CFOs should be the gatekeepers of the organization’s speed-control balance


As digital transformation accelerates, businesses face a pressing question: Does the balance we’re looking for between speed and control match our strategy? CFOs are key stakeholders in this continued determination, and more CFOs are taking the lead in these deliberations. This new responsibility involves assessing and managing the impacts on internal controls that arise from business and digital transformation activities, and determining the extent to which this balance between speed and control aligns with the organization’s business strategy. While the challenge of balancing this is certainly not new, it is exacerbated by the increasing demands and the accelerating pace of change in the digital age.

Speed ​​has always been a fascinating concept in business. In the analog age, elapsed time was often compared to competitors as a way to continuously improve processes, the theory that taking time on a process made it more efficient and flexible. In the digital age, time and speed have evolved beyond tactics to focus on a more strategic and holistic view with the goal of challenging conventional thinking and disrupting accepted ways of working and long-established value chains.

Creating customer value is a constant and never-ending quest to reinvent and improve business models and processes in an ever-changing operating environment. It is fueled by the focus on speed in collecting and learning feedback and making and executing high-quality decisions in deploying digital technologies and tools to deliver the value customers want. and wait. Anything less than this is not a very smart game in a digital economy in which markets are changing at a rapid pace.

While the development and adoption of advanced technologies goes beyond the traditional control framework of the financial organization, it is critical to recognize that more of these activities also take place beyond the competence of the IT group through citizen developers, low-code / no-code offers, shadow IT projects and related forms of decentralized technological deployment. Therefore, the extent to which high-speed technology development and adoption activities affect the organizational control environment is often unknown. The resolution of this problem lies squarely in the wheelhouse of the CFO.

Therefore, CFOs need to understand the elements of transformation that tend to exert the greatest impacts on the control environment, including which internal controls are most at risk of being overlooked, and how they can help company to monitor and, if necessary, to recalibrate its speed in relation to -check balance.

Where and how internal controls can be overlooked

Everyone knows that the speed induced by digital transformation is beneficial and increasingly necessary from a competitive point of view. That said, many activities and transformation approaches within an organization tend to have substantial impacts on internal controls. These include, but are certainly not limited to, the following:

  • Citizen developers: A growing number of organizations are using citizen developers, decentralized software development approaches, and other forms of shadow IT to accelerate the creation and deployment of new digital tools, products, and services. This speed often comes at a cost as these methods can introduce new risks and control problems.
  • The Internet of Things (IoT): As businesses and their third parties continue to increase their use of IoT sensors, devices, applications and data, information security risks multiply. In addition to questions about security controls, advancements in IoT raise strategic questions about data ownership, privacy and security as organizations rush to monetize data from growing assets. instrumented.
  • “Reactionary” transformation: Much of the digital transformation work that took place during the global pandemic has been more reactionary than strategic. These advances are often extremely beneficial in addressing emerging issues, but they are not necessarily part of a long-term plan, nor have they been implemented with internal controls in mind. Today, many of these reactionary transformation activities need to be reassessed from a control and risk perspective to determine how they fit into the organization’s long-term transformation plan and investment model.

These and other digital transformation accelerators often overlook, or conflict with, segregation of duties controls. More IT-specific controls related to change management, data security, availability, and other application development practices also tend to receive insufficient attention as more software developments develop. and technological deployments are carried out outside the IT function.

Consider, for example, how monolithic technology systems in a manufacturing facility were traditionally built on-site by the IT group in strict accordance with carefully crafted development processes and standards. Today, engineers and production workers at this manufacturing facility likely have access to nifty citizen development toolsets that allow them to quickly build and deploy their own custom applications.

Similar low-code or no-code offerings are available for operational teams in financial services and most other industries, as well as accounts payable and most other functional teams. These agile applications get live and / or to market faster, but often lack the necessary internal controls.

Your mission, if you choose to accept it

For several reasons, the governance of this speed / control balance is not only an adequacy but also a responsibility of the CFO.

First, CFOs play a key role in directing the development and execution of the organization’s strategy. While this does not make them the sole leader responsible for managing speed versus control, they are, at the very least, an important stakeholder in the process. And they are certainly responsible when speed versus control intersects with producing data that is ultimately included in financial reports.

Second, CFOs are responsible for allocating company capital, whether it’s investing in people, products, or technology. As I noted earlier, CFOs assess which investments in talent and skills are most likely to keep the business running at the right size and in the right way, to best cope with disruption and current and future opportunities. Financial executives fulfill a similar role when it comes to technology and digital investments. Part of ensuring that these investments keep the business running smoothly is finding the right balance between speed and control.

Third, CFOs are uniquely positioned to determine how the speed / control balance in digital transformation aligns with another related balance that needs to be struck between the front office and the back office. Today, digital transformation activities often occur in a quiet way, in the external areas of the business and in the functional areas that support operations, which are the domain of the CFO.

In recent years, the front office has acted with increasing independence in the development and implementation of digital advancements. This helps the organization to overtake (or catch up with) its competitors in a way that would not be possible if they expected their back office partners to develop and deliver similar capabilities. But acting quickly without the right controls in place – or even a recognition of controls that should be in place but are not – can lead to significant outages, like those in supply chains and customer service that have become widespread. over the past 12 years. months or more.

The risk and control mindset of CFOs, combined with their involvement in the development and execution of organizational strategy, makes them ideally suited to ensure that digital transformations in offices and back- offices are better aligned. By embracing balance speed / control management, financial executives can ensure their businesses grow quickly and wisely.


About Author

Comments are closed.