Tech Advancements Continue to Outpace Security, Driving Burnout

A new article in FM Financial Management says that organizations are concerned about AI’s impact on the threat landscape, but less than half are conducting regular audits to secure their defenses, driving a cycle of burnout among employees. Author Steph Brown points out that, according to new research she is reporting on, emerging technologies continue to outpace organizations' tools to defend against new, complex cyberthreats.

The evolving landscape has increased the responsibilities of employees tasked to mitigate the risks, fueling burnout in overburdened teams, according to the Cybersecurity Assessment Report 2024produced by Romanian software company Bitdefender.

Read more
Private Equity Has Big Plans for Small Firms

A recent article in the Journal of Accountancy, written by Brian Strickland, says that five of the top 25 public accounting firms in the United States have struck deals with private equity over the past two-plus years, but the trend isn't limited to large firms.

Small firm owner Amber Goering, CPA, CGMA, teamed up with David Wurtzbacher, the founder and CEO of a private-equity-backed strategic partner for regional firms, and Gary Thomson, CPA, managing partner at Thomson Consulting, for a panel discussion, "The Journey to M&A: How Private Equity Is Impacting the Profession," earlier this month.

Thomson said he's busier than ever helping clients of all sizes assess whether private equity is right for them.

Read more
Global Risk Landscape 2024

Is adopting an “antifragile” approach to risk the key to thriving through disruption and volatility? Does your organization have an ‘antifragile’ mindset? BDO’s 2024 Global Risk Landscape shows that almost half of global business leaders believe their organizations have an antifragile approach to risk. But only 7% said their organizations were “risk welcoming” and only 19% said they were very proactive when dealing with risk. Is there a gap between the antifragile aspiration and reality? 

According to the survey, “the more things change, the more they stay the same, as the old French saying goes. But not when it comes to risk. The more change takes place, the more risk that organizations face. And change is now happening at a faster and more frequent tempo than ever.”

The survey found that, “having mostly put COVID-19 in the rear-view mirror, businesses are experiencing déjà-vu, with supply chain risk back on the agenda amid rising global tensions. Attacks by Yemeni rebels mean cargo from Asia bound for Europe is being diverted around South Africa instead, adding weeks to journey times. Economic conditions also remain choppy, with organizations having to contend with inflationary pressures impacting production costs and their customers’ buying power.”

It adds that a wave of global elections is further adding to the uncertainty, particularly when it comes to regulation. “The pace of regulatory change has already quickened: organizations are often forced to comply with rules imposed not only by domestic regulators, but foreign ones too.”

For organizations to navigate this environment they must now be alive to the risks they face but agile enough to respond in a way that keeps their business moving forward. According to the survey. “Historically, most businesses have looked at risk in a negative way, as a threat to be minimized. But, in a time of constant change, they need to embrace risk to seek advantage if they want to avoid standing still. In other words, they need to view risk not as a threat, but as an opportunity.”

There can be opportunities for businesses to use risk to gain advantage and do social good, even in the most catastrophic of scenarios, the survey notes. “Consider the case of Hurricane Katrina. As it made landfall, government agencies couldn’t deploy resources and deliver supplies to stranded people, but companies like Walmart and Home Depot realized ahead of time that they could.

“Marshalling their people and stocking up on emergency supplies, these companies could see the opportunity within the risk to support local communities in their time of need. To adopt this mindset, businesses need to become more like downhill Olympic skiers. They need to be able to flow and adapt at speed and anticipate the challenges in their path to gain an advantage over their competitors. Those that don’t take this approach will come off worse for wear because they are too slow on their feet and can’t react fast enough.”

The survey also found that “the percentage of business leaders who see artificial intelligence as an opportunity for their organization dropped to 59% from 83% in 2023, possibly because of organizations trying to separate the hype from the reality and what it really means for their business.

"At first, everybody thought there was tons of opportunity with AI, but then people started getting into it and realized it's not as easy to implement because it's very overwhelming — there's just so much to do and so much to figure out," Kirstie Tiernan, data analytics practice leader,” said in the report.

Some organizations shelved their immediate AI plans once they began exploring its potential because they discovered they were not capable of using it.

Read more
Employers Boost Incentives to Get Staff to Relocate

An article in worklife, written by Hailey Mensik, points out that getting employees to relocate so they can spend more time in the office is like pulling teeth for some employers. That’s why many are still offering incentives to sweeten the trade-off.

According to a survey from Atlas Van Lines (including responses from more than 500 company leaders), some 64% of companies said an employee declined relocating for work last year, which is up from the year prior.

Mensik says that this comes as more companies are forcing staff back into offices they may not even live near, such as Walmart, which laid off hundreds of corporate staff this month and said those remaining in remote roles needed to relocate to its Bentonville, Arkansas headquarters or other primary offices in New Jersey and San Francisco. 

“Employee views around moving for work have shifted post-pandemic as staff place more value on work-life balance, family and community,” Mensik notes, “but they also have far less leverage than they did during the Great Resignation. While some may be forced into moving closer to work, companies are still trying to entice them a bit, and upping the offer when asking current staff and candidates to make such a major life change.”

Companies are incentivizing staff to relocate with more offering to cover travel expenses, giving relocation sign-on bonuses, and offering guaranteed employment contracts for a specified amount of time than they did the year prior, according to the Atlas report. “Almost all companies reported boosting their nonstandard relocation incentives last year.”

Mensik adds that “some 44% of companies offered sign-on bonuses for staff relocating in 2023, up from 42% the prior year, and 42% offered contracts guaranteeing employment for a certain time period, up from 34% the prior year. More companies also offered cost of living adjustments — 42% in 2023, up from 39% in 2022. And overall relocation volumes did rise last year, along with budgets for relocations, which are expected to increase again this year, the survey found.” 

Another way employers are sweetening the deal when asking staff to move is by ensuring they’ll have more flexibility around the time they spend in the office, for instance allowing them more control over which days and during what hours they choose. “Job seekers are saying that a flexible work arrangement is one of the top three incentives that would attract them to a new company,” Mensik quotes Rhea Moss, global head of workforce and customer insights at iCIMS, as saying.

Read more
Finance’s Data Security Strategy Role

An article in FM Financial Management, written by David A.J. Axson, notes that data security is a significant and increasingly expensive business risk. “Today, almost every social or commercial interaction creates a digital footprint. Unauthorized disclosure, communication or manipulation of that data is no longer just an IT issue but an enterprise risk that can have severe financial consequences,” Axson says, adding that IBM estimates that the global average cost of a data breach in 2023 was $4.45 million, a 15% increase in the past three years.

Axson points out that “finance has always played a pivotal role in managing data across an enterprise — after all, an accountant’s primary purpose is to ensure the integrity of an organization’s financial statements that are derived from data generated by business operations.”

Historically, finance has focused on financial data stored in the general ledger and sub-ledger systems, he adds. “The accounting code block and chart of accounts, which define the attributes of transactions and the accounts to which they should be posted, have underpinned a framework of governance, discipline, and data management that worked well for many decades. However, automation, e-commerce, and digitization have advanced the types of data being used (e.g., market, customer, operational, product, service, environmental, health, safety, control and compliance); and the volume of data has expanded exponentially with no end in sight.”

Today, says Axson, “finance is either the owner or a partner with IT or emerging roles such as a chief data officer (CDO) or chief information security officer (CISO), ensuring data security practices are appropriate, comprehensive, and effective. Disciplined governance must now extend from financial data to all data. This data may be housed in many parts of the organization or with business partners and service providers.”

He advises that “an effective data security strategy needs to address all elements of a business’s ecosystem because risk exists at every node. Finance plays an integral role in defining and operating an effective data security system through a combination of governance, stewardship, and risk mitigation. This is a multifaceted role that embraces policy-making, standard setting, data ownership and stewardship, reporting and compliance.”

According to Axson, the three most important steps in developing an effective data security strategy are:

1. Conducting a data security risk assessment that identifies the types of data within your organization and the impact of risk events such as (a) data loss, (b) data corruption or (c) unauthorized disclosure of data.

2. Ensuring the data security policy defines the level of risk the organization is willing to bear. The four levels of risk to consider are:

  • Avoidance. At first glance, risk avoidance might seem the preferred choice. However, not all risks can be eliminated. In some instances, the cost of avoidance may be greater than the risk of loss.
  • Reduction. Risk reduction looks to limit the potential impact of data security breaches to a manageable level. One of the simplest examples of data security risk reduction is the evolution of system and website log-on protocols from user-defined passwords that are infrequently changed, to multifactor authentication and biometrics.
  • Transference. Risk transference can be accomplished in different ways. Utilizing third parties to perform elements of an organization’s data security and enshrining their responsibilities for ownership, accountability and liability for different types of data risk in contracts is one such way.
  • Acceptance. For most organizations, there will be a point at which the cost of control exceeds the risk of loss. In this case, an organization can choose to accept some level of data security risk. This is equivalent to self-insurance as the organization chooses to bear the liability associated with any data security breaches.

3. Defining the appropriate combination of policy, process, behaviours, and technologies that will provide a sustainable and cost-effective data security environment.

For more, and a Cyber And Data Security Checklist For Finance Teams, see Finance’s data security strategy role (fm-magazine.com).

 

Verticalization: Unlocking Opportunities for Growth

As the old adage goes, “you can’t be all things to all people.” This rings true in many facets of both our personal and professional lives – and it is especially true within client advisory services (CAS) practices. So says Kim Blascoe, CPA, Senior Director, CAS Professional Services, CPA.com, in a recent blog on the CPA.com webpage.

As many CAS practices continue to mature and grow, so do their client rosters, Blascoe writes. “They adopt a generalist approach, trying to find growth from serving many different clients. But soon, they find themselves feeling the strain of too many disparate client needs, too many software solutions to implement and learn and at too high of a cost. As a result, CAS practitioners are operating as jacks-of-all-trades, unable to commit the time needed to become real experts within their clients’ businesses – a critical step in the evolution toward more advisory-focused practices.”

Read more
Betting the Business on Gen AI

An article in the latest F.A.R. from FEI Canada, sponsored by IBM, says that today’s C-suite leaders have an opportunity to use the transformative potential of generative AI as a catalyst to completely overhaul their IT estates and business outcomes. “With the actions they take now, CFOs and other C-suite leaders are effectively placing a business bet on their readiness to deliver and scale AI in their core operations, whether they realize it or not. This isn’t just an opportunity to better deploy gen AI at scale. It’s about using gen AI as the impetus to completely rethink how technology can support business goals.”

According to the article, “to help ensure the approach to generative AI doesn’t follow in the footsteps of previous unsuccessful approaches, a tech reset is necessary. Currently, only 29% of cloud IT assets and services are performing as required. The remaining 71% is essentially tech debt.”

Read more
CPAB’s 2024 Crypto Assets Inspections Insights

The Canadian Public Accountability Board (CPAB) has just released a publication that provides insights and illustrative examples into common inspection findings for auditors of crypto-asset reporting issuers. The publication Crypto Assets Inspections Insights outlines good practices observed in audit files without findings and highlights some emerging risks.

As of February 2024, there were 72 Canadian reporting issuers in the crypto-asset industry audited by 26 public accounting firms registered with CPAB. Between 2020 to 2023, CPAB inspected 33 audit files of reporting issuers with crypto-asset activities and identified significant findings in 23 of those files. “Although we have seen improvements to the procedures performed by auditors of reporting issuers in this industry, and we have seen the rate of findings trending downward – in 2020 all files inspected had significant findings compared to 50 per cent in 2023 – the types of inspection findings and the rate of findings remain unacceptably high,” says the report.

Read more
Oh Great, AI Can Detect Sarcasm Now

A recent article in Entrepreneur, written by Sherin Shibu, points out that sarcasm can be tricky for even humans to pick up — let alone a computer.

That's why researchers at the University of Groningen's Speech Technology Lab in the Netherlands decided to build an AI sarcasm detector that can pick up on tone of voice and convey those emotions through emojis embedded in transcribed text.

One of the researchers who worked on the project, Xiyuan Gao, presented the work on May 23, 2024, as part of a joint meeting held by the Acoustical Society of America and the Canadian Acoustical Association at the Shaw Center in Ottawa.

 Usually, sentiment analysis just "focuses on text," said Gao at that meeting. “The new approach goes deeper into the way people say things, not just what they say, which could help fields like AI-assisted health care. The findings of the study could also mean better AI virtual assistants that can pick up on tone.”

Read more
AI Appears to Be Driving a Productivity Revolution

An article on PwC’s webpage dubs AI “the Industrial Revolution of knowledge work,” transforming how workers can use information, find insights and deliver results at speed and scale. How is this affecting jobs?

To find out, PwC analyzed more than half a billion job ads from 15 countries that together comprise over 30% of global GDP to find empirical evidence of AI’s impact. PwC examined how jobs are changing in industry sectors and individual occupations that are “AI-exposed,” which means AI can readily be used for some tasks. Examples of AI-exposed occupations are financial analysts, customer service agents and software coders.

Read more

CPA Founding Partner

Chartered Professional Accountants of Canada (CPA Canada), one of the largest national accounting organizations in the world, has chosen to become a founding partner of ThinkTwenty20.