With today’s evolving business models and growing complexity, governance, risk and compliance activities need to become proactive instead of reactive.
Moreover, they need to move from siloed to integrated risk thinking in order to be effective. Here is where technologies such as robotic process automation (RPA) are gaining a lot of traction around the world.
However, people have a real fear that robotic technology is taking over jobs, said Kirti Harcharan, head of Alice at BDO, who presented a keynote at ITWeb’s Governance, Risk & Compliance event, held this morning at the Maslow Hotel in Sandton, and online.
Alice is a robot auditor platform which was developed by BidVest and introduced by BDO last year. It allows BDO to deliver digital auditing solutions empowered by intelligent automation.
In her keynote titled “Leveraging new technologies such as AI and RPA to build more robust and effective compliance’’, Harcharan said people inherently do not like change, but change is needed.
“It becomes a question of how to change people's mindsets, to get them thinking about the art of the possible, and to get them to buy into this idea of digital transformation.”
According to Harcharan, this involves reskilling workforces in all lines of business, from the very junior level, right up to C-level executives and board members.
“The first aspect is looking at your people and finding ways to support them with all the change that's happening. The next thing is to bring the right specialist skills not only into the organisation, but into teams, so that they have a basic understanding of business processes. They can then use these skills, such as data engineering or data science, to leverage off the data.”
Another aspect, she said, is change management.
“How do you help people go on this journey? Do you need to bring in someone to help the organisation and staff change the way of thinking, and to identify the resistors in your business? In order to make a success of your digital journey, you need the support of your workforce, again, from junior level to the board and the regulators.”
Lastly, Harcharan says itbecomes less about the time being spent on a certain task and more about the value being brought, and the levels of assurance being created.
“The next element is processes. If you're going to be doing combined digital assurance, you can't simply take your traditional processes that you've been doing day on day, year on year, and digitise or automate them. You need to rethink processes, and ask questions such as whether there’s a better, faster or smarter way to do something.”
In addition, she says key to any RPA or any digitisation is quality and risk. “You don't want to build or implement something that's not stable or is not ticking all the quality boxes and may lead to further risk areas and further errors that wouldn't ordinarily be there.”
Data is also key to everything that each organisation and entity does, so getting the right data, having that at the centre, and governed and owned with proper risk and control processes around it, is key. “If your data is not properly governed and protected, it does lead to errors later on in the cycle.”
Finally, there’s technology, she said. This needs to be an investment that fits the organisation, works for its people, and meets the business’s needs and requirements. “Getting the first three steps right first, before you get to the technology is key. A common mistake we see is that organisations go and buy the technology first and try to get it to fit the people and the organisation.”
Share