ACCA Archives - AdvanceTrack Outsourcing

The ACCA’s new report delves into the key roles that accounting professionals are now expected to fill, and what that means for your organisation’s future, writes Kevin Reed.

Technological change in the workplace, and our daily lives, is a constant. That the pace of change is seemingly increasing means it’s not so clear what this means for practices, their clients and the roles that accounting professionals will be expected to play.

With this as the backdrop, the ACCA has produced a report – three years in the making – that seeks to make sense of the social, corporate and employment environment.

Future ready: accountancy careers in the 2020s contains five key ‘career zones’ that could provide opportunities for accountants in the future. Some are more relevant to finance functions than practices, but they could all still apply to specific roles with a professional services organisation or otherwise. These are:

The assurance advocate: these roles will focus on trust and integrity in an organisation. This may include risk-focused tasks, or understanding emerging issues that could impact on business performance. Control and stewardship are also under their remit.
The business transformer: From a practice perspective, individuals will need to lead organisational change to cope with growing regulatory demands and evolving client needs.
The data navigator: From a finance perspective, they will focus on expanding the organisation’s use of data – finding tools that will analyse information to provide business critical insight. Accounting practices are beginning to understand the importance of strong data control and analysis, alongside managing its flow between them, their client and statutory bodies such as HM Revenue & Customs.
The digital playmaker: Described by the ACCA as an ‘evangelist’ for technology, we see practices looking to allocate a champion within their firm to help track the latest apps and software. They will also play an important role in its implementation.
The sustainability trailblazer: What does sustainability mean for an organisation? And how do you measure it? Producing broader information about business performance will certainly fall under the remit of a finance function – perhaps a path for practices to provide assurance, auditing and consultancy?

Considerations for the practice team

For those looking ahead at their own career, what does this mean? Transforming and evolving should be active and iterative. You can’t change who you are and what you do overnight. It will need to be in context of your chosen path. Are you a sole practitioner, running a bigger practice, holding an operational role or client-facing?

But the ACCA has picked out ten aspects for you to consider. For those in career mode, being flexible will be key in staying relevant as business models and customer requirements change. Understanding the impact of digitisation on the practice landscape is really a must – and should be integral to your development.

Because of these two factors, job roles will appear that are lesser-known or new, but might help you broaden and develop your CV. “With career paths less certain, thinking laterally about future job roles is critical,” the ACCA states. In essence, continuous learning and showing a hunger to improve “future-proofs capabilities and ensures enduring competence”, it adds. Building an online brand and being aware of the benefits and drawbacks of things you post on social media are also critical. “Online career visibility is vital in the digital age,” states the report.

Making sure that CVs represent your skills will be more important than previous job titles, it believes. “’Competence’ is king,” states the ACCA.

Collaboration, an issue for many silo-centric accounting practices, will be vital. Teamworking, particularly cross-function, service line or discipline, will provide the best service to either internal or external clients.

While the term ‘data scientist’ has been bandied around for many months in the profession, making better use of data and building an ability to better analyse different formats and types of information will be “a cornerstone” of accounting and finance roles.

But don’t forget to look all around you. As the ACCA states, we are moving to a point where several generations will sit in the workforce. For those developing their career they must not be blinded by the future, but take heed of lessons learned by others over the decades. “With different entry and exit points into the profession, the diversity of talents across all ages is enriched,” it states.

Considerations for practice employers

If you employ people within your practice, how do you as an employer respond to the opportunities and challenges ahead?

The ACCA’s first point is probably more focused on corporates, but could still apply to smaller and more collegiate professional services firms as well. Does your practice demonstrate a purpose and contribute positively to society? Practices, in their support of clients, tend to do this by definition – but not many spell it out clearly. “Employers that can frame and articulate their broader purpose successfully are more likely to be attractive to potential employees in the future,” states the report.

Succession planning is an ongoing problem for the practice community. And the ACCA highlights that career paths must be open and visible – this becomes even more crucial if roles are changing: “Do they support building a pipeline of retained talent for the future?”

As in the employee-focused suggestions, the ACCA flags up the responsibility of employers to build collaboration within their organisation. Team-based projects and encouraging people to move out of ‘silos’ is recommended.

As employees must make a big effort to continue their development, so practice owners must support their team in doing so. Digital learning is becoming a popular way to enable such development.

Technology-driven change can create apprehension in many practitioners. It’s not that the tools aren’t helpful, but the pace of change and increasing choice means that workarounds and organic change seem easier and more manageable than revolutionising how a practice is run and structured. Such fear is also heard by team members, who fear that efficiencies and automation will see them out of a job. Taking the opportunity to develop a practice using technology must be grasped, but careful consideration of how to redeploy staff must be considered – along with communicating that change.

Finally, evolving your practice will mean new skills and inevitably new people coming on board. Creating a diverse workforce will have a positive impact. “This isn’t just a moral obligation,” states the ACCA. “Workforces that are more diverse in a range of different aspects, for example gender or ethnicity or culture, are seen to be more innovative, and various studies continue to identify correlations between different diversity measures and improved organisational performance.”

The ACCA report can be found by clicking here.

Panicking about your practice failing to meet the GDPR deadline sounds serious, but if you stop clock-watching and take some simple steps, you’ll keep out of the regulator’s bad books

Last month we spoke to two practitionersabout their efforts to get to grips with GDPR. Now, with the 25 May ‘deadline’ upon us, we cover the accounting experts’ take on how you can achieve compliance.

In this issue, we round up the wealth of material provided by the UK’s two largest accounting Institutes, the ACCA and ICAEW, and speak to Amanda Watts about GDPR from a marketing perspective – dispelling myths about sending those dreaded ‘re-subscribe’ emails.

AdvanceTrack MD Vipul Sheth talks about the work being undertaken to ensure GDPR compliance.

ACCA

Let’s start at the beginning: what are the key aspects of GDPR that will likely impact an accounting practice? The ACCA’s ‘How to Prepare’ two-part documentoutlines common actions that practitioners should be taking, along with a discussion about the most common GDPR concepts. We’ll focus on the first part.

The Institute states that GDPR “is not a departure” from current data protection rules in the UK, but more of an “expansion”.

GDPR is about the management and protection of personal data. It applies to controllers and processors of such data:

a controller is a person who decides how and why personal data is processed.
a processor is a person acting on a controller’s behalf. GDPR introduced new requirements in relation to processors. Processors have to maintain data processing records, document under which lawful basis they process data and inform data controller in case of a breach.

Accountants, suggests the ACCA, are ‘usually’ data controllers. There are several key areas where accountants collate personal data, store it and share it. This will include marketing campaigns; details being left with the firm by prospective clients; engagement letters; setting up standing orders; carrying out anti-money laundering checks; involving a third party to carry out money laundering checks; and submitting tax returns.

The controllers will have to demonstrate internal policies and controls in place and applied consistently. This will include documentary evidence kept and made available to the Information Commissioner’s Office (ICO) and regulators when required.

Action points

While the ICO has created a ‘12 steps to prepare’ overview guidance, the ACCA created a list of what it believes will be most relevant to practitioners.

First, ‘awareness’. Undertake training for yourself and staff – and be prepared to repeat this every two years and document your actions.

Second, plan an internal data audit. This is about reviewing and documenting what information is held, where it’s held, where it came from, how it was obtained and whether it’s up-to-date and correct.

Consent to process the data is required, and must be in a GDPR-compliant format. Consent should be reiterated where documentary evidence doesn’t exist.

Examples of the types of detail that need to be documented to demonstrate your compliance are provided by the ACCA. This includes policies followed to ensure data processing is lawful; policies on how data is stored, used and protected (in a GDPR compliant manner); policies relating to the management of privacy; subjects’ access request response procedures (referring to the new 30-day deadline to respond to someone regarding their data); procedure to detect, investigate and act on data breaches; how to manage data in times of organisation change; vetting third-party data processors; and IT security maintenance procedures.

For privacy communication and GDPR compliance notices, the ACCA suggests accountants consider updating engagement letters and creating personal data consent/opt-in forms. Other issues referred to above, such as subjects’ access rights and data breaches may require you to create draft templates. Also, attain and retain documentary evidence of third-party providers’ efforts to be GDPR compliant.

Lastly, the ACCA says practices must assess and understand their IT security. This will include consideration of passwords, data back-up, secure networks and encryption. Privacy notices will also be required in communication footers such as marketing emails and website landing pages.

The ACCA also has a series of GDPR-focused webinars you can view.

ICAEW

The ICAEW has, like the ACCA, pulled together a fantastic resource of material for the accounting community, including sample wordings for engagement lettersand GDPR checklists. Another of these resources is an FAQ, based on a whopping 94 questions received by the Institute during its ‘GDPR: You Questions Answered’ webinar on 23 January 2018. The answers were provided by the Institute’s Jane Berney and Mark Taylor.

Question:Would all email need to be encrypted when sent from a firm to its clients when it concerns services provided ie. an email asking for some information for a tax return?

Answer from ICAEW (abridged):The GDPR advocates a risk-based approach when considering security and privacy…encryption is not mandated but can be viewed as part of the overall security system…consider encrypting any attachments before sending an email. Many compression tools have encryption features. Similarly files shared using portal like software or on-line file sharing services should also be encrypted before being shared.

Q:We have users who store years’ worth of emails in their inbox. This very likely includes personal information on ex-clients or even potential clients that never became clients. Should we be going through these and deleting?

A:We would recommend deletion as best practice as you should only retain data (in whatever form) for as long as necessary. We would also recommend that you set a policy for the retention of emails.

Q: Should new engagement letters be issued to all (existing and new) clients?

A:Post-25 May 2018 engagement letters should refer to the GDPR as the applicable legislation (and the new DPA 2018 once it comes into force) not the DPA 1998 and explain how you will be complying with them. This could be sent, however, as an addendum to an existing letter once the GDPR and DPA 2018 come into force.

Q:Is the cloud a problem if server not in EU/EEA?

A:Yes – the cloud provider will still need to comply with the GDPR if processing the personal data of EU data subjects.

For more visit ICAEW.com/GDPR

Marketing lists… don’t panic!

A key area of focus, stress and confusion for accountants has been in an area that can be difficult to manage at the best of times: their marketing contact lists.

For Amanda Watts, an accountancy marketing coach, there’s no point panicking about a lack of plan and potential non-compliance. “It’s too late!” she says. What the regulators will want to see is that you’ve at least begun the planning process. But where to start? First, Watts suggests practitioners approach their third-party services providers who will hold or process details of their clients – and ask them for their GDPR and compliance details. These will need to be kept on file.

On the marketing lists, a key concern has been about getting everyone to ‘opt back in’ to receiving your material. However, “that’s not going to work because if someone has signed up to your newsletter already then they’re [likely to be] GDPR compliant anyway”.

Problems will occur where practitioners have acquired or leased data lists. See the main article for some guidance.

As for being fined, Watts believes that e-marketing third party providers will be more concerned about who you’re targeting. In other words, if they receive lots of bounce-back emails from your lists, they may say ‘stop sending rubbish on our platform’. “It’s not about the multi-million pound fines… it’s the platforms that will stop it,” Watts says. “So stop the rubbish going out to the audience. Quality will have to go up, and so business will fly.”