The Covid-19 pandemic has forced companies to make significant changes to their internal audit processes and how they prepare for external auditors to review their financial statements. The biggest difference that has occurred from approximately March 2020 to now is that remote audit work has largely replaced in-person teams. Almost extinct are groups of auditors taking over conference rooms for days on end to review paper financial statements, spreadsheets, and documentation.
This dramatic and sudden change in the way internal audit worked also highlighted a problem with many of its manual processes. Labor-intensive tasks that were previously chalked up as necessary inefficiencies were now impossible to complete remotely. What was needed was a rethinking of the way financial records were developed, entered, stored, and verified, so accountants and auditors with the proper authorizations could access, build, analyze, and draw conclusions from them.
During a recent Compliance Week webcast, “A Crash Course to Achieving a Seamless Audit Process,” sponsored by audit cloud software vendor BlackLine Systems, attendees were asked whether they had implemented additional controls for their financial and accounting organization since the start of the pandemic. Half of the 187 live respondents said they had; 32 percent said they weren’t sure; and 18 percent said no.
The responses weren’t that surprising, said Susanna Metzler, strategic innovation manager at BlackLine and a former senior analyst and accountant at Johnson Controls (formerly TYCO). According to data cited from a recent Association of Certified Fraud Examiners (ACFE) member survey featured in the report “The Next Normal: Preparing for a Post-Pandemic Fraud Landscape,” 80 percent of organizations have implemented one or more changes to their anti-fraud programs in response to the pandemic. More than half (51 percent) of organizations have uncovered more fraud in that time, and 71 percent expect fraud impact to increase over the next year.
“A forward-looking organization uses this pandemic situation as a time of reflection, to really assess its current risk environment and determine where to focus those efforts and mitigate risks into the future,” Metzler said.
Using automation can be one of the best ways to reduce risks that arise from manual processes and remote audit work, she said.
In another poll of attendees, Metzler asked where there are opportunities to refocus finance and accounting teams. The most popular response (22 percent) was to automate reconciliations and reduce reliance on spreadsheets. Respondents also saw opportunities to centralize documentation and controls and free up more time for analysis (both 19 percent). Others answered they’d like to upgrade and improve intercompany processes and increase visibility to internal/SOX (Sarbanes-Oxley) controls and trends (both 14 percent). Respondents could choose multiple answers.
“A forward-looking organization uses this pandemic situation as a time of reflection, to really assess its current risk environment and determine where to focus those efforts and mitigate risks into the future.”
Susanna Metzler, Strategic Innovation Manager, BlackLine
The way to start on the path to automating your internal audit process is to examine where the bottlenecks exist, Metzler said. “What is taking your accountants long hours to complete?” she asked. Most common bottlenecks occur because of the use of manual spreadsheets, from large amounts of data that exists on paper, or data stored electronically but in many different places. Data storage is ripe for automation, Metzler said, freeing teams to spend more time analyzing data and less time compiling and verifying.
Another benefit of automation is the standardization of controls. In many organizations, controls, policies, and procedures are not stored and accessed by employees in one centralized place but exist in various locations. Documents necessary to verify certain transactions are scattered among different offices and departments and can’t be accessed remotely. This situation leads to inefficiencies that slow down the process and can contribute to errors, Metzler said.
What is more ideal is a system in which controls, policies, and procedures are baked in and documentation is stored in a centralized arrangement that can be accessed remotely, quickly, and easily by authorized users.
Webcast attendees were asked areas of focus where they would like to see enhanced controls and told they could choose as many options as they wanted.
One in five (20 percent) said they would like to implement robust controls around policies, processes, and quality reviews. Right behind was to increase focus on IT controls (19 percent), followed by enhance risk management capabilities (18 percent), ensure collaboration with internal auditors (16 percent), and build on talent and skill development (15 percent).
Some of the areas where automation could make a significant difference in eliminating inefficiencies and errors include bank reconciliation, credit card analysis, fixed asset roll forwards, payroll, utilities, property taxes, GR/IR (goods receipt/invoice receipt), and lease accounting, Metzler said.
“Process automation allows your business to break down the business-driven silos, earn that win-win with your auditors, and work more efficiently and accurately,” she said.
Metzler said by using BlackLine tools when she was at TYCO, her team was able to achieve a 75 percent reduction in audit findings among 75,000 accounts and reduce external audit fees by about 50 percent.
“Please don’t just accept the way things are and the way they’ve always been done,” she said. “Instead, seek to understand the entire process from end-to-end, and then challenge it. Strive to exceed strategic and operational goals by contributing to the creation of a high-performing and sustainable organization.”