Robotic Process Automation and Artificial Intelligence

Size: px

Start display at page:

Download "Robotic Process Automation and Artificial Intelligence"

Percival Barnett
5 years ago
Views:

1 Robotic Process Automation and Artificial Intelligence Tom Sanglier CIA, CRMA, CPA Senior Director, Raytheon Company January 25, 2019

2 Today s Session Understand that technology disrupters will have a significant impact on organizations and the internal audit profession. Take a closer look at two technology disruptors (Robotic Process Automation and Artificial Intelligence), including understanding the technology and risks. Learn how to equip yourself and your team with the skills to audit and potentially implement these technologies.

3 Why is this Important?

4 Change Is Coming For Our Organizations Technology disruption will be a major force for change within organizations. Technology Business Model SPEED Risks Governance Our data shows that when it comes to technology innovation, many companies struggle to balance the need for speed and agility with the need for control. Excerpted from KPMG s 2018 Tech Risk Management Survey Report Disruption is the New Norm

Change Is Coming For Internal Audit Whether happening now, soon, or later, these changes will impact Internal Audit: What we audit (implementations, technologies) How we audit (leveraging technology,

5 Change Is Coming For Internal Audit Whether happening now, soon, or later, these changes will impact Internal Audit: What we audit (implementations, technologies) How we audit (leveraging technology, embedding controls) Who we hire (innovators, IT skills, change agents) The speed of change may require a more agile approach to everything we do. Internal audit will need be agile to avoid being seen as an inhibitor.

6 Change Is Coming For Each Of Us If our organizations and departments are being impacted, then The skills we need will change - continuously Our knowledge of technology (current and future) must increase How we lead and influence others will change The doomsday (or optimist) scenario automation replaces us all. Vivienne Ming: The professional class is about to be blindsided by AI - Rana Foroohar, July 27, 2018; Lunch with the FT Artificial Intellgence Twin Trends of Aging and Automation: Risks to Anticipate - Patty Sung, July 19, 2018; NACD BoardTalk

7 Again - Why is this Important? Are you driving change, or being driven by it?

8 What Are Technology Disruptors? Per Investopedia: Disruptive technologies are those that significantly alter the way businesses or entire industries operate. Examples: Mobile Devices/Apps: Uber Mobile Banking Netflix Digitization: Apple (music) Kodak (photography) Bookstores What is a disruptor for one organization is not a disruptor for all

9 Stakeholder Concerns If our stakeholders are concerned, then we should be concerned NACD Public Company Governance Survey

10 Essential 8 Emerging Technologies Excerpted from PwC 2018 State of the Internal Audit Profession Study

11 RPA

RPA - Impact Robotic Process Automation (RPA) software is able to execute predetermined, rulesbased tasks, mimicking human interaction with existing

12 RPA - Impact Robotic Process Automation (RPA) software is able to execute predetermined, rulesbased tasks, mimicking human interaction with existing applications to automate entire processes or discrete activities. Protiviti Inc. Webinar - ROBOTIC PROCESS AUTOMATION AND INTERNAL AUDIT ARE YOUREADY? September 25, 2018

13 RPA Impact (cont d)

RPA - Risks Central or distributed management Return on Investment Human Capital risks Change management Access controls Increased/Rapid error

14 RPA - Risks Central or distributed management Return on Investment Human Capital risks Change management Access controls Increased/Rapid error multiples Monitoring and shutdown Reengineered processes Automating inefficiency Dropping controls Up/Downstream process impacts Business continuity

15 Artificial Intelligence (AI)

16 Artificial Intelligence (AI)

17 AI (cont d)

18 AI- Impact Tata Consultancy Services polled (1) : 835 executives 13 global industries 4 world regions 84% of companies see AI as essential to competitiveness 50% see the technology as transformative. The biggest adopters of AI today are IT departments: 67% use to detect security intrusions, user issues and deliver automation. By 2020: 32% believe greatest impact will be in sales, marketing or customer service 20% see impact being largest in non-customer facing corporate functions (e.g., finance, HR.) (1) March 17, 2017; Help Net Security; What impact will artificial intelligence have on business?

19 AI- Impact Excerpted from Accenture s How AI Boosts Industry Profits and Innovation 2018

20 AI - Risks Algorithm development Data Bias Security Privacy Regulation Overreliance Ethics AI s major limiting feature the complexity of software algorithm development is being replaced by the complexity of data preparation.

21 Common Technology Disruptor Risks

22 How Do We Audit These Risks? The good news is there is a lot of thought leadership about risks and controls.

23 How Do We Audit These Risks (cont d)?

24 4 th Industrial Revolution Throughout history, there have always been technology disruptors. So what is different about this revolution? Speed Interconnectivity RPA and Cognitive Computing AI and Drones RPA and IoT Cognitive Computing and IoT

Disruptive Technologies - Governance In your organizations today, who and/or how: Identifies Approves Tests Assesses regulations Designs controls Creates policies Implements

25 Disruptive Technologies - Governance In your organizations today, who and/or how: Identifies Approves Tests Assesses regulations Designs controls Creates policies Implements and communicates Monitors What is the Board s role? What is your role? Future governance will require a flexible framework that allows for transparency and rapid communication

26 Technology Good or Bad? AI is likely to be either the best or worst thing to happen to humanity.

Impact on Internal Audit? Nearly 50% of companies expect automation will lead to some reduction in their full-time workforce by 2022.

27 Impact on Internal Audit? Nearly 50% of companies expect automation will lead to some reduction in their full-time workforce by However, 38% surveyed expect to extend their workforce to new productivity-enhancing roles, and more than a quarter expect automation to lead to the creation of new roles in their enterprise. By 2022, no less than 54% of all employees will require significant re- and upskilling.

28 Impact on Internal Audit? (cont d) Expected impact of Blockchain

The Internal Audit Imperative CAEs need to lead the response to disruption with innovative strategies and an agile approach supported by the right talent.

29 The Internal Audit Imperative CAEs need to lead the response to disruption with innovative strategies and an agile approach supported by the right talent. Embrace the disruptive technology revolution; become part of the strategic transformation team. Deploy technologies within the audit function Enhances skills in all aspects of disruptive technology auditing. Reduce cost.

30 Transformation of Internal Audit Nearly Half in Poll Plan to Modernize Compliance Functions in the Next Year (Deloitte Aug 15, 2018) 48.3% of organizations plan to modernize compliance functions in the next 12 months by changing core practices in the way they execute compliance efforts, including introducing new technologies. Emerging technologies include cognitive compliance, automation, and robotics.

Transformation of Internal Audit (cont d) 14% of respondents to the PWC 2018 State of the Internal Audit Profession Study are categorized as "Evolvers" who are advanced

31 Transformation of Internal Audit (cont d) 14% of respondents to the PWC 2018 State of the Internal Audit Profession Study are categorized as "Evolvers" who are advanced in technology adoption. 75% of Evolvers are considered to be providing significant value to the organization. Evolvers are also successfully fusing technology and talent.

32 What Can We Use?

33 What Can We Use? (cont d) Maybe not today but remember: - All technologies become cheaper over time - AI and RPA are not solutions for every opportunity

34 Using AI AI has been developed that has excellent predictive analytic capacities. (e.g., Amazon) AI can be used to combat fraud. Reduces number false positives and increases the speed and accuracy of fraud detection. Financial services use these techniques to investigate potential fraud. AI can help auditors find fraud faster and more accurately. Commercial solutions exist now

35 Using AI (cont d) Courtesy of - Bob@oncorps.io

Using RPA Deloitte is currently using cognitive technology (e.g., data analysis, visualization, workflow automation, and RPA) to review contract terms and electronic documents.

36 Using RPA Deloitte is currently using cognitive technology (e.g., data analysis, visualization, workflow automation, and RPA) to review contract terms and electronic documents. The rapid reviews enabled by cognitive technology allow review and assessment of larger samples, or get to the point where auditors can review 100 percent of contracts. The reviews also can incorporate segmentation of documents. (e.g, contracts that include escalation clauses from those that do not.) Jon Raphael Deloitte & Touche LLP Chief Innovation Officer Excerpted from Creating a Cognitive Audit, by Tom Davenport and Jon Raphael

37 Are You Behind?

38 A High Level Roadmap Assess the maturity of the department s existing technological capabilities. Form a team to develop a transformation program. Create a budget. Find partners. Quick wins are good, but expect changes. Practice change management communicate and align.

39 A RPA Assessment Perform Ideation Sessions / Create list of ideas for automation Filter ideas using Automation Criteria Document prioritized opportunities on Short Form Questionnaire Set up meeting for demo of the process with SME Assess the vetted opportunity within the Automation Scorecard Complete Long Form questionnaire and forward to SME. SME to help as needed. Process Assessments (includes as is process, estimated complexity, and estimated value) Agree on Initial Process Assessment and Value Case Finalize ROI, Cost Benefit, Risks, Project Plan, Project Team, and Proceed with frequent communication

40 Automation Criteria

41 Skills Now & Future Existing Required Skills Change Agent Strategic Thinker Relationship Builder Learner New Skills For Brand Innovator Risk Taker Agile Expert Technologist The real pitfall for Internal Audit is if they don t stay current on new technologies then they won t have a seat at the table and be perceived to be adding value; they need to stay current (not be experts) to stay relevant. - Alvin Bledsoe Audit Committee Chair, SunCoke Energy

42 Learn Audit Conferences Non-Audit Conferences Related Assurance Conferences

43 Learn (cont d)

44 Learn (cont d)

45 Participate and Volunteer What are your organization s current initiatives? Are you involved? Get invited! Volunteer yourself, your team, your department.

46 Innovate - Continuously

47 Become Agile

48 What We Covered Looked at technology disrupters generically and potential impacts they will have on organizations and the internal audit profession. Looked closer at two technology disruptors (Robotic Process Automation and Artificial Intelligence), including understanding the technology and risks. Discussed how to equip yourself and your team with the skills to audit and potentially implement these technologies.

50 The future is not something we enter; the future is something we create. Gary Barnett

51 Feel free to contact me at:

52 BACK UP

53 Documenting Prioritized Opportunities Questions Process 1 Process 2 Describe the key steps required to complete the process. 1. Step 1 2. Step 2 3. Step 3 Who is the process owner? Who is the process SME (subject matter expert)? Total Headcount completing the process What percentage of the team's time is spent completing the process on average? (E.g. 50% of average working day) What is the target automation benefit? (E.g. # FTEs, estimated financial benefit ($), reduction in handling time, etc.) What is the exception rate in the process? (%). (E.g. how many times an unusual case which needs to be investigated or escalated occurs) What percentage of the process is Rules-Based? (E.g. The decisions or steps taken throughout the process follow a pre-defined set of rules.) What percentage of the inputs are: 1. Structured (Ex. Excel, Database) 2. Unstructured (Ex. Image file, Freeflow text) 3. Semi-structured (Ex. , PDF) To what extent is process documentation available? (Ex. Documented process flow, training documents, templates of inputs and outputs, desktop procedures) Please list the names of the applications and the type of applications. Do any applications require Citrix or SAP? Please list the application names for each Is a new system or major change initiative due to be implemented in the foreseeable future which will affect this process?

54 Automation Scorecard Description 1 - Low 4 - High Human (Rules Based) Human decison-making is needed in No or very low degree of decisionmaking more than 70% of the process steps and/or is spread over the process. needed in process execution and/or is concentrated in a specific area of the process Data Characteristics (Nature of Inputs) Unstructured data with varying formats. Not predefined inputs. Structured data, fixed and predefined inputs. Digitalization (Nature of Data) Standardization (Exception Handling) IT systems Inputs needed for the process is not digitized and paper work is required to a high extent. The process is adjusted frequently and/or there is no predefined decision tree that the pocess steps follow. Types of systems used are difficult for RPA to work with. All inputs and data are stored digitally. The process is not adjusted frequently and there is a predefined decision tree that the process steps follow. Types of systems used are easy for RPA to work with.

55 Automation Scorecard (cont d) # of Yearly Cases Minutes per Case Execution Volume (#FTE equivalent) Human Interpretation IT Systems Data Characteristics RPA Suitability Digitalization Value Suitability Readiness Weight 25% 50% 25% 50% 50% Standardization RPA Readiness Other Benefits Process #1 XX XX XX Process #2 XX XX XX Process #3 XX XX XX

56 Automation Scorecard (cont d)

57 Initial Process Assessment Questions Could the process possibly be extended to other functions (reusability)? What percentage of the team's time is spent completing the process on average? How often does the process run? What are the average daily / monthly / weekly volumes? What percentage, if any, of the current process is already automated? How is this process expected to create value outside of FTE savings? (E.g. Increased cash flow, more accurate billings) What percentage of the process is Rules-Based? (E.g. steps throughout the process follow pre-defined rules.) What % of the process involves Paper? Digital? Voice? What is the exception rate in the process? (%) What is the Maximum Tolerable Downtime the department could experience in the event this process was unavailable What would be the impact to the department in the event this process was unavailable? Do the process volumes increase during peak periods? Please provide details. Are there any prerequisites to automation? (E.g. upgrades, security requirements) Are there any sub-processes that need to be considered? Are there any specific financial, regulatory, or customer pain points within the process? Are there any data policies (data retention, integrity, etc.) that need to be considered?