In the last few weeks, most of us have been working from home and adjusting with the ‘new normal’ whether it is working in a different environment, heavy leverage of technology or operating with remote teams.
Whilst in lockdown, one of things I did, like a lot of people, was to catch a glimpse of my favorite epics Ramayana and Mahabharata. An important lesson that both these epics impart is that, irrespective of the difficult situations one goes through, one should never forget his/ her dharma (Righteousness), whether it is war, loss of loved ones or loss of wealth. The timeless lessons include Acting with Integrity (abiding by the cardinal rules), Raj Dharma (duties of leaders towards people) and, ensuring Good Governance and Commitment (in managing one’s affairs). Applying these teachings in the current scenario, people in-charge of Corporate Governance, including the Board and Audit Committees, need to abide by their Dharma of ensuring Good Governance and effective control framework. This duty bestowed by virtue of expectations from the Stakeholders and by virtue of the regulations. Hence, a verse from the age-old scripts, “Dharmo Rakshati Rakhshitaha”, “Uphold Dharma and you shall be upheld”, still stands out as a sermon, which can largely be applied to organisations during these testing times. “Uphold Governance and the Organisation shall be upheld”.
An organisation’s control environment forms the foundation of effective Governance and has a direct impact on financial reporting. Looking at the rapidly developing scenario, Internal control framework will need to evolve to ensure organisations abide by their ‘Dharma’ of ensuring Governance, along with fighting the crisis. The new normal of a remote work environment has led to several new sets of challenges (e.g. Unauthorised or fraudulent transactions, changes in authority matrix, dilution in segregation of duties, cybercrimes, ineffective review controls, etc.) which require the Management to determine if defined controls are still adequate, operating as designed and addressing all risks, especially given the emerging risk and control environment.
The underlying themes of such controls which have now been impacted include:
It is critical that Organisations introspect on certain fundamental aspects ensuring Governance:
Organisations need to adopt certain critical changes in existing control environment to adjust to the “new normal” of working and to re-assure healthy control environment, across all stakeholders. These include –
Since the dharma to ensure good Governance is inevitable and there are changes across the controls landscape involving different stakeholders including Controllers, SOX / IFC coordinators, Internal Auditors, Risk officers, etc., there is a need for a collaborative approach involving all in-charge of Governance to work towards an “Integrated Assurance”. Organisations need to reevaluate the effectiveness of Internal controls system, keeping in mind the short term, medium term and long-term impacts of the pandemic and organisation strategy. This needs to be done by implementing enhanced or compensatory controls, updated polices and procedure, effective use of technology and automation in processes.
A very few Corporates have achieved advanced maturity by substantially automating their controls via ERP Enhancement, RPA, Workflow System, DMS with an automated real time process governance monitoring. However, majority of the Companies are still heavily dependent on manual controls. While these advancements have always been on the “Wishlist” of Companies were not implemented due to budget constraints. This, however, has now become one of the essential and non-avoidable priorities for effective Governance.