Enhancing the Efficiency of Financial Audits through Technological Integration in Accounting Firms

---

Author(s): Amine EN-NAJAH* and Hassane BOUJETTOU

Abstract

The competitiveness of companies has been influenced by recent occurrences, particularly the COVID-19 pandemic, which caused significant disruption to the global economy. Nevertheless, certain companies have adeptly adjusted to the new circumstances by embracing novel business models, investing in technology, and displaying adaptability to swiftly accommodate rapid changes. The rapid digitalization across various industries has also left its mark on companies' competitive landscape, allowing them to offer products and services with greater speed and reduced expenses. Companies that have channeled resources into technology have also reaped the rewards of improved collaboration and heightened operational efficiency, attributes that have played a pivotal role in sustaining their competitiveness. In fact, even audit firms have not remained unaffected by this trend. Digitalization is fundamentally reshaping the audit sector. These firms are under growing pressure to provide services that are not only swifter and more precise but also cost-efficient. Digitalization presents fresh avenues to enhance audit procedures through the integration of technologies such as big data, artificial intelligence, blockchain, and cloud computing. Through this article, we aim to explore the impact of these technologies on the "Audit Risk Equation" that represents our research model.

Introduction

Companies’ competitiveness has been affected by recent events, notably the COVID-19 pandemic, which caused a major disruption to the global economy. However, some companies have managed to adapt to the new conditions by adopting new business models, investing in technology and being flexible to adapt to rapid changes in demand.

The accelerated digitalization of many industries has also had an impact on companies’ competitiveness, enabling them to offer products and services more quickly and at lower cost. Companies that have invested in technology have also benefited from greater collaboration and operational efficiency, helping them to remain competitive.

Indeed, audit firms are no exception. Digitalization is profoundly changing the audit industry. They are increasingly under pressure to offer faster, more accurate and more cost-effective services. Digitization offers new opportunities to improve auditing processes using technologies such as big data, artificial intelligence, blockchain and cloud computing.

Against this backdrop, the aim of this article is to explore: How has the methodology of an accounting and financial audit engagement evolved thanks to digital tools? First, we'll look at how the practice of Financial Auditing has evolved; then, we'll move on to digitalization, presenting some of the tools involved and listing their impact on the risk of material misstatement.

Evolution of the Financial Auditing Method - Conceptual and Etymological Framework

We cannot limit external/financial auditing to a single, universally accepted definition, but we can nevertheless present a few issued by international entities, others by national organizations and then by individual author:

The external audit is therefore a standardized, methodological examination, carried out by a professional who must be, and appear to be, independent and objective, and whose purpose is to assess and certify, or not, a company's accounts. Approaches to auditing have evolved, as have its aims: from a means of deterring and detecting fraud at the beginning of the 20th century to a determination of the company's current financial conditions and results to the assurance of a reasonable impression of the reliability of the accounts [1].

We find Financial Auditing in organizational theory, on the one hand with agency theory designating: "a contract by which one (or more) persons (the principal) engages another person (the agent) to perform on his behalf some task which involves a delegation of some decision-making power to the agent"; and on the other hand with information asymmetry, in which we find 2 types: The first type, "before the contract", is the situation of "adverse selection" with hidden information and the second type, "moral hazard" and opportunism [2,3].

From Scorecard to Risk-Based Approach

In fact, auditing has undergone a methodological evolution. The first formal method used by auditors was the tally approach, or also known as the output approach, which consisted in checking all journal entries. This method relied solely on reconciling the amounts entered in the accounts with the invoice amounts (proof). Detailed tallying was limited to checking compliance with the double-entry accounting principle. Subsequently, the accumulation of practical knowledge on the one hand, and the volume of accounting transactions on the other, increased considerably. In fact, it became imperative to find a new tool for identifying risk

areas and checking the plausibility and reasonableness of annual financial statements. This is how analytical control came into being; consisting of an analytical comparison, through financial analysis of the balance sheet and the CPC, of the company's financial statements for year N with those of the previous year, in order to highlight significant and inconsistent items. This control is carried out using 4 main techniques: plausibility review; absolute data comparison; relative data comparison and trend analysis.

From the 1920s onwards, there was a gradual shift towards the systems approach, based primarily on the evaluation of internal control. From the Second World War onwards, internal control systems were adopted, companies formalized their procedures and processes, and managers began to replace shareholders at the head of corporate management. The first definition of internal control was given in 1948: "It consists of a rational organization of the accounting and bookkeeping department aimed at preventing, or at least discovering without delay, errors and fraud" [4]. A recent definition of internal control has been given by a number of authors, and refers to "all the safeguards contributing to the control of the company. Its aim is to ensure the protection and safeguarding of assets and the quality of information, as well as the application of management instructions, and to promote improved performance. It manifests itself through the organization, methods and procedures of each of the company's activities, in order to maintain its continuity [5]".

Subsequently, the risk-based approach appeared around 1992- 1994, when the cost of the audit assignment was high for the client and profitability fell for audit firms. Significance was introduced. In the 2000s, companies listed on the US stock exchange caused unprecedented financial scandals involving account manipulation and accounting malpractice, to which the introduction of the Sarbanes-Oxley Act was a response. At the same time, the COSO internal control framework was adopted.

Figure 1: COSO 1 - Internal Control, Integrated Framework (traduction du COSO 1, IFACI & Cooperts & Lybrand, The New Practice of Internal Control, Page 29-1992)

Figure 2: COSO 2 - Entreprise Risk Management Framework (COSO 2004 Report)

Figure 3: COSO 3 - Enterprise Risk Management Integrated with Strategy and Performance (COSO 2017 Report)

 This is the approach on which all accounting and financial audit engagements are based today, and it has given rise to the "auditor's equation", which broadly refers to the risk of the professional expressing an inappropriate opinion when the financial statements contain material misstatements.

Acceptable Audit Risk (AAR) is the probability that the auditors will be prepared to certify unqualified financial statements that are materially misstated. It is designated by the auditor.

IR" (Inherent Risk) refers to the probability of finding material errors in a company's audited financial statements prior to assessment of the internal control system. This risk is assessed by the auditor. This is the systematic risk.

Control Risk (CR) is the probability that a material misstatement will not be prevented or detected in a timely manner by the audited company's internal control system. This risk is assessed by the auditor. This is the systemic risk.

The "DR" ("Detection Risk") refers to the tolerable risk threshold at which audit procedures fail to detect material misstatements [6].

The risk of non-detection is inversely proportional to the accumulation of inherent risks and control-related risks. And conversely, when inherent and control risks are low, the auditor can accept a higher level of non-detection risk while reducing audit risk to an acceptably low level.

Some authors, like Cormier, divide the risk of detection/non- detection into 3 sub-risks:

Digitization

The term "digitization" originated with the advent of computers in the 1950s, it refers to: "the process of transforming data into a digital form that can be easily read and processed by a computer" [7].

An additional clarification to the OED definition was mentioned: this transformation of data acts without modifying the process itself (Gartner glossary).

It consists in the conversion of traditional forms of information storage (such as paper, photographs...) into binary code (a succession of 0s and 1s). In other words, it's the transformation of analog signals, which are continuous signals that can take on an infinite number of values, into digital signals, which are discrete, discontinuous signals [8]. This transformation is the driving force behind the digital revolution, more commonly known as the 3rd Industrial Revolution (SAP). In modern life, digitization has become synonymous with convenience and reliability, present in our daily lives at every level: economic, cultural, social... This massive digitization of data has led to fundamental changes in processes.

Digitalization

Generally speaking, digitization represents the integration of multiple technologies into all aspects of daily life that can be digitized [9].

In the entrepreneurial world, digitization refers to: "the integration of digital technologies and solutions into a company's existing business processes" (SAP). The major impact of digitization has been hinted at as a 4th industrial revolution. Digitization therefore exploits digitization to a very large extent, and evolves this concept to the level of process change.

However, for companies today, the question is no longer whether digitization is necessary to remain competitive in today's ever- changing economic environment, but how soon they can embark on their digital transformation journey (SAP).

Digital Transformation

Digital transformation refers to the process by which a company integrates digital technologies into all its activities, with the aim of boosting its performance, acquiring new prospects, facilitating their transformation into customers, and guaranteeing their loyalty through optimal and enhanced exploitation of the company's various functions [10]. Today, customers' needs are constantly growing, and companies are obliged to be more competitive, an obligation to which digital transformation responds.

The following 3 areas need to be taken into consideration to achieve digital transformation:

• Transformation of Business Processes: this involves modifying and adapting processes and working models, which have often been internalized by employees for a long time, to meet the company's evolving strategic objectives, as well as those of its competitors. Digital transformation creates a connected technological framework that provides the basis for facilitating this process change, notably through improved workflow
• Business Model Transformation: business process transformation focuses on workflows and task-related areas of the business only, while traditional business model transformation targets the fundamental elements of value creation in the sector in which it operates, i.e. changing the very reason for the company's existence and adapting it to the market (integration of technological tools, new multi- channel strategies...).
• Organizational and Cultural Transformation: To be successful, digital transformation must be aligned with the company's culture and values. However, we mustn't forget that staff remain the company's most precious and sensitive resource; a defeatist adoption of new digital technologies can be detrimental to the achievement of objectives, to the company's competitiveness and slow down the digital

We can therefore assume that a digital transformation can only take place through an organizational transformation of the company, so that it is optimal and requires the effective collaboration and participation of everyone, starting at the highest level of the company and reaching down to its grassroots, and specifying the impact of this digital transformation on roles and operational flows, but also the reasons why its implementation would be considered a worthwhile necessity.

According to the figure below, digital transformation has 3 major dimensions of impact on the organization:

• Internal Efficiency: by improving the quality of processes and gaining in relevance. Digital transformation also enables real-time monitoring of operations and results, by integrating structured and unstructured data from different sources. Task automation also leads to employee satisfaction with routine tasks, giving them more time to develop new skills.
• External Opportunities: digital transformation completely reshapes the customer experience, creating new services that are presented to them, and reducing interaction time for existing ones.
• Disruptive Changes: this refers to the turbulence that digital transition brings to the organization, and the profound break with what already exists.

So, from digitization to digital transformation to digitalization, these 3 concepts, although often linked in the literature, have different nuances all the same.

They represent 3 chronologically successive stages for any organization wishing to remain competitive.

Digitalization and Audit Risk Information Technologies Audit

An IT audit is a systematic process for evaluating and verifying the security, compliance and performance of IT systems.

The general steps for carrying out an IT audit are as follows:

• Define Audit Objectives: It's important to determine what you want to achieve with the audit, what areas need to be audited and what risks need to be monitored.
• Preparation: It is necessary to gather the necessary information on the IT systems to be audited, including hardware and software configurations and sensitive
• Review of Security Policies and Procedures: The auditor should review the security policies and procedures in place to ensure that they are sufficient and in line with industry
• Security Testing: Security testing may include checks on network security, potential vulnerabilities and weaknesses in authentication systems.
• Compliance Assessment: The auditor verifies that IT systems comply with applicable regulations and standards, such as RGPD and PCI security
• Performance Analyses: IT system performance is analyzed to determine whether performance targets are being met and whether there are opportunities for improvement.
• Audit Report Drafting: The final audit report presents findings and recommendations for improving IT system security, compliance and performance.
• Implementation of Recommendations: The recommendations made in the audit report must be implemented to ensure the security, compliance and performance of IT

It is important to note that the steps may vary according to the objectives and needs of each audit. It is also important to hire a qualified auditor to carry out the IT audit to guarantee the quality and accuracy of the results.

Impact of Digitization on the Risk of Material Misstatement We conducted an interview with a Chartered Accountant, with the aim of presenting a comparison and evolution of the audit tools normally used by firms, and the new tools introduced by digitalization to assess the following audit risks: inherent risks and control-related risks.

Inherent Risk Impact

Every company operates in its own environment (with customers, suppliers, regulations, etc.). The auditor assesses the potential for this environment to give rise to a risk of material misstatement, irrespective of any internal control systems in place.

Once the inherent risks have been identified, the auditor classifies them according to their probability and impact:

Identifying inherent risks requires interviews (with management or other key people), a preliminary analytical review and study of the information collected (such as minutes, sector studies, organization charts, activity reports, etc.).

Impact of Digitization on the Risk of Material Misstatement Artificial Intelligence

Artificial intelligence (AI) refers to the simulation of human intelligence in computers and machines. This involves the development of algorithms and computer programs capable of performing tasks that usually require human intelligence, such as visual perception, voice recognition, decision-making and language translation.

Artificial intelligence (AI) has had a significant impact on financial auditing, both in terms of increased efficiency but also improved accuracy. Here are some of the aspects impacted:

• Automated Audit Processes: AI algorithms can automate certain tasks in the audit process, such as data collection, data analysis and report This enables auditors to concentrate on higher value-added tasks, such as risk assessment and fraud detection.
• Improved Fraud Detection: AI algorithms can be programmed to identify suspicious patterns or transactions that may resemble This helps auditors detect potential fraud faster and more accurately, reducing the risk of loss for organizations.

Overall, AI has the potential to revolutionize the way financial audits are conducted, providing auditors with more effective tools for analyzing data and identifying risks. While AI is still no substitute for human auditors, it can be used to significantly improve their work, enabling them to make better decisions.

Big Data Analytics

It represents high-volume, high-velocity and highly varied information assets that require cost-effective and innovative forms of information processing for better decision-making.

3 Main Properties Define Big Data:

Big data analytics" has enabled auditors to collect and analyze large quantities of financial and operational data in a relatively short space of time. This has made it easier for them to identify areas of risk and focus their attention on the most relevant aspects of an audit, notably the interpretation of results.

Big Data has had an impact on financial auditing at the following levels:

• Greater Efficiency: Big data tools and techniques enable auditors to process large quantities of financial data much more quickly and efficiently than through traditional methods This also enables them to carry out audits faster, more accurately and more cost-effectively.
• Improved Risk Assessment: By analyzing large data sets, auditors can identify trends that would not be perceptible with traditional This helps auditors to better assess the risks associated with various transactions and financial statements, and to make more informed decisions on the scope of the audit.
• Better Data Visualization: Big data analysis tools often include advanced visualization features that help auditors more easily understand the data they are This can make it easier for auditors to identify potential fraud or other flaws and communicate their findings to interested parties.
• Greater Transparency: Big Data can be used to create more transparent and consistent audit procedures. This helps auditors to be more confident in their conclusions and to communicate their findings more effectively to interested

Big data therefore provides auditors with a more complete and accurate picture of an organization's financial health. However, it is important to note that auditors must also consider the confidentiality, security and ethical implications of collecting and analyzing large quantities of financial data.

Blockchain

Blockchain is a decentralized digital ledger that records transactions over a network of computers. It is used to store and transfer data securely and transparently without the need for intermediaries. Each block in the chain contains a certain number of transactions and is connected to the previous block, forming a chain of blocks that cannot be altered.

Blockchain can revolutionize financial auditing in terms of :

• Increased Transparency and Immutability: Blockchain enables the creation of a decentralized, transparent register of secure, unalterable transactions, which can greatly improve the accuracy and reliability of financial records. This can make auditing processes more efficient, as auditors can directly access transaction data in real time without the need for intermediaries.
• Improved Efficiency: With blockchain, the process of reconciling and verifying transactions can be automated, reducing the need for manual checks and increasing the speed and relevance of the audit.
• Enhanced Security: Blockchain's cryptographic security features can prevent unauthorized access and falsification of financial records, improving overall audit credibility and reducing risk.
• Better Collaboration: blockchain can enable auditors, regulators and other stakeholders to work together in real time, share information and ensure transparency and accountability of financial records.

Overall, blockchain technology improves the efficiency, transparency and security of financial records. However, it's important to note that while the technology has advanced rapidly, there are still regulatory and technical challenges to overcome before it can be widely adopted in the auditing sector.

Cloud Computing

Cloud computing is an Internet-based delivery model for IT services, including servers, storage, databases, networking, software, analytics and intelligence.

There are 3 main types:

• IaaS: Infrastructure-as-a-Service.
• PaaS: Platform-as-a-Service.
• SaaS: Software-as-a-Service.

Cloud computing's influence on Financial Auditing can be summed up as follows:

• Improved Accessibility: Thanks to cloud computing, auditors can access financial data and audit tools from anywhere with an Internet connection, which has made it easier for auditors to collaborate with colleagues and clients. This has also enabled auditors to work more efficiently, as they do not need to be physically located in the same place to share
• Improved Data Security: Cloud providers generally have robust security measures in place to protect sensitive financial data, such as encryption and multi-factor authentication. This has enabled auditors to store and access sensitive financial data more easily and securely.
• Reduced Costs: By using cloud-based tools and services, auditors can avoid the cost and hassle of maintaining and upgrading their own hardware and software. This has made it more cost-effective for small and medium-sized audit firms to use technology to improve their auditing process.
• Overall, cloud computing has had a positive impact on Financial Auditing by improving efficiency, reducing costs and developing the overall quality of However, auditors need to be aware of the risks associated with cloud computing, such as data confidentiality and security, and take appropriate measures to mitigate these risks.

Research Hypothesis

Following this in-depth literature review, we can formulate the following research hypotheses:

• The use of innovative technological models during audit engagements makes the latter more relevant and significantly improves the results of the engagement, while reducing its costs for both the firm and the client.
• Thanks to technological models, auditors can focus more on interpretation during an external audit.
• The job market demands an academic profile of the financial auditor who keeps abreast of technological change, with technical skills relating to the field and IT skills in terms of using and exploiting tools.

Conclusion

Digitization is therefore a key element in today's business competitiveness. For audit firms, it can boost confidence in audit findings by enabling more transparent verification and providing stronger evidence for investment decisions. Digitization can also present them with challenges, such as protecting data confidentiality and security, training and upgrading employee skills to work with new technologies, and understanding and complying with ever-changing regulations and standards.

Technological models have been developed and the auditing sector has benefited from them: we find big data, artificial intelligence, cloud computing and blokchain.

The digitization of Financial Auditing offers a number of advantages:

• Faster Processes: Especially when collecting and analyzing financial data.
• Improved Relevance: Digitization can help reduce human

• Better Collaboration: Online collaboration tools can facilitate communication and coordination between different members of the audit team.
• Greater Accessibility: Digitization enables quick and easy access to financial data from anywhere, at any time, which can be particularly useful for remote audits.

But it can also have its Drawbacks:

• High Initial Costs: Setting up digitization systems can be costly, especially for small
• Increased Complexity: Digitization can make auditing processes more complex, and take some time to get used
• Security Risk: Sensitive financial data may be exposed to security risks such as hacking or data leakage.
• Need for Staff Training: Employees may need additional training to use the new digital tools and systems.

In conclusion, Digitization can bring many benefits for audit firms, but they need to be prepared for the challenges that come with adopting new technologies. Audit firms need to be able to assess the potential opportunities and challenges of digitization to maximize the benefits for their clients and their business [12-23].

References

1. Khalil A, Ajili W, Slimene I, Abdelli M (2022) Understanding and Implementing Internal Control: Regulations, Concepts and Dunod 11-43.
2. Carassus D, Cormier D (2003) Standards and Practices of Legal External Auditing in Fraud Prevention and Detection. Accounting - Control - Audit 9: 171.
3. (1994) The New Practice of Internal Organizational Editions 1-29.
4. Boccon-Gibod S, Vilmint E (2022) The Financial Auditor's Toolbox - 3RD DUNOD https://www.dunod.com/ entreprise-et-economie/boite-outil-auditor-financier-0.
5. Akerlof GA (1970) The Market For « Lemons »: Quality Uncertainty And The Market Mechanism. The Quarterly Journal of Economics 84: 488.
6. Brennen JS, Kreiss D (2016) Digitalization. The International Encyclopedia of Communication Theory and Philosophy 1-11. HTTPS://DOI.ORG/10.1002/9781118766804.WBIECT111
7. Allouche J, Zerbib R (2020) Digital Transformation: Challenges and Perspectives. The Review of Management Sciences, N°301-302(1) 75-76.
8. Numérisation Vs Digitalisation. SAP Insights https://wwwcom/france/insights/digitization-vs-digitalization.html. .
9. Parviainen P, Tihinen M, Kääriäinen J, Teppola S (2017) Tackling the Digitalization Challenge: How to Benefit from Digitalization in Practice. International journal of information systems and project management 5: 63-77.
10. Gray J, Rumpe B (2015) Models for Digitalization. Software & Systems Modeling 14: 1319-1320.
11. Schwab K (2022) Fourth Industrial Revolution: What It Means and How to Respond. Foreign affairs https://www. com/world/fourth-industrial-revolution.
12. Francis Lefebvre (2021) Auditing and Auditing 2022-2023. Lefebvre https://www.chasse-aux-livres.fr/prix/236893572X/ audit-et-commissariat-aux-comptes-2022-2023-francis- lefebvre-redaction-francis-lefebvre.
13. International Federation of Accountants (2013) Guide to the Use of International Auditing Standards in the Audit of Small and Medium IFAC https://wwwifac.org/publications/guide-pour-lutilisation-des-normes- internationales-daudit-dans-laudit-des-petites-et-moyennes. .
14. Order of Chartered Accountants of Morocco (2004) Practical Audit Guide http://www.acseris.com/pdfs/7-Audit/Guide- pratique-de-laudit.pdf.Ordre Des Experts Comptables Du Maroc (2011) Manuel Des Normes https://oecmaroc.com/.
15. Hamel G, Prahalad CK (1996) Competing for the Future (Reprint). Harvard Business Review Press https://hbr. org/1994/07/competing-for-the-future.
16. Fain B, Faure V (1948) Accounting Revision: Legal and  Technical   Principles   of   Accounting    Expertise and PAYOT https://books.google.co.in/ books/about/La_r%C3%A9vision_comptable. html?id=m3BAGwAACAAJ&redir_esc=y.
17. Earley CE (2015) Data Analytics in Auditing: Opportunities and Business Horizons 58: 493-500.
18. Jensen MC, Meckling WH (1976) Theory of the Firm: Managerial Behavior, Agency Costs and Ownership Journal of Financial Economics 3: 305-360.
19. (2017) Coso Enterprise Risk Management – Aligning Risk with Strategy and Performance. DANS https://www.coso. org/enterprise-risk-management.
20. Wanderley A (2022) COSO ERM 2017: What’s New To Know? PYX4 https://pyx4.com/blog/coso-erm-2017- nouveautes/.
21. Houston RW, Peters MF, Pratt JH (1999) The Audit Risk Model, Business Risk And Audit-Planning Decisions. The Accounting Review 74: 281-298.
22. (2015) A Very Short History of Digitization. Forbes https:// forbes.com/sites/gilpress/2015/12/27/a-very-short- history-of-digitization/?sh=5687e4f449ac.
23. What is digital transformation? SAP Insights https://wwwcom/france/insights/what-is-digital-transformation.html..

View PDF

Our Pubmed Indexed Articles

---

---

---