Accountant Interests   04/13/2021

Accountants Managing the Risks of Remote Work

By Irene Walton

Accountants Managing the Risks of Remote Work

Building a remote-employee policy is the crucial first step of managing a virtual workforce. This is a document that spells out the desired objectives of virtual work teams, as well as defines which employees are eligible and under what conditions they should work. After that, according to risk experts, managers should deal with at least 10 operational concerns, including:

  • Setting clear expectations: Make sure your remote accounting teams are clear on project deadlines. They must also know company expectations around working hours and calendar sharing.
  • Treating remote employees as local: Because your remote employees won’t have a chance to share lunch with you or see you in the office hallway, respond to their communications as soon as possible. And make sure all team members include them in meetings to which they’d be invited if they were still working in the office.
  • Building rapport with your team: You hopefully had a chance to build strong relationships with team members before they began working at home. If not, you’ll now have to play catch up. Ask them about how they’re doing working from home, as well as how their families are faring during the pandemic. At the end of the day, rapport doesn’t come from collaborating on work projects; it develops slowly as you come to know and trust your staff and vice versa.
  • Devising a communications strategy: This involves deciding on how many formal check-ins you’ll want to have with employees. Also, determine a procedure for raising project-related issues between formal check-ins. This will assure that you and they can resolve problems on a timely basis.
  • Reinforcing mission and purpose: Just because accounting firms are dealing with unprecedented pandemic challenges doesn’t mean their firm mission and purpose are no longer relevant. If anything, they’re more important now. So during your periodic check-ins, tie employee accomplishments back to the firm’s mission and purpose. This will keep people motivated and working productively.
  • Being open about challenges and problems: Don’t whitewash obstacles. Communicate openly with your remote employees about anything and everything that hinders their work. Then provide them with the tools and management support they need to push through barriers.
  • Making time for small talk: Because all employees need to feel connected with their teams and company, consider starting your virtual staff meetings with water-cooler banter. Avoid talking discussions centered anything controversial or divisive. Just give team members a chance to talk about what’s going on in their remote work lives, including what’s working and what needs improvement. Then move to your normal discussion of projects and deadlines.
  • Providing training to your remote workers: Don’t assume everyone automatically knows how to work remotely. Some will face a steep learning curve, especially regarding effective time management and use of conferencing technology. In your check-ins, touch base about how your team is handling these and other issues. Then arrange for them to receive training to resolve process or technology hang-ups.
  • Don’t postpone professional development for remote workers: During the pandemic, employees have been unable to attend bricks-and-mortar professional development opportunities such as conferences and classroom learning. Don’t wait for the pandemic to be over to resume training them. Touch base to see if they might benefit from more training now. Then recommend relevant, safe opportunities such as company e-learning and internet podcasts to meet these needs.

Building a policy and addressing the above concerns will lay the foundation for effective and safe remote work. But you should also address the risks of allowing accounting-firm employees to work at home. Two of the major ones are cyber liability and data breach incidents and doing high-quality audits from a remote location.

Cybersecurity Implications of Remote Work

In the initial months of the pandemic, there was a rush to move employees offsite with, perhaps, a loosening of strict cybersecurity standards. The result was easy to predict: a 300% increase in accounting-firm cyberattacks, according to Black Talon Security. In the wake of these incidents, accounting firms have learned a hard lesson: hackers can penetrate their systems, lock them out and steal their data despite firewalls and antivirus software being in place.

“Firewalls and antivirus software are no longer enough to protect your network,” says Black Talon’s CEO, Gary Salman. “You need additional steps such as vulnerability scans, penetration testing and cybersecurity awareness (staff) training to prevent...disastrous attacks from occurring.”

Safety Guideposts for Remote Computing

The good news is that accounting-firm info security teams have beefed up protocols and focused on helping remote staffs adhere to best practices. The goal is to address the inherent risks of unsecure networks, phishing attacks, computer sharing (and personal use) and personal mobile devices containing work product. Here are some guideposts that will help ensure optimal remote security:

  • Guidepost #1: Increase virtual private network (VPN) capacity in the face of exploding staff use. Most accounting firm’s VPN structures anticipated only a minority of employees using it. When most of the firm hops on board, that can spell problems. While a firm works to expand VPN capacity, it may need to allocate use across multiple shifts until VPN capability becomes more robust.
  • Guidepost #2: Make sure all devices and apps are current. Require all staff to run patch updates so their devices run the latest firmware and security versions.
  • Guidepost #3: Increase staff security training. One can’t overstate the need to promote computing hygiene. With so many incidents of social-engineering scams targeting naïve or sloppy workers, it’s essential that accounting firms make security training a higher priority for employees working from home or other non-firm locations.
  • Guidepost #4: Giving clear guidance on approved practices. For example, accounting-firm IT departments must aggressively communicate acceptable computing practices and discourage unacceptable ones. For example, companies should make it clear that logging onto company resources from public networks is unacceptable. The same should hold true for using prohibited applications or other risky tools.
  • Guidepost #5: Encourage use of cloud solutions for file management. With services such as Google Drive and Dropbox, there’s no longer any reason to use risky storage media such as USB thumb drives.

The Risks of Remote Auditing

Normally, accountants have close contact with client staff to facilitate information sharing needed for auditing purposes. With accounting employees now largely working remotely, the already challenging task of preparing financial statements has become even harder.

Part of the problem is the emergence of “black swan” issues that reshaped client businesses during the pandemic. These include loss of revenue, supply chain disruption and weakened internal controls. With so many fundamental changes, auditors began thinking critically about the quality of client-supplied data. Plus, if their clients had to use different analytical methods before and during the pandemic, they started questioning their ability to make “apples-to-apples” historical comparisons.

When the people who handle financial transactions and reporting at a client firm can’t work in their offices—and must do work-around methods—auditors must secure additional evidence that controls are working to prevent material misstatements in client financial statements.

Furthermore, certain accounting issues became more relevant during this period, including:

  • Impairment of tangible and intangible assets
  • Investment valuation
  • Financial and credit instrument losses
  • Contingent liability
  • Revenue recognition

At the end of the day, auditors must assess whether their clients have the capacity to continue as a going concern under GAAP and whether or not financial statement adjustments (or further disclosures) will be needed due to the pandemic.

Accountants must continue being uncompromising regarding remote audit standards. “We can’t just cave on our commitment to quality, adherence to our standards and our level of service to our clients,” said Jodi Malis, CPA, CGMA with the Atlanta, GA accounting firm of Hancock, Askey & Co. Speaking to the Journal of Accountancy, she continued: “We can’t make excuses. We need to think through how we are executing our remote audits...what’s a different way we can perform our procedures, while offering a personal touch.”

Not only will accounting firms have to work harder at complying with audit documentation standards, Malis noted, they must also carefully manage audit team virtual interactions, as well as those with clients, she said.

As with every other way they’ve responded to the pandemic, accounting firms have learned the benefit of flexibility, creativity and sustained focus on audit quality. No one knows whether the industry will ever return to normal. But even if it does, the lessons learned about auditing and everything else will be powerful assets going forward.

Concerned about paying too much for your accountant’s professional liability insurance? Then compare your current policy with options available at 360 Coverage Pros.