The year 2020 saw the globe plunge into an unprecedented health crisis, the likes of which could not have been anticipated by global institutions, world governments, health / environment / security agencies or any scientific or technology based entities.
Today, in 2022, the impact of the changes the world at large has experienced in every sector and on every continent are still being dealt with by governments, businesses, and individuals.
Almost in one fell swoop, things that erstwhile were deemed impossible, difficult, or challenging became the order of the day. With lock-downs instituted from one country to the other where people could not go about their daily lives, let alone carry out their regular business – the lock-downs bringing about stay at home orders; permissions for only key business to operate; protection measures; international travel bans – and the impact of these on personal relations and business operations, led people to find alternative ways to keep their lives and businesses going.
As financial institutions, the emergence of Financial Technology (FINTECH) companies is not a new topic; we now have banks either acquiring FINTECHs, FINTECHs acquiring banking licenses and banks creating FINTECH arms. We have now moved forward to telecoms entities providing banking services to their customers – MTN and Airtel have been granted payment service Bank (PSB) licenses by the Central Bank of Nigeria (CBN), where deposit takings, cross border payments, e-wallet operations, and debit/pre-paid cards can be offered to customers. MTN’s MoMo Payment Service Bank (MoMo PSB) Limited, formally commenced operations on the 19th of May 2022 with an agent network of over 166,000 active agents.
The foregoing meant growth in customer base, transactions, revenue, regulations and by default, growth in risks, controls, and compliance concerns. The new normal demands evaluation of the opportunities presented by the changed or hybrid operations in each specific organization using methods that matches the development. This implies that relying on or requiring physical proximity to, manual handling or operation of and/or central or fixed locations or base for deliberation, review,
mindsets and aspirations of internal auditors must be assessed and any roadblocks to the achievement of digital auditors must be identified and addressed by each organization.
For this, regular upskilling, trainings, attendance at seminars and knowledge sharing sessions, continuous engagements with groups such as the Association of Chief Audit Executives of Banks in Nigeria (ACAEBIN), security agencies and continuous interactions with regulators, would serve to keep auditors abreast of new technologies, audit approaches and guidelines and regulations affecting new and emerging technologies.
Digitization in the Banking Industry and the New Players
assessment or reporting on activities need to change as the digital space, where most of the new transactions will take place, is not limited to physical or singular unique location(s).
2. Auditing in a Digital Era
The tools, knowledge and skills of internal auditors must evolve with the evolving times. The tools used to carry out audits; the knowledge – terms, terminologies, applications, options, uses – of digital platforms, outlets, services; and the skills – comfort with basic computer applications and IT (Information Technology) audit software, development of IS (Information Systems) audit skills, (re)learning – must rise to meet the changes in the industry.
The volume and breadth of transactions, reports, customer service requests, incident reports, regulatory filing and the checks that will need to be done on these items cannot be done effectively with the usual tools and cannot be done effectively using the usual processes.
Throughout the history of auditing, audit tools have had to be more advanced or at least at par with the tools used by process owners. As of today, there is no audit team that does not use a computer system and one or more software applications to carry out their audits. From the use of various Spreadsheet software applications to the Computer Assisted Audit Techniques (CAATs) i.e. specifically designed auditing software; our current audit teams leverage existing technologies in executing their roles.
Our current audit teams generally are
divided – in one way or another – between business process auditors and Information Technology/Information System Auditors and perhaps Investigation or Forensic teams. While IT/IS auditors specialize in the audit of information technology or information systems, the future demands that business process auditors, who are now dealing with more advanced and more technical business processes, require more advanced and more technical IT and IS audit skills to bring increased value to their audit execution and in proffering recommendations.
We know from experience that the computer knowledge, expertise and experience of our audit teams has direct impact on their ability to optimize the use of the technologies available to them. Likewise, our auditors’ knowledge, expertise, and experience of
existing and advancing technologies will have a direct impact on their ability to review and advise management on risks and controls related to technologies adopted by the organization.
The various audit teams must invest in audit tools capable of providing a agile approach to audit in the light of high volume of transactions in the digital age. A new breed of internal auditors will be needed to move organizations forward in the digital world. Business must recognize and support this as our auditors are a vital part of our workforce trainings, sessions, seminars, knowledge sharing, meetings and all other avenues where new technologies are discussed should have audit team members in attendance and continually learning to stay ahead of or at least in sync with the changes.