Independent, third-party audits have long been viewed as a necessary component of doing business. It’s something that generally must be performed in response to outside forces (i.e., banking institutions, external equity holders, etc.) in order to maintain a corporation’s capital structure. Now, more than ever, the auditing profession is facing emerging trends in technology and changing attitudes of people causing us to re-examine and re-invent the role of auditors and how we do our job.
In today’s fast-paced, nimble business environment, we’re noticing the perceived value of information obtained from audits may be going down. Since the data is not current or fresh, it tends to be viewed as static, after-the-fact; therefore, not directly related to the bottom line. A growing perception that audits are simply a “commodity” is also de-valuing their usefulness. As such, fewer in-house resources are being allocated to manage the audit process, pressuring professional auditors to work quicker and cheaper. The challenge is to make audits more relevant and useful by optimizing the client relationship and ultimately providing more value.
Auditors frequently touch base with clients to better understand their business, stay aware of issues important to them, and discuss all types of transactions—how they’re accounted for and what improvements can be made. To add more real-time value, an auditor can look at interim numbers throughout the year and give advice to support business-critical decision making. They may also evaluate weaknesses, point out inefficiencies, and make suggestions for enhancing controls. While not the primary purpose of an audit, the extra effort is often appreciated, as new ideas tighten up the overall business.
With accelerated business cycles, attention spans are getting shorter. In the past, data might sit for a day or two before it was reviewed. And phone calls were not returned ASAP. However, technological capabilities of smart devices now enable immediate gratification, bringing a sense of urgency and a whole new set of expectations. People have come to expect phone calls and emails to be answered on the spot, or at least returned the same day. We are all plugged in 24/7.
To remain available to clients, auditors are responsive to calls and emails, and stay in contact often regardless of the day of the week or time of the day. More and more, as auditors serving clients we may not even turn on the “Out of Office” email response when working abroad or on vacation. At Weinstein Spira, we’ve also become more efficient in our processes, following the principles of Lean Six Sigma to streamline what we do, in the same way our client companies are operating “leaner and meaner.”
Cybersecurity: Auditing versus IT
More than in the past, companies are looking to their audit firms to help with cybersecurity issues. This fits with the elements of an audit that look at control systems. But, there is a debate as to who owns this domain. Is IT solely responsible for mitigating cybersecurity threats? Who has the right training to manage this growing area of concern? (You can actually get a degree in Cyber Security these days). It remains an open question, and one which will continue to be asked, as no one can really provide 100% assurance of data protection from sophisticated hackers. Auditors should make every effort to stay current with the most effective safeguards and solutions, keeping a step ahead of clients’ data security needs.
Newer technologies for the workplace are allowing us to do more with less. Audit firms have has been paperless for years, and now they are standardizing and automating tedious tasks once performed manually by staff. This saves on expensive salaries and makes the audit more efficient, which translates to client savings as well. Investing in emerging technologies as they become available should be a priority. A client portal is an example, providing a secure place for communicating back and forth, without the risks commonly associated with email (although, you can now encrypt emails as an added defense).
Then, there are the “super changes”—Bitcoin, blockchain, open ledgers, etc.—enabling third parties or intermediaries to validate numbers in the Cloud. While this may pose a threat to auditors, it keeps us on alert to redesign procedures that better utilize advanced data analysis tools. Soon, it will be possible to bring a client’s entire ledger into a single auditing system, so that we have all their transactions at our fingertips…but, within a secure environment.
Despite all of these trends, I believe auditors will be around as long as there are banks that want someone else to look under the hood and make sure things look reasonably OK. Owners and businesses still want someone to validate what their team is doing and that their basic systems are working. And even with Cloud-based offerings like blockchain, no one will want all of their financial transactions uploaded for the world to see. Furthermore, the true value of auditors lies in their skillful analysis and interpretation of what the data really means.
The future holds exciting opportunities for the auditing field. One thing I know for sure, whatever we’re doing today as auditors won’t look the same five years from now. We may be dealing with similar fundamentals, but the way we operate will be completely different. As clients expect more efficiency each year, the profession will keep streamlining processes through proven technologies. Auditors also look to professional organizations, such as the AICPA, and service providers for guidance as they strive to be on the bleeding edge.