In the accounting world, the rules are ever changing. Large in scope and long awaited, the new rule for recognizing revenue continues to get clarifications in the months leading up to its effective date. The new leasing standard is finally here as well and sharing the attention. Those are just the biggies—the Financial Accounting Standards Board has been coming out with a flurry of changes in recent months, and regulators are paying attention to what you are doing with them. There’s a ton of information to follow to stay compliant.
How equipped finance teams are to keep up with all the moving parts varies quite a bit. They oftentimes find it beneficial to lean on technical accounting experts who can decipher the never-ending landscape and help with interpretations. Such experts can help them stay on track in understanding the latest accounting refinements, transition-method choices and effective dates. Diana Gilbert, senior consultant at RoseRyan and head of our Technical Accounting Group, helped many companies get up to speed during the June 2 webinar, “Demystifying the Latest Major Accounting Changes.”
This fast moving, 90-minute, all-out binge covered the latest twists and turns that have come out from FASB and regulators over the past year. Some changes have simplified things. Others will have a narrow effect. And many will force finance teams to do some soul searching as the deadlines near. Contracts and compensation plans may need to be revisited.
Diana filled in listeners (most of whom were from life sciences and technology companies) on the five topics below, along with other changes, and gave timely advice along the way.
Revenue recognition: Companies that don’t have a game plan for the new revenue recognition standard are running out of excuses. The SEC has been “aggressively” referencing the new rule in recent speeches to let companies know they will be watching what gets said in disclosures, Diana said. Boilerplate, vague language won’t cut it much longer.
“This has been out there since 2014, so they are going to question why you’re still evaluating it now,” she said. “If you’re honestly, sincerely evaluating it, then just be prepared for the questions. But if you’ve done your evaluation and pretty much do understand the impact, then think about including more detailed disclosures, particularly about decisions you’ve already made,” such as the transition method the company will be taking and the planned adoption date.
Leases: The new standard finalized in February will bring what we refer to as operating leases today onto the balance sheet. The rule applies to leases of property and equipment with terms of at least one year and centers around the lessee’s “right of use” of an item (the obligation to pay for that right is what will appear on the liability side of the balance sheet).
The new rule could change behavior, Diana predicted. “Think about it. If you’re going to have it on the balance sheet anyway, are you still going to lease it or would you buy it outright?” she said. “You might create new forms of leases that are clearly less than a year, without the option to renew, and you’ll have to deal with the issue every year. That may make sense for inconsequential arrangements. It will be interesting to see what happens going forward.”
Financial instruments: Public companies will begin following new rules on classifying and measuring financial instruments for filings submitted in 2018, and private companies will do so a year later. Equity investments that are not consolidated are generally going to be measured at fair value through earnings. In some ways, disclosure requirements have been simplified with the rule changes—companies won’t have to disclose their methods and significant assumptions for estimating fair value—and in other ways they have expanded.
Stock-based compensation: Companies have “a grocery bag of different changes” to deal with when it comes to improvements to employee share-based payment accounting, Diana warned. The most significant relates to deferred tax assets. When the changes take effect, companies will no longer record excess tax benefits and certain tax deficiencies resulting from share-based awards in additional paid-in capital (APIC). APIC pools are eliminated under the changes.
Diana said this is a “huge simplification” in terms of tracking share-based compensation, but the downside is the potential for more volatility in the income statement. This particular change is applied prospectively from the date of adoption (which begins after December 15, 2016, for public companies).
SEC comments: The SEC staff has always tended to question areas that involve judgment and subjectivity, Diana noted. In recent years, in particular, they have been scrutinizing the statement of cash flows and whether companies’ internal controls are effective. Diana recommended that companies be as clear as possible and use tables and charts to help tell their story.
“Comment letters come about because they don’t understand what’s happening,” Diana said. “Or it’s a complex area and they’re going to ask you questions whether you like it or not.”
Keeping tabs on regulators’ areas of emphasis and accounting standard-setters’ changes takes time and effort. Things are in constant motion, and companies need to stay on top of it all. That’s how they can help minimize the questions that come from regulators and any uncertainty that may arise during implementation. To save time and effort in understanding the latest accounting standards (changes through June 1, 2016), feel free to check out the 90-minute replay of “Demystifying the Latest Major Accounting Changes” here.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00RoseRyanhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgRoseRyan2016-06-21 09:00:382016-06-21 09:00:38Conquer complexity: Get briefed on the latest accounting updates
A flurry of effective dates, interpretive guidance and new rules—companies are processing a lot of information coming their way from the Financial Accounting Standards Board and the Securities and Exchange Commission. Some of the changes have been in the works for ages (we’re talking about you, revenue recognition), and now there are overlapping implementation periods and many, many questions on the part of finance teams that need to put all these rules into place. Is your head spinning yet?
Finance professionals not only need to make sense of the rules, but they also want to know what their auditors think of them and how their peers are going to approach them. For the accounting change biggies—like the new leasing standard—some companies will need to revisit their internal processes and they’ll have some tough choices to make on how they’ll proceed (Should any contracts be changed? How much do investors need to know now about the potential effect on the company’s balance sheets?). The impacts will vary by company and can vary widely. Some companies are getting surprised by how much.
We’ve noted before that FASB has been in the process of clearing to-do items off its own agenda and dumping them onto finance teams’ plates, making this the time to get a handle on it all. That’s why we have developed a 90-minute webinar for senior finance executives called “Demystifying the latest accounting rulings—what finance leaders need to know” so they can get a grip on what’s happening and how to deal with it. This online event will break down the newly effective standards and proposals from FASB plus updates from the SEC and the Public Company Accounting Oversight Board. Senior consultant Diana Gilbert, who leads our Technical Accounting Group, will guide you through it on Thursday, June 2, 10:00-11:30am PT. Read more about this webinar and register here: bit.ly/AcctgWebinar.
Get ahead of these changes. With looming, varied effective dates, you’ll need to prioritize and understand the impacts, all while keeping watch for more updates coming down the pike.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00RoseRyanhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgRoseRyan2016-05-19 09:45:212016-05-19 09:45:21An executive briefing: Demystifying the latest accounting rules and what you need to think about
One of the issues global companies have always faced is how to manage a global sales force in an environment where local accounting rules for revenue recognition vary. Countless times, sales teams have vented to me because U.S. GAAP doesn’t allow us to recognize revenue when IFRS does. My response has always been that accounting rules should inform us, but they don’t define good business. Ultimately, the sales team needs to negotiate the best deal for the company (only one consideration of which might be whether or not we can recognize revenue), and we accountants will advise them on the best way to structure the deal and, ultimately, figure out how to account for it.
The new revenue recognition rules, expected to be issued simultaneously by the FASB and IASB in Q1 2014, will create a new global environment with enhanced comparability across industries and geographies. Global companies will be operating on the same playing field, which should give them some relief. OK, sales guys—time to stop venting and focus on making good business deals.
Judgment is a double-edged sword The beauty of the proposed new rules is that they allow for judgment. However, that’s a double-edged sword, since filers have abused “judgment” in revenue recognition in the past and caused regulators (the SEC, EITF, AICPA, et al.) to respond by drawing “bright lines” in their issuance of “clarifying literature” (staff accounting bulletins, technical practice aids, EITF interpretations) to provide consistency in accounting and reporting where the FASB hadn’t drawn those lines. It will certainly be interesting to see how well regulators embrace this principles-based approach to accounting for revenue with this complete converged rewrite of international accounting standards.
Under the new revenue recognition rules, the five basic steps for accounting are:
Identifying the contract with the customer. (Yes, sales team, you still need to include all of the deal in the contract. We still don’t like verbal side arrangements.)
Identification of the separate performance obligations in the arrangement. (Similar to current multiple-element arrangement rules, these don’t need to have a price spelled out in the contract.)
Determining the transaction price.
Allocating the transaction price to the separate performance obligations in the contract. (This will require significant judgment, thus the need to thoroughly document the basis for your assumptions.)
Recognition of revenue when each separate performance obligation is delivered.
The latest clarifications from redeliberations have added back a requirement for collectibility to be probable—and note that this is the one minor nonconverged compromise point in the standard; there are minor differences in the FASB and the IASB definitions of “probable.”
For those who aren’t yet familiar with how the new rules will roll out, we are expecting the new standards to be effective for fiscal years beginning after December 15, 2016. For most calendar-year companies that means 2017, and one year later for private companies. With a retrospective presentation of prior periods, companies will be considering and evaluating the new revenue recognition rules for 2015, 2016 and 2017 transactions—which gives them 2014 (one year—next year!) to figure out how they’re going to track this. Alternatively, companies may elect to apply a modified retrospective approach by recording the cumulative effect of the change and providing supplemental disclosures for comparability of prior periods.
Whichever approach companies take, it will be a significant endeavor with complex arrangements. This change will require support from more than just the accounting team. For example:
Evaluating and refining IT systems to support the new revenue recognition process and considerations
Updating sales team tools and legal business forms
Enhancing accounting processes to document the basis for judgments made
Designing internal control procedures to address new risks under the new rules
At the end of the day, the global convergence of revenue recognition rules should provide more flexibility in how companies do business. But they don’t remove their responsibility to ensure consistency of accounting and reporting across industries.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00Diana Gilberthttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgDiana Gilbert2013-11-12 08:48:342013-11-12 08:48:34How the new revenue recognition rules should help global businesses
When the SEC swore in Mary Jo White as chair in April, it was clear there was a new sheriff in town. White is a former U.S. attorney for the Southern District of New York with decades of experience as a federal prosecutor and securities lawyer, so it really was no surprise when she said in her confirmation speech that her top priorities included strengthening the SEC’s enforcement program.
Now she’s laying down the law. In July, the SEC announced three new initiatives building on the Division of Enforcement’s ongoing efforts to concentrate resources on high-risk areas and employ cutting-edge technology. And in a September 26 speech called “Deploying the Full Enforcement Arsenal,” White focused on the consequences for companies when fraud is discovered.
Here’s the SEC’s plan of attack:
Engage data-mining bounty hunters: Focusing on accounting and disclosure fraud, the Financial Reporting and Audit Task Force will target areas it considers susceptible to fraud, including restatements and revisions, and analyze performance trends by industry. Further, they plan to detect fraud using technology-based tools such as the Accounting Quality Model, which is being designed to provide quantitative analytics that will help the SEC identify high-risk companies.
Corral virtual outlaws: The Microcap Fraud Task Force will develop and implement long-term strategies for detecting and combating abusive trading and fraudulent conduct in securities microcap companies. In its July announcement, the SEC stated that abuses in this area “frequently involve serial violators and organized syndicates that employ new media, especially websites and social media, to conduct fraudulent promotional campaigns and engage in manipulative trading strategies.” No doubt the SEC’s efforts will increase significantly once crowdfunding is permitted.
Collect ammunition and deploy: Coordinating with the Division of Enforcement and other SEC offices, the Center for Risk and Quantitative Analytics will support risk identification, risk assessment and data analysis activities. It will serve as an analytical hub that provides the SEC with information about characteristics and patterns indicative of possible fraud or illegal activities, along with guidance on strategically allocating resources in light of identified fraud risk.
With these initiatives, we expect that more companies will soon receive calls from the Division of Enforcement. And while a showdown with the SEC sounds bad, the aftermath could be worse. In her September 26 speech to the Council of Institutional Investors, White emphasized the need for strong penalties. While supporting legislation to increase limits on monetary penalties, she also plans to make the most of the Commission’s existing penalty authority, saying “we need to make sure our settlements have teeth.” Further, she stressed the relationship between financial penalties and personal accountability, stating that “Redress for wrongdoing must never be seen as a ‘cost of doing business’ made good by cutting a corporate check.”
Think that your company might be living in the Wild West but you’re not sure? Be prepared for the SEC to come at you with guns a-blazin’—or better yet, take action to keep the peace. Here are some tips to help prevent a potential showdown:
Beef up your Disclosure Committee process: Your leadership team knows a lot about the business, what’s on the horizon and where the risks are. However, discussions with the Disclosure Committee are too often about what’s in the draft 10K or 10Q filing, when sometimes the most important discussions are about what’s not in the SEC filing.
Be strategic with internal audit: Internal audit might help with SOX compliance or assist with the external audit process, but if that’s all they’re doing, it’s an opportunity lost. Internal audit can help assess areas of risk in your organization, develop and implement process reviews and, even if no fraud or other issues are detected, make recommendations for improving efficiency.
Get a grip on your D&O insurance: Director and officer insurance provides executives with some protection, but it’s not a bulletproof vest. All bets are off when you’re dealing with the Division of Enforcement. Talk with your corporate counsel and make sure you understand what’s at stake.
And if Sheriff White calls you out, just remember the words of John Wayne: “When you come slam bang up against trouble, it never looks half as bad if you face up to it.”
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00Kelley Wallhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgKelley Wall2013-10-03 07:30:352013-10-03 07:30:35There’s a new sheriff in town: will you be meeting the SEC at high noon?
What’s more shocking: HP’s $8.8 billion (yes, billion!) impairment charge recorded in its recently completed fourth quarter, or the fact that it blames the charge on the “accounting improprieties and disclosure failures” of Autonomy, a UK-based company it acquired just last year? Clearly, investors were not pleased, as evinced by the immediate drop in stock price after the announcement was made. What lingers, though, is an aching question that haunts companies contemplating an acquisition: if HP, with its significant M&A experience and multiple Big Four audit teams, failed to see through Autonomy’s misrepresentations, then what hope is there for the rest of us?
Investigations by the Securities and Exchange Commission’s Division of Enforcement and the UK’s Serious Fraud Office are under way to determine whether evidence of fraud exists. I think it’s safe to say that detecting fraud at a target company is not typically engrained in the pre-acquisition due diligence process. However, consider this: what if the “improprieties” weren’t fraud per se, but instead liberal interpretations of principles-based international financial reporting standards?
Drawing focus to areas requiring extensive judgment and assumptions should be an integral part of the due diligence process. Even where the financial statements have already been audited by a reputable firm, focusing on the gray can be exceptionally beneficial: it can highlight areas of financial risk; it can provide greater insights in vetting forecasted financial results; and it can identify areas where the target’s accounting policies differ from your own.
More often than not, the financial due diligence process is focused on quantifying the net assets of the business (aka “scrubbing the balance sheet”) and understanding the assumptions underlying the company’s financial projections. However, attention should also be given to those accounting policies for which judgment and/or material estimates are required. SEC registrants often refer to such policies as “critical accounting estimates” and include required disclosures in the Management Discussion & Analysis section of their periodic filings. Private companies are not required to provide such disclosures, and they may only touch on general accounting policies in the footnotes.
Critical accounting estimates often include areas such as rev rec, asset impairment analysis, contingent liabilities, income taxes and reserve accounting, including warranty provisions, bad debt allowance and reserves for excess and obsolete inventory. Understanding your target’s policies with regard to these areas is critical, not only to assess the judgments applied, but also because certain accounting rules (especially those that are principles based) can provide leniency in interpretation, and different companies arguably have different risk profiles.
So the moral of the story is, no deal is ever black and white. The more time you spend understanding the gray, the better your chances are for understanding and valuing what you’re buying.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00Kelley Wallhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgKelley Wall2012-11-30 10:40:422012-11-30 10:40:42Evaluating an acquisition target: pay attention to the gray areas
As inhabitants of Silicon Valley, we’re sure to have been shaken by an earthquake or two. For me, it’s always a reminder of how important it is to have a disaster plan and earthquake preparedness kit ready…for the big one! In the corporate world, there’s also a need to prepare for the inevitable—and that includes the SEC comment letter.
Technically speaking, Section 408 of the Sarbanes-Oxley Act of 2002 requires the Securities and Exchange Commission to review the filings of public registrants at least once every three years. And that review may be sooner if the company has reported a material misstatement, experienced significant volatility in its stock price or been affected by something the SEC deems relevant. Based on its review, the SEC issues a comment letter to start the dialogue with the company. It usually requests supplemental information so that SEC staff can better understand the company’s accounting and disclosures. Depending on the company, its activities and transactions, and the transparency of its disclosures, these letters can include a handful or dozens of comments.
Practically speaking, comment letters are known to hit the CFO’s fax machine just after close of market on an otherwise quiet Friday afternoon. In most cases, the SEC will ask the company to respond to its inquiry within 10 business days.
Instantly unsettled, corporate executives respond frantically (and sometimes in a panic), racking their brains about who they should call and assessing whether voicemails will be returned before the weekend. Then their minds wander to the level of risk inherent in the accounting and disclosures contained in their filings. And finally, they’re left asking, “What now?”
It doesn’t have to be this way. Creating an SEC preparedness plan can save time and money and is scientifically proven to lower stress levels.
Creating your emergency plan
It’s a given that responding to SEC inquiries requires time, resources and efficient project management capabilities.
First, create a SEC review preparedness folder on your company’s intranet—it should include copies of the following documentation:
All technical accounting memos, whether written by the company or your auditors
Correspondence with your auditors and legal counsel regarding key accounting and disclosure decisions
Any materiality assessments that were performed for evaluation of errors, disclosures and the like
Documentation regarding key transactions, including impairments, business acquisitions and restructuring activities
Restatement documentation (if applicable)
Having reviewed and assisted in the response to hundreds of SEC comments, I’m still amazed by how much time can be spent tracking down the information needed to respond.
Second, create a tactical plan that identifies who should be engaged in the response and how efforts will be coordinated. Comment responses should be both thoughtful and careful—you can’t do that if you’re in panic mode.
Consider the following steps:
Coordinate a call with key accounting members, legal counsel, outside legal advisors and your auditors.
Create a “response team,” which may include both accounting and legal personnel, capable of drafting responses.
Develop a timeline, including when information will be gathered and when responses are due, allowing enough time for review.
Determine who should be engaged in the review. Legal counsel and the auditors are a given, but what about your disclosure committee and board of directors?
Assign a project coordinator to consolidate comments and keep everyone up-to-date and on schedule.
With key information at your fingertips and a tactical plan in hand, you won’t be shaken when the big one arrives.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00Kelley Wallhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgKelley Wall2012-11-06 08:00:412012-11-06 08:00:41Your SEC letter preparedness plan: how to be ready for the “big one”
The JOBS Act (Jumpstart Our Business Startups Act) purports to foster the growth of small businesses, allowing them easier access to funding by lowering bureaucratic hurdles and thus enabling the growth of their business and their ability to hire more people.
In reality, the bill—passed overwhelmingly by the House last week and now awaiting President Obama’s signature—allows small companies to avoid scrutiny of their financial statements for the first five years because compliance is too costly. What is “small”? Companies with revenues of less than $1 billion. Yep—that’s most of Silicon Valley.
These small companies need access to funding. VC funding (with astute financial inquiries) isn’t readily available, so they go to the public market where we, the investors, have only the financial statements, press releases, website content and other information the company produces. We have to trust that it is accurate, but the JOBS Act says the internal controls and third-party independent oversight mandated by SOX legislation is “too costly.” Too costly for whom?
A well-designed SOX program is not too expensive—it’s too expensive not to have those controls. Any idea how expensive a restatement is? (Think audit fees, legal fees, the army of accountants crunching through your books, regulatory inquiries, shareholder litigation, the list goes on.) Nearly one-third of companies that have had IPOs since 2004 have had to issue financial restatements—that’s a staggeringly high number.
Why do small companies get it wrong?
For starters, finance isn’t viewed as a strategic business function—it’s viewed as overhead. That means it’s often not properly funded, so there’s not enough horsepower to make sure the books are accurate, not enough access to expertise to understand complex accounting regulations and not enough rigor in the close process. Bottom line: the financial statements are not accurate. They do not serve as a basis for understanding the financial position of the business—either for making investment decisions or making management decisions about running the business.
JOBS Act advocates say that most companies will be fine without the discipline of solid internal controls. Really? Did you see the latest from Groupon? First it stumbled with its IPO, and now it has stumbled with its first 10-K. See any patterns? In this last trip-up, the company identified a material weakness in internal controls related to the financial close process and cited three contributing factors: 1) an inadequate close process, resulting in a number of manual post-close adjustments; 2) account reconciliations not performed and/or reviewed; and 3) inadequate policies for timely, adequate review of estimates and assumptions. These are pretty basic controls that every company should perform as part of its normal close process—nothing fancy or tricky here—yet Groupon doesn’t seem embarrassed about missing these controls. (And it certainly isn’t embarrassed to be taking investor money.) While Groupon wouldn’t benefit from the JOBS Act because it has revenues of $1.6 billion, it’s a great example of what often happens with young, newly public companies and the challenges they face in providing accurate financial information to the investor community.
In the wake of the massive frauds perpetrated by Enron, WorldCom, Adelphia, and others, we got SOX. In the wake of the massive frauds perpetrated by Wall Street—which drove us into the deepest recession since the Great Depression—we got Dodd-Frank. Who are we kidding with the JOBS Act? Get ready: we’ve paved the way for a lot more fraud and financial misstatements.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00Pat Vollhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgPat Voll2012-04-04 09:29:222012-04-04 09:29:22The JOBS Act: Who are they kidding?
RoseRyan, along with Ernst & Young and Morrison & Foerster, is presenting a free breakfast seminar, “XBRL: It’s Time to Get Real,” on May 2 in Palo Alto.
We all know that XBRL implementation can be tough—especially if you’re not crystal clear on the process, don’t know what’s possible and aren’t sure where the pitfalls are. Of course you want best practices, but who can say what they are when the rules keep changing? On top of that, maybe your limited liability is expiring—and what exactly does that mean? Perhaps most of all, what does the SEC really want?
“XBRL: It’s Time to Get Real” will give you the answers from people who’ve been toiling in the XBRL trenches and have done the sweating for you. These experts will provide concise, practical advice on key accounting, legal and audit do’s and don’ts, illustrated with plenty of real-world examples. The presenters are:
Lucy Lee, XBRL practice chief, RoseRyan: Lucy is the chief architect of RoseRyan’s XBRL practice, an elected member of the XBRL US 2012 Domain Steering Committee and a voting member of the XBRL Global Ledger Working Group of XBRL International.
David M. Lynn, partner, Morrison & Foerster: David, a leading authority on SEC matters, is co-chair of his firm’s global public companies practice and former chief counsel of the division of corporation finance at the SEC.
Natalie Zimmer, senior audit manager, Ernst & Young: Natalie, a recognized XBRL expert, advises on XBRL implementation and has presented on the subject in multiple forums.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00RoseRyanhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgRoseRyan2012-04-02 05:43:252012-04-02 05:43:25Seminar gets real about XBRL
Facebook did things right in its S-1 disclosures relating to data protection and privacy as it relates to business risk. Among other things, the myriad disclosures warn investors of risks related to unfavorable media coverage of its privacy practices and concerns about privacy, sharing and security. They also note that unauthorized access to or improper use of user information could damage Facebook’s reputation and result in legal or regulatory action, which could be expensive and require Facebook to modify its business practices. (This has happened before, as the disclosures point out: last year a 20-year settlement agreement with the Federal Trade Commission required the company to establish and refine policies related to user data and privacy settings, submit to privacy audits every two years and take other measures.) The company says complex, evolving laws and regulations for privacy and data protection could harm its business.
This seems to be as it should be—at least for the SEC, which last fall issued disclosure guidance on cybersecurity risk that all public companies should be aware of (private companies should take note too). But while Facebook followed this disclosure guidance, these disclosures are aimed protecting investors; they reveal the potential effects of problems after the fact. That’s not reassuring to Facebook users.
As more and more data moves online and into the cloud, companies need to actively protect their customer data. Cyber attacks happen with increasing frequency, and only the big cases (like Zappos.com last month) are publicized. It’s critical: our finances, medical records, credit cards, employment, passwords and other aspects of our personal lives are online. Companies that don’t take data protection and cyber security seriously are gambling with risks that may be very expensive or change how they do business.
At least some relief may be in the works. The Federal Trade Commission will soon release its final staff report of recommended controls and standards for the online protection of consumers’ privacy. The report is expected to expand the scope of what may constitute consumer data and propose sweeping new standards.
It’s unlikely, however, that U.S. regulations will be as stringent as the proposed Data Protection Directive issued Jan. 25 for the European Union. Those regulations would apply to anyone processing data in the EU—including those outside Europe who offer goods or services to EU citizens. Key points include:
Significant fines for organizations that don’t follow basic knowledge/consent obligations or requirements to adopt good policies and procedures
A requirement to appoint a data protection officer who must ensure that the organization adopts good data governance policies and procedures
Regular data protection audits and privacy impact assessments
A requirement to notify data protection authorities within 24 hours of a data breach
We’ll be watching to see if the FTC grasps the severity of problem and fully addresses the need to protect consumer information.
Whether it does or not, companies should pay full attention to both their privacy and data protection measures and their disclosures around it. Building customer trust and goodwill takes a lot of corporate resources; losing that trust can have a significant adverse impact to any business. With better protections in place, transparency and disclosure will follow more easily—and those companies will be trusted more by customers and investors alike.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00Pat Vollhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgPat Voll2012-02-17 07:56:532012-02-17 07:56:53Disclosures tell only half the story of data privacy and protection
The economy must be picking up, judging by the attendance at last week’s 27th Annual Reporting and FASB forum put on by the SEC Institute. It was a packed house. The two-day seminar was not for the claustrophobic because every chair was taken and we were elbow-to-elbow at lunch.
They covered a lot of information during the two days, but as we head into 10-K season what I found most interesting were the current developments at the SEC and recent hot buttons with SEC comment letters.
The SEC continues to consider new ways to disclose executive compensation in proxies, so we need to review the latest rules when preparing them later in the year. They suggested that there is heightened SEC oversight and enforcement, particularly as it pertains to disclosure of revenue recognition, contingencies, income taxes and warrants.
Who knew? Non-GAAP disclosures
It was surprising to me that several speakers suggested that you shouldn’t be afraid to disclose non-GAAP measures in your 10-K. I had always believed that the SEC disapproved of these disclosures, but the speakers said that this wasn’t the case; in fact, the SEC often looks to earnings releases, and if the company had non-GAAP measures in its 8-K, they would expect the same type of disclosure in the 10-K.
I found the MDA discussion interesting because the speaker was good and he had a thoughtful presentation, but I also wonder how many companies will follow the suggestions. The speaker suggested starting with a blank piece of paper every three years to keep the information fresh, and not to be afraid to disclose forward-looking statements rather than just reciting the same old historical information. He suggested that you could discuss the same type of information that is in some of your risk factors and, unlike the risk factors, you can use qualifying language. (Good luck with getting everyone to sign on for more disclosure.)
How dumb can people be?
I don’t plan to ever have to worry about how to stay out of trouble, but the session on enforcement was entertaining. People never cease to amaze me: the regional director of the SEC said that recently someone under investigation for insider trading continued to deny that he knew anyone in the company—even the person with the same last name. It was his brother, and he was convicted.
There were several discussions on the U.S. convergence with IFRS, as there were when I attended the conference two years ago. The timeline is longer, with some speakers suggesting five to six more years. Everyone has finally acknowledged that it is going to be a lot harder than anyone thought. It shouldn’t be surprising; I am still waiting for the United States to adopt the metric system as I was promised when I was in the sixth grade.
Overall, it was an informative two days. Even if you closely follow new accounting literature, you will still hear a few things you can’t get from just reading recent pronouncements.
https://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svg00Henry Madridhttps://roseryan.com/wp-content/uploads/2017/09/LOGO_ROSERYAN-1.svgHenry Madrid2011-12-22 11:48:462011-12-22 11:48:46Enforcement and executive comp top list at SEC conference
RoseRyan provides finance and accounting solutions in San Francisco and throughout Silicon Valley so companies can go further, faster.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.