Businesses around the world will face a seismic technological shift—one the Organization for Economic Co-operation and Development (OECD) estimates will result in the automation of half of today’s existing jobs over coming decades. But while 10 years may seem like sufficient time to prepare, to get ahead of this inevitable change and avoid disruption, businesses must begin integrating advanced technological solutions into their internal processes now—ideally within the next six to 12 months.
Contemporize the Core: Technological Evolution Starts Here
As organizations try to keep pace with the exponential advancement of technology—advancements that are dramatically altering the ways in which we work, the tools we work with, and the pace at which we work—it’s essential to prioritize core services that are ripe for improvement. This process of strategically implementing automation to “offer our clients a modern, digitally enabled service experience while delivering high quality services and capabilities is the real meaning of contemporize the core” says Baskaran Rajamani, Partner in our Automation Risk Advisory Practice. This ultimately enables us to glean more valuable insights, make faster decisions, and pivot to meet quickly-changing consumer and market demands.
Contemporizing the core isn’t simply about cost takeout. Rather, it involves developing and implementing robotic process automation (RPA), cognitive automation (CA), and artificial intelligence (AI) solutions to increase the efficiency of “core” internal processes and ultimately enhance the client experience in a risk intelligent manner. Some examples of contemporizing the core include strategically automating clerical tasks, report generation, and manual data extraction exercises—or leveraging CA to generate insights from vast and complex datasets.
“Effectively contemporizing the core starts with the right tools, attitude, and operating model—three elements that will allow all businesses to embrace automation as a key enabler of the future,” says Umang Handa, Senior Manager in Deloitte’s Cybersecurity practice.
Like the clients we serve, Deloitte is also working to identify opportunities to contemporize the core of our business. By holding internal workshops, we’ve started to identify the top processes that can be improved through RPA, CA, and AI. And while our plan is to ultimately layer these technologies throughout all our service offerings, right now we’re focusing on operational risk and cyber services.
“We’ve invested in tools, technologies, upfront automation scripting, and bot creation—and are devoting substantial resources in training our talent pool and creating a culture that embraces innovation—to shift our managed cybersecurity solution from volume-based to value-based investigative analysis,” says Rocco Galletto, Partner in Deloitte’s Cyber Risk Services practice.
This has made a significant difference in our cyber practice. In the past, for instance, Deloitte’s managed services team used multiple tools, across multiple systems, to help our clients successfully avert potential cyber attacks. Today, however, we rely on RPA to automate many of our investigative steps, which enables our security investigators to focus on more relevant, higher-value tasks within the security investigation lifecycle.
“Now we can access critical data in just a few minutes, allowing our analysts to conduct much higher-level analysis to build an attack profile, identify threat actors, determine the organization’s scale of risk, and shut down threats swiftly,” says Umang. “This helps us reduce our mean time to detect and mean time to respond metrics, which are both critical factors to mitigating risk and reducing damage related to cyber attacks.”
Building on this, the next step will be to leverage cognitive technologies and AI to streamline things even further. For example, after using RPA to draw in data from the various systems, we can ultimately use an AI engine to identify false positives without manual intervention. From there, the data can be passed to a cognitive agent that would pre-write the case report for our analysts’ review. This will allow us to automate over 90% of the entire process, freeing up our agents to deliver higher value services and increasing our capacity to help a greater number of clients.
Beyond cyber, we’ve also introduced automation into our operational risk services by using RPA to streamline the audit process. This means we can now test the full population of a client’s transactions, for instance, rather than representative samples. This allows us to check the full sequence of events and flag exceptions, while empowering our teams to investigate any failures in control and define solutions.
“As we move forward, we’ll be looking at opportunities to leverage AI to accelerate everything from planning, testing, and execution to final reporting and wrap-up,” explains Julie Calla, Senior Manager in Deloitte’s Risk Advisory practice. “AI has the potential to enable clients to log into a system, upload all their audit evidence, and have it analyzed without any manual intervention.”
As an added benefit, this will allow us to gather business insights that are currently difficult to find. For example, at one financial institution, an AI analysis revealed that branches with low levels of employee satisfaction often had managers with weak compliance controls. The upshot? Rather than having internal audit reprimand staff at branches where controls are breaking down, it may be more beneficial to send in an HR person to train management on improved compliance practices.
This kind of insight arises from embracing the inevitable shift in the future of work, rather than fearing it. In addition to offering more value to clients—and being able to effectively service a higher number of clients—contemporizing the core also positions your organization to develop and attract key talent, strengthening your competitive edge.
“We recommend a risk-intelligent approach to automation,” says Baskaran. “Such an approach involves reviewing your internal processes carefully to select the most appropriate candidates for automation. It also involves understanding the current risk profile of the processes as well as the net new risks that automation can introduce. This allows you to both realize the benefits of automation and reduce associated risks to an acceptable level.”