Unpredictable, chaotic, challenging — these are our favorite go-to words to describe today’s environment. Many of us hope that we’ll wake up and find that this was all a movie. In the opening scene, we have the pandemic villain. In the very next, we have the everyday heroes who never planned to be — nurses, grocers and delivery workers. Both visible and behind the scenes, these heroes give us confidence that we can reach a happy ending, just as we have in other crises.
One of the unsung heroes of the past six months has been accountants. Accountants played (and continue to play) a critical role in promoting the public interest and serving as trusted advisors. From audits, taxes and advisory services to strategy and helping with the Paycheck Protection Program, accountants were deemed essential and have worked around the clock to provide guidance and assistance with shifting regulations and due dates.
Darryl Wegner is a managing director in PKF O'Connor Davies' Forensic, Litigation and Valuation practice. Prior to joining PKF O'Connor Davies, he served as a special agent with the Federal Bureau of Investigation for 21 years where he conducted and led complex, multi-jurisdictional investigations involving anti-money laundering, financial and accounting fraud, securities fraud, insider trading, health care fraud, anti-bribery and anti-corruption, criminal antitrust, national security, counter threat finance and sanctions. He has extensive experience working with federal, state, local and international law enforcement and regulatory agencies. He began his FBI career in the Boston Field Office, investigating terrorism and white-collar crime while also serving as a crisis negotiator. He held several positions at FBI headquarters in Washington, D.C., including as the national leader of the bureau's Foreign Corrupt Practices Act, kleptocracy and antitrust programs, as one of the FBI's deputy chief human capital officers and led efforts to stand up a multidisciplinary nation state focused mission center. In addition to Boston and D.C., he was assigned to the FBI's Houston Field Office where he directed all white-collar crime investigations in southeast Texas. He started his professional career as an engineer in the automotive industry. After attending law school, he practiced as a corporate attorney for an international law firm in New York.
Gerald McMahon is a principal at W1 Global Inc. He has over 20 years of experience in the intelligence, national security and law enforcement communities. As the senior supervisory intelligence analyst for FBI Boston, he led one of the FBI's largest field intelligence programs comprising analysts, linguists and data specialists. He led teams, and interagency task forces covering the criminal, counterterrorism, counterintelligence and cyber programs. He has extensive experience managing crises and special events. In the FBI's Counterterrorism Division, McMahon advanced international terrorism investigations as an operations specialist, collaborating with domestic and international partners. As a tactical specialist on FBI Boston's Joint Terrorism Task Force, he conducted communications, network, and threat analysis. As a strategic analyst, McMahon authored analyses of current and emerging trends, with a focus on emerging technologies. McMahon is the recipient of two Office of the Director of National Intelligence Meritorious Unit Citation awards for his contributions to the 2006 US/UK Aviation Threat Task Force, and the 2013 Boston Marathon Bombing team. He was a Recanati-Kaplan Fellow with the Harvard Kennedy School of Government's Intelligence Project, where his research focused on the use of AI in intelligence analysis.
Within corporate environments, accountants are also essential team members when it comes to governance, risk and compliance (GRC), as they ensure that the business’s strategies and goals are in alignment, risks are identified and addressed, and the business complies with laws and regulations. GRC is always a key responsibility, but it’s even more critical when processes could be compromised due to factors outside of an organization’s control — for instance, an unplanned move from a physical to virtual workplace in only a few days.
Recent events have shown us that organizations already using cloud-based technology were in a much better position than those that were not, and the pandemic environment has magnified the vulnerabilities associated with reliance on manual processes and disparate systems. In particular, moving from a single physical environment to one spread across multiple virtual locations without adequate security and safeguards in place has introduced unexpected risks that are not yet fully realized. This is one of the many reasons why it’s time to re-imagine the ideas we used to think would never work, including how and when technology can be leveraged to improve the GRC function.
GRC in a pre-COVID-19 environment was already complex with many moving parts. Add in a sudden shift to virtual business processes and now there are even bigger potential fires around every corner. But that doesn’t mean you get a pass. Decision-makers expect information that is reliable; regulators require compliance and reasonable assurance that financial reports are materially accurate; the public needs insight to make informed investment decisions. On top of these business-as-usual expectations, the complexity of COVID means that GRC teams must be able to assess new risks, comply with changing regulations and revise governance processes, while balancing speed, relevance and accuracy.
Implementing technology that can automate, predict and adjust compliance processes makes these expectations more manageable. Technology solutions that leverage artificial intelligence and machine learning also make it possible to segregate duties, undergo internal audit assessments, model risk, and analyze errors and policy violations so that risk is decreased and control is back in the hands of the finance team.
The light at the end of the tunnel seems distant, but for all its pain, suffering and disappointments, COVID did help us make lemonade out of lemons. For instance, in a recent conversation with business leaders, I learned that transformation plans are expected to accelerate (not slow down) due to the pandemic, paths forward are being re-imagined, and technology projects now have a greater sense of urgency. In the past, a failed technology implementation was so daunting that many leaders would not risk having a failure on their resume, which made it easier to just kick the can down the road.
Current events have shown that, while the fear of a technology failure hasn’t gone away, the potential benefits have surpassed the dread. Standing still is not a viable business strategy, and speed-to-market, winning customer mindshare, and competitive advantage are all considerations as businesses assess the path forward. Fortunately, in either circumstance of new systems planned or those already underway, there are technologies that can reduce the risk of failure. GRC cloud solutions that include AI-driven risk analysis tools help anticipate risks and track resolution, as well as continuously monitor access policies while onboarding new users, changing role assignments or designing new roles.
When I served as a chief information technology officer, I couldn’t count the times that “temporary” access would be requested or new work assignments would occur — providing team members with more access than needed and creating an easy target for audit team findings. Almost 16 years later, I am happy to note that technology has evolved and improved with time — better and more extensive functionality, improved deployment options, integration that reduces the need to move sensitive data to less secure systems for analysis, and to my delight, no spreadsheets to manage workflows. It feels like dinosaurs were roaming the Earth compared to the current technology options that allow GRC professionals to automate high-risk processes across procurement, accounts payable, accounts receivable and the general ledger.
Technology is not the silver bullet to every business challenge. However, there’s no denying the benefits of analyzing requisitions, purchase orders, invoices, expense reports and orders using AI and machine learning. In a pandemic environment, new risks — both predictable and evolving — will occur, and GRC professionals must have tools to not only calculate the likelihood and impact of risks, but to comply with regulations that mandate highly controlled internal controls, integrity over the financial reports and the safeguarding of user-designated consent parameters.
Ensuring alignment with the mission, purpose and values of the organization, while simultaneously achieving business growth and satisfying stakeholders, was already keeping executives up at night. Now, things like natural disasters, economic uncertainty and the current pandemic have piled onto an ever-growing list of concerns. While external pressures may not let up in the short term, leveraging technology solutions that automate risk and compliance processes will give GRC professionals at least one less sheep to count.
