Articles Logan Wamsley Apr 30, 2024
Technology and rapidly evolving risks are pushing financial firms to become more agile. Internal audit can help these firms proactively address change — but first, auditors must work on their own agility.
In analyzing today’s risks, some are more obvious than others. Fraud, for example, is an obvious threat to the financial sector, but a less apparent risk may be equally concerning — the pace of change.
As technology evolves along with customer expectations, the methodologies of bad actors, and ever-changing regulations, financial firms risk being left behind in more ways than one. Meanwhile, internal audit’s mission now includes helping the organization ensure its control environment is agile in the face of change.
But where specifically should financial organizations be more agile in 2024? The answer is complicated.
Promoting agility is more than just a buzzword. To be effectively agile, financial firms must constantly understand the pulse of the industry. Internal audit should monitor trends in two key areas while changing its own operations to keep up with these developments.
Recent data shows there is a stark generational divide regarding the customer expectations of financial institutions. In a recent Deloitte survey of more than 15,000 U.S. banking customers, 63% of respondents ages 18 to 24 and 58% who are ages 25 to 34 say they would like their bank to share information with external platforms or services to add banking products. Conversely, 82% of customers ages 55 to 64 and a staggering 91% who are 65 and older say they would not want their information shared, according to the Consumer Banking Survey: Understanding Customer Needs.
Additionally, many customers now perceive that banks are interchangeable, with 66% of respondents in Deloitte’s study saying banks all offer the same services and 75% saying banking products and services are all the same. If customers believe they could have a better experience almost anywhere, firms must at least match the products and services offered by competitors. However, such findings suggest financial firms have an incredible opportunity to find ways to stand out from the crowd.
Championing organizational agility to stay ahead of the curve is a fantastic way to do that. Adopting customer experience-based technologies designed specifically to reduce friction and improve customer satisfaction is one example. Similarly, virtual reality is poised to transform how bank users engage in daily transactions. By having the foresight to understand what consumer expectations are going to be, the organization can effectively cater to those expectations ahead of its competition.
The customer experience is not the only area where technology can add agility. Artificial intelligence (AI) and the many software tools derived from it have taken the financial services industry by storm. AI’s unparalleled ability to identify data trends enables companies such as insurers to assess individual risk more accurately and efficiently so they can offer more personalized services.
One AI technology trend is regtech, which refers to a category of tools created specifically to help banks and insurers navigate increasingly complex compliance requirements. Verified Market Research projects that regtech will be an almost $87 billion industry by 2028, which speaks to the complexity expected as governments introduce sweeping regulations in emerging financial service areas like fintech. “In the short term, regtech will help firms to automate the more mundane compliance tasks and reduce operational risks associated with meeting compliance and reporting obligations,” notes a Deloitte report on the budding sector, Regtech Is the New Fintech.
The need for these tools only grows when considering another trend making waves in financial services: open banking. Individuals can, in certain contexts, share their financial data with authorized third-party service providers — for example, through an automatic savings app. However, that means institutions that both use such data and allow it to be used are under greater pressure to ensure they have appropriate controls and protocols in place to prevent data exposure.
While the U.S. Consumer Financial Protection Bureau has pushed financial service companies to accelerate the shift to open banking, there are concerns about its security. In a February study by financial and digital news platform PYMNTS, 46% of financial institution executives say the potential for fraud outweighs any rewards they see in open banking. For financial companies already experiencing high levels of fraud, that figure increases to 57%, according to the How Fraud Fears Impact FIs’ Adoption of Faster Payment Solutions report.
Taking a longer view, internal auditors also should consider the role of blockchain banking in the world’s financial future. In many ways, that future is already here. In its Blockchain Statistics 2023 report, information service Finder predicts blockchain spending will rise to $19 billion in 2024, an increase from the $4.5 billion recorded in 2020.
Blockchain can bring flexibility and organizational agility by enabling banks and other institutions to make instant payments and money transfers without relying on the Society Worldwide Interbank Telecommunications system. That makes a truly interconnected, global financial system where all assets are native to a blockchain a greater reality.
It might not be completely realistic for financial services firms to make radical overnight investments in all these areas to become agile. However, internal audit can keep stakeholders abreast of the benefits and drawbacks of each potential move.
Of course, such changes also pose significant risks for the internal audit function, itself. As financial institutions seek greater agility, internal audit must be agile to help the organization avoid regulatory fines, data leaks, or financial losses through fraud or other means.
One of the most important ways to accomplish this goal is by hiring new internal auditors or training current auditors to understand the pace of change — and the controls institutions need in place to navigate it effectively. However, closing the talent gap must be done in a way that does not impede internal audit’s current responsibilities. To accomplish this, talent management must be a key focus of internal audit’s strategic plan, according to Yannis Kavvadias, a manager at Protiviti Switzerland.
In a recent blog post, “As Internal Audit Evolves, CAEs Must Make Talent Management Core to Strategic Planning,” Kavvadias advises audit leaders to start by evaluating the internal audit department’s existing skills and assessing whether they meet the current and expected future needs of the business. “Once that review is performed, internal audit can reach out to trusted advisers and subject-matter experts in the market to enhance the department’s knowledge and understanding of specific topics and areas of focus, as well as invest in its own training programs,” he writes. “This process will contribute to internal audit staying relevant with regard to innovative technologies and the role of the department in delivering assurance to the business.”
Beyond talent management, audit leaders need to have deeper conversations about traditional internal audit roles. In a complex and rapidly changing risk environment, practitioners often note the need to “shift away from the traditional assurance role, in which internal audit reports on ‘what went wrong,” and shift toward a forward-looking advisory role where feedback is provided to stakeholders in real time,” write Baker Tilly Principals Anthony Casey and Benjamin Quigley, in a January article, “Adapt and Overcome: The Evolving Strategic Role of Internal Audit.”
To this end, Casey and Quigley highlight four roles that internal audit should play at different times to keep up with the pace of change:
Just as the risks for financial services firms are changing, so must internal audit adapt its role and scope to match the organization’s current needs and goals. In doing so, internal audit can set an example for the organization about how to become agile in the face of new developments.