One of the evenings in the last week was really a stimulating one for me. I was invited by the Country’s one of Top 10 Forbes Ranked Business Schools to speak on pure-play Risk and Internal Financial Controls Over Financial Reporting. It was really a refreshing break for me personally to having got the opportunity of interacting with some of the finest minds of the country. The attendees in my session were typically middle-aged executives with nearly five plus years of work-ex and they are doing a very fascinating curriculum on Big Data Analytics.
My session was of about one hour forty minutes and was proceeding pretty well. During the class, I wasn’t really realizing how much the attendees’ skills on Big Data are getting furthered by my Risk and Controls lessons. And therefore anticipating some possible disconnects, I intentionally fetched some of the outer things in my discussion towards the end. Outer things, which are most up-to-the-minute, trendy and fashionable topics of market place that we are seeing today. Oscillating away, we started speaking on disruptions, on disintermediation strategies, exciting stuffs on innovation, and convergence with artificial intelligence. I also became rather heroic and started discussing names like Nassim Nicholas Taleb with his theories black swans, grey swans etc. While it was by and large not my core expertise, that moment, with the singular objective of “Remaining Dependably Relevant”, I might have become a bit audacious, so to speak. Who says that a “Career” Risk and Controls professional doesn’t have the moderate aptitude for taking on the ‘so-called’ cool subjects of the B-Schools?
And the way it went on with my usual story telling mode (with a few anecdotal bits and pieces though) and we reached the Q and A section, I was incredibly pleased with myself. My confidence in the Q and A kept on intensifying, with the folks inviting my views on technical stuffs on risk management, our very own COSO framework etc., which simply corroborated the fact that the Big Data guys also quite liked what I spoke. With this self-assurance, my quick reactions and flamboyant replies to the attendees were like Kohli’s exquisite drives. Leaning a bit forward and opening the face of the bat, along the ground piercing the cover. But what my charm may have missed to notice towards the fag end or so, that the Little Master is out there in one of the benches, peacefully noticing innocent Kohli effortlessly playing the unwise Ranji Trophy bowlers.
An ex-banker he is. Taller than the little master though and the master started nastily quizzing yours truly on the Global Financial Crisis that the world saw way back in 2008. I could see some angry clouds on the horizon. The points the Gentleman made in the Q and A were somewhat enough to give me a hint that the character simply didn’t have the slightest of the faiths in the hypotheses of risk assessment, its management and controls. The Banker kept on disputing; his solitary unresolved point being why so many renowned and celebrated risk management specialists with their opulent skills in the Global Financial Services domain couldn’t prevent the Crisis, with the assistance of Artificial Intelligence, Simulation Models with various permutations and combinations etc.
Whilst I didn’t hold myself as a Financial Services domain expert to him or to the Dean of the School, regrettably enough, I didn’t have a suitable reply for the Banker, as I was simply not able to fathom the very question of his. And in that perilous moment of danger, I could see some opportunity in midst of the risks. Lightheartedly I was telling myself that I am extraordinarily lucky for not having received a frightful question from the Banker on ‘DeMon’. And yet I thought I am playing a Kohli’s knock. I was simply failing to reconcile and demystify the linkage between 2008 crisis and Artificial Intelligence model. Looking at my pitiful face, which was quite high and dry by then, the ex-Banker grinned.
God was unjustifiably kind to me that evening. Within a flash, as soon as I could realize that I don’t have an answer to the most obtuse query that my friend has raised, I unpretentiously did what I hate the most. I answered the banker’s question with a counter question. With an uncompromising face, I straightaway asked the Banker to describe Artificial Intelligence for me, keeping clear of the Global Financial Crisis subject though. Thereafter, we exchanged thoughts for more than two three minutes on Artificial Intelligence at the cost of skillfully ducking the financial crisis part. I knew that the Banker might have a convincing point. But Virat Kohli also ducks when faced with a nasty bouncer from Dale Steyn. It is not mandatory to play every single ball.
In the conversation, we all could finally figure out that the Banker didn’t know a single bit of what actually Artificial Intelligence is. He didn’t even have the fundamental knowledge that it is all about machines impersonating the human brain with some level of pre-determined reasoning. Not only yours truly, but the rest of the group also could undoubtedly make out that the ex-banker was behaving purely youthful and more artificial than intelligent. It was very clear, at least to me, that the Gentleman asked the question just for the sake of it and without even contemplating the actual query that he might have in his mind. While such an intense session ended with some bitter taste in the mouth, I was generally fine. One has to lose a battle to win a war.
The Dean thereafter mentioned over a cup of tea, that this is the typical pattern that he sees in recent batches in the last couple of years or so. While a decade back, he remembers noticing a particular section of students, who were characteristically careless about the shirts they wore, a bit impatient and somewhat restless but with strange deep thoughts. Of late he notices that carelessness and impatience coupled with a carefully chosen black round-necked Tee Shirt with Denim have become uber cool in the School. He further observes that everyone nowadays talks just two cool things. Disruption and innovation. As if God has gifted these people to the mankind with the sole objective of disrupting what they see in front of their eyes and making the world a beautiful place with their innovative ideas. It reminded me of seeing some positions created in several corporates called – Chief Innovation Officer. As if, it is the KRA of that Officer to innovate while others remain relaxed. The Dean further mentioned that if you aren’t speaking these two words (and sometimes Artificial Intelligence or Digital), you might well be considered to be an unexciting, average person, which no one wants to be.
While I couldn’t give my immediate reactions to the Dean, back of my mind, I thoroughly differed with him. Each and every one of us, irrespective of being careless or careful, black Tee or a White, Denim or no Denim, must think, reflect and behave in our own exclusive ways. It is firmly believed that every human being, God has created is different and everyone includes Risk and Controls professionals like all of us. And more than others, we as risk and controls people must have the courage and conviction to think individually and independently regardless of the theories that we were taught or what the management might ask us to do.
Thus we must have a great amount of admiration for the ex Banker who, if not anything, had the nerve and the requisite valor of asking a very pertinent question. Perhaps the only thing, which wasn’t quite correct, is that he asked it to a very wrong person. What might also be considered not right was the thrill and ecstasy of uttering little contemporaneous trendy mumbo jumbos like artificial intelligence, disruption, convergence etc. without deeper understanding of these matters.
While as Risk and Controls professionals, it is our principal task to endlessly ask fearless questions to management, the questions must not simply be fearless and daring. The questions must also be correspondingly meaningful and insightful enough to get the management to understand the magnitude of what went wrong or what could go wrong. Based on the checks we do everyday or the audit program we follow or the data analytics that we run on the ERPs to getting the requisite assurance over risks that we observe and identify, to ask an insightful question, the modern-day Risk and Controls person must get the basics right. During a two-week long fieldwork and that too in an outstation where there are no evening hangouts, merely flipping though some last years’ reports, some modish Googling and industry knowledge gathering from the Wiki without the fundamental wisdom of what could go wrong or what is going wrong, are itself large risks to the future of the profession.
Just about five to six years back (or may be a little more) when the Internal Audit fraternity started determinedly embracing and accepting the methodology of “Data Analytics”, the field staffs considered it to be the most desirable tool for working effectively. But the profession conveniently forgot that the very concept of Data Analytics as a methodology is simply an approach and not the results. It is just a mechanism, which was supposed to confer auditors with plenty of insightful questions to be asked and less of answers. Moreover, Analytics as a tool was getting deployed only at the execution stage of a fieldwork and planning stage was completely neglected and overlooked. In few of the initial data analytics study, that one recalls, it was observed that little attention was paid to the completeness and quality of the data which was getting reviewed. The entire fraternity went exceedingly bullish and did not pay adequate consideration to defining the process followed for the main analytics run and concluding on results. Most of the attention was unfortunately getting devoted to collection of data and the results were merely typical consequences of variance analysis and analytical procedures.
That point in time, as middle level Internal Audit Professional, one kept on seeing issues getting churned out which comprised of very typical and routine observations. Few examples being, observing delays (purchase requisitions to purchase orders, purchase orders to goods / services receipt note preparation etc.) with annexures attached to the reports running into pages. Another issue those days, which was very close to an internal auditor’s heart, was of the issue of open purchase orders. Few youngsters (and shockingly a few seasoned seniors too) during those days used to categorize this open purchase order issue, as if the people engaged in the purchase order preparation process have done a cognizable offence under the Indian Penal Code.
Unfortunately the real risks behind a particular delay or for a purchase order remaining open more than usual were never brought out convincingly and conclusively to management. This failure of a Risk and Control professional to highlight the real risk and the crux of the matter from the outcome of trendy data analytics tool was primarily attributable to the fact that the auditor was possibly not thoughtful enough. He or she may have been very intelligent but what was possibly lacking was his / her quality of converting an insight into a foresight. And there lied the success, which the fraternity may have disregarded.
The way the future is looking and the way ex-Bankers are becoming ‘Big Data’ professionals, it seems that the present day Businesses are suitably geared up to taking care of the processes and risks therein, with the objective of enhancing value. As future ready Risk and Controls professionals, it is important to note that Senior Management and Boards will be looking at us more from a value protection perspective while the Business itself takes care of the enhancement. And while we all must have our innovation hats on, must think disruption and artificial intelligence, indulge on hip techniques of digitized auditing with data mining and analytics being done on our hand-held devises, what will unquestionably separate us from the rest will be our ability to contemplate and consider the real risk from independent and objective assurance standpoints. We must innovate, digitize and get to smarter audit techniques, but everything that we do must culminate in converting the insights into foresights. We will indeed have robots to identify and highlight the delays in future and for sure the job will be done more proficiently, but a human will need to figure out the real risk behind and look at the bigger picture. And when we look at the big picture, we will surely protect value with enlarged focus on foresights. As Businesses become more and more risky with disruptions everywhere, ‘Protection’ certainly will be the new mantra and be the most important ingredient in the ‘Add Value’ recipe.
Who knows, an Internal Audit Professional with appropriate insights of Global Financial Crisis (which I didn’t have) and reasonable foresight skills could well become the professional of the future with toehold in predictive analytics, prescriptive analytics and enterprise decision management? Let us all remain dependably relevant.
Views and opinions expressed in this article are personal and do not reflect the official position.
Anirban Dasgupta is a Risk and Controls specialist by profession, a passionate thinker and an accidental writer by pastime. Anirban heads the Assurance and Internal Audit Function in RPG Group and is based out of Mumbai. He’s a member of the Institute of Chartered Accountants of India with wide-ranging experience in metals, consumer and industrial products, financial services and various service industries. You can also find him on Twitter (twitter.com/anirban0704) and LinkedIn