Colette Devey, Risk Consulting Partner, Chief Risk Officer and Consumer Sector Lead with EY Ireland, talks us through her impressive career path and some of the important lessons she has learned along the way. Colette Devey was appointed Chief Risk Officer at EY Ireland in September 2024. Devey also leads EY Ireland’s Consumer Products and Retail Practice and is a Partner in the firm’s Risk Consulting Business. She joined EY in 2003 and became a Partner in 2019. Tell us a bit about yourself and why you decided to become a Chartered Accountant? I grew up in Raheny in Dublin and attended Manor House School before moving on to University College Dublin. I chose a degree in business and legal studies because I felt it would offer promising career options in both the legal and finance fields. Initially, I thought I would become a lawyer, but over the course of my four-year degree, I realised my strengths lay in business and finance. This realisation led me to choose a career in finance, joining the assurance practice of a big four firm in London to train as a Chartered Accountant and working with clients in the financial services sector. How has your career evolved from qualification through to your current role with EY Ireland? After qualifying, I spent two more years in London, building my experience and learning to manage client engagements. It was an exciting time to be in the city and I was very lucky to have college friends who moved over at the same time. There was a great Irish gang of us all together. The work environment in which I began my career was very different to today. My work was 100 percent client- or office-based with much less technology and it was still quite male-dominated. The firm had just two female partners at the time and, in many of the teams I worked on, I was the only woman. After five years in London, I was ready for a change and moved to Sydney, Australia, for two years. It was there I first had the opportunity to work as a consultant, rather than an auditor, and I immediately knew this was the area I wanted to progress my career in. As a Risk Consultant, I discovered I enjoyed the operational aspects of businesses, from the shop floor or factory site through to profit and loss and the balance sheet. This role allowed me to leverage my core accounting skills while also gaining deep knowledge in process, risk and controls, and I have since continued to build my career in this specialism. I joined EY Ireland in Dublin in 2003, then spent 15 years in consulting with EY UK. After returning to Dublin in 2022, I took up the position of EY Ireland Consulting Partner and Consumer Sector Lead. In this role, I work extensively with local and international businesses in the agricultural, consumer products and retail sectors, helping them navigate a rapidly changing landscape driven by evolving consumer behaviour, regulatory changes and emerging technologies, such as artificial intelligence (AI). I also lead our work on the Irish EY Future Consumer Index, which tracks changing consumer sentiment and behaviours bi-annually, identifying new trends and emerging segments. Talk us through your day-to-day work as Chief Risk Officer with EY Ireland. My role as Chief Risk Officer is very broad and complements my continued service to clients across our 150-strong Risk Consulting team here in Ireland. My team and I focus on ensuring EY Ireland manages and mitigates a number of key risks. This can range from data privacy and protection—where we work closely with colleagues on our legal team to assess the data risks arising from the introduction of new technology, notably AI—through to assessing the implications of external events. This might be social or, as in more recent months, weather-related. On top of day-to-day matters, there are also times when we have to react quickly to protect the firm, our people and our clients—from cyber risks, in particular. As an example, when the CrowdStrike software update caused significant outages globally, we had to immediately consider what impact this might have on our clients. Thankfully, in this instance, the impact was minimal. What do you enjoy most about your current role, and what are the challenges? What I enjoy most is the variety and this has continued to be the case over the course of my entire career to date. No two days are the same. My team and I need to be very agile so that we can quickly reprioritise activities and plans based on changing circumstances. This also brings challenges, such as tight deadlines or the need for fast decision-making. In my experience, however, these challenges are easily overcome when there is a strong and aligned team working together and communicating effectively. This is something I am very grateful to have with my current team. Are you glad you made the decision to qualify as a Chartered Accountant at the start of your career? Yes, without a doubt. My qualification as a Chartered Accountant has opened many doors and opportunities for me throughout my career. It has been foundational to the work I do with my clients, whether that is delivering internal audit services, transforming governance, risk and internal control frameworks, or supporting the implementation of Sarbanes-Oxley Act (SOX) requirements, mandating strict reforms to improve financial disclosures and prevent accounting fraud. Although much of this work focuses on strategic, operational and compliance risks, we are never too far away from considering the financial impact on the business. Did you have a career plan starting out? How have your career goals evolved in the years since? If I am completely honest, no, I didn’t set out with a long-term career plan. I knew I wanted to become a Chartered Accountant and work for organisations offering opportunities for career progression, alongside enriching professional and personal experiences. I didn’t set out with the end in mind and could not have imagined some of the opportunities I have had along the way, including working with incredible clients, fantastic teams and on exciting projects while also being able to live and travel all over the world. In the early part of my career, my approach was to say ‘yes’ to every opportunity that came along. In more recent years—and particularly since I set myself the goal of becoming a Partner—my goal setting has become more deliberate and focused. I want to keep growing and developing my professional experience and expertise, while also creating opportunities and experiences for my team and colleagues. Tell us about the most important professional lessons you have learned in your career. The three most important professional career lessons I have learned over the years are: Be the role model for others you would have wanted for yourself. Listen to those around you and take their feedback on board—but, ultimately, you have to trust and believe in yourself. Most importantly, never forget that clients are individuals with their own aspirations and plans. Developing strong relationships at a personal level, as well as professionally, typically leads to healthy, trust-based and long-term client relationships. How has the role of the Chartered Accountant evolved since you first joined the profession, and how do you think it will change in the years ahead? The biggest change I have observed in our profession relates to technology and how it continues to impact the work we do. First, there is the role technology plays in business, creating risk, but also opportunity. Second, technology is now key to delivering accounting, auditing and consulting services. When I first started with a big four firm in London, we didn’t even have individual laptops. Instead, each engagement team had just one Mac computer, which came with its own wheely bag. The most junior person on the team (i.e. me) had to bring it to and from the office and client sites! Times have changed so much since then, and I believe technology—in particular, data—will continue to play a critical role in our profession’s future development as emerging technologies, including AI, become even more prominent in business, accounting, risk consulting and wider society. What advice would you offer young Chartered Accountants about forging a successful and fulfilling career? My advice would be to take the time to truly understand your strengths, consider where and how you want to grow and develop professionally, and identify the roles that will give you energy and motivation while also allowing you to be your authentic self. With these strands in place and the Chartered Accountancy qualification behind you, you will be in a strong position to grasp opportunities for a rewarding and enriching career. What are your career plans from here on in? That is a very good question! With EY’s new global leader, Janet Truncale, and our ‘All In’ global strategy in place, there are many exciting developments ahead. For now, my focus is on my clients, growing our business and developing the teams I work with, as well as ensuring we manage and mitigate the risks we face as a firm. These responsibilities are more than enough to keep me busy for the time being, but I am always open to new experiences and opportunities, so I will keep an open mind as to where my career will take me in the future—as everyone reading this should.

Resilire founder Joyce McCarthy, FCA, is helping scaling organisations embed a sustainable growth culture that supports people and boosts resilience “Recalibrate. Resolve. Rise.” When Joyce McCarthy launched her HR advisory and coaching firm Resilire in September 2024, she knew exactly where her focus needed to be. Inspired by her own experience re-evaluating her career and life priorities in response to events beyond her control, McCarthy resolved to use this very personal insight to help others prepare for, overcome and learn from professional challenges and setbacks. “Resilire comes from the Latin word for ‘resilient’. When I decided I wanted to set up my own business and work for myself, there was never any doubt about what my focus would be; I knew it had to be about helping people to embrace change and build resilience to achieve their goals.” McCarthy had begun her own career training in Dublin as a Chartered Accountant before moving into banking, first in Australia and then the UK, where her career focus shifted first to sales and then to people and performance management, and organisational culture. “When I moved to London, I started a new job at a large organisation managing a big team and leading innovation in people management,” McCarthy says. “We were overseeing all aspects of performance management from metrics to bonuses, rewards and recognition schemes, and really focusing on how to innovate and improve this whole area. “That was when I started to think seriously about what the culture of an organisation really means, and the level of stress individuals can experience when they are under pressure to perform.” McCarthy “absolutely loved” her work and was delighted when she was promoted to director level and selected for fast-track progression through the organisation’s senior ranks. “Then, I got pregnant. I had just started my new role and I didn’t want to have to go on maternity leave, but I remember the doctor saying to me, ‘You need to prioritise your health and your pregnancy now,’ and that was a shock to me at the time.” McCarthy endured a difficult birth and serious complications with the arrival of her first child. “I was recovering when I was told my employer was carrying out a cost-cutting exercise and essentially downsizing,” she says. “I felt I needed to rush back to work early from maternity leave to try to claim a chair, but, essentially, the music stopped and I had nowhere to sit.” Losing her job in this way was a shock for McCarthy. “My whole world was completely rocked,” she says. “I had gone back to work before I had physically or emotionally recovered. I already felt vulnerable and then I was told my job was at risk of being made redundant. “At the time, I felt really let down by my employer and that’s when I started to think, ‘I need to be my own boss and never again depend on an employer’. The experience also opened McCarthy’s eyes to the very human cost of high-pressure work environments built solely to service the bottom line. “It gave me a lot of empathy for other people and their circumstances. I went from being really focused on performance, productivity, output and just working really, really hard, to questioning everything and asking myself, ‘am I going too fast here?’ “I was a first-time parent and really unwell for the first time in my life. I had to stop and think, ‘There’s more to life than work; your health and the health of your family is so much more important’.” McCarthy subsequently decided to complete a diploma course in resilience coaching and left London in 2021 to return to Dublin with her husband and young family. She established Resilire six months ago, specialising in talent and performance management strategy alongside executive coaching. “My focus is on supporting scaling businesses to reach their potential by helping them with people and culture goals,” McCarthy says. “This is especially important to me because Ireland is just such an entrepreneurial, relationship-focused country.  “When I came back home, I started building a network of wonderful, supportive entrepreneurial people almost straight away.  “These entrepreneurs and others like them build amazing businesses, but when these businesses reach a certain size, they are going to need to define their own identity from a people perspective, and that’s where I come in.” Culture is key to resilience in any organisation, McCarthy says, and embedding a culture of   psychological safety and trust is paramount in a growing company. “Blame culture really doesn’t support business performance,” she says. “The focus should always be the end goal. As long as you’re focused on that bigger goal, you can absorb and withstand the little mistakes that happen along the way, the things that go wrong and the unexpected events and setbacks. “Ultimately, people need to know that they can be open and honest; that it is safe to raise issues; and that the people around them have their back. “Embedding a ‘test and learn’ environment that encourages people to fail fast with no repercussions actually encourages innovation and boosts performance.” In tandem, it is important for employers to understand that their people are multi-faceted humans with full lives outside work, who are often contending with a whole plethora of competing and shifting demands. “People are not bots; they’re not widgets. They don’t just show up to work to perform a task. Typically, people have a lot more going on in their lives than work, and their resilience can be depleted over time by a whole range of factors, be they family-, health- or money-related. “That is why, I think rightly, we are seeing the people management focus shift towards wellbeing as a holistic concept. “At the end of the day, people want to be seen and supported at work; to feel that they can share their challenges in a safe environment; and to be recognised for their contribution and all the ‘small wins’ along the way. “This is what performance management is really about, I think, and helping companies build a culture that genuinely supports it is my core focus with Resilire.”  

Seamus Parle is leading the way at Rotary Ireland in his role as District Governor of the international organisation on Irish soil, writes Barry McCall. The move to semi-retirement in 2023 allowed Wicklow-based Seamus Parle to devote more time to his voluntary work with Rotary Ireland, ultimately taking on the role of District Governor of the all-island organisation in July 2024. For Parle, the role marks an important milestone in his professional endeavours, allowing him to apply skills learned over the course of a successful career for the betterment of society. “Rotary is dedicated to serving communities both here and abroad, and through its voluntary work, provides an excellent platform for people to develop socially and professionally,” he explains. “Rotary members are people with a social conscience who want to put their skills and expertise into the service of the community. “Whether it’s supporting a health or education project here in Ireland, providing housing for families in Ukraine or funding a water pump project in rural Kenya, Rotary has no shortage of projects for people to become involved in.” Professional career Parle’s professional career began in 1975 with Bank of Ireland. “There weren’t many jobs around at the time. When I left the bank four years later, people said I needed my head examined. But I was studying accountancy at the time, and it was difficult to get to classes in Dublin from Baltinglass, Co. Wicklow, where I was working,” he says. From Bank of Ireland, Parle moved to engineering company TMG Group as an Assistant Accountant. “It was in Wexford and even further away from my classes,” he recalls, “But I got practical hands-on experience of doing accounts and I then moved to Waterford Iron Foundry.” His next move saw him take up a role with Ballyfree Farms in Wicklow. “I qualified as a Management Accountant (CIMA) while I was there. The company was taken over a number of times, most recently by Kerry Group. If I wanted to progress my career, I had to be prepared to move to Tralee or even further afield. Our first child was on the way and that wasn’t for me.” This led to Parle’s move into practice. “I went to work for my friend Cathal Cooney at his practice. The plan was to stay for a year while looking for another role in industry. I was still there 33 years later—I never escaped,” he jokes. “After industry, I found the diversity of practice work very enjoyable. You are involved in totally different assignments from one day to the next. In industry, it’s pretty much the same every day. “After a few years, I realised I wouldn’t be able to sign audit reports as a Management Accountant, so I did the CPA exams to become a Certified Public Accountant. In 2023, we merged with a larger firm which allowed me to retire from the practice.” Parle’s involvement with Rotary dates back to his taking over from Cathal Cooney as Managing Partner of Cooney Parle & Co. Accountants (now GBW Cooney Parle & Co. Accountants) in 2012. “Cathal had always looked after business development while I stayed in the office. I had to step into his role and decided to do some networking, so I joined Rotary,” he explains. Parle became Wicklow Club President in 2014 and Assistant Governor with responsibility for eight clubs in 2016. “I became District Treasurer with responsibility for finance for Ireland in 2018 and, on 1 July 2024, became District Governor for the Rotary organisation on the island of Ireland for a one-year term.” Rotary history and development Rotary Ireland has 1,450 members while the international organisation has 1.2 million members at 35,000 clubs in over 200 countries worldwide. “Rotary was founded in 1905 as a business networking group by four people in Chicago,” Parle explains. “They decided that if each of them recommended each other to their contacts, all the businesses would grow as a result. If you want to recommend someone, you need to know that they will do a good job, so you need to know them quite well. “They met weekly in each other’s offices on a rotational basis, hence the name. The businesses prospered and after a few years, they decided to give back a proportion of those gains to the community.” The first beneficiary was the community in a town outside Chicago. The nearest doctor’s horse had died, depriving the town of access to the doctor. The Chicago Rotary Club solved the problem by buying a new horse for the doctor. The second project was the construction of a new public convenience in the city of Chicago. “Such facilities were quite novel at the time,” Parle says. The Irish connection goes back a long way. “The first Rotary Club outside North America was in Dublin. The ‘Dublin Number 1’ club was founded in 1911 and is still meeting today. That’s the origin story.” Rotary was founded for business and social networking and to provide an opportunity for people to perform community service and for their own self development in areas like project management, teamwork and leadership, Parle explains. “Involvement teaches members about work and life and gives them a different perspective on things. Members also have access to all 35,000 clubs around the world. I was in Brazil recently and had the privilege of visiting the Rotary Club of Copacabana.” Rotary club members are drawn from all walks of life, and each brings something to the table. Accountants can be particularly valuable, Parle points out. “Every club needs a Treasurer. In Rotary, you are dealing with other people’s money, whether that’s the members’ money or money raised through charity fundraising. Accountants have high ethical standards, are skilled at making the most effective use of scarce resources and are seen as a safe pair of hands.” Irish Rotary Club projects Irish Rotary Clubs have been involved in a range of projects in recent years. These include the annual Trees of Remembrance, a Christmas initiative hosted in many shopping centres around the country. “Just over half the clubs in Ireland are involved in that. People can write a note to remember a loved one who has passed on or is ill and can make a donation which usually goes to an end-of-life charity,” Parle explains. Another initiative has seen Rotary Clubs tackle waste at the same time as providing bicycles to schoolchildren in Africa. “A number of years ago, we got €250,000 from the Government’s anti-dumping initiative. We used that to put containers in recycling centres to allow people to dump unwanted bikes,” Parle says. “We bring them to Loughan House and Shelton Abbey open prisons for refurbishment where the prisoners acquire skills in bike maintenance. The bicycles are shipped to Gambia where students might live a two- or three-hour walk from their school. Having a bicycle leads to better educational outcomes for them.” Other projects involve road safety advisory sessions for transition year students in Ireland and the provision of microcredits to people starting businesses in the developing world. Parle also mentions a former winner of Rotary’s Youth Leadership Development Competition—Rotary honorary life member, former Taoiseach and current Tánaiste Simon Harris. “Simon learned a lot through his involvement in Rotary and it shows the benefits of becoming involved at a young age regardless of whichever party you support or are a member of,” he says. New members are always welcome. “New members from different backgrounds, with different perspectives, all are welcome, and we would really like to see more young people, particularly women, joining,” Parle says. “In Ireland, we have clubs throughout the country. People interested in joining can contact their Rotary Club through Rotary.ie. We have people waiting to respond to membership enquiries. They are all volunteers, we have no paid staff, no offices and no admin costs as such. “Through Rotary, I’ve learned so much and met so many wonderful people from all over the island of Ireland and beyond. Quite simply, joining Rotary was the best decision I made this century.”

Cormac Lucey examines recent election turmoil in Romania, questioning the fragility of democratic processes and need for greater scrutiny in safeguarding electoral integrity We pride ourselves that our modern societies are democracies, but what if this is a comforting illusion? What if the foundations of our democracies are considerably more fragile than we imagine? Some recent developments suggest that caution is warranted. Last November, Romania held its first round of presidential elections. As nobody secured an overall majority, the second run-off round was due to be held on 8 December.  On 6 December, however, the Romanian Constitutional Court annulled the election, alleging Russian interference in the first-round outcome, which had been won by Calin Georgescu, a “Romanian far-right politician, agronomist and prominent conspiracy theorist, who worked in the field of sustainable development”, according to Wikipedia. Four days earlier, on 2 December, the Court had confirmed the first round results despite vote-rigging allegations.  It appears that intelligence agency reports alleging that TikTok had been used to spread political disinformation caused the Romanian Constitutional Court to change its mind. The election is now scheduled to be re-run in May, six months after the original, aborted election.  There are at least four concerns I have with this chain of events.  First, elections have always been battlegrounds of contention. One should not be able to cancel a democratic election without hard evidence of sustained manipulation. Is the assertion that untruths were told on TikTok now sufficient to overturn the election results of a democracy?  Second, the intelligence types asserting that social media fatally undermined the recent Romanian election are the same sort of people who claimed, in the run-up to the 2020 US election, that the disclosure of Hunter Biden’s emails had “all the classic earmarks of a Russian information operation”. We now know that those emails (suggesting criminal behaviour by members of the Biden family) were true.  Those intelligence operatives who untruthfully dismissed the emails in 2020 were granted a pre-emptive Presidential Pardon by Joe Biden as he departed the White House.  Third, if democracy is as important as we are regularly told it is, why is Romania delaying the re-run of its cancelled November 2024 election until May 2025?  Fourth, while the mass media in Britain and Ireland cover in astonishing detail every twist and turn in American politics, there has been almost total silence regarding the cancellation of the results of a modern European democracy on pretty flimsy grounds.  It brings to mind the warning issued by Alexander Solzhenitsyn—the Russian dissident, Nobel laureate in literature and author of “The First Circle” and “The Gulag Archipelago”—shortly after he first arrived in the Western world in 1978 having been let out of the Soviet Union. Solzhenitsyn said: “The Western world has lost its civic courage…Such a decline in courage is particularly noticeable among the ruling and intellectual elite, causing an impression of a loss of courage by the entire society.” The UK’s 2016 vote to exit the European Union and last year’s vote for Trump to reprise his role as US President were as much votes of no confidence in those countries’ ruling political establishments, as they were votes in favour of the outcome.   There is a danger, in an ever more atomised world, that we—part of the ruling and intellectual elite—take democracy for granted, assume that everyone else is doing their job properly and fail to do our bit to sustain the system.  As Chartered Accountants, we are highly trained guardians and interpreters of fact at a time when the facts are increasingly in dispute. Maybe it’s time for us to speak a little louder in public debate.  Cormac Lucey is an economic commentator and lecturer at Chartered Accountants Ireland *Disclaimer: The views expressed in this column published in the February/March 2025 issue of Accountancy Ireland are the author’s own. The views of contributors to Accountancy Ireland may differ from official Institute policies and do not reflect the views of Chartered Accountants Ireland, its Council, its committees or the editor. 

In early 2025, before Donald Trump had even stepped foot inside the White House to begin his second time as US President, corporate America rushed to back out of diversity, equity and inclusion (DEI) promises made to consumers in 2016. Three members give us their take on the potential impact on DEI policies in the wider working world. John McNamara Executive Director and CFO, AIB life There has never been a more exciting time to be interested in diversity, equity and inclusion (DEI). “Too woke! Too preachy! More masculine energy! Shut it down!” Regardless of the invective linked to its unexpected politicisation, what seemed to be an unquestioned progression in DEI awareness and acceptance has now been seriously disrupted. How we react will determine its evolution, and indeed existence, in the years ahead. “Never waste a crisis” is the truism, and this period of transition offers businesses the opportunity to double down, tread water or cease their DEI activities. At its core, DEI aims to tackle important issues, such as workplace gender equality and discrimination based on sexuality and racial biases, while also raising awareness of age, ability and access in a safe environment. Within organisations, this effort is supported by a culture that is visibly led from the top and engages those affected, along with their allies. Diverse teams produce better products resulting in higher profits, the latter being ironic in the context of much of the current US narrative. What DEI isn’t is tokenism. It isn’t about marking certain days of the year, while ignoring what they represent the rest of the time—participating in a Pride parade annually, for example, without putting in place supportive policies for LGBT+ people. The responsibility for DEI often gets passed to HR, where it withers away, remaining separate from the rest of the organisation. Lanyards and name badges are produced only to be tossed in (virtual) drawers, often in the absence of management leading by example. So, if all of that ceases now, then frankly, no loss. However, those businesses that stay the course have a valuable opportunity to reflect on how DEI sits within—and is communicated across—their organisation. In the short term, check in with your team to find out how they are feeling about current events, and to understand if they feel unsettled. Even small gestures build trust and inclusion. Less emphasis on targets, quotas, enforcement or policies may also be welcome—and more on ensuring that workplaces better represent the full diversity of the communities they employ, engage with and serve. The pendulum will swing again. Those businesses that re-commit to DEI now when challenged will arguably be more invested than ever before—and that’s a good thing. Sandra Quinn, Founder and CEO Quinn & Associates, Executive Search Partners For over 15 years as a recruiter and the previous 10 as a Chartered Accountant, I have seen how work shapes careers, identities and aspirations. Where we spend our nine-to-five matters. It influences our sense of purpose, opportunity and belonging. I have always been guided by two principles: A lesson from my father: “Love is an understanding of one another”; and A simple truth I share with my children: “If we were all the same, the world would be very boring.” These ideas highlight the value of difference, not just in theory but in the strengths diverse perspectives bring to the workplace. DEI initiatives have played a key role in fostering more inclusive environments. They have broadened access to opportunity, challenged outdated biases and helped organisations recognise talent in all its forms. Neurodiverse individuals, for example, bring fresh thinking and problem-solving skills yet, too often, face barriers unrelated to ability. Similarly, many disabled professionals are not limited by their own capabilities but by workplaces that fail to accommodate them. The real challenge is not whether people can contribute but whether workplaces create the conditions for them to do so. As some organisations scale back DEI efforts, an important question arises: what comes next? True inclusivity should not depend on a policy. It should be embedded in how we lead, hire and collaborate. Fairness, respect and opportunity must be more than corporate buzzwords. They should define workplace culture. Sustaining progress requires more than policies. It demands emotional intelligence, empathy and a willingness to challenge bias. The success of DEI will not be measured by whether programmes persist, but by whether their impact endures. Understanding and celebrating difference is not just the right thing to do; it is what makes workplaces stronger, teams more innovative and organisations more successful. Mark Fenton, CEO & Founder, MASF Consulting Ltd For years, diversity, equity and inclusion (DEI) practice has shaped workplaces globally and enhanced performance by embracing diverse contributions and driving innovative decision-making. Recently, however, we have seen some high-profile corporations and educational institutions begin to dismantle their DEI initiatives. DEI is seen by some as non-essential, with initiatives viewed as a zero-sum game or unhelpful political correctness. So, are DEI programmes still important? The answer is yes. DEI programs are not just about fairness; they drive business success. Research consistently shows that diverse teams are more innovative, perform better financially and make better decisions. Inclusive workplaces lead to higher employee engagement, retention and job satisfaction. While Meta, Google and Amazon’s about-face on DEI has grabbed the headlines, there are many more organisations (Apple, Coca-Cola and Citigroup, for example) that have come out in favour of DEI and reaffirmed their strategic intent. Indeed, at the recent Davos summit, the CEOs of both JP Morgan Chase and Cisco delivered strongly supportive statements on the impact of DEI. Nonetheless, the DEI ‘industry’ is partly to blame for the current backlash in that some of the language it uses is viewed (ironically) as exclusionary, and some initiatives as favouring certain groups over others. This can hamstring diverse viewpoints, prioritising identity factors over merit and muddying the link between diverse perspectives and innovation and performance. Leaders need to: Engage the audience: Simplify the message of what DEI means for each individual and release the constraint of ‘mandatory training’. Refine, not reduce: Review language used and mitigate negative perceptions of DEI supporting unfair quotas and/or unwanted activism—do not, however, reduce efforts and continue to maintain progressive company values. Link to business: Ensure measurable outcomes and better integration into corporate strategies. Our world is evolving and the need for inclusive and equitable workplaces remains. Organisations that stay committed to DEI will not only gain a competitive edge in an increasingly diverse and dynamic marketplace but will also benefit society as a whole.

At a time of unceasing change and disruption, internal auditors are under more pressure than ever before to get ahead of potential risks. Colm Laird outlines some of their most pressing priorities for 2025 Internal auditors must remain agile and responsive to change as their organisations contend with fast-evolving challenges.  Having endured unprecedent levels of uncertainty and disruption in recent years, many organisations continue to face threats and challenges posed by prevailing economic and geopolitical conditions, changing stakeholder outlooks, stringent regulatory requirements and heightened digitisation.  Outlined here are some of the key thematic areas and related risks internal auditors should consider in 2025 when assessing their organisation’s risk profile and control environment. Economic and geopolitical uncertainty Despite years of economic and geopolitical instability, global economic growth remained resilient in 2024, with further recovery expected this year. The geopolitical landscape remains unstable, however, with escalating conflicts, trade tensions and political transitions all posing potential risk.  Inflation is falling, leading to lower interest rates in the European Union, Britain and the US, as evidenced by the three rate cuts introduced by the European Central Bank in 2024.  Despite this trend, some sectors remain cautious due to ongoing uncertainties and potential supply chain disruptions.  Organisations should prioritise implementing long-term strategies to navigate these challenges and manage associated risks.  Internal auditors should assess how the first and second lines of defence can effectively mitigate increased risks and impacts, focusing on long-term strategies, third-party supplier vulnerabilities and capital planning and management procedures.  Operational resilience Mounting global interdependency, technology-led transformation and recent service outages all point to increased potential for organisational disruption.  Alongside economic, geopolitical and environmental instability, this trend highlights the need for organisations to: Manage operational risk. Plan for contingencies.  Maintain up-to-date business continuity, disaster recovery and cyber response plans.  Having taken effect in January 2025, the EU’s Digital Operational Resilience Act (DORA) applies to financial entities and their third-party information and communication technology (ICT) providers.  Published by the EU Commission, DORA creates a comprehensive framework designed to help financial firms endure ICT-related disruptions and remain operational.  To support this, internal auditors should assess the effectiveness of operational resilience and crisis management protocols, ensuring key threats are addressed and response plans are adequate.  They should also review business continuity measures to ensure emerging risks are considered.  Third-party relations and supply chain Supply chain risks have been heightened by the fragmented geopolitical landscape dominated by ongoing conflicts in Ukraine and the Middle East, protectionism, policy interventions and shifting consumer expectations.  These factors influence organisations’ supply chain strategies and investments, increasing complexity and cost. Here, the robust risk management of outsourced relationships and supplier diversification is critical.  Organisations must also enhance transparency, ethics and environmental, social and governance (ESG) implications in their supply chains, carrying out risk assessments and due diligence of third parties.  Additionally, automation of supply chains using artificial intelligence (AI), blockchain and machine learning is increasing.  Internal audit must, therefore, assess the maturity and resilience of supply chains and advise on the suitability of the supply chain operating model, ensuring all risks associated with current macroeconomic and geopolitical conditions are considered.  Talent management and retention The recruitment and retention of skilled personnel remains a significant hurdle for many employers who continue to face challenges sourcing talent in a candidate-led recruitment market.  Exacerbating factors include the availability and affordability of housing, salary expectations and flexible working demands.  Many organisations are reverting to pre-pandemic working arrangements, with current trends suggesting we will see more of this in 2025.  Employees are increasingly seeking out more meaning, purpose, fulfilment and flexibility in their work. Those organisations that fail to adapt their value proposition to this shift may struggle to attract and retain the people they need.  Here, internal auditors should appraise their organisation’s workforce planning, talent acquisition and retention strategies, with the aim of understanding and mitigating the impact of staff shortages and turnover.  Management oversight should also be assessed alongside initiatives aimed at enhancing the value proposition for employees with a particular emphasis on soliciting employee input and feedback.  Environmental, social and governance  Beyond mere compliance, many organisations view ESG as a means to enhance value, attract talent, strengthen employee engagement and drive financial performance.  The EU’s Corporate Sustainability Reporting Directive (CSRD) mandates in-scope organisations to be transparent and accountable regarding ESG matters.  In 2025, those companies first in-scope for CSRD will be required to disclose detailed ESG information for 2024, and more organisations are set to fall within scope of the Directive in the years ahead.  Increased non-financial reporting requirements, combined with stakeholder expectations, compel organisations to integrate ESG into their core strategies. They must consider both their own “inside-out” impact on people and the environment and the ESG-related risk and opportunities they face from an “outside-in” perspective.  For their part, internal auditors should review their organisation’s CSRD reporting readiness assessments to ensure that the appropriate processes are in place to support the introduction of ESG metrics.  ESG risks and strategies should be aligned with initiatives such as the United Nations’ Sustainable Development Goals and the European Green Deal.  Fraud and financial crime The prevalence and potency of fraud and financial crime is escalating globally. Sophisticated techniques have intensified the velocity, veracity and volume of fraudulent activity, heightening risks as traditional defences struggle to keep pace.  Advances in technology have given criminals greater scope to exploit organisational vulnerabilities, highlighting the need for robust, adaptive approaches to combat evolving threats.  Fraud and financial crime transcend borders, complicating investigations and prosecutions. Increased global connectivity exacerbates these threats, as instability in one region can impact global markets.  In response to these developments, internal audit should assess the strategies, tools and technologies deployed in their organisation to ensure that risks associated with fraud and financial crime are managed, while also providing advice on governance and control matters. Cyber security As we look to the year ahead, cyber security will continue to be a key focus for organisations.  Cyber-attacks and data breaches rose in 2024, with increasing velocity, volume and sophistication, exacerbating threats to business continuity and heightening the risk of both reputational damage and financial loss.  The ongoing digitisation of business models and processes, and increasingly sophisticated technology available to cyber criminals, necessitates the introduction of robust cyber security measures so that organisations can maintain operations, safeguard stakeholder trust and mitigate future attacks.  Organisations must embed cyber security in core processes and raise workforce awareness to reduce the impacts of inevitable cyber-attacks.  Internal auditors should assess existing controls to mitigate cyber security risks and provide assurance on governance and oversight structures across the three lines of defence. Data privacy and governance In a technology-enabled environment, organisations must prioritise data privacy and protection.  The EU’s General Data Protection Regulation (GDPR) enforces strict regulations protecting personal data, granting individuals control over their information.  Organisations must review their data privacy frameworks to ensure GDPR compliance. Non-compliance amplifies legal and financial risks and exposes organisations to reputational damage.  Global interconnectedness magnifies the importance of complying with international data transfer rules.  The Data Protection Commission Annual Report 2023 highlighted issues regarding the unauthorised access and disclosure of personal data, often due to employees’ lack of understanding of their responsibilities.  Internal auditors should assess their organisation’s data privacy and protection framework, ensuring compliance with regulatory requirements in data collection, retention, disclosure and transfer, as well as ensuring sufficient staff awareness and appropriate training. Reviews should identify third-party processors and monitor their access to organisational data. Digital disruption and emerging technology The emergence of AI has garnered many headlines and much excitement among those convinced of its potentially transformative effects on life and business. In tandem with this potential, however, comes a raft of new AI-enabled risks and concerns regarding appropriate usage.  In response, the European Parliament has approved the EU AI Act, effective from 1 August 2024, with the aim of ensuring a balanced approach to AI adoption and safeguarding against risk.  The Act establishes tiered regulatory requirements for AI applications based on risk levels, with prohibitions on certain AI systems coming into effect in February 2025 and the majority of provisions applying from August 2026.  Here, organisations are advised to adopt an integrated approach across legal, compliance, IT and product delivery functions to navigate AI’s complex regulatory environment while also addressing emerging technology risks.  Internal auditors can advise on governance and control matters, engaging with management to enhance AI governance frameworks and internal controls.  Regulatory-driven risk Organisations face an unprecedented level of regulation in 2025. Regulatory environments continue to evolve, requiring compliance in areas such as ICT, AI, ESG, anti-money laundering and data privacy and security.  This regulatory burden challenges organisations to ensure compliance while remaining agile and adaptable to new obligations. Internal auditors must understand the regulatory landscape so that they may thoroughly assess governance structures and controls for compliance.  Management oversight and control structures should also be evaluated to determine the organisation’s preparedness for future compliance requirements.  Internal auditors should also remember that the Institute of Internal Auditors 2024 Global Internal Audit Standards, the main component of the International Professional Practices Framework, are effective since 9 January 2025. Colm Laird is a Director with KPMG Ireland, specialising in risk, governance and internal audit