News & Resources

PwC: Data security, regulation some of the top risks facing businesses

Mar 27, 2012 Walt Wojciechowski

Shareholders are increasingly demanding internal auditing services to hedge against excessive risk, especially in regards to data management and government regulation, according to the 2012 State of the Internal Audit Profession from PricewaterhouseCoopers. However, nearly three-quarters of stakeholders and chief audit officers cited global economic uncertainty as the biggest perceived risk in 2012. While many economic fears are beginning to subside, further driven by economists' heralding of the elusive recovery, a large number of challenges remain. For one, it's still not clear how Europe's debt crisis and ensuing recession will impact global demand. In the U.S., stubbornly high unemployment and a still weak housing market threaten to prolong the recovery. Corporate fraud, mergers and acquisitions, new product introductions and business continuity were identified as some of the top risks facing businesses this year. These trends have driven shareholders to demand internal auditing programs to reduce risk exposure. "As the risk landscape continues to evolve, the majority of business leaders surveyed said they are not comfortable with how their risks are being managed, although 74 percent of those surveyed have formal enterprise risk management processes," said Dean Simone, leader of PwC's U.S. risk assurance practice. Nearly half of surveyed stakeholders - 46 percent - cited data security as the single most requested area for internal audit - more than any other category. The second most in-demand audit category, business regulation and government policy, drew the figure of 32 percent of respondents. In the debt collection industry, regulation has been of paramount concern. The recent launch of the Consumer Financial Protection Bureau has many recovery specialists shaking in their boots, as regulators crack down on unethical practice by targeting the industry as a whole. This is expected to hinder legitimate debt collectors in the process. "To deliver what stakeholders want, the standard for an effective internal audit function has been raised and internal audit needs to elevate its performance to meet the always increasing stakeholder expectations," Simone asserted. Companies need to evaluate enterprise risk, he added. They should also coordinate with the internal audit functions and remove organizational barriers to accomplish a more holistic approach to risk management.