Regulation and cyber attacks - a perfect storm for SaaS
- Summary:
- A confluence of regulation and cyber attacks make the case for cloud based ERP aka SaaS an inevitable requirement.
The recent awful news about a global cyber attack that killed or crippled businesses as diverse as healthcare in the UK, and auto manufacturing at Renault and that continues roiling Asia might in the future be regarded as the tipping point that sent enterprises scurrying to the cloud. To be sure enterprises have been avid users of cloud computing for a long time but the immovable object of enterprise IT has been a company’s ERP system. Availability of good, cheap, secure, ERP in the cloud might be the irresistible force, especially if you add in security and the changes to revenue recognition best practices the accounting boards have mandated.
Beginning on January 1, 2019 you’ll need to conform to new rules for how you recognize revenue for subscriptions. You might not be a subscription business—maybe you just dabble in offering products as services to help garner an additional 10 percent of revenue. Regardless, the new rules apply to you. Ditto if you think you’ll ever want to try. In the U.S. the new rules go by the name of ASC 606, if you are a European business the International Financial Accounting Standards Board or IFRS has your number, in this case it’s IFRS 15.
Compliance will mean more than simply implementing new software. It will also require you to, “Inventory all contracts for revenue recognition requirements, match the revenue with expenses for the cost of goods sold, identify elements of contracts that will matter to this, and analyze obligations for performance,” according to Dan Kaltenbach, CFO of Icertis a company that specializes in automating the contracts effort. That’s the short version, too.
Tien Tzuo, CEO of Zuora, a subscription invoicing and billing company has had a ringside seat to the situation for many years. Tzuo told me,
For years the rules didn’t make sense. There were no standards for how subscription revenue was recognized which left investors no way to make apples to apples comparisons on how revenue and expenses were being reported.” He summarized saying, “This is Y2K huge and companies aren't ready. If they are public companies and have to delay or worse, are out of compliance valuations will crumble. That will make them a target for shareholder lawsuits and activist investors.
SaaS back office/ERP providers including NetSuite, Financial Force, IntAcct and a slew of others have been doing very good cloud ERP business, thank you very much, catering to startups, small to medium companies and even small enterprises for a long time. Oracle and SAP have tended to skew to the larger entities but that’s changing if, for instance you look at the last several quarters reporting from Oracle. So the perfect storm includes these factors:
- Cloud ERP is now ready for prime time in the enterprise and has been for a while.
- Cloud computing is more secure than anything your IT department can do given the budget they have to work with. It just is.
- It will save you a bundle at a time when all bundles would be gratefully accepted.
- In case we need to say this, if something were to go wrong as with a security attack, someone else has your back and will fix it.
Still a problem? Refer back to point 2—Cloud vendors can spend more on security than your whole IT budget, and Oracle for instance, builds its own hardware with hardware security built in. Some of its competition uses that hardware too, something to ask about when you’re shopping. Is it all fool proof? No, but in the dispute between good guys and bad guys cloud makes it a fair fight for the good guys for once.
While converting from on premise to cloud might be expensive and it could remind you of the last time there was a rip and replace program. Back when you were young and working nights and weekends was a new experience you did that and swore you’d never do it again. That may have left you a little bit jaded. This time doesn’t have to be like that. Major ERP vendors like Oracle and SAP are offering help.
A recent article in Forbes by Sasha Banks-Louie of Oracle states what we all suspected, according to a 2016 study conducted by Nucleus Research,
The average expense for companies to set up their on-premises ERP systems—including software, hardware, consulting, personnel, and training—is about $8 million. When compared against just $2.6 million to set up ERP apps in the cloud, most CEOs and CFOs would agree that the time to purge the on-premises data center is now.
Also, an earlier Forbes piece by SAP’s Derek Klobucher says,
The average Fortune 1000 company needs 18 months to prepare for such a sizable change in the revenue recognition process,
...and that means you’re out of time. Or are you?
My take
The cool thing about cloud ERP, which has been demonstrated very often by Microsoft, NetSuite, Financial Force, Zuora, and others has been that rip and replace is no longer mandatory.
These vendors have perfected the surround strategy in which the premise based ERP is walled off from the real world while cloud apps make nice with rules variations. If you were to take this path to the cloud you’d still have the task of contract review and translation but that’s a different problem and there are apps for it.
But the confluence of security threats, growing expenses of maintaining on premise ERP solutions, changing accounting rules, and the threat of more rules changes (there are always rules changes) suggests that now might be a really, really good time to consider migrating your ERP to the cloud.
You might not exactly want to do it but you’re running out of options and you don’t want to wait until you have exactly none or someone asks you very politely for a gazillion Bitcoin to unfreeze your system.