Saturday, September 30, 2017

CPAOne: AI, Analytics and Beyond

Attended the CPA One Conference almost two weeks ago in Ottawa, Ontario. Given that my space is in audit innovation, I attended the more techno-oriented presentations. Here's a summary of the sessions that I attended:

"Big data: Realizing benefits in the age of machine learning and artificial intelligence": The session was kicked off by Oracle's Maria Pollieri. The session delved deep in the detail of machine learning and would have been beneficial to those who were trying to wrap things around thing more from a technical side. She was followed up by Roger's Jane Skoblo. She mentioned a fact that really grabbed my attention: when a business can just increase its accessibility to data by 10%; it can result in up to $65 million increase in benefits.

The next day started with Pete's and Neeraj's session on audit automation, "Why nobody loves the audit". They want over a survey of auditors and clients on the key pain points of the external audit. It turns out that these challenges are actually shared by both. For example, clients lack context on "the why" things are being collected, while auditors found it difficult to work with clients who lacked such context. On the data side, clients have hard time gathering docs and data, while the auditors spent too much time gathering this information. From a solutions perspective, the presenters discussed how Auvenir puts a process around gathering the data and enables better communication. This will be explored in future posts when we look at process standardization as a key pre-requisite to getting AI into the audit. 

The keynote on this day was delivered by Deloitte Digital's Shawn Kanungo, "The 0 to 100 effect". The session was well-received as he discussed the different aspects of exponential change and its impact on the profession (which was discussed previously here). One of the key takeaways I had from his presentation was how a lot of innovation is recombining ideas that already exist. Check this video he posted that highlights some of the points from his talk:



Also, checked out the presentation by Kevin Kolliniatis from KPMG and Chris Dulny from PwC, "AI and the evolution of the audit". Chris did a good job breaking down AI and made it digestible for the crowd. Kevin highlighted Mindbridge.ai in his presentation noting the link that AI is key for identifying unusual patterns.


That being said, the continuing challenge is how do we get data out of the systems in manner that's reliable (e.g. it's the right data, for the right period, etc.) and is understood (e.g. we don't have to go back and forth with the client to understand what they sent).

Last but not least was "Future of finance in a digital world" with Grant Abrams and Tahanie Thabet from Deloitte. They broke down how digital technologies are reshaping the way the finance department. As I've expressed here, one of the keys is to appreciate the difference between AI and Robotic Process Automation (RPA). So I thought it was really beneficial that they actually showed how such automation can assist with moving data from invoices into the system (the demo was slightly different than the one that can be seen below, but illustrates the potential of RPA). They didn't get into a lot of detail on blockchain but mentioned it is relevant to the space (apparently they have someone in the group that specifically tackles these types of conversations).


Kudos to CPA Canada for tackling these leading-edge topics! Most of these sessions were well attended and people asked questions wanting to know more. It's through these types of open forums that CPAs can learn to embrace the change that we all know is coming.

Author: Malik Datardina, CPA, CA, CISA. Malik works at Auvenir as a GRC Strategist that is working to transform the engagement experience for accounting firms and their clients. The opinions expressed here do not necessarily represent UWCISA, UW, Auvenir (or its affiliates), CPA Canada or anyone else

Monday, September 25, 2017

Will the iPhone's blue ocean strategy work?

Apple unveiled its much-anticipated iPhone upgrade - the iPhone X - earlier this month.

The following video is a splashy summary of what the phone offers:


The following video has Jony Ive's voice-over and gives a bit more about the actual technology behind everyone's favourite iDevice:



The most interesting feature for me was the augmented reality piece. With the success of Pokemon Go, the business opportunity is just waiting to be exploited. However, there seems to be more work that needs to be done for it is ready for mass consumption.

Perhaps, the following Funny or Die "review" of the release summarizes the sentiment out there:



But is it fair?

It's definitely not the wow of the first iPhone or iPad release. It feels incremental. However, Wall Street Journal has a different theory: Apple is targeting the Chinese "elite" who would want such a phone because of the status it affords:

"The iPhone X design has raised hopes that it can reverse Apple’s fortunes in China, Apple’s most important market outside the U.S., where sales have fallen six straight quarters.

“The high-end Chinese phone market is super competitive and customers are very discerning but also enthusiastic,” said Benedict Evans, a partner at Andreessen Horowitz, a venture-capital firm. “If Apple can get something that rings the bell [with them], then this will work.”"

This could be a blue ocean strategy at work (see the video below for more).

The idea of a blue ocean strategy is that instead of competing in the blood-soaked waters of intense competition companies migrate to the blue ocean where there is no competition or where the existing competition doesn't matter. 

Let's face it.

Either we're guilty of lining up for one of those iDevices - or know someone who did/does. But at the same time, there are no big line-ups for Microsoft or Samsung computing devices. This uniquely positions Apple is to capitalize on its brand - while others are left fighting in the red oceans on product features and price.




Author: Malik Datardina, CPA, CA, CISA. Malik works at Auvenir as a GRC Strategist that is working to transform the engagement experience for accounting firms and their clients. The opinions expressed here do not necessarily represent UWCISA, UW, Auvenir (or its affiliates), CPA Canada or anyone else

Wednesday, September 13, 2017

Bitcoin clampdown: Towards a corporate-cryptocurrency?

WSJ reported that the Chinese government was working to shut down Bitcoin exchanges:

"China’s central bank together with other regulators has drafted instructions banning Chinese platforms from providing virtual-currency trading services, according to people familiar with the matter...regulators told at least one of the exchanges that the decision to shutter them has been made, one of the people said. Another said the order may take several months to implement."
China, however, is not the only has such issues with cryptocurrency. The US also has limited the use of Bitcoin by taxing it as a capital gain:

"Capital-gains tax rules could make using bitcoin as a currency a logistical nightmare. It meant that when U.S. citizens filed taxes, they had to account for every single bitcoin acquired, sold, or used for purchases, and the prices and dates at which those transactions happened. If you purchased 0.5 bitcoins at $360 in April 2014 and sold them for $645 on June 9, you’d have to declare that gain as a taxable event in 2015. Fair enough. But did you have to account for swings in the value if you used your bitcoin to purchase a vacation on Expedia or to order a pizza? The IRS’s move seemed to undermine bitcoin’s potential for use as a currency." Vigna, Paul. The Age of Cryptocurrency: How Bitcoin and Digital Money Are Challenging the Global Economic Order (p. 260). St. Martin's Press. Kindle Edition. 

However, the key regulatory action against Bitcoin came from the FDIC and DOJ:

"bitcoiners would report that agents from the Federal Deposit Insurance Corporation, the body charged with cleaning up failed banks so that insured depositors can be kept whole, were pressuring bank compliance officers not to work with bitcoiners. It’s hard to verify this claim. The FDIC had long communicated its concerns to bankers over supposedly high-risk categories of merchants, and bitcoin businesses were told by bank compliance officers they were included in those groups...

The U.S. Department of Justice, too, sent banks messages that contradicted FinCEN’s accommodating message. In 2013, the DOJ launched an initiative known as Operation Choke Point, in which it investigated banks dealing with merchants in businesses that weren’t necessarily illegal but were considered high fraud risks. Miami-based lawyer Andrew Ittleman, who has become something of an accidental expert on the subject, told us that Operation Choke Point now occupied most of his time and that primarily his clients were legal providers of bitcoin services and medical marijuana, along with a few pornographers and gun dealers. The law was having a chilling effect: banks might not be breaking the law by servicing such businesses, but the risk of an audit from the DOJ was enough to dissuade them from doing so. Ittleman fought hard for his clients, who were denied a vital instrument of financial access, but it was an uphill battle. The matter, he said, should be taken up to the Supreme Court by civil rights activists such as the American Civil Liberties Union." (ibid p. 258-259)

Why are governments so worried about Bitcoin?

The WSJ article cited above gives a clue:

"Beijing’s crackdown on bitcoin is part of a broader effort to root out risks to the country’s financial system. Officials earlier this year circulated a draft of anti-money-laundering rules for bitcoin exchanges, a powerful warning, even though the regulations were never formalized, according to people familiar with the matter...Virtual currencies in theory allow holders to bypass China’s traditional banking system to move money outside its capital-controlled borders. That could make it more difficult for Chinese regulators to maintain a tight grip on the yuan." [Emphasis added]

Cryptocurrency has its roots in the anarchist activists and others who saw Bitcoin as a way to challenge the power of banking sector. Given that Bitcoin had its debut during the Financial Crisis, it may have been reasonable to believe that there would be sufficient groundswell to believe that the cryptocurrency would gain popularity.

However, popularity in the realm of currency and capital is not sufficient to change institutional realities of societies. 

The reality of societies today is that financial institutions, and corporations more broadly, represent institutions that keep the society together. Since they hold the keys of the society, ultimately they will control the change that will proliferate through society. And something that undermines the ability of the society's today to control capital flows is pretty much a national security issue - and can expect a response that reflects that reality. In other words, it was reasonable to expect the Empire to Strike Back as they did. 

Can we ever expect a corporate-sponsored cryptocurrency? 

Given the way power works, the only ones that can really challenge banks' hegemony are other corporations. For example, Walmart teams up with generic drug makers (in competition with expensive brand-name alternatives) to reduce the healthcare benefits they pay to their employees.

One requirement would be to have direct access to customers so they can actually convert their cash into that digital currency. For example, online realtors are dependent on banks and their electronic payment networks to essentially get cash into the system. 

So likely a retailer alliance could be something that poses a challenge to banks and their networks. 

Amazon already has Amazon Coin, but I think that if they teamed up with Walmart you would have something that basically has wide acceptance. And that's when the games will begin.

Retailers also have an incentive to cut-out the banks and save those credit card fees. However, for this to have user acceptance the retailers would need to give their consumers a cut. 

But would this be a true cryptocurrency? 

Such a currency would likely take a permissioned or private blockchain route. Essentially, there will be a need for 'independent verifiers' (instead of miners) that will ensure that the transactions are properly accounted for. This is likely cheaper than using miners which are costly in terms of the energy costs that have to be paid

Although I think external auditors could play the role of the independent verifier, these systems can be highly automated and an assurance model can be developed where you have real-time assurance as the source documents would be digital. This is assuming that the cryptographic keys can be relied on for such a purpose and auditors are able to get "effortless" access to such evidence and systems. So it may lead to a renaissance in the audit but may help auditors realize their potential within the field of audit data analytics and more broadly as data scientists. 

This speaks to one of the key aspects of automated audits that I raised in this post. As promised, my plan is to delve deeper on this topic, where we can look at how blockchain can facilitate AI or automated audits. 

Ultimately, banks play a critical role in extending credit which essentially makes them gatekeepers of the consumer economy. However, other companies, largely the tech sector, are hoarding cash:

Courtesy of Business Insider

So the question is whether these non-banks could move into bank territory. For example, Rogers Wireless (cell phone provider) is also a bank. That being said, it likely won't be a revolution but could be something that evolves over time that steadily erodes bank power. However, that would mean that the banks would take this lying down and I don't think that the Empire will go out without a fight.

Author: Malik Datardina, CPA, CA, CISA. Malik works at Auvenir as a GRC Strategist that is working to transform the engagement experience for accounting firms and their clients. The opinions expressed here do not necessarily represent UWCISA, UW, Auvenir (or its affiliates), CPA Canada or anyone else

Monday, September 11, 2017

Serendipity: Beyond the reach of Robot Professionals?

Came across a story about how Dr. Behfar Ehdaie at Memorial Sloan Kettering Cancer Center was figuring out how to deal with the emotions that come with a discovery of prostate cancer. His novel solution gives may give us some insights into the limits of robots in the professional world.

What he found was that his patients opted for radical treatments, such as surgery or chemotherapy, that resulted in side-effects that actually ended up being more harmful. To use a cliche, the cure was worse than the cancer.

For such patients, "the medical consensus is that active surveillance often is the appropriate treatment for small early tumors". Of course, such an approach is not risk-free, but the problem is that "despite the data showing that this approach is safe, about 50% of eligible men don’t get it either because they turn it down or their physicians don’t embrace it. Medical experts say many men have been overtreated, as their cancers probably posed little immediate danger."

What was his solution?

Negotiate with patients.

As noted in the WSJ article referenced above, he contacted Harvard professor Deepak Malhotra who had authored an article on the topic to develop strategies on negotiating with the patient. Leveraging lessons from behavioral economics was to make monitoring the anchor instead of surgery or chemo. Dr. Ehdaie and professor Malhotra devised a lecture that was delivered to doctors to help them learn from Dr. Ehdaie's successes with this approach.

But what does this have to do with limits of robot-professionals or robopros?

When it comes to cancer treatment and robots, one can't complete the conversation without mentioning IBM's Watson "Oncology Edition". In fact, IBM has a partnership with the same Memorial Sloan Kettering Cancer Center that Dr. Ehdaie works at. Here is a promo-video that speaks to the promise of Watson:



The key to understanding the limits to robot-professionals is the backstory on how Dr. Ehdaie first decided to explore negotiations a way to deal with the issue.

This is where serendipity comes to play.

He was exposed to such concepts with discussions with his wife who is an MBA. Meaning that he went beyond the cancer treatment journals and then discovered a non-standard approach to dealing with a problem. Robots are not good at this. Machine-learning and AI is only good as what you teach it. Even "simple" tasks require thousands of man-hours to train such algos. Perhaps this can be overcome, but currently, it is a real limitation of AI.

Does this make humans indispensable?
Really depends on the objectives that govern the profession and the organizations that hire them.

If it's about cost-cutting and making the process efficient and streamlined, robots are perfect creating a fossilized bureaucracy that is resistant to change. Think about how financial institutions have yet to overhaul their ancient banking systems coded in COBOL:

"In the United States, the financial sector, major corporations, and parts of the federal government still largely rely on it because it underpins powerful systems that were built in the 70s or 80s and never fully replaced."

Similarly, if Dr. Watson replaces a large component of the diagnostic process it would become hard to dislodge it from the cancer treatment process.

On the other hand, if organizations recognize the value of human beings in being important to overall objectives of the profession - patient care, audit quality, etc. - then human judgment must be hardwired into the organization's DNA to avoid the development of such an inflexible system.

Author: Malik Datardina, CPA, CA, CISA. Malik works at Auvenir as a GRC Strategist that is working to transform the engagement experience for accounting firms and their clients. The opinions expressed here do not necessarily represent UWCISA, UW, Auvenir (or its affiliates), CPA Canada or anyone else

Saturday, September 9, 2017

AI and the Audit: What does a robot need to audit your numbers?

In the previous post, we examined the value propositions that Appzen's AI brings to auditing expense reports.

In this post, we analyze what insights we can extract from Appzen when it comes more broadly to applying AI to the external financial audit.

The following gives a refresher on how the Appzen AI audit works:




Based on this we look at a number of factors that exist in this process to develop

Standardized process:
The expense report process that has been fairly standardized for over a decade: employees submit a digitized report of what they spent, expense codes, commentary and all the supporting documentation (e.g. receipts, invoices, etc.).  This is similar to how factories needed an assembly line before they could be automated.

Standardized capture and presentation of audit evidence:
I think this is a key piece: the actual audit evidence (i.e. receipts) must also be included in what's submitted to the auditor. As the evidence is provided in a standardized format, it enables machines to analyze these digitized source documents to run the necessary correlative models to run the risk scores and enables the automated analysis.

Audit evidence retains its chain of custody through the digitization process:
The auditor does not need to expend additional resources verifying that the evidence actually relates to the item being audited, nor do they have to expend additional resources ensuring that the independence of the evidence wasn't lost through digitization process. For example, when receiving a bank confirmation the auditor needs to ensure that this received directly from the bank and not the client.

Evidence provider identity is verified and contractually obligated to follow-up with the auditor:
The party submitting the audit evidence, the employee, has been verified in the system through the employee onboarding process. The implication of this is that the auditor doesn't have to expend audit resources confirming the identity of the evidence provider. Secondly, and perhaps more importantly, the auditor doesn't have to expend significant resources following up with the evidence provider. For example, not all customers will respond to accounts receivable confirms and then auditor will have to perform alternate procedures.

Evidence provider has incentives to produce the proper evidence: 
The previous point is closely related to the issue of incentives: if the employee fails to provide evidence then they will not be reimbursed. This puts a strong incentive on the employee to provide the evidence in a timely manner.

Provider of the evidence is trained on providing evidence:
The employee has been trained to provide complete, accurate and valid evidence. They also have access to help if they have issues with submitting expense receipts or understanding whether that evidence will be accepted.

Violations can be clearly defined and examples of violations can be taught to the system:
For fraud or errors to be flagged there needs to be rules that can be fed into the system to identify whether the item submitted needs further review or audit. For example, if the amount on the receipt doesn't match this would be flagged and has a high likelihood of error. But more importantly,  the examples of violations identified can be fed into the system to teach the system (via machine learning) what to look for.

In a future post, we will use these factors to look at how easily (or not) AI can automate financial audits.

Author: Malik Datardina, CPA, CA, CISA. Malik works at Auvenir as a GRC Strategist that is working to transform the engagement experience for accounting firms and their clients. The opinions expressed here do not necessarily represent UWCISA, UW, Auvenir (or its affiliates), CPA Canada or anyone else

Tuesday, September 5, 2017

AI and the Audit: Why hire a Robot as your Auditor?

On this blog, we've covered the topic of exponential change and how audit/accounting is prone to such forces.

Despite this, I am tempted to say financial auditing is different. It's not like factory work or more controversially like the pharmacist profession where AI claims to offer a safer alternative to dispensing medication.

But does that make me just one of the people who think that their profession is unique because they are in the midst of seismic change but refuse to see the writing on the wall?

At the same time, I don't want to come across as an alarmist claiming that the world is going to end when it really isn't.

It's the challenge of nuance.

While trying to figure out how to tackle this challenge, I came across AppZen; an app that uses artificial intelligence to audit expense report. It was identified in this post as being one of the game-changers in the fintech scene and was also featured in Accounting Today.

According to the company's website, the application "combines computer vision, deep learning, and natural language processing to understand the full context of expenses, not just amounts, dates, and merchant names. ReceiptIQ detects unauthorized charges in real-time from receipt images, boarding passes, travel documents, cell phone bills and any other expense documentation. Cross-checks expenses in real-time against thousands of external and social sources to determine if they are legitimate and accurate... Real-time identification of unauthorized upgrades in airlines, hotels and car rentals as well as out of policy claims for hotel laundry, alcohol purchases, cell phone charges and more."

Reviewing the company's video, I was able to extract the following value propositions:
  • "100% Testing":  I put it in quotes on purpose because the idea is that the whole population is analyzed but only the high-risk ones are further analyzed. That is, this is still "examining on a test basis" but uses a risk based approach to identify what reports should be further examined. This is in contrast to the manual approach of sampling.  
  • Automated exception analysis: Closely connected to the previous point, but to emphasize that there is an automated review of the population.
  • Real-time analysis: Reports can be analyzed instantaneously. Although not explicitly identified in the video, this could have real world savings. Faster reviews - leading to faster reimbursement to employees - could reduce the overall amount owing on corporate credit cards thereby offering more favourable position with the credit card companies. 
  • Seamless integration into existing processes: Add-on to an existing process is a much easier sell than an app that requires replacing the existing app you may have just bought.  
  • Use of external data: The app uses 100s of external data sources to develop. It seems that this assists in building an expectation of whether the expense needs further analysis. 
  • Limited false positives: Not explicitly stated, but it is strongly implied that the number of reports that need to be reviewed is few - meaning it's not flagging reports that are valid.   
  • Reduction of audit costs and fraud: Finally, the app promises greater efficiency in the use of audit resources deployed and greater effectiveness in catching fraud. 
When looking at these benefits of AI-enabled automation, they are based on certain assumptions that may exist in the expense report realm but not in the external audit realm. For example, accounting records at a company are not normally accompanied by a digitized copy of the source document (e.g. invoice, receipt, etc.) that provides evidence of its validity, accuracy, etc. of that accounting entry. 

So which of these assumptions applies in the world of external financial audits? 

This will be the topic of the next post where I will develop a list of factors that enabled expense report to by automated by AI and see if they apply to our world. 


Author: Malik Datardina, CPA, CA, CISA. Malik works at Auvenir as a GRC Strategist that is working to transform the engagement experience for accounting firms and their clients. The opinions expressed here do not necessarily represent UWCISA, UW, Auvenir (or its affiliates), CPA Canada or anyone else