Optimising financial processes

Posted on:

Something to Consider: Financial Executives Share ICFR and Cyber Concerns

Something to Consider February 2018 1

Increasing Concerns about Cyber Security and Financial Reporting

Internal controls over financial reporting (ICFR) and cyber security risks are growing concerns for the CFO team. Concern for ICFR has shot up from 21% in 2016 to 30%, and for cyber security has increased to 22% compared to just 13% in 2016 according to a survey of more than 500 executives.

Changes to accounting standards for revenue recognition and other areas add weight to the need improved internal controls in all areas, and specifically in financial reporting.

We are also facing a raft of new regulations in 2018. While compliance functions will shoulder most of the risk burden for new regulations, business operations and internal audit will remain key lines of defence and will need to work collaboratively to ensure that everything is on track for key deadlines.

This survey also reflects our experience that cyber threats should be a key concern for finance management and business leaders, not just the CIO or Chief Information Security Officer.

Cyber threats also have the potential to affect core business operations and financial reporting. Cyber as well as ICFR needs to be in the executive discussion as there remains a persistent gap between awareness and preparedness. Reports indicate that 62 per cent of businesses expect cyber risk to cause disruption within the next three years, yet nearly three-quarters reported poor cyber maturity.

36 percent of executives also said they are struggling to keep pace with the rate of technological innovation in their sectors.

To take a look at the other results of the survey, you can find it here

Our ‘Something To Consider’ snippets are framed as small, digestible, ‘dashes of insight’ around the pillars of what we define as “World Class Finance” – Process Optimization, Financial Control and Compliance, and Risk Assurance, all underpinned by technology enablement and integration.