Tipping point for Internal Audit in Gaming
Internal audit functions that adapt risk and control systems to the market will deliver the greatest organizational value.
The gaming industry is at a defining moment, and at least for now, disruption is bringing exciting opportunities to many participants. The next ten years promise to bring immense change, opportunity, and risk in the gaming space. A rising focus on ESG, the emergence of online gaming, and the impact of a pandemic are challenging internal auditors to evaluate the best use of resources and technology.
The pace of change in gaming is intense. Companies must navigate state-by-state regulations, internal control, and internal audit requirements. Regulators are focused on customer protection, data security, and data integrity, while the public perceptions of gaming – and companies’ efforts to ensure responsible gaming – are critical for the long-term viability of the sector.
While at G2E 2021 (Global Gaming Expo), KPMG LLP (“KPMG”) spent time observing industry trends, talking to company leaders, and meeting the next generation of innovators. We found that the excitement portended by the wave of deals and other public announcements is not an exaggeration. Many in the industry are excited about the road they are on, even with potential potholes and roadblocks along the way.
The new frontier: Online gaming and sports betting
Numerous states have authorized online sports betting, and several allow online casino gaming. With the growth of online gaming originating in large part from mergers and acquisitions, companies are dealing with risks related to acquisition and integration, in addition to a new risk landscape for online gaming and sports betting.
Internal audit functions play a pivotal role to integrate acquisitions into the established company. At the same time, the acquiring company would be well served to evolve its own program to consider the changes in the risk environment as the newly acquired entity adjusts to existing SOX and regulatory testing programs.
Based on our closed-door discussion with audit and risk executives, internal audit leaders from land-based organizations are struggling to understand how online gaming regulatory requirements relate to or differ from existing operations. As regulations are issued state by state, executives are evaluating their resources and skill sets to ensure they have the right resources, whether internal or external, to protect their companies from losses, fraud, or control weaknesses. Given the seemingly constant flow of M&A, internal auditors are having to spend a disproportionate share of their time on transactions versus building programs for auditing online gaming.
ESG – waiting for the other shoe to drop
Given the emphasis on transactions and the new risk environment from online gaming, most internal audit leaders aren’t focused on ESG … yet. But a sharp focus on ESG among investors, the Biden administration, and the SEC has spurred many gaming companies to prepare for compliance. They are evaluating ESG in the context of previous experience with SOX, layering in controls automation and efficiency.
Leveling the playing field – analytics in internal audit
KPMG has seen incredible growth in using data and analytics for internal audit and anti-money laundering programs. Companies are leveraging automation tools to bolster both effectiveness and efficiency.
A universal challenge for internal audit teams is maximizing operational value with existing resources. They contend with large resource needs for mandatory compliance testing, such as gaming regulations and SOX 404 requirements. Data analytics and automation tools help gain efficiencies and free up time to focus on emerging risks, such as ESG and online gaming.
The audit executives we spoke to covered the spectrum for implementing analytics in their processes –
from zero to extensive usage. Hiring and retention in this area is even more difficult than the usual internal audit staffing challenges, so leaders need to be creative in cultivating talent. The benefits, however, will likely outweigh the costs in an environment of constant transactions and new risks. Analytics can be applied to help achieve more effective assessment and mitigation of risk.
How can KPMG help you?
Companies have new and increasing risks, and transformational events are coming with ESG and online gaming. We can help internal audit teams in a variety of ways, including enhancing their overall risk assessment process, streamlining SOX compliance, helping to implement data and analytics, and building programs for emerging areas like ESG and online gaming.
Coordinating with the KPMG global organization of independent firms in the United States, Europe, Asia, Australia, and Latin America, our professionals can combine a global perspective with in-depth industry knowledge to help companies navigate a fast-changing market.
Let’s stay in touch. Together, we can shape the future of gaming – now.