SAP gives compliance dedicated unit

Companies overwhelmed by compliance requirements could find support from a new SAP business unit that aims to provide a holistic software approach to a fragmented process.

The Governance, Risk and Compliance Management (GRC) business unit, announced Tuesday at the Sapphire customer event in Orlando, Florida, will leverage SAP's existing software and help develop new technology to help companies meet a growing list of compliance requirements, such as the Sarbanes Oxley Act (SOX), Food and Drug Administration (FDA) regulations for pharmaceutical companies, and Basel II for the banking sector.

The move comes as companies attempt to manage more and increasingly complex compliance regulations, which often cross industry sectors. Especially for those companies with highly fragmented business processes and systems, the costs of managing their compliance requirements can add up quickly.

Until now, compliance has been handled separately by SAP's various business and product units, according to spokesman Bill Wohl. That will change with the new GRC unit, which is being established as a core competency center for compliance issues across product and industry sectors, he said.

The unit will benefit from SAP's recent acquisition of Virsa Systems, whose compliance software helps companies monitor and enforce business controls in real-time across their enterprise and legacy systems.

Prior to the acquisition, the two companies already had a close relationship: SAP resold Virsa's Compliance Calibrator as an add-on to its mySAP ERP (enterprise resource planning) software. Additionally, SAP Ventures, the company's venture capital arm, was an investor in Virsa.

SAP has yet to appoint a director of the new unit and decide on a location, but the competency center will be part of the product and technology group headed by executive board member Shai Agassi, according to Wohl.

Sapphire runs through Thursday.