- Managing data security and privacy seen as significant challenge by CFOs
- Lack of clarity over data ownership and governance has a significant impact on reporting effectiveness
- Traditional governance and board structures challenged by geopolitical risks and technology and data environment
More than 1,000 CFOs or financial controllers of large organizations with revenue greater than US$500m across 25 countries participated in annual global survey. It found that lack of clarity over data ownership and governance has a significant impact on reporting effectiveness for 64% of respondents globally.
Eighty-five percent said that they found it either “very challenging” or “somewhat challenging” to actively manage data flows based upon different jurisdictions’ privacy laws. The same percentage of respondents also said that assessing the different security standards for data centers versus cloud computing was a key challenge to data protection, privacy and compliance. The survey also found that 49% of respondents say concerns over security and compliance risks of the cloud are seen as a major barrier to technology transformation and the implementation of innovative new technologies.
Peter Wollmert, EY Global and EMEIA FAAS Leader, says:
“There is a high level of uncertainty among the finance community on how to approach the issues of data security and privacy. CFOs need to ensure that they have clear governance processes in place for how they look after financial information and ensure that data is both compliant with relevant local laws and is secure – which can be a huge challenge in large and complex organizations. Responding by using advanced data analytics and integrated technologies as well as artificial intelligence, cloud computing and robotic process automation will be key to avoiding reputational and other costs that come with a mismanagement of financial data.”
CFOs respond to technological, social and political pressures
CFOs are under increasing pressure to rethink traditional approaches to corporate governance. Forty-two percent of those surveyed say their audit committees and boards are asking for more insights and information from corporate reporting on data protection and privacy, with the same percentage of respondents also saying they are providing corporate reporting on the risks from regulatory change. This increases to 60% and 61% when looking at respondents in the Middle East and North Africa and Singapore, respectively. To combat these changes, 85% of respondents globally say they are providing automated alerts to audit committees and boards about governance, risk and compliance issues, with this increasing to 95% of US respondents and 93% of UK respondents.
Christina Agathangelou, EY Cyprus Head of FAAS, says:
“Reporting teams today are expected to quickly pivot and respond to this fast-changing reporting environment. They need to provide audit committees and boards of directors with direct information and be able to extract forward-looking insights from large, fast-changing and wide-ranging data sets in a real-time to help them discharge their responsibilities.”
The changing face of the audit committee
Against the heavily scrutinized environment, the oversight role of audit committees is also significantly changing, the report finds. Eighty-two percent of respondents say audit committees and boards are putting a much stronger focus on corporate culture and its impact on compliance and fraud prevention.
This is leading to the role and responsibilities of audit committees coming into focus. The survey finds that 58% of respondents say that committee members need to develop new competencies and understanding in using analytics in identifying data risks, while 57% say an understanding of legal frameworks for data hosting is increasingly important in order to provide effective oversight.