Many companies have woken up to the benefits that artificial intelligence (AI) and machine learning can have on their business. They are now exploring how to implement this new technology in their business but, as many are finding, this is not always a simple process.
The reasons behind the challenge are multi-faceted: organisational structure; historic and complex existing infrastructure and systems; lack of standardisation and integration of data; cultural attitudes towards change; restrictive regulatory environments; and a recognition that there are a new set of risks associated with cognitive technologies which need to be managed. At times, the concept of a fully embedded AI approach can feel a very distant reality and it is easy to overlook the impact that even small steps can make in this cognitive journey.
At a high level, there are a number of core steps that need to be taken in the move towards cognitive intelligence.
Step 1: Data integration
To stay competitive, companies need to be able to quickly and easily access data on the operation and performance of their business. Access to better, more integrated data and the ability to react faster to this information than your competitors gives a company competitive advantage. Data integration and the creation of data warehouses, allowing near real time access to large data sets, are becoming mainstream, creating a strong environment for automation and innovation.
Step 2: Analytics and data visualisation
With an integrated data set easily accessible in a data warehouse, companies are using analytics to illuminate patterns, insights and opportunities within this data pool. Data visualisation programmes allow management to see the performance of their company in a meaningful and comprehensive visual context. Predictive analytics allow companies to extrapolate trends in their data and identify potential issues before they arise. This allows management to better identify and respond to the financial and operational risks that the company faces.
Step 3: Robotic process automation (RPA)
RPA is the use of software to perform rule-based tasks in a virtual environment, replacing a manual process. Think of it as an Excel Macro running across multiple systems. There is a lot of interest in RPA, particularly by those that employ large numbers of people to process data. RPA is a great way to automate repetitive, time consuming tasks; improving efficiency and allowing staff to focus on more rewarding, higher value activities.
Step 4: Cognitive intelligence
The next step in the process is to add AI and machine learning to RPA to allow the software robots to make decisions and further mimic human interactions. Examples of this include natural language processing to read and extract information from documents; machine learning to make decisions based on past experience and huge volumes of data; and natural language generation to automate the writing of reports in human style prose but at the speed of hundreds of pages per second.
Impact on accountancy profession
How is this happening in practice?
Analytics, RPA and Cognitive intelligence are all seen as ways in which the finance and operational functions can increase their value to the organisations they serve, whilst at the same time reducing associated running costs.
From the increasing prevalence of automated controls in an entity, to the automatic creation of month end reports, RPA is allowing finance teams to be more efficient with the resources they have.
Automation is also improving the effectiveness of finance functions. RPA can be set to monitor systems 24 hours a day, seven days a week, allowing for real time responses to inputs. For example, if a customer emails an inbox that a robot is monitoring, asking for a supplier statement, the robot can prepare the required report and send it back to the customer automatically. Or, if a robot is set to monitor loan covenants, the system can calculate the covenants daily and alert management when the entity breaches a set threshold.
Add machine learning and predictive analytics on top of basic RPA, and the power of cognitive technology starts to reveal itself. These programs can ingest large amounts of data and use this to predict when events may occur in the future. In the above loan covenants example, adding machine learning can allow the software robot to predict when covenants might be breached by looking at the past performance of the business, cash inflows and outflows, and other publicly available data. This allows management to be proactive in the management of this risk.
Machine learning is also a great tool in the detection and prevention of fraud. These programmes can look for unusual patterns in data and the journals being posted to identify and even block transactions that may not be genuine.
New risks associated with RPA and cognitive technologies
The use of RPA and cognitive technology brings with it a number of potential risks that need to be addressed.
Operational risks
The concerns around AI bias are well documented. For example, input data provided by developers to train the algorithms used for cognitive technologies may be incomplete, not sufficiently diverse or include innate bias. When you combine these inherent flaws with the high execution speed of bots and AI solutions, there is potential for the bias or error to manifest itself on a large scale, in a very short space of time.
Regulatory risks
Non-compliance with existing regulations is a real risk if the software used to collect confidential or restricted information aren’t implemented with strict protection controls. The balance between regulation and innovation is a fine line. Regulating too early or too heavily risks hindering growth, and a change in law or regulation can materially impact early adopters. However regulating too late or too lightly could result in abuse which can be difficult to curtail.
Technology risks
Some AI solutions appear to be a “black box” with limited transparency; the layers of decision making which underpin the workings of the technology and influence the final outcome can be difficult to unpick and evidence. Regular assurance of the algorithms within the “black box” is critical to ensure continued compliance and security of the controls underpinning the AI based decision. This ability to document and re-perform the decision making trail becomes even more critical when you overlay potential for malicious cyber-attacks to influence outcomes.
How is the audit profession responding?
RPA and cognitive technology is impacting the audit profession in the way we understand our clients’ businesses and in the tools that we use to perform our audits.
An increased focus on internal control
Understanding our client’s business is key to providing a tailored risk focused audit approach. This includes having a strong understanding of the internal control environment and testing of the relevant controls to the audit. RPA and cognitive technologies increase the number of relevant controls in the preparation of the financial statements and audit techniques need to adapt to test those controls and the exceptions that are generated.
We use specialists to help us test these relevant controls focusing on the detail of the code for RPA and cognitive programs to verify they are performing their intended tasks as well as the relevance, completeness and accuracy of the data these bots consume to test this is appropriate. We also look at access and change management controls to make sure we understand the rational for any changes to the bots over time and to address the cyber risk that exists if – for example – algorithms are hacked or corrupted.
Deploying our own RPA and cognitive technology
We are also deploying our own RPA and cognitive technology to enhance the quality of the audit and to enable us to quickly get to the root of issues and accounting judgements. The deployment of RPA and cognitive technology in the delivery of an audit needs to operate within the parameters of auditing standards and we need to ensure that we have robust controls in place to address the risks outlined above.
Within this context, as repetitive or low judgement areas of audits are automated with the advancement of technology, this opens up opportunities to focus the human effort on those areas that bring most value. For example:
- RPA allows us to more easily extract data from our client systems and reconcile that data to other sources enabling 100% testing of populations
- The introduction of natural language processing allows us to quickly consume thousands of client documents and contracts to identify key terms that may indicate an item of audit interest. This also allows us to automate the extraction of data from documents such as invoices and tie these back to the general ledger
- Machine learning helps us to identify patterns in data sets and make predictions. This enhances the way we can test client models for provisions, warranties, impairment or going concern. Additionally, these bots can identify outliers to those models helping us to better identify erroneous transactions in a data set
- At a more macro level, machine learning helps us to identify risks a certain entity may face by looking at market trends and data, news media and other external factors to predict the impact this may have on our client.
A cognitive future
Whilst many of the above applications of RPA and AI are already in play, this is just the beginning. Over time more companies – including accounting and auditing firms – will deploy RPA and AI to help them run their businesses more efficiently and effectively. As the embedding of RPA and AI becomes more widespread, this is likely to drive the future development of accounting standards and regulation, as well as the scope of the assurance that the auditor provides. What does this mean for the interaction between human and intelligent machine? In the short to medium term, the best and most successful businesses are likely to focus on effective integration of human intelligence with artificial intelligence. These companies will draw on the respective strengths of both human and machine to achieve an Augmented Intelligence; and in doing so use AI in its fullest sense to achieve their strategic goals.
Katie Canell is Deloitte director and audit innovation team lead.