With sensitive data residing in SAP and other&nbs...
What CXOs Need To Know: Economic Recovery Is Not An End To Disruption
Around the world, business leaders are all asking themselves the same question: Is there light at the end of the tunnel? If you ask top executives at the top global companies, they’d say yes. But does economic recovery mean a welcome sigh of relief and smooth sailing after a year of challenges?
CXOs are gaining optimism about an economic recovery coming in 2021, with PwC reporting that 76% of CEOs believe we will see a return to pre-pandemic economic growth this year. While many are sure that the return to growth and prosperity is around the corner, one thing is for sure — the landscape has changed as a result of the Covid-19 pandemic. The world we will return to will be different than the world we left 12-plus months ago and will likely require a sustained focus on operational efficiency.
Why, might you ask?
For starters, digital transformation has pushed enterprises to make leaps and bounds in terms of innovation. McKinsey has reported that digital transformation has accelerated, producing anywhere from three to seven years’ progress in just one year’s time. Rapid technology adoption has allowed enterprises to adopt more flexible working arrangements that increase productivity and efficiency. However, with that change has come risk, and digital threats have leapfrogged to be the CEO’s No. 2 concern related to business continuity.
While much has been reported about insider threats, they are not just the bane of CISO’s and CIO’s existence. As the Association of Certified Fraud Examiners points out, the pandemic has provided a perfect storm for insider financial fraud, often conducted by seemingly happy and engaged employees. With fraud historically amounting to up to 5% of overall revenue, CFOs, controllers and even CHROs need to be on the lookout for these lurking threats.
Financial executives already have plenty of potential post-pandemic changes to worry about. One of the most discussed items on the horizon is the proposed increase to U.S. corporate tax rates. However, CFOs are still worrying about the potential for inflation, not to mention the record debt on their balance sheets. Pair that with the rising costs of headcount as the U.S. economy surges back toward zero unemployment in several sectors, and it might sound like the recovery is bringing more work than it is bringing relief.
As leaders are pushed to find areas ripe for digital transformation, they would be well served to investigate their business control program. Business controls are critical to catching fraud, which is commonly hidden in revenue recognition, sales-related schemes and other similar approaches. Properly tested controls are essential in finding the needle in the haystack — the handful of fraudulent transactions which might be hiding in the billions of overall transactions that occur in a given year. Additionally, these controls can help to make sure that operating capital is being used efficiently, processes are running smoothly and the business is overall optimized.
Though business controls are an essential asset to any enterprise, they have fallen by the wayside, overlooked in the context of digital transformation.
Today’s enterprises typically suffer from a manual, costly and ineffective controls environment, consisting of:
- Controls that are tested once a year, leaving threats such as data loss and fraud to sit unresolved for up to 12 months, increasing risk exposure dramatically.
- Three percent sample testing of controls, leaving 97% of transactions untouched and, therefore, not optimized by the business control framework.
- Manually testing and reporting, requiring dozens of full-time employees and or millions of dollars in third-party expenses with audit and validation firms and opening the door to human error.
- Siloed controls reporting, limiting visibility for management.
Given the importance of a strong business controls environment and the opportunity for digital disruption, it only makes sense that executives would explore ways in which their controls landscape could be modernized for the post-pandemic world.
Continuous controls monitoring (CCM) will shift from a wish list item to a must-have capability for leaders of enterprises looking to protect their organizations while optimizing their ability to exit the pandemic recovery as a leader. This differentiated approach to managing business controls is not new, but it is now technically feasible and thematically relevant in today’s complex world. The core tenets of a CCM model include the following:
- Transactions are tested for each control as they are committed, giving you a real-time view of any violations, for immediate investigation and remediation.
- One hundred percent of transactions are tested automatically for each control, for complete visibility and control of all business processes.
- Transactions are automatically tested by process enforcement logic, removing the need for human labor and eliminating the risk of human error.
- You get a unified view of all controls, with a centralized consolidation of controls testing results through the integration of various ERP, CRM and HRM data feeds.
As enterprise leaders look to ensure they capitalize on the opportunity that the post-pandemic recovery can provide, their business controls strategy is likely ready for optimization and transformation.
When moving forward towards a CCM model, business leaders should keep in mind the following tips to achieve a smooth implementation:
- Adopt a controls maturity model to move from proactive to prescriptive to predictive. Like a pyramid, the controls infrastructure must be built up from the foundation.
- Prioritize valuable controls first to get quick wins. However, don’t adopt a solution that only provides coverage for one area of the control landscape (e.g., ITGC only).
- Plan ahead for change. Existing personnel still adds value in a new CCM model, with increased technical skills and understanding of the business’ processes.
- Work with internal as well as external audit teams and educate them on the benefits of the new controls infrastructure.
A well-orchestrated migration to CCM can drastically reduce fraud, audit costs and unused cash within the business — all while providing unparalleled visibility into the health of the business.