A blockchain glossary, the CPA firm of the future, and Excel malware

Hosted by Neil Amato

Two CPAs are featured in this episode, which also highlights news of a rapid rise in malware attacks related to Microsoft Excel add-ins. First, Di Krupica, CPA, CGMA, of the Association of International Certified Professional Accountants, discusses the creation of the Blockchain Universal Glossary. Next, Mark Koziel, CPA, CGMA, the CEO of Allinial Global, shares some of the ways CPA firms can integrate with technology, how business models and firm structure might change, and more.

What you'll learn from this episode:

  • An explanation of why a glossary of terms is needed regarding blockchain technology.
  • Why the glossary is "a living document."
  • The difference between hot wallets, cold wallets, and software wallets.
  • Why one accounting leader says project management will be a key skill for the profession in the future.
  • Some of the ways the business model for accounting firms is changing.
  • A configuration change organizations can make to minimize the risk of malware related to Microsoft Excel add-ins.

Play the episode below:

To comment on this episode or to suggest an idea for another episode, contact Neil Amato at


Neil Amato: This is the Journal of Accountancy podcast. A quick summary of what's in store for today's episode: First is more information about an updated blockchain glossary which can help you stay in the know about the terms in that realm. Then is a segment on the future of accounting firms, especially as it relates to technology. And we've got news on a dramatic rise in cyber attacks related to Microsoft Excel, plus the steps you can take to guard against it happening to you.

Welcome to the Journal of Accountancy podcast. This is Neil Amato, and with me for this segment is Di Krupica. Di is a CPA and she's my colleague. Di is lead manager–Emerging Assurance Technologies at the Association of International Certified Professional Accountants. We're going to talk today about a Blockchain Universal Glossary. First, Di, welcome to the podcast. What is the Blockchain Universal Glossary?

Di Krupica: It's really great to be here talking with you today about one of my favorite resources in the blockchain digital assets space. This blockchain universal glossary, it was published in October of 2020, and basically what it does is it incorporates all terms that are in all of the AICPA/Association blockchain digital asset content.

Originally, what we wound up doing was we took a look at all this content, we combed through it, we reviewed key terms in it and identified those terms that we thought were best needed to be explained. Because in the space, there's really a whole lot of new vocabulary. It's a whole new language, and people can get easily confused. What we wanted to do was help those that are operating in this space to have the solid understanding of these terms so that they can build confidence and, in turn, just have a great foundation to perform whatever job function they are working in.

Amato: It may seem obvious, given that if you ask someone to define "blockchain," it's not really easy to do but what is the specific need or needs served by creating this glossary?

Krupica: Ultimately, what we wanted to do was remove as much confusion as possible. In this area, it's easy to be confused, especially when you're starting out the first time. We call it the universal glossary because every piece of content that we have published in this space points to this glossary. Originally, we had multiple glossaries in each of the pieces of content, and we understood we really ran the risk of defining the same term differently, which would just add confusion to everybody. We decided to go ahead, remove that risk, and have one single source for the definition of terms.

Amato: The glossary is based on some other Association or AICPA assets, which I guess you mentioned, and those assets themselves may have updates. I guess fair to say this is a living document that will change as new terms or definitions emerge.

Krupica: That's exactly right. It's an ongoing project. In fact, what's currently published is the second version of the glossary. We originally published back in October 2020, and we've just recently issued a new version a few weeks ago. As we go ahead and work with the Digital Assets Working Group or other blockchain working groups that publish new content, we go ahead and look at that new content.

We assess the terms in there if they haven't been incorporated. We go ahead and bring them into the glossary. We're really intentional as far as the order is concerned. We never want to go ahead and define a term before it and the context around the term has been properly vetted by these working groups. On a going-forward basis, we will always be updating the glossary as we develop content. Currently, the key source for these terms is the digital asset practice aid that's been updated with new content each year, and we will continue to do so. The glossary will be updated and reviewed on an annual basis.

Amato: Do you have an example of one or two items in there that you learn more about as a result of putting this together?

Krupica: Thinking about that, there's just so much that I learned throughout the original issuance of the glossary as well as the update. You would think it'd be easy to put words around a term, and maybe it is; however, getting everyone to agree to those words and what they exactly should be, that's the challenging part. It's difficult to narrow down just a couple, but starting off with the basics and what I've learned.

Let's say digital assets versus crypto assets. Digital assets refers to this broad range of assets. It's a whole asset class, and ultimately, a digital asset is a record using cryptography for a verification and security purposes. Whereas, you flip to a cryptoasset, and that's a type of digital asset. It's a subset of it, and it can function as a medium of exchange. Knowing the hierarchy is really important, and I learned that through the process.

Second thing that I learned was all the different types of wallets that are used. These wallets, they store a private key, their associated public key or blockchain addresses. There are hot wallets, those that are connected to the internet, and then there's cold wallets, those that are disconnected completely from the internet. There's hardware wallets, which are actual, physical devices such as a USB plug-in or software wallets which you can access from your phone.

Just understanding also the fact that a wallet is not where you hold your cryptoasset. Like, a traditional wallet, you put your cash in it. The wallet is specifically to store those private keys, and the public key, and the blockchain addresses. It's important to understand how everything works together. I've learned a tremendous amount of knowledge from the group that I worked with, which happens to be a subset of the Digital Assets Working Group that I work with on a daily basis.

Amato: For me, some of the terms that stood out, that I thought were interesting, the hard fork versus soft fork. For the listeners, if you'd like to learn more about, say, a cold-storage wallet, check it out. We'll post a link to the glossary in the show notes for this episode. Di, thank you for this explanation. Is there anything you'd like to add in closing?

Krupica: Yeah, I think the key takeaway is that, one, I couldn't develop this resource without the volunteers from the Digital Assets Working Group and all the reviewers involved. Really wanted to just thank them for their time, their knowledge sharing. They are an important part of why this is successful and why we can produce these resources that are much needed. Second is, use the resource. It's a great source of information to give you a foundation that you will need to start to understand how everything works together. Third, please reach out to me. I'm available for any questions you may have. If I don't have the answers, I can certainly point you in the right direction.

Amato: Thanks to Di Krupica for being on the podcast. Next up is an interview I conducted in December on firms and technology.

Now joining the Journal of Accountancy podcast is Mark Koziel. Mark is a CPA who is now CEO of Allinial Global. He is a former colleague of mine at the AICPA. Mark, thank you for being here. We're recording at the Digital CPA Conference in Nashville. Tell me first, emerging technologies and there's a pandemic-fueled demand for remote work obviously changing the staffing approaches for accounting firms. How is that happening?

Mark Koziel: There's a variety of things. I think Erik Asgeirsson, the CEO of CPA.com said it best yesterday, that with this Digital CPA Conference, which is now 10 years running, that the first eight years prepared everyone for what happened in the last two. This constant discussion of emerging technologies, being in the cloud, looking at different ways of doing work, creating client accounting services for your clients that it didn't matter where you did it or who you were doing it for necessarily because now we can move beyond geographies.

I think that that has been accelerated due to what's happening with the pandemic and more companies saying, you know what, "I need to outsource. I don't want to have to worry about this in my office. I don't even have to worry about somebody coming into my office to have to do it." All of that, and it has created even more opportunities for firms to be able to do it and find new employees.

But there's been a whole staffing dynamic that's really erupted out of this. The firms, those that will embrace being remote and allowing for anytime, anywhere work, are the ones that will succeed into the future.

Amato: Do you think that's a challenge that's specific to firms, meaning that maybe in the past there was that culture to quote, "be seen" in the office, to be seen putting in the hours?

Koziel: Yeah. I think a lot of things now are going to change the business model in different ways and that being seen, because billable time mattered, is going to be a thing of the past eventually. We're stuck in this pause mode of what that looks like. But when we start to talk about different value propositions for clients, or how are we going to get paid when the emerging technologies are allowing us to do things differently, more efficiently, does that mean that we just charge our clients less, or should we be charging our clients differently? By being different about that is going to help with the, I don't care where you are, get it done, here is your workload, just get that done by your deadlines and we're good to go.

Amato: What about the structure of accounting firms? Do you see that changing based on the roles that tech will play?

Koziel: Yeah, depending on the service line that you're talking about, one of the things we are seeing a trend in in the larger firms is this shift from being in the department of what you do to being in a group that services a particular industry. Having that industry expertise trumps saying that "I'm an auditor" or a tax person or what have you, that the teams are being put together very differently. We're already seeing that business model change.

I think it's a little harder for smaller firms to say, "OK, we're going to be that one specific niche." Although, when we talked about client accounting, the small firm was the driver of that, sole practitioners who said, "I want to do client accounting, I want to do it for breweries, or not-for-profits, or health care, or doctors or dentists," and they picked that one particular niche. Now you have larger firms who are starting to see the light on that. Then they may just have multiple niches based on the multiple teams.

Amato: As it relates to structure, what positions going forward might be or could be filled by nonaccounting professionals?

Koziel: There's a lot of that happening now. When you look at the fact that the firms have shifted more into the advisory space and the technology space, your "nonaccounting majors" as we'll call them today, CPA Evolution will hopefully fix some of this with technology, but more firms have gotten into cyber, tech advisory, tech implementation, HR advisory. There's all these other things. Having it under one roof, one firm, provides the ability to go to market and be that one-stop shop.

Firms are still embracing the fact that they have a level of trust in the marketplace thanks to audit, which is still the one thing we're licensed to do, that it has that exclusivity. Tax, we have permission to do, just because of the years that we've had it. And the client accounting, we have competition now in non-CPA firms in client accounting. We have Pilot that was created by [Jeff Bezos]. But firms are still winning because of that advisory aspect and the trust level that a lot of small businesses have with their CPA.

Amato: What about as it relates to staffing? Where I'm going with that is workload compression of busy seasons. Maybe whether you're having part-time staff or contractors work for you. What's the trend there?

Koziel: I think the first question is, do I need to staff it? We had a session here at Digital CPA. I had two CEOs from our larger firms who both have operations outside of the U.S. in addition to their U.S. firm. What sparked this for me was years ago, both firms have said to me that had we not done that, we wouldn't have been able to grow the way that we've grown. If you want to say about outsourcing is an offshore option, it's not about eliminating jobs, it's about supplementing so you can continue to grow. It's about taking some of the more routine tasks out of the hands of your CPA professionals in the U.S. so they can focus on bigger things with the client.

In both instances, how they're looking at solving problems in the firm, they say, we look first to automate. If we can't automate all of it, can we automate a portion of it, knowing that we will eventually automate it all. If we can't automate it, can we outsource it or offshore it based on where it is. We can't offshore it, can we find the people to do it? But it's so hard to find the people that those first two options are really why they're focusing on that because that's what's going to drive the business.

Even when you talk about there's bots now being built, a couple of these firms have created a bot that at a push of a button, all tax extensions for partnerships are done — completely automated. Now, you could walk the halls of your firm today and say, show of hands, how many people here love filing insignificant tax extensions for partnerships? Show of hands, who will also volunteer for that? They're taking those things that people hate or know that there's less value. They're putting that into the hands of technology, they're putting that in the hands of outsourcing, and then getting that bigger work. They're still growing exponentially.

Amato: To be able to work with that technology and still be competitive in the marketplace, what do you think are the skills that CPAs in public accounting need to have in 2022 and beyond?

Koziel: I think first and foremost is project management and being able to manage the client in a different way, whether it's client accounting or how we do tax, audit, and the like. It wouldn't be a bad idea to go to pricing school and figure out how to price engagements or how to talk to clients about the value proposition we're actually providing, and that's bigger tools.

Advisory training — because the clients aren't seeing value in us doing process and procedural work. They're getting value out of a tax return. They don't care as much who actually filled in the boxes. That's not the value to them, it's the fact of being able to deliver it to them and show them that they have peace of mind. I think project management, being able to scope work appropriately, so that when we fall out of scope, we're able to have that discussion with the client, and then being able to deliver on it in an advisory way in all the things that we do.

Amato: Thanks to Mark Koziel for taking time to join the show. I mentioned the Excel news at the start of this episode. Jeff Drew has coverage in the Journal of Accountancy, and we will link to his article in the show notes. What you need to know: A report has shown a huge surge in malware instances related to XLL files. HP Wolf Security is the author of that report, and it is urging organizations to take a few actions related to configuration. One of those is to configure Excel to allow only add-ins from trusted publishers.

Again, there's more in that article on journalofaccountancy.com. That's all for this episode. A reminder that if you'd like what you're hearing, let us know where the rating and review wherever you hear the show. Thanks for listening to the Journal of Accountancy podcast.