Directors faced with a court application to restrict them  as a director must be able to demonstrate clearly that they acted responsibly at all times to avoid restriction.  By Claire Lord A liquidator of a company that is unable to pay its debts is required to apply to court for a declaration that any director of that company, either at the time of commencement of its winding up or during the period of 12 months before that date, cannot be appointed or act as a director of a company or be concerned in or take part in the formation or promotion of a company, for a period of five years. This requirement does not apply where the Director of Corporate Enforcement relieves the liquidator of the obligation, or the company in question meets certain share capital requirements. In addition, the court is not required to make a declaration of restriction where it is satisfied that the director in question acted honestly and responsibly in relation to the conduct of the affairs of the company, whether before or after it became unable to pay its debts. The concept of “acting responsibly” was recently considered by the Irish High Court in connection with an application made by the liquidator of IQ Content Limited for a declaration of restriction against two of its directors. One of these directors was Morgan McKeagney, the founder and former managing director of IQ Content Limited.  The case IQ Content Limited was an IT consulting and web design firm that had enjoyed considerable success until 2014, when an unfortunate coincidence of events caused it to suffer an unprecedented collapse in revenues. As a consequence, in July 2014, a decision was made to wind up the company. At that time, Morgan McKeagney remained as a director of the company but was no longer involved in its day-to-day operations. Representing himself, and assisted by a successful application for an order of discovery of documents held by the company, Morgan McKeagney presented evidence of “a story of intrigue” to the court. The evidence presented by Mr McKeagney demonstrated that his colleagues had acted in a coordinated and calculated manner to drive the company into liquidation while at the same time, establishing a new company into which they planned to move all of the company’s assets. Mr McKeagney was also able to show the court that throughout this period of crisis, he had been deliberately removed from decisions that were made and otherwise isolated within the company. The judgment The application for Morgan McKeagney to be declared by the court as being restricted from acting as a director was declined. The presiding judge instead declared that Mr McKeagney had acted responsibly and with integrity throughout the process. The judgment notes that the court was highly impressed with Mr McKeagney’s actions in his role as a director of IQ Content Limited and in opposing the restriction application. In this regard, it is stated in the judgment that Mr McKeagney had presented his case in a clear and articulate manner and had presented clear evidence that he had acted in the best interests of the company at all times. This case demonstrates that the court will decline to make an order for restriction in circumstances where a director has acted responsibly in relation to the conduct of the affairs of a company in liquidation. However, a director in this situation needs to be able to clearly demonstrate to the court that this was the case. Morgan McKeagney went to impressive lengths to contest the application being made to restrict him as a director, and he was successful in demonstrating that he had truly acted responsibly in relation to the conduct of the affairs of IQ Content Limited. These lengths are indicative of the burden of proof placed on directors that find themselves in a similar position to successfully argue a positive outcome.   Claire Lord is a Corporate Partner and Head of Governance and Compliance at Mason Hayes & Curran.

Des Peelo explains why a trust or an overseas holding company is rarely a good idea. The ownership of wealth and related capital taxes go together, and there are lessons to be learned in trying to distance one from the other. Nothing stands still over time, except the Great Pyramid and similar edifices. This simple fact can escape legal and financial advisors when it comes to wealth and capital taxes. First, let us consider the history of capital taxes briefly. The 1970s brought a slew of capital taxes, much of it modelled on UK precedents. The government of the day introduced capital gains tax, capital acquisitions tax replaced estate duties, and there was a short-lived wealth tax. A wide range of tax measures involving the relationships between companies and the individuals who owned them also came along in successive Finance Acts, while 1988 saw the introduction of self-assessment on income and capital taxes. There was relatively little personal wealth in Ireland at that time, and it was the mid-1980s before the capital taxes realised much revenue, with the result that planned tax avoidance (and illegal tax evasion) became an unstated industry in itself. Schemes were thought up by legal and tax advisors until a Finance Act caught up with them. Even so, on occasion, the combatting legislation itself created another loophole, and so on. The use of trusts (usually through what is known as a discretionary trust) and overseas holding companies became fairly widespread, the repercussions of which were not always wisely thought through – a resonance that is still valid today. The ownership of businesses, properties and investments were held in companies and trusts in places like Jersey and the Isle of Man. Others were based further afield in Bermuda, Cyprus and the Cayman Islands. It was not unusual to have pyramids of ownership across several jurisdictions. Revenue probes, the Ansbacher Enquiry, tribunals, several tax amnesties and the Panama Papers subsequently revealed the widespread use of overseas structures. Fast forward from those earlier years and the anxiety to avoid capital taxes, or to keep control after the demise of the founder or owner of a business, overwhelmed common sense as to what was likely to happen in the long run. Subsequent legislative and practice changes, in Ireland and overseas, were not always known or understood. The rigidities in the original tax schemes, over time, frequently created obstacles to addressing subsequent tax challenges and change. As to the designated beneficiaries of the underlying wealth, the elapse of time created its own dysfunctions. Sibling rivalry and inter-generational fighting continue to be common outcomes; not to mention the complications of divorce and remarriage, poor behaviour within a family and possible inadequate management performance as to the underlying business or assets. Trustees also pass on in time, being usually older than the intended beneficiaries, and replacement trustees may have different attitudes. Indeed, some were not replaced in a timely or legally permitted manner. As stated at the outset of this article, nothing stands still and what started as a tax-planning decision is now a tangled legal, financial and tax imbroglio. There are instances of ‘orphan assets’, which arise from the failure to address legislative or practice changes over time. This failure can lead to paralysis or an inability to access the underlying assets. A particular problem with trusts – as identified in several UK court cases – was the continuity of trustees, meaning that overseas trustee companies went out of business without any succession or replacement structures in place. Similarly, individuals acting as directors of holding companies in foreign jurisdictions became incapacitated or died. What is not always readily understood is that if something goes wrong, such as an unexpected event or a dispute of some kind, the Irish courts are unlikely to have any jurisdiction. Trust and/or company law can be opaque or vague in foreign jurisdictions. For example, it may be the case that the shareholders in an overseas holding company have not been filed in the local equivalent of the Irish Companies Registration Office, or indeed disclosed or accessed in any other way. This failure may lead to uncertainty as to actual ownership, and the articles or constitution are likely to diverge from what is set out in Irish company law. In any event, the point is that the use of trusts and overseas companies will often fall foul – and usually do – in the long run. This reality keeps accountants and lawyers busy all over again in trying to sort it out; usually with significant legal and tax bills to follow. In summary, a trust or an overseas holding company is rarely a good idea. Des Peelo FCA is the author of The Valuation of Businesses and Shares, which is published by Chartered Accountants Ireland and now in its second edition.

Welcome to a special 50th anniversary edition of Accountancy Ireland. As this is my first comment piece in the magazine since our AGM, I’d like to say what a tremendous honour it is to follow in the footsteps of a long list of remarkable Presidents. I would also like to congratulate my predecessor, Feargal McCormack, for a tremendously successful year. The audit challenge As a member who has spent his career working in audit, it will come as no surprise that I am keen to address the challenge that currently faces the audit profession. I have been looking to our nearest neighbour in the UK and reflecting on the fractured relationship with the regulator, the Financial Reporting Council, and with politicians. Many of the reforms recommended by Sir John Kingman’s recent independent review have now been accepted. However, the wider review by the Competition and Markets Authority and also the independent review into ‘The Quality and Effectiveness of Audit’ being conducted by Lord Brydon will be fundamental to our future, and the future of business more broadly. We must remember that what may be required to work in the UK is not necessarily or automatically right for Ireland. We must work hard to ensure good communication between the profession, politicians and regulators to ensure that the very particular strengths we have in Ireland are protected and nurtured. Routes to our profession My second area of focus will be around access to the profession. I see this as having three different strands. Firstly at graduate level, secondly by facilitating more graduates to train in industry and public sector, and thirdly by opening up a route to non-graduate entry. Over many years, the Institute’s dependence on the audit functions of the big accounting firms has become more and more accentuated. I believe there is real opportunity both to widen our graduate pool, but also to work with Ireland’s largest corporates – and, indeed, our influential senior members – to revitalise and enhance the ‘training in business’ route to the qualification. The other thing we need to get right is our school-leaver route. It is inevitable that college fees for university education will be reintroduced at some stage, making third-level education inaccessible to many. Through Accounting Technicians Ireland, we already have a ready-made route for school-leavers to Chartered Accountancy, which presents a fantastic opportunity. Strategy My third area of focus will be strategy. We are now working with our Strategy Board to make sure that by the end of the year, we have progressed a new strategy up to 2025. In doing this, we will engage with the full spread of our membership. We have so many business leaders who are Chartered Accountants and who play a very significant role in Irish business life – creating value, creating opportunities for careers, and sustaining families. With your help, we will deliver a strategy that secures our reputation and delivers important services to members. I am very confident that together, we can deliver on our themes and strategy for all of our membership. Conall O’Halloran President

Trainees are the lifeblood of the profession and rather than expect conformance, accountancy firms must  continually evolve to meet their needs. By Sinead Donovan In today’s environment, the role and route to becoming an accountant has changed compared to when I initially started my training contract. I don’t mean in respect to the professional exams or length of training contracts, but more the expectation of the future accountant in their day-to-day work environment and, likewise, in the expectation we have from them. In fact, the question I am asking is: what is the primary role of an accountant? Wikipedia defines an accountant as “a practitioner of accounting or accountancy, which is the measurement, disclosure or provision of assurance about financial information that helps managers, investors, tax authorities and others make decisions about allocating resources”. The rounded accountant Technically, as accountants, we need to be able to provide the above services – but this is no longer our sole role. Today, we need to be experts in project management, forensic accounting, cybersecurity, fintech, negotiation settlements – the list  goes on. To service these needs, it is becoming increasingly critical that we train very rounded and evolved accountants, and that we arm ourselves in our teams with skillsets to build a sustainable relationship with the client, have the foresight to envisage what they need, and be able to address their needs. An evolving industry We are all aware that the professional service environment is changing at rapid speed. To meet these changes, there is a high expectation from the future generation of accountants. This future generation of accountants will be key to the evolution of the professional services industry. We want and need our accountants to have vast experience and other interests, and we want to see how this can be used and applied in our changing environment. This requirement is well served by trainee accountants who come through the non-traditional accounting route and often have a primary degree in something completely different – science, arts, engineering or marketing. Their unique skill will add to the learning experience they will encounter and give a different perspective on the work being performed for clients. Trainees’ concerns Trainees want to learn, but they also want to be supported throughout their career to ultimately achieve the goals and targets they set for themselves. They are not afraid to address issues or concerns they may have. Sometimes we may bemoan this as a millennial or Gen X requirement. However, it should be welcomed and embraced. These students are headstrong, determined and not afraid to voice their opinion. They want a fully rounded experience and the opportunity to get involved in other aspects of the business. We as training firms need to be positioned to address their needs – and there is no doubt that we are being interviewed by the students. A number of things are important to them, not least company polices in respect of CSR, career progression, the different service offerings we provide as professional services firms and how we keep up-to-date with change and technology. They are also keenly driven by the work-life conundrum, which can be difficult to navigate as a trainee accountant. Our responsibility And indeed, accountancy firms must simultaneously pivot their own expectations of trainees. We need to: Help them set stretch goals and put supports in place to enable the achievement of these goals; Keep pace with changes in technology and develop our service offerings to support our clients and our trainees; Communicate and share our strategies and objectives with them – they need to understand what their investment can reap; and Be open to being challenged and questioned. Most importantly, we need to do all this while remembering that ethics is the cornerstone of our profession – a fact that, thankfully, hasn’t changed. Sinead Donovan FCA is a Partner in Financial Accounting and Advisory Services at Grant Thornton.

It’s a lot easier to identify problems in hindsight when one knows what went wrong than to appreciate the risk in real-time. By Cormac Lucey About once a year, I dine with three friends from my training days. As you can imagine, the discussion is always high-powered and elevated. Well, some of the time it is. At our last dinner, I asked a question of someone who works in a senior position at AIB Group: how many people does he think there are on planet earth that have completely read and comprehended the most recent AIB annual report? We reckoned the answer might be about 10 people, at least half of them connected to AIB. I fear that more and more work is spent preparing and auditing financial statements as fewer and fewer people read and comprehend them. Increasingly, people working on financial statements must feel like those at ground control in David Bowie’s ‘Space Oddity’ as they wonder whether anyone is listening to their signals. As a personal investor, I am increasingly concerned that, in reading financial statements, there may be some detail whose importance I have failed to appreciate. Recent events at Datalex provide a cautionary tale. A cautionary tale Between summer 2017 and January of this year, the company’s share price gradually lost value (from about €4 to €2.50). On 15 January, the company made an abrupt announcement that “the board has revised its guidance for adjusted EBITDA for FY 2018 and now expects to report an adjusted EBITDA loss in the range of -$4m to -$1m”. This was shocking, as the company had generated an EBITDA of $13.6 million in 2017 and $11.6 million the year before. The share price fell to €1. The directors commented that “a substantial element of the revised guidance reflects changes in the timing of recognition by the Group of certain contracted revenue. Most of this revenue, not recognised in 2018, will be recognised in 2019 and 2020”. A later company statement in March declared that an external review by PwC had “identified significant accounting irregularities during the period as the underlying cause for the Group’s overstatement of revenues, noting material weaknesses in the internal control environment; the Group’s accounting process in this area has been largely manual…” Other signs I wondered whether the auditors had missed something. The 2017 annual report suggests they didn’t. First, EY had correctly identified revenue recognition as the largest audit risk. Second, they had “communicated to the audit committee that the revenue recognition and Accrued Income process for professional services projects is manual”. Third, they had reported that “the Group’s largest project increased significantly during the year and, as a result, there was a heightened degree of subjectivity applied by management in determining an appropriate percentage of completion calculation for this project”. It would have been very easy for a reader of the 2017 financials to pass over these comments without appreciating their eventual significance. Were there other signs that might have raised attention?  If revenue was being overstated, we would expect receivables to grow disproportionately. That is indeed what happened. At the end of 2016, Datalex’s trade receivables (including accrued income) amounted to 87 days of sales. By December 2017, this had grown to 114 days. That substantial rise was entirely due to an increase in the balance owed by “Customer A”. On top of that, some 31.12.2017 accrued income was recorded as a non-current asset, something that hadn’t occurred the previous year. Recording income that the firm doesn’t expect to receive for more than 12 months raises questions. It’s a lot easier to identify these matters in hindsight, when one knows what went wrong, than to conclude in real-time that they represented an important signal, rather than mere noise. Cormac Lucey FCA is an economic commentator and lecturer at Chartered Accountants Ireland.

The FAE Core curriculum is undergoing significant changes in order to maintain the Irish  ACA’s global reputation for excellence. By Ronan O'Loughlin   Members and students will be aware of the significant technological changes impacting on the work and careers of Chartered Accountants. It isn’t just the technological changes that are significant, but the increasing pace of change. Against this backdrop, the Institute’s Education Training and Lifelong Learning Board (Education Board) and Exam Committees have been adapting and enhancing the ACA curriculum to meet these challenges. This article outlines the changes to the FAE Core examination, which will be rolled out from autumn 2019. From a practical perspective, this can be viewed as a first step and will be further enhanced in the years ahead. The journey At a global level, the profession is paying significant attention to the impact of technology on the education needs of students and qualified accountants. Technology is impacting what we learn, how we learn and how we are assessed. The skillsets of Chartered Accountants must be further developed to cope with these changes. The Institute launched a new syllabus in 2018, which featured new FAE electives. These are: the Public Sector elective, which is aimed at students working or advising in this sector; the Financial Services elective, which is targeted at students training in the Financial Services sector; and the Advisory elective. With the other existing Audit and Tax electives, students now have a choice of five electives. This innovative structure recognises the changing nature of the work of the profession and in the case of those working in practice, the increasing importance of Advisory in particular. The 2018/9 structure is summarised in Table 1. Students completing FAE must complete FAE Core and one elective. This structure is unique amongst our reciprocity partners and supports a level of pre-qualification specialisation. All electives can be completed at the time of qualification and additional electives can be completed post-qualification to support career changes. The Education Board and the relevant examination committees are also mindful of the work currently underway with our reciprocity partners in the Global Accounting Alliance, which will frame the skillsets and requirements that will be necessary for Chartered Accountants in the future. This work will conclude in 2019 and will inform the new reciprocity agreements, which will be rolled out in the years ahead. In the meantime, the FAE Core syllabus will be further developed in anticipation of likely reciprocity developments and emerging technological developments. This will be rolled out in 2019/20. Changes to the FAE Core syllabus The Core syllabus is being restructured, with a reduction in modules from five to four (see Table 2). This new structure reflects a desire to create ‘space’ for the new material and to better reflect the changes in our key training firms and organisations. These changes include an increased focus on advisory work and the re-framing of audit practice. There are a number of reasons for these changes: Financial Reporting in terms of syllabus requirements remains as before; it is a key skill for all Chartered Accountants. The slight change in weighting reflects its importance. Assessment will take place within the Core exam and, separately, in an interim Advanced Application of Financial Reporting Principles (AAFRP) assessment; Strategic Management and Leadership contains the areas of strategy (analysis, choice and implementation), as before, with the addition of the Strategic Finance Management Accounting (SFMA) topics previously examined under a separate heading. In terms of the SFMA topics, the focus will be on dealing with the key strategic aspects of these topics; Data Analytics, Artificial Intelligence and Emerging Technologies represent new material, which reflects the current and emerging technological developments that will impact businesses and clients of Chartered Accountants. The topic covers data analytics, with particular reference to determining the data set and its integrity and the interpretation of the outcome of the data analysis. Artificial intelligence will be explored, given its significant impact on business processes. The Emerging Technologies focus specifically on blockchain and cryptocurrency developments, which are creating significant new opportunities for the processing of financial information. The aim is to ensure that newly qualified Chartered Accountants are equipped to understand these developments and their impact on their clients and employers; and Risk Management and Sustainability focuses on the area of audit process, risk management and internal control rather than the traditional external audit focus. Extended coverage of audit and assurance will occur in the Audit Elective. Other new topics include professional scepticism, sustainability and integrated reporting. This rebalancing reflects the evolving nature of audit and the emergence of topics that are altering the role of today’s Chartered Accountant. Feedback received We shared these developments recently with our students and other stakeholders, and the feedback was fully supportive. Students recognise that these developments will future-proof their careers and enhance their career prospects. One recently admitted member said: “I wish I was completing the FAE in 2020”. These changes are just the first step in the planned evolution of our syllabus to reflect the ongoing rapid changes in technology. The education programme in 2019/20 will be supported by a suite of new learning materials. Other changes In addition to the FAE Core changes, a new e-assessment platform will be launched on a pilot basis at CAP1 level. The initial pilot will be conducted in 2019/20 and will be limited to the CAP1 interim assessments and Law. If successful, it will be expanded to all of CAP1 and all interim assessments from CAP1, CAP2 and FAE in 2020/21 and to all CAP1, CAP2 and FAE assessments in 2021/22.  The new platform allows students to complete their exam in an appropriate environment (including their home) with an online live moderation of their exam by an invigilator supported by artificial intelligence. This replaces the current online double entry examination and will include a new CAP1 Law paper and the Management Accounting interim assessment on the same platform. The new platform will not only facilitate increased security and efficiencies, but enhanced student and customer service – and it is fully GDPR compliant. It will also lay the foundation for future enhancements to the Institute’s examination offering. Conclusion The enhanced syllabus and planned developments in FAE Core and e-assessments are significant developments that seek to retain the Irish ACA’s standing in the global business landscape. This output reflects significant work and investment on the part of Chartered Accountants Ireland and forms part of a plan of continuous enhancement. Ronan O’Loughlin FCA is Director of Education and Training at Chartered Accountants Ireland.

Gary McErlean of Quarter Chartered Accountants writes: The ancient saying that change is the only constant seems to be more true today than ever before. The pace of change in the accounting world, driven by continuous technological advances, has never been swifter, or more unforgiving. As a practice which has embraced and adopted the new technologies available, we at Quarter Chartered Accountants can confidently say that this has only been advantageous. There are various Cloud Accounting Software providers such as Xero, Surf, Quickbooks, Sage 1 etc. A few years ago, we decided to invest time with Xero, and I thought it would be useful to outline some of the areas where we have benefited from significant time (and ultimately cost) savings by utilising a Cloud Accounting System. Bank reconciliations still comprise a key component of the accounting process, with staff time requirements being quite significant with bank accounts comprising high numbers of transactions. Not any more – Cloud Accounting Systems have the ability to link directly to most banks, with all underlying transactions being posted within the accounting system automatically, and on a daily basis. Granted that, although such a system automatically records every single lodgement and payment going through the bank, it doesn’t necessarily know where to post the other side of the transaction. However, all the processer needs to do is click on each item and allocate it to the relevant nominal code etc. The time required to do this is a fraction of the time required to post the bank the old fashioned way. Furthermore, the system learns, or can be told, where certain recurring items should be posted and this can also be done automatically, saving even more time. Cloud Accounting Systems also link in with lots of different mobile phone/tablet apps. For example, there are apps that allow the user to take a photograph, on their mobile phone/tablet, of supplier invoices which are then automatically posted to the Cloud Accounting system, to which the app is linked. All you have to do is approve the transaction. Based on the above, it is therefore quite conceivable for all your bank transactions and your supplier invoices to be posted to your Cloud Accounting System before you have even opened it! Another prominent feature of Cloud Accounting Systems is that they can be accessed from anywhere with an internet connection. Gone are the days when all work was carried out in the office on a 9 to 5 basis. It is becoming increasingly common for people to work from home, or on the move, and with the ability to log in to their accounting system being as equally mobile, the business finances can be processed or monitored anywhere on a real time basis. Cloud Accounting Systems provide a platform for offering a more regular reporting service to clients, which is better for the firm as well as the clients. They allow practices to develop client relations and, in our experience, leads to additional revenue streams being generated. In summary, if I was to use one word to sum up the effects of these technological advances in Cloud Computing, it would be EFFICIENCY, and, in my opinion, those that want to survive and thrive in this ever changing world of technology need to embrace it. Gary McErlean is a Principal in Quarter Chartered Accountants, and is a member of the Members in Practice Committee of the Institute. The Members in Practice Committee represents the interests of smaller practices.

The Property Services Regulatory Authority (PSRA) writes: The Property Services Regulatory Authority (PSRA) licences and regulates Auctioneers, Estate Agents, Management Agents and Letting Agents (licensees). The PSRA works to protect the interests of the public by ensuring that high standards are maintained in the delivery of property services by licensees. The PSRA considers the opinion of the Reporting Accountant, and the work leading to that opinion, on whether client moneys are managed in accordance with PSRA Client Moneys Regulations by a licensee as paramount in their assessment of licence renewal applications. In this regard, a licence renewal application must be accompanied by a signed accountant’s report relevant to the licence(s) held. The PSRA acknowledges the vital work undertaken by accountants in completing these reports effectively.   Accountants are required to review the books of account and records of the licensee and give an opinion on whether the licence holder has complied with the PSRA Client Moneys Regulations and to report where breaches of the Regulations have occurred. While the vast majority of reports received do not require the PSRA to request additional information, in some instances the PSRA is required to query the licensee’s application, including the content of the accountant’s report. By way of information, common issues encountered by the PSRA while reviewing licensees’ applications and accountant’s reports include: The most recent updated specified accountant’s report is not completed. Specified accountants reports are available at http://www.psr.ie/en/psra/pages/accountant’s_report Accountants fail to complete Section 4 of Part I of the relevant renewal accountant’s report expressing an opinion as to whether the regulations have been complied with by the licensee. Incorrect calculation of the balance on the Balancing Statement. The name of the Client Account(s) does not match exactly with the name on the relevant bank statement. A client account must be in the name of the licensee and contain the word “client” in the title. Issues of greater concern to PSRA identified in 2018 include: Liabilities to clients reduced on the balancing statement (Appendix 3A of PSRA/S35 – Renewal ABC) by deducting moneys owed in, which were intended for clients, but had not yet been received or placed in the client account. An example includes: where a licensee pays money out of the client account to a landlord in advance of receipt of rent by the licensee from the tenant. In a small number of instances this transaction is not shown as a liability on the client account by the licensee when completing the balancing statement. Before giving an opinion, the accountant should be satisfied in respect of the statement in section 3.3 of the report, namely “I have obtained the client account balancing statement(s) prepared by the Licensee as set out in Appendix 3A and checked that the information therein is in agreement with the books of account and records of the Licensee”. Liabilities to clients are not reported on the balancing statement (Appendix 3A of PSRA/S35 – Renewal ABC). Before giving an opinion, the accountant should be satisfied in respect of the statement in section 3.3 of the report as noted above. Licensee using one account for all client and business transactions. This is a breach of the Client Moneys Regulations and is required to be included by the accountant at Appendix 2 of the accountant’s report. Instances where a deficit/surplus on the client account has been identified but not addressed by the licensee, despite confirmation in Appendix 3B that funds have been paid into/withdrawn from (as appropriate) the client account by the licensee and the signed accountant’s report being submitted as part of the licence renewal application. In these instances, the PSRA has by way of follow up confirmed that in such cases outstanding monies owed have not been repaid to the client account. The PSRA encourages that you consider whether there is evidence of any of the above issues arising when completing the accountant’s reports on behalf of licensees. The PSRA acknowledges the engagement of accountants with licensees and the cooperation extended to the PSRA in addressing queries. More information regarding accountant’s reports and the PSRA in general can be found on www.psr.ie. The PSRA may be contacted on 046 9033800 or by email at info@psr.ie in relation to any query you may have when completing PSRA Accountant’s Reports. Members should refer to Technical Release (TR) 03/2018 ‘Licence applications under the Property Services (Regulation) Act 2011 and the Property Services (Regulation) Act (Client Moneys) Regulations 2012’ issued in June 2018.  

Orla McGahan writes: 1. Join a network “If you want to go fast, go alone; if you want to go far, go together.” There are 1,730 Chartered firms in practice in Ireland. Of that, around 950 are sole practitioners; and yet, there are only 40 listed networks. Even with an average of ten members per network, there are a lot of people out there going it alone. Don’t isolate yourself. The benefits of being part of a network are copious: A case study group – for those times when a case needs to be talked out.  A forum to benchmark – to benchmark fees, charge out rates, overheads, staff salaries, and so on, can be invaluable. Consider joining a network outside your geographical or competitive area if necessary.  Knowledge sharing – share experiences on dealing with Revenue, CRO and other areas. For that moment when you are just having a blank, being able to run it by a trusted colleague. Referrals – often within a network various members specialise in varying fields, industries or disciplines. This can lead to additional work through referrals. CPD and training – organising training by network offers more flexibility to custom make the course, attendees, and location, while gaining cost reductions. 2. Don’t underestimate the value of your work I was lucky enough to be shown early in my practice life (by a client!) that the value of your work is not the time it took to put together the relevant documents and submit them to the appropriate authority. But rather, and more importantly, your fee should reflect the time, effort, knowledge and experience you have gained over the years which gives you the technical and practical knowhow. For a lot of practitioners, our work revolves around solving problems or doing work our clients do not have the time, knowledge, skill or experience to do. Make sure the price you put on your work adequately reflects value to both you and your client. 3. Stock control - record your time How often do we criticize clients for inadequate stock control and yet how many of us, particularly partners, do not record our time? We sell time. Fact. And yet quite often we have no control over it. There are many good CRM packages available to practitioners offering time recording systems with simple reporting facilities. Invest in one and use it. It will pay for itself, and then some. Find the discipline to record your time, every day. 4. Organise your time and stick to it! As the saying goes – “Failing to plan is planning to fail.” If I were to pick one thing that will make a difference, it’s time management. This is crucial to creating and maintaining an easy (easier) practice life. Plan, systemise where possible, and stay on top of The annual return and compliance review - do this when it comes in or as it falls due; Anti-money laundering compliance; Engagement letters; Practice housekeeping – A Chartered Accountant I know, who runs a very successful practice, has developed the habit of spending the first hour of his day, every day, without fail, to practice housekeeping. And his success is testament that it works; CPD and your CPD record; Staff mentoring records. 5. Embrace technology and update your software regularly Efficiencies leading to higher profitability and better cash-flow can be achieved with regular investment in software and technology. Incorporate this cost as an ongoing overhead. 6. Value your staff I’m sure this is not the first time you have been told this, but your staff are your most valuable asset. “We are only ever as good as the people around us”. Invest in your staff. The cost of losing an experienced staff member goes far beyond the financial cost. Added to that, a new staff member will take at least six months to become comfortable and familiar with the position. The cost of this should never be underestimated. Invest in training, talk to your staff openly and regularly (maybe over a nice lunch) about the things that make a difference to their enjoyment of the position, and it’s not always about salary. Particularly in the current environment, taking care of your staff should be a high priority. 7. Self-care In the words of Stephen Covey (The 7 habits of highly effective people) – “sharpen the saw”. Take care of yourself, your health, your mental health and your private life. As a practitioner, the pressure to develop, to stay up to date technically, meet deadlines, manage staff, and still live your life can sometimes be overwhelming, not to mention managing the expectations of clients. We carry a huge responsibility. So take time out regularly and routinely to take care of yourself. 8. Get involved in your Institute For some members “The Institute” may seem like an anonymous entity from which they can feel somewhat disconnected. But the Institute has many more facets than members realise and offers many valuable services. In addition to the staff, many member volunteers are lobbying and working away for the interests of its members. Volunteers are always required in many areas. The benefit of involvement and having an active role is that you can help shape and change the world in which you work, influence policy and changes in legislation, education, membership and many other areas. And as an added bonus, involvement gives you a sense of belonging to the Institute of which you are a member. 9. Agree fees upfront and in writing When you make this routine a habit, it is second only to time recording in revolutionising your practice, your fee recovery and your cash flow. It focuses your mind in identifying exactly what service is required, what the client is willing to pay for that service, and the timing of when you will get paid. It opens the doors for a discussion on what work the client wants done, and identify any work they are willing to do themselves. Make a list of the steps involved in the work and use this as a template to assist in the conversation. The benefit is that it saves a lot of stress and bad feeling when you think you’ve done a great job only to find that the client does not appreciate it and is unwilling to pay for it. Orla McGahan is the principal of McGahan and Co, and is a member of the Members in Practice Committee of Chartered Accountants Ireland.  

Jeremy Twomey writes: With autumn’s arrival, it is timely to look back at the key events thus far in 2018 that have impacted accountancy practitioners. As in previous years, regulatory and legislative change has continued apace, including: The General Data Protection Regulation (GDPR) came into force across Europe on 25 May, resulting in the largest change to the Irish & UK Data Privacy regimes in over a generation, with wide ranging effects on all businesses, including accountants; and The Companies (Statutory Audits) Act 2018 was signed into Irish law in late July, with its resulting principal changes for practitioners outlined in a dedicated article in Technical Signpost below. It is fair to say that achieving compliance with these new requirements presents a challenge for practitioners, especially so soon after the introduction of the Small and Micro Company regimes in ROI via the Companies (Accounting) Act 2017, as well as the new and separate Auditing Frameworks for Ireland and the UK early last year. 2018 has thus far also been a very busy year for the Institute’s Practice Consulting team, as we work to assist our members across the island in meeting the challenges they face. Our Training courses in the areas of Auditing, Financial Reporting and GDPR are proving particular popular. We have developed these three courses to address the practical needs of our members, providing clear examples of how to address the issues in each respective area that both you and your clients face each day. An example from our Financial Reporting course includes how to meet the various financial statements note disclosure requirements under the Small & Micro Company regimes. We use the experience that we have gained from numerous compliance assignments at practices over the years, together with the knowledge garnered from developing our practice aids such as Pro Forma Financial Statements, Procedures for Quality Audit (PQAs) and our recent comprehensive GDPR guidance and related templates. Marrying these with insights from the Institute’s Professional Standards Department on key regulatory compliance issues that they see at firms as part of their monitoring role, our courses help to ensure that both you, and your clients, stay ahead of emerging issues and meet your regulatory requirements. Feedback that we have received over recent months on these courses has been very positive and each carries a 3 hours CPD credit. Looking ahead, our upcoming courses during the autumn months include courses on Auditing and Financial Reporting in five regional centres across the island (Belfast, Cork, Galway, Limerick and Sligo), as well as Dublin. We typically provide both of these courses in one day at each centre, allowing participants to attend both courses, should they wish. Further details on the dates and times during November and December for each course/location, as well as booking details, are available on the Professional Development area of the Institute website. The option of availing of these three courses in-house at your firm also continues to be very much in demand. This option allows you to tailor a particular course to your firm/staff’s specific needs, while having one of our consultants provide a course at your practice is a particularly cost efficient way to meet CPD requirements for both you and your staff. One very popular example of such an in-house course over recent months is our half day GDPR consultation, where one of our team can visit your firm and offer practical advice and guidance on how to tailor your procedures, make progress on your GDPR journey, and meet key compliance milestones. Other courses that we are running during October and November at the Institute include two courses focused on regulated areas. The first in late October focuses on Accounting and Auditing for Charities and Not-for-Profit Entities, while the second in late November concentrates on other Regulated Entities such as Insurance Brokers, Auctioneers, Owners’ Management Companies, Occupational Pension Schemes and Solicitors. If you are providing accounting or audit services to any of these organisations, then these courses may be for you, as we provide practical updates on the recent key changes in the standards, regulations and legislation affecting these sectors. As you prepare for the remaining busy months of the year, and indeed for 2019, it may be worthwhile taking some time now to consider your current CPD requirements and how best to tackle these needs. As ever, my colleague Conal Kennedy and I are available to contact (see contact points below) on any of your practice related training needs over the coming months.

Jeremy Twomey writes: Meeting General Data Protection Regulation (GDPR) compliance requirements has become a top priority for Irish businesses over recent months and accountancy practices are no different. Recognising that GDPR implementation presents both specific challenges and opportunities for accountants in practice, the Practice Consulting team has also been busy both offering advice and providing practical guidance in this area for our members. This guidance can be found at  https://www.charteredaccountants.ie/knowledge-centre/guidance/gdpr/gdpr-resources and includes the following: GDPR 8 Step Guide; Explanation of GDPR terms; GDPR Template Outline Procedures to be tailored and used by an accountancy firm; and Example paragraphs for a client engagement letter addressing GDPR and a template privacy statement. From talking with our members in practice over recent weeks, it is evident that practitioners are at different stages on their journey to GDPR compliance. While it may appear a daunting exercise at the outset, the process of becoming GDPR ready can be broken down into a few key practical steps. With this in mind, in this article, I am going to outline the key points to achieve GDPR implementation from our 8 Step Guide: 1.  Raise GPPR awareness As a starting point on your GDPR journey, the partners and staff at your firm need to be fully aware of the Regulation, the work to be undertaken to ensure compliance, the likely problems that may arise and any budgetary implications. A basic step that can be undertaken in-house at your firm is a GDPR awareness presentation for all the staff. Your clients also have to comply with GDPR, so it is worthwhile checking that they are aware of these changes, to tell them of their GDPR obligations and how your processes may be changing. Such support may be an ‘added value’ opportunity for your firm to assist your clients. 2.  Appoint someone senior to oversee the process & resource this appropriately Your firm should appoint someone internally to take control of understanding GDPR and how it will affect your practice. It is essential that this a senior member of staff who will take responsibility for overseeing the GDPR compliance process at your firm. While it is expected that the majority of the work in relation to meeting the requirements of GDPR can be undertaken internally, a project team may be required, which may include external support and assistance on certain issues. Hence, it is vital that reasonable funding and resources are set aside to achieve your GDPR requirements. It is currently envisaged that most accountancy firms will not be required to appoint a Data Protection Officer (DPO). It is, however, recommended that you still appoint someone to be responsible for data protection within the firm going forward, but give them a title other than DPO (i.e. “Data Privacy Lead”). 3.  Review and update existing information and cyber security measures Having comprehensive levels of information and cyber security is a key step towards building a resilient organisation and ensuring GDPR compliance. It is therefore recommended that members should review their existing security measures and update as necessary. Both controllers and processors are required under the Regulation to implement “appropriate technical and organisational measures” to ensure a level of security appropriate to the risks that are presented by the processing of personal information. Such measures are described as including: Pseudonymisation and encryption of data (The use of secure portals to share documents is also of benefit); The ability to ensure ongoing confidentiality, integrity, availability and resilience of processing systems and services; The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and A process for regularly testing, accessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. Detailed listings of examples of both practical physical and technical security measures to aid GDPR compliance at your firm are included in the full version of our 8 Step Guide as published on the Institute website. It is important to remember that managing cyber risk is not simply about managing data within your firm. Therefore, it becomes necessary to document the security risks from your supply chain (e.g. cloud service provider), as well as your own organisation. 4.  Map your data With the many potential pitfalls of non-compliance to GDPR, taking action to map any gaps in relation to the personal data your firm holds is critical. The first step is to get started by scoping the problem and mapping the data flows associated with your firm. It involves identifying, understanding and mapping out the data flows into and out of the organisation. As the data map evolves, you should be able to identify the flow of data, as well as gaps in required contracts and consents for processing data under the GDPR, and risks in security measures etc. that will need to be prioritised and resolved to ensure compliance. This requirement for data mapping is quite far reaching when you think about it. A typical accountancy practice possesses the following: accounting and tax software, audit software, payroll software, practice management systems, network drives and, of course, paper accounting, tax, company secretarial and audit files. This review will also need to extend to the many individual devices on which information is stored (e.g. laptops, desktops, tablets, phones and memory sticks). Finally, it is important to emphasise that, when completing your data mapping, GDPR compliance is only required for personal data that you hold. Company data is, for example, beyond the scope of the regulation, however your data mapping exercise may have an added benefit of identifying efficiencies that you can implement at your firm for non-personal data as well. 5.  Review your contracts with clients and suppliers As the GDPR imposes new obligations on data controllers and data processors, you will need to make sure you understand your status and your responsibilities with regard to both client data and firm data. At the very least, firm contracts will need to be updated to reflect the requirements of the GDPR. Accountancy firms should review their existing contracts with their clients, suppliers and sub-contractors to identify whether the accountancy firm is the data controller or data processor of any personal data it processes under the different contracts. This involves identifying which party ultimately determines the purpose and means of processing data. It is of vital importance that you satisfy yourself that your firm is correctly assigned the role of either data controller or processor (with matching appropriate requirements/liabilities) before signing any contract with your client or supplier. Remember that entering into a contract on the wrong basis may potentially open both you and your firm to unnecessary requirements/liabilities that may be difficult to overturn. More detailed guidance on each of these areas is included in the full 8 Step Guide, while Section 5 of our Outline Policies and Procedures provides advice on your firm’s likely status as either a Data Controller or Processor for a variety of possible assignments that you may undertake. Both of these documents can be found on the Institute website under GDPR resources. 6.  Employment contracts & information for your employees As with existing legislation in this area, under GDPR, certain information must be supplied to employees before their personal data is collected and processed by your firm. The information will typically be provided in the form of a notice to job candidates, and a further privacy policy will be supplied to successful job applicants as part of their on-boarding induction to the firm (typically included in an Employee Handbook along with other firm policies). It is also important to remember that, for the processing of employees’ personal data, where possible, the employer should rely on performance of the employment contract as the legal basis for processing, rather than consent. Consent is a weaker legal basis for such processing, as it can for example be easily withdrawn by the data subject Finally, do not forget to review (and redraft as necessary) employment contracts to update any data protection references or sections to comply with GDPR. 7.  Draft/update data protection policies and controls to meet the new requirements The GDPR introduces the principle of ‘accountability’. This means that all organisations must not only ensure they are compliant with the GDPR, but be in a position to prove this too. The best way to prove this is to document your data protection policies and procedures. We suggest that your firm’s GDPR policies and procedures should include, but not be limited to, the following (Outline policies in several of these areas are included in “Outline GDPR Policies and Procedures” on our website): Who is responsible for GDPR at your firm and what are the reporting lines? Data Processing Your policies in this area should detail the categories of personal data collected by your firm and the purpose for which it is collected. In addition, these policies should detail your firm’s role as a Data Controller and also instances when you act as a Data Processor, together with your responsibilities in fulfilling these roles. Data Subject Rights Your firm will need to have specific policies and procedures in place to ensure the rights of your data subjects are upheld under GDPR and that you have adequate processes and resources to meet the requirements of the Regulation. Specific subject rights areas requiring defined policies and procedures include: Data Subject Access Requests (DSARs); Right of erasure (Right to be forgotten); The right to restrict processing; The right to object to processing; and The right to data portability Some of these rights may not be enforceable by the data subject where data is held under legitimate purpose.   Data Governance Example areas of data governance to be considered for inclusion in your GDPR related policies and procedures include the following: Data Protection Impact Assessments (DPIAs), Privacy by Design and Privacy Notices, Document Retention, Security and Breaches. 8.  Staff training and ongoing compliance While not all staff will need to understand the GDPR in its entirety at your firm, each of your staff should at least be aware that data protection is an issue for everyone. For staff who do not deal with personal data, training can be limited to an annual (refresher) course on information and cyber security. On the other hand, for staff who regularly deal with personal data, training should focus on security over data, plus an awareness of the firm GDPR policies and procedures on a regular basis (at a minimum annually or more often if the need arises). Again this can be tailored to their particular role and responsibilities. Ongoing testing Testing in the areas of IT Security and other key aspects of GDPR compliance (e.g. audits of records held for constant compliance) should be formalised into a regular ongoing programme of work at your firm, as well as outsourced providers. Cyber security is a rapidly evolving area. Meeting best practice in May 2018 does not mean you will maintain compliance over the months and years ahead; you will need to keep this area under review. Conclusion At first glance, the process to ensuring GDPR compliance may appear to be a massive undertaking and a drain on resources for your firm. It is important to bear in mind that most accountancy firms and small businesses are in the same boat as you, and that by breaking down the required steps into clear manageable stages as above, you too can achieve GDPR Compliance in a timely manner. Should you need further assistance, Practice Consulting has also developed a half day consultation offering. One of our consultants can visit your firm and offer practical advice and guidance on how to tailor your procedures, make progress on your GDPR journey, and meet key compliance milestones. If you have any question in relation to GDPR, please feel free to contact either Conal Kennedy or myself in Practice Consulting.

Jeremy Twomey writes: Billed as the most important change in data privacy regulation in over 20 years, and with its enforcement deadline of 25 May 2018 fast approaching, ensuring General Data Protection Regulation (GDPR) compliance has become a top priority for the majority of Irish businesses. Over the last year, the Institute has been helping its members to prepare for GDPR in a number of ways. For example, we have provided guidance via articles in recent issues of Accountancy Ireland, while in the last few weeks we have run a series of half day roadshows and courses in a number of towns and cities across Ireland. In addition, the Practice Consulting team has been busy preparing detailed practical guidance in this area, explaining what the changes resulting from GDPR will mean for accountants and their clients. This guidance will be available under the Knowledge Centre section of the Institute website, and is designed to answer the GDPR-related questions that members have contacted us on over recent months. While preparing this guidance, it became evident that a number of “myths” have developed over the last couple of years surrounding the implementation of GDPR. In this article, I am going to address a few of these and try to help you ensure that you do not fall foul of these, as you prepare to achieve GDPR compliance at your firm. Myth 1 - GDPR Compliance is a once off project to be achieved by 25 May With so much hype surrounding the regulation, one should remember it is not a once off event or test for compliance. Unlike planning for the Y2K deadline in 1999, GDPR preparation doesn’t end on 25 May; it requires ongoing effort. It’s an evolutionary process for organisations; 25 May is the date that GDPR will be enforced but no business stands still. You will be expected to continue to identify and address emerging privacy and security risks in the weeks, months and years beyond May of this year. GDPR will require ongoing governance of data, as organisations migrate to new systems or apply their customer data to new markets and trends. Initial compliance is the first heavy lift, but ongoing governance is the long-term reality! All entities falling under GDPR should endeavour to be fully compliant by the implementation day, although this may not be possible in all instances. In such circumstances it is important that you address the essential elements of compliance at your firm as soon as possible, and can demonstrate your ongoing efforts in this regard in a comprehensive documented plan of work. Myth 2 - GDPR is only for large firms, a small accountancy practice or company is not expected to have the time or resources to achieve compliance You will have to comply with GDPR, regardless of your size, if you process personal data. Small accountancy practices do not escape the demands of compliance. GDPR needs to be prioritised by all firms, regardless of size. The vast majority of businesses across Ireland are small businesses and it is important to remember these firms often process a lot of personal data, and their data protection reputation and liability risks are just as real as for larger entities. Myth 3 - With Brexit, entities located in the UK, including Northern Ireland, will not have to comply with GDPR GDPR will apply to all EEA countries and any individual or organisations trading with them. As it comes into force on 25 May 2018 (before the UK is due to leave the EU), UK individuals & organisations must ensure compliance with the new regime by then. The British government has confirmed that the UK’s decision to leave the EU following Brexit will not affect the commencement of GDPR. Post Brexit, it is envisaged that if a UK organisation or individual processes personal data, then they will have to do this in accordance with GDPR. To ensure that the UK will be GDPR-compliant post Brexit, the new Data Protection Bill (currently going through Parliament in London) incorporates all of the GDPR. Myth 4 - GDPR is a completely new approach to Data Protection It is vital to remember that GDPR builds upon the existing legislation in this area. It is an update, not a wholesale revision, to meet the changes in technology and data use over the last twenty years or so. As a result of these changes, consumers’ privacy and data were not by now as well protected as they could be. GDPR rectifies this by increasing the responsibility on organisations to use personal data appropriately and to hold it securely. Although GDPR is not a completely new approach, it is more stringent in its application and the fines for non-compliance have been considerably increased. This means that doing nothing is not an option, although GDPR does allow organisations to take a risk based approach, based on your size and circumstances. Many organisations struggle to assess where they should start in preparing for GDPR. It is helpful to remember that we have had data protection legislation in both the UK and the Republic of Ireland for a number of decades and therefore, firms who have taken data protection compliance seriously are already in good shape for beginning to meet GDPR’s increased compliance standards. Myth 5 - GDPR is just more bureaucracy and work for small firms, with no potential  benefits When legislation of this nature is announced, one can take either a positive or negative view of the task at hand. If you take a negative view, you will see GDPR as more bureaucracy and cost to your firm. If you take a positive view, on the other hand, you will view GDPR as a necessary strengthening of the rights of individuals, and indeed a potential  opportunity. As accountants position themselves as strategic advisers to clients, GDPR is also an opportunity for firms to demonstrate to clients that they can securely hold and process information in accordance with data requirements, and that protection of client data is a priority for the practice. As a result, clients are likely to see their accountants as trusted professionals with whom they can partner to drive their business forward. Therefore, being a leader in this area may enhance your practice and its reputation. In addition, as trusted business advisors to your clients, you must have sufficient knowledge of this new legislation to be able to provide sound advice. SMEs need to be ready when the new law comes into force, but they may struggle to know where to start. Chartered Accountants in practice can help these small businesses bridge the gap to GDPR compliance and, in the process, win new business. Myth 6 - Outsourcing GDPR compliance will be a quick fix for me and my firm There is no quick fix to GDPR compliance. No one piece of software or outsourced service provider is going to provide everything you need to comply with GDPR. For accountancy practices, GDPR will impact on how you manage and store data across your entire firm (e.g. client, prospective client, contact, supplier and staff data). You cannot outsource your responsibility for this information, and compliance with GDPR will require considerable time and preparation from all levels within your practice. With the implementation date of 25 May approaching quickly, it is important to start sooner rather than later on this. Myth 7 - GDPR only applies to Digital Processing Under GDPR, data processing covers both automated personal data and manual filing systems. Manual/paper records are included if they are part of a ‘relevant filing system’. This means papers stored systematically, for example, in a filing cabinet are probably included, but ad hoc paper files may not be. Members should ensure that they apply the same levels of diligence to paper records as they do digital records and that any decisions made regarding the lawful basis for processing, adhering to data protection principles and upholding data subjects’ rights include paper records held. Myth 8 - Under GDPR, accountants will only be seen as Data Processors and hence avoid much of the responsibility that falls on Data Controllers in this new regulation The UK Information Commissioner’s Office (ICO) has previously advised that it considers that an accountancy firm providing accountancy services acts as a data controller. The firm’s status as a data controller in relation to clients arises because the firm has flexibility over the manner in which it provides services to its clients and will not be simply acting on their instructions. In addition to this, the firm has its own professional responsibilities regarding record-keeping and confidentiality. Therefore, because an accountant “determines what information to obtain and process in order to do the work”, firms act as “controllers in common” with clients. Under GDPR, member firms will also be data controllers with regard to their firm data (e.g. employee information). If there is any doubt regarding your status as a processor or controller in relation to your firm’s activities, you should take legal advice. Going forward, firms will need to ensure that client terms and conditions reflect this reality, potentially extending engagement terms as appropriate. No doubt, for many accounting practitioners, much work remains to be done to fully meet GDPR compliance requirements. Between now and the end of May, firms new  to the process will need to examine their existing data processing, review their data protection policies, procedures & controls, and identify any gaps that need to be addressed. Following on from this, firms will need to implement any changes required in a structured documented manner to meet the needs of GDPR and continue to show full compliance long after the implementation date. The Institute will continue to assist members on your GDPR compliance journey, with ongoing updates to our available guidance in this area and, should you have a specific query in this area, please feel free to contact the Practice Consulting Team.