Auditors may have suffered a reputational crisis in the wake of recent corporate financial scandals; but using artificial intelligence and data analytics, the profession hopes to reinvent itself.
Auditing in the 1960s was regimented. “We had a strict dress code: Only black and white were allowed,” says Gianni Mion, who worked at chartered accountants Peat Marwick Mitchell from 1966 to 1973 before the company merged in 1987 with KMG to form KPMG—the first megamerger of large accounting firms. “Even a pale colored shirt was out of the question,” he says.
Recalling his apprenticeship at Peat Marwick Mitchell, Mion, formerly executive vice president of Edizione Holding, which manages the Benetton family’s diversified business interests, says the workload was huge. “At the beginning it was not so clear why we were doing what we were doing,” he says. “During our training, a manager from New York told us how the audit was important to defend the market and that the market was important for democracy. His speech was convincing. It gave a meaning to all the hard work we were doing. Since then, I always trusted this was the case.”
Move forward 50 years and, ravaged by a string of corporate and financial scandals in the United States and globally, the auditing profession is now subject to higher levels of regulation. Still, the ultimate purpose of external audits remains the same: providing a guarantee of the quality of financial data for the market.
“Auditing has changed, and it is changing for the better,” says Russell Guthrie, executive director of professional relations and CFO at the International Federation of Accountants (IFAC). “Sarbanes-Oxley was implemented in 2002 as a result of major corporate failures in the United States, and like Dodd-Frank—implemented after the global financial crisis—it had global ramifications,” says Guthrie. “SOX not only helped make the profession more accountable, but it also focused on strengthening corporate governance. It’s also important to note that, along with SOX, the IFAC reforms of 2003 also vastly strengthened oversight of the profession and embedded the public interest at the heart of standard-setting.”
Now, though, thanks to the use of data analysis and artificial intelligence, the audit can offer more, becoming a tool for corporations to ultimately better understand their business and the risks they face. “This is the most exciting period for [auditing] in my 30 years in the profession,” says Bill O’Mara, global head of audit at KPMG International. He points out that the use of new technologies is changing the profession. “The audit has not changed significantly in [all] the years that I’ve been in the profession; but now I really believe that, through these innovations, the audit is on the cusp of major evolution.”
KPMG has introduced data analytics into a new auditing platform, called KPMG Clara, which is due to launch in mid-2017. “For our clients, it represents deeper actionable insights in real time, flagging the exceptions they need to know about, when they need to know about them,” says O’Mara.
As an example of what external auditors can now provide thanks to new technologies, O’Mara says that they can offer additional assurance to investors over the corporate governance of their investees. “The German Audit Oversight Commission has issued assurance standards that enable the auditor to perform this work,” he explains. “For example, KPMG in Germany has provided assurance over the effectiveness of the compliance management of larger public [DAX 30] companies.”
KPMG is also hiring data scientists, actuaries and mathematicians, and it is working with major universities to develop a curricula that will produce data-science expertise. O’Mara says that in the United States KPMG has partnered with Ohio State University and Villanova School of Business to launch a data and analytics master’s degree to prep data-age auditors, with KPMG paying the tuition and room-and-board costs for students as prospective future employees. These programs lead to an accounting master’s degree with a concentration in data science and analytics.
“We are at the beginning of a journey for the profession regarding how you
innovate—how you use technology in a more important way to analyze larger sets of data,” says Leonard Combs, US chief auditor and leader of auditing services, methods and tools at PwC. “We have to look for anomalies in the data and use human judgment to assess the outcomes of the analyses and tests performed.” Instead of looking at just a sample of transactions, Combs says a whole set are studied to try and identify anomalies and to provide insights to help management and the audit committee identify why these anomalies are occurring and make recommendations for addressing them.
AN ERA OF DEREGULATION
PwC has a data auditing tool called Halo, which received the audit innovation of the year award at the 2016 forum of The Accountant and the International Accounting Bulletin in the UK. Halo uses artificial intelligence to unlock patterns and trends. These new capabilities present themselves at a time when audit regulation could undergo heavy revision under the new US administration of Donald Trump, which aims to lessen financial regulation.
It is too soon to know the ramifications of deregulation for the audit function, but experts say that freeing resources up could allow developments in the
identification of risks. “It appears that the new administration might be de-emphasizing a lot of regulations,” says Richard Chambers, president and CEO at the Institute of Internal Auditors. “Compliance risk will perhaps go down, but what will happen depends a lot on how successful the repeal of these regulations is going to be.”
“Assuming there is a certain degree of success, and we have less [regulation], that will mean a lessening of [the]risk that constitutes a portion of internal audit’s work,” says Chambers. “That [could] free internal auditors up in many instances to focus on other risks that are potentially more critical to the organization.”
Chambers says new compliance requirements often divert existing internal audit resources to look at compliance without a specific regulation in mind. “Studies have shown that the real risk to shareholder values is not compliance or financial reporting,” says Chambers. “It is these strategic risks: the kind of risk that caused the code-hack in Blackberry. Having internal audit in a position to examine whether management has identified these risks, and communicating them to the board, is a much healthier use of internal audit resources than doing compliance.”
Ultimately, developing technologies will allow auditors to provide better insights into business-critical information and risks, says Felice Persico, EY global assurance vice chair. “This in turn will build trust and confidence in the capital markets and help drive sustainable growth.”
“Essentially, technology allows us to see more clearly, deeper and faster,” continues Persico. “It enables our auditors to spend their time on the higher-risk areas and to focus, not only on applying their professional judgement on current information, but also on looking ahead to factors influencing long-term value sustainability.”