In his book The Closing of the Auditor’s Mind?, David J. O’Regan, FCA, examines how an erosion of trust in modern auditing might be remedied and reversed.
Increasingly fragmented patterns of accountability and social trust are in the ascendant and there are implications for a crucial area of our socio-economic existence—internal auditing.
Internal auditing faces not only a challenge of adaptability to emerging patterns of accountability and social trust, it is also confronted by broader challenges of reforms required to encourage such adaptability.
One might prefer the term “crises” to “challenges” but let us avoid leavening our analysis with hyperbolic language.
Nonetheless, the severity of internal auditing’s two contemporaneous and interconnected challenges discussed is not to be underestimated. Should the challenges remain unaddressed, they may well develop into profound crises.
Regarding the first challenge of adaptability, internal auditing has failed to keep pace with global trends toward a flattening of traditional, vertical hierarchies of the command-and-control variety, and their replacement with complex patterns of horizontally distributed accountability and social trust.
Our trust in traditional institutions and in politicians, business leaders and the cultural elite is eroding. We are increasingly placing trust in non-hierarchical networks, both digital and human.
And where trust has been displaced, flows of accountability adapt accordingly. The emergent patterns of accountability and social trust are so far-reaching that they threaten to leave internal auditing marooned, like a shipwreck, in the detritus of history.
Internal auditing is therefore at a crossroads, both practical and conceptual. The most demanding needs of accountability and social trust increasingly fall into three domains – in the inner workings of organisations; in transitional spaces at organisational boundaries; and in extra-mural activities.
Internal auditing remains fixated on the innards of traditional, bureaucratic structures and is ill-positioned to address the assurance demands arising at both the liminal spaces at the fringes of formal organisational structures and from locations beyond institutional boundaries.
The peripheral and external domains are characterised by an absence of clear markers of responsibilities, and by fast, flexible and disorienting flows of accountability that bear little resemblance to the shape of traditional bureaucracy.
Their records of accountability are typically digital rather than tangible, and the significance of their assurance demands defies easy evaluation. Importantly for our analysis in this book, we encounter the new patterns of accountability and social trust where the writ of internal auditing, as well as external auditing, runs weakest.
The versatility of both internal and external auditing is hampered by restraints. The external auditor’s opinion on an organisation’s annual financial statements once satisfied the assurance needs of traditional hierarchies of accountability and social trust, but it is ill-equipped to meet the demands of the emergent, horizontally distributed accountability paradigm.
In contrast to external auditing, internal auditing’s activities are framed in more elastic terms, and internal auditing therefore offers, on paper at least, a greater scope for adaptation.
Yet internal auditing, like external auditing, faces an uncertain future, owing to the need for the types of reform without which the necessary agility and adaptation are unlikely to develop.
At this point, a word of caution is in order. Even amid the newly emerging patterns of horizontally distributed accountability, bureaucratic organisations characterised by command-and-control structures will continue to exist.
A demand for external and internal auditors’ services will therefore remain, as long as stakeholders continue to be interested in financial statements and in the inner workings of organisations.
But the real action on accountability and social trust will increasingly be found elsewhere on the fringes of organisations and in extra-mural locations. Already, assurance is becoming increasingly piecemeal.
We can expect the emergence, in the near future, of innovative, diffuse assurance mechanisms to address the pressing demands of the new patterns of accountability and social trust.
Both external and internal auditing therefore face a future of marginalisation as they remain shackled to the outdated frameworks of bureaucratic institutions.
Internal auditing faces not only a challenge of adaptability. It also contends with a second challenge arising from its increasing tendency toward algorithmic and mechanistic activities.
In particular, the dangers arising from a swelling tide of amoral and pedantic literalism in internal auditing are difficult to overstate.
A humane approach to internal auditing founded on creativity, individual judgment, and critical thinking.
In this context, there is a sense of loss that seems an inevitable accompaniment to progress. Or, perhaps more accurately, an accompaniment to misplaced notions of progress.
Internal auditors today have at their disposal vast pools of data, along with powerful technological tools that mine and arrange the data into auditable information.
Technological advances encourage internal auditors to approach well-worn topics in fresh ways and to explore newfangled activities.
Only a Luddite would be hostile to technological advances in internal auditing, from data analytics to the use of drones for the purposes of aerial surveillance of dispersed inventory. But internal auditing’s technological achievements have come at a high cost – as an addictive substitute for critical thinking.
Internal auditors are increasingly gripped by an algorithmic mindset, and they tend to look at technology, not as a means to an end, but as an end in itself.
This technologically driven approach has crowded out arduously gained humane aspects of internal auditing.
The relentless, metallic clatter of technological advance does not therefore necessarily imply improvements in understandings of underlying concepts.
Our collective faith in data analytics and sampling software has created the seductive but dangerous myth that we are better auditors than our predecessors.
We seem unaware that accretions of prowess in data handling and number-crunching often offer little more than illusions of certainty, if not groundless uncertainties.
The technology of internal auditing may progress, but the cogency of the concepts and principles of internal auditing remain enduring.
Diagnostic acumen, analytical rigor, inferential precision, a healthy scepticism, and a resistance to transient faddism are unchanging prerequisites for good internal auditing, and our progressive internal auditing environment now needs them more than ever.
Modern internal auditing does not lack energy. However misplaced, its enthusiasm is in constant motion, exuding an exaggerated sense of industriousness.
But the blustering, frenetic pace of internal auditing today masks an underlying intellectual inertia, a kind of hallucinatory lassitude in which highly agitated activity serves only to endow clockwork routines with decreasing significance.
Beneath whirlwinds of risk assessments, data analytics, and trending buzzwords, and beyond the dubious recommendations that often flow from such mechanisms, we see process increasingly triumphant over substance.
It is at internal auditing’s eerily muted core where the absence of timeless concepts of validity and truth are most keenly felt. A technocratic conformity is descending on internal auditing like a smothering shroud, leaving us with muffled reverberations of futile routines, hollow platitudes, and a steady decline in the public’s trust.
Only a fundamental overhaul of internal auditing’s self-understanding and methodologies, driven by a tempering of its algorithmic mindset, will open the door to a return to a style of auditing marked by creativity and judgment.
Without such an overhaul, internal auditing is unlikely to survive a take-over by automated auditing software and machine-processed artificial intelligence, let alone adapt to the evolving paradigm of accountability and social trust.
About the author
David J. O’Regan has authored nine books on auditing and related themes. A Fellow of the Institute of Chartered Accountants in England and Wales, he earned a doctorate in accounting and finance from the University of Liverpool and his auditing experience spans more than three decades, in the private, public and academic sectors.
O’Regan joined the United Nations system in 2005, working initially at the Organisation for the Prohibition of Chemical Weapons at The Hague in the Netherlands. He has served as Auditor General to the Pan American Health Organization in Washington D.C. since 2009.
For more, see davidoregan.com.
LOADING...