Enterprise Apps Unpacked
View All Series Articles
Podcast

Deloitte experts: Internal controls key in ERP cloud migration

In this podcast, Laura Bellinger and David Rains explain why moving the financial components of ERP to the cloud requires establishing controls to ensure accuracy and compliance.

David Essex
By
Published: 16 Dec 2025

The drumbeat of hype about the benefits of moving on-premises ERP to the cloud has been so loud and persistent that it can drown out the technical complexities, change management and other practical realities of such a major move. ERP cloud migration poses substantial risks to business operations that must be considered alongside the expected benefits, starting from the early planning stages and continuing after deployment.

Deloitte, a Big Four accounting firm with a substantial consulting and advisory practice, has been advocating for the use of internal controls to mitigate the risks and maximize the value of migrating to cloud ERP, especially when the focus is the financial management and accounting components of ERP. It recently posted an article explaining how internal controls can help organizations ensure accuracy and compliance after moving their ERP finance functions to the cloud.

In this episode of Enterprise Apps Unpacked, co-authors Laura Bellinger and David Rains explain the steps in developing controls, who is responsible for them, where they fit in enterprise application ecosystems and how AI helps automate the process. They also explain why a cloud-driven financial transformation is an opportunity to improve existing controls.

Bellinger is a partner and Rains is a principal in Deloitte's audit and assurance practice.

In control from the get-go

David Rains, principal, Deloitte audit and assurance practiceDavid Rains

Rains said business leaders should understand that internal controls aren't simply about checking boxes. "They build confidence in the system, they protect information, and they also can help organizations grow safely from a risk management standpoint," he said.

Enterprises should establish controls from the start to drive oversight of the digital transformation program and embed them in the architecture when the new ERP goes live, thereby supporting compliance and operational efficiency.

Laura Bellinger, partner, Deloitte audit and assurance practiceLaura Bellinger

"Most organizations are really still relying on and using outdated or incomplete controls," Bellinger added. "Moving to the cloud really gives organizations the chance to modernize and the chance to improve their control environment."

But why do this specifically for cloud ERP?

"Migrating to cloud ERP is different from on-prem ERP because it introduces a shared responsibility model for internal controls," Rains said. With on-premises ERP, organizations typically manage controls themselves or perhaps with help from a contractor. "In a cloud ERP environment, some controls are handled by the cloud provider, while others remain the responsibility of the organization. The shift makes it really important to clearly define responsibility for operation of the internal controls on day one," he said.

Other topics discussed in the podcast include the following:

  • Whether non-financial operational functions, such as order management and CRM, need internal controls.
  • How much work is involved, and the role of consulting firms like Deloitte.
  • The risks of not having adequate controls.

David Essex is an industry editor who creates in-depth content on enterprise applications, emerging technology and market trends for several Informa TechTarget websites.

Dig Deeper on ERP administration and management