In the last three decades, the landscape of organisational assurance has gradually broadened. Traditional assurance, derived from audit opinions on the accuracy and fair presentation of annual financial statements, is now being supplemented by assurance over risk-mitigating internal controls and a wider group of stakeholders.
This activity takes place in the inner workings of organisations. We have seen the creation of new assurance focuses in which internal auditors, compliance specialists and quality assurance providers compete for lucrative footholds. The explosion of assurance mapping arising from Sections 302 and 404 of the US 2002 Sarbanes-Oxley Act has also provoked a global increase in the ‘internalisation’ of early 21st-century organisational assurance.
Change in trust
However, just as we are getting comfortable with today’s bifurcated balance between external assurance over financial statements and internal assurance over risk-mitigating internal controls, a shock is coming that will destabilise the current cosy arrangements.
Most of us refuse to hitchhike, yet we share car rides with strangers chosen through an app
We are on the threshold of a revolutionary era of shifting patterns of accountability and social trust. Gradually, almost surreptitiously, we are experiencing the displacement of accountability, away from the vertical structures of traditional, command-and-control bureaucratic organisations towards flattened, horizontally distributed networks.
Even in our daily activities, we can discern this ‘flattened’ diffusion of accountability. We interact with the gig economy and engage in digital spheres with people we will never meet.
Most of us refuse to hitchhike, yet we don’t hesitate to share car rides with strangers chosen through a smartphone app. We fret over food hygiene and organic ingredients, yet we trust our dietary health to processed meals delivered to us by anonymous scooter riders through polluted streets.
We also suspect that social media networking sites are riddled with blowhards who embellish or falsify their CVs, yet we still engage in online professional networking, placing our reputations at risk. And despite our commitment to humane capitalism, we somehow persuade ourselves that the impossibly inexpensive clothes we purchase online are not manufactured in exploitative sweatshops.
All these activities reveal the emerging era of flattened, non-hierarchical flows of accountability and social trust. Traditional institutional arrangements are deconstructing into depersonalised networks that promise equal measures of liberation and danger.
New drivers
In this disorienting era, fast and flexible flows of information, accountability, knowledge and risk swirl within the fuzzy boundaries of our digital and human networks. The speed and complexity of these flows makes them hard to evaluate, especially given increasingly sophisticated technology, changes in labour patterns, and sweeping shifts in concepts of knowledge and risk.
Changing patterns of accountability and social trust are revolutionising demands for auditing and assurance
In her prescient 2017 book Who Can You Trust? Rachel Botsman provided a clear outline of the ways in which public trust in markets and institutions is changing. Then the Covid-19 pandemic exposed emerging complex patterns of accountability. The inability of traditional assurance to safeguard the public good during the pandemic contributed to transforming a public health crisis into an enduring catastrophe of depleted social trust, legal frustrations and knockabout politics.
Traditional vertical hierarchies are therefore being replaced by horizontally distributed patterns of accountability and social trust, which is revolutionising the demand for auditing and assurance. In addition the need for disclosures about emissions by the wider supply chain – under the United Nation’s Scope 3 – is fuelling a significant rise in assurance engagements, particularly among the Big Four.
It is too early to predict the death-knell of traditional auditing and assurance: audit opinions on financial statements and internal controls will continue to meet the needs of established assurance demands. But it is increasingly difficult to oversee accountability from a command-and-control bureaucratic structure.
And the focus on historical financial information in a traditional audit does not help shed light on the acute pressures of the new forms of diffuse accountability. Similarly, assurance of internal controls does not take into account activity that happens at the organisation’s boundaries and in extramural activities.
New assurance systems should embody the distinctions that traditional assurance has provided
Widening stakeholders
Existing mechanisms for obtaining assurance over extramural activities will be of immense value in the emerging environment: the current means of obtaining assurance over franchise networks, supply chains and their emissions, and consortia arrangements, all of which are notoriously tricky to audit, can be expected to grow in importance.
But we can envision the emergence of entirely original assurance mechanisms, bearing characteristics that mirror the semi-formal, fast-moving, capricious and contingent networks over which they will seek to provide assurance.
We should hope that any new assurance systems will embody the enduring distinctions that traditional assurance has provided – the differences between corruption and honesty, falsehood and truth, and error and accuracy. We lose sight of these distinctions at our collective peril.