The year 2020 saw the globe plunge into an unprecedented health crisis, the likes of which could not have been anticipated by global institutions, world governments, health / environmental / security agencies, or any scientific or technology-based entities. Today, in 2022, the impact of the changes the world at large has experienced in every sector and on every continent are still being dealt with by governments, businesses and individuals.
Almost in one fell swoop, things that erstwhile were deemed impossible, difficult, or challenging became the order of the day. With lockdowns instituted from one country to another where people could not go about their daily lives, let alone carry out their regular business- the lock-downs bringing about stay-at-home orders, permissions for only key businesses to operate, sanitization/protection measures, international travel bans – and the impact of these on personal relations and businesses going.
1. Working with Technology, Working Through Technology
The resulting adaptions and innovations that occurred in 2020 led to the execution of a high level of internet-based and technology-driven activities and operations, including the golden “work from home” style of business operations that continued into 2021.
As a high number of people across the globe came to terms with remote, operations, the digital presence of individuals and businesses grew astronomically from daily communications on social media platforms to official meetings on Zoom, Teams, and other visual meeting platforms, to e-payments via online banking and mobile applications, to cloud computing and storage, to remote management and reviews of numerous tasks and operations using video streaming and other audio-visual tools.
With these new ways of working with technology and through and through technology became the order of the day and now in 2022, we are living in a new normal of hybridization a merging of the innovations, learnings and realizations brought about by the pandemic, with the old ways of physical, in-person operations which continues to evolve 2. Digitization in the Banking Industry and the New Player
This new normal we are in today shows a continuous integration of digitization in our daily lives and by extension in our business operations. As financial institutions, the emergence of FINTECH companies is not a new topic, we now have banks either acquiring FINTECHs acquiring banking licenses and banks creating FINTECH arms. We have now moved forward to telecoms entities providing banking services to their customers MTN and Airtel have been granted Payment Service Bank (PSB) licenses by operations, and debit/ pre-paid cards can be offered to customers. MTN’s MoMo Payment Service Bank (MoMo PSB) Limited, formally commenced operations on the 166,000 active agents.
The foregoing mean growth in customer base, transactions, revenue, regulations and by default, growth in risks, controls and compliance concerns. The new normal demands evaluation of the opportunities presented by the changed or hybrid operations in each specific organization using methods that match the development. This implies that relying on or requiring physical organization using methods that match the development. This implies that relying on or requiring physical proximity to, manual handling or operation of and/or central or fixed location or base for deliberation, review, assessment or reporting on activities need to change ad the digital space, where most of the new transactions will take place, is not limited to physical or singular unique location(s).
3. Changing Customers in the Digital Era
Digitization has brought a whole new approach to how people live their daily lives and conduct their businesses. The future is coming, some would argue that it is already here. Let’s project a little bit into the future: millennials, also known as Generation Y, are generally those aged 26 to 41 (born 1981 -1996) are the working age we have today; Gen Z are generally those aged from 10 to 25 (born 1997 – 2012) are working age and soon to be working age.
Today’s Gen Z are tomorrow’s millennials, and this group (Gen Z) who have grown up or are growing up playing with their parent’s mobile phones at the age Gen Y played physical card or board games; who are attending coding classes during summer holidays at the age Gen Y was learning about chat rooms on the internet and who play video games with people half a world away whom they will never meet at the age Gen Y was going to their friends houses to play video games with people in their neighbourhood or school; are the business owners, industry leaders and global leaders that we will have tomorrow. Can we take a moment to envision a world run by such digitally sensitized people?
4. Evolving Risks in the Digital Era
As our businesses adapt to bring services closer, faster and more conveniently to current, prospective and future clients, the attendant risks and controls required to manage such risks cannot be overstated.
Just as banking evolved from having your bank account accessible from a specific branch of a specific bank located at a specific location, to where we now have borderless banking accessible from an app on a phone in our pocket; the risks have evolved from guarding the bank branch to guarding the internet connection points, cloud storage and intranet connections of our banks all words and concepts that would have been strange as recently as 40 years ago. The exposures to financial loss and data compromise in the digital space is a significant concern that requires auditors who not only understand internal business processes and exposures the bank faces.
The anonymity that digitalization brings remote account opening processes, use of robots by tech-savvy individuals, groups and entities to simplify processes (or impersonate actual humans), single individuals creating multiple accounts either of their own making or by impersonating existing individuals is an avenue for revenue leakage and reputational damage for Banks. Auditors need to think along such lines in the execution of their roles.
5. Evolution of Regulatory Requirements
We cannot overlook the regulatory angle of increased digitization, Regulatory frameworks will, by necessity, continue to evolve in order to put checks in place around the operation and reporting of new technologies adopted by Banks. From the use of ATMs to the use of internet banking and POS machines; from the use of USSD (Unstructured Supplementary Service Data) codes and mobile money apps to the use of QR (Quick Response) codes, regulations have evolved to protect customers and Banks from exploitation, abuse and misuse.
Data privacy laws, information assets of customers and the internal policies on access to, storage and security over customer and Bank proprietary data/information are areas auditors need to monitor, with increasing importance as the world moves forward in the digital space. With open banking today and its use of APIs (Application Programming Interfaces), this is a key area that cannot be overlooked.
Today, we have the advent of cryptocurrencies. Regulations around these and future innovations need to e covered by audit teams. Processes, controls and regulations around the recognition, reporting, safeguarding and management of crypto accounts, account holder information, transactions and all the possible money laundry and financing of terrorism risks that such innovation can bring are areas auditors must watch out for.
The Central Bank of Nigeria issued a circular to all deposit money banks and payment service providers in February 2021 on its regulatory framework for open banking in Nigeria. CBN Regulatory Guidelines on the e-Naira was issued in October 2021 to provide a few examples of new regulations coming up in the digitization age.
6. Auditing in a Digital Era
The tools, knowledge and skills of internal auditors must evolve with the evolving times. The tools used to carry out audits; the knowledge terms, terminologies, applications, computer applications and IT (Information Technology) audit software, development of IS (Information Systems) audit Skills, (re) learning must rise to meet the changes in the industry.
The volume and breadth of transactions, reports, customer service requests, incident reports, regulatory filling and then checks that will need to be done on these items cannot be done effectively with the usual tools and cannot be done effectively using the usual processes.
Throughout the history of auditing, audit tools have had to be advanced or at least at par with the tools used by process owners. As of today, there is no audit team that applications to carry out their audits.
The year 2020 saw the globe plunge into an unprecedented health crisis, the likes of which could not have been anticipated by global institutions, world governments, health / environmental / security agencies, or any scientific or technology-based entities. Today, in 2022, the impact of the changes the world at large has experienced in every sector and on every continent are still being dealt with by governments, businesses and individuals.
Almost in one fell swoop, things that erstwhile were deemed impossible, difficult, or challenging became the order of the day. With lockdowns instituted from one country to another where people could not go about their daily lives, let alone carry out their regular business- the lock-downs bringing about stay-at-home orders, permissions for only key businesses to operate, sanitization/protection measures, international travel bans – and the impact of these on personal relations and businesses going.
1. Working with Technology, Working Through Technology
The resulting adaptions and innovations that occurred in 2020 led to the execution of a high level of internet-based and technology-driven activities and operations, including the golden “work from home” style of business operations that continued into 2021.
As a high number of people across the globe came to terms with remote, operations, the digital presence of individuals and businesses grew astronomically from daily communications on social media platforms to official meetings on Zoom, Teams, and other visual meeting platforms, to e-payments via online banking and mobile applications, to cloud computing and storage, to remote management and reviews of numerous tasks and operations using video streaming and other audio-visual tools.
With these new ways of working with technology and through and through technology became the order of the day and now in 2022, we are living in a new normal of hybridization a merging of the innovations, learnings and realizations brought about by the pandemic, with the old ways of physical, in-person operations which continues to evolve.
2. Digitization in the Banking Industry and the New Player
This new normal we are in today shows a continuous integration of digitization in our daily lives and by extension in our business operations. As financial institutions, the emergence of FINTECH companies is not a new topic, we now have banks either acquiring FINTECHs acquiring banking licenses and banks creating FINTECH arms. We have now moved forward to telecoms entities providing banking services to their customers MTN and Airtel have been granted Payment Service Bank (PSB) licenses by operations, and debit/ pre-paid cards can be offered to customers. MTN’s MoMo Payment Service Bank (MoMo PSB) Limited, formally commenced operations on the 166,000 active agents.
The foregoing mean growth in customer base, transactions, revenue, regulations and by default, growth in risks, controls and compliance concerns. The new normal demands evaluation of the opportunities presented by the changed or hybrid operations in each specific organization using methods that match the
From the use of various Spreadsheet soft applications to the Computer Assisted Audit Techniques (CAATs) i.e. specially designed auditing software; our current audit teams leverage existing technologies in executing their roles.
Our current audit teams generally are divided – in one way or the other – between business process auditors and IT/IS auditors and perhaps investigation or Forensic teams. While IT/IS auditors specialize in the audit of information technology or information systems, the future demands that business processes, require more advanced and more technical IT and IS audit skills to bring increased value to their audit execution and in proffering recommendations.
We know from experience that the computer knowledge, expertise and experience of our audit teams have a direct impact on their ability to optimize the use of the technology available to them. Likewise, our auditor’s knowledge, expertise, and experience of existing and advancing technologies will help a direct impact on their ability to review and advise management on risks and controls related to the technology adopted by the organization.
7. The digital Reality – Experiencing Tomorrow, Today
Technological advancements in hardware and software applications have brought about automation that continuously reduce the need for human interference in processes; especially where the applications are intelligent systems that learn and evolve based on their learnings – most commonly referred to as Al ( Artificial Intelligence).
We have robots responding to customer queries on websites and mobile apps, we have cookies that record and report on webpages visited by website users, we have algorithms that report on how often an item was clicked on, how long a page was open and whether a transaction was concluded on shopping sites, streaming services, social media sites, etc. We can speak to our phones and other devices, and they respond to our enquiry
Virtual Reality (VR) systems are growing in the real world once mainly only focused on or used by gamers, now we have the metaverse where a whole ecosystem can be created for people to live digital lives, where meetings can be held in a virtual reality simulated spaces by people in different locations on the globe, each fully seated at a desk or in a board room with a presentation being made by a facilitator in a virtual office with attendees using avatars of their choosing.
8. A look at Banking Trends
Accenture’s report on “Banking Top 10 Trends for 2022” provides a good summary of all the aforementioned topics and considerations. 6 of the 10 items speak directly to what we have discussed.
1. Everyone wants to be a super-apps: Super-apps are dominating more aspects of the digital world and human interaction. Banks face a high-snake choice to compete or collaborate.
2. Innovation makes a comeback: To keep up with FinTechs and other and other competitors, banks are rediscovering their creative mojo and asking a simple, powerful question: “Why not?”
3. The digital brain gets a caring heart: banks are looking for ways to have meaningful conversations with customers in digital spaces. Technology like AI can help make the human benefits
4. Digital currencies head for college: With cryptocurrencies here to stay, experiments like CBDCs are gathering momentum. The search is on for use cases that prove the economic benefits.
5. Smart operations put zero in their sights: Artificial intelligence and machine learning in banking now surpass humans in some tasks. Applying this tech will bring zero waste operations within reach.
6. Payments: anywhere, anytime… and anyhow: The next payments revolution will stem from open networks, which empower banks to reimagine their payments offerings for newly- demanding customers
9. Conclusion
In conclusion, where in the past auditors used paper and the infamous green pen auditors and their tools continue to evolve to meet or stay ahead of the technologies used by businesses.
A new breed of internal auditors will be needed to move the organization forward in the digital world. Businesses must recognize and support this as our auditors are a vital part of our workforce- training, sessions, seminars, knowledge sharing, meetings and all other avenues where new continually learning to stay ahead of or at least in sync with the change.
The journey has already begun, the digital role of audit in each organization must be defined, the mindsets and aspirations of internal auditors must be assessed and any roadblocks to the achievement of the digital auditor must be identified and addressed by each organization.
Thank you for the opportunity given to NOVA Merchant Bank to host the Association on the 52nd Quarterly General Meeting. I wish you successful deliberation in the course of your meeting.
