Dancing with disruption: A forward look at Internal Audit in Banking & Securities
Have you mastered the steps?
Disruption will continue to characterise the B&S industry. Internal Audit groups should not resist disruption, but do what they can to stay a few beats ahead of it.
In the past several years, Internal Audit groups in banking and securities (B&S) organisations have embarked on a remarkable journey in response to skyrocketing regulatory demands. Recently, they have been increasingly focused on helping their organisations respond to changes in internal behaviors such as conduct and culture, information and communication technologies, and other disruptors. As a result, B&S Internal Audit groups are arguably far more advanced than many others, particularly those in the largest and most well-resourced institutions.
Understandably then, Internal Audit departments in other B&S institutions are still developing, or are in the process of transforming, their strategies to address multiple facets of the current environment. The notion of dancing with disruption—and mastering the steps of this dance—recognises that, disruption will continue to characterise the B&S industry. Internal Audit groups should not resist disruption, but do what they can to stay a few beats ahead of it.
Deloitte sees four forces driving disruption in B&S organizations and their Internal Audit groups:
- Disruptive digitalization: Digitalization and related technologies continue to revolutionize the financial behavior of businesses, consumers, and investors, as well as expectations around financial communications, transactions, and reporting.
- Disruptive business models: Enabled by Fintech, new competitors and business models are encroaching in areas such as deposits, payments, lending, investing, trading, and other lines of business. New technologies and the ongoing cyber risks associated with these new business models will continue to challenge existing operating models.
- Disruptive data: The amount of data generated by technology and organizations continues its exponential explosion. B&S organizations need methods, processes, tools, and skills to harness that data to enhance end to end processing of automated controls, operational efficiency, risk management, financial returns as well as customer experiences.
- Disruptive regulatory demands: Regulators—and other stakeholders—have placed increasing responsibility on management and boards to explicitly manage and govern risk, and demonstrate their methods. Under the new administration, regulatory demands will need to be monitored and will vary depending on complexity, global reach and size.
As a result of the continuous change and emerging technologies previously mentioned, new forms of risk are rising in areas such as financial institution conduct and culture, governance, brand, and reputation as well as increased potential for terrorism, cybercrime, and other events that could extensively impact the industry.