Accounting Software Features

Dear Auditors, Database Audit and Access Reviews Databases hold the crown jewels of every organization, sensitive data. Customer records, financial transactions, trade secrets, and analytics all live here. That’s why database auditing and access reviews are vital to every IT and cybersecurity audit. 📌 Understand the Database Landscape Start by identifying all critical databases, production, development, and test. Many breaches start from overlooked non-production environments that hold live data. Make sure the inventory is complete. 📌 Review Access Controls Who has access to the data? Check database roles and user accounts. Confirm that privileges align with job functions. Administrators, developers, and analysts should have only the access they need, nothing more. 📌 Privileged and Shared Accounts Pay close attention to privileged accounts such as DBAs and service IDs. Are passwords shared? Are activities logged? Strong auditing means every privileged action should be traceable to an individual. 📌 Segregation of Duties (SoD) No single person should be able to develop, approve, and deploy database changes. Review SoD matrices for key roles like developers, DBAs, and application owners. Lack of separation often hides unauthorized activity. 📌 Database Logging and Monitoring Confirm that database audit logs are enabled. Logs should capture login attempts, privilege escalations, data exports, and schema changes. Review where logs are stored and how long they’re retained. Attackers often delete logs, auditors should ensure they can’t. 📌 Encryption and Masking Sensitive data should not be stored in plain text. Review encryption controls for data at rest and in transit. Check whether test environments use masked or anonymized data to reduce exposure. 📌 Access Review Process Periodic access reviews help maintain control. Ensure that managers regularly review user access lists and revoke access for inactive or transferred employees. The process should be documented, tracked, and verified. 📌 Audit Evidence Key artifacts include user access listings, role definitions, privilege reports, audit logs, encryption configurations, and access review approvals. These provide assurance that database access is both controlled and monitored. Strong database auditing builds confidence that data is protected from insider abuse and external compromise. It demonstrates that the organization not only stores information, it safeguards it. #DatabaseSecurity #DataGovernance #ITAudit #CyberSecurityAudit #AccessControl #GRC #RiskManagement #InternalAudit #InformationSecurity #DataProtection #CyberVerge #CyberYard

If Only … Ideas for an Internal Audit Hackathon in the AI Era A couple of weekends ago I had a rare free hour and I decided that I would try and write down as many ideas that I could – my own personal hackathon! – about what tools I would invent for the AI era of Internal Audit. The easy part was the scribbling. The harder part was trying to interpret my scribbling. And the really hard part would be taking these ideas from the wet ink of an unread LinkedIn post to being something that is actually used with effectivness (and dare I dream - with affection) on a day to day basis. So here is a window into my scrambled thoughts as to what I would love to see developed (noting some may already be out there and I haven't come across them!): 1 - An anomaly detection algorithm that flags unusual journal entries or transactions based on historical patterns 2 - A network analysis tool that visualises unusual relationships between employees, vendors, and transactions 3 - A solution that identifies interdependencies between risks that might create cascading failures 4 - An intelligent workpaper bot that automatically pulls supporting documentation based on audit queries 5 - An AI document classifier that automatically categorises and routes audit evidence 6 - Voice-to-workpaper technology that transcribes and organises auditor observations 7 - Predictive models for resource allocation across audit projects based on risk factors and auditor expertise 8 - A multi-dimensional algorithm that groups similar processes across departments to identify control standardisation opportunities 9 - A recommendation tracking system that predicts implementation challenges before they occur 10 - An AI coach that provides real-time guidance to junior auditors during fieldwork 11 - A recommendation prioritisation algorithm that quantifies potential business impact and implementation effort 12 - Fraud detection models that learn from past investigations 13 - A multi-lingual audit bot that enables consistent global audit approaches across language barriers 14 - Predictive models that identify potential conflicts of interest before they manifest in transactions 15 - An "organisational digital twin" that simulates the entire company's processes, allowing auditors to test control failures safely in a virtual environment 16 - AI-powered "audit glasses" that highlight control weaknesses and anomalies in real-time as auditors walk through facilities 17 - Holographic visualisation tools that create immersive, three-dimensional representations of audit findings that executives can "walk through" 18 - Self-healing control systems that automatically identify, diagnose, and fix control weaknesses without human intervention 19 - Audit drones that physically inspect facilities, count inventory, and document observations 20 - Swarm intelligence systems where hundreds (millions?) of micro-audit programs simultaneously evaluate different risk dimensions.

I regularly hear that in-house tax teams heavily rely on Excel for managing global tax compliance 🫣, using spreadsheets to track deadlines across various tax domains (indirect tax, direct tax, TP, WHT, local & environmental taxes, etc.), file returns, pay liabilities, and manage the necessary backplanning to meet due dates. They also use them to distribute work, track progress, maintain an audit trail, and implement basic controls. When asked if they’re satisfied with spreadsheet-based compliance monitoring, 99% say no! Excel is a great tool with potential in the tax domain, but it’s crucial to understand its limitations. Beyond a tipping point, spreadsheets become inefficient, costly, hinder scaling, and increase risks. Here are 10 reasons why spreadsheets in global tax compliance are suboptimal: 1. Spreadsheets don’t understand the structure and complexity of different tax domains. Sure, you can format your sheet, but maintaining and protecting it is a pain; 2. Spreadsheets can’t enforce governance and controls actively—they're passive; 3. Spreadsheets underperform in document handling, often needing a separate, unintegrated storage solution like SharePoint; 4. Spreadsheets lack robust access management, complicating collaboration with local finance and advisors; 5. Spreadsheets aren't designed for collaboration, unlike modern workflow engines, making process operationalization difficult; 6. Spreadsheets hinder scalability due to fragmented and isolated datasets, trapping data in each sheet; 7. Version control and history are burdensome, leading to confusion over the latest version or who changed what; 8. Spreadsheets are error-prone, with formatting or formulas easily broken; 9. Spreadsheets are static and dependent on the creator—inheritance of complex sheets is challenging; 10. Compliance tracking with spreadsheets offers limited oversight, transparency, and requires manual updates.

9 AI tax tools accounting firms won’t shut up about (at 1.5x) These apps are about to flood your feed in 2026: Core tax software isn’t changing (and still stinks), but the AI-powered workflow layer around it is getting scary good And gets better each time a new AI model drops. I maintain a living database of firm-tested app recs here: https://lnkd.in/gGqUu9VP A roundup of folks building exciting tech for tax pros: 1. / Magnetic / Pulls figures from gov't docs and pushes them into the tax software (extraction). This isn't new for the tax space, but newly much better thanks to AI vision models 🎉 2. / Juno / Extraction + AI review of 1040s(!) + a bit of research + an AI assistant that'll pull from the actual returns of your clients. Like a vastly better data mining utility. 3. / Filed / Beefed-up extraction with simple logic (e.g., every year they do X). Doing a bit of workpaper prep, but for now mainly an input accelerator. 4. / StanfordTax / Intake automation leader. Auto-builds a pro-forma checklist from prior-year data, auto-ticks items as docs arrive with an "AI workpaper". 5. / TaxGPT / Began as an AI research tool, recently introduced an AI 1040 reviewer. 6. / HubSync / Trying to be the home for everything. Has an AI intake & delivery module. Still early. 7. / Soraban / Another intake specialist. Newer “Connect” (extraction/input) and “Deliver” (client delivery) features are maturing. Intake remains the main draw for me. 8. / Blue J / Raised a whopping $122M for their AI research solution. For that amount of money look for them to push further into workflow & AI review. 9. / Truss / Handling intake + basic workpapers + delivery. A new entrant but I got enough unsolicited reviews to put them among my three leaders in the category. So, what's real here? What's working today? Automating intake remains the greatest source of time savings. It's why StanfordTax, Soraban and Truss are my overall category leaders. Any app relying on "integrations" with the tax software remain sketchy. It's a very hard problem to solve, and has been for decades. AI review solutions are still limited, but VERY excited to see how these develop. For the first time in decades tax tech is actually exciting 🫶 PS. My most up-to-date recommendations live in my app recs, linked above. PSS. The only way I've found to reach complete confidence in your tech stack is having a trusted group of peers who are real users. These conversations are happening daily in my private alliance of nearly 600 accounting firms https://lnkd.in/gx8m2wWE where no vendors are allowed, only real firm operators. PSSS. I run a consulting practice in my comments 🙂 If you're considering a new tech selection, drop me a note and I'll spill the tea.

If you are having trouble with clients not using your portal, you should look into Truss. I just did a demo with Zach Mansell and I think from the client's perspective the process of uploading documents is extremely easy since it uses a "magic link" without having to log into an online portal. In addition some other features that I liked were the following: 1. Uploaded tax documents such as .jpegs or .heic (iPhone live photos) get converted to PDFs 2. The software takes prior year tax data and creates a checklist of tax docs needed, for the client 3. You can markup the tax documents in the software platform OR you can also download the bookmarked PDF and upload to tax import software 4. It's secure because it's essentially a one way tax document drop-off/upload 5. It can request e-signatures and generate action items such as Federal and State tax payments with links and amounts to be paid seamlessly I'm going to dig into the software and features a bit more, but from what I've seen so far I think the compliance from clients would be significantly higher because it uses a link instead of needing to log into a portal 🤔

Key Capabilities for Access Review ⬇ When choosing an access review solution, thinking about lifecycle management features is key. These solutions can simplify the access process and help prevent issues before they even start. Conducting reviews too often leads to fatigue, resulting in less effective oversight and a tendency to approve things without proper consideration. Traditional access reviews tend to be reactive - catching problems AFTER access has already been granted rather than stopping inappropriate access from happening in the first place. A comprehensive approach that considers not only access review but also other important factors like lifecycle management, role redesign, and segregation of duties is recommended to significantly improve access strategy, strengthen security, and build a stronger defense against unauthorized access and security breaches. ➡ Segregation of Duties Conflict Detection and Prevention: To lower the risk of fraud, mistakes, and unauthorized activity, the solution should automatically detect and stop SoD conflicts across several systems and applications. Compliance and Risk Management: To ensure compliance, adjust to shifting business requirements, and proactively manage access-related risks, look for solutions that offer real-time monitoring of violations and customizable SoD policies. ➡ Cross-System Integration Unified Access Management: The solution should integrate with ERP systems and business-critical applications, providing a comprehensive picture of access across your organization. This eliminates silos and provides a holistic view of access rights, reducing the risk of overlooking potential security gaps. Interoperability: Compatibility with existing IT infrastructure and identity access management systems to simplify implementation and operation. This minimizes disruption to existing processes and reduces the learning curve for IT staff, leading to faster adoption and more effective use of the solution. ➡ Automation and Workflow Management Automated Workflows: Simplify the review process with configurable workflows to review, approve, and escalate access requests. This improves efficiency, reduces manual errors, and ensures timely access management. Integration with Ticketing Systems: To efficiently manage access requests. This maintains a smooth workflow and provides a clear audit trail of access-related activities. ➡ Audit Trail and Forensics Comprehensive Audit Logs: Maintain detailed logs of all access-related activities to support forensic investigations and audits. This demonstrates compliance, aids in investigating security incidents, and maintains accountability. Secure Audit Records: Ensure audit trails are secure and tamper-proof to maintain the integrity of access review data. This preserves the credibility of audit logs and supports legal or regulatory proceedings if necessary.

AI use case for accounting: The Tax Code is 70,000+ pages. Even the best accountants can't keep every obscure deduction top-of-mind for every industry. This reality creates a serious challenge in the accounting space, and shows what AI can bring to the playing field. AI can process thousands of tax rules at once and spot patterns across different industries that would take weeks to find manually. The truth is traditional accounting has always had this blind spot. We're solid in our specialties, but no accountant on earth can master every industry's unique tax situations. So, what does this mean for business owners? • There are deductions specific to your industry hiding in plain sight • The crazy complexity of the tax code creates opportunity, if you've got the right tools • The accounting firms winning right now are the ones combining human judgment with AI's pattern recognition I'm not saying replace your team with robots. But giving accountants the extra muscle to tackle a 70,000+ page tax code that no human could possibly memorize can be a game changer. Online entrepreneurs looking to level up should be using every available tool to keep more of what they make. Use AI right and you could have a serious edge over everyone doing things the old way.

A finance leader I met with learned about Campfire from an interview candidate. It’s a pattern I’m seeing with increasing frequency: accountants pitching Campfire in interviews to show they are forward-thinking. And it goes both ways - I’ve met with hiring managers that are looking to hire candidates that are interested in adopting modern accounting software, like Campfire. It’s because modern software doesn’t just save time. It signals a shift in mindset. To move away from transactional accounting tasks and into active business decision making.  To spend your time focused on analysis that drives business impact, instead of tedious manual tasks. Modern companies need modern accountants. And modern accountants need modern software. I can’t wait to see how the future accountants continue to up-level the role.

FortunAI is heading in the right direction with AI that understands real-world tax challenges. If you haven’t heard of it yet: FortunAI was built to help individuals, families, and business owners take control of their taxes with smarter, simpler tools. What started as Bilal Mehanna, CPA, MST’s vision to transform tax advisory is now becoming a reality. And the latest version? It’s a big step forward. 🚀 These aren’t just “new” features. They’re tools built by listening to real users, tax pros, business owners, and everyday people who are tired of doing taxes the hard way. ✅ AI that learns from your input (thumbs up/down on strategies) ✅ Create client profiles straight from tax returns ✅ Built-in tax strategy calculators: QBI, Augusta Rule, S corp conversions & more ✅ Reusable tax plan templates for efficiency ✅ Smarter, more precise AI edits inside documents ✅ Easier tracking for overpayments and state-specific PTE payments To see what’s new and what’s coming next, watch this video. If you work in tax, run a business, or want your taxes to make more sense, I’d love to hear what you'd build next. 🤔 Let’s make tax planning feel like it belongs in 2025. #AI #Taxes #SmallBusiness #TaxPlanning