Technological advancements and the company secretary (part 2)

By John Sammut

John Sammut is Head of Internal Audit at the Malta Financial Services Authority

In an article published last week I outlined the opportunities and benefits of technological advancements on the company secretary’s profession and role. The second instalment of the article will focus on the risks and challenges brought about be emerging technologies and how these can be overcome.

Technological advancements, whilst fostering innovation may also open the doors to cybercrime. Breaches of sensitive data through phishing attacks, scam emails and possibly also insider fraud are becoming more common due to lack of cyber training awareness and computer hygiene (e.g. encryption of sensitive data, firewalls, updating of software).  The company secretary should be aware of the ever-increasing cyber related threats resulting from digitalisation in view of one’s role as a custodian of a large volume of sensitive information and records.

New technology impacts law-making and regulatory designs as these may become irrelevant if regulators do not consider such fast technological changes. The company secretary is to be constantly aware of any such potential changes to law and regulations as a result of technological advancements and ensure that the organisation adapts accordingly.

An innovative and a learning culture is another challenge which the company secretary has to face. It is important that the company secretary keeps abreast of digital skills by undertaking training through appropriate sources.  The company secretary must also assist board members and other stakeholders to engage with the opportunities provided by technological advancements and ensure that relevant training on the use of innovative IT systems is provided to board members.

The increase in the use of instant messaging platforms, emails and group chat amongst others have put increase pressure on the company secretary for a quicker decision-making process.  In addition, easier access of information and immediacy could result in additional pressure and adversely impact the work-life balance of the company secretary’s role. “Digital technologies promise flexibility in terms of when and how we work. But instead what they have done is to extend the “working day” and created an unhealthy emphasis on “multi-tasking” (Quote from: Erik P.M. Vermulen)

In this regard, the company secretary should take on an advisory role to ensure that the organisation has appropriately evaluated its risk appetite and IT risk management systems when managing the demands of operating in a digital world.  Furthermore, internal controls and procedures should be in place to ensure that not only the company secretary, but all organisation staff are aware of the immediate steps to be taken in the event of a data breach and the responsibility to notify the regulator as may be applicable by law. A robust data and business recovery plan need also to be in place to counteract the eventuality of a loss of data through breaches in information security governance.

Steve Jobs once said that “technology is nothing. What’s important is that you have faith in people., that they’re basically good and smart, and if you give them tools, they’ll do wonderful things with them.” The company secretary cannot ignore technological advancements as these offer innovative tools which do add value to the role. Moreover, automation offers a good opportunity to change the perception of the role from an administrative one to a more important advisory and technical role for the benefit of the wider business of the organisation.