How can you build trust when emerging technologies bring new risks?

By Jeanne Boillet

EY Global Accounts Committee Assurance Lead

Innovation driver in audit services. Client-centric. Strong advocate for diversity and the advancement of women in business.

7 minute read 28 Sep 2018

Show resources

  • Building blocks of the future (pdf)

    Download 271 KB

When emerging technology creates far-reaching and rapid change, it can also bring new risks. Understanding and mitigating them will help to build confidence.

This article is part of a collection of insights about digital trust.

Today’s rapid pace of technological innovation, from AI to blockchain, is impacting business models and processes. Traditional means of assurance – such as corporate governance, board meetings, financial statements, internal and external audits – will need to take into account new factors to remain relevant and build confidence among stakeholders.

Often legal and regulatory frameworks haven’t kept pace with digital transformation, and organizations are seeking guidance. This challenge is exacerbated by the speed at which technological change (pdf) is occurring and the breadth of its adoption – which is introducing new risks that demand new responses.

Emerging technologies can provide improved accuracy, better quality and cost efficiencies for businesses in every sector. They can enhance trust in the organization’s operations and financial processes, which is crucial for sustainable success. But this can produce a paradox: the very solutions that can be used to better manage risk, increase transparency and build confidence are often themselves the source of new risks, which may go unnoticed.

Man using digital tablet in dark server room
(Chapter breaker)
1

Chapter 1

Adopting artificial intelligence intelligently

AI offers new ways to build trust, but can also make businesses vulnerable to new risks.

When applied to some audit processes, AI can support greater accuracy and quality, providing consistent reasoning with precision and objectivity. Significantly, the automation and efficiency brought by AI technology allow the analysis of a full population of data instead of a sample, enhancing confidence in the results.

Machine learning – a form of AI where computer algorithms improve over time – can help provide a better predictive analysis of fraud. For a number of years, machine learning has successfully detected credit card fraud. Banks use systems that have been trained on historical data to monitor payments for potential fraudulent activity and block suspicious transactions.

AI, and machine learning in particular, can also play an important role in anti-money laundering programs in areas such as the monitoring of suspicious activities and transactions. With the increasing complexity of threats and the growing volume of data to analyze, this use is only expected to grow.

While AI can help build trust, however, it also carries a range of new risks – both operational and financial. AI systems rely on large volumes of data, and handling it may pose regulatory risks relating to data privacy, opening up vulnerabilities to data leaks and cyber-attacks – and the ensuing reputational risk. Bias issues with initial training data or programmatic errors contained in the algorithm could also compromise AI process outputs.

To mitigate these risks and maximize their potential benefits, businesses looking to adopt AI should develop the right governance and apply a framework to provide trust and confidence. Actions should include: 

  • Verifying training data to remove bias 
  • Understanding how AI technologies are being applied within the organization, as all the components embedded within the AI system need to be governed and protected
  • Establishing ethics boards to provide advice on the implications of AI development
  • Evaluating the effectiveness of the governance model

Making the use of AI ethical, unbiased, transparent and secure will help to earn trust and drive further adoption. 

Bicycle Padlock
(Chapter breaker)
2

Chapter 2

Finding the key to trust blockchain

A technology promising to create trust carries potential risks that could undermine it instead.

Like AI, blockchain has seen rapid adoption in a number of industries and functions. Blockchain’s ability to create an immutable, transparent and secure record of transactions and data, governed by a consensus, removes the need for central aggregators or intermediaries. It allows immediate reconciliation, improves the integrity of data and generates trust because it allows participants to provide increased transparency to stakeholders and gain control of their own operations in a digital environment.

While most famous for powering cryptocurrencies, far broader applications are emerging for how enterprises can use blockchain to increase trust and create efficiency across their operations. In the supply chain for instance, blockchain is being used to enhance traceability and fight counterfeiting.

But blockchain can also create new risks. As with any digital system, code integrity is vital to create trust in the platform, and cybersecurity is an inherent risk in a weak code.

There are also more macro-scale challenges to implementing blockchain solutions, such as a lack of standardization in protocols, and inconsistent regulation and legislation. Risks can also originate off-platform – if the information on the blockchain comes from activities outside the blockchain, how can the originating transaction be verified?

To mitigate such potential financial and operational risks from blockchain, participants must:

  • Follow best practice in internal control frameworks, focusing on safeguarding assets, existence, rights and valuation
  • Evaluate IT risk, including cybersecurity, smart contracts, access rights and program change
  • Implement compliance with tax, legal and regulatory matters, such as Know Your Customer (KYC) checks and anti-money laundering legislation
  • Periodically review and evaluate cryptography and consensus mechanisms
  • Perform analysis of the blockchain data
  • Leverage trusted independent parties to review and report on process, and work towards building in trust by design.

To build trust in the blockchain, it will be essential for companies to gain independent visibility of the data, the transacting parties and the transactions recorded on the ledger.

Even though blockchain can create trust, it does not remove the need for assurance in the process itself, nor in the performance and financial outcomes.

Female teacher and teenage outdoor school students using compass and smart phone gps
(Chapter breaker)
3

Chapter 3

The human factor in Digital Trust

A good tool used badly – without understanding the risks – has been the downfall of many good ideas. How can we help new technologies preserve confidence?

There is one risk common to both AI and blockchain – the over-reliance businesses may place on these two technologies.

Even though both AI and blockchain can help build trust and confidence, relying on technical features such as automation, algorithms and encryption, they still require a large degree of human oversight.

The extent to which the mitigating actions are successful will largely depend on humans and on their judgment. To mitigate potential risks and maximize potential benefits, you should focus on:

  • Finding and developing the right skillsets and mindsets: New technologies will be sophisticated and, in many cases, require a steep learning curve even for experienced staff. Acquiring the right capabilities, whether by hiring or training, will be critical. Throughout your organization, you’ll also need to develop increased risk awareness and a shared sense of responsibility to identify and respond to emerging threats and opportunities.
  • Looking at buy vs build strategies: How do you best implement new technologies? Do you build these capabilities in-house, or look to third parties, partnerships, or acquisitions to bring in these capabilities from the outside? You may need to rethink your approach to mergers and acquisitions to make the right decisions.
  • Identifying appropriate success metrics: While some traditional business analysis approaches will remain, the transformative age may require a rethink on how you measure success. One approach that organizations could consider is looking not only at what new technology programs have delivered, but also what they should have delivered – and how their performance ultimately conforms to those expectations.

To be successful, businesses need to adopt new ways of working to mitigate technology’s risks. Trust in the digital age can be both built and compromised by emerging technologies – and the outcome will ultimately depend on the quality of human decisions.

Summary

New technology can improve accuracy and quality, helping to enhance trust in operations and financial processes. Yet technological advances such as AI and blockchain can also bring new risks that may go unnoticed, such as in data handling, which may lead to reputational risk, and programmatic errors or bias. To mitigate the risks and maximize the potential of digital transformation, businesses may want to develop governance frameworks.

About this article

By Jeanne Boillet

EY Global Accounts Committee Assurance Lead

Innovation driver in audit services. Client-centric. Strong advocate for diversity and the advancement of women in business.