800.543.3029 | cpamutual@cpamutual.com  cap_twitter.png cap_fb.png cap_fb.png

Tips for a Reduced Risk Busy Season

TaxTimeGraphic.jpgTips for a Reduced Risk Busy Season

As the countdown for the start of busy season ends, it is important to take a moment to reflect on how your firm will make this a reduced risk year.  We have nominated four areas we believe deserve special mention and attention during the busy season.  They are, in no particular order, the following.

# 1 – Firm Personnel

Accounting firms have two assets – its people and its clients.  Accordingly, an important question during busy season is, “What is the condition of our team?”  Having firm personnel that are prepared to take-on the challenges of busy season is critical. Simply having enough staff to do the work is not sufficient.  Personnel must be knowledgeable, properly trained and current with the regulations and professional standards, as well as firm policies and practices.

Many firms use seasonal employees to fill the gap when the busy season surge hits.  The use of seasonal personnel raises multiple questions. What is the scope of the work they can perform; and do we and they understand the limits? How well are they integrated into the firm’s regular team and our regular workflow process? It is important to have a game plan for using temporary and part-time employees – and past practices may not be adequate.  Finally, having a contingency plan in place in the event that the “part-timers” don’t work out, is probably a good idea.

The US Department of Labor and its state equivalents have stepped-up their wage and hour enforcement game - in particular, the misclassification of employees as independent contractors, and treatment of non-exempt employees as exempt. In this regard, there are three critical rules to understand:

  • Personnel are considered to be employees and not independent contractors if look like employees; e.g., regularly work in the firm’s office, have firm email addresses, use firm resources, have firm business cards and/or titles, and take direction from firm personnel.
  • Exempt employees must be both salaried (i.e. compensated the same regardless of the number of hours they work), and fall into the executive, administrative or professional classification, each having a rather arcane definition.
  • Non-exempt employees must be paid overtime. Compensatory time off cannot be given in lieu of overtime pay.

# 2 – Information Security

Information security, including identity theft, is top of mind for most accounting firms -as it should be!  Accountants handle some the most sensitive data their clients possess; and an information breach could be disastrous. While sophisticated technology exists which can help reduce the risk of unauthorized access to client and firm information, prominent studies conclude that human error, and not technology failures, cause the majority of information security mishaps.  Here are a few things to keep in mind about information security.

  • Using a secure data portal or other security protocol for gathering client information is critical.  Just about over are the days when client financial data came via a fax that fell to the mailroom floor.  Nevertheless, it is important that more modern means of transmitting information segregates client information, limits access to it, and protects it from outside intruders.  In addition, it is well advised not to include highly sensitive information in emails, unless there are strong security protocols in place on both ends of the line.
  • Cloud computing is all of the rage; but it is very important to understand where and how client information is being stored and processed.  What security measures exist? Who has access to the information? What are the back-up protocols and security parameters?  Who has ultimate control?  These are critical questions that require full answers from the Cloud vendor.
  • An increasing number of professionals are using their own devices (smartphones, tablet, laptops) to perform firm work – known as “bring your own device” or BYOD. These devices obviously need to be secure, and firms should have policies and practices in place to protect and control the information on employee own devices.
  • The availability of sensitive client information is often broader than it needs and should be.  Accordingly, limit access to those employees who actually have a need to know.  (Interestingly enough, data breaches often occur through individuals marginally connected with the information, e.g. administrative personnel, contractors, etc.) Additionally, it is important to ensure that access by former employees and contractors has been deactivated
  • Establishing procedures for maintaining information security is a necessity.  These procedures don’t need to be elaborate, just reasonably calculated to minimize security risks, practical and easily implemented. Not only will the firm’s leadership sleep better at night, but the staff will applaud having rules to follow.
  • Taking the proper steps to effectively manage information security risk can be intimidating. The best place to start is by identifying the highest risks and addressing those first. Similarly, implementing a few easy fixes can result in a significant reduction in risk.  Staying vigilant is also a must.

#3 – Engagement Letters

Next to basic quality standards and monitoring, solid engagement letters are the single most effective risk management tool accounting firms can have.  While most firms regularly use engagement letters, they are frequently deficient in a variety of ways.

  • A firm’s standard engagement letter need to be comprehensive and up-to-date.  Too many engagement letters are missing widely accepted legal protection clauses, such as a limitation of liability; a robust description of management’s responsibilities; or a tight description of the scope of services and appropriate limitations.  In addition, they may not be current with professional standards, such as the new SSARS 21, Section 70 on the preparation of financial statement.
  • Many engagement letters suffer from copious copying and viral infections.  Poorly drafted letters that lack important protective provisions or contain terms unrelated to the present engagement are used over and over again, replicating the firm’s risk exposure.
  • The process used to put quality engagement letters in place is key to their success as a risk management tool. Unfortunately, the process is often awkward, inefficient and a low priority.  Delegating the preparation of engagement letters to uninitiated staff, while seemingly inviting and efficient, can be dangerous. Client facing personnel should understand and have the ability to explain and negotiate the key provisions.

For more information on engagement letters, see our recent article – Substance Over Form. Getting Engaged with Your Letters.

#4 – Maintaining Quality

It is axiomatic that the quality of the work performed by CPA firms should be the highest priority – and in most cases it is.  The pressure during busy season can be enormous, and mistakes occur.  Here are some areas where we think firms need to pay particular attention.

  • As suggested above in #1, Firm Personnel, it is essential that the right people with appropriate knowledge and skills perform the work.  A fast paced busy season may not be the optimal time to train inexperienced staff to complete new and complex work.
  • Doing work right the first time, rather than doing it over to correct mistakes seems obvious. Nonetheless, people take short cuts, rush to get things done, fail to follow established procedures, and inevitably make errors that, hopefully, are caught and rectified. Approaching the work diligently and deliberately, planning and prioritizing, and following the processes designed to ensure quality should all be firm imperatives, and part of its cultural values.
  • While computers are pretty good at multitasking, most humans are not.  Insufficient attention to important details during multitasking usually results in diminished performance and often times errors.  As hard as it may be to stay focused and avoid distractions, doing one thing at a time is far more efficient and significantly riskier.
  • It is important to see each year with fresh eyes, and not presume that this year is the same as the prior year(s).  When client circumstances change, so should the structure or approach of the engagement.  This requires asking questions, verifying information and demonstrating the requisite amount of professional skepticism.  It may also precipitate difficult conversations with clients that need to be handled tactfully, but firmly and definitively.  Excellent client relationships are a prerequisite.
  • Busy season is synonymous with pressure and stress. While a certain amount of stress helps fuel motivation, too much quickly strips us of energy, acuity and judgement – and raises our risk quotient.  Everyone handles and manages stress different.  It is very beneficial to for each of us to understand what generates stress, and how we can keep it in check.  As the WWII British motivational poster proclaimed – Be Calm. Carry On.

About the Author.  R. Peter Fontaine is the managing partner of NewGate Law, which provides legal and risk management services exclusively to the accounting industry.  NewGate Law is a Risk Management Partner of CPA Mutual.  Peter can be reached at (312) 626-2791 or at pfontaine@newgatelaw.com.  Or visit website the NewGate Law website – newgatelaw.com.

* article originally published by NewGate Law

Bill Thompson’s excellent adventure brings risk into perspective in "Risky Business." Click here to read it.