Tag Archives: policies

In My Time…

mom_n_us

I have known my mother all my life so, at this point, I should not be surprised by anything she does. Yet, just about every time we spend time together, which is nowhere near as much as I would like, she tends to both surprise and impress me. This time it was as we were driving her to our home from the airport. She had been visiting my brother and was now chatting on the phone with a college friend of hers who lives in Connecticut. We overheard her congratulate him on his new job. “I saw the news on LinkedIn,” she explained to him. LinkedIn! I knew my mother had a LinkedIn profile but I had no idea that my mother actually used LinkedIn. After she got off the phone we quizzed her about her LinkedIn use and discovered that she is quite active in social media. It got me thinking about a piece I wrote on social media: Use Social Media, Don’t Let It Use You.

My mother is an amazing example of this maxim and she did not even need an AICPA Forensic and Valuation Services conference to understand the power and usefulness of social media. My mother is active on LinkedIn and on Facebook, making checking on these sites part of her daily routine. She has perfected her routine so that social media does not become a time suck. She is in and out before we realize it and yet, she comes away with knowledge about what her connections are up to and she has also interacted with several people in her network. Often, she uses YouTube to learn more about taking care of her orchids, a big passion of hers. I have heard my mother recommend that others seek information from various social media sources, telling them how helpful those resources have been for her. Taking her own advice, while she was visiting with us, she created a profile on Pinterest to help easily expand her access to knitting and crochet projects, she explored Instagram and became curious about Twitter.

What makes her embrace of social media  all the more surprising, for me, is that, for the last ten years, my mother is a farmer who lives just outside Gweru, the fifth largest city in Zimbabwe. Because she is out of the city, her access to fast and reliable internet can be challenging. In addition to this. my mother tended to use her computer as a fancy calculator and word processor. Now she uses Dropbox to store her large files in an easily accessible space and shares files quickly and efficiently, like a pro. When she sees someone using social media in a way she has not yet discovered, she asks questions, takes instructions and uses what she has learned. She has told me that she used to be afraid that something would go wrong and that she might break something by pressing the incorrect button. However, she has now found that it is sometimes fun to mess up and it is simpler than she imagined to rectify an error. An added bonus is that, at times, messing up can help her find a new and improved way to use social media.

During her visit, my mother would start many stories with the words, “in my time”. She would exclaim about how things have changed and, though she had happy memories about those days, she was also always willing to have new experiences. “I used to think, what can the internet and all this technology really do for me at this point,” she told me, “but now I see that there are so many things I can do better and faster and more easily. I can find so many things and I can learn about anything!” My mother has inspired me to continue my explorations in social media, while keeping in mind the first rule of social media, “don’ t say anything you wouldn’t say to your mother” because, in my case, my mother may very well be taking note. We are both seeing that this too is our time and we are making the most of it.

Advertisements
Tagged , , , , , , , , , ,

What’s The Problem?

Image

As my training long runs have become longer, so too has my preparation time for these runs. Yesterday, it took me about an hour to get ready for my 20 mile run. I had various things I needed to do before I could head out:

  • I have an atrocious sense of direction yet, especially when clocking many miles, I like to avoid boredom by running new and different routes on my long runs. So, usually the night before a run, I pull up a run-tracking website and search for routes that others close by have run. I then make notes, with street names and turns, on a small piece of paper. I make the notes in pencil so that, even if the paper gets damp during the run, the notes will not smudge. I map a route that is shorter than the distance I needed to run, giving myself at least a mile in which to get lost, because I get lost very often.
  • I have a banana and a packet of energy gel and wash it all down with some water. It has taken a lot of trial end error (still a work in progress) to figure out what, and when, I can and cannot consume during long runs. I also take some packets of energy gel with me, to take regularly during my run.
  • I cover my body with a fancy version of Vaseline in order to reduce the chances of getting chafed.  I have found that, just when I think I have all my bases covered, a new part of my body is chafed, usually by a new piece of clothing or wet weather. When I first started running, I only needed to treat a small part of my body and it took just a few seconds. Now I am at an almost head-to-toe process.
  • My running gear choices are made based on what protects my body and inspires me. So my clothing serves the dual purpose of being comfortable and cheering me on.
  • I apply sunscreen and check the weather to see whether or not I am going to need a cap to keep the sun out of my eyes.
  • I strap a water bottle to my arm. I also try to map my run so that I run through areas with water fountains so that I can refill my bottle, should I need to.
  • I use my asthma inhaler, put on my headphones and I’m good to go.

One should pay at least this much attention to protecting your financial control systems, and the check ups and improvements should be an ever-evolving process. Part of the process is ascertaining the flaws in the systems and correcting them. There are general rules that serve as guidance, but each entity has its own peculiarities, strengths and weaknesses. For example, though both should have a policy of separation of duties, a company of six people and a finance department of two will determine how they do this very differently from a huge multinational corporation with 500 employees. Though both will have an audit trail, a manufacturer will have documents that look quite different from a consulting firm. Setting up a financial system starts with general rules, such as:

  • The double entry accounting system, of course. The double entry accounting system helps detect errors and fraud in the books. Of course, it is not foolproof, but it is a powerful tool.
  • A written procedure manual is essential. This can be used as a reference so that employees have a checklist for the work they do. It is also helpful to have this manual so that management knows what is currently being done and can review this manual to come up with improvements and revisions to the system. This manual does not have to be a complicated tome that rivals the bible in heft and verbiage. It should be straightforward, unambiguous and easy to understand. The goal is to minimize errors and misstatements in the ledger, not to confuse the users with complex language and instructions.
  • Authorization controls are very important. An example is a requirement that checks over a certain value be signed by more than one account signatory. The reasoning here is that it becomes more difficult for collusion to happen, the more people there are involved in a transaction.
  • Variance analysis of the income statement and review of the balance sheet. Regular analysis of the numbers in the books, how they relate to other accounts in the books and how they trend over time helps highlight anomalies and, at times, spot places where errors are happening or someone is trying to hide fraud.
  • The aforementioned separation of duties. No one person should be in charge of an entire accounting process. The person taking checks to deposit in the bank account, should not be the same person recording the income in the books – that would give the opportunity for checks to disappear without anyone knowing they are missing. The person with physical custody of inventory must not be able to adjust the inventory numbers in the books.
  • Regular audits of the books, both internal and external, should be performed.  A review of the financial information by parties other than those who prepare the information is an important way to check for misstatements and errors. It is a great way to get objective points of view about the character and content of transactions and whether or not they have been properly recorded.

Armed with the general rules, it is then vital to adapt these rules to the entity. A small company does not have the staff or budget for an internal audit department. However, management can decide to occasionally have auditors in to conduct audits of their records and control systems, especially if they have concerns about vulnerabilities or fraudulent activity. A company that decides to go paperless must carefully plan and closely review their new system to ensure a proper audit and authorization trail remains. They should also think about proper data backup plans. It should take more than a small fire in the server room to destroy a company’s records. Even with a small company, separation of duties is possible. A company can be creative with this having, for instance, the receptionist keep a log of checks that are received before they go to the accountant for recording in the ledger.

In the same way that it is with my running, managing and controlling financial systems is an eternal work in progress. As situations, technology and company profile change, so too do the challenges, weaknesses and strengths of the entity’s financial systems. Determining what the issues are is key to finding solutions to resolve them. There may be changes in local, state and federal laws that will require special reports or a different method of recognizing income and expenses. Staffing at a company may grow or shrink and, therefore, the assignment of duties in the company may need to change. This change may be to prevent one person taking over an entire process, which would lead to a lack of review of their work and an increase in the opportunity for fraud. This change may also be to improve a system because a larger staff can lead to more effective separation of duties. There may be software innovations that improve efficiency and staff will need to be trained in how to use this improved software.

It is important to remember that the evolution of a financial system is ongoing and that rules and procedures are not set in stone. To quote Tom Hood, “In a period of rapid change and increasing complexity, the winners are going to be the organizations and people who can learn faster than the rate of change and faster than their competition.” This includes learning how to improve and strengthen the financial systems and their controls. The goal is to always get stronger, more efficient and to prevent injury or disaster, be you running a marathon or running an entity.

Tagged , , , , , , ,

Say It Clear

Image

Recently I blogged, at AICPA Insights, about the importance of social media and getting ahead of it, instead of it overwhelming you. Social media is not just a way for people to share photos of their kids and pets with friends (and the internet at large) it is also a powerful business tool that is proving to be essential to the long-term survival of a business. Because of this intersection of the personal and profession on such a public platform and especially because of the sensitive nature of  a lot what the forensic accountant is involved in, it is vital to have a corporate social media policy in place.

It is nowhere near enough (and sometimes not necessarily good for business) for a company to declare that employees are not allowed to use social media while at work. In an age where most people have personal access to the internet through smartphones and tablets, a company blocking internet access on their computers is not enough to keep an employee silent on the web. And, is silence what a company wants at a time where having a social media profile is of the utmost importance to a business? Also, blanket policies are coming under fire from federal regulators. As reported in the New York Times, the National Labor Relations Board (NLRB) has stated that workers have the right to discuss work conditions freely and without fear of retribution, whether this conversation takes place in the workplace or via social media.

It makes more sense to figure out a way to manage the risks of social media and, as shown by the recent NLRB cases, the policy a business comes up with should be legal and specific. Beyond keeping in mind the wise words, “don’t say anything you wouldn’t say to your mother, here are some things to think about:

  • Forensic accountants can begin by tying their social media policy to the AICPA’s Code of Professional Conduct. In the same way that their work should be directed by this, so too should their social media interactions.
  • The social media policy should make very clear that confidential information cannot be be disclosed. This is particularly important for practitioners involved in litigation, where a good deal of information is privileged, to be clear that this information cannot be published in social media.
  • A follow up to the previous point was brought to mind by a friend who is in litigation. When working on a case where even the location of a meeting is confidential, practitioners must turn off GeoTagging in their social media. For example, someone posting a completely innocent post on Facebook may not realise that the GeoTagging that declares that he is at the Waldorf Astoria has just revealed the location of the confidential meeting he is attending.
  • The social media policies of IBM and the MACPA are a good place to start. The MACPA is of particular usefulness to those in accounting, be it in litigation support or elsewhere.
  • A social media policy is not set in stone; it should be updated as technologies and privacy issues change.

What is most important is to start out ahead with a social media policy, instead of trying to create rules once things have spiraled out of control. A straightforward, specific policy that recognizes the importance of social media, makes clear what is on and off limits, is legal and encourages those in the business to be innovative with the tools offered by these new and emerging technologies.

Tagged , , , , , ,