CPAs enter 2017 with the responsibility of addressing new accounting and reporting standards in an environment of increased data security necessity and regulatory requirements. When facing new rules or procedures, it is often helpful to learn from colleagues who are willing to share their expertise. This month’s column presents a roundup of recent articles, videos, and other useful resources on two professional firms’ excellent weblogs.
Moody, Famiglietti & Andronico
Moody, Famiglietti & Andronico (MFA) is a Massachusetts-based CPA firm (http://www.mfa-cpa.com/) with a broad range of services in audit and tax, along with other specializations such as litigation support and fraud and forensic accounting. MFA’s blog (http://www.mfa-cpa.com/Our-Thinking) offers articles written by partners and associates, along with related videos and whitepapers. Categories include typical CPA firm practice areas of audit and assurance, financial reporting, tax, and valuation.
One of the regular posts in the financial reporting section is “Significant Accounting and Reporting Matters,” published on a quarterly basis. MFA’s financial reporting blog is worth reading for this update alone. The feature covers final and proposed guidance and other activities for FASB, the PCAOB, the SEC, and the IASB, and the discussions include links to original sources and documents. The most recent article is from November 2016 and includes Accounting Standards Update (ASU) 2016-14, Presentation of Financial Statements of Notfor-Profit Entities; ASU 2016-15, Classification of Certain Cash Receipts and Cash Payments; and PCAOB inspection reports (http://bit.ly/2iQReVQ).
Two recent posts address the new standards for revenue recognition and lease accounting. “The New Revenue Recognition Standard” (October 2016) covering the converged FASB/IASB model is introduced in a short video by partner Michael Piessens (http://bit.ly/2jnKltx) and a downloadable 43-page guide (http://bit.ly/2jnLuBj). The steps in implementing the framework are mapped out with flowcharts, examples, and insights. The appendix includes a summary of significant changes.
“FASB’s New Leasing Standard” (November 2016) includes a four-minute video with Piessens (http://bit.ly/2iIUHlY) and a 35-page white paper (http://bit.ly/2j92cUp). The document provides examples with journal entries and a disclosure table. The appendices include transition guidance, a thorough discussion of tax implications, and a comparison to IFRS.
“Audit Committees: Increase Your Focus on Internal Controls” (January 2017) pulls together a round-up of several events taking place in 2016 and provides links to source documents, as well as MFA general advice on the topics (http://bit.ly/2jxpK8Y). Highlighted resources include a speech by James Doty, “PCAOB’s Role in Enhancing Public Trust and Integrity in Audits,” and a keynote address by Wesley Bricker (SEC Chief Accountant), “Working Together to Advance High Quality Information in the Capital Markets.” Several materials on non-GAAP measures are presented, such as the Center for Audit Quality’s “Questions on Non-GAAP Measures: A Tool for Audit Committees.”
“New Rules Governing Data Flow between the U.S. and EU” (September 2016) discusses the EU–U.S. Privacy Shield, which replaced the U.S.–EU Safe Harbor Framework and enables the transfer of personal data between Europe and the United States (http://bit.ly/2jxxXdj). The post provides access to a new U.S. Department of Commerce website that explains how to certify under the new framework and addresses seven privacy principles, such as notifications to data subjects regarding the processing of their personal data and taking “reasonable and appropriate” security measures in creating, maintaining, using, or disseminating personal data. The MFA authors state that complying with the privacy shield will require a detailed analysis and fulfilling many new requirements. They also point out that Brexit may create the need for a separate agreement between the United States and United Kingdom, as well as between the United Kingdom and the European Union.
Morgan Lewis is an international law firm offering services in the areas of corporate finance and investment management, as well as litigation and regulation, among other specializations. Its website (http://www.morganlewis.com) offers videos, publications, and podcasts in its practice areas. The firm sponsors several excellent blogs, all of which can be found at https://www.morganlewis.com/our-thinking/blogs.
The All Things Fin Reg blog (https://www.morganlewis.com/blogs/finreg) addresses subjects such as Dodd-Frank, regulatory capital, and SEC. “‘First-in-the-Nation’ Cybersecurity Rules in the Pipeline for NY Banks, Insurers, and Financial Services Companies” (Sep. 20, 2016), as the title implies, covers the proposed rules to protect consumer data and financial systems from cyberattacks, which rules were subsequently updated in December 2016 (http://bit.ly/2iBN0Tx). The article also connects to the firm’s lengthy “LawFlash” overview and analysis, as well as the identification of concerns such as the cost of compliance and reasonableness of the short notification requirements. Partner Tim Burke discusses management of the cybersecurity as the “new norm” in a four-minute video (http://bit.ly/2jo3Y4O).
“OCC Issues Outline for Proposed FinTech Charter—Details to Come in 2017” (Dec. 7, 2016) covers an announcement by the Office of the Comptroller of the Currency (OCC) regarding considerations for financial technology companies to become special purpose banks (http://bit.ly/2jLlvUr). The post includes a link to the related OCC paper requesting public comments on the benefits and risks, the establishment of capital and liquidity requirements, and other information that applicants should submit. An October 2016 post, “Regulatory Flood Closes Out Cybersecurity Awareness Month,” summarizes several releases by the OCC, Federal Reserve Board, and Financial Crimes Enforcement Network (FinCEN), among others, with links to the original documents (http://bit.ly/2jogzoM).
The Tech & Sourcing @ Morgan Lewis blog topics include data privacy, outsourcing, and technology. “White House Issues Report on AI, Automation, and the Economy,” published in December 2016, summarizes the Obama administration’s “Artificial Intelligence, Automation, and the Economy,” with a link to the 55-page PDF document (http://bit.ly/2joaxUU). The post describes strategies, such as improving cybersecurity and fraud detection defenses, to minimize negative disruptions of AI and mechanization. Suggestions include performing data analytics to predict cyberattacks and fraudulent transactions, although specific applications or examples are not discussed. The authors provide the encouragement that AI can be an effective tool to defend against incursions.
“Be Prepared: How to Respond to a Data Breach” (December 2016) promotes easy access to the Federal Trade Commission’s 16-page “Data Breach Response: A Guide for Business,” which summarizes the recommended actions of securing the organization’s operations, correcting vulnerabilities, and notifying the appropriate parties (http://bit.ly/2iBNXLG). The booklet includes a useful sample notification letter. The post also contains a link to a summary of Morgan Lewis’ Data Breach Checklist, covering six phases of response to a security threat.