Are you tired of sending the same email every week? How about searching for information from past audit documents? Lucky for you, a resolution for these work woes (and many more) has arrived. Companies are taking efficiency and cost saving to another level thanks to an emerging digital technology called Robotic Process Automation (RPA), more informally known as: bots.
RPA works by using rules-based software robots, or bots, to automate business processes to increase efficiency, decrease human error, and save on staffing costs. Furthermore, RPA can work with Enterprise Resource Planning (ERP) systems in order to automate a plethora of business processes.
For example, bots can take information from the aforementioned weekly email and insert it into an ERP system to be used companywide across various systems. According to the CIO.com article, “What is RPA? A Revolution in Business Process Automation,” some of the biggest names in the game such as Walmart, Deutsche Bank, Anthem, Walgreens, Vanguard, AT&T and American Express Global Business Travel are among the many companies already seeing the benefits of using bots.
However, RPA may not be for every company. As we continue further into the digital age, technology seems to be slowly taking over jobs once managed by thousands of employees. Therefore, management must grapple with the decision of potentially saving on staffing costs versus eliminating jobs for its employees. Additionally, proper installation and set-up of bots can be highly complex and take significant resources. At this point, the long-term economic effects of implementing RPA is far from certain.
Although RPA can provide efficiency for companies, they also come with additional risk considerations for internal auditors that span across every risk area. Some of these risk considerations can include:
Management’s identification of fraud risks associated with the implementation of RPA
Oversight and governance over the RPA
Ineffective change management and security controls over the RPA
Compliance or regulatory risks associated with using RPA
Inadequate enterprise risk and control methodology; inconsistent monitoring as a result of employing RPA
Ineffective employee training on RPA which can result in inefficient use of the RPA and/or non-compliance with company policies
User access abilities and segregation of duties related to the RPA
RPA’s impact on financial reporting and disclosures
While RPA may seem to be solely the IT department’s territory, it is critical that internal auditors engage in discussions with company management regarding their implementation of RPA and become aware of the potential risks posed to the company in order to properly plan and execute auditor responsibilities.
If you have additional questions related to RPA, we welcome the opportunity to discuss and advise on risk assessment. Please visit our Risk Advisory Services page.
Emerging Technologies. (2018). An Oversight Tool for Audit Committees.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.