BY CHRISTINA REIP The world is changing faster than ever. New technologies and services are popping up constantly and it can feel overwhelming trying to keep employees up to speed on everything. What skills should a company prioritise? What platforms should it adopt? What are an organisation’s moral responsibilities to educate employees, or to keep them employable and employed at all? Virtually all organisations and business functions – including finance and accounting – are asking the same questions. Continuous adaptation There is no way to know what the future will bring, but change is a given. Building a workforce that is inclined to adapt and develop new areas of expertise – not just once, but continuously – is critical. Rather than teach employees a specific technological skill, empower them to learn and adapt, to seek out opportunities to learn the things that are most relevant and interesting to them. Why develop a culture of learning? People want to learn. The PwC Upskilling Hopes and Fears Survey, which published in 2019, found that 77% of adults would learn new skills or completely retrain to improve their future employability. Employers can embrace this self-motivation and encourage their people to learn. Furthermore, with the rise of mass audience training through platforms like Coursera, Master Class and EdX, it is clear that people want to learn and will seek out opportunities to do so. Learning can be an antidote to stress. Though one potential argument against upskilling/reskilling employees could be the burden of the additional work involved in – or stress caused by – learning new things, Harvard Business Review published research results that suggest the opposite: that learning can relieve stress. It’s corporate social responsibility. The Chief Operating Officer at EdX suggests that companies have a moral obligation to educate and reskill employees. Whether or not one agrees on the extent to which a private institution is responsible for such efforts, the benefits of ensuring sustainability and continuity of an organisation’s workforce – such as the reduced cost of hiring or loss of knowledge – are significant. How to build a culture of learning Though a great deal of learning can be pursued by employees individually, wide-scale change requires intentional and strategic organisational support. From programmes on specific technologies to the provision of funding and leave to take classes, companies must create the infrastructure necessary to enable the culture. Though some of these channels may require significant investment, many solutions can be relatively low-cost or even free (such as sharing curated lists of books to read or podcasts to listen to). Harnessing curiosity According to the 2019 PwC Global Annual CEO Survey, leaders believe that their people can reinvent themselves if given a chance. Harnessing that curiosity can enable companies to keep up with or stay ahead of the competition, and even establish the technology curve of the future. Christina Reip is a Senior Manager at PwC Consulting.

Feb 19, 2020

Olivia Buckley outlines how small- and medium-sized business can avoid being taken in by fraudsters. SMEs today are faced with many fraud types from old fashioned cheque fraud to cyber-attacks such as ransomware. Organisations of all sizes are open to attack, but SMEs are often a prime target as their security systems may not be as robust as those of larger organisations. Fraud can significantly damage a business both financially through lost funds, lost revenue, the cost of any legal action and security upgrades, as well as non-financially resulting in a tarnished reputation, loss of trust and low employee morale. Therefore, it is critical to prevent fraud from happening in the first place. Two types of fraud which are particularly common amongst SMEs include invoice fraud and CEO/executive impersonation fraud and they have been known to catch out even the most prepared businesses. Invoice Fraud Using a spoofed email address, the fraudster emails you pretending to be a supplier. The email will mirror an email that you regularly receive from your supplier, including logos and signoffs. The email informs you that they have a new bank account and that all future payments should go to the new account. When you receive the next legitimate invoice from the real supplier you make a payment to the new bank account. Generally, it is only when the reminder to pay the invoice comes in that you realise what has happened. By then the fraudster has their money and it’s too late to recall the payment.  CEO/ Executive impersonation fraud CEO fraud is a scam in which fraudsters hack into the legitimate email of a CEO/senior executive and impersonate them sending an email to another employee in the business who deals with payments. They use malware to hack into the email and will monitor how the CEO/senior executive writes their emails, the tone and common phrases they use, and how they sign off an email. The fraudsters take an opportune moment when they know the CEO is out of the office, such as on annual leave, to send the mail telling the employee to pay money to a supplier and providing the account details to do so. In some instances, in might not be a payment request but a request for personal information such as P30s or customer information.  10 ways to keep your business safe Have a verification process in place before changing saved bank account details of your suppliers or service providers, e.g. verbally verify bank account change requests from suppliers. Ensure employees are fraud aware and understand the controls and procedures in place to prevent fraud. Provide cyber security training for staff which includes awareness around clicking links sent in emails and ensuring systems are password protected. Fraudsters may already have basic information about you or your business in their possession (e.g. name, address, account details). Do not assume the caller is genuine because they have these details. Be wary of payment requests that are unexpected, irregular or require changes to bank account details, whatever the amount involved. Always check your bank statements. If you notice any unusual transactions, report them to your bank. Don’t assume you can trust caller ID. Phone numbers can be spoofed so it looks like a company is calling even if it’s not the real company. Similarly, fraudsters can change an email address to make it look like it comes from somebody you email regularly. Look out for different contact numbers and/or a slight change in the email address. For example, .com instead of .ie top-level domain. Ensure security software is regularly updated and maintained using official and reliable brands. Back-up the system regularly. Always exercise caution when forming new relationships with potential customers. Undertake appropriate due diligence. If in any doubt, do not make a payment unless you have verbally confirmed the payment with your CEO/supplier. Don’t allow yourself to be rushed. Take your time to do the relevant checks. If you fall victim to a scam or have noticed unusual activity on your account, contact your bank immediately. The sooner the bank can investigate potential losses, hold funds in accounts and place recalls on transfers made in error, the better. Fraudsters withdraw funds as soon as it hits their accounts, so time really is of the essence.  You should also report the incident to law enforcement authorities. Olivia Buckley is the lead of the FRAUDSmart campaign at Banking & Payments Federation Ireland.

Feb 14, 2020

The best way to lead with clarity and confidence is to recognise your blind spots. Patrick Gallen explains how. Blind spots, by their very nature, are unknown to almost every leader. We don’t know what we don’t know, which makes reducing blind spots so difficult. How can leaders understand their blind spots, and take corrective action to mitigate against potential unintended consequences? The answer is feedback. By seeking feedback from a variety of people at all levels of your profession, leaders can increase awareness and understanding of their performance. In order to create an environment where people are confident to give their leader feedback, trust must also be prevalent. It can be difficult to ask for feedback and yet, we know that it is essential to give and to receive it. The temptation is to only ask for feedback when we know it is going to be positive, but the feedback we get when we know we have done a good job is unlikely to decrease a blind spot. The Johari window model, developed by psychologists Joseph Luft and Harry Ingham, is often used to explain how leaders can increase their awareness and decrease their blind spots. The model is useful because the four boxes (or windowpanes) show the difference between what is known/unknown to self and others. The only way to decrease blind spots is to ask others to share what they know about the impact of your actions, things you do that others appreciate or don’t, etc. Once feedback is shared, it increases the size of your ‘open arena’ – traits known to yourself and others –  and is no longer in your blind spot. Three quick steps to addressing your blind spots Address your blind spots by acknowledging that you have them. We all do, so let’s not pretend otherwise. Get into the habit of asking for feedback. After every meeting, speech, presentation, or project, ask someone who observed you in action – from a new intern to the CEO – to give you honest feedback. To make it easier for them, you could ask them to name one thing you did well, and one thing that could be even better next time. This gives them permission to give you a positive point and a development point and creates rapport and trust. When someone gives you feedback, do not justify or explain why you did or said things the way you did. Simply thank them for their time and effort. After you have done this for a short period of time, you may start to notice a pattern that could be a blind spot revealing itself. Lead with clarity As the old hymn Amazing Grace goes, “I once was lost, but now am found. T’was blind but now I see”. Clarity of vision is critical for leadership and will help you lead with confidence and grace. Patrick Gallen is Partner of People and Change Consulting in Grant Thornton NI.

Feb 13, 2020

With increasing sophistication in fraud schemes, how can we stay safe? Shane Flanagan shares three essential tips to protect ourselves and our organisations against cyber-crime. In the past 10 years, we have seen increasing levels of sophistication in fraud schemes and a significant rise in the number of cyber-criminal groups and organisations targeting both companies and individuals. Traditional fraud, focused on monetary assets, continues to exist but the exponential growth in the amount of data held by companies, facilitated and created by technology, is now a target for fraudsters. On the dark web, private health data typically sells for 10 times more than other personal data. As our lives and finances move ever more online, so too does fraud.  Trading one fraud for another The introduction of chip and pin on credit cards saw a significant reduction in credit card fraud, but this has subsequently seen fraudsters move online with a rise in online payments fraud. Phishing continues to be one of the most common and effective methods for fraudsters to target victims. Estimates suggest that over 90% of cyberattacks start with a phishing email, tricking users into handing over information. While many phishing emails use generic wording, some fraudsters are using personal information (typically sourced from social media) to add legitimacy to their requests. This tactic is known as “spear fishing”.   Advances in technology have made it easier and cheaper for fraudsters to dupe victims. For example, professional-looking or near replicas of legitimate websites can be pulled together in minutes with little or no technical knowledge and at very little cost to lend credibility to fraud schemes.    Advances in communication tech have created messaging and chat apps that enable fraudsters to collude in more covert ways. Thankfully, advances in discovery technology mean that conversations held using such applications can be easily and effectively analysed using appropriate tools should an investigation prove necessary.   Artificial intelligence: friend or foe? Developments in artificial intelligence (AI) are likely to pave the way for future frauds. When given a variety of audio samples, AI can now clone the sound of a target’s voice, and if overlaid on synthesised video of them speaking, the result can be uncanny. Either in video or audio form, this technology could be used to commit extensive and damaging fraud. Of course, AI can be a source for good. In fact, AI-enabled data analytics can now detect and stop transactions before they are even processed. What can you do to protect yourself? These tips may seem self-evident, but they will help to protect you. Stay fraud aware – Use the many resources available online to ensure you know about the latest fraud scams and how you can avoid them. Think before you share – The information you share online, especially about where you live, work and the specifics about your career, can be dangerous in the wrong hands. Do you really need to share the specifics of your life in an open forum such as social media? If not, don’t. Be sceptical – If a situation seems odd or an offer seems too good to be true, it probably is. Trust your instincts and follow them and make enquiries about the legitimacy of the person or company you are about to engage with to ensure you don’t fall foul of fraudsters. Shane Flanagan is a manager in Deloitte’s forensic practice. 

Feb 13, 2020

The CISO role is relatively new and the competitive advantages it brings are beginning to become apparent, write Nicola O’Connor and Yousef Hazimee. Cybersecurity is an ever-growing concern for all businesses and one that cannot be ignored. In larger organisations, the Chief Information Security Officer (CISO) is typically responsible for overseeing the security control environment and keeping things secure. However, this traditionalist view of the CISO does not consider opportunities for the CISO to create value for the business and turn their position into a leadership role that provides a competitive advantage for the organisation. So how can a CISO successfully evolve their role given their existing commitments? And what must the organisation do to support them in this endeavour? Business and leadership All CISOs must have a thorough understanding of the organisation’s business and product lines, and overall business model. This is imperative as the CISO role typically spans the breadth of the organisation. Without this, the CISO cannot maximise value creation as they will not know what is considered truly valuable from a business perspective. This understanding can be achieved through experiential learning, multi-disciplinary work experience, and the establishment of cross-functional committees. In addition to understanding the business, the CISO must ensure appropriate support from the C-suite and the board. This requires strong leadership and interpersonal skills to ensure that sufficient resources (financial and human capital) can be secured. The breadth of the CISO role, as well as regulatory guidance – most notably in the financial sector – means that cybersecurity is a board-level issue. This provides an excellent opportunity for the CISO to articulate their value through demonstrable delivery against cybersecurity objectives, showing how these align and support the broader organisational strategy, and how they protect the business. The board must also empower the CISO by giving them opportunities to make board presentations and provide updates periodically. The board should challenge them and ensure that they are receiving meaningful cybersecurity metrics that inform their decision-making. These are imperative as quantitative metrics are easily consumable for board members and trends are more readily identifiable. Strategy and risk CISO activities should always align with organisational objectives. A cybersecurity strategy is therefore vital as it not only shifts the CISO role from that of a technical role to a strategic one, but also gives both the CISO and the board assurance that the CISO’s activities align to broader organisational objectives. The added benefit for the CISO is that a defined and approved strategy can help secure resources. Another way to highlight the importance of cybersecurity in an organisational context is by embedding cyber risk as part of the wider IT and enterprise risk frameworks. This allows the CISO to frame cyber risk in a business context and ideally, identify services and dollar losses pertinent to individual cyber threats. Framing cyber risk alongside other enterprise risks (such as regulatory and financial risk, for example) gives a more accurate reflection of the overall risk to the business and can inform decisions about prioritisation and investment. Fundamental to this is a clearly articulated, quantifiable and proactively managed risk appetite, which is necessary to support the decision-making process. Product development Building relationships and gaining knowledge of product lines and services allows for greater involvement of the CISO in product development. This embeds a ‘security by design’ culture, which allows for more seamless and appropriate security controls while exponentially reducing the costs and time to remediate defects as they are discovered earlier in the development cycle. This reduces the time to market and ensures a smoother customer/user experience while allowing for greater functionality on potentially less secure customer endpoints, such as mobile devices. This is particularly important for higher-risk apps, such as mobile banking. Greater CISO involvement earlier in the development lifecycle also allows for better use of emerging technologies in a secure manner. Evolving the CISO role CISO roles have traditionally been inward-facing but this is starting to change, particularly for CISOs in larger organisations. For example, clients now regularly look for evidence of suppliers’ adherence to security frameworks and standards, and these are generally considered a minimum for larger tenders. Other stakeholders such as rating agencies, insurers and pension trustees now seek assurances that appropriate cybersecurity controls are in place. By 2022, Gartner claims that cybersecurity ratings will become as important as credit ratings when assessing the risk of business relationships. From a reputational perspective, the CISO benefits from the fact that cybersecurity affects almost everyone given the pervasiveness of social networks and people’s growing digital footprints. This gives rise to opportunities, through outreach and corporate social responsibility initiatives, to educate communities on how they can better protect themselves and their children online, which is especially important for digital natives who may not understand the scale and impact of their digital footprint. This can, in turn, create digital trust in your brand. The CISO role is relatively new, and the competitive advantages it brings are beginning to become apparent. No longer is it the CISO’s sole responsibility to protect the business; they can also be a real differentiator between organisations as the impact of their role on an organisation’s bottom line becomes more evident. The most significant value creation will be achieved by those organisations that select the right CISO and empower them to deliver. CISO: Creating a competitive edge In a recent survey, security was considered the number one reason for selecting a bank among US participants. Meanwhile, in the UK, 85% of consumers claim that they will change their spending habits with brands that have been the subject of a security breach or hack. When factoring in growing compliance requirements, data growth rates and a global shortage of cybersecurity talent, it is not surprising that most Chief Information Security Officers (CISO) concentrate on their core role of protecting the business. These CISOs, however, risk missing a valuable opportunity to become a real enabler and strategic driver for the business. Through a combination of active stakeholder management, goal alignment and ensuring a thorough understanding of business and product lines, a CISO can create demonstrable value and transform their role from one of pure risk management to one of strategic importance that can make decisions at the highest level of the organisation. As a simple demonstration of how security can provide a competitive advantage, look no further than mobile banking. Security in mobile banking apps is of the utmost importance, but it can be seen to restrict the functionality and service offerings on these apps. Through new technologies and the application of security by design principles, robust and user-friendly controls can be used to safely introduce new, higher-risk functionality such as one-time payments and direct debit/standing order set-ups. This can allow banks to differentiate themselves from their competitors and gain market share.  Nicola O’Connor is Chief Information Security and IT Risk Officer at AIB. Yousef Hazimee is Cyber Security Practice Manager at AIB.

Feb 10, 2020

Building a successful practice can be a daunting prospect, but according to John Kennedy, it boils down to one elementary skill. Have you ever found yourself wondering whether your practice could be more successful? If so, you might be doing all the right work but ignoring the simple steps that could turn your effort into tangible rewards. At a basic level, successful accountancy practice owner-managers create the following: A network of high-quality and loyal clients they enjoy working with; A good income based on reasonable fees that reflect the real value of  the work they deliver; A good standard of living – not just financially, but in terms of doing things they enjoy; and A high-quality retirement as a respected and valued member of the community. All of this sounds attractive but is often far removed from the day-to-day reality of running an office. A more recognisable scenario might be spending your time on things forced upon you at the expense of concentrating on the critical steps. And when you do get around to thinking about how to build your practice, there are many options, issues and conflicting sources of advice. It is therefore unsurprising that many accountants never get to focus on the steps that are more important before the day-to-day issues drag them back. The simple truth is that some practices thrive and enjoy more success than most, while many never fulfil their potential. The latter instead get stuck on the day-to-day issues that overwhelm occasional good intentions to invest time in securing new clients or promoting the practice. In this new series of articles, I will set out the steps you should take to build the practice you want. There will be no theory or abstract ideas, and I won’t advise you to do things you don’t understand or don’t like. It’s simpler than you think Achieving success is not complicated. In truth, the key is knowing how to get past the complexity and focus on mastering a small number of straightforward tasks. When you think about it, the single most crucial step in understanding a new client is the conversation you have with them. It doesn’t matter whether they were referred to you by an existing client, heard about you from a mutual friend, or – less likely – found out about you from a branded pen. Almost every client in every practice decides to take their business there because of a conversation with someone in that practice. The ability to turn an initial conversation into a client relationship is the cornerstone of every successful practice, but this is where many potentially valuable client relationships stop – at the first conversation. Your success in these initial, and often unexpected, discussions will determine whether you get an opportunity to move on to a more substantial conversation. And you then need a series of precise steps that will build trust, deliver value and guarantee a mutually rewarding relationship. The standard approach is to feel that you need to move quickly, to jump to the things you are familiar with – but this leap takes the conversation onto ground that is not yet comfortable for your potential client. So, building a high-quality practice is about having a clear structure that enables you to move confidently from an initial, casual chat to a trusting relationship. And if one person can do that, then so can you. Much of the advice about marketing, networking, promotional gifts, websites and digital strategy won’t work for you simply because it wasn’t designed for you in the first place. Most of the existing advice was created to sell products to customers, but you are doing something very different. Building a successful practice is about building trusting relationships with clients, you need to master the ability to take the individuals you most want to work with through a sequence of specific steps. And, like most things in life, it’s easy when you know how. Getting the right fit What criteria do you use to select your clients? For many years, we have asked this question when accountants seek our help, and we do it to reframe how they think about successfully building their practice. When we probe this question, we are almost always told that the key is to get as many clients as possible. “So,” we ask, “you want anyone? Your criterion for a client is that they should have a pulse?” I believe your standards should be a bit more rigorous and for very practical reasons. To target the whole universe effectively, you will need a vast amount of money to promote your practice – not to mention an infinite amount of time to talk to all those potential clients. In truth, your pool of potential clients is much more restricted than you realise. Successful practices are built on having a clear focus on a specific, and therefore accessible, group of people. These can be people who share your interests, or they can reflect a specific aspect of your expertise, or who you are as a person. The right people for your practice very much depends on who you are. Building a successful practice is not a task exclusively for extroverts or ‘natural sellers’ or gifted networkers; if you are a quiet, reserved thinker who pursues every issue in depth, there are many clients who are looking for precisely those attributes. If you are excited, engaged and enthusiastic about the fast-moving opportunities of the ever-expanding digital world, there are other clients who want to have an accountant just like that. If a hobby or a specific interest obsesses you, that too can be the basis for building a highly successful practice. A thriving, fulfilling practice is one that brings together the type of people with whom you most want to work in a way that creates value both for them and for you. Connect in the right way For many years, we have been fascinated by the ever-increasing ways in which practice owners voluntarily waste their time, effort and money. We have seen expensive (and cheap) branded corporate gifts and a seemingly endless series of “networking opportunities” ranging from breakfast groups to conferences and sponsored events. Equally unproductive is the more recent phenomenon of websites and emails that are “done for you”, which say things that are never going to help you build the strong relationships that are essential for a thriving practice. If you find these enjoyable or fulfilling in their own right, then go ahead – but they aren’t central to building a successful practice. When you cut away the marketing theory, the promotional gimmicks and the pointless pressure of networking, you see a stark reality: every potential new client decides to work with you because you have an effective conversation with them. You get a new client by talking to them; it is that simple. And when you know how to speak to them in the right way, they will want to talk to you again. And by getting good at creating a sequence of steps, you are much more likely to get the clients you want. Focus on trust The key is to understand the structure of talking to someone in the right way. Much of the traditional advice is not the right way; it can leave you feeling uneasy – especially the bit where you are told that you need to “close the sale”. You don’t. You need to build a relationship of trust that evolves from both you and your client becoming increasingly clear on how to achieve more by working together. To talk to a potential client in the right way, you need to understand how to chat easily with them, and this means being wholly at ease yourself. You also need to know how to move the conversation from a general chat to one where they decide to become your client and to ask you to do a specific piece of work for them. When you understand how this works, it’s easy. The effective conversation structure was developed by examining a vast number of informal chats that evolved into mutually rewarding relationships. By following this blueprint, which is outlined in Table 1, you will create a system that works for you, that helps build a practice that makes you feel good each day and that delivers a steady stream of clients with whom you want to work. In this way, your practice will evolve and grow over time and so will your expertise, your reputation and your rewards. The structure of an effective conversation An effective conversation involves knowing how to listen and what to say. Prepare First you prepare a clear summary of the value your potential client most needs and a clear message to make sure they understand precisely why you are the best person to help them. Probe The most common mistake is to rush to try to convince your potential client of your value. The key to success is to become highly skilled at asking high-quality questions so the client convinces themselves that they really need your help. Present It is only when your questions have helped your client get clearer on what they need do that you begin to present your value and set out the way in which you can best help them achieve the success they seek. Propose Then – and only then – have you created the firm foundations needed to propose that you work together.  To download a more detailed overview of The Practice Builder Blueprint, visit  www.insightstrategiesonline.com.   John Kennedy is a strategic advisor. He has worked with leaders and senior management teams in a range of organisations and sectors.

Feb 10, 2020

The General Data Protection Regulation mandates organisations to embed privacy by design into the development of new initiatives involving the use of personal data. Donal Murray discusses the impact of privacy by design from a practical perspective, and explores its benefits. The General Data Protection Regulation (GDPR) has changed European privacy rules significantly. The introduction of the concept of privacy by design (PbD) is one of these changes but many organisations have struggled to understand what it entails. For those that have adopted PbD correctly, the burden of GDPR compliance can greatly decrease while also having the potential to achieve operational as well as commercial gains. What is privacy by design? PbD is a requirement placed on organisations that must comply with the GDPR. The specific requirement is detailed in Article 25 of the regulation. PbD holds that organisations must consider privacy at the initial design stages and throughout the entire development of new products, processes or services that involve processing personal data. This means that privacy is considered at the earliest of stages and reduces the risk of privacy bolted onto a system or product at a later stage. While this may initially seem complex, it is, in fact, easier to implement than applying privacy considerations after a design is fully developed.  What are the origins of privacy by design? Although PbD has become a new legal requirement in Europe under the GDPR, the concept is not new. It originated in Canada in the mid-90s and was developed by Dr Ann Cavoukian, a recognised leading privacy expert who held the position of Information and Privacy Commissioner in Ontario for three terms. In October 2010, regulators at the International Conference of Data Protection Authorities and Privacy Commissioners unanimously passed a resolution recognising PbD as an essential component of fundamental privacy protection. It is touched upon in many well-known frameworks; however, many of them have come under much criticism.   Why should organisations focus on privacy by design? Privacy by design promotes a privacy-conscious culture within an organisation. If done correctly, it embeds privacy thinking into many aspects of an organisation’s operations. Further, as it focuses on early privacy considerations and checks prior to new products, systems and processes being released, it greatly decreases the risk of non-compliance with the GDPR and enables a sustainable GDPR/privacy-compliant environment as an organisation evolves.  From an operational perspective, a strong PbD framework can present efficiencies and reduce costs. Consciously considering and planning for the personal data you want to use, the purpose for which you want to use it and how to do this legitimately greatly reduces the chance of discovering that embedding privacy is technologically challenging, expensive or even impossible at a later stage. Knowing what data you want to use at an early stage and being confident in its usage can make the development process more efficient and makes it easier to be transparent to those data subjects. Transparency is critical when it comes to earning the trust to collect the data in the first place.  Implementing a robust framework can also present commercial advantages. It is seen as an enhancement to a brand and a key element in building trust with an increasingly privacy-conscious public.  Implementation While frameworks exist that cover PbD, many of them are too rigid for real benefits to be realised. The key to implementing PbD is adapting privacy to the business and not forcing a boilerplate framework. PbD is optimally implemented when privacy measures are designed based on the specific ways of working within an organisation. The approach to achieving an efficient PbD implementation consists of three steps:  1. Identify and understand: In order to tailor privacy measures to an organisation’s operations, it is important to have a detailed understanding of your organisation’s design processes – of which there could be many across different functions. Once you identify the relevant design processes, an exercise should be performed to obtain a comprehensive analysis of the steps involved in each process. If the processes are not already formally defined, it is useful to spend time mapping the design steps as this will support later PbD implementation activities. As well as the design steps, it’s also key that you understand what teams and third parties are involved in executing the process, and the tools and formats (e.g. Excel, Word checklists) used in each.  2. Evolve: Once the processes and ways of working are fully understood, specific privacy measures should be designed to fit them. The objective of these measures is to ensure that certain privacy topics are considered and assessed at suitable points in the identified processes. These privacy measures could take many different forms. For example, ethical questions built into a design brainstorming session; user stories built into development; or privacy checklists asking a series of questions on the purpose of processing at the initial design stages. These measures are to be applied to identified steps within your design processes and are designed in line with how the current process works. Tailoring the measures to the current processes allows for seamless integration. Together, these set of measures create the Privacy by Design Toolkit.  3. Establish: Implement the measures into your design processes and train employees involved in those processes to ensure the measures are understood and executed correctly. While these measures typically do not require significant process change, the main challenge is ensuring that each measure is executed consistently at the required standard. Those executing the measures are typically not privacy specialists, so educating and training individuals is a critical factor in achieving a sustainable PbD framework.  Think of ethics, not just compliance There have been many public cases where personal data has been used perfectly in line with the rules, but far outside societal and ethical norms. In a PbD process, measures can be built-in to detect cases like these. For instance, to what extent an idea or initiative may be considered unethical can be found by asking a number of questions:  Can I explain why I’m going to process this personal data and what I intend to do with it? Would my family and friends be comfortable if their personal data was used in this idea? Would I be happy to explain my idea in the daily news? Does my idea match the values of the company? Where the answers to these types of questions point towards an attitude of trying to hide the idea from the public eye or not wanting to be part of the data processing, the idea may be unethical and may need to be redesigned.  Compliance PbD is integral to ensuring compliance with data privacy legislation for numerous reasons. First, because effective PbD involves seeking independent testing of privacy and security controls, it helps to maintain best practices. Second, PbD builds an organisation’s brand by fostering greater consumer confidence and trust (through, for example, better management of post-breach incidents) and, in turn, supports organisations in their quest for a competitive advantage. In a reactive approach, the costs are much greater, such as through class-action lawsuits, the damage to reputation and loss of consumer confidence and trust.  In summary, PbD reduces the likelihood of fines, penalties and the resulting financial and reputational damage, and ensures that a firm stays ahead of the legislative curve, thereby minimising compliance risk.   Donal Murray is a Director in Risk Advisory in Deloitte Ireland, where he leads the Data Privacy Services team.

Feb 10, 2020

Jens Gladikowski explains why finance leaders need to lead more than the finance function. In today’s business environment, the role of finance leaders is more demanding than ever. They are required to run their function at low cost, create incisive insights from a complex pool of data, support risk and control governance, and manage a variety of stakeholders. They also play an increasingly critical role in business transformations – initiatives that aim to change the competitive position of an entire enterprise. By addressing five critical tasks, finance leaders can play an essential part in helping such transformations succeed. 1. Identifying value Perhaps surprisingly, a significant number of transformations do not have a comprehensive case for change that lays out their scope, rationale and benefits. For example, business cases often centre on cost-cutting to improve profit. A more thorough analysis might suggest re-directing savings into strategic areas of investment, which may yield higher returns in years to come. Finance leaders are well-placed to identify and balance competing options for the transformation scope and help set targets. That requires a holistic view of the organisation and an understanding of how value is generated and measured. In the case of one Irish consumer goods company, the CFO led an initiative that comprehensively aligned the organisation’s value drivers with corporate targets. Key performance indicators (KPIs) and performance measures (such as outbound delivery accuracy, for example) were then linked to those drivers. The impact of the company’s transformation can be associated with those KPIs, benefits owners assigned, and success measured. 2. Shaping the organisation of the future The future operating model is formed during a transformation. Here, finance leaders can influence critical decisions in several ways. For example: The overall business model may change with new products, services and markets introduced. Through financial modelling, scenario analysis and risk-based assessments, finance leaders can influence these decisions and help business leaders make the right choices. Operating models define responsibilities and the relationships between organisational units. Finance leaders bring a pan-organisational view and can ‘broker’ the best outcomes from an enterprise-wide perspective. Recently, a global fast-moving consumer goods (FMCG) company assessed the relationship between its manufacturing and sales units. This required an evaluation of the impact of profit margin on transfer pricing and external reporting – the consequences of which were not fully understood outside finance. Technology enablement is at the core of many, if not all, business transformations. Finance leaders often have responsibility for IT budgets and, in conjunction with chief information officers (CIOs), need to shape the technology roadmap. This is best done up-front by assessing current, and agreeing future, capabilities. 3. Keeping stakeholders honest  It can be challenging for executives to establish the exact status of in-flight transformations. Here, finance leaders can use their analytical skills and professional scepticism to provide clarity and challenge. For example, cost-benefit projections should be adjusted as new information becomes available. Frequently, only the cost impact is assessed – and often with delays – and the effect on benefits is not always easy to evaluate. In the case of a large automation programme for an insurance company, benefits were still discovered post-go-live. The processes were deemed too complex to gain the full picture earlier, but a more rigorous financial analysis might have addressed that. There can also be a tendency among benefits owners to be conservative in their commitment to transformation targets. This may be down to a lack of buy-in or to avoid falling short of expectations, especially where they are linked to incentives. Here, finance has a role to play as a critical partner to drive ambitious, yet achievable, benefits targets. 4. Coaxing, connecting and communicating Significant research has been conducted into the future of finance. There is consensus that, generally, roles are changing from traditional scorekeepers to pro-active business advisors and (co-) owners of business decisions. Finance leaders in many organisations are already defining their purpose as influencers, business navigators and drivers of change. They often stay longer in the role and understand their organisations more deeply than other executives. The average tenure of a CFO in a FTSE 100 company is around ten years – twice that of a typical CEO. Finance leaders, with their informed view of the business, can connect different interest groups, communicate key messages and guide an organisation towards expected outcomes. 5. Leading by example A critical factor in successful transformations is aligned and robust leadership. This creates an opportunity for finance leaders to make a positive example of their function, for instance, by: Articulating a vision for finance that is aligned to the transformation objectives. Importantly, leaders must promote and live up to the values associated with that vision. Finance can influence wider cultural and organisational changes. At a national broadcaster, finance pioneered structures and performance measures that were replicated across other functions. Creating early success is essential in any project and realising quick wins is often possible in finance. One could, for example, review how reports produced by finance are used and eliminate those that don’t support decision-making.  Freeing up the best resources for the transformation. In practice, this is often a challenge – not many finance teams can release their ‘go-to’ people. Yet having precisely these people on projects is arguably the most critical driver of success. Finance leaders have an essential role to play in business transformations. Aside from bringing financial understanding and business insights, their primary purpose is to support and lead on the structural, cultural and behavioural changes that are critical to successful business transformations. To do them well, finance leaders must, therefore, lead on a lot more than finance. Technology: Easier than ever? A key challenge in a transformation is selecting the right enabling technologies and implementing them successfully. The technology landscape has changed dramatically during recent years: many businesses deploy cloud applications, automation tools are increasingly used, next-generation enterprise resource planning solutions have entered the market, and more end-user reporting tools are available. These developments can enable more insight from data, drive process standardisation and provide greater focus on business value, rather than IT. Yet in practice, many challenges remain and the promises of more value, more quickly, do not always materialise. Why? Most of the success factors of technology deployment are similar to what they were a decade ago. Enabling technology will not be successful if requirements are not precise and aligned with the transformation objectives, if the underlying data are of poor quality, and if change management is not addressed adequately. Typical examples for the first point are implementations where reporting requirements are simply a re-statement of the ‘as-is’, and consequently, opportunities are missed to create greater insight. Other challenges have emerged for newer technologies. Below are a few lessons from process automation:  The deployment of automation tools should not happen at the expense of process improvements (i.e. don’t automate a bad process); Implementation is relatively easy, and business-led innovation can be managed differently to traditional technology; and Software robots often need user rights to access transactions. Controls must, therefore, be adjusted. Technology choices can be bewildering, and their implications are a challenge for many finance leaders who are expected to understand the options and help govern and deliver transformations. Technology today is neither harder nor easier than it was – but it is different. Finance leaders need to work closely with their IT function and vendors to identify the value of technology and steer the organisation successfully through transformations. Jens Gladikowski is a Director at PwC Consulting.

Feb 10, 2020

Changes to quality control systems and regulation require some getting used to, but let us not forget their primary goal – to help firms complete good quality audits effectively, writes Lisa Campbell. Most accountants know that having a sound quality control system is a good idea, but people often think in terms of the various systems that feed into the quality of products and/or financial statements. A good quality control system is essential in a professional services environment as well. So, in relation to an audit firm, what does a quality control system mean and how does it interact with the regulation of the firm? What is quality control in an audit firm? The purpose of a quality control system in an audit firm is to ensure that the firm has the capacity, capability and resources required to carry out its audit engagements effectively and consistently. ISQC (Ireland) 1 applies to all audit firms in Ireland, from sole practitioners to the largest firms. It sets out requirements for all firms to implement policies and procedures covering all aspects of carrying out a proper and independent audit, from hiring and training to methodology, remuneration, accepting an audit engagement, ethics and the tone at the top of the firm. Firms are responsible for ensuring that the people employed to carry out audits, from the most junior to the most senior, are suitably qualified, trained and are aware of – and complying with – ethical requirements. The leaders in the firm are required to ensure that their communications have enough focus on quality, aiming to ensure a robust culture of performing quality audits and not tolerating anything less than that. The standard also requires firms to implement their own monitoring systems to ensure that the relevant requirements are complied with, and to action failure to do so. Furthermore, firms are required to have documented evidence of the operation of each element of its system of quality control, including whether the firm has competent personnel, time and resources; any threats to independence; and whether the firm complies with the relevant independence and objectivity requirements. How does it interact with regulation? All audit firms in Ireland, and many places across the globe, are subject to what is known as a quality assurance review (sometimes also known as an audit inspection). In Ireland, this may be done by an accountancy body or directly by IAASA. Regardless of which organisation carries out the quality assurance review, the review is split into an assessment of the firm’s quality control system, supported by the analysis of a sample of the audits completed by the firm. The inspector will review policies and procedures and assess if they appear to be appropriate given the size and complexity of the firm. The proof of the pudding, however, is in the eating, so a sample of audits are reviewed to assess whether the policies and procedures have resulted in good quality audits. Where poor quality is identified as part of an inspection or review and hasn’t been caught in advance by the firm, the firm needs to ask itself whether there was an issue with the design or implementation of their quality control systems – or both. Was it a case of an isolated incident of an audit team failing to comply with good policies? Is it a pervasive issue that might indicate a firm culture of ignoring policies? Was it a lack of policy or an unclear policy? Could another policy have been implemented that would either have prevented or detected the problem? Do the policies contain enough incentive and/or sanction to encourage a continuous focus on quality? Future of quality control Most people are aware that the best control processes will prevent an issue arising in the first place (preventative control) rather than catch a problem after the fact (detective control); and that a good quality control system is not something that is designed once and left in place forever. It needs to be part of a continuous cycle of design, implement, assess, tweak the design, implement, assess etc. It evolves in a constant feedback loop, taking inputs from internal reviews, external reviews, experiences of peers, global developments and technology developments. And that is, really, the basis for proposed changes to the international standard on quality control, which will ultimately be adopted in many countries around the globe, including Ireland. The new international standard is expected to be finalised in 2020. The standard has been updated to think in a different way about quality control and to underpin the need for firms to proactively manage quality to prevent issues arising, rather than just react to control quality issues that do arise. The existing standard has a list of policies and procedures that must be developed and implemented by firms, whereas the new standard requires a much more integrated process and a more bespoke system customised by firms to address the risks that may impact on that particular firm’s engagement quality, specific to the nature of that particular firm and its audit clients. This fundamental shift in thinking is even reflected in the name of the standard, which is changing from “international standard on quality control” to “international standard on quality management”. In addition to the components of quality control dealt with in the existing standard, the new standard introduces some other elements, looking at the firm’s risk assessment process as well as information and communication. This shift in thinking may appear subtle on the face of it. However, firms are going to be required to rethink their entire systems of control and ensure that they are mapped to the standard. The US regulator, the Public Company Accounting Oversight Board (PCAOB) announced in December 2019 that it is also considering the standards on quality control in place in the US, which is something that needs to be considered by the many firms in Ireland that carry out work on any part of a US group of companies. PCAOB has stated that it intends to use the international standard as a starting point in developing its standard, which is good news for many firms as it should allow them to comply with both standards easily should they need to. So, what will this change mean for regulation? The changes will require regulators, to the extent that they don’t already do so, to become part of the feedback loop for firms. IAASA’s inspection approach already reflects this, whereby we look at the design of controls and do some sample testing to ensure that the controls are in place. For example, we look at communications issued by the firm’s leadership to ensure that there is enough focus on quality in those communications. This test may look okay, but then, when audits are inspected, we find poor quality. If this happens, we then reconsider the tone at the top testing and consider whether, while the control might be operating as designed, is it effective enough and should we recommend changes to firms to make the control more effective? The future for quality control is, therefore, a more interlinked and integrated approach with firms needing to integrate their internal reviews, external reviews and other feedback into a continuous loop of tweaking their systems – all the while remembering the ultimate aim, which is to get consistently good quality audits completed effectively.   Lisa Campbell FCA is Head of Operations at the Irish Auditing & Accounting Supervisory Authority.

Feb 10, 2020

Garvan Callan explains why digital transformation is both necessary and defining for companies and their leaders. If the Olympic Games handed out medals for buzzwords, ‘digital transformation’ would surely bring home the gold. However, the ubiquitous overuse of the term has also removed all clarity from the concept. It doesn’t matter who is to blame, though software vendors and marketing overlords selling digital transformation as the stairway to heaven do look a little guilty. What is important is that we reclaim digital transformation from its superficial buzzword status and fully understand why and, most importantly, how. Full contact – not a spectator sport One of the first pre-conceptions about digital transformation is that it arrives in the cloud, in a box, through an app or in lines of code. While technology solutions play a part, they don’t deliver digital transformation on their own (far from it) but are critical enablers in conveying a modern strategy and ambition. Nor does digital transformation arrive on a PowerPoint deck from a strategy guru or a social media article. One must imagine it, develop it, and make it happen – for your customers, your market and your context. Digital transformation involves a fundamental rethink of how organisations make use of people, processes and technology to improve performance. It is a complete change in how your organisation develops and delivers value to your customers, colleagues and investors. Organisations that truly want to embark on a digital transformation strategy start and end with the customer, creating a working environment that nurtures creativity, drives growth and delivers new arcs of value. The 360° approach Figure 1 depicts a 360° approach to digital transformation, split across five layers. At the core are the processes, which enable the revenue-creating propositions (features, products and services) that are brought to market through the engagement layer. The workplace is the people, tools and environment harnessed to create those propositions, with underpinning technology making it all possible. Processes are at the epicentre of transformation. This is where what is required to deliver your products and services is hard-coded. Therefore, this is also where the costs lie and risks exist. Taking out unnecessary steps (simplification), automating steps through low-cost, mature technologies such as robotics and then digitising value chains end-to-end is a great place to start the transformation. Does this mean it’s not about the customer? Of course not. Listening to what your customers and colleagues say about where the friction lies should drive the change. The most successful transformations start by reducing unnecessary ‘effort’ anchored in processes, and retiring whole products and services that don’t add, or even destroy, value. This not only improves the customer and employee experience (assuming you hold everyone’s hand through the change curve), but also reduces risk and releases capacity for the innovation of new propositions – constellations of products and services that fulfil customers’ desires, developed from customer insights leveraged from process-transformation analysis, and informed by techniques such as design thinking and the value proposition canvas. Digitising value chains also facilitates the capture of data, the fuel that powers continuous improvement programmes and the application of artificial intelligence (AI). Combining new data with AI can support a step-change in the personalisation of marketing and improve sales-funnel conversion, automate back-office processing, and support channels in becoming faster and more efficient for the customer. Executing process transformation also offers brands a range of points with which they can tell the story of change, of building a better business, of listening to customers and responding to needs – message opportunities often overlooked in the transformation trenches. The workplace and technology Empowering colleagues with the right tools and environment, and enough time to manage the complexities across the transformation layers, is fundamental to the optimum workplace. Harnessing the team’s insights and motivation, and liberating them to make customer-oriented improvements, is the defining prerequisite. Creating the enabling conditions for such a journey requires strong foundations, and here’s where technology fits in – not last on the list by any means. Technologists and leaders who immerse themselves in the process, proposition, engagement and workplace layers can then determine the technology required, and the operating model needed, to deliver successful transformation and a thriving organisation. The customer is the touchstone Knowing that you need to implement a digital transformation on this scale is one thing, but where to begin is quite another. Embarking on such a monumental organisational shift can be extremely challenging for even the most experienced leaders. To find a good starting point, become deeply knowledgeable about what your customers want to achieve when they engage with you, about their ‘jobs to be done’. It is not only the marketeers who should have such insight into the customer experience; everyone involved in digital transformation needs to have a forensic understanding of the customer and how your business does (or does not) facilitate them. Now that you know what you want digital transformation to achieve for your customers, you need to roll up your sleeves and ask: Are large organisational changes necessary? Do our teams require re-skilling and re-orientating? Do hard re-prioritisation decisions need to be made? You will most likely answer ‘yes’, but beware of procrastination; the time to start is now. Mobilise the effort by making the desire for better customer outcomes the focus. The customer guiding you on ‘what to do and why’ must be the unequivocal and undeniable touchstone to motivate, guide and, if required in the transformation haze, reset the mission at hand. Getting digital transformation right Since successful digital transformation is a 360° endeavour that spans the breadth and depth of the business, each organisation’s roadmap will be different. That said, there are some common principles to abide by: 1. Gain consensus from the whole team: whether your project/programme involves building the new or enhancing the existing, it’s imperative to have buy-in from everyone involved, leveraging the customer as the touchstone and data as the tinder. 2. Embrace the unknown with adaptive design: embracing an adaptive design and project management approach allows for tweaks to be made to the transformation strategy as needs arise – and they will arise. Remember, you’re building your transformation strategy around humans (customers, colleagues and investors) and humans don’t act in linear and predictable ways. 3. De-risk: delivering transformation and building a customer-centric organisation involves taking more than a few risks. Communicate the ambition and the stretch outcomes you’re working towards. Then de-risk by managing the change activity in sprints of two to three weeks. This supports decision-making, seeing progress or calling failure early and learning quickly. Leaders should allow teams to ‘learn as they do’ and build an environment of self-sufficient innovation. In the long-term, this is a great de-risker: smaller projects equate to smaller risks. 4. Initiate and react: Amazon’s game-changing ‘one-click economy’ has put just about every other industry into reaction mode, attempting to catch up with customers’ expectations. But that doesn’t mean that your whole transformation strategy should be a reactive response to the wider e-commerce forces at play. Get ahead of the game with pre-emptive or first-strike moves to truly future-proof your organisation. Larger, well-resourced organisations that are good at this often use game theory exercises; for smaller organisations, less elaborate scenario planning activities can be equally effective. Is it that easy? If it were that easy, everyone would have done it. Most organisations are trying and a few are thriving; some are just embarking and starting to grind it out, while only a few have yet to begin. But let’s be honest, it isn’t easy. It takes years. It takes vision. It takes resilience and it takes persistence. But it is necessary, and it is defining. As Albert Einstein said, “In the middle of difficulty lies opportunity”.   Garvan Callan is a strategist, innovator and transformation advisor.

Feb 10, 2020

Employees the world over are encouraged to ‘collaborate’ with zeal, but there’s much more to successful collaboration than technology and open-plan offices. Picasso wasn’t a big fan of collaboration. The Spanish-born artist once said, “Without great solitude, no serious work is possible”. Yet businesses can’t seem to get enough of it; they’ve even torn down the walls and developed software to ensure that people work together. And Picasso wasn’t the only one who railed against the idea of working with others. The co-founder of Apple Inc., Steve Wozniak, was also unequivocal in his advice: “Work alone… not on a committee. Not on a team”. So why did the collaboration craze catch on? And is it all that bad?Skills and culture Collaboration often gets a bad rap because, in many cases, organisations’ efforts to promote and sustain collaboration fall short. Writing in Harvard Business Review, the behavioural scientist Francesca Gino accused leaders of thinking about collaboration too narrowly: as a value to cultivate but not a skill to teach. Her solution is to “teach people to genuinely listen to one another; to approach discussions with empathy, not opinions; to become comfortable with feedback; to lead and follow; to speak with clarity and avoid abstractions; and to have win-win interactions”. That’s a lot for any leader to unpack, but it illustrates one critical point – there’s a good chance that asking your people to collaborate without helping them to build the necessary skills will result in frustration and failure. But rather than blame your people, Francesca encourages leaders who are exasperated by a lack of collaboration to start by asking themselves one simple question: what have you done to encourage it today? According to Maighread Kelly, Director at Collaboration Ireland, collaboration is also a mindset in many ways. Giving thought to prospects for collaboration, be that within your organisation or with third parties, can open up new opportunities and generate a higher level of engagement all round. In her view, there are three critical elements in a fruitful collaboration: It must be a collaboration of the willing – all partners must buy-in fully to the project;The initiator must find the right partner(s), both personally and culturally; and A good process must underpin collaboration. So, it essentially boils down to two key components: skills and fit. If people have the skills necessary to work together, often through uncertainty and disagreement, and the inclination to do so from a culture and values perspective, the chance of success rises significantly.Unexpected challenges However, collaboration also throws up unique challenges that must be managed sensitively. According to Amanda Shantz, MBA Director at Trinity Business School, collaboration is useful for highly complex and strategic tasks such as overhauling an IT system or entering a new market, and such collaborations require diverse and specialised skills – but these very characteristics can also impede collaboration. “Take diversity, for example,” she said. “The challenging tasks that businesses face today require the expertise of people from diverse backgrounds to spark innovation. Research shows, however, that people are less likely to collaborate when others are seen as somehow different from them in terms of age, gender or ethnicity, for instance.” Amanda believes that strong leadership is required to cultivate a culture of collaboration where individuals succeed both because of, and in spite of their diversity. “People need to understand who has the requisite knowledge in, and outside, the business,” she said. “They need to feel that they are operating in a safe place to ask questions and make mistakes, and there needs to be a strong sense of community that’s inspired by an overarching goal.” Interestingly, the lack of an overarching goal is one of the most common reasons for failure in collaboration according to Maighread, who helps guide collaborative projects in the voluntary, community and social enterprise sectors. “It isn’t good enough to collaborate just because you want to work with another person or organisation,” she said. “For a collaboration to be successful, there has to be a good strategic rationale and a strong business case.” If this is in place, other common threats to collaborative efforts – such as a lack of stakeholder buy-in; poor relationships; a lack of trust; and poor processes – then become more manageable because there is a clear roadmap for the future.Collaboration in action Chartered Accountants Ireland discovered the benefit of planning first-hand in 2019 when it undertook a project to update the Institute’s syllabus to account for the impact of technology on the profession, but without overshadowing its core elements – audit, financial reporting, taxation, business leadership and critical thinking. With a limited timeframe for implementation, the Institute couldn’t ‘go it alone’. It instead collaborated with a host of third-parties to revitalise and future-proof the syllabus. “We broke our projects into two parts, developing new elective subjects in collaboration with CIPFA (the Chartered Institute of Public Financial Accountants) and the Institute of Banking before tackling the technology aspect,” said John Munnelly, FAE Paper Development Executive at Chartered Accountants Ireland. “From my research on the technology side, it was clear that trailblazing companies were doing great things, so I contacted Alteryx, Tableau and UiPath – but these companies had never collaborated with an accountancy body before.” To secure buy-in, John approached senior leaders in each organisation to lay out his vision for collaboration. “I knew that I needed senior project sponsors in our partner organisations, who understood the importance – not only for our profession but also, for their industries,” he said. Working with CIPFA and the Institute of Banking was an efficient profess, according to John, and they both delivered fit-for-purpose syllabi for the public sector and financial services electives. However, collaboration with the technology companies was more complicated. “Once the initial scoping exercise was complete, it was important to share our vision for the new syllabus with our partners,” he added. “This was a learning experience for the companies and while we ultimately produced a suite of materials that complemented the ACA qualification, the low point came when we realised that something was missing.” Although the new syllabus taught essential principles in the areas of data preparation, data visualisation and robotic process automation, this teaching needed to be underpinned by practical experience. “This led to an audacious request for training licences for all FAE students,” added John. “And it was a testament to the strength of our relationships that all partners offered training licences for their products for all FAE students. This would have been quite disappointing had it gone differently, but relationships are indeed at the core of collaboration – particularly when issues arise.”Conflict and collaboration Although the Institute’s experience of collaboration was very smooth and cordial, it is not uncommon for teams to experience conflict as part of the collaboration process. Indeed, somewhat ironically, the absence of conflict may be a warning signal, according to Amanda. “In some cases, people who are collaborating become so excited about their ideas and activities that they shut down naysayers – nobody wants to be the skunk at the picnic,” she said. “Alternatively, an overbearing micromanager who always has the ‘right’ answer doesn’t encourage the type of discussion necessary to optimise collaborative efforts. In both cases, it might be a sign that the environment isn’t safe enough for people to speak out.” But all is not lost. According to Amanda, there are many ways for leaders to increase people’s perception that they can – and indeed, are expected to – put all views on the table without fear or favour. “Senior managers need to set the tone from the top that collaboration and conflict go hand-in-hand,” she said. But although senior leadership rhetoric matters, research has shown that the behaviour of mid-level line managers is especially crucial. “In particular, what’s important is how mid-level managers respond to failures, invite conversation and demonstrate humility and curiosity in their interactions with others,” she said. Words of wisdom And that isn’t the only advice Amanda has for those tasked with building a culture of collaboration in their organisation. “Organisations need to invest in building and maintaining social relationships across the organisation,” she said. “This requires a technological infrastructure that makes it easy for people from different parts of the organisation – often located globally, but even across the building – to work effectively as a team. And the use of software to connect people by projects, not by roles, is another way to utilise technology to support collaboration.” Aside from technology, Amanda returns to the critical role of leadership. She urges leaders to ensure that collaborative behaviours among senior executives are visible to employees and to avoid the tendency to make an executive a standalone ‘hero’ in his or her unit. “Senior leaders need to ensure that employees are selected for – and trained in – the skills needed for collaboration, such as productively resolving conflict and active listening,” she added. “They could also sponsor events and networking activities and host innovative and fun opportunities for people to connect.” Mid-level managers have the most critical role to play in championing collaborative efforts, however. “They need to support the strategic goal for collaboration by coaching employees on how to connect with different parts of the business,” Amanda said. “Research shows that managers can increase collaboration by changing their leadership style as the team’s project progresses. In the beginning, the manager should consider focusing on the task at hand and articulating accountabilities, but when conflict emerges, the manager may consider switching to a relationship-oriented leadership style.” So if you’re frustrated by your organisation’s inability to collaborate successfully in a sustained way, remember Francesca Gino’s simple question: what have you done to encourage it today?Maighread Kelly is a Director at Collaboration Ireland. Amanda Shantz is MBA Director at Trinity Business School. John Munnelly is FAE Paper Development Executive at Chartered Accountants Ireland.

Feb 10, 2020

President of NUI Galway, Prof. Ciarán Ó hÓgartaigh, the first Chartered Accountant to be appointed president of an Irish university, reflects on his career in academia as he embarks on his third year at the helm of his alma mater. When people talk about Chartered Accountants’ career progression, they often refer to the ‘linear path’ to the position of Managing Partner or CFO. While Prof. Ciarán Ó hÓgartaigh’s professional path has been similarly structured, albeit in a different sector, his route has been more circular than linear. From his youthful days as a BComm student in NUI Galway to his current post as President of that same university, Ciarán has enjoyed academic success in a range of roles. As an educator, however, his teachings are grounded firmly in the values of fairness and the greater good – values that he was embued with at a young age. A social science When Ciarán joined the BComm class in NUI Galway, he was drawn towards a career in corporate law – an area that was gaining traction as a viable career option. However, he was converted to accountancy by two lecturers – Keith Warnock and Seamus Collins – who taught accountancy as a social science. They looked at the impact of accounting on decision-making in both business and society, and according to Ciarán, “it was a really nice way of looking at accounting; not just as a technical subject, but as something much more interesting than that”. It may be dramatic to describe this as a Damascene conversion, but following his experience at undergraduate level, Ciarán followed a path to accountancy. Having completed the Diploma in Professional Accounting in UCD while training with Arthur Andersen, he went on to qualify as a Chartered Accountant before moving swiftly into academia. His career has taken him to the Victoria University of Wellington in New Zealand and Boston College as a Fulbright Scholar, and he has also taught at Dublin City University and University College Dublin. Indeed, he has enjoyed his greatest success in Ireland, becoming UCD’s Dean of Business in 2011 before joining NUI Galway as President in 2017. Teaching “at the heart of my day” Ciarán’s rise to the role of Dean and, more recently, President of two of the country’s most respected academic institutions did not come at the expense of his love of teaching, however. He continues to teach into one accountancy module per semester, taking a number of classes with first year accountancy students, for example, in 2019/20. As Warnock and Collins did back in the 1980s, Ciarán positions the subject as part of a broader landscape. “In research, accountancy is seen as a social science to a great extent, but it’s also seen – because of the professional requirements – as a technical subject. Trying to marry those two is always an interesting challenge,” he said. While Ciarán teaches for the enjoyment it brings, there are other more strategic reasons for stepping up to the podium every week. “I’d miss it if I didn’t teach,” he said. “But teaching is also a great way to get into the routine of the year and get to know what’s happening on the campus. It’s a great way to meet students, but more importantly, it sets a good example to both students and staff. Teaching is an essential part of the mission of the university, so putting teaching at the heart of my day is important from that perspective.” The leader’s skill set This type of signalling is an important aspect of Ciarán’s skill set as a leader. When he assumed the role of President at NUI Galway, there were several challenging issues in his in-tray, including issues of gender equality.  “Diversity is strength, particularly in a university. It is not a burden, and should be cherished rather than challenged,” he said. Ciarán is very pleased that NUI Galway has since been awarded Athena Swan Bronze status and has been designated as a University of Sanctuary, meaning that it welcomes refugees, asylum seekers and travellers as part of its community – but he is clear that “there’s always work to be done” in this area.  At the time of his appointment, one of Ciarán’s first acts on his first day was to meet with the Students’ Union President and to send an introductory video to all his new colleagues. In this communication, he talked about our “kindnesses to each other”, a phrase he found echoed across the university community during his subsequent ‘listening tour’.This strategy, according to Ciarán, was very deliberate. “I try to deal with issues early on,” he said. “And a lot of my role as President involves signalling, so you turn up at things that you think are important and you push with determination on issues that are important.” An ambitious new strategy  It will therefore come as no surprise that the university’s new strategy, which Ciarán launched last month, centres in large part on respect and openness. It also channels his business acumen and skills as an innovator by ensuring that the university complements the region’s strengths in medical technologies, culture and creativity, and climate and oceans. Speaking at the launch, Ciarán described the university as being for the “public good”, belonging to the people. And given that NUI Galway has no gates, this sense of openness is very much part of the university’s cultural fabric in his view.But running a university with 19,000 students is an expensive business, so this public good comes at a high cost. That said, Ciarán is keen to guide the debate away from price and towards value. And given that Ireland and Croatia are viewed as “systems in danger” by a European University Association report published in 2017, this debate couldn’t be more timely. “First and foremost, we must make the argument that universities are for the public good and good for society. After that, society needs to think about how we fund that ambition,” he said. “If the funding doesn’t match that ambition, then we need to find some way to translate that ambition for the third-level sector with a funding model that supports us in an international context.” Life lessons When you devote your life to something, as Ciarán has done, it often becomes difficult to draw a line between the person and the professional. To counter that, Ciarán relies on a Flann O’Brien tale – one he shares with his students regularly. “In The Third Policeman, a policeman cycles the roads of the west of Ireland so often that he becomes part-policeman, part-bicycle,” he said. “For me, the lesson is simple: don’t become the job. Always maintain your personality and joie de vivre, because that’s important.”It will come as no surprise that Ciarán, who has spent decades educating the leaders of the future – and, more recently, leading the educators themselves – has a wealth of advice for fellow Chartered Accountants, colleagues and students alike. He advocates being yourself as this makes for a more comfortable life; he’s a firm believer in trying new things; and he advises everyone to take the time to think and read. But overall, Ciarán returns to the philosophy of his BComm lecturers, Warnock and Collins: “Accounting has a role to play in shaping society and we should be a profession that supports not only the powerful but those on the periphery as well,” he said. “That would be a very good future for everyone in the context of the changes we see in society today.” Ciarán on... His family “Dad and mam had a real view on making a difference, doing your best. And as the youngest of six, I think that was helpful as I grew up with adults and people older than me.” The threat to third-level education “It isn’t about the universities or the staff; it’s actually about our students, their families, about companies and civic society.” Launching UCD’s MA in aviation finance “The idea here is that you work with your hinterland. Dublin is a global hub for aviation finance so the feeling was, let’s include that group and educate the talent pool for the industry.” The potential impact of Brexit “If we position ourselves as the gateway to Europe – Galway in particular and Ireland in general – we can capitalise on student mobility and research opportunities.” Venturing into the unknown “If you try something you’ve never tried before, one of two things will happen. You will either find that you are good at it, or you will find that you’re not – in which case, the sky doesn’t fall in and you learn something and perhaps emerge even stronger from the experience.” Communication “The people aspect of accountancy is often missing. When you are doing audits, you have to ask questions and talk to people. It can be a very people-oriented existence and people too often think of accountancy as not involving people when generally speaking, it does.” Doing the right thing “I make decisions that I think are right, and that makes it easier to sleep at night. The ones that unsettle you are the ones where others convince you, but you don’t quite think it’s the right thing to do.” Logic and morals “Someday, you will have to make a decision that looks entirely logical. You know you should do it, but it has implications for others that you might not be aware of at the outset. Endeavour to find, and consider, that implication or consequence for an individual or group because not everyone is as well off as ourselves.”

Feb 10, 2020

Chartered Accountants in management positions can lead the way by encouraging their teams to use data visualisation tools. By Richard Day and Alannah Comerford   In this series, we explore the power of visualisation and data analytics and the benefits to Chartered Accountants at any stage in their career. The FAE syllabus has been updated to include some data analytics tools and techniques, and this will bring all newly qualified Chartered Accountants into contact with Tableau, Alteryx and UIPath. In the December issue, we suggested that visualisation tools provide advantages beyond Excel in analysing data. They represent a game-changer in terms of drilling down into information and unlocking the value in a company’s data. Chartered Accountants in management positions can lead the way by identifying opportunities to derive significant benefits and ensuring that their teams experiment with these techniques. Management reporting The area of management reporting often provides a rich vein for visualisation opportunities. Most teams have some element of such reporting, and there is likely to be a traditional management reporting pack. This pack may contain many pages of information and is likely produced many times over for different business units within an organisation. Pages and analyses are rarely removed from such documents and, as such, they have often grown over several years. This reporting pack may, therefore, represent an unwieldy block of information in the standard tabular format with perhaps a sprinkling of graphs. Incorporating data visualisation would present the opportunity to simplify management reporting by presenting complex information on a reduced number of schedules with the ability to include multiple business units in one presentation. It would also allow the user to drill down into individual business units interactively. It may also be helpful to present information that compares results by business unit, by product or by some other relevant category such as location or customer segment. All of these analyses are possible without visualisation, but delivering them all without making the report interactive would result in huge files with many tabs. The report would become almost as unwieldy as the current versions produced. Visualisation is critical if you wish to include a vast amount of analysis in one simple, easy-to-navigate file. It is always useful to review the information provided in such reports, taking account of why the various elements are needed. Considering the introduction of visualisation could complement a determination to bring clarity and a fresh perspective to collating and reporting the data. This would facilitate the selection of the right types of visuals to meet reporting objectives. Improved use of reporting and dashboards of this type should assist in the analysis of trends and patterns in all aspects of performance, whether financial or operational. It helps managers understand trends and can turn management reports into critical tools for decision-making. Project reporting Given the level of organisational change, there are always projects ongoing. We recommend the introduction of visualisation to the reporting currently used in these projects, from status reporting to issue management. The combination of the visual presentation with the interactive ability to drill down elevates this reporting. Stakeholders can view the overall status in a very speedy fashion and easily focus on issues causing delay or aspects that are of particular interest. Citizen-led analytics The above may encourage managers to introduce data visualisation into their regular reporting, which represents a business-led scenario. We also recommend a citizen-led approach where the team members, and Chartered Accountants in particular, are empowered to use analytics techniques, including visualisation, to improve how regular and ad hoc analytics are carried out day-to-day. This requires the chosen tool for the organisation to be made available to all team members, along with basic training. Managers can be hugely influential in the success or otherwise of this approach, and it represents an excellent opportunity to bring positive change to the team. Management can drive the tone at the top, but most opportunities to use visualisation will be identified by those who routinely compile and present analyses. Groups that share success stories and present their analyses will also contribute to a successful rollout and will prompt others to think about how these techniques could be useful in their area. We could discuss more examples in terms of the possible use of Tableau or similar tools, but we recommend that you make a start – whether you are in management or just starting your career as a Chartered Accountant. In the next issue, we will explore the advantages of manipulating data in a more robust and repeatable way to support the production of these useful visualisations. Richard Day FCA is Partner, Data Analytics & Assurance, at PwC Ireland. Alannah Comerford ACA is Senior Manager, Data Analytics & Assurance, at PwC Ireland.

Feb 10, 2020

To create a culture free of groupthink, leaders must first make themselves vulnerable, writes Dr Annette Clancy. Have you ever wanted to speak up in a group, but decided that it was better not to? Or have you ever been sure that your co-workers were making a huge mistake, but felt that you couldn’t intervene to voice a dissenting view? If either scenario sounds familiar, you may have been affected by groupthink. The term was coined in 1971 by the psychologist, Irving Janis, who wanted to understand the systematic errors made by teams involved in collective decision-making. Groupthink occurs when people’s desire for cohesiveness and harmony results in faulty decision-making. Two well-known examples of groupthink are the Bay of Pigs invasion in 1961 and the Challenger Space Shuttle disaster in 1986. In the Bay of Pigs example, Janis describes the men surrounding John F. Kennedy as “one of the greatest arrays of intellectual talent in the history of American government”. There were individual dissenting voices among those men when President Kennedy gave the order for the invasion. Yet, when brought together, the group dynamic prevented them from disagreeing. The formal investigation into the Challenger Space Shuttle identified a technical fault in the o-ring, which led to the disaster. However, it also referenced “a serious flaw in the decision-making process leading up to the launch”. Concerns about the o-ring had been circulating in NASA months before the accident, but nobody took action. So, how can you spot groupthink in organisations? Janis outlined the following symptoms: 1. Invulnerability Members of the decision-making group share the illusion that they are invulnerable. This leads them to become overly optimistic and to make risky decisions. They don’t pay attention to warning signs. In the case of the Bay of Pigs Invasion, Kennedy was under the illusion that he could keep secret the fact that Cuba had been invaded by the United States – even after the news leaked to the media. 2. Rationalisations Victims of groupthink ignore warnings and begin to create a rationale to defend why they ignored the warning in the first place. This entrenched position reinforces the group’s illusion of invulnerability. 3. Morality Victims believe that they are behaving morally and doing the right thing. This allows the group members to ignore the ethical or moral consequences of their decisions. They create, therefore, a new morality out of their groupthink position. 4. Stereotypes The group splinters and the victims of groupthink stereotype those who are not in their group by denigrating them as stupid or not as good as them. In doing so, they reinforce their own identity. 5. Pressure Victims apply direct and indirect pressure to any member who expresses doubt about the group’s illusions. Uncertainty, individuality and questioning are extinguished. 6. Censorship Members censor their views to conform. 7. The illusion of unanimity Because nobody speaks out, everybody believes that there is unanimous agreement. How to avoid groupthink Janis’s optimal solution was that members of senior teams should rotate the role of critical evaluator. He also added that the director should accept the frank exchange of views. The best way to avoid groupthink is to welcome healthy dissent and disagreement. Conflict isn’t always a bad thing. Assigning somebody to be devil’s advocate can often introduce a welcome alternative perspective. Leaders who want to change a groupthink culture must lead from the front. Nobody is going to make themselves vulnerable or step out on a ledge because a leader has decided that “we’re not doing groupthink from now on”. Changing a culture of groupthink requires deft and sophisticated leadership that is tuned into the emotional tone of the organisation. A leader who makes themselves vulnerable first, who is willing to hear criticism and act upon it, and who makes it safe for others to do so without retribution or punishment will go a long way towards making their organisation groupthink-free.   Dr Annette Clancy is Assistant Professor at UCD School of Art, History and Cultural Policy. Annette’s research focuses on emotions in organisations.

Feb 10, 2020

While there are positive trends in the fight to stem climate change, we must now enter an era of intense innovation to win the battle. By Kate van der Merwe As we look ahead to a new decade, we stand at a critical inflection point. We need it to be one in which emerging climate change trends catch on with the same intensity of the climate events happening across the planet. In this series of articles, I briefly explored what climate change is and why it matters, investment and  reporting developments, and the evolution needed in our decision-making.  In my final article of this series, I will look at emerging macro-level trends across sectors and jurisdictions and, more broadly, ideas about how our economy might function sustainably. Emerging sustainability trends  There have been significant recent developments in both business sectors and operational processes. The insurance sector, for example, transformed as severe weather events made the impact of climate change more apparent. The 2017-18 period – the worst two-year period on record for natural catastrophes – cost insurance company Munich Re $225 billion. It is interesting to see companies trying to navigate significant change. One such example is the retail giant, H&M. The company is in a carbon-intensive sector and is modifying its business – partly driven by conscientious consumers – while facing many reputational challenges about fair labour, resource-intensive manufacturing and damaging waste outputs. When H&M launched its ‘Conscious Collection’, it was labelled as “sustainable”. However, a lack of transparent and credible substantiation triggered accusations of greenwashing. Facing challenges from multiple angles, H&M decided to invest $52 million in 16 sustainable retail start-ups through its venture capital arm. At a governance level, there are positive eco-focused trends in tax (carbon taxonomy) and law (climate litigation), with some bold steps forward (EU Green Deal), countered by steps backwards (the US exit from the Paris Agreement).  Tax Previous articles discussed individual companies’ internal carbon pricing, but jurisdictions also incorporate carbon pricing to tax or cap emissions. Carbon taxes encourage reduced emissions while enhancing potential revenue streams to mitigate further emissions. Valuable lessons can be found where these taxation approaches have failed, most notably in the case of Australia. These lessons should be remembered as more and more countries use carbon pricing initiatives such as taxation or cap-and-trade, and different methods continue to be refined and further embedded. Litigation Another growing trend is climate litigation. In 2019, climate change litigation cases were taken in at least 28 countries, and while a significant number of cases arose in the US, many originated in lower-GDP countries and are being brought by a diverse range of claimants – environmental activists, activist shareholders and state bodies – mostly against governments but, increasingly, against companies, as well. A landmark case, Urgenda Foundation v. The State of the Netherlands, was recently decided, concluding that the Dutch government must prevent “dangerous climate change”. This ruling recognised the government’s responsibility to reduce emissions in keeping with its position of power in a developed nation. Circular economy Alternative concepts, such as the circular economy, are becoming mainstream. A transition to a circular economy requires system change. Since industrialisation, we have used the linear take-make-waste model, which is problematic for finite resources and waste management. A good circular design incorporates full life-cycle design thinking and accounts for ease of repair and elimination of waste. An estimated 9% of the global economy is circular, so there’s plenty of opportunity for innovation. The CEO of Royal Philips, Frans van Houten, is a supporter of the concept, saying: “Building a global circular economy is not just an environmental imperative, but a great opportunity for companies and individuals everywhere to enter a new phase of health and prosperity.” Although political inertia continues (a disappointing COP25, for example), each new study released seems to intensify the immediacy as impact of the climate tipping points and society grows more aware, anxious and demanding of change.  Time to act At this pivotal juncture, we need to enter a new era of intense innovation to redefine the way we exist. The momentum of climate movements from ‘Fridays for Future’ to the fossil fuel divestment campaign to the mainstreaming of innovative alternatives gives great hope. Going forward, it’s important that we do not get distracted, despite the volatile geopolitical environment, and continue to educate ourselves on this complex and evolving threat, make personal and structural changes, and engage with the conversation. There are encouraging trends, but they need impactful finance practices that support the transition to a healthy, sustainable world. Kate van der Merwe ACA is responsible for Global gFA Reporting Optimisation at Google.

Feb 10, 2020

Olivia McEvoy outlines the diversity and inclusion issues at play in companies across the island of Ireland. As part of EY’s commitment to building a better working world, the firm conducts an annual survey to benchmark diversity and inclusion activity in organisations across the island of Ireland. The third survey reflects the experience of more than 150 C-suite leaders, human resource directors and diversity and inclusion leads. The respondents were drawn from both indigenous Irish and global organisations of varying sizes across a range of diverse sectors. This article outlines how organisations view and position diversity and inclusion. Smart working It is encouraging to note that appetite for diversity and inclusion remains constant. 100% of businesses say it is vital to business performance, and 82% recognise the impact of diversity of thought on decision and risk excellence. Indeed, there is no shortage of appreciation of the connection with diversity and inclusion and more significant customer and employee engagement, productivity, innovation and creativity, as well as talent acquisition and retention. With 95% of survey respondents aware of the pending Gender Pay Gap legislation, which is scheduled to take effect in 2020, significant numbers (71%) are also embracing a critical means of addressing the gender pay gap: a smart working culture. Smart working is a set of practices that add greater flexibility to work methods through innovative solutions and is measured by the achievement of results regardless of where and how employees perform their work. Flexible location, schedule, hours worked, and shared responsibility are some of the markers of smart working. Some organisations refer to smart working as agile, flexible, new ways of working or modern ways of working. The Gender Pay Gap legislation will also provide welcomed impetus and transparency, albeit 60% of organisations already publicly communicate information about their diversity and inclusion goals and targets. Absence of accountability However, there is still a ‘diversity and inclusion disconnection’ between what organisations are saying and what they are doing in this space. Leadership behaviour is the cornerstone of an inclusive environment and enables a culture of psychological safety, but just over half (53%) take responsibility to call out inappropriate behaviour and language. Leadership accountability is one of the most significant game-changers in achieving meaningful transformation, but a critically low 24% of leaders have diversity and inclusion goals or targets tied to their performance metrics and reward. Measuring the impact of diversity and inclusion on performance is instrumental but a rarity (16%) in organisations. Investment is also inextricably linked to enhanced organisational reputation, decision-making and talent attraction, but a third (31%) of organisations invest nothing and 43% spend less than €25,000. The majority of actual investment is a combination of events (63.8%), networks and network membership fees (52.2% and 40.6% respectively) and sponsorship (30.4%) rather than in the more strategic and systemic changes needed to develop the processes, capability and behaviours required to achieve lasting change. Delivering on diversity With ‘business as usual’ often enough to overwhelm, it is easy to get distracted and presume that if someone else in the organisation is talking about diversity and inclusion, that is enough. Indeed, lots of talk about it leads us to believe that the diversity and inclusion box is being ticked. But box-ticking is not enough. Talking is not enough. We need to adopt a transformational approach that embeds diversity and inclusion as part of our systems, structures and, ultimately, our culture if we want to realise meaningful change; and we must be bold personal agents of that change. As evidenced in the EY Ireland 2019 Diversity & Inclusion Survey report, there is some progress in some areas but regression in others – and certainly nothing like the ‘gear change’ called for in previous years. Rather than make exaggerated claims or aspire to progress, we need to be able to proclaim positive outcomes and actual results and deliver on diversity and inclusion. Everybody in? Olivia McEvoy is Director of Diversity & Inclusion in People Advisory Services at EY Ireland.   EY is launching its fourth annual Diversity and Inclusion (D&I) survey of organisations across the island of Ireland and we would be very grateful for your participation. The survey will remain open until 19 February 19th. Take the survey here: www.surveymonkey.com/r/EYDiversityInclusionSurveyIreland2020

Feb 10, 2020

Barry Robinson explains the obligations placed on private companies arising from the new EU Whistleblower Directive. On 7 October 2019, the EU approved a new Directive on the protection of persons reporting on breaches of European Union Law, also referred to as the Whistleblower Directive. In Ireland, public bodies have had regard to the Protected Disclosures Act 2014, which was amended in June 2018 to incorporate provisions of the EU Protection of Trade Secrets Directive. The current legislation entitles a worker (as defined in the 2014 Act) to report wrongdoing in a public body if there is a reasonable belief of such wrongdoing, and have their identity protected. However, the Whistleblower Directive, which must be adopted into Irish law within two years, will mean that the obligations under the 2014 Act will extend to the private sector as well. The Association of Certified Fraud Examiners’ (ACFE) 2018 Report to the Nations, a global analysis of the costs and effects of occupational fraud, shows that tip-offs or whistleblowing is still the most effective method of detecting occupational fraud, which highlights the importance of this legislation. What will the EU Whistleblower Directive mean for private companies in Ireland? The Directive will make it mandatory for companies with over 50 employees to establish internal reporting channels, both for reporting and follow-up. The Directive allows for companies with between 50 and 249 employees to share resources as regards the receipt of reports and any investigation to be carried out. Who will “reporting persons” be? The 2014 Act currently defines a “worker” who can make a protected disclosure as an employee or a contractor. In the future, under Article 4(1) and 4(2), the Directive will extend the scope of the definition of “reporting persons” to include shareholders, who are not currently included within the 2014 Act. It will also include volunteers and unpaid trainees, and individuals who report on breaches within their knowledge acquired through a work-based relationship, which has since ended. What are the required timeframes for following-up on a disclosure? The Directive will impose timeframes on companies that receive a protected disclosure by creating an obligation to respond to, and follow-up on, the whistleblowers’ reports within three months (with the option to extend this to six months for external channels in duly justified cases). The receipt of a disclosure must be acknowledged within seven days. Will the reporting channels be internal or external? The Directive seeks to encourage disclosures internally in the first instance. The Directive states: “as a principle, therefore, reporting persons should be encouraged to first use internal reporting channels and report to their employer, if such channels are available to them and can reasonably be expected to work”. However, the Directive also allows for external reporting channels. Third parties could be authorised to receive reports of breaches on behalf of legal entities in the private and public sector, provided they offer appropriate guarantees of respect for independence, confidentiality, data protection and secrecy. Such third parties could be external reporting platform providers, external counsel, auditors, trade union representatives or employees’ representatives. Protections against any form of retaliation from employers will be given to persons who report wrongdoing internally and externally. The protections under the Directive will also extend to persons “who make such information available in the public domain, for instance, directly to the public through online platforms or social media, or to the media, elected officials, civil society organisations, trade unions, or professional and business organisations.” Who are “prescribed persons”? The Directive includes provisions in respect of “competent authorities” to whom a disclosure can be made. The Directive states: “in the case of legal entities in the private sector that do not provide for internal reporting channels, reporting persons should be able to report externally to the competent authorities”. Are there any new requirements? The Directive introduces a wide range of new requirements for companies who receive disclosures, which are summarised below: Secure channels for internal reporting. The Directive states that internal reporting shall require “channels for receiving the reports which are designed, established and operated in a secure manner that ensures that the confidentiality of the identity of the reporting person and any third party mentioned in the report is protected, and prevents access thereto by non-authorised staff members”. Dedicated, impartial staff to handle reports. The Directive requires the designation of a neutral person or department competent for following-up on the reports, which may be the same person or department as the one that receives the reports. These dedicated staff members will maintain communication with the reporting person and, where necessary, ask for further information from – and provide feedback to – that reporting person. Diligent follow-up. The Directive requires thorough follow-up and the provision of feedback within three months (which may be extended to six months in duly justified cases). Transfer to another competent authority. The Directive allows for the transfer of a disclosure to another competent authority where the receiving body does not have the competence to deal with the matter. The Directive states that this must happen “within a reasonable time, in a secure manner, and that the reporting person is informed, without delay, of such a transmission”. Reporting the outcome per national law. The Directive states that the receiving body must communicate to the reporting person the result of investigations triggered by the report, in accordance with procedures provided for under national law. Procedures for making a disclosure Article 13 of the Directive sets out the information a competent authority must publish concerning receipts of disclosures. The following information must be published on the competent authority’s website, which must be reviewed and updated every three years: The conditions under which reporting persons qualify for protection; Contact details for the external reporting channels – in particular, the electronic and postal addresses, and the phone numbers for such channels, indicating whether the phone conversations are recorded; Details of how the disclosure will be processed; Details of the timeframes and format for feedback; Details of the confidentiality regime and how personal data will be processed; Details of whether or not a discloser will be held liable for a breach of confidentiality; Remedies and procedures available against retaliation; and Contact details for any other relevant body or information body providing advice to the discloser. Protections against penalisation The 2014 Act makes clear the rights of an individual if an employee is penalised for making a Protected Disclosure. The Directive states: “it should not be possible for employers to rely on individuals’ legal or contractual obligations, such as loyalty clauses in contracts or confidentiality or non-disclosure agreements, so as to preclude reporting, to deny protection or to penalise reporting persons for having reported information on breaches or made a public disclosure providing the information falling within the scope of such clauses and agreements is necessary for revealing the breach. Where those conditions are met, reporting persons should not incur any kind of liability, be it civil, criminal, administrative or employment-related”. Article 20 of the Directive states that reporting persons shall not incur liability of any kind in respect of such a report or public disclosure, provided they had reasonable grounds to believe that the reporting or public disclosure of such information was necessary to reveal a breach under this Directive. What about trade secrets? The 2014 Act was amended in 2018 to incorporate provisions of the EU Provision of Trade Secrets Directive. This required whistleblowers to demonstrate that they acted in “the general public interest” when disclosing commercially sensitive information. The Directive, however, states that where a reporting person can show “reasonable grounds”, they will incur no liability in respect of disclosures including for defamation, breach of copyright, breach of secrecy, breach of data protection rules, disclosure of trade secrets, or for compensation claims based on private, public, or collective labour law. This appears to narrow the burden of proof for reporting persons from acting in the public interest to acting on reasonable grounds. What should companies do? All companies in Ireland should review their obligations under the Whistleblowing Directive and assess their ability to implement internal reporting channels and assign dedicated staff to handle such reports. Companies should undertake planning to identify how reports will be investigated independently, and within the required timeframes of the Directive. While many companies may adopt a “wait and see” approach, companies must act to implement systems and reporting channels per the Directive. Barry Robinson FCA is a Director, Forensic Services, at BDO Ireland.

Feb 10, 2020

2019 was unquestionably the year when Ireland entered a new phase of transparency, writes Claire Lord. Companies Front and centre in 2019 was the launch of the Central Register of Beneficial Ownership of Companies and Industrial & Provident Societies, which opened for filings on 29 July. The first filing deadline of 22 November 2019 applied to companies and industrial and provident societies that had been incorporated on or before 22 June 2019. By this deadline, these companies and societies had to file information on their beneficial owners to the central register. Now, every company and industrial and provident society registered in Ireland must file information on their beneficial owners to the central register within five months of becoming incorporated. A beneficial owner is a natural person who ultimately owns or controls the share capital or the voting rights, or has control by any other means. The relevant legislation states that a holding (direct or indirect) of 25% plus one share will be indicative of ownership and control. The information required to be filed to the central register includes name, date of birth, nationality, residential address and PPS number. While companies and societies will be required to submit these details to the central register, the only information available to the public will be a beneficial owner’s name, country of residence, nationality, month and year of birth and nature and extent of ownership and control. Individuals acting on behalf of An Garda Síochána, the Financial Intelligence Unit, the Criminal Assets Bureau, the Revenue Commissioners and other competent authorities will be entitled to access all information submitted to the central register, save for PPS numbers. Trusts Last year, Ireland also transposed into law the requirements under the Fourth Anti-Money Laundering Directive, as amended by the Fifth Anti-Money Laundering Directive (5MLD), concerning the determination of the beneficial ownership of certain types of trusts. These requirements apply to express trusts whose trustees are resident in Ireland, or which are otherwise administered in Ireland. These new requirements oblige trustees of these trusts to create and maintain internal registers of the beneficial ownership of those trusts. A beneficial owner of a trust is a natural person who ultimately owns or controls the trust and/or the natural persons on whose behalf a transaction or activity is conducted. This includes, at least, all of the settlors, the trustees, the protectors (if any), the beneficiaries, or – where the beneficiaries have yet to be determined – the class of persons in whose main interest the trust is set-up or operates, and any other natural person exercising ultimate control over the trust through direct or indirect ownership or by other means. The information required to be maintained on an internal register of the beneficial ownership of a trust includes the name, date of birth, nationality and residential address of each beneficial owner. In addition to obtaining and holding this information, trustees are obliged, on request, to provide the Revenue Commissioners and other competent authorities with access to their internal register. Ireland is required to set-up a central register of beneficial ownership of trusts by 10 March 2020. Partnerships In late 2019, we saw the introduction of regulations that extend the requirement to file financial statements in the Companies Registration Office (CRO) to additional types of partnership. These regulations took effect on 1 January 2020. Before these new regulations took effect, the partnerships that were required to file financial statements in the CRO were partnerships where all of the partners who did not have a limit on their liability were limited companies or their overseas equivalents. The new regulations now require partnerships to file financial statements in the CRO where they are partnerships whose ultimate beneficial owners enjoy the protection of limited liability, including in circumstances where a partner is an unlimited company whose ultimate beneficial owners enjoy the protection of limited liability. Conclusion Much progress was made by legislators during 2019 to bring Ireland in line with the transparency requirements of the EU. While additional compliance requirements can place an initial burden on businesses, regardless of how those businesses are structured, normalising transparency of ownership and ensuring consistent public reporting of financial performance can only strengthen trading and the policing of money laundering.   Claire Lord is a Corporate Partner and Head of Governance and Compliance at Mason Hayes & Curran.

Feb 10, 2020

Peter Vale and Christopher Crampton outline some expected changes to international taxation in the coming year. 2020 is set to be a busy year for international tax. For Ireland, it’s a key period. While international tax reform to date has been good for the country, the changes being looked at in 2020 pose challenges.   Global tax changes – Pillars One and Two The outcome of meetings in January are key to the OECD’s plans to reach consensus on both the Pillar One and Pillar Two proposals. While the Department of Finance expects the ultimate outcome to be a reduction in Irish corporate tax receipts by up to €2 billion, it’s a very difficult one to call. Pillar One examines a reallocation of profits to market jurisdictions. While this does impact on our corporate tax base, it should not prove fatal on its own. However, recent pronouncements from the US suggest that getting consensus on the Pillar One changes could be difficult. Pillar Two looks at a global minimum effective tax rate and is, perhaps, of more danger to Ireland. A tax rate of 12.5% was suggested by the French Finance Minister in December. While at first glance this would look positive from an Irish perspective, the devil is in the detail.   The most recent OECD draft proposals look at an allocation of profits to individual countries based on a group’s consolidated financial statements. This could provide a distorted result for groups with large intellectual property (IP) migrations to Ireland, in particular, and potentially lead to an effective tax charge significantly lower than 12.5%.  The early months of the year should provide key signals as to the direction of travel on both Pillars, with the outcome critical to the relative attractiveness of our corporate tax regime in the future. We should not rule out the EU taking matters into its own hands, particularly if reaching a consensus looks like being a protracted affair. Transfer pricing Finance Act 2019 saw the introduction of OECD 2017 guidelines into Irish tax legislation. One of the biggest impacts of the guidelines will be more onerous documentation requirements in 2020 for Irish companies, although many will already be maintaining similar documentation on a group-wide basis. At first glance, this might seem to cause disruption for Irish subsidiaries of US multinationals with significant IP in Ireland. While these groups typically have significant substance here, many of the IP functions are carried out outside Ireland; often in the US. Another key change in Finance Act 2019 was the introduction of transfer pricing for Irish small- and medium-sized enterprises (SMEs). While it is expected that the documentation requirements will be more relaxed for SMEs, the extension of transfer pricing will create further administrative requirements on Irish businesses. On the positive side, the extension of transfer pricing to SMEs is subject to Ministerial Order, which we might see later in 2020. Any transfer pricing requirements will apply from that date or later; they should not be retrospective to 1 January 2020. For businesses within the scope of transfer pricing now, more focus from Revenue in 2020 can be expected.   IP migrations 2020 will see the final year of “double Irish” migrations, with 31 December 2020 marking the end for groups with IP currently housed offshore in Irish incorporated non-resident entities. After that date, those entities become regarded as Irish tax resident. While many groups have already moved their IP onshore (much of it to Ireland), a significant number of groups have yet to do so. Hence, we expect many IP migrations to take place in 2020. When an IP migration takes place, the market value of the IP determines the amount of tax allowances available in Ireland. This number is often large, and so we expect to see Revenue examine these IP valuations closely. Interestingly, when these tax allowances expire then, all other things being equal, a significant increase in Ireland’s corporate tax receipts at some point in the future would be expected. However, a lot could happen in the intervening years! Revenue audit focus Aside from the focuses identified above, we don’t expect significant change in the nature of Revenue audit activity in 2020. We expect Revenue’s focus to remain on PAYE and VAT for SMEs, which tend to be the areas of greatest non-compliance.   On the corporation tax side, we have seen Revenue increasingly look for back-up supporting tax losses carried forward, which can prove challenging where the losses were generated some time ago but are being used presently. Businesses should be aware of this when considering document retention policies. Budget 2021 While Budget 2020 has just passed, it’s worth noting that this Budget was based on a more negative outlook than now appears to be materialising. This could mean we finally see more meaningful movement on our high marginal income tax rates later in the year, or possibly a reduction in capital taxes. Of course, a lot can happen between now and then, including a new government, further global tax changes, and six months of known unknowns! And, that’s all without mentioning Brexit. In summary, another year of significant developments on the international tax front looks likely, with the outcome critical for Ireland. Peter Vale FCA is a Tax Partner at Grant Thornton. Christopher Crampton ACA is an Associate Director at Grant Thornton. Brass Tax -- new year, new tax rules by Leontia Doran Since we’re fast approaching a new tax year in the UK (from 6 April 2020), let’s take a look at what is on the horizon for practitioners. IR35 rules From 1 April 2020, the IR35 rules in the public sector are being extended to the private sector with an exemption from the rules only available to “small” businesses. The IR35 legislation is designed to combat avoidance by individuals who are supplying their services to businesses via an intermediary (such as a company) but who would be an employee if the intermediary wasn’t used. Making Tax Digital From 1 April 2020, the UK will join the ranks of France, Italy, Austria, Turkey and Malaysia when it introduces its own digital services tax.  Making Tax Digital (MTD) for VAT continues. Some businesses are now able to apply for an extension to meet the digital links requirement once the one-year soft-landing period ends on either 1 April 2020 or 1 October 2020. However, the criteria to do so is strict, as set out in the updated VAT notice.  Corporation tax The rate of corporation tax is also legislated to fall from 19% to 17% from 1 April 2020. However, the Government has stated that it will remain at 19%. As it’s already on the Statute books, legislation will be needed to reverse this.  And therein lies the rub. The next UK Budget isn’t taking place until 11 March, which means the related Finance Act likely won’t be enacted until several months later. Retrospective legislation is never a good thing. Leontia Doran FCA is UK Taxation Specialist at Chartered Accountants Ireland.

Feb 10, 2020

As the new UK Government has been formed by the Conservative party with a significant majority, its policies will set the tax agenda for 2020 and the following four years. Claire McGuigan summarises the main proposals. Business taxes In Finance Act 2016, the rate for corporation tax for 2020/21 was set at 17%. As this rate is set in legislation, it is the rate (excluding the UK banking corporation tax surcharge of 8%) that companies must use for their deferred tax calculations. However, during the election campaign, the Conservative party pledged to maintain the rate at 19%. Therefore, once this change is enacted, businesses will need to revisit their deferred tax calculations. The Chancellor is expected to stick to the existing plans to introduce restrictions to payable research and development (R&D) tax credits from April 2020 to reduce the scope for tax avoidance by small- and medium-sized enterprises (SMEs). However, the Conservatives have pledged to increase the value of the R&D expenditure credit (RDEC) for larger companies from 12% to 13% and review the project qualifying criteria to establish if it can be widened to include R&D on cloud computing and data. They also committed to increasing the relief available under the new structures and buildings allowance to 3% a year. Both of these changes are likely to take effect from 1 April 2020. The Conservative party confirmed its commitment to introduce a Digital Services Tax (DST) from April 2020, although it is not clear if there will be enough time to finalise the necessary legislation by then. Also, at the time of writing, the OECD has asked the UK to postpone implementation of this tax to allow for a standard approach to be considered across all countries. During the election campaign, all three main parties promised to review the impact that the IR35/off-payroll labour changes will have on private sector businesses. Given that these changes were longstanding Conservative party policy, it is unlikely that they will be abandoned entirely. However, delaying the changes until 2021 or committing to a ‘post-implementation review’ may feature in the Budget. Similarly, the outcome of the Loan Charge Review is expected. Again, for the Government to abandon this tax enforcement action seems unlikely, but the Chancellor may announce much more flexible payment terms for individuals facing the charge. Finally, for business taxes, the Conservative party manifesto contained a promise not to raise the rate of VAT during the next parliament. Brexit The promise to “get Brexit done” was central to the Conservatives’ election campaign. With a transitional period operating until 1 January 2021, most operational laws and cross-border arrangements will remain in place until that date. During 2020, the new Government will aim to negotiate a post-Brexit trade deal with the EU that will take effect from 1 January 2021. However, some uncertainty will continue: in the election campaign, the Prime Minister promised not to extend the transition period beyond 1 January 2021 so, theoretically, there may still be a ‘no-deal’ Brexit if a trade deal is not agreed. Alternatively, an extension to the transition period may be possible if a post-Brexit deal takes longer to agree. Employer issues Although the Conservative party committed to ending freedom of movement on Brexit day, under the transitional rules, EU citizens would be able to come to the UK to live and work without any formal application process. If those individuals wish to remain in the UK after 31 December 2020, they can apply for “temporary leave to remain” in the UK which, if granted, will allow them to continue living and working in the UK for 36 months from the date it is granted. From 2021 onwards, the Conservatives plan to introduce a points-based immigration system. Despite the national insurance contributions (NIC) changes for individuals, the Conservatives pledged not to increase NIC for employers and, to help small employers, they also plan to increase the NIC employment allowance from £3,000 to £4,000. Employers should prepare for a significant increase in the national minimum wage (NMW) from April 2020. The Conservative party has pledged to increase it in stages to £10.50 over five years – this equates to a 5% increase from April 2020 and each subsequent year of the parliament. Personal taxes During the election campaign, all the main parties proposed changes to capital gains tax, although the Conservative party proposals were the least radical. The Conservative manifesto did pledge to “review and reform” entrepreneurs’ relief (ER). While it is perhaps unlikely that the valuable ER rules will be immediately repealed, there may be some interim changes to the rules announced in the Budget, pending the outcome of a more fundamental review during 2020/21. The Conservatives intend to raise the annual NIC starting threshold for employees to £12,500 over the next parliament, with an immediate increase to £9,500 from April 2020. The rates of NIC will be frozen for the duration of the new parliament. The Prime Minister also made an election commitment not to increase income tax rates during the new parliament. Past political controversy over pension tax relief perhaps influenced politicians not to make specific commitments on the topic during the election campaign. However, because of the impact the annual allowance charge is having on senior NHS clinicians, the Government has already announced temporary measures to ensure that where they take on additional hours, such individuals would not lose out overall. The ‘quick fix’ compensation arrangement announced during the election campaign is unlikely to be sustained for the long-term, and a review of the underlying rule is likely to be announced in the Budget as it can trigger tax charges for many workers in the public sector (and private sector). On tax avoidance, they propose a new package of measures including doubling the maximum prison term to 14 years for individuals convicted of the most serious types of tax fraud and creating a new HMRC Anti-Tax Evasion Unit.   We await the Government’s first budget, scheduled for 11 March 2020, with anticipation. Claire McGuigan is Director, Corporate Tax, at BDO Northern Ireland.

Feb 10, 2020

Becoming a partner in the firm is often the goal when accountants go into practice, but it’s not a walk in the park. Jackie Banner outlines four key steps on the road to making partner. Making partner is the end goal for many who go into practice. The status, financial compensation, and endorsement of one’s skills and expertise are all obvious draws to progressing to this level. Then there is the opportunity to effectively become a ‘business owner’ with responsibility and influence over how the firm is run. This latter piece sounds simple in theory but requires the right considerations and capabilities to execute.  We can’t gloss over the technical competency that is required to make it to partner. Possessing exceptional domain knowledge in your chosen area of expertise is fundamental to any move upwards. Eagle-eyed attention to detail and a holistic view of the business as a whole are also required to consider yourself technically sound. With a rapidly changing business landscape, the burden of knowledge is significant, and can lead a potential partner to focus too heavily on the technical side alone.  The most common missteps that senior level accountancy professionals make in the race to partner have to do with the investment in their own leadership ability,  relationship management and ability to think like someone who’s running a business or a profit-and-loss account. Here’s how to tackle these key steps to making partner. Invest in your leadership ability Over the last six decades, leadership scholars have conducted more than a thousand studies to determine the definitive characteristics and personality traits of great leaders. Out of all the research, not one unanimous, best practice leadership archetype has emerged. Prevailing opinions on the best leadership styles are replaced as quickly as the latest iPhone. However, there are some common through lines in many of them that you can draw from. Whether it’s Six Sigma, values-led leadership, contingency theory (which in itself says there is no one ideal leadership style), communication methods, humble leadership or any number of other theories and best practices, be sure to establish a combination of leadership qualities that best align with you as a person and as a leader.  Signalling that you have the right level of ambition necessary is also required. This is demonstrated by how you carry yourself, your communication style, and interactions and relationships with colleagues and clients. Combine these with that aforementioned oft-ignored investment in yourself to build your own definitive leadership style.  Vision and strategy The most common piece of feedback we hear from nomination committees or hiring partners about unsuccessful final interviews is that the candidate lacked vision in their pitch. At this level, technical competency is assumed. You will be speaking to peers who are equally, if not more skilled than you. They want a business leader to sit alongside them; someone with a new perspective that can bring energy and excitement that will contribute to business growth.  Presenting a forward-thinking, clear vision that will grow not only your business unit but add to the company is perhaps the most valuable thing you can do to be perceived as someone ready to make partner. In practical terms, that vision should translate to an actionable business plan.  When preparing, think strategically about how you’re going to generate earnings, develop a client pipeline, and hit the figures that justify your being chosen as an equity partner. A partner needs to ascertain what those expected figures are for the firm with which they are interviewing. This means crafting a realistic three-year plan to grow revenues at a level that a partner needs to be commercially viable, which is firm dependent.  Relationship management We all need a sounding board to bounce ideas off of or to go to for advice. Therefore, your network and your professional relationships should be a priority on the road to partner. Partners, no matter what age or level of seniority, should have a mentor.  As Chris Outram discusses in his book, Making Strategy Work, you need ‘co-conspirators’ on whom you rely to give their support when it comes to internal decisions and information-sharing across business units. This extends to stakeholder management both inside and outside your firm.   Putting it all together In an increasingly “what have you done for me lately?” world, contextualising the human side of the job is key. Trust your team to deliver while driving them towards a coherent vision by demonstrating effective leadership and building a sustainable pipeline of business.  Sounds easy when you put it on paper, right? There is no doubt it is a huge challenge to make the leap but having a clear idea of what is required and how it should be presented is the first step on the road to partner.    Top tips on the road to partner 1. Have a plan – Set targets and milestones for yourself to track your progress and professional development. Decide what you want out of your career and then work towards achieving it.    2. Invest in upskilling – Find opportunities to develop your technical and soft skills. Invest in as many areas as are available to you.     3. Specialise your skill set – Practice experience is broad and often provides exposure to a wide range of skills and experience, which is great. However, drill down and become a subject matter expert where possible. Be the go-to person in your network for a particular subspecialty.   4. Be flexible – In any business, targets move, circumstances in your or your clients’ business can change quickly. When unexpected events arise or a strategy or project scope moves, always think of yourself as a support for change and not a barrier.   5. Say “yes” – There will always be an element of a job or a particular client you’d rather steer clear from, but don’t. Always say “yes” when asked to take on something new or different.   6. Define your client portfolio and market opportunity – The more distinct your client portfolio is from your peers or your partners, the more likely you are to become a destination for referrals, hold client relationships, and see significant fee income potential in line with expectations for equity partner level.   7. Find a mentor – Find a peer who you admire and who has made choices you respect. Someone who is willing to be your sounding board and provide advice on how to achieve what you want in your career.  Jackie Banner leads Practice Recruitment for Azon Recruitment Group.

Feb 10, 2020
Show Me More News