1665351626658793

Robotic Process Automation (RPA) is a technology that automates repetitive, manual, and rule-based tasks in accounting. It has the potential to reduce costs and improve accuracy. However, RPA has limitations and cannot learn from data or make cognitive decisions. Implementation of RPA requires standardization and can be challenging. Internal controls are important to prevent errors and fraud. The COSO framework is used to evaluate internal controls, but it lacks clear guidance on RPA. Companies must navigate how to transfer controls and processes from humans to bots. Failure to establish control mechanisms in RPA can lead to operational inefficiencies and legal violations. RPA is expected to be fully adopted in accounting, requiring accounting experts to become process owners and decision makers. The responsibility for the output still lies with humans. Hi, everyone, and welcome to Hot Topics in Accounting Information Systems and Emerging Technologies in the Accounting Industry with Jessica Reason. This week, we will discuss a technology dominating the accounting sector, robotic process automation, or RPA. RPA usage has become increasingly popular in the last 20 years due to its potential to reduce costs and improve accuracy in accounting processes, yet it has its limitations. We will begin by identifying what this technology is, what it has to offer, and explore possible challenges with its implementation and usage and the adaptation of necessary internal controls. RPA is the use of automation applications that partially or fully perform systemized human activities that are repetitive, manual, and rule-based. Automation is achieved by configuring robots to manipulate data, execute transactions, and communicate with other systems. Robots, or bots, are capable of a range of operations, including handling emails, managing data, processing payments, performing finance audits, and preparing financial closing and report generation. The potential for RPA usage in the finance and accounting sectors is high because of the many tasks that interact with several systems, contain high levels of transaction processing, and require few decisions to be made. However, RPA cannot learn from data patterns, make cognitive decisions, and is only as valuable and helpful as its programming. Implementation of RPA is often saw as a cost-saving tool and a way to ensure higher accuracy by minimizing the need for lower-paid junior associates and reducing human error. However, a primary challenge with RPA is the limitation of cognitive tasks due to the inability to model necessary roles. Instead of reducing the need for human involvement, RPA forces the requirement of higher-paid experts who will be able to monitor, take responsibility, and make decisions that require judgment, which can offset any cost savings. In 2017, it was found that between 30 and 50 percent of initial RPA projects failed due to implementation mistakes. RPA requires process and data standardization that does not contain inconsistencies before algorithms are created. If a process lacks consistency, the bot's output will be negatively affected and can incur financial and legal consequences. Companies that implement RPA must recognize that outside of cognitive tasks, a bot is also going to be unsuccessful with fragmented processes or processes containing paper inputs interfaced with external applications or tend to change. Despite RPA's widespread adoption, companies and managers should fully understand its limitations to prevent inaccuracies and protect a business entity. Internal controls prevent errors and deter fraud through implemented processes designed to protect an organization's assets, provide accurate and reliable information, promote operational efficiency, enforce managerial policies, and ensure law and regulation compliance. The three primary functions of internal controls are prevention, detective, and corrective. They consist of a general category for company-wide issues or an application category if the control pertains to a subsystem or application. A framework developed by the Committee of Sponsoring Organizations, COSO, is the structure the SEC requires management to evaluate internal controls with. The framework contains three categories and five components with physical IT controls. Physical controls are mostly manual controls that oversee authorization, segregation of duties, audit trails, and more. IT controls can be enterprise-level or pertain to a subsystem or application's input, processing, and output. Changes to a company processes, including the implementation of RPA, still require internal controls and should follow the COSO framework to remain compliant. Emerging RPA technology has created a challenge for some companies to remain compliant with COSO framework because there has been a lack of clear guidance regarding leading standards for automation and algorithm design. COSO's latest update occurred in 2017, prior to many of the RPA technologies that are in place today. Some managers have implemented practices aligning with the framework by emphasizing the responsibility for internal controls to lie with humans, not bots. Also, companies are applying IT application controls throughout the bot programming process for input, processing, and output controls. Controls applicable to RPA often fall under preventative controls where humans, typically process owners, are necessary and responsible for detective controls and implementing corrective controls. Companies utilizing RPA must navigate and understand how to properly transfer internal controls and processes intended for a human worker to a digital worker. In research from Zaloni, failure to create oversight and control mechanisms in an RPA environment can lead to operational inefficiency, financial loss, negative impact on the company's integrity, reputation, or employee morale, and violation of laws and regulations. Establishing internal controls for RPA to align with the COSO framework as much as possible is essential to the integrity of the technology and protection of the company. RPA is an emerging and evolving technology expected to be fully adopted in the accounting and finance sector soon. With most junior associate positions becoming automated, there is a need for accounting experts with information system knowledge and experience to become process owners and high-level decision makers. Part of that knowledge includes understanding the importance of internal controls and RPA applications to maintain compliance with the COSO framework. While most of the mundane, time-consuming tasks are completed by bots, the responsibility of the output still remains with the human. Thank you so much for joining me this week to discuss robotic process automation. Be sure to tune in to next week's podcast for another hot topic in accounting information systems or emerging technologies in the accounting industry.