How to Design a Risk and Governance Function That Is Future Ready

A recent CFO dive and Accenture study showed that: 

• Only 7% of CFOs have made significant gains on driving organizational resilience in recent years, even though three-fourths (73%) acknowledge they’re currently in a prime position to do so.
• Of the four tiers of operational maturity (stable, efficient, predictive, and future-ready), only 5% of CFOs have achieved “future-ready” operations, though 35% expect to be there in the next three years. Each level, the survey said, is “grounded in and enabled by progressively more sophisticated technology, talent, processes and data insights.”

Intelligent Automation (IA) is rapidly transforming the way organizations handle everything from finance and accounting to operations and human resources. Legacy technologies like Robotics Process Automation (RPA), Optical Character Recognition (OCR), and enhanced process solutions such as Artificial Intelligence (AI) unlock the potential to do things faster, better, and cheaper.

However, as companies continue the path of digital transformation, new risk and governance considerations have also emerged — especially as automation is introduced across different organizational functions subject to higher compliance or operational scrutiny.

4 Steps to Design a Robust Risk and Governance Function

A well-designed Risk and Governance function is key to ensuring that IA is implemented to effectively guide and inform overall automation program strategy, delivery, and operations. 

1. Make sure you have a governance stakeholder who can influence automation strategy, including deciding what solutions will be chosen for automation, functional stakeholders who will steer the program, and what use cases will be approved and how they will be prioritized. 
2. Now determine how to deliver automated solutions. Provide appropriate training and tools to enable automation developers and other teams involved in the project. 
3. Consider control integration early in the process: For example, will the automation solution perform key reconciliations? Approve expenses? 
4. And finally, the execution aspect is about supporting the ongoing execution of the automation program through a risk lens. Create robust processes to manage people and change; utilize risk templates and toolkit as part of the delivery operations; and create reporting on compliance metrics to key stakeholders. 

As companies identify new use cases enabled by cognitive, artificial intelligence (AI), or machine learning, the risk and governance perspective becomes more complex and challenging. The key is not to look at automation as a standalone project, but as a practice that will impact your business functions every day now and in the future.