Leaders in Audit: How the Financial Services Industry Is Applying Next Gen Audit Practices

Michael Thor, Managing Director Leader of Internal Audit Services for the Financial Services Industry, North America

The innovation economy is transforming businesses. Innovation is changing the products, services and solutions businesses deliver as well as the way they deliver those services. This innovation transformation also drives changes in the risk to these organizations, prompting them to seek ways to manage new risks along with existing risks, get ahead of the risk curve, add value and improve governance by applying similar innovation in internal audit (IA).

That is especially true in sectors such as the financial services industry (FSI). Protiviti interviewed several financial institutions about their internal audit practices for our 15th volume of Internal Auditing Around the World, the popular case study compendium highlighting best practices around the world. Here is a peek at how some FSI innovators are riding the technology wave, organized according to the three core elements of Protiviti’s Next Generation Internal Audit model — people, methodology and enabling technology.


All innovation starts with people. Capital One’s Tech Audit team has a Data Analytics and Innovation unit that conducts “empathy research,” which engages the entire IA department in the design of technology-enabled methodologies to understand how both auditors and auditees experience audit processes. The practice allows the unit’s leader to tap into the collective knowledge of the entire audit team to design products that add value and are easy to use.

The global audit transformation effort at Mitsubishi UFJ Financial Group (MUFG) includes exposing early-career professionals to IA expertise through rotational assignments, as well as exchange programs through which IA professionals can experience the work of their colleagues in another region. These practices help to expand the future supply of senior auditors and acculturate business units with good governance practices.

TD Bank Group, which touts its ability to stay “unexpectedly human” in the digital age, personified its goal of establishing an “innovative personality” by creating a global head of audit strategy and transformation, and actively pursuing diversity in gender, race, ethnicity, thought, background, experience, education and skills. The group’s objective is to have everyone, from entry-level auditors to the chief auditor, know the strategy and how it is relevant to them, which creates buy-in and participation.


Auditing at the speed of change is a critical transformational challenge for IA departments. To achieve that goal, many organizations are modifying the more formal Agile methodologies (with a capital “A”) from manufacturing and software development and applying them to create faster, more flexible, agile auditing practices.

Fidelity Investments, for example, created an Agile Auditing Center of Excellence to reduce audit time and resources by collaborating with business units to improve two-way communication and transparency without compromising objectivity and independence.

Capital One held even closer to capital “A” Agile tradition, creating small, cross-functional teams called “agile pods” that focus on managing a specific task and its related risk, reprioritizing their work every day. The pods have established routine cadences to identify any impediments that come through the audit process and resolve those issues as quickly as possible.

Enabling Technology

Driving all of this change, of course, is the technology itself — powerful computers and algorithms that can be used to deliver the risk information stakeholders need faster and with better precision. Capital One’s Tech Audit group, for example, relies heavily on a technology stack of artificial intelligence, machine learning, data science and automation “to power deep and broad risk-based insights,” according to the vice president of business analysis and leader of the Data and Analytics Innovation Unit, Kaleen Love.

All of the FSI internal audit executives interviewed reported using technology to accelerate audits and glean deeper insights through automation, advanced analytics and data visualizations, including self-serve dashboards and other tools to help auditors plan, prioritize and prepare for engagements more effectively.

Most, if not all, of the next-generation changes occurring in FSI internal audit are designed to foster greater collaboration, information-sharing and consistency across the enterprise. By harmonizing people, methodology and enabling technology, and bringing them all to bear on achieving transformational change, these organizations are well on their way toward realizing their next-generation goal of becoming problem solvers, rather than merely problem finders.

You can find the complete interviews with these and other audit innovators in Internal Auditing Around the World Volume 15, available as a complimentary download from our website.

Add comment