Data security and ownership, cloud technology become CFOs’ major challenges

Managing data security and privacy is the main challenge CFOs face in today’s corporate reporting environment for more than half of respondents (56%) to the latest report by EY Financial Accounting and Advisory Services (FAAS), Can innovative corporate reporting build trust in a volatile world?

Country-wise, CFOs in India (68%), China (65%) and the US (63%) are the most concerned about data security and privacy.

More than 1,000 CFOs or financial controllers of large organizations with revenue greater than US$500m across 25 countries participated in annual global survey.

The lack of clarity over data ownership and governance has a significant impact on reporting effectiveness for 64% of respondents globally, survey results indicate.

In addition, 85% said that they found it either “very challenging” or “somewhat challenging” to actively manage data flows based upon different jurisdictions’ privacy laws. The same percentage of respondents also said that assessing the different security standards for data centers versus cloud computing was a key challenge to data protection, privacy and compliance.

The survey also found that 49% of respondents say concerns over security and compliance risks of the cloud are seen as a major barrier to technology transformation and the implementation of innovative new technologies.

Peter Wollmert, EY Global and EMEIA FAAS Leader urged CFOs to ensure that there are governance processes in place for how they look after financial information and that data is both compliant with relevant local laws and is secure – which can be a huge challenge in large and complex organization.

“Responding by using advanced data analytics and integrated technologies as well as artificial intelligence, cloud computing and robotic process automation will be key to avoiding reputational and other costs that come with a mismanagement of financial data,” Wollmert advised.

Other key highlights of the survey

  • 42% of CFOs say their audit committees and boards ask for more insights and information from corporate reporting on data protection and privacy. The same percentage of respondents say they provide corporate reporting on the risks from regulatory change.
  • 85% of respondents globally provide automated alerts to audit committees and boards about governance, risk and compliance issues.
  • 82% of respondents say audit committees and boards put a much stronger focus on corporate culture and its impact on compliance and fraud prevention.
  • 58% of respondents say that committee members need to develop new competencies and understanding in using analytics in identifying data risks, while 57% say an understanding of legal frameworks for data hosting is increasingly important in order to provide effective oversight.

“Reactive corporate reporting doesn’t work anymore. Boards are expecting management to report issues to them in real-time,” said Wollmert. “This means reporting teams need to draw on the volumes of data available, as well as technology advances, to deliver new levels of insights that board members require to fulfill their governance role.”