Risk management for Accountants: protecting facilities and property from damage

Risk management is a prudent practice for all types of businesses. As time goes on, it is essential to re-examine your company’s landscape and compare it with current business practices. 

It is even more critical for accountants who have access to various sensitive, personal and corporate financial data to conduct a routine risk management check-in.

The three biggest liability risks facing accountants are:

• Data security
• Accuracy in output and advice
• Protecting facilities and property from damage

In part one of our series, we went in-depth into the data security risk facing Accounting firms. In our next segment, we will review accuracy in output and advice.

Today, we will dive into protecting facilities and property from damage.

Accounting firms are subject to risk regarding damage to their facilities. Facility damages include severe weather (lightning damage, overland water), power outages, or other problems that are entirely out of the firm’s hands. 

Beyond the physical building, many accounting practices keep physical client tax returns and other financial records. Damage or theft of client records is also a concern. 

While there has been a significant rise in cyber-related crime, physical break-and-entry is also always a risk to be aware of. Criminals may look to steal computers and other sensitive financial documents. Many of these criminals will then similarly sell that data as cybercriminals – through the dark web.

To gain more insight into your risk profile it is essential to ask:

How is your business physically operating today?

If you are a sole-professional practice, you may have a rented office somewhere, could be in a shared office facility, or could be simply operating out of a home-based office setting.

If you operate a larger practice, you likely have an office in your facility or a shared facility setting.

How your business operates will help determine where to focus efforts.

For example, consider the slight difference between operating your practice in your building versus a shared facility. In an individual unit, you have complete control over the building entrance points, security protocols, and more. Regardless of whether you rent or own, you also can more easily keep track of maintenance schedules to ensure any potential issues to the building’s integrity are proactively addressed.

Having your own facility does not mean you can divert attention away from other security protocols related to physical documents. Still, it does give you more control over the entire risk management process. 

In a shared facility, you do not have the same control. In your segment of the building, you may have to emphasize the physical security of client records. It may not be enough just to lock your door in the evening. You may also need to consider a proper lock and key system to keep client data safe (keep a clean desk).

You may also need to take added steps to ensure everything is safe from severe weather issues. Ensuring no client documents are on the ground can help prevent overland water-related issues.

This is all with how your business is today. But have you considered if anything has changed?

Has the physical operation of your business changed since the pandemic?

*and does your insurance company know about those changes?

For example, if you were operating in a small rented space and have shifted to a home-based office, you may have limited to no insurance coverage in place. If you are now working from home, it is essential to review the coverage offered through your homeowner’s insurance policy to see if you and your business are protected. 

Risk Management Advice: Most homeowner’s policies do not provide any protection for home-based business activity. This means that unless you get a specific commercial package to protect you while operating at home – your client information, computer, and other items may not be insured. Worse yet, if you have clients coming to drop off tax returns or provide other physical personal documents to your home, you may have no coverage in place for third-party liability (injury) issues.

Reviewing your risk management practices from time to time is an excellent opportunity to not only mitigate risks in your business; it also opens opportunities for new efficiencies and processes to improve how your company operates. 

Should you have any questions, we are happy to discuss them with you in more detail. We will cover the other two primary risk categories in our next piece.