Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

Middleware Makes RFID a SOX Compliance Tool

A financial consulting firm is marketing RFID middleware designed to send tag data into Sarbanes-Oxley software, eliminating data errors and lowering compliance costs.
By Mary Catherine O'Connor
Mar 09, 2007The end of each fiscal year can be a hectic time for Security Financial Group (SFG), a Minneapolis-based consulting organization that provides financial auditing services. SFG consultants are busy helping customers comply with the Sarbanes-Oxley Act (SOX), a U.S. legislative mandate designed to ensure that companies practice accurate financial reporting. Richard Hettler, SFG's president and CEO, says that since the passage of SOX in 2002, U.S. companies with earnings between $5 million and $50 million have each spent an average of $4.3 million and 26,000 hours of labor to comply with it.

Much of this burden is a direct result of inaccurate data—relating to such things as goods sold or manufactured, or the acquisition of valuable assets—being manually inserted into enterprise reporting systems, which then feed the erroneous data into software made specifically for SOX reporting. This kind of error might be introduced when a store clerk keys in a stock-keeping unit (SKU) rather than scanning a bar code on an item because the bar code is either too dirty to read or otherwise inaccessible. These reporting systems encrypt the data, Hettler says, so erroneous data is impossible to find once entered.

Eliminating these errors, explains Hettler, is the most direct way to reduce costs and ease a company's customers' burden in complying with Sarbanes-Oxley. Therefore, Enterprise Compliance Inc. (ECI), a technology developer and spinoff of SFG, is marketing RFID middleware intended to send RFID tag data, derived from any RFID tracking system deployed for supply chain or asset-tracking applications, into Sarbanes-Oxley compliance software made by Certus, a provider of software tools for corporate governance applications. Hettler says ECI's internal tests of the middleware show that by eliminating data errors from supply chain or asset-tracking sources, the software should enable companies to lower the costs of Sarbanes-Oxley compliance by as much as 40 percent.

According to Hettler, the middleware, called Excalibur, was developed by an undisclosed software development company based in California, using Microsoft's .NET framework. Excalibur's system architect, Tanveer Khan, says the middleware has device management capabilities that can be applied either to EPC Gen 2 UHF hardware, or to standard 13.56 MHz RFID hardware. Khan adds that the middleware utilizes EPCglobal's application-level events software standard for collecting and managing EPC data.

ECI initiated development of the middleware, Hettler says, after recognizing that the adoption of RFID systems among many SFG clients in the consumer goods and retail industries could act as a springboard for improving the accuracy of data sent to the Sarbanes-Oxley software its clients employ. What makes Excalibur unique among other RFID middleware offerings, he adds, is that it converts the tag data into a format that can be sent directly into the Certus Sarbanes-Oxley software.

The middleware has been successfully tested with a number of EPC Gen 2 readers, including those made by Alien Technology and Motorola's Enterprise Mobility Business division (formerly Symbol Technologies). It has also proven successful with reader modules from WJ Communications.

RETALED_ARTICLES "Say a clerk enters a quantity, price, SKUs and level of inventory reduction as result of a sale," explains Hettler. If any of this data is entered incorrectly, "it gets encrypted and no one knows it's wrong. So we decided that RFID could offer relief here."

For this middleware to operate properly across an entire enterprise, RFID tags would first need to be attached to all products and assets being tracked for Sarbanes-Oxley compliance. Hettler says he is bullish on how soon such tagging might happen, noting, "We have some heavy-duty players ready to jump into this." H expects to be able to announce early tests and deployments sometime in the next 90 days. Those interested in obtaining information about the product can contact Richard Hettler directly via e-mail at sfg.executiveoffices@gmail.com, or by phone at 952-948-9049.
  • Previous Page
  • 1
  • Next Page


CPA OFFICES 2007-03-16 04:36:26 PM
Cost of the Excalibur System Your article describes possible savings of 40% in a typical Sarbanes Oxley audit which per my calculations amounts to $1.72 million of the estimated $4.3 million- is that correct? and if it is correct, what are my costs to acquire and have the Excalibur system installed?

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations