Factors Influencing SME Compliance with Government Regulation on Use of IT: The Case of South Africa

Introduction

Information technologies (IT) play a key role in the development of nations. Governments are encouraging IT adoption by small and medium-sized organizations (SME) to address poverty, facilitate networking and alliances between buyers and sellers, improve market intelligence, and increase productivity (Nicol, 2003). While IT can provide such benefits, the rise in the level of electronic abuse has led to the establishment of regulatory measures by governments and several SMEs are struggling to comply with them (SMME Review 2003, 2004; SBP, 2003). In addition, there have been very few studies investigating compliance with legislations in SMEs (Massey, 2003; SBP, 2003; Washkush, 2006) and in particular compliance with regulation on use of IT. Consequently, little assistance or guidance is available for these organizations on how to address these issues (Upfold & Sewry, 2005). The present study examines this problem in one developing country, South Africa.

South Africa has recently enacted the Electronic Communications and Transactions Act (ECT Act, 2002) and compliance with this law has however created many challenges for business organizations. Computer Business Review (2004) shows that non-compliance with regulations governing Web sites and online sales of goods have been on the rise in South Africa. This was confirmed by Buys Inc., who reported that several organizations had not implemented notices, terms and conditions and opt-out options on their Web sites and that many did not even know how to go about handling compliance issues (Elc, 2005).

SMEs in South Africa operate in a unique regulatory environment characterized by over-regulations, poor resource allocation, high illiteracy levels and lack of capital. The factors influencing SME compliance with regulations on use of IT have not been investigated. Furthermore, given the fact that the profile of SMEs in urban areas differs from that of rural SMEs in South Africa (see Orford, Herrington & Wood, 2004), it is possible that factors constraining compliance in these groups may also be different. These factors need to be understood clearly if effective solutions to SME compliance challenges are to be provided and appropriate enforcement policies developed. SBP (2003) argues however that there is limited research-based evidence to create this level of understanding and to guide the development of useful solutions to compliance challenges in South Africa. They maintain that available information is patchy, contradictory, and over-reliant on anecdote.

The contribution of this article is in providing empirical evidence about the factors influencing SME compliance with the ECT Act of South Africa. Literature on compliance across various fields was synthesized to create a comprehensive framework for examining compliance behaviors in SMEs. The study confirms that several factors (e.g., business, industry, economic, technological, sociological and psychological) combine to influence compliance behaviors in SMEs. The study also shows that compliance levels are much lower in rural than urban SMEs. This difference in behavior can be explained by the fact that rural SMEs are more likely to incur high compliance costs; less likely to be aware of regulations; less likely to be educated on compliance and security; more likely to perceive regulations to be unfair and less likely to have adequate system control measures. SMEs in the marketing and finance sectors however tend to respond positively to the Act because they establish formal procedures and adopt good practices.

In the following sections the researcher begins with a review of the South African regulatory environment and its impact on the SME sector. The ECT Act (2002) and the key compliance elements examined in the present study are introduced and compared with e-commerce laws of other countries. This is followed by a review of the theories of compliance with regulations which leads to the development of a framework for evaluating compliance with legislation on use of IT in SMEs. The research methodology is then presented followed by the results and analysis of findings. Finally, conclusions are drawn and useful recommendations are made at the end of this paper.