AdvanceTrack’s most recent webinar was one of its most thought-provoking and interesting.

On the topic of ‘value’, three experts joined AdvanceTrack MD Vipul Sheth to discuss what value means in the context of an accounting practice, its people and clients.

Andrew Van De Beek, founder of Australian accountancy firm Illumin8, kicked off proceedings with an intensely personal and heartfelt presentation. This tone supported his message: work with clients you like, and understand the purpose of their business, before you can deliver value.

Clients are usually sold an expectation of what it will be like to work with another party, and are then disappointed with the reality.

“When I started my firm eight years ago, I’d already worked in a smaller firm and a Big Four firm. I hadn’t really enjoyed what I was doing – ticking boxes. That changed when I realised there were businesses behind my work – it changed my thinking,” he explained.

Van De Beek and his firm undertook soul-searching of who they were as personalities, and who they wanted to work with. “It was a transition from ‘pretending to be an accountant’ to ‘here’s Andrew… who is good at accounting’,” he said.

His official ‘work photo’ was him in a suit and tie. “I asked myself ‘why am I putting this shirt on?’ The branding was this picture while I was really [a guy in a t-shirt drinking whisky],” he said.

“In other words, the branding was the guy in the suit, but when clients interacted with us they got something different.

“If we’re pretending to be someone else, act a certain way, do things a certain way… it won’t hit the mark,” Van De Beek added. Accountants often present themselves in a similar way, providing similar services in the same style – “it just won’t hit the mark”.

Karen Reyburn, founder of accountancy marketing agency PF, carried on the thread. She said accountants feared being themselves, but making such a move towards fully representing yourself in your work normally required “small changes over time”.

However, such a move was important in terms of winning and working with clients. “Your brand is not for you, it’s for clients,” she said. “They will ask, ‘is this real? Are these people for real?’.”

When there’s a mismatch “they will hesitate to work for you”, Reyburn added.

The step towards online communication precipitated by the coronavirus pandemic has seen accountants behave more as they are, particularly where they talk to clients from their home environment.

“I hope that those moving through this see one of the big lessons that ‘me and my firm need to be who we are and show it’,” said Reyburn.

Building that authenticity is an aspect of setting out how to understand what value is in terms of clients, said James Ashford.

“Accountants do amazing [technical] things: balance sheets and P&Ls, but I only care
about what’s going on in my life. I want to be able to pick my kids up from school and my wife be safe, along with a storm-proof business. That’s where accountants can have an impact,” said Ashford.

On pricing, Ashford said you should be “consistent and profitable in what you need
to deliver”.

“And compliance isn’t dead,” he added. “It’s our most profitable work [at the accountancy practice where he is a director] because of how we charge it, manage our efficiencies and deliver.”

View the webinar by clicking here.

New European data rules may seem abstract and scary to the accounting world, so Kevin Reed has spoken to two practitioners about the work their firms have been through to get to grips with GDPR

From processors to controllers, through to the right to be forgotten and data portability, the new European rules for data protection under the acronym GDPR seem more akin to a science-fiction plot than compliance.

But it is very real, and very close. From 25 May, the new rules set out to create a world in which personal data is much more rigorously controlled, protected and understood. For accounting practitioners, who handle and process reams of personal information for and on behalf of clients, it may feel more like another layer of red tape that gets in the way of performing their role.

We have spoken to two accountants about the work their practices have undertaken to get to grips with GDPR, and the upshot and ramifications of their efforts.

Donagh Waters is a partner at Dublin-based McInerney Saunders. The six-partner practice provides a range of services to clients beyond accounting audit and tax, including forensic investigation and wealth management.

What approach did your practice take to ‘dealing with’ GDPR?

The first time we became aware of it was last summer. We formed a steering committee of two partners to begin the process. We’ve always been taxed about how we manage data protection – we were conscious that in the past the way to trip up was over client money… now it’s client data. After forming the committee, the next thing was to educate ourselves. We attended lots of events. The tone set at the top is important – which is why we’ve had two partners on it. It would be easy to delegate, but we preferred partners to cascade it down the organisation.

What actions did you deem as required, and how did you then manage the project?

We were trying to understand how it applies to us. For example, in the past we’ve outsourced outside of the firm so were conscious about covering that in our engagement letters. And having that in our engagement letter we had contractual obligations in place with the outsourcer as well… The Irish Data Protection Act makes us conscious of the importance of confidentiality. With nothing in place GDPR would feel like scaling Mount Everest. I put together a ‘personal data map’. This was to look at the flow of personal data into the organisation and out – it was an interesting exercise.

Within our business it’s secure – but we found it’s more about how it comes in – do we have consent to process it? And then when it leaves to an external party such as a specialist tax expert, it’s then a question of how it is accessed. It’s important to close down any weak points around data flow; for example, a client engages you to do their payroll. But the real issue is not ‘corporate’, it’s personal data of employees and your client. So, are their employees aware their data has left their employer? We’re the data processor, not the controller. So there’s a [responsibility] on them as data controller.

What stage are you at?

From 25 May you can’t access our data apart from using an authorised device. No data will be held on the laptops, so when you use it you’re logging in through our secure portal. Data can’t be taken from it unless you had passwords to access the portal. If a laptop is stolen, we’re pretty sure there’s no data on it. Then you need to consider paper files: now our policy is they can’t be left anywhere unsecure – if taken outside the office they must be brought back that day. We’re not at the end of the journey yet.

One of the things to do is around policies and procedures and making sure they’re completely updated. Apart from that, it’s make sure agreements with staff and checklists go to all suppliers, we update contracts of employment and then finally, staff awareness and education – why we do what we do – so they can appreciate why we do it.

Did you consider the project as ‘just compliance’, or have you been able to leverage your efforts to become a better-organised practice?

It has forced us to think carefully about security and data security – it’s been a very interesting exercise. This project has touched on law, data protection and IT, and I wouldn’t hold myself to be an expert on it all! It will be difficult at the start, but [the new way of working] will become the norm. Have you used the experience to advise clients on GDPR?

Have you had requests for advice on the topic?

We feel we’re covered, but we need to [particularly] help [payroll] clients. Some clients have been proactive and sent us checklists asking us to confirm what we do. We’re updating our engagement letters, but I wonder if some clients are not actually reading it. We’ll start reminding clients of their responsibilities under GDPR to get consent.

Nick Millard is senior manager at Accounting4Everything, a small practice based in Paignton, Devon. The practice is led by James Twigger, who won Practitioner of the Year at the British Accountancy Awards 2015.

What approach did your practice take to ‘dealing with’ GDPR?

We downloaded the Information Commissioner’s Office guide to GDPR, and then we accessed the full official regulations. We did this for two reasons – so we’ve got a full copy at hand and to have both full regulations; the UK’s version includes notes and ideas. We went on a training day to provide us some more clarity and information. We got what we needed… and they’re now a client! We have seen some differences on GDPR interpretation [in our studies].

What actions did you deem as required, and how did you then manage the project?

Our first part is completed. We’ve looked at all our software and checked their data policies and privacy policies, against GDPR. Most software companies have GDPR policies in place, or are going through that process. We’re changing some software over because it wasn’t GDPR compliant. For example, we’ve gone with data portal technology that’s UK-based and compliant – it’s all encrypted. We would have done it later down the line and had been looking at it, but GDPR pushed forward the need to do it.

One of the big things has been going through systems, processes and looking at how we hold data and how we contact clients. There are ways of improving what we do using GDPR as the leverage. For example, we don’t want clients to ring us with wage receipts information – it’s difficult to take a record of the call, and it could be anyone ringing up. We’re very aware that it’s easy to hand out and discuss client information over the phone but not very safe to do that. So all [client/employee dialogue] will come through the portal, which will be up and running by the end of April.

What stage are you at?

We have a very detailed three-page data storage policy, which has all our software listed on there; what data we hold on them, the reasons behind the software; their compliance literature (with weblinks to their policy), and then how long we hold the data for. That was the first stage. I’ve also run a half-day training session for all staff.

Did you consider the project as ‘just compliance’, or have you been able to leverage your efforts to become a better-organised practice?

We’ll definitely, 100%, be a better-organised practice because of it. I don’t see it as us being bogged down – there are so many products out there to make yourself efficient. The extra bit of thought and admin [from GDPR] will be offset by providing a better service, and we can help our clients better because we have their information in one place, and know when work’s being done. Our staff can see where we are on a job or client because it’s more structured. The bits ‘in between’ such as handwritten notes and calls that haven’t been tracked – that will now be in our systems and portal. It will be a pain at the start – more work – but once we get past that there’s savings and efficiencies to be made, and a better practice for employees and clients.