Auditors in a world of AI and automation - the challenge
Unprecedented ethical challenges pertaining to AI, automation, and data security have descended on the world of assurance and auditing. This is a fact.
If there’s any profession that must play a leadership role in the monitoring of AI technologies and data automation, it should be the auditing profession. We have a unique place to take as ethical norms, business ethics, and corporate social responsibility undergo rapid transition. Auditors must take their place to prevent ethical missteps and the degradation of moral principles in business.
Is the auditing profession prepared to deal with this onslaught of problems affecting ethical values and ethical guidelines? Now, that’s another question.
In this article, we will examine the ethical implications of the new technologies redefining the modern landscape and the ethical dilemmas they might bring to the auditing profession.
The role of regulatory bodies in emerging ethical standards
Perhaps some comfort can be found in the fact that professional bodies are fastidious about maintaining an ethical framework for the auditing profession.
The International Federation of Accountants (IFAC), along with its supporting bodies such as the International Auditing and Assurance Standards Board (IAASB), the International Ethics Standards Board for Accountants (IESBA), and the Transnational Auditors Committee (TAC), actively manage ethical issues by sending out exposure drafts, consultations, and pronouncements.
Let’s examine 4 critical issues that will affect ethical standards in the next few years.
4 Evolving Ethical Standards Affecting Auditing
Data Privacy and Security
In the UK, there have been several significant developments in the field of auditing, particularly concerning data privacy and security. These developments reflect the global trend towards a more rigorous approach to these issues within the audit profession.
Key areas of focus include:
Adoption of GDPR: The General Data Protection Regulation (GDPR) has had a significant impact on how auditors handle personal data. UK auditors must ensure compliance with GDPR, which includes obtaining proper consent for data processing, ensuring data minimisation, and reporting data breaches promptly.
Financial Reporting Council (FRC) Guidelines: The FRC oversees auditors in the UK and has issued guidelines emphasising the importance of data security and confidentiality in auditing. This includes expectations around the ethical handling of client information and implementing effective cybersecurity measures.
Institute of Chartered Accountants in England and Wales (ICAEW) and ACCA: These professional bodies have provided their members with guidance on navigating the complexities of data privacy and security. They offer resources and training to help auditors understand their responsibilities under the law and best practices in data management.
Focus on Cybersecurity Auditing: There's an increased emphasis on the role of auditors in assessing and reporting cybersecurity risks within their clients' organisations. This involves not only understanding the technical aspects of cybersecurity but also how these risks impact financial reporting and controls.
Regulatory Scrutiny and Reporting Requirements: UK auditors are under increased scrutiny from regulators regarding their role in ensuring data integrity and security. This includes more rigorous reporting requirements and audits of their own data handling practices.
Technological Advancements: The adoption of new technologies in auditing (like AI and data analytics) has led to a need for updated standards and guidelines to address the ethical challenges posed by these technologies.
Brexit Implications: Following Brexit, there has been a focus on how UK-specific regulations will align with or diverge from EU standards, including those related to data privacy and security.
AI and Automation
Integrating artificial intelligence (AI) and automation in auditing brings several ethical challenges to the forefront. Admittedly, it will require careful planning to regulate the dangers of rapidly evolving digital technology, and auditors should start thinking about how the following ethical principles will affect their field.
Transparency and Explainability
AI systems, especially those based on complex algorithms, can be opaque, making it difficult to understand how they arrive at certain conclusions or decisions. This lack of transparency can be a significant issue for auditors who need to ensure that audit decisions are explainable and justifiable. Auditors will begin to play a huge role in maintaining the same ethical standards that businesses are accustomed to, even as AI systems become more powerful and complex.
Bias and Fairness
AI systems are only as unbiased as the data they are trained on. There is a risk of inherent biases in these systems, which can lead to unfair or skewed outcomes. Auditors need to be aware of these potential biases and take steps to mitigate them.
Dependence on Technology
The increasing reliance on AI and automation can lead to a reduction in human judgment and oversight in the auditing process. Auditors need to maintain a balance between technological assistance and professional scepticism.
What ethical behavior means in a world where humans are largely dependent on information provided by machines will remain a big talking point in the years to come. This will include issues like responsibility for the accuracy of the information and its effect on business processes and integrity.
Data Privacy and Security
AI systems often require large datasets, which raises concerns about data privacy and security. Auditors must ensure that they and their AI systems comply with data protection laws, such as GDPR.
In response to these challenges, UK regulatory bodies and professional organizations have been developing guidelines and frameworks:
- Financial Reporting Council (FRC): The FRC has recognized the importance of AI in auditing and is exploring ways to incorporate AI governance into its audit quality reviews. Informed consent by participating stakeholders will likely be high on the agenda when these changes are implemented.
- ICAEW and ACCA: These bodies provide resources and guidance on ethical considerations when using AI in auditing, emphasizing the importance of maintaining professional skepticism and judgment.
Non-financial reporting in the UK, encompassing areas like sustainability, environmental impact, social responsibility, and governance (ESG), is gaining significant importance. With this growing focus, several emerging ethical considerations are coming to the forefront for auditors and firms:
Accuracy and Reliability
Ensuring the accuracy and reliability of non-financial information is a primary ethical concern. Auditors are tasked with verifying that such reports are truthful and not misleading, which can be challenging due to the qualitative nature of some of this information.
Transparency and Disclosure
There is an increasing demand for transparency in how companies report their non-financial activities. Ethical considerations involve determining what should be disclosed and ensuring that the disclosures are comprehensive and understandable to stakeholders.
Recent Regulatory Developments and Guidance in the UK
- UK Corporate Governance Code: This code emphasizes the importance of accurate and clear reporting on non-financial matters, including environmental and social issues.
- Financial Reporting Council (FRC) Guidance: The FRC has issued guidance on non-financial reporting, particularly relating to ESG matters, to ensure that such reporting is meaningful and aligns with broader corporate governance goals.
- Task Force on Climate-related Financial Disclosures (TCFD): The TCFD's recommendations, which are gaining traction in the UK, focus on consistent disclosures about climate-related financial risks.
- Professional Bodies (ICAEW, ACCA): These bodies provide resources and training to help auditors navigate the ethical complexities of non-financial reporting, emphasizing the need for integrity and professional skepticism.
Increase in cross-border auditing
The increase in cross-border auditing activities has led to new ethical standards in the UK, reflecting the complex nature of operating in multiple jurisdictions with varying regulatory environments and cultural norms. These emerging standards include:
Global Compliance and Regulatory Alignment: Auditors involved in cross-border activities must adhere to not only UK regulations but also those of other jurisdictions. This requires a deep understanding of international auditing standards like the International Standards on Auditing (ISA) and local laws.
Independence and Conflict of Interest: Maintaining independence in cross-border audits is more challenging due to different regulations and potential conflicts of interest. Auditors must navigate these complexities while upholding their integrity and objectivity.
Data Protection Across Borders: With the cross-border transfer of audit data, auditors must comply with various data protection laws, such as the GDPR in Europe and equivalent regulations in other regions. Ensuring client data privacy and security across jurisdictions is a critical ethical issue.
Cultural Sensitivity and Ethical Diversities: Understanding and respecting cultural differences and ethical norms in different countries is crucial. Auditors must ensure that their practices are culturally appropriate and ethically sound in every jurisdiction.
Quality Control and Consistency: Ensuring consistent audit quality across different countries is a significant challenge. Auditors need to apply a uniform standard of quality while adapting to local requirements.
Implications for UK Auditors
UK auditors must stay informed about the evolving landscape of cross-border auditing. This includes continuous professional development, staying abreast of regulatory changes, and understanding the nuances of auditing in different jurisdictions. Firms may also need to invest in specialised training and resources to equip their auditors for these challenges.
How should auditors respond to emerging ethical challenges?
It’s safe to conclude that business has never seen the rapid evolution of technology the way it is about to see it. If the AI predictions turn out to be more than just grandiose talk by the developers, then we are in for some interesting times.
We stated earlier in the article that the auditing profession should take a leading role in these developments as the regulation of technologies becomes vitally important. Society at large is at risk from unethical AI and automation practices as well as data breaches, this has not been a reality in life or business before.
The only way that auditors can respond is to stay abreast of all the issues involved and to do that you need up-to-date information and close contact with the regulatory and professional bodies governing auditing.
At VIVA, we are as committed as the ACCA to providing our students with up-to-date information on emerging ethical standards. We believe that if you teach a student to be heavily involved in professional integrity and moral principles governing the industry, this student will go on to be an ethical auditor and an asset to the companies they work with.
Our AAA course teaches these principles and their application and provides practical examples of how the industry deals with these evolving challenges.