Danielle Supkis Cheek, director of entrepreneurial advisory services for Pannell Kerr Forster of Texas PC, will be a presenter at the Jan. 7, 2021, PICPA Technology for Public Accounting Conference. In this podcast, she joins us to provide an update on information technology standards implementation and independence, including delays brought about by the ongoing coronavirus pandemic.

If you’d like, you can download this episode’s audio file. Additionally, you can follow us on iTunes, Google Play, or subscribe to our RSS feed.


Thank you to our sponsor:



View sponsorship and commercial opportunity details.

By: Bill Hayes, Pennsylvania CPA Journal Managing Editor

Podcast Transcript

On January 7, 2021, at the PICPA Technology for Public Accounting Conference, Danielle Supkis Cheek, director, entrepreneurial advisory services, for Pannell Kerr Forster of Texas PC, will provide an update on information technology standards, implementation and independence, including delays brought about by the coronavirus pandemic. Today, she offers us a look at what she will talk about during what is sure to be an informative session.

I guess the first question here, COVID of course being such a pressing topic right now, why did COVID-19 cause the IT services interpretation related to independence to be delayed?

[Supkis Cheek] I think the Professional Ethics Executive Committee, or PEEC, was trying to make it a little easier on practitioners that we're having to deal with a lot of other issues that were not anticipated. They actually extended three standards at the same time and IT services just happened to be in that suite of interpretations that did get delayed.

If you think about it, some of the requests that clients have needed assistance with during COVID actually, potentially, could be conflicting with the new interpretation, but in some cases they may not be. Overall, the interpretation was supposed to be pretty close to the current kind of best practices of independence, but there are a couple areas where it may be more restrictive in independence and then that could have created a problem where you're trying to figure out what a client needs during an emergency situation on top of implementing the new standard. It's just a lot to put onto a practitioner.

What should firms be planning for prior to the interpretation release?

[Supkis Cheek] I think having a good understanding and reading through the interpretation is going to be first and foremost, going through what service offerings you have and how could it impair independence. One of the tricks is going to be collecting various license agreements or software license agreements, user agreements, and making sure that what you've signed with your various vendors for software offerings is not triggering some of these clauses in IT services interpretation, as well as the interplay with the hosting interpretation.

I think that's a good place to start. Looking at your various service lines that you offer, particularly if you're in a data analytics space, there's going to be some questionable things that could happen in dashboarding.

If you're doing dashboarding for clients, really watch out for some of these tricky places that you can actually get tripped up.

At this point, what issues have come up in post implementation related to independence?

[Supkis Cheek] Right now, we're in post-implementation for the hosting interpretation. While it sounds pretty innocuous from the names of, "Oh, I don't host information for clients," that interpretation actually had some kind of making sure that the CPA doesn't become the de facto host in effect for a client. Portals are always complex. I think people are still having portal problems.

I would say the things that we're struggling with in theory, as well as I know other firms are, is the affiliates with respect to independent clients. Trying to figure out what affiliates are, particularly on the tax side, the individual returns versus the business return type stuff, that is still really difficult to manage. I would say that's an issue, some ongoing software licensing. Then I'd say some of the interplay on the IT services side.

As I mentioned before, that IT services interplay with all those user license agreements; there's such a push for getting discounted software through CPA firms, through the vendors right now, and massive discounts as well. CPAs want to offer that to the clients. So you're having to watch, okay, where's the data living? Who has the right style access to it? You're having to do a lot of interpretation through analogy because of all the different software providers out there right now.

You had mentioned hosting earlier: What challenges should firms prepare for, in terms of the hosting interpretation related to independence?

[Supkis Cheek] I'd say the number one is those portals. Then in the IT or data analytics space, those various software offerings that you can get to a client. For example, if you want to do something that's like Tableau dashboarding, not only could your Tableau dashboards impair your independence if they're really good dashboards in the sense that they become their own financial information system, but you can actually trigger the hosting component as well. Because if you're putting it on a Tableau server that you control, like your firm's Tableau server versus the client having direct access through Tableau and not going through your domain and they have their own tenant, then you might be okay. But that starts getting really tricky. How do you set that up? How do you make the client pay for which service offerings, what software? How do you parse those different things out? How does the client in effect be able to fire the CPA and take their stuff with them?

No one talks about, "Well, Mr. Software Vendor, I'd really like to know what's the procedure that my clients can fire me and they get all their data?" When you have that conversation with the vendor, they kind of just laugh at you and it's like, "Actually, I'm quite serious about this."

I think those are the, how do you handle those, and the hosting interpretation is very tricky in that regard. You have to go to some of the interpretive guidance in the FAQs to try to get those analogies to figure out how it plays out from the mostly general ledger and tax software that are talked about in FAQs into that data analytics space.

Are there any other IT standards that may be modified when the interpretation is final?

[Supkis Cheek] As of right now, I'm not aware of any. The IT services was the last of the suite of three standards. The first one was a cloud-computing type thing that was not overly remarkable or concerning. This is the last one in the series that I'm aware of. However, I am aware that there's expected to be some FAQs at some point based on questions that people have had trying to implement this standard.