Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Episode 13 – The FCA Speaks Edition

What happens when two top compliance commentators get together? They talk compliance, of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode! In this episode, Tom and Kristy take on a wide variety of topics, including a visit to Florida Man.

In the world of business, compliance and investigation protocols play a crucial role in ensuring fairness, consistency, and institutional justice. Organizations need to establish robust frameworks to handle incidents effectively and mitigate risks. In this episode of 2 Gurus Talk Compliance, a new investigation by the FCA in the UK, Rubiales resigns (finally), an interesting cyber compliance enforcement action, and Roger Ng. Kristy takes the lead in highlighting a new DOJ Opinion Release. Join them as they delve deeper into this topic on this episode of the 2 Gurus Talk Compliance podcast.

Highlights Include:

1.     Insufficient cyber plan = FCA violation.  (DOJ Press Release)

2.     Roger Ng banned for life.  (YaHooFinance)

3.     FASB adopts crypto accounting rules. (WSJ)

4.     Ken Paxton and slow creep of corruption. (Texas Tribune)

5.     Rubiales resigns. (NYT)

6.   U.K. Financial Regulator to Review Bank Treatment of Politically Exposed Persons (WSJ)

7.   FCPA Opinion Release Provides Guidance on Payment of Travel and Other Expenses for Foreign Government Officials (Volkov)

8. AI in Employment: Privacy Regulation Is Here (PLI Chronicles/Gibson Dunn)

9. Is It Time to Update Your Company’s Dress Code? What ‘Business Casual’ Means Today (Inc.)

10. Florida man banned from the ocean after trying to sail homemade hamster wheel (local news)

Resources 

Kristy Grant-Hart on LinkedIn

Spark Consulting

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
10 For 10

10 For 10: Top Compliance Stories For the Week Ending September 9, 2023

Welcome to 10 For 10, the podcast which brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes hear about the stories every compliance professional should be aware of from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

·       Insufficient cyber plan = FCA violation.  (DOJ Press Release)

·       Roger Ng banned for life.  (YaHooFinance)

·       FASB adopts crypto accounting rules. (WSJ)

·       Ken Paxton and slow creep of corruption. (Texas Tribune)

·       Spanish Women’s National team coach fired.  (ESPN)

·       Ramaswamy’s claims of FDA corruption disavowed by company he founded. (Reuters)

·       FIFA suspends head of Spanish football. (FT)

·       Using AI to improve workplace safety. (WSJ)

·       DOJ to go after Oligarch’s facilitators. (WSJ)

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day, here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

June 16, 2022 the CEO Creates Toxic Culture Edition


In today’s edition of Daily Compliance News:

  • FASB scraps goodwill project. (WSJ)
  • Musk appeals to tweeting restrictions. (Reuters)
  • When the CEO creates a hateful culture. (NYT)
  • The West facilitated state capture. (Guardian)
Categories
Blog

Day 21 of One Month to More Effective Internal Controls-Revenue Recognition, Internal Controls and Compliance

Financial Accounting Standards Board (FASB) issued Accounting Standards Update No. 2014-09, Revenue from Contracts with Customers (Topic 606) for public business entities, certain not-for-profit entities, and certain employee benefit plans. The amendments become effective for public entities for annual reporting periods beginning after December 15, 2017. In other words, we are now less than six months away from a new Revenue Recognition (“new rev rec”) standard, which may significantly impact the compliance profession, compliance programs, and compliance practitioners. I visited with Joe Howell, Executive Vice President (EVP) at Workiva Inc., and asked him if he could walk me through some key changes and how they might impact compliance. FASB recognized that its revenue recognition requirements around the U.S. generally accepted accounting principles (GAAP) differed from those in the International Financial Reporting Standards (IFRS) and that both sets of requirements needed improvement. This led to a project by FASB and the International Accounting Standards Board (IASB) to jointly clarify the principles for recognizing revenue and to develop a common converged revenue standard for GAAP and IFRS. Hence the new rev rec standard. The implementation will be a massive undertaking. According to Howell, “The accounting standard is 700 pages long, and in the US accounting literature, it replaces over 200 other pieces of accounting guidance on revenue.” The official name is “Revenue from Contracts with Customers,” and Howell noted there are a “lot of surprises, and the thing that is true for almost everybody is that they are going to be facing some level of change in the way they account and report revenue. They will most certainly have to change how they disclose their revenue-related things. Included in the revenue standards are over six pages worth of new disclosure requirements.” One of the key differences in this new rev rec standard is that it requires companies to disclose new information beyond data a company might have been required to release in the past. Howell thinks this will pressure auditors “to get comfortable with what the company provided them and which they incorporated into their decision-making process in forming an opinion. This is quite different for disclosure control because the auditor’s typically not relying on those.” This will create risks for auditors adjusting to the new rev rec standard because as they learn more about it and apply it going forward into 2018, they may have to revisit prior reporting and revise some of it. This is important to the compliance profession and the compliance practitioner because internal controls over financial reporting involved in implementing this new standard are critical to the effective use of implementation and how you implement it. The Securities and Exchange Commission (SEC) has said explicitly in several public statements and through their early comment letters on disclosures made in advance of implementation that companies must inform the SEC about the accounting policies that they are changing and how this new standard will affect a company’s accounting processes, and finally how those effects are going to be managed. Howell believes “The SEC is making it clear that this is a real compliance issue.” Moreover, the SEC has indicated that these disclosures are central to the new rev rec standard. Howell said, “typically, if a company has some sort of failure in their disclosures for an accounting standard, they’re treated under section Sarbanes-Oxley (SOX) Section 302 of the SEC rules, and that has a level of significance or liability, which is much lower than the liability that a company might face under SOX Section 404, which has to do with the actual internal controls over financial reporting.” While disclosure of internal controls might not typically bring Section 404 scrutiny, they may now do so under the new rev rec standard. Howell articulated that when performing a financial audit, an auditor would usually not rely on a disclosure control in the past. However, under the new rev rec standard, if there is a change during the year in how an auditor views a disclosure control, it could require them “to go back and either figure out if the audit work that they did is tainted and they need to go back and do that work in the form of substantive testing, or they need to go back to see if there were mitigating controls that were in place that still allowed them to rely on the internal control processes to get comfortable with what the company provided them and which they incorporated into their decision-making process in forming an opinion. This is quite different for disclosure control because the auditor’s typically not relying on those.” Of course, this is overlaid with the requirements of effective internal controls under the Foreign Corrupt Practices Act (FCPA) and the lack of materiality standards. One only need to consider the Wells Fargo fraudulent accounts scandal to see how a lack of materiality does not prevent the types of risk from moving forward to become huge public relations disasters, hundreds of millions of dollars in fines and costs estimated at over $1bn for failures of internal controls. Yet there are other tie-ins into compliance that the compliance practitioner needs to understand and prepare for going forward. The prior rev rec standard was rules-based. As a lawyer, that was an approach I was quite comfortable with both from a learning standpoint and communicating with business folks. But now, the standard is much more judgment-based, and when a standard is more judgment based, there can be more room for manipulation. Howell explained the response by compliance is “making sure that you have changes in the business processes necessary to gather the information that has not previously been required to continue to monitor; how that information is factoring into the judgments that managers must make as they report their revenue under the new standard; and that those judgments themselves are properly documented.” This final point demonstrates the convergence and overlap between the compliance profession, compliance programs, and compliance practitioners going forward. Compliance internal controls are in place to both detect and prevent. They can also be used to gather the information that will be presented to auditors under the new rev rec standard. Many professionals are focused on the new rev rec from the auditing and implementation perspective. However, suppose you are a Chief Compliance Officer (CCO). In that case, you might want to go down the hall and have a cup of coffee with your Chief Financial Officer (CFO) and find out what internal controls might be changing or that they might be adding and consider how that will impact compliance in your organization.

Three Key Takeaways

  1. An effective internal controls system provides reasonable assurance of the entity’s objectives relating to operations, reporting, and compliance.
  2. There are two over-arching requirements for effective internal controls. First, each of the five components is present and functional. Second are the five components operating together in an integrated approach.
  3. You can use the Tem Hallmarks of an Effective Compliance Program for an anti-corruption compliance program as your guide to testing against.

For more information on improving your internal controls management process, visit this month’s sponsor Workiva at workiva.com. The new FASB rev rec standard has significant implications for the compliance practitioner going forward.]]>

Categories
Daily Compliance News

January 5, 2021, the Haven is History edition


In today’s edition of Daily Compliance News:

  • French bank settles Syria sanctions case. (WSJ)
  • FASB in 2021? (WSJ)
  • Haven will be history. (NYT)
  • Global banking system to face big test in 2021? (FT)
Categories
Blog

Day 21 of One Month to More Effective Internal Controls-Revenue Recognition, Internal Controls and Compliance

Financial Accounting Standards Board (FASB) issued Accounting Standards Update No. 2014-09, Revenue from Contracts with Customers (Topic 606) for public business entities, certain not-for-profit entities, and certain employee benefit plans. The amendments become effective for public entities for annual reporting periods beginning after December 15, 2017. In other words, we are now less than six months away from a new Revenue Recognition (“new rev rec”) standard which may significantly impact the compliance profession, compliance programs and compliance practitioners going forward. I visited with Joe Howell, Executive Vice President (EVP) at Workiva Inc. and asked him if he could walk me through some of the key changes and how it might impact compliance going forward. FASB recognized that its revenue recognition requirements around U.S. generally accepted accounting principles (GAAP) differed from those in the International Financial Reporting Standards (IFRS) and that both sets of requirements needed improvement. This led to a project by FASB and the International Accounting Standards Board (IASB) to jointly clarify the principles for recognizing revenue and to develop a common converged revenue standard for GAAP and IFRS. Hence the new rev rec standard. The implementation will be a massive undertaking. According to Howell, “The accounting standard itself is 700 pages long, and in the US accounting literature it replaces over 200 other pieces of accounting guidance on revenue.” The official name is “Revenue from Contracts with Customers” and Howell noted there are “lot of surprises, and the things that is true for almost everybody is that they are going to be facing some level of change in the way they account and report revenue. They will most certainly have to change the way they disclose things related to their revenue. There are, included in the revenue standards, over six pages worth of new disclosure requirements.” One of the key differences in this new rev rec standard is that it requires companies to disclose new information beyond data a company might have been required to release in the past. Howell thinks this will put pressure on auditors “to get comfortable with what the company provided them and which they incorporated into their decision- making process in forming an opinion. For disclosure control this is something quite different, because the auditor’s typically not relying on those.” This will create risks for auditors adjusting to the new rev rec standard because as they learn more about the new standard and apply it going forward into 2018, they may have to revisit prior reporting and revise some of it. The reason this is important to the compliance profession and the compliance practitioner is internal controls over financial reporting involved in implementing this new standard are critical to the effective use of implementation and how you implement. The Securities and Exchange Commission (SEC) has said explicitly in several public statements and through their early comment letters on disclosures made in advance of implementation, that companies must inform the SEC about the accounting policies that they are changing, and how this new standard will affect a company’s accounting processes, and finally how those effects are going to be managed. Howell believes “The SEC is making it perfectly clear that this is a real compliance issue.” Moreover, the SEC has indicated that these disclosures are central to the new rev rec standard. Howell said, “typically, if a company has some sort of failure in their disclosures for an accounting standard, they’re treated under section Sarbanes-Oxley (SOX) Section 302 of the SEC rules, and that has a level of significance or liability, which is much lower than the liability that a company might face under SOX Section 404, which has to do with the actual internal controls over financial reporting.” While disclosure of internal controls might not typically bring Section 404 scrutiny, under the new rev rec standard, they may now do so. Howell articulated that usually when performing a financial audit, an auditor would not rely on a disclosure control in the past. However under the new rev rec standard, if there is a change during the year in how an auditor views a disclosure control, it could require them “to go back and either figure out if the audit work that they did is tainted and they need to go back and do that work in the form of a substantive testing, or they need to go back to see if there were mitigating controls that were in place that still allowed them to rely on the internal control processes to get comfortable with what the company provided them and which they incorporated into their decision making process in forming an opinion. For disclosure control this is something quite different, because the auditor’s typically not relying on those.” Of course, this is overlaid on the requirements of effective internal controls under the Foreign Corrupt Practices Act (FCPA) and the lack of any materiality standard. One only need to consider the Wells Fargo fraudulent accounts scandal to see how a lack of materiality does not prevent the types of risk from moving forward to become huge public relations disasters, hundreds of millions of dollars in fines and costs estimated at over $1bn for failures of internal controls. Yet there are other tie-ins into compliance which the compliance practitioner needs to understand and prepare for going forward. The prior rev rec standard was rules based. As a lawyer, that was an approach I was quite comfortable with both from a learning stand point and communicating to business folks. But now the standard is much more judgment based and when a standard is more judgment based, there can be more room for manipulation. Howell explained the response by compliance is “making sure that you have changes in the business processes necessary to gather the information that has not previously been required to continue to monitor; how that information is factoring into the judgements that managers must make as they report their revenue under the new standard; and that those judgements themselves are properly documented.” This final point demonstrates the convergence and overlap between the compliance profession, compliance programs and compliance practitioners going forward. Compliance internal controls are in place to both detect and prevent. Now they can also be used to gather the information which will be presented to auditors under the new rev rec standard. Many professional are focused on the new rev rec from the auditing and implementation perspective. However, if you are a Chief Compliance Officer (CCO), you might want to go down the hall and have a cup of coffee with your Chief Financial Officer (CFO) and find out what internal controls might be changing or that they might be adding and consider how that will impact compliance in your organization.

Three Key Takeaways

  1. An effective system of internal controls provides reasonable assurance of achievement of the entity’s objectives, relating to operations, reporting and compliance.
  2. There are two over-arching requirements for effective internal controls. First, each of the five components are present and function. Second, are the five components operating together in an integrated approach.
  3. For an anti-corruption compliance program you can use the Tem Hallmarks of an Effective Compliance Program as your guide to test against.

For more information on how to improve your internal controls management process, visit this month’s sponsor Workiva at workiva.com. The new FASB rev rec standard has significant implications for the compliance practitioner going forward.]]>