Technology

CFOs Using Technology to Mitigate Risks and Enable Growth

By Umran Husan

The role of finance is undergoing a major evolution in today’s business environment as corporations rely on the financial and strategic prowess of their financial leaders. Today’s finance professionals face an array of new risks, responsibilities and challenges, from managing a globally diversified business to mitigating new technology risks. They are responsible for reporting on the past, managing the present and creating the future.
 
With new responsibilities come a list of new risks, headed perhaps by compliance obligations. From the anti-monopoly laws of the 1950s to the Sarbanes-Oxley Act of 2002, finance professionals have had to adapt to a variety of new regulations throughout time. While some of these have merely altered processes, many have changed the way CFOs lead their businesses altogether.
 
Even within the last few years, new standards and regulations are stirring the pot again, as organizations like Committee of Sponsoring Organizations of the Treadway Commission (COSO)  and the Financial Accounting Standards Board are updating requirements to reflect the modern world.
 
Finance leaders are also facing an expansive new set of risks that come with technology, the most serious of which are perhaps external security risks. Even companies with large and sophisticated security measures are being targeted by hackers. While data breaches of consumer information can certainly damage a business’s reputation, the possibility of leaking confidential financial information and business plans could be detrimental to a business and a finance leader’s career.
 
Social media has created a new type of risk for finance professionals that is difficult, if not impossible, to control. As many companies have learned the hard way, information spreads quickly on social media. Stories may range from the unintentional release of confidential information to discussions of internal issues, policies, or other employees. Certain regulations regarding employee rights limit an employer’s ability to restrict their employees’ use of social media. This leaves corporations with few options other than to educate their workforce and encourage them to be on their best behavior.
 
Another critical technology risk comes from the volume of data and ease of transfer within organizations. When employees were let go 20 years ago, they took their personal belongings in boxes and were on their way. Now employees frequently share information between business and personal devices, store it on flash drives and in clouds, and retain duplicate copies of confidential business information — all of which can be particularly problematic if an employee leaves a company to work for a competitor.
 
Mitigating IT Risks
In today’s modern work environment, flexibility is important. According to a Global Workplace Analytics study, 80 percent to 90 percent of the U.S. workforce says they would like to telework at least part time.  A Forrester Research report noted that 76 percent of global information workers report using multiple devices for work, and of those information workers who work remotely at least once a month, 66 percent regularly use a smartphone for work. More workers are using personal devices for work, and vice versa. And an iPass global mobile workforce report showed 92 percent of workers believe their smartphones should be enabled for both work and personal use.
 
To compound this challenge, a new class of tech-savvy employees are flooding the workforce. These employees are comfortable implementing their own tools  and finding ways to work around company regulations they feel inhibit their ability to do their job.
 
While employees are requiring (and taking) greater flexibility to do their jobs, the need for tight security is greater than ever. According to Microsoft’s Cybercrime Center, over one million people are victims of cybercrime every day, and IBM estimated the cost of a data breach in 2015 averaged $3.85 million. Employees may be a company’s greatest asset, but they can also be its greatest vulnerability; in a 2011 test conducted by security firm KnowB4, 43 percent of employees clicked on a test phishing email sent from a trusted server.
 
Other relaxed applications of security best practices by employees can also create issues. In a 2010 study by Credant Technologies (now owned by Dell), 52 percent of respondents said they could not remember what was stored on their USB drive, and 34 percent said at any given time, they didn’t know where their USB drive was. To compound the issue, 68 percent said that they shared USB devices with family members, friends or colleagues, and 10 percent admitted losing a flash drive with company info on it. 
 
In this evolving environment, it is important for companies to protect themselves while still allowing employees to access applications that will make them more productive. Provide the right tools that employees need to excel at their jobs. Instead of creating rules prohibiting certain uses, create a process that enables employees to work safely and securely.
 
Risks of Going Global
With growing economies abroad, the lure of global expansion seems inviting; labor costs can be much less expensive and worldwide retail sales are on the rise. According to a study by eMarketer, retail sales — both in-store and online — are projected to reach $28.3 trillion in 2018. Yet to date, many businesses have struggled making the leap. Virtually all of the world’s largest retailers, from Walmart to Tesco to Carrefour, have had to pull out of foreign markets after attempting to establish a local presence.
 
Yet despite these challenges, the unrelenting pressure to grow is leading many businesses into new territories.
 
Global M&A activity has spiked in recent years, reaching an all-time high in 2015 of $4.28 trillion in deals, with 39 percent of those deal crossing borders — enough to set a post-crisis record, according to a Baker & McKenzie report. 

There are many challenges with going global. Legal systems, for instance,  vary greatly throughout the world. This has many implications for businesses, including how financial reporting, business setup and lawsuits are handled. Beyond the law, many businesses going global struggle to adapt to local cultures.
 
In countries with less sophisticated legal systems, finance leaders must have a firm understanding of local business practices to help navigate a complex environment. Furthermore, having a strong cultural understanding is also important when localizing products and messaging, and when hiring local employees.
 
Perhaps the largest risk for companies expanding abroad is the risk of IP theft. This threat is particularly high in China, where a culture of imitation, often referred to as “re-innovation,” is widely accepted and viewed more as adaptation than as theft.
 
Centralization can provide significant operational efficiencies, but when trying to protect IP, having too much centralized knowledge can be problematic. Finance professionals can help protect their businesses by disaggregating IP, such as manufacturing process steps —  especially elements that have unique proprietary value to the company. This restricts employee knowledge to only a piece of the IP, limiting their ability to replicate products or components externally.
 
Lastly, as businesses expand globally, finance leaders must address the security vulnerabilities that will arise as well. This is particularly true in parts of the world where technology and infrastructure are less advanced or less controlled.
 
Changing Demographics
Changing demographics within the workplace are proving to be a risk for businesses and their finance leaders. As millennials are growing up, a new generation of employees fluent in technology are taking over the workplace and expectations for technology are shifting.

Social media, for instance, is a great way to hear what customers are saying and share your story — but it undeniably comes with risk. The case studies of employee missteps on social media are plentiful. Federal regulations governing employee rights may limit a company’s ability to prevent its employees from using social media, but employers should provide clear guidance on how social media can be used most effectively. Business leaders should also reiterate the consequences of confidential information being leaked.
 
With millennials, finance leaders are also dealing with a new entrepreneurial breed of employees. While having an “entrepreneurial spirit” is increasingly thought of as an asset for an employee, there are additional risks if that employee is actually an entrepreneur in their spare time. The largest risk with employees starting companies on their own time is IP theft. This threat has played itself out countless times, where employees have left their company only to create nearly identical products at a lower cost.
 
Beyond IP theft, bootstrapped entrepreneurs may take the liberty to use company resources for their personal endeavors. This may include small items, like pens and paper, as well as data subscriptions or enterprise software. Employees may also be using their work devices for their side business. This creates security risks for the company, and may put you in violation of software licensing agreements.
 
Furthermore, it could create a complicated legal situation should the ownership of the “side-work” be called into question. An employee’s side business may also create problems if there is any conflict of interest. For example, even if the side business is producing a non-competitive service, an employee may harvest certain client relationships for their own business instead of putting all of their abilities into helping their employer succeed. In addition, employers may find themselves in a difficult position should a group of employees leave simultaneously to pursue a startup full-time, which could easily happen if their startup gets funded.
 
Moonlighting in any capacity, whether entrepreneurial or not, can have its downsides for employers. Employees who work excessive hours will be more fatigued, have lower productivity and will be more prone to making errors. But that being said, companies may not want to automatically ban moonlighting, as there are some benefits. A company that is supportive of its employees’ entrepreneurial exploration will foster a culture of creativity and innovation, and denying employees opportunities may simply force these high-value employees to work elsewhere.
 
The Benefits Burden
As workforce demographics change, employee benefits are also evolving. Benefits are a great way to gain a competitive advantage in recruiting and retaining talent. In a 2014 Prudential Financial study, three out of four CFOs said providing health insurance, retirement and group benefits were important for their company.
 
However, with a new generation of workers, many young employees are placing more emphasis on balance versus compensation. Benefits such as flexible work schedules and additional time off may be of more value to some employees than a bigger paycheck. In the battle to recruit the best employees, companies are offering a more diverse range of benefits, including a pet-friendly work environment, a clothing allowance, on-site gyms and even a personal travel stipend.
 
As CFOs try to balance competitive benefits offerings with employee value, turnover costs and fiscal responsibility, exploring benefits packages that are more customized to the individual can make for happier employees at a lower cost. In Prudential’s report, they noted a trend toward voluntary benefits, an à la carte approach that helps control costs while offering a broader set of benefits. Seven out of 10 CFOs said offering voluntary benefits helped increase employee satisfaction while remaining cost-effective.
 
At the opposite end of the spectrum in the benefits-risk discussion are the issues surrounding older employees. Companies who have not helped their workforce prepare adequately for retirement find themselves bearing the costs of senior employees who opt to postpone retirement due to inadequate savings.
Not only do these employees have higher salary and benefits costs. In a 2014 CFO Research study, 41 percent of CFOs reported employees who are unprepared for retirement make it difficult to control workforce costs, 27 percent said it made it difficult to forecast and manage staffing needs, and 26 percent said it actually hurt retention by limiting growth opportunities for younger employees. While there is a cost to investing in your employees’ retirement, companies need to acknowledge that there is also a cost for not doing so.
 
Lastly, many CFOs have found themselves burdened by the rise in ERISA and benefit plan litigation. These range from revenue-sharing and fee arrangements under 401(k) plans to the elimination of certain benefits for retirees. CFOs need to be prudent in managing their benefits plans, especially as more 401(k) and defined benefit plan decisions drive material value for the company. A bad decision regarding pension plans could expose the CFO, the participants and shareholders to fiduciary risks.
 
Technology to the Rescue
It’s not all doom and gloom. The above are real issues faced by CFOs today, but technology can help them do their job more effectively. Cloud computing, machine learning and intelligent computing are having real impact on organizations and changing the way businesses operate and manage risk.  Business applications and systems in the cloud, for instance, are more secure than ever, more compliant with standards and regulations and more global — enabling the CFO to expand their business as needed without having to worry about local regulations or adding infrastructure or additional resources. Cloud elasticity takes care of that.
 
Machine learning is opening new business opportunities for organizations and the CFO with by enabling new insights into data. Businesses generate petabytes of data, but all of that data is useless if a company cannot use it to drive business transformation, whether it is changing a business process, optimizing operations, or expanding into a new geography. Having the right technology in place that can help a CFO identify trends, anticipate customer demand and forecast what their business will need. 
 
Last, but not least, is having systems that are intuitive. This might seem like a simple thing, but with a workforce that is used to apps that work across devices and platforms, forcing people to use antiquated systems is asking for trouble — and any system that is not used is useless.  Although the CIO plays a major role selecting the technology used within an organization, a CFO can have significant impact on what comes into a business and should ask how technology can help your people be more productive, what can help them do their jobs better, and how can they better engage with your customers.
 
Although the evolving role of the CFO is opening new risks, it is also creating new opportunities. Today’s successful CFO is taking on the new role head-on and using all of the resources available to make a positive difference within their organization.
 
Umran Husan is responsible for working across Microsoft to showcase how Microsoft technology can enable the modern finance professional be more effective and successful in their roles.