On Aug. 13 the Public Company Accounting Oversight Board (PCAOB) exposed proposed changes to the standard auditor’s report that have the potential to impact the relationship between auditors and their clients.
“Practitioners, issuer entities and attorneys dealing with accountants’ liability matters should all understand the implications of the proposed changes,” says Barry Jay Epstein, Ph.D., CPA, CFF, a principal at Cendrowski Corporate Advisors LLC.
Smart Business spoke with Epstein about the changes and their impact.
What are the main proposed changes to the auditor’s report?
The proposal most likely to generate controversy is that which requires identification of what the auditors determined to be ‘critical audit matters.’ This will mean that audit decisions that are currently not shared with the public, and most often are not even disclosed to the clients, will be set forth for financial statement users.
The second of the proposed requirements pertains to auditor independence, auditor tenure and an auditor’s responsibility for information that is outside the financial statements but that is included in the financial statement filings. Auditors have long been required to at least ‘read and consider’ other information included in documents containing audited financial statements. This is in an effort to be assured that information, such as the management discussion and analysis section of Form 10-K, does not contradict or conflict with what the financial statements convey about the reporting entity’s financial position or results of operations. This rule was imposed in reaction to observed situations where disparate implications could be drawn from the financial statements and footnotes, on the one hand, and narratives such as the ‘chairman’s letter,’ which sometimes would present a rosier scenario than would seemingly be warranted by the ‘hard data’ in the financial statements, on the other hand.
The last of the three proposals amplifies slightly the already-extant options for the auditors to include certain explanatory paragraphs, addressing matters that, in the auditors’ judgment, deserve to be emphasized. It also draws attention to the so-called ‘going concern’ language when there is substantial doubt that the reporting entity will be able to survive for a year beyond the balance sheet date. These changes, too, are not deemed likely to garner opposition from the profession, or to expand auditors’ exposure to litigation.
What specifically would citing critical audit matters entail?
According to the PCAOB, critical audit matters are those matters addressed during the audit that:
- Involved the most difficult, subjective or complex auditor judgments.
- Posed the most difficulty to the auditors in obtaining sufficient appropriate evidence.
- Posed the most difficulty to the auditors in forming the opinion on the financial statements.
Most firms’ internal audit guidance materials, such as manuals, programs and checklists, require that auditors plan their audits on the basis of financial statement assertions. Inherent and control risks must be considered for each of these assertions so that appropriate planned audit procedures can be selected or developed for each material assertion. Unless litigation later arises, these audit judgments are not generally shared with others, even with client personnel. Thus it is a radical departure to propose that critical audit matters be explicitly set forth in the auditors’ report or be made public in any other manner.
Will the PCAOB proposal improve the efficacy of audits?
As the SEC, the PCAOB and assorted academic researchers have documented, the predominant reasons audit failures occur among public companies are:
- Exhibiting insufficient audit skepticism.
- Failure to obtain and correctly evaluate sufficient appropriate audit evidence.
- Inadequate planning, including risk assessments.
Audit failures rarely occur because the auditors misidentified critical areas deserving of audit attention. ●
Insights Accounting is brought to you by Cendrowski Corporate Advisors LLC
The Jan. 1, 2014, implementation date of many insurance provisions and mandates under the Affordable Care Act (ACA) is rapidly approaching, leaving employers to wonder just how the ACA is going to impact them and their benefit offering.
“As employers explore their health insurance options for 2014 and receive renewal rates from their carriers, some may see an increase that is higher than what they may have expected,” says Marty Hauser, CEO of SummaCare, Inc. “This increase can be attributed to several factors mandated by the ACA. Employers should familiarize themselves with these changes so they understand the reason for premium costs and can decide what is best for their employees and business.”
Smart Business spoke to Hauser about the changes in rating and underwriting under the ACA that will impact premium costs next year.
What do insurers use to determine rates for employers and how will that change?
Currently, rating is based on a number of factors including age, gender, health status and geographic location. Preexisting medical conditions and prescription use are also used to determine rates.
In 2014, rating is limited to age, smoking status and geographic location. Guaranteed issue also goes into effect, meaning that insurers cannot deny coverage because of a preexisting condition or rate-up for high-risk groups. Simply put, insurers can rate a group based on fewer factors than in previous years.
What else is changing in rating that will impact premiums?
Age bands, which are ranges of ages that determine premium amounts, are used to determine a group’s rates, and today these are set at a 5-to-1 gender-based ratio.
Beginning in 2014, age bands can have a maximum ratio of 3-to-1, and these age bands are separated into three groupings: one single age band for children ages 0 through 20, one year age bands for adults ages 21 through 63, and one single age band for adults ages 64 and older.
It’s important for employers to understand that under the ACA these ratios are uniformly mandated and regulated across the country for each carrier in order to level the playing field when it comes to group insurance premiums.
In addition to the change in rating factors and age bands, the ACA requires certain fees and taxes from health insurance companies based on the insurer’s membership.
The first fee, called the patient centered outcomes research trust fund fee, went into effect last year at a cost of $1 per family member and increased to $2 per family member this year. The fee is collected to help fund the Patient-Centered Outcomes Research Institute, which will assist patients, clinicians, purchasers and policy-makers in making informed health decisions through research.
The second fee, called the transitional reinsurance program fee, is effective from 2014 through 2017 at a cost of $5.25 per family member per month or $63 per family member annually. This fee will be assessed against both insured and self-funded group health plans in order to stabilize premiums in the individual market for the first three years the marketplaces are in effect. These fees will be used to make payments to carriers that cover high-risk individuals in the individual market.
The third fee, called the marketplace user fee, goes into effect next year at a cost of 3.5 percent of policy costs. The marketplace user fee is meant to cover administrative costs of policies on the health insurance marketplace.
Finally, the annual health insurer industry fee begins next year at a cost of 2 to 2.5 percent, increasing to 3 to 4 percent in 2015. This fee is an excise tax to fund some of the provisions of the ACA.
In addition to the new fees, health plans are still subject to the 1.4 percent state premium tax.
How can employers offset some of the expense of their health insurance next year?
While there isn’t much employers can do about the new rating factors or fees imposed by the ACA, they can help offset their premium costs by working with their insurer or independent insurance agent to make sure they are offering the right coverage for their employees and budget. ●
Insights Health Care is brought to you by SummaCare, Inc.
Recently, President Barack Obama outlined a plan to combat rising college costs by holding colleges and universities more accountable for results. The foundation of this plan is a ratings system that would provide students and families with information to help them select a school that offers the best value. Ultimately, Congress may tie the provision of federal student aid to a college’s rankings.
What might the proposal mean for colleges and universities and the businesses that hire their graduates?
Smart Business spoke with Luis Ma. R. Calingo, Ph.D., president of Woodbury University, about the challenges of making college more affordable.
Will this proposal help colleges do a better job of turning out graduates who are prepared, for example, for a career in business?
The ultimate impact of the president’s proposal is difficult to gauge. However, the debate must begin with understanding the role of higher education.
Colleges and universities exist for one reason: to produce graduates with highly valued degrees who have the knowledge and the character to serve and lead. President Obama’s proposal enjoins colleges and universities to return to basics.
Doesn’t it make sense to focus curriculum on courses that are most essential to a student’s future career?
While that makes sense at the graduate level, there are benefits to a broader undergraduate liberal arts education, which is when students ought to be exploring their interests.
Businesspeople often say they can’t understand why any undergraduate student would pursue a history major or take a philosophy course. But the students who study history or philosophy are those who end up in law school, just as those who pursue biology may end up in medical school. These are the courses that enrich the mind so that students become better business executives by being more critical in their thinking and more socially responsible. All of those things come from a liberal arts education, which is why many professional degree programs have a strong foundation in liberal education.
On a personal note, my daughter is majoring in theology and minoring in Arabic in preparation for a career in law and foreign service. She’s a prime example of why it’s important to debunk the myth that a liberal arts education does not contribute to preparation for a business or other professional career. The dichotomy between liberal education and professional preparation is an artificial one.
What can be done to reduce the spiraling costs of a college education?
How people respond to the cost question depends on their perspective.
If you are a parent or student who relies on federal Pell and/or state grants, any move that reduces public funding for higher education is of great concern. It also depends on where you live. A state university education in Ohio costs two or three times what it costs in California.
At Woodbury, what we do and what we spend is related to producing quality graduates. As with most universities, we spend 70 to 80 percent of our budget on personnel. We consistently apply a student-to-faculty ratio to determine new faculty hires. Any inflationary increases are generally tied to the Consumer Price Index. That’s how we establish the bulk of our budget.
In fact, Woodbury is doing a business process improvement study of our student services and business processes to improve our operational efficiency. Other colleges, large or small, should do the same.
Of course, universities like Woodbury could reduce the numbers and kinds of courses offered to focus on those required for majors. That, however, would be counter to the argument that business and other professionals benefit from a grounding in liberal education. ●
For more of Calingo’s perspective on the challenges facing colleges and universities today, visit his blog, Pursuing Excellence in Higher Education, which debuts in October.
Insights Executive Education is brought to you by Woodbury University
Additional blogs and articles with Luis Ma. R. Calingo:
One of the toughest challenges facing managers is how to plan for profitable growth in an uncertain future.
Look back ten years at your customers and their needs, your employees, market structures, delivery systems, regulatory policies, social systems, the economy and technology, and it’s clear how much things have changed. It’s a safe bet that at least that much change can be expected in the next ten years, but what kind of change will occur?
Compounding the uncertainty is the necessity to keep managing current activities for efficiency and growth while planning for a future that may call for different activities altogether.
Smart Business spoke with Dr. Jaume Franquesa, visiting assistant professor of strategic management, and Dr. James Martin, associate dean and professor of marketing, both at the Boler School of Business at John Carroll University, about ways businesses can position themselves to take advantage of tomorrow’s opportunities.
How do you get started?
Success in the long run is all about marshaling the right capabilities and resources and using them to create sustainable competitive advantage for the future. Start by identifying and assessing your current capabilities. Generally, there are two categories of capabilities that allow you to do both the day-to-day activities and plan for an uncertain future.
The first category is operational capabilities, which are the things you currently do that give you a competitive advantage in your current markets. That is, the skills, competencies and resources that you use to try to satisfy your current customers’ needs better than competitors or at a lesser comparative cost, leading to higher profit.
The second category is dynamic capabilities, which are the capabilities that will help you to plan for the future. There are generally three types of dynamic capabilities.
The first is the ability to do environmental scanning and sensing. Being able to identify and track trends, and understand how they might be important to your business is a critical competency to develop.
The second dynamic capability is being able to turn the trends that you identified as important to your business into opportunities that can be pursued further. Innovative thinking is the cornerstone of this capability.
The third dynamic capability is being able to quickly re-configure your internal resource base in a way that creates a sustained competitive advantage for pursuing the opportunity. Understanding which resources are valuable, along with adaptive resilience and flexibility in your organization are key ingredients for this capability.
The stronger you are at each of the dynamic capabilities, the better your strategy and its implementation.
How can a manager foster adaptation and flexibility with regard to long term strategic direction?
As you think longer term, the uncertainties about investments in strategic direction can cause significant anxiety. This is really tough, but it is at the heart of building an organization for the future.
One useful approach to navigate this uncertainty is to apply ‘real options’ logic to investments for the future. Instead of making early choices under uncertainty and committing significant resources to a particular strategic direction, consider engaging in multiple directions that will keep several windows of opportunity open. In this way, you can delay commitment to any of them until more information is available and some of the uncertainty is resolved.
To do this, you must design the program of investment in each strategic initiative as a series of sequential experiments, with a continue/discontinue evaluation point at the end of each experiment. That is to say, at the end of the period you have the option of continuing to invest as planned, narrowing the scope of the project, or abandoning the project.
The goal is to create and manage a portfolio of alternative strategic options. You do this by investing in multiple stage-gated projects designed to seed the development of new capabilities or to explore potential new markets. The keys to the management of this portfolio of strategic options are:
- Project selection.
- Design of investment stages in a way that maximizes learning while minimizing the cost of each strategic option.
- Portfolio diversification.
The dynamic capabilities that you develop give you the foundation for creating this portfolio of
strategic options. ●
Dr. Jaume Franquesa is a visiting assistant professor of strategic management at the Boler School of Business at John Carroll University. Reach him at firstname.lastname@example.org.
Insights Executive Education is brought to you by John Carroll University
The government has increased tax rates and implemented other changes for 2013. However, companies may be able to employ tax-saving options — deductions, depreciation provisions or deferrals — prior to Dec. 31.
If companies review before year-end, they are better able to maximize potential savings, and it may even spur thoughts for future tax planning, says Sean Muller, partner-in-charge, Houston Tax and Strategic Business Services at Weaver.
Smart Business spoke with Muller about the opportunities to save on your 2013 taxes.
How can businesses utilize enhanced Section 179 deduction limits in 2013?
Enhanced Section 179 deduction limits were enacted for 2013, which allow companies to immediately deduct up to $500,000 of equipment purchases made, rather than depreciating over a number of years.
The deduction applies to 2013 equipment purchases of up to $2 million. The deduction is slowly phased out for taxpayers with $2.5 million or more in purchases. Section 179 deductions can be applied toward tangible property purchases, but real property doesn’t qualify.
In 2014, the Section 179 limitation will decrease to $25,000. Companies that plan to make large capital expenditures in 2014 may wish to purchase in 2013 instead. The deduction can be used to reduce tax liability to zero, but it cannot put you in a net loss position.
How does bonus depreciation differ?
Taxpayers in some states may be able to utilize a 50 percent bonus depreciation rate for qualified property placed in service during 2013. Unlike the Section 179 deduction, bonus depreciation is not limited to net income and does not limit the deduction amount.
Bonus depreciation applies to new, original use U.S.-based property with a recovery period of 20 years or less.
The 50 percent bonus depreciation and Section 179 deduction can be used together.
What savings are available through like-kind exchanges?
Another tax-saving opportunity to consider is like-kind exchanges. IRS Code Section 1031 enables a taxpayer to defer capital gains tax if the property sale proceeds are reinvested in similar property within a relatively short time. The exchange may be a simultaneous swap of properties or a deferred exchange. With a deferred exchange, one property is disposed of and the proceeds are then used to buy one or more like-kind properties.
Section 1031 exchanges exclude inventory, stocks, bonds and partnership interests.
Who can take domestic production activity deductions (Section 199)?
In 2013, businesses with qualified domestic production activities may be able to receive a 9 percent tax deduction. Qualifying activities include the manufacture, production, growth or extraction of qualifying production property within the U.S., as well as real property construction, oil and gas drilling, and engineering and architectural services related to real property construction.
Generally, a taxpayer is allowed a deduction equal to the lesser of:
- Qualified production activity income (QPAI), which is a modified calculation of income related to qualifying production activities.
- Taxable income.
- 50 percent of the form W-2 wages deducted in arriving at QPAI.
The level of complexity in calculating the appropriate deduction depends on the nature and structure of the business.
What are other year-end tax strategies?
Companies also should consider potential residual tax-saving activities, such as:
- Deferring income to 2014 if cash flow and current income permit.
- Making additional charitable donations.
- Writing off and disposing of damaged or obsolete inventory to reduce carrying costs and garner tax deductions.
- Writing off bad debt that cannot be collected. Companies should keep supporting material like phone logs, correspondence, collection agency contracts, etc., to prove a reasonable effort was made to collect.
Invest the time now to plan for your 2013 taxes and reap the benefits later. ●
Insights Accounting is brought to you by Weaver
If your employees have a company retirement plan, then you have a fiduciary responsibility to them. The days of ignoring this responsibility are over. Some of the settlements linked to charges of negligence or mismanagement can be painful for businesses big and small.
In 2010, a California Fortune 500 engineering firm settled $18.5 million with two employees after a class action case claimed it was making an insufficient effort to reduce 401(k) account fees.
The Department of Labor (DOL) recovered more than $117,000 in unremitted employer contributions and associated lost opportunity costs for two Wisconsin employee benefit plans with 25 active participants. The owner had to pay nearly $23,000 of that court judgment.
“With the increased responsibilities facing 401(k) plan fiduciaries, it is crucial that a sound administrative process is in place,” says Phil Ruggeri, an investment executive at Cetera Investment Services, located at First State Bank.
Smart Business spoke with Ruggeri, who used material from MarketingLibrary.Net Inc., about recent changes to the fiduciary responsibilities.
What are some key issues with 401(k) fiduciary responsibility?
Fiduciaries are issuing a detailed breakdown of account fees and expenses to plan participants because of new DOL regulations. In addition, plan sponsors must give out investment instructions that follow strict DOL guidelines.
Every employer-sponsored retirement plan must name a fiduciary, but function also determines fiduciaries. Although someone may not be named as a fiduciary, if he or she participates in the management or administration of the plan or hires a service provider, the DOL considers those fiduciary functions.
In addition, the plan sponsor should document all investment processes, so it has proof that the plan is operating according to stated procedure. You need to follow a written summary plan description and investment policy statement. The investment policy statement defines the plan’s investment program and establishes formal standards for monitoring, benchmarking and assessing performance results of various investment options over time. It’s critical to have input from your registered investment adviser with this.
How should plan sponsors educate their participants?
To keep your retirement plan from being undervalued and underutilized, your company needs to have an effective employee education program. Employees must understand the investment options the plan presents, as well as the fees and risk associated with each one. Don’t give it the short shrift for legal reasons alone.
You should regularly call in an investment professional to help explain the choices and the potential role the plan plays in an employee’s overall retirement savings effort.
What else is necessary to comply with your fiduciary obligations?
Most administrators of workplace retirement plans — those with 100 or more plan participants — are required by the IRS to annually file a Form 5500. This disclosure is then made available to the DOL and the Pension Benefit Guaranty Corporation.
You should carefully oversee your plan providers, as you don’t want the wrong kinds of investments creeping into the plan. Watch for changes in how the plan provider is compensated, changes in the fees that affect plan participants and anything else that seems unusual.
This is just the beginning of fiduciary responsibility. With so much to watch over in the typical employer-sponsored retirement plan, you certainly can miss details, which may lead to big headaches for your business.
Don’t open the door to liability. Do the right thing, the smart thing: Turn to an experienced, professional adviser who can help play a fiduciary role and ensure you adequately fulfill your obligations.
Phil Ruggeri is an investment executive at Cetera Investment Services, located at First State Bank. Reach him at (586) 445-4769 or email@example.com.
Securities and insurance products are offered by licensed agents of Cetera Investment Services located at First State Bank. Consult your legal or tax counsel for advice and information concerning your particular circumstances. Neither Cetera Investment Services nor any of its representatives can provide legal or tax advice. Securities products are not a deposit, not FDIC insured, not insured by any federal government agency, not bank guaranteed and may lose value.
Insights Banking & Finance is brought to you by First State Bank
With the health insurance marketplace opening next month, the market is expected to be flooded with consumers trying to find a plan that works best for them and their budgets.
“The fact is people who have not previously had access to health insurance may be in shopping mode come Oct. 1 when the health insurance marketplace opens,” says Marty Hauser, CEO of SummaCare, Inc. “Our job as health insurers is to ensure employers and other consumers have access to the most accurate information available to them when it comes to choosing a carrier and a plan both on and off the marketplace.”
Smart Business spoke with Hauser about ways employers can assist employees shopping and applying for 2014 health insurance coverage on and off the marketplace.
What should employers that currently offer health insurance to their employees do when the marketplace opens?
Regardless of the company size, employers should communicate to employees if they will be offering employer-sponsored coverage next year and what type will be offered. Having this information will likely impact their employees’ decision on whether or not to shop for an individual plan on or off the marketplace.
Are companies required to offer insurance to their employees in 2014?
While there are tax incentives for small group employers — those with two to 24 employees — to offer their employees health insurance benefits next year, it’s not required under the Affordable Care Act (ACA).
Large group employers — those with 51 or more employees — however, are required to offer health insurance next year, but the penalty for not offering coverage has been delayed until 2015.
What can employers do if they are not offering insurance to employees next year?
If an employer chooses not to offer employer-sponsored coverage next year, they may want to consider a defined contribution health plan approach in which the employer decides how much to contribute to an employee’s health care expenses and the employees purchase health insurance on their own. Coverage can be purchased through the health insurance marketplace, direct from a health insurance company or through an individual insurance agent. Individuals can begin shopping Oct. 1 for plans effective Jan. 1, 2014.
How can employers not offering insurance help their employees get assistance in purchasing a health insurance policy?
Employers’ options include gathering and sharing information from their current insurer to share with employees, putting their employees in contact with a health insurance broker or making them aware of help offered by certified application counselors (CAC) and navigators.
It’s also important to remember that employers are required to notify their employees of the availability of the health insurance marketplace by Oct. 1.
What are CACs and Navigators?
CACs and navigators can assist individuals interested in enrolling through the marketplace, as both are trained to help with the application and enrollment process. Navigators receive grants for helping individuals and small employers shop and enroll in a health insurance plan, and they will conduct public education about the availability of qualified health plans, among other responsibilities. Navigators are held to detailed conflict of interest standards and eligibility requirements.
CACs are unpaid volunteers who typically work through organizations such as community health centers, social service organizations and hospitals. CACs are not subject to the same standards as navigators, but can still assist individuals.
Where can employers go to learn more?
Health insurers and/or insurance brokers can help guide employers in learning more about their insurance options for 2014 and beyond. In addition, information about the health insurance marketplace and other provisions and mandates under the ACA may be available through your insurer’s website. For additional information, visit www.healthcare.gov.
Marty Hauser is CEO of SummaCare, Inc. Reach him at firstname.lastname@example.org.
Insights Health Care is brought to you by SummaCare, Inc.
Is the confidential information on your network safe? That’s a question every organization should ask itself because network security breaches are common and becoming even more prevalent.
Kristen Werries Collier, a partner with Novack and Macey LLP, says organizations must acknowledge this risk and vigilantly monitor and evaluate their cybersecurity safeguards and protocols to minimize it.
Smart Business spoke with Collier about network security breaches and the steps companies can take to mitigate or eliminate them.
How common are enterprise security breaches?
Most large and midsize companies have confronted a cyberattack at some point. Network security attacks are a reality you must confront head on. The threats to your network posed by unauthorized access — and the damage caused by a successful attack — will only continue to rise.
Can you prevent a security breach of your network?
While you may not be able to prevent a breach with absolute certainty, you can certainly deter one by proactively assessing and addressing your network’s vulnerabilities. If you don’t have the in-house expertise to do that, consult a security adviser. You want to invest your money in safeguards that deter — if not prevent — the attacks you are likely to face, and a security adviser can identify those for you.
Keep in mind that no system is ironclad because hackers adapt as security measures evolve. Accordingly, you must routinely monitor your layered security measures to make sure you are keeping up with determined hackers. Avoid being the easy target.
What should you do if, despite your precautions, a breach happens?
Undertake these best practices:
- Act fast. Perform a post-attack forensic analysis to determine the ‘who, what, when, where and how’ of the breach. You’ll need to preserve this information to evaluate the damage, mitigate the fallout, structure appropriate remedial measures and build a case against the hacker.
- Promptly notify anyone whose sensitive information may have been compromised.
- Update your intrusion detection and prevention systems and other safeguards to deter future breaches.
- Assess what your legal obligations are in the wake of the infiltration.
What is the potential fallout if your network is breached?
Breaches expose your organization to legal claims and undermine its competitive advantage. As for the legal claims, the law mandates the protection of certain types of information like consumers’ personal and nonpublic financial information, Social Security numbers and medical records. Your organization could potentially face claims predicated on an array of legal theories, including negligence; breach of contract; the Fair Credit Reporting Act, which subjects certain organizations to liability if they fail to safeguard consumer credit information in their possession; and Section 5 of the Federal Trade Commission Act, which prohibits unfair and deceptive practices affecting commerce.
While you may defeat such legal claims on a motion to dismiss or ultimately at trial, it will cost you money to do so. From a business perspective, a security breach may have financial and competitive repercussions by publicly exposing your organization’s highly confidential or propriety information, and by eroding consumer confidence in doing business with you.
What, if anything, is the government doing to crack down on hackers?
The government is cracking down by charging hackers with crimes carrying potential years of imprisonment and hefty monetary fines. However, the deterrence effect of this crackdown is somewhat limited given that numerous hackers operate outside of the U. S., making prosecution difficult, if not impossible. This is yet another reason to deter, if not prevent, a breach of your organization’s network in the first place and quickly mitigate the fallout if one occurs despite your best practices.
Kristen Werries Collier is a partner at Novack and Macey LLP. Reach her at (312) 419-6900 or email@example.com.
Insights Legal Affairs is brought to you by Novack and Macey LLP
With increased regulatory demands and constant threats of fraud and misconduct, businesses have to watch their backs, especially when it comes to finances. In many cases, having a traditional accountant is not enough. Instead, you may need someone who has not only accounting skills, but investigative and analytical skills as well. In other words, you need a forensic accountant.
“Forensic accounting enables business owners to get control over possible financial fraud and mismanagement and, more importantly, to deter it before it occurs,” says James P. Martin, CMA, CIA, CFE, managing director at Cendrowski Corporate Advisors LLC.
He says forensic accountants can help companies design effective antifraud controls and mitigate the risks of future lawsuits. They also might be used to quantify economic damages in instances where value and/or profits might be lost, or in cases of business valuations to uncover reported income or expenses.
Smart Business spoke with Martin to learn more about forensic accounting.
How does a forensic accounting engagement differ from an audit?
First and foremost, forensic accounting engagements are nonrecurring and are only conducted at the request of a firm’s management. Audits, conversely, are recurring activities. Forensic accounting engagements are targeted assessments of specific areas of a business; they are not general assessments of the business as a whole or its financial statements.
The methodology employed in an audit is also quite different from that used in forensic accounting engagements. Audits are conducted primarily by examining financial data, whereas forensic accounting analyses are conducted by examining a wide variety of documents and interviews.
Lastly, the goals of forensic accounting engagements are yet again very different from audits. The goal of the latter is to detect the presence of material misstatements, irrespective of their cause. Audit activities are in no way designed to help an organization deter fraud, though they may detect such activity.
Because many frauds begin on a small scale, they may go undetected by auditors if the size of the fraud is below the auditor’s threshold for materiality. Moreover, even if the magnitude of a fraud is greater than the auditor’s threshold for materiality, a fraud may remain undetected by the auditor if it is well concealed. Forensic accounting engagements can be specifically tailored to deter fraud and potentially prevent it.
Can forensic accounting techniques be applied proactively?
Forensic accounting techniques can be used on a proactive basis in many instances, including the deterrence of fraud. More specifically, forensic accountants can proactively analyze an organization’s internal control process to determine areas of weakness and help the organization swiftly remediate these issues.
How can organizations use forensic accountants to help deter fraud?
Fraud deterrence focuses on removing one or more of the three causal factors of fraud: motive, opportunity and rationalization. Only when each of these factors is present can a fraud occur.
Motive and rationalization are generally dependent on personal situations over which the organization may have little control. This is why the opportunity for fraud is often the prime target of fraud deterrence engagements, as this factor can be controlled by an organization.
How can forensic accounting techniques be used in cases of business valuations?
Valuation professionals who are trained in forensic accounting may have significant experience in data mining and analysis, affording them the ability to supplement typical valuation techniques with information uncovered as a result of forensic accounting activities.
This additional information could result in a markedly different valuation from that which might have been calculated without the use of forensic accounting techniques, as valuations are extremely sensitive to underlying assumptions.
Insights Accounting is brought to you by Cendrowski Corporate Advisors LLC
A subtle, but very significant, change is underway in the world of Sarbanes-Oxley compliance, specifically audits of Internal Control over Financial Reporting (ICFR). As a result of this change, many public companies will face additional compliance burdens and new exposures, even if they believe they have a well-established and stable system of internal control.
“Some public businesses may be completely unaware that even though they’ve had effective ICFR for years, this year may be a different animal,” says Eric Miles, a partner in Business Risk Services at Moss Adams LLP. “We’re seeing that controls or approaches that were fine in the past are now getting much more scrutiny from external auditors.”
If you have not yet had discussions with your external auditors about your 2013 ICFR compliance efforts, you may have a little time to get out in front these changes, he says. Many companies are already experiencing these changes in expectations and have found compliance to be very frustrating.
Smart Business spoke with Miles about why there’s activity change in ICFR compliance expectations and what you can do about it.
Why is there increased focus on ICFR compliance?
Over the last two years, the Public Company Accounting Oversight Board (PCAOB) has drastically increased its inspection focus on audits of internal control over financial reporting (ICFR) and as a result, virtually every major accounting firm has received reports indicating deficiencies in their audits of ICFR. The PCAOB was concerned about the pervasiveness of the findings, so much so that it published a special supplementary report in December 2012 detailing the most pervasive deficiencies identified in firms’ auditing of internal control over financial reporting during the 2010 inspections, and also including information on the potential root causes of the deficiencies.
The SOX ICFR compliance pendulum has swung back and forth over the years. When the SOX ICFR assessment requirement was first implemented, it yielded very rigorous and costly audits. In response to the litany of criticism, the PCAOB issued a new audit standard in 2007 (Audit Standard No. 5) to clarify expectations and ultimately to focus SOX ICFR efforts on areas of the most importance. What we are currently seeing is the PCAOB’s reaction to the mis-implementation of that standard. It appears that from the PCAOB’s perspective, the pendulum swung too far. As a result the PCAOB is trying to put more rigor into audits of internal control over financial reporting.
What is the biggest internal control problem?
Although the PCAOB noted several pervasive deficiencies, the issue currently causing the most consternation with companies is the design and testing of ‘Management Review Controls.’ These are controls, such as account reconciliations, budget to actual, etc., that theoretically allow several key risks to be mitigated with a single control. The PCAOB noted that the auditors’ evaluation of the design and operation of these controls has typically been cursory at best, such as an examination of a document for signature and date. As a result, many firms are now asking companies to be very detailed in the explanation of these controls, explaining aspects such as what triggers management’s attention, what management does when an item for investigation is identified, and how resolution of review items is documented. Further, firms are expecting management to maintain much more evidence of operation than in the past.
If your company has management review control problems, what can result?
There’s a real risk that organizations that heavily rely on management review controls are going to be surprised, even if their auditor has said for years the controls are fine.
With the new scrutiny, some external auditors may conclude there’s a material weakness. Ultimately that impacts the value of the organization. In any case, it takes a lot of time and effort to update documentation to get back in sync with your external auditor.
What should organizations be doing now?
The first step should be to have a proactive conversation with your auditor to understand whether their expectations have changed or are expected to change. There is a real risk that companies will substantially complete their own internal control assessment activities before fully understanding the scope of needed changes with their external auditors. As a result, companies may need to go back and update their already completed testing to comply with the auditor’s new approach. That’s far from ideal.
Once you have a better understanding of the external auditor’s needs, you need to understand what controls are considered to be ‘review controls.’ By taking an inventory of your controls, you may find that you have just a handful of management review controls, however, organizations that really embraced Audit Standard No. 5 will likely have more concerns.
For the identified controls, make sure your control descriptions include specific investigation criteria such as dollar or percent variance or other qualitative considerations, with clear precision thresholds. There needs to be evidence of control performance that can be tested through re-performance, not just through a review of signatures. If you can update your documentation in advance of external auditors coming in, it will save you trouble later.
Overall, be prepared for increased auditor activity, particularly with respect to walkthroughs and management review controls.
Eric Miles is a Partner in Business Risk Services at Moss Adams LLP. Reach him at (650) 808-0699 or firstname.lastname@example.org.
Insights Accounting & Consulting is brought to you by Moss Adams