There are several key business drivers for establishing a records compliance management program:

Internal Drivers

1. Cost Control and Reduction – Exponentially growing volumes of electronic documents, especially e-mail, are impacting IT budgets – especially storage costs. Successful Records Compliance Management is proven to significantly reduce the operational costs associated with managing electronic records, especially e-mail and messaging environments.



2. Risk Management – records management policies and procedures control the flow of information within and outside an organization. Simply having policies and procedures in place does not guarantee they are followed. They must be automatically and electronically enforceable. Does your organization have the necessary controls to be able to state with complete confidence that its policies and procedures are being followed?
   
   
   • Control the distribution of inappropriate or illegal content through e-mail and instant messaging
     
     
     • 27% of Fortune 500 companies had e-mail related harassment claims (IDC)
     
     
     
     • 65% of companies lack e-mail and IM retention policies (2004 Workplace E-Mail and IM Survey, AMA/ePolicy Institute)
     
     
     
     • Only 27% of companies take advantage of technology tools to monitor internal e-mail conversations between employees (2004 Workplace E-Mail and IM Survey, AMA/ePolicy Institute)
     
     
     
3. Operational Efficiency – automating records compliance management according to policies and procedures can significantly improve operational efficiencies and effectiveness.
   
   
   • Manage mailbox size automatically through the archive system rather than having employees spend valuable time managing their mailboxes themselves
   
   
   
   • Optimize information accessibility – consolidate all records in a single archive and enable the appropriate people to access the information they need, when and where they need it.
   
   
   
   • Reduce the time and resources required to respond to electronic discovery requests.
   
   
   
   • Control personal use of messaging applications through acceptable use policies and messaging supervision to detect and deter abuse
     
     
     • 40% of e-mails at work are not business-related (IDC)
     
     
     
     • 58% of workplace IM users engage in personal chat (2004 Workplace E-Mail and IM Survey, AMA/ePolicy Institute)
     
     
     
4. Privacy/Data Protection – messaging applications, such as e-mail and instant messaging, make the distribution of confidential information outside the organization easy. This includes both personal and organizational data. Personal privacy legislation requires organizations to balance their interests with individual rights. Careful consideration must be given to how legislation defines the monitoring of employee e-mail as an infringement of privacy in the workplace. Also, access to archived electronic records, especially for legal discovery, must be carefully managed.



5. Corporate Governance - High profile corporate failures and malfeasance has led to heightened focus on corporate governance by boards and management, across all industries. Boards are concerned not only by performance outcomes but also by conformance perspectives of governance. Increasingly, the importance of sound information practices is being recognized as an intrinsic aspect of good governance.

External Drivers

1. Regulatory compliance – all organizations are regulated by specific legislation which dictates which electronic records they need to retain and, in some instances, how and for how long they need to be retained. This includes industry-specific regulations such those from the SEC and FDA in the US and their equivalents worldwide as well as broad-reaching legislation such as Sarbanes-Oxley. Organizations need to understand which regulations they must be in compliance with and what policies and procedures need to be implemented and enforced to ensure compliance – decisions that require the collaboration of IT, compliance, records management and often legal teams and business units. The risks of not demonstrating compliance can be high:
   
   
   • Multi-million dollar fines
   • Long-term prison sentences
   • Damaged reputation and lost sales



2. Legal discovery – legal discovery costs for electronic records have become the largest uncontrolled cost in US business today. In many cases costs are incurred due to inferior electronic records management and lack of processes between legal and IT departments. The costs and difficulties surrounding electronic discovery are exacerbated by organizations' continued reliance on back-ups (rather than policy-based archiving), non-enforceable retention policies which result in evidence being inadvertently destroyed, disparate repositories and incompatible systems. Litigators are able to take advantage of the inability of many organizations to produce electronic records, such as e-mail, within mandated time limits and they are using it as a means of forcing out of court settlements.