Vaktechnische Publicaties

Hoe meet je cultuur en gedrag? Hoe gaan we om met de toenemende invloed van IT? En wat is de oplossing voor de schaarste op de arbeidsmarkt? In de auditwereld is verandering een van de weinige constanten. Iedere organisatie zoekt op haar eigen manier naar de antwoorden op deze vragen. Daarbij staat elke discipline voor eigen uitdagingen: de accountant in business, de openbaar accountant en de interne en overheidsaccountant. Welke ontwikkelingen zien zij? Hoe spelen ze hierop in? En hoe ziet de toekomst van het auditvak eruit? De afgelopen tijd vroegen we een aantal vooraanstaande professionals met een auditachtergrond naar hun visie. Het resultaat: vier verhalen die – ieder vanuit een eigen perspectief – een interessante inkijk in een veranderende wereld bieden. Dat de kijk op de ontwikkelingen per discipline en per persoon verschilt, bleek overduidelijk toen we het onderwerp ‘beroepseed’ ter sprake brachten. De meningen over de invoering hiervan liepen uiteen van ‘onzin’ tot ‘een goede zaak’. Hoe dan ook: voor 1 mei 2017 moet elke accountant de beroepseed hebben afgelegd. Het is een van de 53 maatregelen die het vertrouwen in de beroepsgroep moeten herstellen. Naast alle trends en ontwikkelingen in het vakgebied zelf, gebeurt er ook veel op de arbeidsmarkt. Audit is voor Yacht Finance een focusgebied en een discipline waarin we veel expertise hebben, ook vanwege de alsmaar toenemende schaarste op de arbeidsmarkt. Daarbij zetten we vooral in op de combinatie van audit en finance & control. Enerzijds omdat onze opdrachtgevers veel baat hebben bij professionals die beide beheersen, anderzijds omdat juist deze combinatie medewerkers een unieke positie op de arbeidsmarkt geeft en carrières in een stroomversnelling brengt. Hoe de nieuwe realiteit er precies uitziet weet niemand. Toch tekenen de contouren zich langzaam af. Graag nemen wij u in deze whitepaper mee in de ontwikkelingen, uitdagingen en vraagstukken in de auditwereld. 

Given expectations for slow growth and economic and political uncertainty, technology advances and business model disruption, cyber threats, greater regulatory scrutiny, and investor demands for transparency, it’s hardly surprising that most audit committees around the world point to risk management as the top challenge facing the company in the year ahead. More than 40 percent of respondents say their risk management systems require substantial work. Audit committees, by and large, continue to express confidence in financial reporting and audit quality; yet, along with risk management, our 2017 Global Audit Committee Pulse Survey highlights ongoing concerns about legal and regulatory compliance, managing cyber security risk, and managing the control environment in the company’s extended organization. Of the more than 800 audit committee members responding to our survey, nearly 4 in 10 said the committee’s effectiveness would be most improved by having a “better understanding of the business and key risks,” while nearly a third said additional expertise related to technology or cyber security would be helpful. Overall, audit committees are largely satisfied that their agendas are properly focused on legal and regulatory compliance issues, maintaining internal controls over financial reporting, and key assumptions underlying critical accounting estimates. However, they see room for improvement when it comes to focusing on CFO succession planning, talent and skills in the finance organization, tone at the top and culture, and aligning the company’s short- and long-term priorities. Most audit committees say their organizations have a long way to go in their efforts to implement major new accounting standards. Fewer than 15 percent report a clear implementation plan for the new revenue recognition standard, and fewer than 10 percent reported a clear plan for implementation of the new leasing standard. And of those whose companies are affected by the Organisation for Economic Co-operation and Development’s (OECD) country-by-country tax reporting, many expressed concern about the lack of clarity or communication with their committee on that issue. Survey respondents also cited ongoing opportunities to improve their company’sability to manage cyber risks. Of course, these challenges will vary by company and by country (and it is difficult to compare data from 15 countries, often with markedly different business environments, regulatory requirements, and corporate governance practices). But our survey findings offer insights that audit committees around the world can use to sharpen the committee’s focus, benchmark its responsibilities and practices, and strengthen its oversight.

Competing in a rapidly changing world, companies must grapple with emerging challenges seemingly every day: cyber threats, emerging and potentially disruptive technologies, business performance risk and more. In this increasingly complex environment, Internal Audit (“IA”) has a crucial role to play to help the organization in managing risks associated with these diverse business trends. This is also in line with the UK and Dutch Corporate Governance Codes. An impactful IA function will stay current with these wide-ranging business issues as they emerge so it can help monitor related risks and their potential effects on the organization. To provide the greatest value, IA must find opportunities to challenge the status quo to reduce risk, improve controls and identify potential efficiencies and cost benefits across the organization. To help IA functions achieve these goals, KPMG surveyed IA functions from companies in multiple industries globally and in the Netherlands. The result is KPMG Internal Audit: Top 10 Considerations for 2017, which outlines areas where IA should focus so it can effectively add value across the organization and maximize its influence on the company. Top 10 Considerations for 2017: Cybersecurity Culture/Soft Controls Integrated Assurance Regulatory compliance Third party relationships Anti-bribery/anti-corruption Emerging technologies Data analytics and continuous auditing Performance risk Strategic alignment

The increasing importance of internal audit’s role as the third line of defense in effective risk management and control has raised its visibility both within and outside of the organization. As a result, chief audit executives (CAEs) and internal audit departments are looking for ways to utilize their unique expertise to enhance their value to the overall corporate mission. This leads to the question — asked by all high performing support areas such as finance, human resources, IT, and legal — how can we have a strategic impact on the organization? Internal audit is uniquely positioned to be a strategic partner. With reporting relationships to the chief executive officer (CEO) or other executive officer, audit committee, and the board, high performing CAEs combine intelligence, expertise, diligence, and curiosity in a manner that positions internal audit for a critical strategic role. Despite this, CAEs are not generally recognized for the potential strategic impact that they can have on their organizations. For CAEs looking to elevate the strategic role of internal audit, several questions should be answered to take this next logical and desired step. Does the CAE understand the strategic mission of the organization at a deep level? Does the CAE understand the perspective of the CEO and board and make the effort to become a trusted partner, offering advice and solutions that address key problems? Is internal audit aligned with the strategic mission? Is internal audit anticipatory and proactive (rather than reactive)? Does the CAE provide assurance on risk management? Unfortunately, traditional perceptions of internal auditing can lead to wariness on the part of others to embrace internal audit as a strategic partner. Further, internal audit must balance the independence that is required for its role against the level of involvement in the tactical duties necessary to achieve the organization’s goals. After all, it is the mandate of internal audit to assess these tactics. But proactively addressing these challenges can lead to a real opportunity for internal audit to be recognized as a strategic partner and contributor.

Global macroeconomic uncertainty and rock-bottom interest rates, soaring regulatory expectations, cybersecurity threats and attacks, legacy information technology (IT) systems, Fintech, blockchain, and other disruptive innovations are all examples of the staggering collection of market and regulatory challenges that confront the financial services industry (FSI), making it the most demanding sector in which internal auditors operate. Amid the industry’s growing macroeconomic, regulatory, procedural, and technological complexity, internal audit within FSI must fulfill its core mission of delivering assurance excellence. Yet, internal auditors must do more. Effective assurance alone no longer guarantees success. This is an important message conveyed by FSI participants in the 2015 Global Internal Audit Common Body of Knowledge (CBOK) Stakeholder Survey. The results of this global survey of stakeholders— specifically, the results from the responses of executives and board members who work closely with internal auditors—reveal best practices that internal auditors in FSI should consider in their quest to continually improve performance and deliver more value to their organizations. Among the key findings: Internal audit reporting structure, the chief audit executive’s (CAE’s) relationships with the boards and the executive teams, and the entire function’s communication skill and style represent key success factors. Assurance is paramount. The consultative, value-added work that stakeholders clearly want auditors to deliver cannot detract from assurance. Assurance work is most valuable when it is aligned with the strategic risks of the organization and provides credible challenges to the effectiveness of risk management activities within the organization. CAEs and internal auditors should convey both good and bad news while exerting their influence to focus attention (at the board level and throughout the organization) on specific risks. CAEs also should possess the authority necessary to elevate and communicate strategic issues quickly to executive management and the board. Stakeholders expect internal audit to assess governance effectiveness and to monitor the values and behaviors that influence the organization’s risk culture. Stakeholders believe that internal audit should take on a more active role in assessing and evaluating the organization’s strategic risks and emerging risks