What are the biggest lessons in your career so far?
Individual excellence is crucial, but true problem-solving requires collaboration. I’ve learned to work collaboratively with people from different disciplines, identify each person’s strengths, and align the motives of different parties. This way, everyone sees the purpose of the work and is willing to go above and beyond to achieve project objectives. I was taught this lesson when I transitioned from consulting to an in-house role at a global bank where securing the data and resources I needed meant navigating through different departments and stakeholders, justifying the purpose, and persuading people to prioritize my needs over competing demands.
What are the challenges and opportunities of your role?
My practice is in risk advisory. No two matters I work on are the same. The matters I handle are often contentious and have legal or regulatory implications for my clients. A lot of the time, we work to help clients understand and appreciate the viewpoints or expectations of counterparties (e.g. regulators, auditors, etc.) and vice versa, so we can effectively align expectations and pre-empt any surprises at the end of the exercise. One challenge we always encounter is time pressure. We need to be quick and surgical in addressing the core of the problem.
What is the impact of technology on governance, risk and compliance (GRC) programmes?
Technology and data have always played a significant role in GRC areas. Unfortunately, in many banks and organizations, data often resides in different systems and is not readily available for meaningful use. For example, transaction monitoring systems typically ingest customer and transaction data from the core banking system but do not capture other parameters like IP addresses and device IDs that may be recorded by cyber/fraud surveillance systems. This illustrates how different risks are intertwined and should be managed in an integrated way. In addition to looking inward at the risk within the organization, there is an opportunity for the industry to work together, sharing intelligence to manage risk.
How has your CPA training helped you in your career?
The Qualification Programme (QP) and my experience at a Big Four firm allow me to speak the language of a financial auditor, even though I am in a different accounting practice. The training enables me to delve into the details of accounting treatments to uncover the modus operandi of fraud schemes, particularly through double-entry accounting, which I believe is one of the greatest inventions. I also appreciate the systematic structure of the QP, which helps students understand the importance of business processes, systems, and data – fundamental elements of my investigative work.
What risk and compliance challenges do you predict clients will face this year or beyond?
Geopolitical tensions, especially under the Trump administration, could continue to create uncertainties around trade policies, leading to increased export controls and sanctions risks. The weaker macroeconomic environment in Greater China is expected to put businesses under financial pressure, which might result in more credit defaults and push some businesses towards fraudulent activities to stay afloat. Given these economic challenges, banks and other private sector entities are likely to be more cautious with their technology spending, prioritizing essential, “must-have” solutions.
