What does continuous monitoring of financial transactions mean?
In short, Continuous Monitoring (CM) of financial transactions is a reporting system that continuously monitors financial transactions and provides timely and relevant (actionable) information for an executive to review and make necessary decisions. This is in sharp contrast to a traditional system that provides monthly, quarterly, or yearly reports.
The value of CM is to provide management greater visibility into timely information on business processes designed to achieve strategic and operational goals. CM quickly identifies processes, or individual transactions, that are deviant (anomalous) from their intended performance and effectiveness targets. This empowers management to focus their attention and resources key areas to improve processes, implement course corrections, address risk, or launch initiatives to better achieve their goals.
There is also Continuous Auditing (CA), which enables internal audit teams to continually analyze processes and gather data that supports auditing activities, including financial transactions. The value of CA is that it enables internal audits to move from sampling accounts and transactions to 100% coverage of accounts and transactions (when and where desired). This means real-time reporting, which has immense value to firms.
Both CM and CA rely on the automatic extraction and accumulation of key transaction information from Enterprise Resource Planning (ERP) systems across an enterprise. This data is kept in a secure, independent data warehouse so consistent analyses can take place across disparate systems and over different time horizons. The CM and CA analytics engines can process huge volumes of transactional data and recognize hidden but troublesome patterns so that these problems could be identified and rectified before they become a crisis. (Taylor, Patrick).
While CM and CA do not need to coexist to be effective, an organization may increase the value of each by implementing both because:
- Implementing CM and CA can integrate management’s responsibility for the performance of controls with internal audit’s responsibility for assurance regarding management’s controls — while preserving the audit’s independence.
- Increasing coordination between management and internal audit in these areas should minimize duplication of controls and efforts.
- Implementing CM and CA can enable the enterprise to adapt more quickly and effectively to changes in the risk and regulatory climate.
CM and CA provide managers and auditors greater visibility into processes, activities, and transactions. The resulting visibility also generates greater transparency for directors, investors, and other stakeholders. This could mean greater investments, positive publicity, and significant cost savings. (Deloitte).
Who would benefit from Continuous Monitoring and Continuous Audits?
CEOs, COOs, and board members who share those executives’ concerns about rising risk, regulation, and costs in large organizations are those who could benefit from CM and CA systems the most. The importance of CM and CA has risen in importance to senior executives and boards, given the events of the past few years and continuing challenges in the financial and business environment. The challenges are ranging from heightened global competitive pressure, more stringent regulations, to pressure to increase revenue, exposure to more aggressive forms of fraud, theft, and cybercrime.
Neither CM nor CA should be viewed as a short-term project, but rather as a commitment to a new, more systematic approach. Further, the investment needed to implement such solutions are often intimidating, especially in today’s resource-strapped environment, and the constant demand for more funding from many competing initiatives. This is why it is very important to view CM and CA in the proper context of the organization’s overall risk management efforts at the operational level. The executives in charge of allocating resources to the initiatives must perceive CM and CA potentially providing the greatest return on the investment needed to implement such a solution. Unfortunately, and all too often, until a risk event occurs or internal audit buckles under its workload, CM and CA can appear as “nice but not necessary” initiatives.
Value and Benefits of CM and CA
Broadly, CM and CA bring new levels of systematization and automation to monitoring controls and collecting forensic audit data and they add value by improved compliance, risk management, and the ability to achieve business goals. They can be crucial in uncovering revenue leakage. For example, due to customers taking unauthorized discounts, by locating unnecessary costs, as in audits of service levels from third-party vendors, etc. In that sense, CM and CA represent a natural progression in the evolution of the control environment and auditing efforts.
In conclusion, CM and CA are automated, ongoing processes that enable management to:
- Shift from cyclical or episodic reviews with a limited focus to continuous, broader, more proactive reviews
- Evolve from a traditional, static annual audit plan to a more dynamic plan based on CA results
- Assess the effectiveness of controls and detect associated risk issues Achieve timelier, less costly compliance with policies, procedures, and regulations
- Improve business processes and activities while adhering to ethical and compliance standards
- Execute timelier quantitative and qualitative risk-related decisions
- Extract relevant data from processes, transactions, and accounts data that supports internal and external auditing activities
- Increase the cost-effectiveness of controls and monitoring through IT solutions
- Reduce audit costs while increasing effectiveness through IT solutions
Deloitte. “Continuous Monitoring and Continuous Auditing From Idea to Implementation.” Deloitte.com, 2010, www2.deloitte.com.
Taylor, Patrick. “Continuous Transaction Monitoring (CTM) Protects Financial Integrity, Even When Network Security Inevitably Fails.” Network World, Network World, 13 Feb. 2012, www.networkworld.com/article/2185780/continuous-transaction-monitoring–ctm–protects-financial-integrity–even-when-network.html.