Accountancy Plus - CyberSecurity: The Official Journal of CPA Ireland
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
March Issue 2020
Accountancy Plus
The Official Journal of CPA Ireland
CyberSecurity:
CPA Ireland Conferring Ceremony 2019
The 1 Trillion
Dollar Industry,
Rois Ni Thuama
Top Accounting Talent
TRUST THEIR FUTURE TO
BARDEN, SO SHOULD YOU.
The experts in accounting
& tax recruitment.
Barden is where accounting the objective advice you need to
professionals go before they start plan your professional future.
looking for a job. We’re here to help Get in touch with our expert team,
you achieve your ambitions and realise because the future doesn’t just
your potential. We’ll provide you with happen. We make it happen.
Dublin: 01 9103268 Cork: 021 242 7245 e: hello@barden.ie
1
Editorial President’s Message
PRESIDENT’S MESSAGE
Accountancy Plus Welcome to the March 2020
March 2020 edition of Accountancy Plus.
2019 was an exciting year for CPA Ireland These agreements provide routes for
CPA Ireland which saw a number of significant qualified members of CPA Ireland to
initiatives and achievements. become a member of another body,
17 Harcourt Street, and to enjoy the benefits which each
Dublin 2, D02 W963 In the first year of the new brand, CPA organisation offers. CPA Ireland is
Ireland has remained true to the core planning to increase global alliances
T: 01 425 1000 brand values of being credible, forward further and are working on increasing
F: 01 425 1001 thinking, assured and open. During MRA’s with other countries.
the year, CPA Ireland ran both a digital
Unit 3, campaign and nationwide radio campaign In December 2019, I was delighted
The Old Gasworks, to further increase the brand awareness to formally admit the new conferees
Kilmorey Street, of CPA Ireland members and firms in the into membership. I challenged young
Newry, BT34 2DH SME market, and highlight the value that accountants to show leadership in the
CPA’s contribute to businesses in Ireland. fight against climate change and stated
T: +44 (0) 28 3025 2771 that members of the profession are
W: www.cpaireland.ie CPA Ireland was delighted to have been uniquely placed to exert positive influence
E: cpa@cpaireland.ie awarded a European Digitalisation Award on businesses to behave sustainably. I
for Services to Members by Accountancy would like to wish them every success in
Editor Europe in acknowledgment of the their future careers and look forward to
Patricia O’Neill innovative digital learning initiative through them becoming involved with the Institute
the new learning management system, on many levels.
Chief Executive Canvas. CPA Ireland was also shortlisted
Eamonn Siggins for an IITD National Training Award 2019 CPA Ireland is excited to host the first
in the Excellence in Digital Learning ever ‘Future of Accountancy’ event
Editorial Adviser
Category. In today’s digital world, the during the first half of 2020 which will
Róisín McEntee
online experience for members and see leading experts in the fields of digital
students is essential and Canvas provides transformation, human creativity and
Technical Adviser
learners with the building blocks needed strategic business advisory discussing
Alan Bailie
to enable members to maximise their the dramatic transformation the future
Advertising learning experience. holds for all of us both personally and
Ciara Durham professionally.
CPA Ireland was delighted with the
T: 086 852 3463
success of the online further learning As this is my last message as President
E: accountancyplus@gmail.com
courses in 2019 which are now all of CPA Ireland, I would like to thank CPA
available on Canvas. Canvas hosts courses members, students and staff for your
Published by
in FRS102, US GAAP, Governance in the ongoing support. I will pass over the office
Nine Rivers Media Ltd.
T: 01 667 5900 Charitable Sector, Certified Tax Adviser, of the President to John Devaney at the
E: gary@ninerivers.ie Data Analytics and Forensic Accounting all AGM and I wish John a very successful
of which are delivered through a variety of and enjoyable term.
Printed by learning channels. Throughout 2020, CPA
Ireland will be building on the success of .
Persona
the further learning courses through the
Distribution Canvas platform and through a digital first
Lettershop Services Ltd. initiative.
During 2019, CPA Ireland signed an MRA
Gearóid O’Driscoll
with CAI Sri Lanka and extended existing
President CPA Ireland
MRA’s with CPA Canada and CPA Australia.
Accountancy Plus March Issue 2020
Contents
Pictured left to right Pauline
Hayden, Lyndsey Kavanagh,
Majella Regan (Liam Donnelly
Medal Winner), Gearóid O
Driscoll, President, CPA Ireland
and Eileen Hurley.
Institute Financial Reporting Taxation
President’s Message 01 Financial Reporting News 09 Tax News 23
Institute News 41 Highlights from Revenues
Law & Regulation Statement of Strategy
24
Information & 2020 - 2022
IBC
Disclaimer Law & Regulation News 10 Mairéad Hennessy
PAYE Modernisation:
CPA Profile Is Irish Employment Law
A year on 25
keeping up with the Gig
12 Sinead Sweeney
John Donoghue 07 Economy?
Derek McKay Ireland’s Corporate Tax
Deirdre McDonnell 08 System 27
Peter Reilly
Finance & Management
CPD
Finance & Management In Practice
14
News & Events 44 News
In Practice News 30
Leadership Insight
15 Recommendations for
Student Paul Healy
Reform of the UK Audit
31
Making the Agribusiness Market
Student News 48
Tick 18 Alan Bailie
Brendan McGowan
Opinion
Going, Going, Gone... IT
21
Cybersecurity 101: “An John McGrane
Working with Robots
Ounce of Prevention is 36
03 Lachlan Colquhoun
Worth a Pound of Cure”
Personal Development
Rois Ni Thuama
Tech: A friend or a foe?
38
EQ: Does it matter? Aynsley Damery
33
Ben Rawal
03
Cybersecurity 101: “An Ounce of Prevention
Cybersecurity 101 by Rois Ni Thuama
OPINION
is Worth a Pound of Cure”
by Rois Ni Thuama
A Doctor of Law and subject matter expert in cyber governance and risk mitigation, Rois is Head of
Cyber Security governance for Red Sift one of Europe’s fastest-growing cybersecurity companies.
Working with key clients across a wide market spectrum including legal, finance, banking, and oil &
gas Rois writes and presents on significant cyber threats, trends, addressing and managing risks.
High profile data breaches have Not only will directors want to ensure increased spend. The fact that
brought Facebook, British Airways that they are protecting their firms’ directors have a legal obligation to
and Equifax into the media spotlight, digital assets, commercially sensitive their company to exercise reasonable
resulting in both media and information & personally identifiable care, skill and diligence clearly
consumer backlash and a good deal information (PII) amongst other informs their view and their appetite
of negative shareholder attention. things, but they will undoubtedly for sensible security measures.
want to protect themselves against What is meant by ‘sensible security
It is unsurprising then that the shareholder reaction and litigation. measures’ can be summed up
reputational damage and business with the old adage, an ounce of
disruption that followed these The operational impact, media prevention is worth a pound of cure.
incidents has created a sense of coverage and consumer backlash, So, it is entirely foreseeable that firms
urgency for board members to review together with record fines as a would rank protective cybersecurity
their cybersecurity policies, products result of breaches of the General products & services more highly than
and spending. Data Protection Regulation (GDPR), those services that offer remediation.
have doubtless contributed to the
Grow your
career with us
If you have the drive and motivation to
succeed, then all you need is the
opportunity to grow. At ifac we have
openings for a range of roles at all career
stages - from graduates to experienced
professionals.
Grow your career as part of a dynamic top
ten firm. We are currently recruiting for:
- Tax Senior, Dublin
- Senior Accountant, Enniscorthy
- Senior Accountant (Partner Fast-Track),
Trim
For more information and to see how you can become part of our team,
visit www.ifac.ie/about/careers
Accountancy Plus March Issue 2020
04
World’s Biggest Data Breaches & Hacks Jan 2020 Source: informationisbeautiful.com
Latest
Blank US
Brians Capital Coff ee Door Customs
8fit
Media
Club
Meets Dash Dubsmash Ge.tt Fotolog Houzz Ixigo OxyData Petflow Roll20 Suprema & Border
Whitepages YouNow
Games One Bagel 4,900,000 162,000,000
380,000,000
Protection
2019 Artsy Breed DataCamp Desjardins
Indian
Microsoft
44,000,000
Quest ShareThis Stronghold Toyota
WiFi
Canva Group
Facebook HauteLook Diagnostics Kingdoms Vardguiden
Ready 420,000,000
Jobseekers
Newegg
Finder
500px 275,000,000
Bulgarian
National
MBM Saks TicketFly Twitter
Revenue Coinmama Company MyFitnessPal and Lord T-Mobile 330,000,000 Vision
Animoto
2018 Agency
Chtrbox
EyeEm Google+ Healthcare.gov
150,000,000 Panerabread
&Taylor
Direct
Armor Blur LocalBlox Texas
ViewFines
Games BookMate Dixons Facebook
Marriott
Nametests Quora SKY voter Ticketmaster
Australian records
National Carphone High Hotels 120,000,000 NMBS 100,000,000 Brasil WordPress
University Grindr Tail 383,000,000 Urban
Careem CMS Facebook Hail TIO Massage
Amazon Chinese Mount Sing SVR Networks Wonga
2017
British Resume leak Dell GoPayNow.com Health Malaysian
medical Olympus MyHeritage Orbitz Health Tracking Zomato
Airways Cathay 202,000,000 South Imgur practitioners 188,000
Click2Gov East Swedish Uber Viacom
Amazon
Pacific Firebase Transport 57,000,000 Waterly
Airways
Hong Kong Malaysian Mutelle
RootsWeb
Snapchat
Registration Linux telcos & Agency
Disqus Generale
Bell CEX & Electoral
Office
Instagram Ubuntu
Forums
MVNOs de la Police Turkish Yahoo
2016 Cellebrite DaFont Equifax Quest Syrian
Three
citizenship
database Weebly
143,000,000 Diagnostics Red Cross Government
Interpark LinkedIn Mail.ru Minecraft PayAsUGym Blood
Service
The expectation within the This short paragraph reveals two c. learning to rely on their internal
cybersecurity industry is that the things: cyber and information security
current trend for spending on experts.
1. A willingness to spend significant
cybersecurity products and services
sums to protect assets and client’s
will continue to increase and is It is worth pointing out that
privacy.
expected to exceed $1 trillion reasonably priced cybersecurity
cumulatively over the five-year period 2. An error. The headline in bold products which address significant
from 2017 to 2021. To put that into refers to the ‘threat of cyber cyber threats would not merit such
context, the aggregate spend globally security’ which is obviously not attention from the board. These ‘no-
for cyber security in 2004 was $3.5 right. The author(s) must have brainer’ solutions should be signed off
billion. intended to refer to cyber threats. without conversation on the advice
In all likelihood it should have read of the firms cyber and information
In 2018, JP Morgan CEO Jamie ‘Cyber threats may very well be the security experts. Not every cyber
Dimon wrote in the 2018 Annual biggest threat to the U.S. financial matter merits a lengthy inquiry and
Report that the firm spends nearly system’. trusting your experts saves your firm
US$600 million a year to protect their money and time.
business. That’s a single business with There are a number of reasons why
all of this information should matter 2. Errors -
a cyber security budget that 14 years
to accountants. Often, these appear in
previously would have represented
cybersecurity literature. JP Morgan
a 1/7th of the total global spend. If
1. Increased oversight - is a sophisticated, innovative
you’re not wide-eyed reading that, go
As cybersecurity budgets balloon, firm. They are undoubtedly a
back and read it again.
this will be required. Some global leader in terms of their
cybersecurity products are so cybersecurity posture. However,
But there’s more, take a look at an
expensive that a compelling despite this level of sophistication,
excerpt from the annual report.
business case will need to be this report to their shareholders
made at board level and will merit contains a glaring error, as
The threat of cyber a discussion. Accountants familiar discussed above. Cybersecurity
security may very well be with good governance principles isn’t the threat, it’s the solution.
the biggest threat to the specifically the ‘four-eyes’ principle Just keep this in mind, if something
U.S. financial system. will desire a robust business doesn’t make sense to you, it might
justification for a material spend. not be you.
I have written in previous
No one in a business should have 3. Career advancement -
letters about the enormous carte blanche to sign off huge By 2022 the EU will not be able
effort and resources we sums. To that end, it is imperative to fill 355,000 jobs in the cyber
dedicate to protect ourselves that accountants, auditors, CFO’s, security sector. For anyone wanting
and our clients - we spend etc. are able to participate in the a career change or accelerated
nearly $600 million a year conversation by: career advancement, they
on these efforts and have
a. understanding the business case, should consider some additional
more than 3,000 employees cybersecurity training to gain a
deployed to this mission in b. being able to sensibly interrogate better understanding of essential
some way. that business case,
products and policies.
Accountancy Plus March Issue 2020
05
Understanding the business
Crime againgst Crime using Crimes in the
case Crime Types machines/ machines/ machine/
Cybersecurity 101 by Rois Ni Thuama
OPINION
integrity-related Computer related Content related
It’s frequently said in cyber that the
offence informs the defence. Indeed, Opportunities Harmful/Trespass Acquisition/(Theft/ Onscenity/Violence
Deception)
it’s a sensible rule to live by. But to
deploy it, you must first understand Cyber-Assisted • Phreaking • Frauds • Trading sexual materials
Crimes • Chipping • Pyramid Schemes • Stalking
what the offences are (i.e. threats), Traditional crime • Harassment (personal)
and then determine which offences/ using computers.
threats are the most significant. In More opportunites
for traditional crime
order to do that, you will need to
have at least a passing familiarity with Cyber Enabled • Cracking/Hacking • Multiple large-scale • Online sex trade
Crimes • Viruses frauds • Camgirl sites
the cyber threat landscape which Hybrid cybercrime • Hactivism • 419 type fraud • General
organises the offences in a clear way. New opportunities • Trade secret theft • Hate speech
for traditional crime • ID Theft • Organised paedophile
For this, an excellent starting point (e.g. organisation rings (child abuse)
across boundaries)
was provided by Prof. Wall, Head
Cyber-Dependent • Spams (list • Intellectual Property • Cyber sex
of Law School at Leeds University, crimes construction and Piracy distrubution • Cyber-pimping
a leading cybersecurity academic. True Cybercrime content) • Online Gambling • Online grooming
His matrix distils cybercrimes into New opportunities • Denial of service • E-auction scams • Organised Bomb talk /
their component parts so that every for new types of • Information • Phishing, smishing, Drug talk / Targeted hate
crime (Sui Generis) Warfare vishing speech
cybercrime fits into a set description.
• Parasitic • Social network media
By knowing where the threat sits, you Computing crimes
are more easily able to determine the
solution.
We’re already seeing legal cases Let’s take phishing/business email
where human resources have been compromise (BEC) as an example.
Cyber threat landscape put under exceptional strain, leading The IC on both sides have warned
For example, certain cybercrimes do to suffering with post-traumatic stress businesses that phishing emails/BEC
not need a technical or expensive disorder (PTSD) because they have are a significant cyber threat. The
solution. Firms can protect their been expected to do the work of AI. FBI refers to it as the US$26 billion
reputation from damaging social scam. The NCSC have warned about
media comments (i.e. hate speech or When we assess the entire picture, phishing and even put the legal
defamatory remarks) by ensuring that the first question to ask is: which of sector in the UK on express notice
employment contracts have carefully these represents a significant cyber that this is the most significant cyber
crafted provisions that encourage threat? threat facing law firms. Bad actors
compliance to a well-formed cyber use phishing emails as their starting
governance policy. The key is not to This is typically where vendors will point for 70% of data breaches and
deploy expensive technical solutions explain that their solution solves the 90% of targeted cyberattacks. It
simply because the crime occurs on most significant cyber threat. Now follows that if you fix phishing, you
a computer. The answer might be a although that may be true, more can remove the starting point for 70%
written process, policy or carefully often than not it’s mere puff. This of data breaches and 90% of targeted
crafted provision in a contract. leads to the second question, that cyberattacks, therefore reducing
must be asked: who is your source the overall chances of these events
Conversely, don’t rely on policies for that claim? happening.
when the problem is ‘in the machine’.
It is vital not to turn staff into filters If independent, trusted experts within This leads neatly to the third question:
and firewalls. No amount of training the Intelligence Communities (IC) is there an industry standard fix?
will assist staff in crunching through have warned from both perspectives
metadata, that is computational work that something is a significant cyber For BEC/phishing attacks, there
and should be done by, you guessed threat, that should be enough is. The solution to BEC is DMARC.
it, computers. There are a number guidance for reasonable directors to DMARC is the global industry
of downsides to expecting human move to the third question. Sensible, standard protocol recommended by
resources to do computational work, independent sources for cyber threat Email Service Providers (ESPs) and
including: assessments include National Cyber government agencies. The protocol
Security Centre (NCSC), Federal helps your computer to verify that the
i. burnout Bureau of Investigations (FBI), Internet email you send from your business
ii. decreased productivity Crime Complaint Centre (IC3) email address is authentic, protecting
and the Department of Homeland both your brand and your clients.
iii. increased stress levels
Security. There are other bodies, but This is why the IC in the US and
iv. failure this is a good starting point. Britain have repeatedly emphasized
v. employment tribunals
Accountancy Plus March Issue 2020
06
the importance of deploying the Cyber risks 3. Reputational damage - studies
DMARC protocol. For people new indicate that public companies
The major risks associated with
to cybersecurity, here’s a neat hack: suffer a loss of 7% off their share
cybersecurity failures are:
if you ever see something done at price on the initial news shock,
protocol level, its importance cannot further amplified by 15-20% on
1. Business operational - the scale of
be overstated. Protocols are the additional news flows. However,
the operational damage depends
fundamental building blocks of the the reality can be far worse than
on the threat and what steps
internet, it’s the digital equivalent of researchers initially evidenced.
your information security team
underpinning a house. Failing to fix For example, in 2016 a BEC attack
have taken to protect against it. It
at protocol level means you are on saw a French firm lose 20% off
might result in a total cessation of
shaky foundations. its share price in a single day. It
business capabilities for minutes,
started the day at €35 billion and,
hours, days or weeks.
To recap: despite the firms rapid response to
a ‘fake news’ article, had €7 billion
1. What’s the problem? 2. Litigation - includes fines, legal
wiped off its price. It is of course
costs and damages. By now
2. Will trusted independent sources not possible to measure the impact
everyone is familiar with the fine:
support the claim that it is a to a privately held firm, but we do
up to 4% of global annual turnover
problem? know that a combination of factors,
or €20 million, whichever is higher.
including the loss of earnings
3. Is there an industry standard Less well known perhaps is that
because of business disruption,
fix that is well known and GDPR contains a provision which
leads to a reported 60% of firms
understood? will give rise to claims from data
folding within 6 months of an
subjects affected by data breaches.
attack.
After answering yes to those three Some law firms have positioned
questions, the final question to themselves to respond quickly
ask is whether it is reasonable and Conclusion
to data breaches by optimising
proportionate to deploy a fix it? For keywords to drive web traffic to The decision-making process can be
example, if the fix costs X times the their website. somewhat nuanced but ultimately,
total value of the firm, the answer will, the process is more science than art.
of course, be no. If it’s less than the In the event of a data breach, these Businesses need to learn quickly that
cost of the Christmas party or what law firms, already highly ranked, dealing with known cyber threats,
the office spends on non-essentials will be returned for users on the which cybercriminals rely on, might
like plants or days away, the answer first page on a Google search not sound ground-breaking, but it is
will undoubtedly be yes. which will facilitate class actions, essential governance 101. If you’re
at speed. This will undoubtedly not fixing the known problems with
Now that we have a passing contribute to business disruption well-known solutions, your firm’s
understanding of the cyber threat as senior management turns their cyber security and risk posture is
landscape and the questions a attention and man hours away from immature, indefensible and imperils
reasonable director would ask; it production to damage limitation. the business and its staff.
remains to review the risks.
Rois Ni Thuama
Doctor of Law and subject matter
expert in cyber governance and risk
mitigation. Head of Cyber Security
governance for Red Sift.
Accountancy Plus March Issue 2020
07
Title: Chief Executive
Company: ifac
CPA Profile
John Donoghue
CPA PROFILE
Qualifications: FCPA
John Donoghue
Why did you decide to start out on and focused approach to work and journey smoother?
a career in accountancy? how I use my time. It also gave me
Commit. Don’t half do it. Set your
a broad understanding of business
I knew I wanted to be in business, and timetables, make your sacrifices,
principles and strategy, in addition to
when I looked at the people who led understand it’s a big commitment and
the core skills of accounting. I met
successful businesses, they tended to drive on. It will be worth it in the end.
great people along the way, and I
be from a finance background, so I
wouldn’t be where I am now without
felt accountancy was a good platform What do you think are the most
the qualification.
for building a successful career. It was pressing issues for accountants?
an easy decision to make.
What has been your biggest career Keeping up with the pace of
achievement? change in technology is a big issue
Why did you choose CPA Ireland
for accountants. In ifac we are
as your qualification route? Ifac has gone from strength to
embracing new technologies to
strength over the last few years.
I discussed the options with friends give our people more time to focus
We have consistently grown the
and colleagues to get a sense of on high value activi-ties. The need
practice at about 10% per year, and
what might be in-volved in gaining a for firms to have a multi-disciplinary
we have developed and grown our
professional accounting qualification, skillset is becoming more obvious
Tax, Advisory, Food and Agribusiness,
and then contacted the Institutes. with each passing day. Clients
Business Support Services and our
I liked the fact that CPA is an Irish need access to a wide range of
Financial Planning teams.
organisation, it felt more local, expertise to help them to optimise
and the people I talked with in the their businesses and achieve their
Our people are totally committed to
Institute were warm and welcoming. potential. Our profession is changing
helping our clients to achieve their
CPA felt like the right fit for me. fast. The ability to identify and
potential and build sound financial
understand client issues/problems
futures. We are training, retaining and
Please provide a brief history of or opportunities and engage experts
recruiting fantastic people across
your career. when needed is the most important
the business. No single achievement
and valuable skill that accountants
I qualified in 2005, having trained stands out, we are working all the
bring to their clients. The numbers
in ifac’s Carlow office and an time to do more for our clients and
are important, advice around the
accounting firm in Kildare. I was teams across the country, and that
numbers is where we add value.
appointed Managing Partner of our philosophy is paying dividends as our
Tullamore office in August 2005. busi-ness continues to grow.
How do you unwind?
I held that role for almost seven
years before being appointed What or who inspires you most in I spend time with my wife Lorraine
ifac Commercial Manager. Our business? and daughters Aoife, Neasa and
Commercial Manager role is focused Tara. They keep me on my toes and
In business, Chuck Feeney set an
on helping our practice teams in put everything in perspective. I love
amazing example and inspired a new
thirty locations across Ireland to standup comedy; I read a lot and try
wave of Philanthropy and Warren
optimise their business processes to keep fit!
Buffett is inspiring for his success and
and business development. I was
for his extraordinary com-munication
appointed ifac Chief Executive in What traits do you admire most in
skills. There are also many inspiring
2015. The work goes on… others?
people in ifac, who have faced, or
are fac-ing challenging personal Generosity, which can be underrated
How do you find your CPA
situations, we do our very best to and sometimes overlooked. If you are
qualification has helped you in
support them. giving your time, expertise or financial
your role?
support to help other people, you are
The CPA qualification and my studies If you were advising someone making a positive differ-ence in the
in Griffith College have been of just starting out with their CPA world. And of course, honesty, it’s an
huge benefit to me. Studying for the qualification, what tip would you essential ingredient in building high
qualification gave me a disciplined give them that would make their trust, high impact relationships.
Accountancy Plus March Issue 2020
08
Title: Director of Education
Company: CPA Ireland
CPA Profile Qualifications: CPA, MoR
Deirdre McDonnell
Why did you start out on a career One of the projects I worked on What has been your biggest career
in accountancy? during that time in CPA Ireland was achievement?
the representation of our Institute
I wasn’t 100% sure of what I wanted to This is a tough question as I qualified as
on the FEE (European Federation
do when I finished secondary school. I a CPA accountant 30 years ago exactly
of Accountants, now Accountancy
was due to start an Arts degree at UCD, this year and there have been a number
Europe) Euro Working Group, where I
and my sister who was a trainee CPA of key moments where I have really felt
served on the FEE Committee for the
accountant at the time, secured me a that I have reached my potential.
development of the new Euro Currency.
summer job in her training firm, and I
Working with global companies during
really loved the work. At the time, PA Consulting, a global
my time in PA Consulting, finding
management consulting company was
I was surprised how much I loved the myself at boardroom tables with heads
advertising for ‘Euro Experts’ to work
routine of being in an office, part of a of business for companies turning over
with their Euro Changeover projects
team, independent and earning my own billions each year, and helping these
internationally. I applied and was
money, I was sold. companies make significant changes
accepted as I had experience that very
to their operations, is definitely a high
few people had in the development of
Why did you choose CPA Ireland point, but also working with some really
this new currency.
as your qualification? amazing SME clients, has been just as
I spent 3 very happy years at PA rewarding in different ways. Speaking
My sister was already training with a Consulting, working on Euro at conferences in Europe during my
CPA practice, and she recommended Changeover and Y2K projects, involvement with FEE also stands out as
CPA to me enthusiastically as she specialising in Business Continuity one of my significant career memories.
found the support and advice from Planning. I worked all over Europe and
the Institute staff to be really useful. However, today, as I work on the
the US with multinational companies
The CPA qualification has served me development of a new syllabus for CPA
including Philips CE, Vendome Luxury
very well, especially when I worked on Ireland to educate future fit finance
Group, Willis Plc, amazing experience
projects in the States later in my career. professionals in a rapidly changing
and I will remember it always.
CPA was immediately recognised in environment and see my team
the boardroom and clients were always When I was expecting my first child, transforming our examination system
happy to be dealing with the CPA I knew I couldn’t continue with the to become fully online, including online
designation. weekly international travel, and I set up invigilation, I realise that some of the
my own consulting firm. I wanted to biggest career achievements may still
get more freedom from the corporate be ahead of me.
Please provide a history of your
world, to spend more time with my
career.
family, so I made a decision to bring What do you think are the most
Having spent 3 years in practice with my skills from working with global pressing issues for accountants?
Gavin & Co, I moved into the advertising companies to SMEs in Ireland.
industry as financial controller of All There is no doubt in my mind that big
I worked on many projects over the data and the emerging very disruptive
Ireland Media, which was later bought
years with CPA Ireland in a consulting technologies that are enveloping
out by Carat, a global advertising group.
capacity. When the previous Director the profession, will challenge all
My 5 years in this role were hugely
of Education, Paul Heaney announced accountants and their role in adding
enjoyable, it was a very dynamic time
his retirement, I was approached to value. Unless we become comfortable
in the ad industry in Ireland. In the late
see if I would be interested in the role, with the advance of these technologies
80s early 90s, it was the steadiness
and following much consideration, I and understand the source and
of accounting with the glamour of
realised that my CPA qualification, my composition of the data, we will be
advertising.
understanding of the requirements of prisoners to the data analysts and our
I did however feel like I needed a the market in relation to newly qualified ability to make meaningful contribution
change, and when an opportunity accountants and the wonderful network will be threatened. Our syllabus review
came up to join CPA Ireland in 1996 of academic support surrounding the has demonstrated that while we must
as Director of Member Services, I role at CPA, I took it on and have not still be experts in our core accounting,
joined Eamonn Siggins and his team looked back. finance, tax and auditing disciplines,
at Ely Place and spent 5 great years we must also be data analysts, artificial
learning new skills and developing the intelligence specialists and pioneers
management and creative side of my of future developments such as
skillset. continuous audit and blockchain.
Accountancy Plus March Issue 202009
Snapshot of IAASA’s
Financial Reporting News
Financial Reporting News
FINANCIAL REPORTING
financial reporting
activities in 2019
IAASA has recently published
European Union (Qualifying accounting records (S281 to S286), summary information of its
share capital (S318 and S319), the financial reporting enforcement
Partnership, Accounts and activities undertaken during 2019.
statement on relevant audit information
Audit) Regulations 2019 (S325(1)(e)), circularisation of financial Source: www.iaasa.ie
statements (S338) and remuneration,
In November 2019, the European Union
appointment and removal or resignation
(Qualifying Partnership, Accounts and
of auditors (S381 to S385, S396 to S398
Audit) Regulations 2019 (S.I. 597/2019)
and S401 and S402). Sustainable Development
were signed into law. These regulations
The financial statements of a qualifying Goals Disclosure (SDGD)
change the accounting and auditing
rules for ‘qualifying partnerships’ for partnership are required to include Recommendations
financial years commencing on or a Partners Report which will include
The International Federation
after 1 January 2020. For accounting similar information to that required in a
of Accountants (IFAC) recently
periods commencing prior to this date Directors Report under the Companies
published a joint report calling for
the European Communities (Accounts) Act 2014. The duties, obligations or
improved reporting on the UN’s
Regulations 1993 continue to apply. discretion imposed on the directors
sustainable development goals
and/or secretary under Part 6
The meaning of a qualifying partnership in an attempt to hit goals set for
Companies Act 2014 are deemed to be
is set out in Regulation 5 of the 2019 2030.
imposed on, or granted to, members
Regulations which outlines two types of
of a qualifying partnership by virtue of The report includes
qualifying partnership. Firstly, the new
Regulation 8. recommendations the purpose
rules apply to a general partnership,
of which are to establish a best
formed under the Partnership Act A qualifying partnership can avail of
practice for corporate reporting
1890, all the members of which are audit exemption, however an audit will
on the SDG’s and enable more
themselves limited such that the be required where one partner, serves
effective and standardised
ultimate beneficial owners of the a notice in accordance with Section
reporting and transparency on
partnership enjoy the protection of 334(1) Companies Act 2014, stating
climate change, social and other
limited liability. that the partner does not wish that
environmental impacts.
audit exemption be availed of by the
In addition, the rules also apply to
qualifying partnership for the financial Source: www.ifac.org
limited partnerships (formed under the
year specified in the notice.
Limited Partnerships Act 1907) where
the general partner(s) effectively enjoy A qualifying partnership is required,
the protection of limited liability. The by the 2019 Regulations, to file an
regulation also contains provisions annual return with the Companies
which covers certain entities not Registration Office using form P1.
governed by the law of the state which Financial Statements, a Partners Report
are similar in nature to either of the and an Auditor’s Report will be required
above. to be annexed to the annual return.
The provisions in relation to Abridged
The Regulations apply Part 6
Financial Statements also apply where
Companies Act 2014 to a qualifying
the relevant size criteria are met.
partnership as if it were a company,
subject to any modifications necessary The 2019 Regulations also impose a
to take account of the fact that the reporting obligation on auditors to
qualifying partnership is unincorporated. the ODCE, similar to that required of
Part 6 of the 2014 Act is the section that statutory auditors in relation to the
deals with Financial Statements, Annual reporting of category 1 and 2 offences
Return and Audit and sets out provisions under Section 393 Companies Act
on, inter alia, the preparation of financial 2014. Regulation 42 sets out the
statements, disclosures including offences that can be committed by a
directors’ remuneration, audit, audit qualifying partnership. The offences,
exemption, annual returns, appointment which if committed, are required to be
and removal of statutory auditors and reported to the ODCE by an auditor of
offences. a qualifying partnership are set out in
Regulation 31.
Regulation 15 dis-applies a number of
Sections of Part 6 including provisions
relating to the keeping of adequate
Accountancy Plus March Issue 202010
International peer review finds Central Bank
is effectively regulating credit union sector
Law & Regulation News The Central Bank of Ireland recently published the “Peer
Review: Central Bank of Ireland’s Performance of its
Regulatory Functions in Relation to Credit Unions”. The
review, undertaken by an external and experienced team
AML update of regulatory experts from the International Credit Union
Regulators’ Network (ICURN) found that the Central
The European Union (Money Laundering and Terrorist Bank effectively performs its functions in the regulation
Financing) Regulations 2019 were signed by the and supervision of the credit union sector. It was also
Minister and became effective from 18th November highlighted in the review that significant improvements
2019. The regulations amend the Criminal Justice had been made since the previous review in 2015.
(Money Laundering and Terrorist Financing) Act 2010
Source: www.centralbank.ie
(the Act).
One of the key changes for accounting firms is the new
requirement to have in place “appropriate procedures” ESMA sets out its strategy on sustainable finance
for employees, or persons in a comparable position to The European Securities and Markets Authority (ESMA)
report a contravention of the Act internally within the published its Strategy on Sustainable Finance. The strategy
firm through a specific, independent and anonymous sets out how ESMA will place sustainability at the core of its
channel. These procedures should be proportionate to activities by embedding environmental, social and Governance
the size of the firm. (ESG) factors in its work.
The key priorities for ESMA highlighted in the strategy include:
Practitioners will need to consider how this can be
provided for within their firm. Firms should now update • completing the regulatory framework on transparency
their policies and procedures in this regard and provide obligations via the Disclosures Regulation. ESMA will
work with the EBA and EIOPA to produce joint technical
the appropriate training to staff.
standards;
The regulations require competent authorities, which • reporting on trends, risks and vulnerabilities (TRV) of
includes CPA Ireland, to apply a risk-based approach sustainable finance by including a dedicated chapter in its
to the exercise of its supervisory functions and to TRV Report, including indicators related to green bonds,
provide access to its employees and officers to relevant ESG investing, and emission allowance trading;
information on the domestic and international risks of • using the data at its disposal to analyse financial risks from
money laundering and terrorist financing which affect climate change, including potentially climate-related stress
its own sector. testing in different market segments;
• pursuing convergence of national supervisory practices
It also requires that competent authorities take on ESG factors with a focus on mitigating the risk of
measures to prevent a person convicted of a relevant greenwashing, preventing mis-selling practices, and
offence from performing a management function in or fostering transparency and reliability in the reporting of non-
being the beneficial owners of an accountancy firm. financial information;
• participating in the EU Platform on Sustainable Finance that
Practitioners operating within CPA firms and beneficial will develop and maintain the EU taxonomy and monitor
owners of such firms are now required to inform CPA capital flows to sustainable finance; and
Ireland if they are convicted of a relevant offence. • ensuring ESG guidelines are adhered to in the entities that
ESMA supervises directly, while being ready to accept any
A “relevant offence” means –
new supervisory mandates related to sustainable finance.
(a) an offence under this Act, ESMA’s work spans the investment chain from issuer to
investment funds, investment firms and retail investors. It has
(b) an offence specified in Schedule 1 to the Criminal already delivered on several objectives of the EU’s action plan
Justice Act 2011 , or on financing sustainable growth and will continue to assist the
EU institutions to achieve sustainable finance goals, including
(c) an offence under the law of a place (other than the by providing advice on areas where new Level 1 and Level 2
State), consisting of an act or omission that, if done or measures may be necessary.
omitted to be done in the State, would, under the law
To help deliver its strategy ESMA set up a Coordination
of the State, constitute an offence under subsections
Network on Sustainability in 2019. The network is composed
(a) or (b)
of experts from national competent authorities and ESMA
staff. It will be supported by a consultative working group of
Source: www.irishstatutebook.ie
stakeholders, which will be established in the coming months.
Source: www.esma.europa.eu
Accountancy Plus March Issue 2020CPD Requirements for the 2020 - 2022 Cycle
Members working in Practice:
The CPD requirement for the CPD cycle is 75 structured and 45 unstructured hours.
The minimum hours in any one year is 30 hours, of which 15 have to be structured.
By the end of 2022, you will need to make sure that you have completed
the full requirement of 75 structured and 45 unstructured hours.
If you are a practicing cert holder, a minimum of 40 out of your 75 structured hours
have to be completed in the core hours.
Members working in Industry:
The CPD requirement for the CPD cycle is 60 structured and 60 unstructured hours.
The minimum hours in any one year is 20 hours, of which 10 have to be structured.
By the end of 2022, you will need to make sure that you have completed
the full requirement of 60 structured and 60 unstructured hours.
If you have any queries on your CPD requirement,
please contact Niamh Sheehan on nsheehan@cpaireland.ie12
Is Irish employment law
keeping up with the gig
economy?
By Derek McKay
Much has been made about the protection of gig economy
workers but what should companies using self-employed
contractors be doing to protect themselves?
Since the emergence of the “gig penalise those involved in bogus • Their work cannot be sub-
economy” over a decade ago, there self-employment, where employers contracted to another individual.
has been a lot of debate about the are wrongly classifying workers as
• The person does not supply
evolution of work and how it will self-employed rather than direct
materials for the job or the
continue to change into the future. employees, thus avoiding or evading
necessary equipment to do the job
There is a clear reality that certain their obligations, including tax and
other than the small tools of the
types of jobs and roles are changing PRSI.
trade.
and with the introduction of new
In October 2019, the Oireachtas
technology platforms, such as Uber • They are not exposed to personal
Committee on Employment Affairs
and Deliveroo, we are seeing the financial risk in carrying out the
and Social Protection heard that
creation of roles that were never work.
bogus self-employment could be
there previously.
costing the Irish State €1 billion each • Does not assume any responsibility
Despite concerns that there would year in lost tax and PRSI2, which for investment and management in
be a surge in those working in the gig results in savings of up to 30% for the business.
economy, the numbers are relatively the employer and a loss to the Social
• They do not have the opportunity
low and have not shown signs of Insurance Fund. Trade Unions have
to profit from sound management
dramatic increases. In 2018, the also described the situation as a
in the scheduling of engagements
Workplace Relations Commission massive fraud being perpetrated
or in the performance of tasks
sponsored a report by the Economic against the State.
arising from the engagements.
and Social Research Institute that put
the figure at between 8 and 9%1.
Employed or self-employed… • The individual receives expense
or bogus self-employed? payments to cover subsistence
The informal structure of this type
As it stands there are only two and/or travel expenses.
of employment suits many people.
The general consensus is that those classifications of employment status • They are entitled to extra pay or
working in the gig economy do so – employed or self-employed. To time off for overtime.
out of choice rather than necessity. help provide some guidance and
clarity, the Revenue Commissioners And, the criteria set out by Revenue
The ability to choose when you
published its Code of Practice for on whether an individual is self-
want to work and for how long, suits
Determining Employment or Self- employed include:
some peoples’ lifestyles, especially
students or those looking to make Employment Status of Individuals. • The individual owns their business.
some additional income. But there The criteria set out to identify if an
individual is an employee includes: • They are exposed to financial
is a trade-off; with this flexibility
risk by having to bear the cost of
comes a lack of security and benefits • That the individual is under the correcting faulty or substandard
for employees. And for employers, control of another person who work carried out under the
there can be some unintended directs as to how, when and where contract.
consequences as well. the work is to be carried out.
• They assume responsibility for
One thing is for certain, employment • The individual receives a fixed investment and management in the
relationships will continue to evolve wage and works set hours or a enterprise.
and be challenged particularly given given number of hours per week or
the Government’s aim to heavily month. • The individual has the opportunity
1 “Measuring Contingent Employment in Ireland”, ESRI, August 2018.
2 “Bogus Self-Employment Presentation to the Social Welfare Committee”, Martin McMahon, October 2019.
Accountancy Plus March Issue 202013
to profit from sound management own tax deductions. The company contracts with any self-employed
in the scheduling and performance argues that the Commissioner’s contractors they may be working
Is Irish employment law keeping up with the gig economy? by Derek McKay
LAW & REGULATION
of engagements and tasks. reliance on a UK case (Weight with.
Watchers v Revenue and Customs
• Has control over what is done, how For example, an individual who is
Commissioners, 2011) was wrong
it is done, when and where it is working on the basis of commission
and that the Commissioner failed to
done and whether he or she does it may still be regarded as an employee,
follow Irish law in relation to mutuality
personally. even if they are not working from the
of obligation and also failed to give
employer’s premises – there is clearly
• Has the freedom to hire other proper consideration to the terms
a Mutual Obligation in this situation.
people, on his or her terms, to do and conditions of the contract with
the work which has been agreed to the driver. Or if the self-employed contractor
be undertaken. is required to use company branded
Mutuality of Obligation exists
materials or equipment in the process
• They can provide the same services where an employer is obliged to
of completing their work, they may
to more than one person or provide work for an employee
be considered employees – the
business at the same time. and the employee is obliged to
company is providing direction
perform or fulfil that work as would
• They provide the materials and on how the person should be
be considered normal employer/
equipment necessary for the job, completing their task.
employee relationship.
other than the small tools of the
trade. The Commissioners had argued that
Employers beware – if in
the contract required the driver to doubt, review contracts and
• Has a fixed place of business where
initiate an agreement in relation to get advice
materials and equipment can be
availability to work. When confirmed,
stored. The gig economy, contractors, self-
a roster was then drawn up based on
employed workers, agency workers
• They are responsible for costing this availability and it found that once
– all these categories of workers bring
and agreeing a price for the job. a driver was rostered for one or more
about questions for Companies about
shifts, there was then a contract of
• They are responsible for providing how they manage these workers and
“mutual obligation”.
their own insurance cover e.g. remain compliant.
public liability cover, etc. The High Court agreed, finding
Until such time as Irish legislation has
that the contracts operated by
• And, they control the hours of work caught up with the changing face
Domino’s Pizza included Mutuality
in fulfilling the job obligations. of work, our advice for employers is
of Obligation; once a driver was
assess their contracts and working
These guidelines are pretty rostered by the company, there
relationships with individuals through
straightforward and self-explanatory was a contract that retained mutual
the lens of being compliant with
and, if necessary, all easy to obligations.
both Revenue and the Employment
demonstrate. However, there are
Interestingly, in the UK, a trade Fora such as the Workplace Relations
circumstances where it isn’t always
union failed in its High Court bid Commission.
clean-cut. Our advice is Employer
to represent and lobby Deliveroo,
Beware.
the popular food delivery platform,
High Court rules delivery on behalf of its riders on pay and
drivers are employees conditions. The High Court case
came on the back of an appeal of a
In December 2019, the High Court decision by the Central Arbitration
ruled that delivery drivers for a Committee, which has previously
company in the Domino’s Pizza found that riders could not be
franchise are to be treated as recognised for collective bargaining
PAYE employees. The ruling came because they were not classed as
following an appeal by the pizza “workers”. Because riders could freely
company against the Tax Appeals pass jobs to other people to do on
Commissioner’s finding, which found their behalf, they couldn’t be classed
that its drivers working in 2010/11 Derek McKay
as employees.
under contracts “of” service were
taxable workers paying PAYE and Review and analyse Derek McKay is Managing Director at
national insurance. employment contracts Adare Human Resource Management.
Adare Human Resource Management
Karshan (Midlands) Ltd., t/a Domino’s While the Domino’s Pizza example is a team of expert-led Employment
Pizza had argued that the drivers is specific to the contracts operated Law, Industrial Relations and best
operated under contracts “for” by the company and their delivery practice Human Resource Management
services, were therefore self- drivers, employers should take note consultants.
employed and responsible for their of the findings and assess their own
For more information go to
www.adarehrm.ie
Accountancy Plus March Issue 202014
Finance & Assessment of the economic impacts arising
for Ireland from the potential future trading
Management relationship between the EU and UK.
News The Minister for Business, Enterprise and Innovation has published
a study commissioned by her Department, examining the
economic impact on Ireland of a potential EU-UK free trade
agreement.
Investors call for
The report, which was undertaken by Copenhagen Economics,
improved workforce reflects the trade provisions of the Revised Political Declaration
reporting for the Future Relationship between the EU and the UK. The
Political Declaration sets out the intent of both the EU and UK to
A new report issued by the
negotiate a comprehensive Free Trade Agreement to replace the
Financial Reporting Council’s
Financial Reporting Lab concludes current economic relationship. At this point, it represents the best
that reporting on workforce related indication of what a future EU-UK FTA will look like.
issues needs to improve both to Previous analysis published by the Department in 2018 found that
meet investor needs and to reflect the economic impact on Ireland of a worst-case Brexit scenario
modern-day workforces. - trading with the UK based on World Trade Organisation (WTO)
Workforce related matters such rules - would reduce Ireland’s projected annual growth rate and
as working conditions, changing result in GDP being approximately 7% lower in 2030 (i.e. the
contractual arrangements and economy would still grow albeit at a slower rate).
automation have all become areas
Taking the parameters of the revised Political Declaration, this
of increasing investor focus in
study points to a reduction in GDP of between 3.2% and 3.9%
recent years and the lab’s report
in 2030. Effectively this reduces the level of harm on the Irish
reveals overwhelming support for
economy by half.
clearer company disclosures.
While this latest study assesses the specific impact of moving to a
The report provides practical
guidance and examples on how new EU-UK FTA, in reality, the Government and firms have been
companies can provide improved engaged in intensive Brexit preparations which, taken together
information to investors. It with new opportunities under recent EU FTAs (e.g. South Korea,
encourages companies to think Canada, Mexico and Japan), have the potential to significantly
of the workforce as a strategic mitigate the impacts of the changed EU-UK relationship.
asset and explain how it is invested For further information and to read the report please visit
in, underpinned by data on the
composition, engagement, https://dbei.gov.ie/en/Publications/Assessment-economic-
retention and diversity of the impacts-Ireland-potential-future-trading-relationship-EU-UK.html
workforce.
Source www.dbei.gov.ie
Source: www.frc.org.uk
Accountancy Plus March Issue 202015
Paul has operated at an
executive level in commercial
Leadership Insight
Leadership Insight by Paul Healy
FINANCE & MANAGEMENT
environments for over 20
years. His broad areas of
expertise include: Education
by Paul Healy Chief Executive Skillnet Ireland
and Labour, Market
Policy, Human Resource
Development, Public Affairs
and Corporate Governance.
Please provide a brief history of our organisation substantially since To remain competitive, we must
your career. 2016, investing €140million in boost the other pillars of Ireland’s FDI
I spent the first 10 years of my career Ireland’s workforce during this period, proposition, particularly talent. The
in financial services, in sales and sales and delivering some of the most issue of small and medium enterprise
leadership positions. The experience innovative workforce development (SME) productivity is also a growing
of being a Financial Advisor at the initiatives ever seen in Ireland. priority area with several national
age of 22 was a positive one for and international reports expressing
me, setting the basis for sound Can you give some insight as concern around the productivity
commercial awareness, customer to what the catalyst was for this levels within our indigenous SMEs.
service and self-discipline. I went on change? Finally, to the most pressing issue
to manage a business for Bank of When you think about it, of our time; climate change and
Ireland, before switching to a career technological advances, globalisation, the implications for businesses and
in HR, a discipline I worked hard to climate action and an array of workers as Ireland transitions to a
master and served in a number of competitive forces are combining low carbon and environmentally
senior HR management positions to disrupt the workplace to an sustainable economy.
through my career. I also ran my own extent that is unprecedented in
For our businesses and workers to
business for a time and developed a history. Powered by AI, we are
adapt to this new world, and for
career in academia, all before taking seeing technology performing ever
our enterprise base to thrive and to
up my current position as Chief more complex tasks that were once
prosper, a major shift in the intensity
Executive of Skillnet Ireland. thought to be the sole domain of
of talent development and upskilling
humans. Some jobs are disappearing
You joined Skillnet Ireland as is now urgently needed. The work of
entirely, but new technologies are
Skillnet Ireland is deeply rooted in all
Chief Executive in 2016 and also unlocking enormous potential
of these challenges and they serve as
since this time, the structure of within businesses, bringing new
a catalyst for ongoing change in our
and messaging from Skillnet jobs, many of which never existed
organisation.
Ireland has changed. Were you previously. We are also seeing the
brought into Skillnet Ireland to very nature of employment itself What were the biggest
bring about this change or was being redefined, with the rise of the challenges in implementing
this something you instigated? gig economy, portfolio careers, virtual the changes and how did you
Probably a bit of both. Skillnet and remote working, and extended overcome these challenges?
Ireland is a unique organisation in so working lives.
A challenge for a comparatively
many ways. We sit neatly between small Government agency is to
Turning specifically to Ireland, there
industry and Government, leading a make your voice heard. In many
are multiple challenges now facing
partnership of 70 enterprise bodies, ways I am fortunate in this regard
businesses here, not least of which
providing talent development and because Skillnet Ireland has such a
are the complexities arising from
upskilling to 15,000 businesses and powerful story to tell. The agency has
Brexit. As our labour market continues
60,000 workers throughout the been recognised as an international
to tighten, businesses are confronted
country every year. What attracted best-practice model by the EU
with acute skills shortages in ICT,
me to the role was the immense Commission, the OECD and the ILO,
engineering, science, construction,
pent-up potential of a Government among others.
healthcare and financial services
agency that puts businesses in
among others.
control of the process, and one that Yet, that message hasn’t always cut
fosters a networked approach that Ireland’s foreign direct investment through to the domestic audience.
leverages Ireland’s open culture of (FDI) model has never been in For us, the job of good ‘storytelling’
collaboration. a position of greater challenge. is vital as each year we must
The trend over recent years is for successfully navigate an intensely
Working in deep collaboration with countries to reduce their headline competitive funding process.
our industry partners, including corporation tax rates.
CPA Ireland, we have developed
Accountancy Plus March Issue 2020You can also read
