June 2019

  • Digitalisation: auditing more than financial data
  • Cybersecurity Act enters into force on 26 June
  • EU adopts sanctions against cyber-attacks
  • ESAs publish joint advice on ICT risk management and cybersecurity
  • Auditability of AI systems is key to ensure accountability, says the EC
  • OECD adopts the first intergovernmental standard on AI
  • International community agrees a roadmap to resolve the digital economy tax challenges
  • Crypto assets, AI and machine learning, fintech on the IOSCO 2019 work program

Tomorrow’s Accountant Superheroes – Interview series continued

Digitalisation: auditing more than financial data

Wesley Schulte from Finext, a Netherlands-based consultancy, discusses what the digital future holds for accountants and auditors. He believes that auditors and accountants have an opportunity to overcome the status quo to fully meet the fast-evolving, technology-driven client needs that go beyond traditional financial data.

Wesley was one of the speakers Accountancy Europe interviewed about the future role of the accountant within the framework of its 2018 Digital Day. Read more

Cybersecurity Act enters into force on 26 June

The Regulation establishes the first European certification framework to ensure that certified products, processes and services sold in EU countries meet cybersecurity standards.

Such certification schemes could be helpful for the profession:

  • external accountants evaluate the safety of their ICT products/services, such as cloud storage
  • accountants in business to better understand the cyber security risks of their organization
  • external auditors to better understand the cyber security risks of the audited organisation.

The enhanced ENISA’s (European Union Agency for Network and Information and Security) mandate gives it an active role in facilitating Member State cooperation in case of cyber-attacks. Read more

EU adopts sanctions against cyber-attacks

On 17 May 2019, the Council established a new legal framework for sanctions targeting those responsible for cyber-attacks from outside the EU that threaten the Union or its Member States.

This framework makes it possible for the EU to “impose sanctions on persons or entities responsible for cyber-attacks or attempted cyber-attacks, who provide financial, technical or material support for such attacks or who are involved in other ways. Sanctions may also be imposed on persons or entities associated with them.” Read more

ESAs publish joint advice on ICT risk management and cybersecurity

In response to the EC request in its March 2018 FinTech Action Plan, the European Supervisory Authorities (ESAs) – EBA, EIOPA and ESMA – published Joint Advice on:

  • the need for legislative improvements relating to Information and Communication Technology (ICT) risk management requirements in the EU financial sector;
  • the costs and benefits of a coherent cyber resilience testing framework for significant market participants and infrastructures within the EU financial sector.

Read more

Auditability of AI systems is key to ensure accountability, says the EC

EC ethics guidelines for trustworthy AI put forward key 7 requirements for the AI systems to be considered trustworthy. Accountability for the outcomes is one of these key requirements. Auditing processes should be put in place to ensure accountability:

“Auditability entails the enablement of the assessment of algorithms, data and design processes… Evaluation by internal and external auditors, and the availability of such evaluation reports, can contribute to the trustworthiness of the technology. In applications affecting fundamental rights, including safety-critical applications, AI systems should be able to be independently audited.”

OECD adopts the first intergovernmental standard on AI

On 22 May, OECD formally adopted the first set of intergovernmental policy guidelines on trustworthy AI.

The standard identifies five principles for the responsible deployment of trustworthy AI:

  • inclusive growth, sustainable development and well-being;
  • human-centred values and fairness;
  • transparency and explainability;
  • robustness, security and safety;
  • and accountability.

These principles are complemented by five recommendations to policy-makers:

  • investing in AI research and development;
  • fostering a digital ecosystem for AI;
  • shaping an enabling policy environment for AI;
  • building human capacity and preparing for labour market transformation;
  • and international co-operation for trustworthy AI.

Read more

International community agrees a roadmap to resolve the digital economy tax challenges

The 129 members of the OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting (BEPS) adopted Programme of Work to Develop a Consensus Solution to the Tax Challenges Arising from the Digitalisation of the Economy on 31 May 2019.

The work program sets out two pillars to resolve technical issues; one to determine where tax should be paid and on what basis and the other to ensure multinational enterprises pay a minimum level of tax.

The OECD’s goal is to agree a unified long-term solution to the tax challenges posed by digitalisation of the economy by the end of 2020. Read more

Crypto assets, AI and machine learning, fintech on the IOSCO 2019 work program

Crypto-assets, artificial intelligence and machine learning have been identified by the International Organization of Securities Commissions (IOSCO) among its five priority issues for 2019.

Crypto-Assets: IOSCO says that concerns throughout the industry about the trading, custody and settlement, accounting, valuation, intermediation, and investment fund exposure relating to crypto assets have implications for investor protection. Therefore, it will look into how platforms where crypto-assets are traded are regulated and will examine regulation of investment funds with exposures to crypto-assets.

Artificial Intelligence and Machine Learning (AIML): With AIML being increasingly used in financial services, IOSCO will examine the supervision of market intermediaries, including asset managers, that work with AIML. The related ethical challenges will also be examined. Read more

IOSCO Cyber Task Force’s Report

IOSCO Cyber Task Force (CTF) published a report on existing frameworks for cyber regulation. It examines how three internationally recognised cyber frameworks (“Core Standards”) are implemented and identifies potential gaps in their application. The report aims to serve as a resource for financial market regulators and firms, to raise awareness of existing cyber regimes and to promote sound practices: “because of the high degree of interconnectivity between securities markets, infrastructures, and firms, the global financial markets are only as strong as their weakest link”. Read more

ACCA Report: Machine learning More science than fiction

As new tech developments rapidly permeate business environment, it is critical for accountants to develop an understanding of the benefits as well as challenges they bring.

The report highlights how AI and machine learning can add value to the work accountants do e.g. generate valuable insights for business decision-making, fraud detection, risk assessment, non-financial reporting to name just a few.

At the same time accountants need to be alert to ethical challenges that may arise from decisions made by algorithm. Hence, it is critical for all finance professionals to be aware how increasingly capable technologies can impact their work. Read more

Joint Report: Cyber and the CFO

Cyber security is seen as top five business risks and as high risk to organisation, according to the results of the survey conducted by ACCA, Chartered Accountants Australia and New Zealand, Macquarie University and Optus. “Yet, cyber security is not managed as a business risk, and too often, it is left to the information technology professionals alone to handle.” Read more


Can you trust a robot? As technology is transforming accountants’ daily work, the article explores ethical challenges that come along with the disruption

The battle for global control of cryptocurrencies. The article looks into how cryptocurrencies are finally going mainstream and those who have dominated them are having to move over.

In case of emergency: What more could have been done to lessen the effects of the attack? An ICAEW webpage taking a quick look at cybersecurity in the financial services sector.

Information overload: effective boards and committees in financial services. The ICAEW report offers practical recommendations to reduce the size of board packs and make them more effective for boards.This curated content was brought to you by Iryna de Smedt, Accountancy Europe policy advisor since 2009. You can send her tips by email and connect with her on LinkedIn.