Part Four in a Series: Managing Risks of Technologies Emerging as Business Opportunities: Robotic Process Automation

Are you tired of sending the same email every week? How about searching for information from past audit documents? Lucky for you, a resolution for these work woes (and many more) has arrived.  Companies are taking efficiency and cost saving to another level thanks to an emerging digital technology called Robotic Process Automation (RPA), more informally known as: bots.

RPA works by using rules-based software robots, or bots, to automate business processes to increase efficiency, decrease human error, and save on staffing costs. Furthermore, RPA can work with Enterprise Resource Planning (ERP) systems in order to automate a plethora of business processes.

For example, bots can take information from the aforementioned weekly email and insert it into an ERP system to be used companywide across various systems. According to the CIO.com article, “What is RPA? A Revolution in Business Process Automation,” some of the biggest names in the game such as Walmart, Deutsche Bank, Anthem, Walgreens, Vanguard, AT&T and American Express Global Business Travel are among the many companies already seeing the benefits of using bots.

However, RPA may not be for every company. As we continue further into the digital age, technology seems to be slowly taking over jobs once managed by thousands of employees. Therefore, management must grapple with the decision of potentially saving on staffing costs versus eliminating jobs for its employees. Additionally, proper installation and set-up of bots can be highly complex and take significant resources. At this point, the long-term economic effects of implementing RPA is far from certain.

Although RPA can provide efficiency for companies, they also come with additional risk considerations for internal auditors that span across every risk area. Some of these risk considerations can include:

  • Management’s identification of fraud risks associated with the implementation of RPA
  • Oversight and governance over the RPA
  • Ineffective change management and security controls over  the RPA
  • Compliance or regulatory risks associated with using RPA
  • Inadequate enterprise risk and control methodology; inconsistent monitoring as a result of employing RPA
  • Ineffective employee training on RPA which can result in inefficient use of the RPA and/or non-compliance with company policies
  • User access abilities and segregation of duties related to the RPA
  • RPA’s impact on financial reporting and disclosures

While RPA may seem to be solely the IT department’s territory, it is critical that internal auditors engage in discussions with company management regarding their implementation of RPA and become aware of the potential risks posed to the company in order to properly plan and execute auditor responsibilities.

If you have additional questions related to RPA, we welcome the opportunity to discuss and advise on risk assessment.  Please visit our Risk Advisory Services page.

Sources: Boulton, C. (2018). What is RPA? A revolution in business process automation. [online] CIO. Available at: https://www.cio.com/article/3236451/business-process-management/what-is-rpa-robotic-process-automation-explained.html.

Emerging Technologies. (2018). An Oversight Tool for Audit Committees.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at contactSD@schneiderdowns.com.

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2019 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on

The Wolf, the Goat and the Kid: An Unexpected Tale of Invoice Redirection Fraud
#1 Mobile App Garners Concerns Over Data Privacy
Can RPAs Help Higher Education?
The Privacy of Consumer Banking Data and the Financial Data Exchange
ACFE releases Anti-Fraud Technology Benchmarking Report
National Flood Insurance Program Extension

Register to receive our weekly newsletter with our most recent columns and insights.

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102