The Dodd-Frank Wall Street Reform and Consumer Protection Act is legislation that was passed in the aftermath of the financial meltdown of 2008. It seeks to create more oversight of the financial industry but will have much broader implications for companies in other industries as well. This should drive a new set of compliance requirements that VARs can use to create discussions with their customers and prospects around infrastructure.
What the Dodd-Frank legislation means for companies depends on a lot of factors — such as the industries they’re in — and the ramifications for data storage and IT are still unclear. It establishes some new agencies, such as the Office of Financial Research and the Financial Stability Oversight Council, which will develop the policy that will drive requirements that companies must comply with. This compliance will eventually mean specific IT initiatives.
The financial industry meltdown was blamed in a large part on a lack of oversight by the government and a lack of control within companies themselves. Many had a cavalier attitude toward the things they did to generate returns, and didn’t push for accountability and transparency. Requirements for better risk management, accountability within the organization for that management and transparency to the outside world are expected to come out of this legislation.
Other regulatory events in recent history have also driven changes in IT. For example, HIPAA, the regulations that govern how medical records are stored and used, pushed many companies to upgrade their data protection infrastructures, which resulted in backup and DR projects for their VARs. PCI was a credit card industry regulation that drove IT security initiatives. And laws governing electronically stored information (ESI) have generated an industry around e-discovery and given rise to an overhaul in the way companies archive information and how long they keep it.
Now the Dodd-Frank legislation is poised to do the same, forcing companies to get a better handle on how they manage their businesses, especially risk. From an IT perspective, one of the changes coming will be in how companies analyze data and what data they capture to do that analysis. This means “big data” and big data storage infrastructures.
For VARs, the opportunities with Dodd-Frank are similar to those that came out of e-discovery, PCI, HIPAA and other regulations. Companies need to learn about these legal developments, how they may be affected and what the IT infrastructure options are when the time comes for projects. The biggest benefit for a VAR is often in just getting a meeting, even if there are no project requirements on the table. Knowing some of the details about these new laws can help VARs to maintain their trusted advisor status and keep a seat at that table when their customers decide what needs to be done.
Follow me on Twitter: EricSSwiss