The digital revolution may be well into its prime, but the disruption is far from over. New and emerging technologies continue to shape (and reshape) how organizations operate and adapt to their customers. While these tools have opened the doors to new capabilities and market opportunities, they have also driven the need for stronger and more adaptive risk management strategies.
No doubt, the pressure is on boards to ensure that adopting new technology does not come at the expense of the organization's security, efficiency, and bottom line. That includes the Audit Committee itself, which has the responsibility of overseeing that management has the right controls and processes in place (and they're being monitored) to safeguard the finance function from the technology risk.
And there are many risks to consider. As organizations take their operations to the "cloud," they must do so with a close eye on security and third-party vulnerabilities; while tools like automation, artificial intelligence (AI), and machine learning must be closely monitored to ensure they are operating as designed and in sync with existing systems. Similarly, as organizations seek to unlock more valuable insights through data analytics, the Audit Committee has a part to play in ensuring that data is being collected, analyzed, and secured appropriately and responsibly.
Protecting an organization against the risks of digital disruption is not a responsibility of the Audit Committee alone. Nevertheless, protecting the integrity of a company's finance function in this technological age requires a heightened level of due diligence – one in which the Audit Committee is continuously attuned to the risks that each new piece of technology poses to both their financial domain and anything that feeds into it.
There is risk too in doing nothing. Audit Committees should know how the finance function is leveraging technology to improve efficiency, reduce risk, and increase value for the organization. Automating processes can dramatically increase data integrity and effectiveness of controls. Technology also enables continuous monitoring of information, leading to issue identification and resolution in real-time. Reducing manual processing can give finance functions the capacity to be true partners of the business, providing valuable insights from data.
The good news is conversations around digital disruption are evolving. Whereas discussions about AI, automation, cloud computing, and data analytics used to focus on the "art of the possible," today's organizations are making tangible investments and moving forward with implementations. Here again, Audit Committees have an essential role to play in ensuring there is a robust business case for technological investments and the risks of implementing new technologies are appropriately mitigated.
What should Audit Committees be asking?
"Whenever we change something in the finance operations, we change the risks that exist. Companies need to embrace new technologies, and Audit Committees have a vital role in ensuring the right technologies are appropriately implemented and that the risks to the finance function are mitigated."
Heather Cheeseman, Partner, Audit, KPMG in Canada.