globe graphics


Digital transformation for the risk and compliance functions

Five questions on digital transformation for the risk and compliance functions

​​The process of digital transformation is slow for many compliance and internal audit groups. Identifying the barriers that compliance and internal audit face regarding digital transformation and understanding how to potentially overcome them can help these functions share in the operational benefits of technology innovation and join the digital sea change in how organizations operate. Learn more in ​this interview with Shuba Balasubramanian, principal, Deloitte Transactions and Business Analytics LLP, about the digital transformation for the risk and compliance functions.

Why are risk and compliance functions the last to find out about digital transformation?

Organizational leaders often see digital transformation as a path to grow the business, streamline operations, and strengthen customer relationships. Sales, supply chain, research and development, and other functions that directly impact profit and loss are deeply engaged in capturing transformation’s return on investment. As a result, compliance and internal audit are often the last ones to hear about it.

Compounding the problem, compliance and internal audit groups may not yet grasp the speed and scope of digitization underway in the organization. Or, if they are attuned, they may feel more threatened than excited by technology’s potential to change their work, or even replace them.

What are enterprise risks of leaving risk and compliance functions out?

​As organizations broaden their digital footprint with connected devices and other emerging technologies, their risk profiles change, both through more points of potential vulnerability and the increased threat of new cyberattacks. A lack of continuity and consistency among security initiatives in the enterprise can worsen these exposures. Absent the involvement of effective compliance and internal audit programs, hidden threats—some potentially dire—can remain undetected.

It is also possible that other closely aligned functions are homing in on digital transformation. The chief legal officer and chief integrity officer roles in particular might need to travel on somewhat parallel tracks with compliance and internal audit. Separate, disconnected initiatives can create unnecessary duplications, costs, and even additional vulnerabilities.

number graphics

What do risk and compliance functions risk by deferring digital transformation?

​The short answer is potential obsolescence. When robotic process automation (RPA) can handle exponentially more transactions than humans, it follows that RPA may be leveraged to provide compliance and internal audit checks and balances. The bots have not taken over yet, but more companies are deploying them every year. Compliance and internal audit may have a closing window to move from traditional to digital models themselves. In the interim, inadequate digital capabilities could further weaken relationships between compliance, internal audit, and the rest of the business.

brain graphics

My take

​The days of utilizing only traditional methods to conduct internal audits, compliance testing, risk assessments, and investigations and oversight are ending. As digital technologies take on a larger role in the way organizations conduct their business, compliance and internal audit have no choice but to join in the transformation. It is essential to their evolution, and a vital component of an effective enterprise risk management framework.

globe analytics
Did you find this useful?