THE GIST of Editorial for UPSC Exams : 24 JUNE 2019 (Software robots and importance of risk management (Live Mint))

Software robots and importance of risk management (Live Mint)

Mains Paper 3 : Science and Technology
Prelims level : Not Much
Mains level : Robotic Process Automation


  • Robotic process automation, or RPA, has emerged as a potent productivity-enhancement innovation that is being embraced globally by virtually all industry sectors.
  • This is hardly surprising since a software robot (also known as a bot) can work around the clock at a fraction of an employee’s cost.

Is RPA delivering to its promise of having digital labour seamlessly replace humans?

  • The evidence is mixed. Many companies are experiencing significant productivity gains, but research suggests that 30-50% of RPA projects fail, unleashing risks.
  • A telecom company had deployed bots for managing its complaints process. Coding errors led to many grievances being diverted to an incorrect queue, resulting in a backlog of complaints.
  • A global conglomerate deployed bots in its finance and accounts function to automate the accruals process.
  • Its auditors, however, noticed that the accruals had been materially under-reported for a quarter. Unfortunately, incorrect rule-set definitions in the bots had led to the problem.
  • Information security is also at risk: There have been reports of malicious employees launching cyberattacks on bots to access sensitive company data.
  • While critics blame the underlying technology, this is seldom the case.
  • Usually, the root cause lies in the inattention to risk and internal control considerations in the bot-development life cycle and the re-designed, bot-enabled processes.

Five simple design principles

  • First, the less risky processes should be prioritized for automation. Sensitive processes, such as those related to finance and compliance should come later. An additional layer of monitoring controls should be considered for all mission-critical processes.
  • Second, RPA practitioners should adopt a “what-cannot-go-wrong?" mindset. For instance, if bots are posting transactions to an enterprise’s core technology platform, users and administrators with access to these bots should not have the ability to execute conflicting transactions, such as placing an order and approving the payment.
  • Third, bots need to undergo robust risk-based functional testing. This, however, is sometimes not adhered to during the software development life cycle. An investment bank discovered that a bot emailing end-of-day trade confirmations to customers was “dangling" because fields that were supposed to contain email addresses were empty.
  • Fourth, watertight processes around bot security are critical. Similar to humans, bots too have user-names and passwords. Ensuring that these are encrypted and accessed by employees according to their assigned privileges is key to preventing unauthorized access and potential misuse, including fraud.
  • Finally, implementing robust change-control processes is critical. RPA teams need to be made aware of changes to system interfaces so they can make timely updates.

Way forward

  • As companies expand automation efforts, risk management functions need to step up and serve as critical lines of defence in the governance of these programs.
  • Risk managers can identify pitfalls related to automating specific processes, pressure-test redesigned processes before they go live, and implement early warning systems that can predict, and ultimately, prevent bot failures.
  • Leading risk functions, for instance, are deploying “supervisory bots" that monitor critical tasks performed by other bots and proactively raise alarm bells if they suspect performance issues.

    Online Coaching for UPSC PRE Exam

    General Studies Pre. Cum Mains Study Materials

Prelims Questions:

Q.1) With respect to “Air Traffic Flow Management (ATFM)”, consider the following statements:
1. Recently, Air Traffic Flow Management (ATFM) - Central Command Centre was inaugurated in Bengaluru.
2. After successfully implementing the Air Traffic Flow Management System, India has become the third country after the US and Japan.

Which of the statements given above is/are correct?
A. 1 only
B. 2 only
C. Both
D. None

Answer: D
Mains Questions:

Q.1) Indeed, a healthy dose of risk management can allow software robots to become trusted enablers in an organization’s digital transformation journey. Comment.