The last great revolution in auditing — the foundation of the modern public company audit in the 1930s — was driven by regulatory and legislative fiat reacting to the massive market irregularities and frauds that helped trigger the Great Depression. With the field facing mammoth changes once again, the question remains: What’s driving the revolution this time?
In looking ahead at the next decade, experts in the field point to two main drivers of change in audit: technology, which is giving auditors incredible new capabilities to measure risk and find irregularities, and — particularly in the long term — market demand for more and faster assurance around a much wider range of activities.
The impact of technology is, of course, already being felt, and will continue to be felt on several fronts.
“I think that in the next 10 years, you’ll see even greater advancement related to how businesses use technology in their business, and then how we use technology to audit business as well,” predicted Heather Paquette, national technology assurance leader at KPMG.
In other words, the new tools that clients are using will shape the audit as much as the new tools that auditors themselves are using. As an example, CPA.com president and CEO Erik Ageirsson noted corporations’ ongoing migration of their data onto cloud-based systems and platforms — where auditors will be able to have better access to both the data and the source systems that produce it.
And while much of the focus in applying technology to auditing in the past has been about making previous methodologies more efficient and more effective, the next decade will see technology changing the methodologies themselves, Asgeirsson explained.
“You need new solutions to truly drive new ways of doing things, and with these new capabilities — be it a data-driven audit in the cloud, or access to all this information — you then need to step back and rethink how you want to go about providing this service,” he said, citing the forthcoming Dynamic Audit Solution as a prime example of rethinking and reimagining the audit in response to emerging technological capabilities. “Until you have those new solutions, most of the marketplace won’t go to new ways of working, even though they probably could, leveraging previous solutions.’”
Because digital systems such as blockchain will become more and more important to businesses and the way they operate, Asgeirsson said that auditors will be called on more and more to attest to the quality of the configuration of the systems themselves, not just to the quality and accuracy of the data they produce.
Handling that kind of assurance, as well as all of the other tech-related changes coming to the field, will call for new kinds of auditors, and firms are already beginning to adjust their teams.
“We’ve brought nearly 1,100 technology professionals into our audit practice,” said KPMG’s Paquette. “We’ve also upskilled more than 1,500 of our audit professionals on auditing technology, and we have trained more than 4,000 professionals on using data and analytics and other automation as part of the audit.”
For all the complexity that new technologies will drive, and for all the change they’ll require of auditors, the upside will be significant, according to Wes Bricker, vice chair and US Trust Solutions co-leader at PricewaterhouseCoopers.
“Technology will make us more relevant, not less,” he said. “It’ll challenge us to build different skills, to not leave anyone behind; it’ll challenge us to stay true to our core underpinnings of ethics and integrity and good independence; it’ll challenge us to keep our standards current; it’ll challenge us to have good methodology that stretches across boundaries; but technology will reinforce our relevance, because at the end of the day, people want to trust in something, they want to trust that the technology is working for them and they’ll want to trust the profession.”
And that need for trust is behind the other major driver of change in auditing over the next decade.
What do markets want?
The audit as we know it has centered primarily on the financial statement, and its scope and focus have been determined largely by regulators — but both of those will shift significantly in the coming years, as markets and society as a whole directly demand information on a much wider range of information than ever before.
“There’s a whole new philosophy now on enterprise-grade and investor-level disclosures of data that’s not core to the financial statements, and I think that will become equal to if not even more critical over the next decade in terms of the scope of what an auditor does,” predicted Jon Raphael, audit and assurance national managing partner — transformation and assurance at Big Four firm Deloitte & Touche.
Auditors will be called in to bridge the gap between what companies are reporting and what markets and investors and the public want to know, in areas ranging from human capital and diversity, equity & inclusion to cybersecurity and data privacy.
“All of that is a spectrum of things that an independent service provider can provide insights on to stakeholders of companies,” Raphael explained. “In enterprise value thinking, there are key performance indicators and non-GAAP performance measures, which I think more and more there’s going to be interest in knowing. They’re part of the value of the company, clearly, so can procedures be performed on them as well?”
Some of the call for assurance on those non-financial measures may well come from regulators — witness the recent proposals from the Securities and Exchange Commission regarding climate disclosures — but more and more they’ll come from fast-moving markets.
“Audits of historical financial statements today really don’t move markets,” said Al Anderson, the founder and president of AccountAbility Plus. “It’s been years since they have, and sometimes I question whether they ever did — but media is moving markets and instant information is moving markets, so what we need assurance on is things surrounding that instant information society that we’ve been living in.”
“We know that investors, when they’re interested in something, they value assurance on it,” added John King, vice chair of assurance for the Americas at Big Four firm Ernst & Young. “My perspective on this has always been that we want to be of value to investors and of value to our clients, and if something is valuable, they will ask us to get in and provide assurance. This is not a business where you have to go out and try to generate new markets for our services. This is really just about following where investors find value.”