15
ETHICS AND ACCOUNTING INFORMATION SYSTEMS

Richard B. Dull and Lydia F. Schleifer

Introduction

The most basic interest in the study of ethics is related to identifying the “right” thing to do. It is almost a universal belief that it is ethical to do right and unethical to do wrong.¹ With the ubiquitous nature of information systems, the universality of connectivity among devices, as well as the speed with which technology changes, it can sometimes be extremely difficult to determine what is the right thing to do. In addition, there is a big difference between the outlooks reflected by “it is unethical to misuse big data and harm the rights of individuals” and “it is ethical to use data to make life better for society.” So how does one, given the pervasiveness of IS, ensure that an equally pervasive approach to ethics is maintained? The primary purpose of this chapter is to provide a background regarding ethics in accounting information systems, examine several current IS topics, and identify some of the corresponding ethical implications that should be considered when dealing with those topics.

What specifically about IS requires a consideration of ethical approaches? Primarily, it is the expectation for privacy and confidentiality. Is it ethical to use data to which you should not have access? In the US, even nonprofit organizations that operate with much openness and transparency may have information that gives the organization a competitive advantage related to the public services that they provide. Most for-profit organizations have operated with assurance of the privacy and security of information to protect business operations and processes, as well as trade secrets. In an e-environment, the likelihood of data misuse (internal and external, legal and illegal) increases dramatically. This is due to the increase in data that are collected and stored online, requiring that physical controls are replaced by electronic controls, thus enabling the possibility of copying and altering data without a physical presence or visible evidence that a breach occurred. We are at a point in history when most people believe that data misuse is no longer an “if” but a “when.” Who is impacted by ethical and nonethical use of data? Biot-Paquerot and Hasnaoui (2009) point out several types of e-commerce stakeholders that participate in the sharing of information in a financial information system; in addition to those that visit and/or purchase from a website, there are “corporate suppliers, competitors, software developers, banks and monetary agencies, intermediaries, and legislative bodies” (Biot-Paquerot and Hasnaoui 2009, 62).

Even the most diligent ethical mindset cannot solve or protect against every ethical dilemma. This is because the underlying dilemma may include competing ethical interests among participants (e.g., the individual vs. groups vs. society) and competing ethical approaches (e.g., stakeholder vs. stockholder vs. social contract theories [Mingers and Walsham 2010]). There are various aspects of ethical decision making (e.g., ethics, moral outlook, professional duty [Sherratt, Rogerson, and Fairweather 2005]) that may enter into the decision process. There are also various ethics theories that may come into play as they are applied to business ethics (e.g., consequentialism, deontology, and virtue ethics and communitarianism [Mingers and Walsham 2010]). There are even fluid definitions of privacy and sensitive data that may complicate the situation (Wang and Jiang 2017).

Despite the difficulty of identifying how ethics and information systems (IS) relate, interact, or even collide, in some cases, there is a growing interest in the nature of ethics in the domain of IS. The development of IS is essentially “people driven,” arising from the need to understand processes and make decisions. Therefore, an unavoidable aspect of IS is the fact that the underlying nature of the personal morality of people will always be a salient consideration in the functioning of IS. The study of ethics is crucial because people make decisions, for good or ill, that impact other people (Taylor and Daigle 2017). However, the research related to ethics and IS does not necessarily have clear boundaries that enable a researcher to clearly identify when that research is focused on ethics and IS. For example, Stahl (2008) illustrates/discusses the plausibility of the idea that critical research in IS (CRIS) is basically all about ethics related to IS. “Critical research in information systems is based on and inspired by ethics and morality” (Stahl 2008, 137). Therefore, ethics and morality can be seen as influencing four main aspects of CRIS: critical intentions, topics, theories, and methodologies. IS researchers who are interested in further exploring Stahl’s concept of a link between CRIS and ethics can look into critical research and IS.

In the field of accounting, the research has primarily related to professional ethics, with a focus on adherence to the rules promulgated by specific professional organizations. The rules are seldom general enough to deal with changes in technology that are occurring in today’s environment. The Appendix provides links to the code of ethics of several of these professional organizations. Although ethical codes may not yet reflect it, the profession of accounting appears to be embracing the idea of remaining relevant to and staying on the front lines of the evolution of IS. It is essential that the profession’s ethics address technology changes and the issues that arise due to those changes. The scope of this chapter will reach into some broad technological areas that are likely to affect the way that the accounting profession functions.

This chapter is organized to help convey the evolutionary nature of the ongoing determination of what is ethical in particular domains and the challenge of identifying the ethical conflicts that present themselves as technology changes. The next section, “Ethics in Technology,” addresses computing and computer ethics as what could be readily recognized as the foundation or most central component of modern-day information systems. Moving from the general to the specific, from the core of computer ethics, through information technology and information systems, the section then addresses ethics in the accounting domain via accounting information systems/enterprise systems. The following section, “Current Technology Trends,” includes discussions of ethics related to big data, privacy, the Internet of Things (IoT), cloud computing, and blockchain. The chapter ends with the “Conclusion” section, summarizing and providing ideas to consider within the realm of accounting information systems.

Ethics in technology

Throughout the hierarchy of technology, from the general topic of computers, through information technology and information systems, to today’s accounting systems, there have been ethical concerns and attempts to address those concerns with research and codes of professional ethics. This section explores some of those concerns and responses.

Computer ethics – the core

There is relatively little ethics research specifically related to IS, but the research related to computer ethics and information ethics is relevant to IS (Mingers and Walsham 2010). Computer ethics is the study of ethical problems that arise related to computer technology (Iqbal and Beigh 2017). They describe the history of computer ethics, which has focused on the need for ethics codes, laws, and regulations to deal with “new and challenging ethical issues generated by the application of pervasive technology” (Iqbal and Beigh 2017, 983).

The Association for Computing Machinery (ACM) is “a global scientific and educational organization representing the computing community” (ACM 2018). It is interesting to note that the ACM Code of Ethics and Professional Conduct’s preamble asserts that “[c]omputing professionals’ actions change the world,” clearly accepting the responsibility for playing a large role in maintaining the ethics of the computing profession. A common underlying theme for the ACM ethics code is a focus on human well-being (ACM 2018). While the ACM Code of Ethics and Professional Conduct only officially applies to members of the organization, it is a solid starting point for thinking about overall ethics in information technology, information systems, and accounting information systems.

Information technology and ethics – the widening scope of ethical concern

A stream of research and writings by Luciano Floridi has developed ideas related to the ethics of information and the ethics of information technology (Floridi 1999, 2002, 2005, 2006, 2009; Floridi and Sanders 2002; Cath and Floridi 2017; Taddeo and Floridi 2016). This research has added a layer to the scope of ethical concern related to information and technology; just as we consider human ethics, bioethics, and environmental ethics – because people, animals, and nature have intrinsic rights and/or value – we should consider the ethics of information (Mingers and Walsham 2010; Floridi 2009). “We need to adopt an ethics of stewardship towards the infosphere,” which is the informational environment of an organization (Floridi 2002, 300).

Another domain within information technology is information and communication technology (ICT), with the “unique features of ICT, such as its speed of transmission, globalisation, anonymity, and ability to manipulate information” that present new situations and ethical challenges without a clear-cut ethical resolution (Sherratt et al. 2005, 299). Sherratt et al. (2005, 300) suggest that ICT professionals can learn about ethical issues by studying conflicts that arise from “unethical computer use.” Their framework for ethics and ICTs includes ethical issues related to “promises/contracts, personal rights/freedoms, harm, computer misuse, information use, and property ownership.” They support the idea that professionals involved with ICTs should make ethical decisions being mindful of their professional and personal moral duties.²

Information systems and ethics

IS has evolved into “integrated systems that reach into every aspect of individual, corporate, and social life” (Pauleen, Rooney, and Intezari 2017, 400). This evolution has necessitated an examination of whether and/or how IS can effectively, beneficially, and ethically impact society. Whether the exercise by professionals of pretty good foresight can or cannot identify every potential ethical issue that may arise from development of new technologies, the ethical dilemmas resulting from a “misuse of data” can serve to alert the IS community, in hindsight, that it needs to take seriously and protect the well-being of “individuals, organizations, and societies” (Pauleen, Rooney, and Intezari 2017, 400). Pauleen, Rooney, and Intezari (2017, 401) advance the idea of an ethical approach to IS by discussing, in the context of the Global Financial Crisis of 2007–08, how a framework for wisdom (which includes ethical skill) can be used to gain insight into how to recognize and avoid the “perils of unwise use of data, information and predictive (algorithmic) knowledge in a complex context.”

Mingers and Walsham (2010) also put forth an approach to determining what is ethical in the IS context. They note the fairly meager coverage of ethics and IS in the research literature. After discussing three main types of ethics (consequentialism, deontology, and virtue ethics and communitarianism),³ they advocate for the use of a discourse approach, which aims to determine what is ethical by actually employing a discourse whereby participants come to a consensus about what action should be taken, say, to solve an ethical dilemma. Mingers and Walsham (2010, 846) provide an example of an IS topic area, open source software, “where one could argue a prima facie case for the application of discourse ethics” because it is “considered to be a relatively bottom-up and consensus approach to the development of software.”

The accounting profession, as part of the IS community, endeavors to stay on the front line of how accountants’ involvement with their clients’ IS may impact their professional ethics, including independence. Recent efforts to update the code of conduct illustrate this desire to stay current and relevant. As of May of 2018, the AICPA was accepting comments on their proposed revision of “independence rules for information system services” in the Code of Professional Conduct; currently, the rules are “silent on what constitutes an FIS [financial information system], and therefore bans all design or development services for an FIS regardless of magnitude” (AICPA 2018a). The proposal defines FIS and provides guidance about non-attest services an AICPA member may perform with regard to FIS. In another move related to independence, the AICPA, as of October 2018, has extended the effective date for its guidance related to hosting services. “The new interpretation to the ‘Independence Rule’ in the AICPA Code of Professional Conduct explains that taking responsibility for hosting an attest client’s data or records impairs a CPA’s independence” (AICPA 2018b). However, the profession will have 10 additional months to prepare for the change, illustrating the challenge of providing professional guidance in a rapidly changing environment and of consistently applying the profession’s ethics.

Accounting information systems/enterprise systems – connecting the dots

The connection between accounting information systems (AIS) and ethics is based on the fact that people are involved in “selecting, designing, performing, maintaining, and updating” AIS as well as in overall system use and decision making (Taylor and Daigle 2017, 1). It is important to gain insights into individuals’ ethical perceptions and behaviors in order to most effectively aim for/accomplish ethical AIS impacts and outcomes. The rest of this section describes how a number of researchers have investigated how people can use AIS to affect the well-being of other people (Taylor and Daigle 2017) through theoretical (Brown, Marcum, and Stuebs 2017), survey (Burney, Radtke and Widener 2017), and experimental research (Holt, Lang and Sutton 2017; Crossler et al. 2017) that involves a focus on the human element of the ETHOs framework proposed by Guragai et al. (2017).

Guragai et al. (2017, 65) develop an ETHOs framework that examines prior research related to how “environmental, technological, human, and organizational” factors interact with the “recordkeeping, reporting, and control” functions within AIS. There are ethical implications and potential dilemmas that can arise “because people are key elements in AIS” (Guragai et al. 2017, 65). This comprehensive overview of research related to ethics and AIS also discusses areas in need of future research, with the authors noting that AIS “researchers rarely explicitly tie their research questions and motivations underlying ethical goals” (Guragai et al. 2017, 77). It also encourages researchers to more explicitly address the need to consider the human (ethical) aspects of AIS.

Brown et al. (2017) propose a theoretical framework that describes the attributes of a virtuous AIS professional. They propose that efforts to improve professional virtues will also lead to improved functioning of an AIS and increased trust in the AIS. Their Systems Trust Model is grounded in “the confidence of multiple AIS stakeholder groups that AIS professionals will voluntarily accept and fulfill their information management duties to recognize and protect the rights and interests of AIS stakeholders and the public” (Brown et al. 2017, 8).

Burney et al. (2017, 26) explored “the intersection of AIS and business ethics.” They examined the performance measurement system (PMS) as a very specific component of AIS, and the specific aspect of business ethics that relates to the “ethical nature of both the individual and the work unit” (i.e., ethical climate) (Burney et al. 2017, 27). The focus was on the enabling use of the PMS to control (that is, “motivate, direct, and influence,” [Burney et al 2017, 39]) employees. Their study found that an enabling PMS may be associated with less counterproductive work behavior (CWB) since employees likely value their freedom (and less ethical employees can have the freedom to engage in self-interested behaviors without having to engage in obviously counterproductive work behavior). However, a combination of self-focused employees, a perceived self-focused ethical work climate, and an enabling PMS could result in more CWB.

Crossler et al. (2017, 49) examined ethics in the context of “Bring Your Own Device (BYOD) policy compliance,” important to organizations in addressing risks related to employees using their own devices “to access or store company data.” Their results were consistent with the idea that if companies emphasize that compliance is ethical, then employees will be more likely to comply with company BYOD policies.

Holt, Lang, and Sutton (2017, 108) examined the “ethical implications of employee monitoring” using contractarian ethics as a framework.⁴ In the context of advances in technology leading to better capability for and wide-range use of data analytics, it is necessary to consider the possibility that there are privacy issues and other ethical concerns (like perceptions of fairness in the workplace) related to active employee monitoring methods (like video surveillance). Holt, Lang, and Sutton’s (2017) experimental results supported a conclusion that participants’ perception of the presence of active monitoring led to perceptions of less organizational ethics, even in the face of a justification for the monitoring.

Research studies such as those discussed underscore the value of exploring the perceptions and choices made by stakeholders and participants in the context of AIS, in order to have an empirical basis for steering the evolution of technology and systems in the right, that is, ethical, direction.

Current technology trends

Each new technology introduced into accounting provides opportunities and challenges. This section discusses several technologies, including big data, which introduces speed and variety into the data collection process – as well as associated privacy issues. Also included are the topics of the Internet of Things (providing data that until recently was not feasible to collect), cloud computing, and blockchain.

Big data

According to Ahmadi, Dileepan, and Wheatley (2016), big data is so called due to its being a very large amount of data (volume) that can be accumulated very quickly (velocity) from many different sources (variety). Even without a detailed definition of “big data” it is obvious that it is all made possible by computing technology. Therefore, the underlying ethics of the world of computing is absolutely relevant in the examination of ethics and big data. New horizons in IS bring new challenges. According to Appelbaum, Kogan, and Vasarhelyi (2017, 4), the newest audit challenges relate to big data and data analytics, as the “environment of Big Data … is progressively interconnecting with corporate systems.” This interconnectedness provides access to a wider range of people with a wider range of skills to use and manipulate the data.

Richins et al. (2017) discuss the debate over whether big data is a threat or an opportunity for the accounting profession; will big data analytics automate and replace many accounting and auditing jobs, or will it enable accountants to move into the opportunities for using skills they already have for dealing with large amounts of data? Big data will impact business activity measurement, which will of course impact accounting measurement and assurance (Vasarhelyi, Kogan and Tuttle 2015) and, furthermore, will necessitate the “creation and refinement of accounting standards” (Warren, Moffitt and Byrnes 2015, 397) and changes in auditing standards (Krahel and Titera 2015). The primary threat to accounting –as currently practiced – from big data and analytics is the replacement of many manual tasks and tasks that were developed to compensate for lack of time and data, particularly in the area of auditing. For example, why would one test a sample of transactions when one has the tools that are capable of testing the entire population of data with virtually the same effort; today the data and tools that enable analysis to search for anomalies are commonplace (Richins et al. 2017). Not using these new tools that potentially provide results that are better than sampling will at best be difficult to defend and, at worst, lead to a reduction of the importance of the role of accountants in the information assurance process.

The professional and research literature shows that the accounting profession is responding to changes in technology by creating resources needed to react to big data as an opportunity. For example, the Open Compliance and Ethics Group (OCEG), an international organization created in 2002, provides resources to help organizations deal with “governance, risk management, and compliance” (GRC) issues in the current environment of technology and big data (Anders 2016, 64). Also, the International Ethics Standards Board for Accountants (IESBA) and the International Federation of Accountants (IFAC) (which includes the AICPA and IMA) provide extensive ethics resources for the purpose of helping the profession deal with the “moving target” of ethics in the changing professional environment (Anders 2018, 72). The Association of Chartered Certified Accountants (ACCA) has also produced a report, “Ethics and Trust in a Digital Age” (2017), based upon a global survey of over 10,000 accountants about their attitudes regarding ethics. The survey revealed the expectation that ethical behavior will increase in importance as the digital age evolves. The report “offers insight and guidance to professional accountants and auditors on issues from cyber-security to crypto-currencies” (ACCA 2017).

The accounting profession needs to embrace and use big data and analytics to remain competitive as well to increase profit margins (Tschakert et al. 2016). Being proactive, rather than taking a reactionary approach, should put accountants in a strong long-term position when dealing with the onslaught of big data and analytics. According to Drew (2018) the accounting profession needs to incorporate a working partnership with data scientists and big data engineers who will be able “to help develop the audit and advisory products” and “be responsible for putting together the final communications” (Drew 2018, 48), and who will have the “technical and ethical competencies” to deal with big data in the context of the accounting profession. In addition, accounting educators will need to include in the curricula a coverage of “ethical issues related to IT” (AACSB 2014) in order to prepare students for a “data-driven and analytics-enabled future” (Gamage 2016, 602).⁵

Privacy

In addition to incorporating technological advances into their practices, accountants also need to consider some of the side effects of big data, specifically the potential loss of privacy. The issue of potential misuse of big data is probably the foremost concern. Part of the concern is that “the nature and extent of threat to privacy is not fully understood in the context of big data” (Ahmadi, Dileepan and Wheatley 2016, 290).

In a Business Ethics Briefing on Business Ethics and Big Data, the Institute of Business Ethics (IBE) (2016), suggested six questions that should be considered by accountants:

Do we know how the company uses big data and to what extent it is integrated into strategic planning?
Do we send a privacy notice when we collect personal data? Is it written in a clear and accessible language which allows users to give a truly informed consent?
Does my organization assess the risks linked to big data?
Does my organization have any safeguard mechanisms in place to mitigate these risks?
Do we make sure that the tools to manage these risks are effective and measure outcome?
Do we conduct appropriate due diligence when sharing or acquiring data from third parties?

While this is an example of one professional body considering ethics in one area of advanced technology, laws have not consistently kept pace with technology changes. In a study of data privacy laws in 92 countries and regions and 200 data breaches worldwide, Wang and Jiang (2017) found inconsistencies between what the laws consider to be sensitive data and what the data breaches showed to be the actual vulnerable data. Most countries include the following in a list of sensitive data: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning health or sex life, genetic data, and biometric data (the “EU standard” of sensitive data). However, it is financial data that usually leads to the financial losses and economic damage resulting from data breaches. Wang and Jiang (2017, 3299) conclude that “[t]his is the practical paradox: What needs special protection in practice is not granted special protection in legislation.”

An area that may have an impact on the success of organizations and their constituents, as well as on academic research, is the use of big data analytics to reveal information that has been anonymized, or de-identified. Because of the sheer volumes of data, it is becoming more likely that multiple datasets can be linked together, removing the privacy protection that was available in specific data sets. In the medical field, there have been studies on the de-identification and re-identification of private information⁶, but this concept has not been addressed in accounting and financial systems. As the population of data increases in volume and variety, how accountants de-identify data will become more important.

It is clear that where the laws do not necessarily force ethical conduct, it is essential that professions fill the void with their continual monitoring of where ethics guidance is needed in order to protect people who may be harmed if their data are compromised. Examples of current internal control technologies that may impact privacy concerns include geolocation tracking of inventory on trucks. By default, this control also tracks every move of the truck driver, which may be considered a violation of privacy. Using biometrics such as fingerprints or facial recognition for access to secure areas may also have ethical implications. For example, the standard by which the face is recognized must be stored on a system. If that data were misappropriated, the parameters might be used to identify when an individual is at locations other than the work environment.

The accounting profession has always focused on financial data, internal controls, and the necessity to conduct their business under their pervasive code of conduct. Currently, the profession is in a unique position to stay at the front of this technological wave and help determine where it goes and how it affects stakeholders.

The Internet of Things

“The incipient Internet of Things will only exacerbate the privacy concerns of big data.” (Ahmadi, Dileepan and Wheatley 2016, 292) Clearly, ethical issues will ensue. “[T]he IoT will allow billions of objects, such as mobile devices, and virtual environments to exchange data” (Adams 2017, 15), likely resulting in vulnerable data, inadequate data security, and potential data breaches, especially as the aggregation of data from interconnected devices leads to increased access to that data (Perera et al. 2015).

From pills, to lightbulbs, to cameras, to airplanes, any object that can be attached to and controlled over the internet becomes part of the Internet of Things (IoT) (Ranger 2018). Alarcon and Staut (2016) describe very tangible ways in which the IoT will affect the accounting profession. For example, in manufacturing, physical asset management/maintenance can be facilitated with sensor chips that allow tracking, monitoring, and data collection related to usage. Inventory flows can be monitored with sensors. The large amounts of data automatically collected by sensor devices will allow for continuous monitoring and auditing, transforming the nature of audits and assurance services (Alarcon and Staut 2016). It is plausible that the use of sensor chips and connected devices could substantially enhance internal controls, but the use of such devices may require auditor assessment of the device effectiveness.

Supply chain and logistic systems have been a natural place for IoT implementation. Products with chips can be tracked throughout the supply chain process to aid in real-time inventory management. Chips are being placed in shipping containers to monitor location and temperature of the products, providing better control over quality of products and ultimately enhancing revenues. Another application to help refine revenue models comes from the insurance industry; today one can attach a device to an automobile to monitor driving habits and adjust rates charged to drivers based upon driving habits, which can impact the cost of an insurance policy (Alarcon and Staut 2016). By improving the pricing of policies and managing risks, companies can positively impact overall revenues.

One of the most significant impacts from IoT technologies relates to the automotive industry. IoT technologies are driving the movement toward autonomous cars. Most if not all automakers are experimenting with the concept. Soon, automobiles without drivers will be available to take passengers from point A to Point B using IoT; actually, on a very limited basis, it is happening now, but it may take decades to substantially replace the cars on the road today (Higgins 2019). Ethical implications include risk management and decision making – such as what decision to make in a situation where two negative (and no positive) alternatives exist. For example, if a collision is inevitable and two options are available, what ethical parameters are built into the system that drive the system – minimize loss of life or loss of property? Decisions made under such circumstances may impact accounting through creating liabilities based on loss of property or life related to a specific decision. Additional ethical decisions that may impact revenues could include the rates charged based on where an individual is going (medical appointment) or the purpose of a trip (emergency) or based on the perception of a customer’s ability to pay. These revenue choices may also be made in light of competing demands for resources (for example, pick up a customer without the ability to pay who needs a ride to a medical appointment, versus a customer with the ability to pay who needs a ride to a medical appointment.)

In addition to new business opportunities, IoT enables businesses to automate routine tasks. Lights, coffee makers, appliances, printers, phone systems, and security systems are just a few examples of items that may use the IoT. Data may be stored in unencrypted space; devices may be used to hack into corporate networks; personal information may be accessed. As devices age, even when encryption was originally incorporated, it will likely become outdated and become a risk for an organization (Young Entrepreneur Council 2018).

Accounting risks include potential lost revenues from a variety of sources, including denial of service attacks, the cost of violation of privacy laws, and the loss of competitive advantage due to the loss of corporate secrets. Related to IoT technology is edge computing, the ability to process and analyze data on the same device that collects the data. By processing in this manner, sensitive data may not need to be transmitted, reducing privacy issues that can occur by transmitting information over the network and through the cloud (Talluri 2017), but it can increase privacy issues when IoT devices are not secure. Edge computing can produce significant cost savings to an organization through the reduction of data storage in the cloud, as well as reduced cost related to network traffic. One of the ethics issues related to edge computing relates to balancing cost savings and privacy concerns. It should be noted that the benefits of edge computing only can be realized with proper security and controls within the device.

Cloud computing

According to Drew (2012, 111) “CPAs increasingly will use mobile devices to access cloud-based applications, communications, and data. This connectivity will help CPAs work more efficiently.” But of course this connectivity will present ethical challenges.

De Bruin and Floridi (2017), in what they call the first publication about the ethics of cloud computing, discuss the idea that cloud customers have “mutual informational (epistemic) obligations to provide and seek information about relevant issues such as consumer privacy, reliability of services, data mining and data ownership. The concept of interlucency is developed as an epistemic virtue governing ethically effective communication” (21).

According to de Bruin and Floridi (2017, 26), cloud computing stakeholders include “owners, investors, employers, employees, customers, suppliers, competitors, governments and the environment.” The authors conclude that in order to determine what is best for all these stakeholders, it is necessary to determine what they value. For example, stakeholders in the cloud computing environment value freedom more than ownership, that is, would rather be able to do what they want to with information (use and share things) than actually own the information. This concept requires accountants to consider the users of technology to properly implement controls related to systems and data. In a cloud environment, users may consider themselves to be “custodians” of data (and using the data for the good of society) rather than “owners” of the data (using the data for the good of the organization). Organizations need to recognize and consider these differences when deciding on the types of information to be stored in the cloud.

Blockchain

At the current time, no discussion of information systems would be complete without a discussion of blockchain technology, which could substantially change how accounting systems operate (Drew 2017; Dai and Vasarhelyi 2017). Ethical considerations of blockchain should be separated between the platform (blockchain) and the primary application (Bitcoin) that has been implemented on the platform.

In theory, the blockchain platform positively addresses many of the ethical issues that arise in traditional accounting systems. First, due to the distributed nature of blockchain, nefarious changes to data are almost impossible. This makes the platform an appropriate choice for chain-of-custody applications, such as property records. All transfers for a specific property are linked together, in one place, and should reduce challenges of unfounded claims. Likewise, smart contracts, such as performance of various parties of a real-estate transaction, can be securely documented prior to a transfer. The security and structure of the platform should reduce fraud when blockchain is implemented properly.

The primary application, Bitcoin, demonstrates some of the ethical issues that can exist on the blockchain platform. Cryptocurrencies, including Bitcoin, use what may be seen as an environmentally unacceptable amount of world resources to maintain the application. Morgan Stanley (2018) estimated that in 2018, cryptocurrency mining could use more electricity than the country of Argentina or .6% of world power consumption. While much of these resources may be renewable, there will still be a cost of infrastructure to support the Bitcoin application.

Another ethical issue with cryptocurrency applications is the anonymity of users, which provides very high levels of privacy; that feature has been used for nefarious purposes, such as market manipulation and marketing of illegal goods. Historically, currency was used for such transactions, but with the IRS requirement for banks to report currency transactions over $10,000, currency transactions are not as appealing for illegal activities. Alternatives to cash transactions such as electronic funds transfer (EFT) and apps such as Venmo (a mobile payment service) create traceable transactions. This change in payment trends may be increasing the usage of Bitcoin for illegal activities. Illegal Bitcoin activities have been estimated to be executed by 25% of all users and reflect nearly one-half of all Bitcoin transactions (Foley, Karlsen, and Putnins 2018). Cryptocurrency users should be aware of the scope of illegal activities, and determine if operating in such an environment will meet their ethical standards. At the same time, developers of blockchain applications should be aware that the decisions made during implementation may produce unintended consequences. One of the consequences relates to the volatility of cryptocurrency values. Vigna (2019) reports that approximately 95% of Bitcoin’s trading volume is artificially created. When a cryptocurrency is valued based upon the last transaction, false trades support false market values. False market values can introduce errors into an organization’s financial statements.

Conclusion

Technology has increased the scope of ethical situations that must be considered by accountants. In the future, as these technologies continue to advance, accountants must ensure that the impact of the advancements are aligned not only with profits but also with the ethical standards of the profession. The purpose of the chapter was to discuss the roots of ethics in accounting information systems as well as consider a subset of current technologies and explore the ethical issues surrounding those technologies. While this discussion may be interesting, the authors recognize that there are not clearly delineated solutions to the issues, as one might expect. In fact, the issues are frequently cloudy, based on the perspectives of the system builder, their professional perspectives (and requirements), and the intended and unintended users/usage of the system. Unanticipated/unintended usage of a technology (such as Bitcoin/blockchain) presents the final challenge identified – the asymmetry of the intentions of system builders and the actions of system users. Even a system built using a strong base (adhering to ethical standards) may be used by an individual or individuals who do not adhere to the ethical standards on which the system was built. This brings the conversation to the individual interacting with the system. Builders of systems that store and use data that users expect to be private must not only consider the ethical requirements expected of them but must also consider and address possible actions of those who do not adhere to the same or similar ethical standards as the builder or targeted user.

When creating, adapting, installing or using an accounting information system, there is a wide range of issues to contemplate. Just as it is impossible for an accounting system to have perfect controls, it is not possible to anticipate all potential ethical issues. Although perfection is not achievable, one should ensure that the system processes are designed to adhere to current applicable professional ethic, and, whenever possible, adaptable to new technologies and the ethical considerations they bring. To do this, as a minimum one must be operationally aware of the professional ethics standard, and related laws that are applicable to the situation.

In an accounting information system setting, there are frequent changes. Those changes may relate to technologies, profitability, the legal or business environment, and a myriad of other issues. It is important to remember that in such a setting, while the accountant’s ethical model may be static, that the model must be constantly re-applied as the accounting systems environment evolves. The goal of that re-application should be to ensure that the accounting information system is used to do the “right” thing.

Appendix

CODES OF ETHICS FROM SELECTED ACCOUNTING AND TECHNOLOGY-RELATED PROFESSIONAL ORGANIZATIONS

American Institute of Certified Public Accountants (AICPA)/Code of Professional Conduct: www.aicpa.org/research/standards/codeofconduct.html.
Association for Computing Machinery (ACM): Code of Ethics and Professional Conduct: www.acm.org/code-of-ethics.
Association of Certified Fraud Examiners (ACFE)/Code of Ethics: www.acfe.com/code-of-ethics.aspx.
Association of Chartered Certified Accountants (ACCA)/Code of Ethics and Conduct: www.accaglobal.com/us/en/about-us/regulation/ethics/acca-code-of-ethics-and-conduct.html.
CPA Canada: Code of Ethics of chartered professional accountants (legislated code): http://legisquebec.gouv.qc.ca/en/ShowDoc/cr/C-48.1,%20r.%206.
Institute of Management Accountants (IMA)/Statement of Ethical Professional Practice: www.imanet.org/career-resources/ethics-center?ssopc=1.
ISACA/Code of Professional Ethics: www.isaca.org/Certification/Code-of-Professional-Ethics/Pages/default.aspx.
The Institute of Internal Auditors (IIA)/Code of Ethics: https://na.theiia.org/standards-guidance/mandatory-guidance/pages/code-of-ethics.aspx.

Notes

1While ethics have been studied and debated from philosophical and cultural perspectives for thousands of years, the authors believe there are some points of basic agreement. Rushworth Kidder (1994) studied values from around the world, and identifies seven universal “shared values” including, love, truthfulness, fairness, freedom, unity, tolerance, responsibility, and respect for life. This chapter approaches the topic from the assumption that generally shared values exist that drive ethical decisions.

2Sherratt et al. (2005, 308) espouse such professional duties as maintaining “confidentiality, impartiality, professional relationships, efficacy, a duty of care to others, competence, and avoidance of inducements and bribes” and emphasize personal moral duties such as “trust, integrity, truthfulness, justice, beneficence/nonmaleficence, self-improvement, gratitude/ reparation.”

3Consequentialism postulates that it is ethical to do that which will “maximize the overall good”; deontology postulates that it is ethical to act in accord with one’s duty to treat others as worthy individuals rather than a means to an end; virtue ethics emphasizes the desirability of becoming a virtuous person and acting in accord with those virtues (Mingers and Walsham 2010, 834).

4Contractarian ethics examines what outcome would be determined, or agreement reached, if neither party knew beforehand which side of a situation they would end up on (e.g., the surveillant or the surveilled). Under contractarian ethics, a party might give up certain rights if the agreement is perceived as fair overall (Holt, Lang, and Sutton 2017).

5According to the Association to Advance Collegiate Schools of Business’s (AACSB) Accounting Accreditation Standard A7: “The dynamic nature of IT developments related to data creation, data management and processing, data sharing, data analytics, data mining, data reporting, data security, and storage within and across organizations is critical for the development of emerging professional accountants. The underlying learning experiences for accounting graduates demands an interdisciplinary approach that draws input from professionals and academic scholars with expertise in information systems, statistics, computer science and engineering, ethical issues related to IT and big data.” (AACSB 2014, 5).

6An example of the medical research in this arena relates to sharing genomic data among researchers, and the potential for misuse of the data that is re-identified (Schleidgen et al. 2019).

References

AACSB (Association to Advance Collegiate Schools of Business). 2014. Accounting Accreditation Standard A7: Information Technology Skills and Knowledge for Accounting Graduates: An Interpretation. White Paper. Tampa, FL: AACSB.

ACCA. 2017. Ethics and Trust in a Digital Age. London: ACCA. Accessed June 14, 2020. www.accaglobal.com/content/dam/ACCA_Global/Technical/Future/pi-ethics-trust-digital-age.pdf.

ACM (Association of Computing Machinery). 2018. “ACM Code of Ethics and Professional Conduct.” Accessed June 14, 2020. www.acm.org/code-of-ethics.

Adams, Mackenzie. 2017. “Big Data and Individual Privacy in the Age of the Internet of Things.” Technology Innovation Management Review 7 (4): 12–24.

Ahmadi, Mohammad, Parthasarati Dileepan and Karen K. Wheatley. 2016. “A SWOT Analysis of Big Data.” Journal of Education for Business 91 (5): 1–6.

AICPA. 2018a. “AICPA Proposes Revising Independence Rules for Information System Services.” Journal of Accountancy 225 (5) (May). Accessed June 14, 2020. www.journalofaccountancy.com/issues/2018/may/aicpa-independence-rules-for-information-system-services.html.

AICPA. 2018b. “New Effective Date for Ethics Interpretation on Hosting Services.” Journal of Accountancy 226 (4) (October). Accessed June 14, 2020. www.journalofaccountancy.com/issues/2018/oct/ethics-interpretation-on-hosting-services.html.

Alarcon, J. L., and Marc T. Staut. 2016. “The Internet of Things: The CPA’s Role in the New World of Business.” Pennsylvania CPA Journal. Accessed January 31, 2019. www.picpa.org/articles/picpa-news/2016/11/28/the-internet-of-things-the-cpa-s-role-in-the-new-world-of-business.

Anders, Susan B. 2016. “Governance, Risk Management, and Compliance: OCEG and the Network.” CPA Journal 86 (3): 64–65.

Anders, Susan B. 2018. “Ethics Resources: IFAC and IESBA.” CPA Journal 88 (3): 72–73.

Appelbaum, Deniz, Alexander Kogan, and Miklos A. Vasarhelyi. 2017. “Big Data and Analytics in the Modern Audit Engagement: Research Needs.” Auditing: A Journal of Practice & Theory 36 (4): 1–27.

Biot-Paquerot, Guillaume, and Amir Hasnaoui. 2009. “Stakeholders Perspective and Ethics in Financial Information Systems.” Journal of Electronic Commerce in Organizations 7 (1): 59–70. doi:10.4018/jeco.2009010105.

Brown, J. Owen., James A. Marcum, and Martin T. Stuebs, Jr. 2017. “Professional Virtue Reinforcements: A Necessary Complement to Technological and Policy Reforms.” Journal of Information Systems 31 (2): 5–23. doi:10.2308/isys-51664.

Burney, Laurie L., R. R. Radtke, and S. K. Widener. 2017. “The Intersection of ‘Bad Apples,’ ‘Bad Barrels,’ and the Enabling Use of Performance Measurement Systems.” Journal of Information Systems 31 (2): 25–48.

Cath, Corinne, and Luciano Floridi. 2017. “The Design of the Internet’s Architecture by the Internet Engineering Task Force (IETF) and Human Rights.” Science & Engineering Ethics 23: 449–68. doi:10.1007/s11948-016-9793-y.

Crossler, Robert E., James H. Long, Tina M. Loraas, and Brad S. Trinkle. 2017. “The Impact of Moral Intensity and Ethical Tone Consistency on Policy Compliance.” Journal of Information Systems 31 (2): 49–64. doi:10.2308/isys-51623.

Dai, Jun, and Miklos A. Vasarhelyi. 2017. “Toward Blockchain-Based Accounting and Assurance.” Journal of Information Systems 31 (3): 5–21.

de Bruin, Boudewijn, and Luciano Floridi. 2017. “The Ethics of Cloud Computing.” Science & Engineering Ethics 23: 21–39. doi:10.1007/s11948-016-9759-0.

Drew, Jeff. 2012. “Technology and CPAs: Visions of the Future.” Journal of Accountancy. Accessed January 31, 2019. www.journalofaccountancy.com/issues/2012/jun/20114844.html.

Drew, Jeff. 2017. “Real Talk About Artificial Intelligence and Blockchain.” Journal of Accountancy. Accessed January 31, 2019. www.journalofaccountancy.com/issues/2017/jul/technology-roundtable-artificial-intelligence-blockchain.html.

Drew, Jeff. 2018. “Merging Accounting with ‘Big Data’ Science.” Journal of Accountancy. Accessed January 31, 2019. www.journalofaccountancy.com/issues/2018/jul/big-data-and-accounting.html.

Floridi, Luciano. 1999. “Information Ethics: On the Philosophical Foundation of Computer Ethics.” Ethics and Information Technology 1: 37–56.

Floridi, Luciano. 2002. “On the Intrinsic Value of Information Objects and the Infosphere,” Ethics and Information Technology 4: 287–304.

Floridi, Luciano. 2005. “The Ontological Interpretation of Informational Privacy.” Ethics and Information Technology 7: 185–200.

Floridi, Luciano. 2006. “Four Challenges for a Theory of Informational Privacy.” Ethics and Information Technology 8: 109–19.

Floridi, Luciano. 2009. “Network Ethics: Information and Business Ethics in a Networked Society.” Journal of Business Ethics 90: 649–59.

Floridi, Luciano. 2015. “The Anti-Counterfeiting Trade Agreement: The Ethical Analysis of a Failure, and Its Lessons.” Ethics and Information Technology 17 (2): 165–73.

Floridi, Luciano, and J. W. Sanders. 2002. “Mapping the Foundational Debate in Computer Ethics.” Ethics and Information Technology 4 (1): 1–9.

Foley, Sean, Jonathan R. Karlsen, and Talis J. Putnins. 2018. “Sex, Drugs, and Bitcoin: How Much Illegal Activity Is Financed Through Cryptocurrencies?” Review of Financial Studies 32 (5): 1798–853.

Gamage, Pandula. 2016. “Big Data: Are Accounting Educators Ready?” Accounting and Management Information Systems 15 (3): 588–604.

Guragai, Binod, Nicholas C. Hunt, Marc P. Neri, and Eileen Z. Taylor. 2017. “Accounting Information Systems and Ethics Research: Review, Synthesis, and the Future.” Journal of Information Systems 31 (2): 65–81. doi:10.2308/isys-51265.

Higgins, Tim. 2019. “Driverless Cars Tap the Brakes After Years of Hype.” The Wall Street Journal. Accessed June 14, 2020. www.wsj.com/articles/driverless-cars-tap-the-brakes-after-years-of-hype-11547737205?mod=article_inline.

Holt, Matthew, Bradley Lang, and Steve G. Sutton. 2017. “Potential Employees’ Ethical Perceptions of Active Monitoring: The Dark Side of Data Analytics.” Journal of Information Systems 31 (2): 107–24. doi:10.2308/isys-51580.

Institute for Business Ethics (IBE). 2016. “Business Ethics and Big Data.” In Business Ethics Briefing. London: IBE. Accessed June 14, 2020. www.ibe.org.uk/resource/business-ethics-and-big-data.html.

Iqbal, Juneed, and Bilal Maqbool Beigh. 2017. “Computer Ethics from Obscure to Ubiquitous.” International Journal of Advanced Research in Computer Science 8 (3): 983–90.

Kidder, Rushworth, M. 1994. Shared Values for a Troubled World. San Francisco, CA: Jossey-Bass.

Krahel, John Peter, and William R. Titera. 2015. “Consequences of Big Data and Formalization on Accounting and Auditing Standards.” Accounting Horizons 29 (2): 409–22.

Mingers, J., and G. Walsham. 2010. “Toward Ethical Information Systems: The Contribution of Discourse Ethics.” MIS Quarterly 34 (4): 833–54.

Morgan, Stanley. 2018. “Power Play: What Impact Will Cryptocurrencies Have on Global Utilities.” Accessed June 14, 2020. www.morganstanley.com/ideas/cryptocurrencies-global-utilities.

Pauleen, David J., David Rooney, and Ali Intezari. 2017. “Big Data, Little Wisdom: Trouble Brewing? Ethical Implications for the Information Systems Discipline.” Social Epistemology 31 (4): 400–16.

Perera, Charith, Rajiv Ranjan, Lizhe Wang, Samee U. Khan, and Albert Y. Zomaya. 2015. “Privacy of Big Data in the Internet of Things Era.” IEEE IT Professional Magazine 17 (3): 32–39. doi:10.1109/MITP.2015.34.

Ranger, Steve. 2018. “What Is the IoT? Everything You Need to Know About the Internet of Things Right Now.” ZDNet. Accessed January 21, 2019. https://www.zdnet.com/article/what-is-the-internet-of-things-everything-you-need-to-know-about-the-iot-right-now/.

Richins, Greg, Andrea Stapleton, Theophanis C. Stratopoulos, and Christopher Wong. 2017. “Big Data Analytics: Opportunity or Threat for the Accounting Profession?” Journal of Information Systems 31 (3): 63–79. doi:10.2308/isys-51805.

Schleidgen, Sebastian, Alma Husedzinovic, Dominik Ose, Christoph Schickhardt, Christof von Kalle, and Eva C. Winkler. 2019. “Between Minimal and Greater Than Minimal Risk: How Research Participants and Oncologists Assess Data-Sharing and the Risk of Re-Identification in Genomic Research.” Philosophy & Technology 32 (1): 39–55.

Sherratt, Don, Simon Rogerson, and N. Ben Fairweather. 2005. “The Challenge of Raising Ethical Awareness: A Case-Based Aiding System for Use by Computing and ICT Students.” Science & Engineering Ethics 11 (2): 299–315.

Stahl, Bernd Carsten. 2008. “The Ethical Nature of Critical Research in Information Systems.” Information Systems Journal 18 (2): 137–63.

Taddeo, Mariarosaria, and Luciano Floridi. 2016. “The Debate on the Moral Responsibilities of Online Service Providers.” Science & Engineering Ethics 22 (6): 1575–603.

Talluri, Raj. 2017. “Why Edge Computing Is Critical for the IoT.” NetworkWorld. Accessed January 21, 2019. www.networkworld.com/article/3234708/internet-of-things/why-edge-computing-is-critical-for-the-iot.html.

Taylor, Eileen Z., and Ronald J. Daigle. 2017. “Special Section of JIS on AIS and Ethics (Editorial).” Journal of Information Systems 31 (2): 1–3.

Tschakert, Norbert, Julia Kokina, Stephen Kozlowski, and Miklos Vasarhelyi. 2016. “The Next Frontier in Data Analytics.” Journal of Accountancy, August 1. Accessed June 14, 2020. www.journalofaccountancy.com/issues/2016/aug/data-analytics-skills.html.

Vasarhelyi, Miklos A., Alexander Kogan, and Brad M. Tuttle. 2015. “Big Data in Accounting: An Overview.” Accounting Horizons 29 (2): 381–96. doi:10.2308/acch-51071.

Vigna, Paul. 2019. “Markets: Most Bitcoin Trading Faked by Unregulated Exchanges, Study Finds.” Wall Street Journal, March 22. Accessed June 14, 2020. www.wsj.com/articles/most-bitcoin-trading-faked-by-unregulated-exchanges-study-finds-11553259600.

Wang, Min, and Zuosu Jiang. 2017. “The Defining Approaches and Practical Paradox of Sensitive Data: An Investigation of Data Protection Laws in 92 Countries and Regions and 200 Data Breaches in the World.” International Journal of Communication 11: 3286–305.

Warren, J. Don, Kevin C. Moffitt, and Paul Byrnes. 2015. “How Big Data Will Change Accounting.” Accounting Horizons 29 (2): 397–407.

Young Entrepreneur Council. 2018. “10 Big Security Concerns about IoT for Business (And How to Protect Yourself).” Forbes, July 31. Accessed June 14, 2020. www.forbes.com/sites/theyec/2018/07/31/10-big-security-concerns-about-iot-for-business-and-how-to-protect-yourself/#594104417416.