mitigating actions in each location and project. Different risk levels were flagged using a traffic light or hotspot display.

Chaucer also utilised its skills in communicating information across various sectors by simplifying tracking mechanisms into integrated tools - such as SharePoint, a data warehouse that could be accessed by all SOx-concerned parties within the global oil company.

However, the deployment of these tools was not without its issues. “One of the biggest challenges for Chaucer came in 2006 when, after two years of working with the global oil company, there was a whole host of organizational and system changes at the company,” O’Brien says. The Chaucer consultants took up the challenge and helped ensure that, even throughout the changes, the group remained SOx compliant in 2006 - the first year for the requirement.


Enough work

Knowing how much work to do for SOx compliance is important for multinational companies. The global oil company has, with the help of Chaucer’s PMO, been able to refine its processes over the last few years, in order to comply properly with SOx. The PMO identified which financial processes require coverage by CETs, by analysing the global oil company financial data.  This ensured that all in-scope processes were covered by CETs but also helped identify those processes that did not require CETs.

“The challenge with SOx is to come back to what’s appropriate – initially, a lot of companies were doing too much,” says O’Brien. “Now, people are finding their feet and looking at what’s really necessary. The idea was to be compliant, but not over the top. I think people have learned lessons from the last three or four years.”

The project has now been completed. “We handed it off to the global oil company’s internal team in September 2007, and they have built on our work,” O’Brien says.
The client is happy with Chaucer’s work as well.  Nick Elmslie, the Financial Controller for the global oil company’s downstream business, said “The SOx project has been successfully delivered over the past few years with very few issues arising in such a complex environment.  Chaucer has made a significant contribution in helping us to achieve our SOx compliance”.


Key deliverables included:

• Helping to embed and maintain the global oil company Sox 404 process
• Programme plan development and maintenance
• Budgetary control and cost tracking
• Priority scheduling and maintenance
• Communication between responsible parties
• Risk workshop development, implementation and support
• CET management and tracking
• Self-assessment tracking and reporting
• SharePoint (data warehouse) maintenance

In this section 

• Subject matter
• Audit & Assessments
• Business case production
• Change management
• Coaching, mentoring & facilitation
• Communication & engagement
• Benefits management
• Governance & assurance
• Human resources
• Mergers & Acquisitions
• Operations & Process
• Outsourcing & Offshoring
• Performance improvement
• Project & programme management
• Regulatory compliance
• Workforce management
• Risk management
• Sales & Marketing
• Strategy
• Supply chain management
• Information Technology