• Home
  • About Us
  • Contact Us
  • Privacy Policy
  • Special Offers
Business Intelligence Info
  • Business Intelligence
    • BI News and Info
    • Big Data
    • Mobile and Cloud
    • Self-Service BI
  • CRM
    • CRM News and Info
    • InfusionSoft
    • Microsoft Dynamics CRM
    • NetSuite
    • OnContact
    • Salesforce
    • Workbooks
  • Data Mining
    • Pentaho
    • Sisense
    • Tableau
    • TIBCO Spotfire
  • Data Warehousing
    • DWH News and Info
    • IBM DB2
    • Microsoft SQL Server
    • Oracle
    • Teradata
  • Predictive Analytics
    • FICO
    • KNIME
    • Mathematica
    • Matlab
    • Minitab
    • RapidMiner
    • Revolution
    • SAP
    • SAS/SPSS
  • Humor

GRC And Intelligent Finance: How To Get The Human Factor Right

December 4, 2019   SAP
 GRC And Intelligent Finance: How To Get The Human Factor Right

Part 4 of the “Finance Transformation” series that explores how finance can take the lead in driving their companies towards an intelligent enterprise

By definition, automation means removing the human factor from a given process. This is as true for finance as it is for manufacturing or any other line of business.

But the truth is, the human factor can never be removed entirely – particularly for finance processes where governance, risk, and compliance (GRC) is non-negotiable. Visibility into and oversight over automated processes is a requirement. We are in control, not the robots, and we must maintain appropriate oversight of automated processes.

The question is this: how much of the human factor can be legitimately removed from processes while still maintaining control? Managing payments is a good example. As finance organizations have long known, instead of paying people to check every invoice against every purchase, technology can be used to automate the process of matching purchase orders (POs), goods received, and invoices. This is known as the three-way match.

In this instance, you might maintain the human factor in the form of an auditor. This auditor comes in periodically and pulls, say, 25 transactions at random – examining them to make sure there is no sign of error, fraud, or noncompliance to policy. If the auditor finds an issue, the next step is to pull additional transactions to ascertain the extent of possible anomalies and exceptions and finally recommend remediation steps.

Most certainly, this approach provides some level of assurance and is a compromise between auditing every transaction and helping ensure adherence to policy based on sampling. In the end, however, this is primarily manual in nature and does not provide full coverage of transactions.

Toward full automation

A better way forward is full automation with real-time management by exception. The idea here is to pull humans into the process only as needed. Any process – procure-to-pay, order-to-cash, treasury management, billing and credit, and much more – can be fully automated with proper real-time monitoring to alert process managers of outlier events.

What’s more, whereas the auditing approach involves a statistical sampling of transactions, real-time management by exception means that your system monitors 100% of transactions, configurations, and relevant master data in the here and now.

Getting the human factor just right with full automation, however, requires a different approach to financial process management. You might find it helpful to think in terms of intelligent access, intelligent controls, and intelligent detection.

Intelligent access

Automation and hybrid landscapes can complicate access to financial systems. In the past, you needed to authenticate individuals – or not – based on credentials provided. Now, to facilitate end-to-end automated processes, you need to provide access across landscapes, and in some cases, to robots, as well.

To manage the access risks, you’ll need to manage digital identities across systems as well as be able to provide access capabilities to authenticate robotic identities. A good practice is to define the incoming machine in terms of a defined role that allows the person or machine sufficient permissions to perform the needed business function. And from an audit perspective, every transaction and user requires monitoring. This means that every action taken by users and robotic processes must be logged, producing an audit trail and an alerting system to detect anomalies and potentially malicious activities.

Technology such as machine learning (ML) can help. By reading process data in real time, ML algorithms can detect security and transactional anomalies at the application layer and alert process managers. ML can also be used to intelligently optimize role definition, which can then be assigned dynamically in a secure and traceable manner.

Intelligent controls

Fully automated financial processes are controlled primarily through configuration, master data, and transaction monitoring.

Configuration settings are key to establishing and maintaining processes that are aligned to policy. To optimize processes, leading organizations are adding continuous control monitoring to provide a feedback loop on how these settings can be monitored. Take, for example, a setting that alerts a process owner to a change in the thresholds assigned to a three-way match before manual intervention is required. Or consider monitoring depreciation calculations tied to automated postings, changes to charts of account tables, or modifications to posting and reconciliation rules associated with accounting periods and the financial close processes. By replacing manual controls with fully automated controls, process owners and auditors can gain greater visibility and trust in processes, including robotic processes, managed by core ERP systems.

Proper master data monitoring is also critical to help prevent policy violations or potential fraud. Fields that contain sensitive data can be monitored to help ensure accuracy and completeness, as well as for changes that might be motivated by policy aversion such as one-off transactions. Master data that can be monitored can be found in key fields in vendor or customer master accounts, including bank account information, or fields related to key information in POs or invoices, or conversion values used in various calculations. And in today’s world, which requires greater data protection and privacy, the ability to also mask or log data access to sensitive information is also needed.

Finally, transaction monitoring provides another layer to help identify unexpected outcomes in core processes. Although effective access management, configuration, and master data monitoring are all important in a detective and preventive approach, transaction monitoring adds an important final check to help identify where these prior approaches might not be yielding the expected results and adjustments might be in order. And by receiving alerts, a process owner can also have the ability to drill down quickly into the transaction details residing in back-end systems. This is enabled now more than ever, as SAP S/4HANA allows for tighter integration of core processes that help provide a more consolidated view of enterprise business data that serves as a single source of finance truth.

Intelligent detection

Constant monitoring of finance processes is required to detect intrusions and potentially fraudulent activity. Proper detection is critical at the point of system access – but it doesn’t stop there.

On a 24×7 basis, your systems must be monitored to detect both external and internal threats. Beyond traditional cybersecurity and monitoring approaches, many companies are now turning to ML algorithms as the risk landscape grows in complexity.

You can stay on the offensive by using ML to analyze and correlate logs from past and current security events. Based on this historic data, ML can help you run forensic investigations that uncover new attack patterns before they impact your systems. It can also help you detect patterns of system activities in real time to generate alerts to anomalous conditions that might require immediate attention.

ML can also be used to map structured and unstructured data across systems and highlight personal information, which is relevant under various data-privacy regulatory pronouncements.

The advantages of intelligence

With intelligent access, intelligent controls, and intelligent detection, organizations can get the human factor just right for automated finance processes. The outcomes, though, are not merely a new set of requirements for managing finance risk, but tangible business benefits that serve the business well and provide greater assurance to process owners and stakeholders alike. These include trusted processes that drive business performance, expected results that instill confidence, and streamlined audits that drive down the costs of compliance.

Join the second SAP Intelligent Finance virtual event on Tuesday, Feb. 11, 2020, and explore the new reality driving finance transformation. Register now.

Follow SAP Finance online: @SAPFinance (Twitter) | LinkedIn | Facebook | YouTube

Let’s block ads! (Why?)

Digitalist Magazine

Factor, Finance, human, intelligent, right
  • Recent Posts

    • Someone’s having surgery
    • C’mon hooman
    • Build and Release Pipelines for Azure Resources (Logic Apps and Azure Functions)
    • Database version control: Getting started with Flyway
    • Support CRM with New Dynamics 365 Field Service Mobile App
  • Categories

  • Archives

    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • March 2020
    • February 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    • December 2016
    • November 2016
    • October 2016
    • September 2016
    • August 2016
    • July 2016
    • June 2016
    • May 2016
    • April 2016
    • March 2016
    • February 2016
    • January 2016
    • December 2015
    • November 2015
    • October 2015
    • September 2015
    • August 2015
    • July 2015
    • June 2015
    • May 2015
    • April 2015
    • March 2015
    • February 2015
    • January 2015
    • December 2014
    • November 2014
© 2021 Business Intelligence Info
Power BI Training | G Com Solutions Limited