2015 Chattanooga Accounting Seminar Tuesday, May 12, 2015 Chattanooga Convention Center, Chattanooga, TN _________________________________________________________________ 7:30 am - 8:15 am Registraon & Connental Breakfast 8:15 am - 8:30 am Opening Remarks Larry Stone, Talent Development Director, Ellio Davis Decosimo 8:30 am – 10:00 am GAAP Update Russ Madray, Scholar in Residence, Ellio Davis Decosimo 10:00 am - 10:10 am Break 10:10 am - 12:00 pm GAAP Update (Connued) Russ Madray, Scholar in Residence, Ellio Davis Decosimo 12:00 pm - 1:00 pm Lunch 1:00 pm - 1:50 pm Cybersecurity & Data Security Richard Cook, Director, Ellio Davis Decosimo Bonnie Bastow, Manager, Ellio Davis Decosimo 1:50 am – 2:00 am Break 2:00 pm - 2:50 pm Internal Controls – Myths and Best Pracces Pam Mantone, Director, Ellio Davis Decosimo 2:50 am - 3:00 am Break 3:00 pm – 3:50 pm Rerement Plan Compliance and Controls Cindy Lusk, Manager, Ellio Davis Decosimo 10:00 am - 10:10 am Break 4:00 pm - 4:50 pm Accounng “Oopsies” – Accounng Topics that Can Trip You Up and Cause You to Go “Oops!” Jennifer Goodman, Shareholder, Ellio Davis Decosimo 4:50 pm Course Evaluaon and Wrap Up
265
Embed
2015 Chattanooga Accounting Seminar - Elliott Davis · 2019. 3. 19. · 2015 Chattanooga Accounting Seminar Tuesday, May 12, 2015 Chattanooga Convention Center, Chattanooga, TN _____
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
2015 Chattanooga Accounting Seminar Tuesday, May 12, 2015
Chattanooga Convention Center, Chattanooga, TN _________________________________________________________________
7:30 am - 8:15 am Registration & Continental Breakfast 8:15 am - 8:30 am Opening Remarks Larry Stone, Talent Development Director, Elliott Davis Decosimo 8:30 am – 10:00 am GAAP Update Russ Madray, Scholar in Residence, Elliott Davis Decosimo 10:00 am - 10:10 am Break 10:10 am - 12:00 pm GAAP Update (Continued) Russ Madray, Scholar in Residence, Elliott Davis Decosimo 12:00 pm - 1:00 pm Lunch 1:00 pm - 1:50 pm Cybersecurity & Data Security Richard Cook, Director, Elliott Davis Decosimo Bonnie Bastow, Manager, Elliott Davis Decosimo 1:50 am – 2:00 am Break 2:00 pm - 2:50 pm Internal Controls – Myths and Best Practices Pam Mantone, Director, Elliott Davis Decosimo 2:50 am - 3:00 am Break 3:00 pm – 3:50 pm Retirement Plan Compliance and Controls Cindy Lusk, Manager, Elliott Davis Decosimo 10:00 am - 10:10 am Break 4:00 pm - 4:50 pm Accounting “Oopsies” – Accounting Topics that Can Trip You Up and Cause You to Go “Oops!” Jennifer Goodman, Shareholder, Elliott Davis Decosimo 4:50 pm Course Evaluation and Wrap Up
ARE YOU. . .Inneedoffinancialinformationtohelpoperateasuccessfulandprofitablebusiness?OverwhelmedbySECorgovernmentalreportingrequirements?Inneedofvalue-addedservicesfromindividualswhounderstandyourindustry?Lookingforrecommendationstoenhanceyourinternalcontrols?Interestedinlearningmoreaboutyourfinancialtrends?Inneedofanexperiencedauditortosatisfyinvestororfinancialinstitutionrequirements?
Independent assurance is extremely important to the users of your financial information in today’s business environment. Serving public and private companies for almost 90 years, Elliott Davis Decosimo’s Assurance Practice is committed to excellence and integrity. Our fully engaged, 360° service approach emphasizes continuity of senior level professionals to ensure you receive consistent and timely audit services with minimum interruption to your daily operations. Not every business requires the same level of assurance, so our team works with you to determine the solution that provides the appropriate level of assurance based on your specific objectives.
Elliott Davis Decosimo is registered with the Public Company Accounting Oversight Board and a member of the AICPA Center for Audit Quality,
AICPA Governmental Audit Quality Center, and AICPA Employee Benefit Plan Audit Quality Center.
SOLUTIONS
Audits , Rev iews and Compi lat ions• GAAPandotherspecialpurposeframeworks• Internationalfinancialauditingandreportingstandards• OMBA-133singleaudits• SECregistrantservicesincludingSOX404reportingandquarterlyreviews
Attestat ion and Other Engagements• Agreeduponprocedures• Reportingoninternalcontrolsofserviceorganizations• Reportingoninternalcontroloverfinancialreporting• Compliancereporting• Debtcovenantanalysis
Employee Benef i t P lan Audi t and Other Ser v ices• Definedcontributionplans-401(k),403(b),ESOP• Definedbenefitplans• ERISA/DOLcompliance• Healthandwelfareplans• Consultingandagreed-uponproceduresrelatedtoemployeebenefitplancomplianceissues
ARE YOU. . .Formulatingorretoolingalong-termbusinessplan?Seekingwaystoincreasethevalueofyourbusiness?Determiningappropriateriskprofile,timehorizonandcashflowneeds?Interestedincontrolsandprocedurestoreduceriskoffraud?Consideringanexpansionorrestructuring?Maximizingthevalueofyourtechnologyinvestments?
SOLUTIONS
Bus iness and F inanc ia l Consul t ing• Businessandstrategicplanning• Organizationalalignment• OutsourcedCFOandcontrollerservices•Managementtransitionandsuccessionplanning•Financialmodels,analysisandmanagementtools•Capitalstructuring•Lenderrelations•Turnaroundmanagement
Mergers and Acquis i t ions• Financialandtaxduediligence• Buy-sideandsell-sideadvisory
Bus iness Va luat ion • Corporatevaluation• Post-mergerintegration• Goodwillandintangibleassetvaluation• Employeestockownershipplanvaluation
L i t igat ion, Forens ics and Fraud• Financialdatainvestigationandanalysis• Experttestimony• Auditcommitteeassistance
Human Capi ta l• Executiverecruiting• Compensationandincentiveplans• Performancemanagement• Leadershipcoachingandmentoring
Sustainable results that drive profits are essential, as well as proper controls that give you complete confidence. With the economic challenges businesses face today, a fresh look and a new perspective to solve old or emerging problems can make all the difference. Elliott Davis Decosimo’s Consulting Practice brings clients invaluable experience and expansive consulting capabilities to help them execute smart, efficient and profit-generating solutions that meet long-term business objectives. As a trusted advisor, we take a 360° approach to understanding your business, providing action and results-oriented solutions.
ARE YOU. . .Uncertainofcurrentfederal,state,orlocaltaxfilingrequirements?Filingtaxesinmultiplestatesorthinkyoushouldbe?Interestedinbeingproactivewithyourmonthlyorannualreturns?Unsureifyouqualifyfortaxcreditsorincentives?Lookingtominimizeyourtaxliability?Interestedindevelopingasuccessionplanforyourbusiness?Operatingand/orservingcustomersoutsideoftheUnitedStates?
Federa l Tax• Businesstax• Individual,estate,giftandtrusttax• Taxaccountingmethods• Electionsandtaxpositions• Examinationrepresentation• Financialstatementpresentationofincometaxliabilities• Exemptorganizationtax
State and Loca l Tax• Incomeandfranchisetaxreturns• Salesandusetaxreverseaudits• Voluntarydisclosures• Nexusreviews• Propertytaxconsultation• Procedurereviews
When you own or manage a business, thoughtful tax planning, preparation and consulting are critical to your success. With one of the largest, most experienced teams in the Southeast, Elliott Davis Decosimo’s Tax Practice is knowledgeable and responsive offering customized, complete solutions designed around your industry, size, market and special needs. Our veteran team helps shoulder your burden of tax return compliance while assisting you with projections, planning and overall reduction of tax liabilities.
This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record of the discussion. This presentation is for informational purposes and does not contain or convey specific advice. It should not be used or relied upon in regard to any particular situation or circumstances without first consulting the appropriate advisor. No part of the presentation may be circulated, quoted, or reproduced for distribution without prior written approval from Elliott Davis Decosimo.
• Is it required to file or furnish financial statements with a regulatory agency by the Securities Exchange Act of 1934, as amended, or rules or regulations promulgated under the Act?
• Is it required to file or furnish financial statements with a regulatory agency in preparation for the sale of securities or for the purposes of issuing securities
• Has it issued (or is it a conduit bond obligor for) unrestricted securities that are traded or can be traded on an exchange or an OTC market?
- Includes an interdealer quotation or trading system for securities that are not listed on an exchange
• Does it (1) have one or more securities that are not subject to contractual restrictions on transfer, and (2) is it is required by law, contract, or regulation to prepare U.S. GAAP financial statements and make them publicly available on a periodic basis?
- Must meet both criteria - Must be full set of U.S. GAAP financial statements
(including footnotes) - Call reports are not financial statements - Restrictions may be contained in buy-sell, shareholder, or
• Does the new guidance allow assessment at the entity level, even if we know this yields a different accounting result – perhaps materially different – in the year of adoption?
• What kind of justification/documentation is needed to amortize goodwill over a period of less than 10 years?
- ASC 350-20-35-63 states “…or less than 10 years if the entity demonstrates that another useful life is more appropriate.”
- In the Basis for Conclusions, “That provides an opportunity for a reporting entity to identify a shorter useful life than 10 years, if it chooses to do so, when a shorter useful life is more appropriate based on its own specific facts and circumstances.”
- The only thing that’s made clear in multiple places is that 10 years is the maximum
- In other words, their primary concern appears to be the upper limit and not the ability to use a shorter life
• Facts: 2 years ago the company had an acquisition—didn’t really allocate the purchase price – dumped all into goodwill.
• They can go back and fix to properly allocate the purchase price. • Will the goodwill alternative be allowed? • Here’s what they would need to do:
1. Properly allocate the purchase price and determine the proper starting point for goodwill.
2. Determine if any impairment existed in each year subsequent to the acquisition and record accordingly (this will require application of the existing 2-step impairment test each year subsequent to the acquisition).
3. Once the goodwill balance is correct and up to date, the PCC alternative could be elected.
Change in Accounting Principle In January 2014, the FASB amended the Intangibles –Goodwill and Other topic of the Accounting Standards Codification. Under the amended guidance, a nonpublic entity may elect to amortize goodwill on a straight-line basis over a period of ten years or over a shorter period if the company demonstrates that another useful life is more appropriate. Goodwill would be subject to impairment testing only upon the occurrence of a triggering event. The Company adopted the amended guidance and elected to amortize existing goodwill at the beginning of the period of adoption, [January 1, 2014]. The Company will assess goodwill for impairment at an [entity] [reporting unit] level. There was no material impact on the Company’s results of operations or financial condition upon adoption of the new guidance.
• Can wait until financial statements are issued to have documentation in place and elect to apply simplified hedge accounting approach
• Allows swap to be measured at settlement value instead of fair value
• Settlement value may be estimated by applying a present value calculation of swap’s remaining estimated cash flows using a valuation technique that is not adjusted for nonperformance risk
ASU 2014-03, Accounting for Certain Receive Variable, Pay Fixed Interest Rate Swaps– Simplified Hedge Accounting Approach
• Would the alternative for interest rate swaps apply to a consumer finance company (private and generally unregulated obviously)?
• More specifically, is the term financial institution defined in the literature?
• ASU 2014-03refers the definition of financial institutions included in FASB ASC 942-320-50-1:
- …the term financial institutions includes banks, savings and loan associations, savings banks, credit unions, finance companies, and insurance entities
Change in Accounting Principle In January 2014, the FASB amended the Derivatives and Hedging topic of the Accounting Standards Codification. Under the amended guidance, a nonpublic entity may elect to use a simplified hedge accounting approach for its receive-variable, pay-fixed interest rate swaps. Under this approach, the income statement charge for interest expense will be similar to the amount that would result if the company had directly entered into a fixed-rate borrowing instead of a variable-rate borrowing and an interest rate swap. Furthermore, the simplified hedge accounting approach allows the swap to be measured at its settlement value, which measures the swap without non-performance risk, instead of fair value. The Company adopted the amended guidance and elected to apply the simplified hedge accounting approach [retrospectively] [using a modified retrospective approach] in [2014]. There was no material impact on the Company’s results of operations or financial condition upon adoption of the new guidance.
• Pledged assets as collateral for LESS’s mortgage
• Leases its manufacturing facility from LESS
• Pays prop taxes and maintenance on facility
MFG, Inc. (Lessee)
• Owns manufacturing facility; value: $700,000
• Mortgage on facility: $790,000
• Leases entire facility to MFG • No other assets
Less, Inc. (Lessor)
Oh my!
The value of the facility has declined!
Can MFG continue to apply the
PCC alternative?
Yes—assuming no other changes.
If LESS refinances or enters into new obligation that requires collateralization or guarantee by MFG, reassess whether criterion (d) met at the inception of the new obligation
•Private manufacturing company •Pledged assets as collateral for
both of LESS’s mortgages •Leases Facility 1 from LESS
MFG, Inc. (Lessee)
•Owns 2 manufacturing facilities •Facility 1 •Value: $1 million •Mortgage: $800,000 •Facility 2 •Value: $1 million •Mortgage: $500,000
Less, Inc. (Lessor)
•Leases Facility 2 from LESS
UNRELATED, Inc.
I own MFG, Inc. and LESS, Inc. LESS purchased another facility.
I personally guaranteed both
of LESS’ mortgages.
Can MFG continue to apply the
PCC alternative?
No. MFG is engaging in substantial activity outside its leasing activity with LESS by providing a guarantee on a mortgage secured by an asset that is not being leased by MFG
• If a company has 2 VIEs that qualify for the exception but they just wanted to consolidate the one and not consolidate the other one, can they do that?
Change in Accounting Principle In March 2014, the FASB amended the Consolidation topic of the Accounting Standards Codification. Under the amended guidance, a nonpublic entity has the option to exempt itself from applying the VIE consolidation model to a qualifying common control leasing arrangement. The Company adopted the amended guidance and elected to exempt itself from applying the VIE consolidation model to qualifying common control leasing arrangements in [2014]. The Company applied a full retrospective approach in which the financial statements for the year ended [December 31, 2013] have been adjusted to reflect the period-specific effects of applying the amendments.
ASU 2014-18, Accounting for Identifiable Intangible Assets in a Business Combination
• Current U.S. GAAP: - Recognize and measure at fair value intangible assets
that are identifiable: • Arises from contractual or other legal rights • Separable – capable of being separated or divided from the
entity and sold, transferred, licensed, rented, or exchanged, either individually or together with a related contract, identifiable asset, or liability, regardless of whether the entity intends to do so
• Can a company elect not to breakout from goodwill certain intangibles (e.g. breakout non-compete contracts as separately identified intangible assets, but include customer related intangibles within goodwill)?
• In other words, is this an “all or nothing” election with respect the intangibles covered by this private company option?
Note Disclosure for Adoption Change in Accounting Principle In December 2014, the FASB amended the Business Combinations topic of the Accounting Standards Codification. Under the amended guidance, a nonpublic entity may elect to not recognize separately from goodwill (1) customer-related intangible assets that are not capable of being sold or licensed independently from the other assets of the business and (2) noncompetition agreements. This alternative generally will result in recognizing fewer intangible assets in a business combination and, correspondingly, more goodwill. The Company elected this accounting alternative in [2014] and will apply it to all eligible transactions thereafter. The alternative is applied on a prospective basis. In addition, when this alternative is elected, the Company also is required to adopt the alternative accounting related to goodwill which requires that goodwill be amortized on a straight-line basis over a period of ten years or over a shorter period if the Company demonstrates that another useful life is more appropriate. Goodwill would be subject to impairment testing only upon the occurrence of a triggering event. The alternative is applied on a prospective basis, with amortization of existing goodwill commencing at the beginning of the period of adoption [January 1, 2014]. The Company will assess goodwill for impairment at the [entity] [reporting unit] level. There was no material impact on the Company’s results of operations or financial condition upon adoption of the new guidance.
• In scope - Contracts with customers - Sale of some nonfinancial assets that are not an output of the
company’s ordinary activities (e.g., property, plant and equipment, intangibles)
• Not in scope - Leasing contracts - Insurance contracts - Financial instruments contracts - Certain nonmonetary exchanges - Certain put options on sale and repurchase agreements - Guarantees within the scope of ASC 460
• SEC issued SAB 101 in 1999 to provide interpretive guidance
- Persuasive evidence of an arrangement exists - Delivery has occurred or services have been rendered - Seller’s price to the buyer is fixed or determinable - Collectibility is reasonably assured
• Core principle - Recognize revenue to depict the transfer of promised
goods or services to customers in an amount that reflects the consideration to which the entity expects to be entitled in exchange for those goods or services
• Must combine contracts entered into at or near the same time with the same customer (or related parties of the customer) if one or more of the following criteria are met:
Contracts are negotiated as a package with a single commercial objective
Amount of consideration to be paid in one contract depends on the price or
performance of the other contract
Goods or services promised in the contracts (or some
goods or services promised in each of the contracts) are
• Approval of a contract modification can be in writing, by oral agreement, or implied by customary business practices
• Contract modification is considered approved when it creates new or changes existing enforceable rights or obligations
• May result in - Separate (additional) contract - Termination of old contract and creation of new contract - Cumulative catch-up adjustment to existing contract
• A promised good or service is distinct (and therefore a performance obligation) if both of the following criteria are met:
Criterion 1: The customer can benefit from the good or service either on its own or together with other resources that are readily available to the customer.
Criterion 2: The entity’s promise to transfer the good or service to the customer is separately identifiable from other promises in the contract.
RussCo enters into a contract and will receive a $100,000 performance bonus if specified performance targets are met. RussCo estimates an 80% likelihood it will receive entire performance bonus and a 20% likelihood it will receive none of the bonus. Requirements: 1. Which estimation technique would be most appropriate? 2. How much of the performance bonus should be included in
• Company enters into a contract and will receive a performance bonus up to $100,000 if it meets specified performance targets. It estimates the likelihood of achieving the targets as follows:
• Expected value approach is determined to be the best method – $59,000 is calculated amount under this method
• Required to evaluate whether to “constrain” amounts of variable consideration included in transaction price
• Objective of the constraint – include variable consideration in the transaction price only to the extent it is “probable” it will not result in a significant revenue reversal
The risk of a reversal arising from an uncertain future event
The magnitude of the reversal if the uncertain event occurs
• Contractor is developing a multi-unit residential complex
• Customer enters into a binding sales contract with contractor for a specified unit that is under construction
• Each unit has a similar floor plan and is of a similar size, but other attributes of the units are different (for example, the location of the unit within the complex)
• Customer pays nonrefundable deposit upon entering into the contract and will make progress payments during construction of the unit
• Contract has substantive terms that preclude the contractor from being able to direct the unit to another customer
• Customer does not have the right to terminate the contract unless the contractor fails to perform as promised
• If customer defaults by failing to make progress payments as and when they are due, contractor would have a right to all of the consideration promised in the contract if it completes the construction of the unit
• How should the contractor account for this sale? - The asset (unit) does not have an alternative use because
the contract precludes the contractor from transferring the specified unit to another customer
- The terms of the contract and the practices in the legal jurisdiction indicate that there is a right to payment for performance completed to date
- Consequently, the contractor has a performance obligation that it satisfies over time
- To recognize revenue for that performance obligation satisfied over time, the contractor measures its progress toward complete satisfaction of its performance obligation
• Key principle – to help users of financial statements understand the amount, timing and uncertainty of revenue and cash flows arising from contracts with customers
• Present both qualitative and quantitative information about: - Contracts with customers - Significant judgments and changes in judgments made in
applying the guidance to those contracts - Assets recognized from costs to obtain or fulfill a contract - Fewer disclosure requirements for nonpublic companies
Disclosure Requirement Practical Expedient for Nonpublic Entities
Present or disclose revenue and any impairment losses recognized separately from other sources of revenue or impairment losses from other contracts.
None.
A disaggregation of revenue to “depict how the nature, amount, timing, and uncertainty of revenue and cash flows are affected by economic factors” (the ASU also provides implementation guidance).
An entity may elect not to provide the quantitative disclosure but should, at a minimum, provide revenue disaggregated according to the timing of transfer of good or services (for example, goods transferred at a point in time and services transferred over time).
Information about contract assets and liabilities (including changes in those balances) and the amount of revenue recognized in the current period that was previously recognized as a contract liability and the amount of revenue recognized that is related to performance obligations satisfied in prior periods.
An entity may elect not to provide the disclosures but should disclose the opening and closing balances of receivables, contract assets, and contract liabilities (if not separately presented or disclosed).
Information about performance obligations (e.g., types of goods or services, significant payment terms, typical timing of satisfying obligations, and other provisions).
Disclosure Relief for Nonpublic Entities Disclosure Requirement Practical Expedient for Nonpublic Entities
Information about an entity’s transaction price allocated to the remaining performance obligations, including (in certain circumstances) the “aggregate amount of the transaction price allocated to the remaining performance obligation” and when the entity expects to recognize that amount as revenue.
An entity may elect not to provide these disclosures.
A description of the significant judgments, and changes in those judgments, that affect the amount and timing of revenue recognition (including information about the timing of satisfaction of performance obligations, the determination of the transaction price, and the allocation of the transaction price to performance obligations).
An entity generally must provide these disclosures but may elect not to provide any or all of the following disclosures:
• An explanation of why the methods used to recognize revenue provide a faithful depiction of the transfer of goods or services to the customer.
• For performance obligations satisfied at a point in time, the significant judgments used in evaluating when a customer obtains control.
• The methods, inputs, and assumptions used to determine the transaction price, except that an entity must disclose the methods, inputs, and assumptions used to assess whether an estimate of variable consideration is constrained.
Information about an entity’s accounting for costs to obtain or fulfill a contract (including account balances and amortization methods).
An entity may elect not to provide these disclosures.
Information about the entity’s policy decisions (i.e., whether the entity used the practical expedients allowed by the ASU).
An entity may elect not to provide these disclosures.
• Effective date and transition - Effective immediately - Acquired entities may elect to apply it to any future
transaction or to their most recent event in which an acquirer obtains or obtained control of them
- If the financial statements have already been issued, application of pushdown accounting will be accounted for retrospectively as a change in accounting principle
• May 2013 – FASB issued a proposed ASU, Leases, which was a revision of the 2010 proposed ASU
• Core principle is that an entity should recognize assets and liabilities arising from a lease.
• Lessee would recognize assets and liabilities for leases with a maximum possible term of more than 12 months
• Lessee would recognize a liability to make lease payments (the lease liability) and a right-of-use asset representing its right to use the leased asset (the underlying asset) for the lease term
• Recognition, measurement, and presentation of expenses and cash flows would depend on whether the lessee is expected to consume more than an insignificant portion of the economic benefits embedded in the underlying asset
• For practical purposes, this assessment would often depend on whether the underlying asset is property or assets other than property
• Proposed ASU, Presentation of Financial Statements of Not-for-Profit Entities, issued in April
• Affects substantially all NFPs - Charities - Foundations - Private colleges and universities - Nongovernmental health care providers - Cultural institutions - Religious organizations - Trade associations
Elliott Davis Decosimo ranks among the top 30 CPA firms in the U.S. With sixteen offices across seven states, the firm provides clients across a wide range of industries with smart, customized solutions. Elliott Davis Decosimo is an independent firm associated with Moore Stephens International Limited, one of the world's largest CPA firm associations with resources in every major market around the globe. For more information, please visit elliottdavis.com.
Richard Cook, CISA, CISM & CRISC Director: IT Audit & Security Bonnie Bastow CISA, CIA Manager: IT Audit & Security
This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record of the discussion. This presentation is for informational purposes and does not contain or convey specific advice. It should not be used or relied upon in regard to any particular situation or circumstances without first consulting the appropriate advisor. No part of the presentation may be circulated, quoted, or reproduced for distribution without prior written approval from Elliott Davis Decosimo.
• Top Seven Human Risks - Phish-ability - Not patching or using outdated systems - Posting too much information about self or work - Reusing passwords across sites - Indiscriminate use of mobile media - Lack of situational awareness (believing you are not a target)
- Accidental loss or disclosure of sensitive information
• 23% of recipients open phishing email and 11% click on the attachments
• 99.9% of the exploited vulnerabilities were compromised more than a year after the Common Vulnerabilities and Exposures (CVE) (the patch/fix) was published
• During the review; check for: - Users are current employees, contractors, 3rd party users
and temps - Users access rights are appropriate for their job function - Users do not have SoD (Segregation of Duties) conflicts
• If SoD conflicts exist – point to mitigating control (ex. Reconciliations or other business process control)
• SoD conflicts do not exist across systems (credit approval management system – loan origination system)
• Maintain all User Access Review documents (the user access review detail – completed by reviewer - is the most important piece of evidence that the review occurred)
• Maintain User Access Review Tracking sheet, should note:
- Reviewer’s name - List of users to be reviewed - Date sent to reviewer - Date received from reviewer - If changes were requested (Yes/No) - When changes were applied - Users should not review their own access rights (very risky)
• Note: User Access Review Tracking sheet is often times maintained by IT group. User Access Reviews should be performed by management.
• Always review 100% of privileged users – this is the highest risk area for users
• Privileged users are any users that can perform the following functions: user provisioning (Add, Change Delete user access rights), administrator level access, change configuration settings and users that have back end access to databases (can make changes directly to the database, i.e. DBA)
• Any 3rd party user that have access rights to your systems should be logged and monitored (we cannot outsource risk)
• 3rd party access should be limited and only granted when needed. It should not be open ended access 7X24
• Privileged database users are those users who can access the data directly via the back end
• The business owners are responsible for reviewing backend access for database users
• SQL database only has one backend database account - the Security Administrator or SA account. Hence, the password must be shared and changed periodically
• Vendor Management Review - What is the opinion on the SOC report? - Does the SOC report have a carveout? Are these carveout
processes significant to our environment? If yes, how do we get comfort around these processes? (Ex, obtain another SOC report for carveout process)
- What is the reporting period? Need to cover at least 6 months of the financial period under review.
- Are there any exceptions in the SOC report? Do they apply to our environment? If yes, how do we get comfort that the exceptions will not affect our financial reporting process.
- Do we have the proper User Control Considerations (UCC’s) in place? Have we validated the key UCC’s? Do we have evidence of the validation process?
• We would recommend that the following best practices be applied to password security and account lockout parameters:
• Minimum password length – 6 to 8 characters • Maximum password age – 60 to 90 days • Minimum password age – 1 day (or more) • Password history – no password re-use for the trailing 12 months • Password complexity – enabled (at least require one alpha and one
numeric) • Unsuccessful log on attempts – 5 invalid attempts before user lock out • Lockout duration – at least 15 minutes • Reset lockout counter – at least 15 minutes • Domain inactivity timeout setting – 15 to 30 minutes
• The biggest violators of IT Security are the senior members of the IT/IS team – the team that is responsible for securing the enterprise
- So I ask you – how do you know that your enterprise is secure and only approved users have access to systems and their access is appropriate for their job function?
Elliott Davis Decosimo ranks among the top 30 CPA firms in the U.S. With sixteen offices across seven states, the firm provides clients across a wide range of industries with smart, customized solutions. Elliott Davis Decosimo is an independent firm associated with Moore Stephens International Limited, one of the world's largest CPA firm associations with resources in every major market around the globe. For more information, please visit elliottdavis.com.
Do relevant business processes have and maintain current control activities?
Do control activities include a range and variety of controls, including both manual and automated controls, as well as preventive and detective controls?
Is a process in place to identify all information required to support internal control functions?
Does the information system process capture internal and external data and transform relevant data into information?
Does management consider the costs and benefits with the nature, quantity and precision of information that supports the company’s operational objectives?
Elliott Davis Decosimo ranks among the top 30 CPA firms in the U.S. With seventeen offices across seven states, the firm provides clients across a wide range of industries with smart, customized solutions. Elliott Davis Decosimo is an independent firm associated with Moore Stephens International Limited, one of the world's largest CPA firm associations with resources in every major market around the globe. For more information, please visit elliottdavis.com.
This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record of the discussion. This presentation is for informational purposes and does not contain or convey specific advice. It should not be used or relied upon in regard to any particular situation or circumstances without first consulting the appropriate advisor. No part of the presentation may be circulated, quoted, or reproduced for distribution without prior written approval from Elliott Davis Decosimo.
• The number of 401(k) plans has grown to more than 300,000 plans covering more than 42 million people
• With the recent high-profile failures of companies with large employee benefit plans, today’s workforce is even more concerned about what their employers are doing to protect their retirement assets
• DOL has stepped up its enforcement activities dramatically looking for prohibited transactions, delinquent remittances of 401(k) employee contributions and other ERISA noncompliance
• The U.S. Department of Labor (DOL), the courts and Congress are actively working to define the fiduciary responsibilities of companies with respect to their employee benefit plans
• Remitted to wrong participant account due to input errors • Calculated incorrectly • Remitted late
- Prevention • Review trust statements for potential input errors • Reconcile payroll records to amounts remitted to the plan • Know your plan’s provisions for contributions and true-ups
• The plan made unauthorized distributions (i.e. no valid documentation for hardship distributions or did not obtain a loan first where loans are permitted by the Plan)
- Prevention • Implement procedures for authorization of distributions • Retain hardship documentation, including an assessment of
• Many administrators of employee benefit plans do not monitor compliance with plan documents, legal or regulatory requirements
• Federal agencies and Congress have adopted tough new rules that place responsibility for mismanaged retirement plans in the hands of company directors and officers
- Agencies are working with private plaintiffs to go after individual directors and officers in court when a pension plan collapses
• A poor quality audit of a plan’s financial statements can have dire consequences for the sponsor and the participants
- The DOL and the IRS have developed audit programs that impose sanctions of up to 20% of plan assets for failing to manage a plan in accordance with the plan document, the Internal Revenue Code and ERISA requirements. i.e. sanctions imposed on plan assets of $4,000,000 translates to a $800,000 penalty to be paid by the Company
• Today, more than 7,500 CPA firms perform more than 80,000 annual audits of employee benefit plans
• 54 firms perform more than 100 plan audits • 6,000 CPA firms perform 5 or fewer plan audits • Many firms offer low fee pricing but may not be qualified to
perform audits of this highly specialized area
• When selecting an auditor for your plan financial statements, there are several factors to keep in mind
- Purpose of the audit - Uniqueness of plan audits - CPA firm resources - Reasonable size ERISA audit practice - Understanding the limited-scope audit exception
Elliott Davis Decosimo ranks among the top 30 CPA firms in the U.S. With sixteen offices across seven states, the firm provides clients across a wide range of industries with smart, customized solutions. Elliott Davis Decosimo is an independent firm associated with Moore Stephens International Limited, one of the world's largest CPA firm associations with resources in every major market around the globe. For more information, please visit elliottdavis.com.
Jennifer Goodman, CPA, CGMA Shareholder, Elliott Davis Decosimo May 12, 2015
1
This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record of the discussion. This presentation is for informational purposes and does not contain or convey specific advice. It should not be used or relied upon in regard to any particular situation or circumstances without first consulting the appropriate advisor. No part of the presentation may be circulated, quoted, or reproduced for distribution without prior written approval from Elliott Davis Decosimo.
• A public accounting firm has been engaged to audit your financial statements for the year ended 12/31/2014 ₋ You sign the engagement letter which commits your
company and the firm to the terms of the engagement letter on 10/1/2014
₋ Your bank requires an audit so there is no uncertainty that the cost will be incurred
• Is it proper to accrue the entire audit fee as an expense in 2014?
• Your boss wants F/S by January 10th. You use a PO system for inventory purchases but not other expenses. The auditors always seem to find one or two invoices that slip through the cracks and don’t get accrued
• To avoid an audit adjustment this year, you decide to accrue a $50k “general accrual” for possible un-accrued invoices and for the spring in-house retreat which the board has approved and budgeted $25k for the event
• If you were auditing this entity, how would you conclude on the $50k general accrual?
• It’s December 31 and you have identified the following costs associated with the shut down:
NBV of equipment $ 1,000,000 One-time termination benefits paid in January $ 50,000 Remaining bldg. lease payments due – do not plan to sublease forgoing $40,000 in lease income $ 100,000 Estimated equipment relocation/set-up cost to be incurred in February $ 200,000 Estimated general cost for shut down (ex. building repairs, employee relocation, clean up) $ 75,000
• What losses/impairments and accruals should be reflected at December 31?
Half of property held for sale $ 250,000 Half of property held and used evaluate One-time termination benefits paid in January Employees identified, completion date set and employees informed $ 50,000 Lease (100,000 less sublease value 40,000) $ 60,000 • Cannot accrue for relocation costs or “general accruals” • Commitment to an exit or disposal plan by management
does not, by itself, result in the incurrence of a liability
• New IRS rules for capitalization and depreciation: ₋ IRS released regulations on capitalization of tangible
property costs that provide a “de minimis safe harbor election”
₋ Allows eligible businesses to expense certain property that would otherwise have to be capitalized
₋ To qualify, you must have book capitalization policies in place for expensing amounts costing less than a specified amount or have a useful life of 12 months or less
• Entity has annual sales of $2.5M • Net income is $250k • Total PPE NBV is $3M
₋ The CFO wants to put a new capitalization policy in place which states that tangible property with a useful life over 1 year is capitalized if purchase price is over $5k
• Acquisition related costs 805-10-25 (finder’s fees, advisory, legal, accounting, valuation, and other professional or consulting fees) ₋ General rule - expense acquisition fees ₋ Exception – registering and issuing debt securities
• Capitalize and amortize ₋ Exception – registering and issuing equity securities
Step 1: Has liability derecognition threshold been met? Yes – Apply extinguishment accounting Step 2: Is borrower experiencing financial difficulties and lender is granting concessions? Yes – Apply troubled debt restructuring accounting Step 3: Is new or changed loan “substantially different” from old loan? Yes – Apply Extinguishment Accounting No – Apply Modification Accounting
• ABC Bank hires Lewis law firm in connection with
your loan modification. ABC Bank tells Lewis to bill you directly for legal services provided to ABC Bank in relation to the loan. You agree to pay Lewis directly
• Lewis bills you $100,000 and ABC Bank bills you $400,000 for fees associated with the modification
• ASC 710 Compensation – a liability should be accrued for compensation if all of the following: Obligation attributable to services already rendered
• Rights vest or accumulate ₋ Vest – obligation to pay even if employee terminated ₋ Accumulate – rights may be carried forward ₋ Modification rule for sick pay where accrual not
required but permitted if rights accumulate but do not vest
• Payment is probable, and • Amount can be estimated
• Suzanne has earned but not used 5 days of vacation and 5 days of sick pay at 12/31/2014
Your Company Policy: Vacation and sick days accumulate but will not be paid if employment is terminated. An employee can only use sick days due to illness.
₋ Should vacation and sick pay be accrued at 12/31/14? ₋ What if new employees have to wait until second year of
employment to take vacation? ₋ Accrue at current salary rates or salary rates expected at
• FOB terms are an important consideration in product sales, because they determine the point at which title to the product, and thus the risks and rewards of ownership, has legally passed to the buyer ₋ FOB destination indicates that title to the product passes
upon delivery to the customer • Revenue recorded when it reaches customer
₋ FOB shipping point indicates that title to the product passes at the time of shipment • Revenue recorded when it ships
• Your product is sold FOB shipping point as indicated
on the invoice. However, for one important customer you have agreed to be responsible for hiring and paying the shipping agent and insuring the goods in transit.
replacing lost or damaged goods. The contractual terms specifically state that product is FOB shipping point. Can the Company recognize revenue at the time of shipment?
The phrase “synthetic FOB destination” is used when a vendor offers FOB shipping point terms, but also has a standard business practice of replacing goods that are lost or damaged while in transit to the customer.
Jennifer Goodman Email: [email protected] Phone: 423.266.2308 Website: www.elliottdavis.com
Elliott Davis Decosimo ranks among the top 30 CPA firms in the U.S. With sixteen offices across seven states, the firm provides clients across a wide range of industries with smart, customized solutions. Elliott Davis Decosimo is an independent firm associated with Moore Stephens International Limited, one of the world's largest CPA firm associations with resources in every major market around the globe. For more information, please visit elliottdavis.com.
Professional Overview Bonnie has over 20 years of experience in Accounting, Finance, Operations, and Information Systems. Her main focus is providing IT related assurance, consulting, advisory, compliance, and security services. She has executed SOC1 and SOC2 engagements, FFEIC engagements, developed custom audit work-programs, and conducted several system implementation audits and reviews. Bonnie’s ERP experience includes: SAP, Oracle, Lawson, Dynamics GP, JD Edwards, UltiPro, and PeopleSoft (Financials & HRMS) – operating systems: Unix/Linux, iSeries (AS/400), Windows Server and mainframe – and databases; Oracle, SQL, and DB2. Bonnie has worked with various frameworks including: COBIT, FFIEC, and COSO. Prior to joining Elliott Davis Decosimo, she held positions as CFO, Controller, Corporate Auditor, and IT Director in manufacturing and distribution firms. She has an extensive IT services background in system selections, system implementation, business process reviews, technical writing, and project management. As an IT Risk professional she has previously worked primarily with a leading national firm.
Education and Credentials Certified Internal Auditor (CIA) Certified Information Systems Auditor (CISA) MBA, Finance, Michigan State University, East Lansing, Michigan B.A., Business & Accounting, Alma College, Alma, Michigan
Professional and Service Affiliations Information Systems Audit and Control Association (ISACA), Charlotte and Raleigh
NC Chapters Institute of Internal Audit (IIA) Triad Chapter (Greensboro - Winston-Salem, NC) Rotary Club, Gate City Rotary, Past Board Member
700 East Morehead Street Suite 400 Charlotte, NC 28202 Direct: 704.808.5243 Office: 704.333.8881 Mobile: 910.297.4004 Fax: 704.749.7943 [email protected]
Richard Cook, CISA, CISM, CRISC Director Services: Risk Advisory Services | Industries: Closely-Held Business, Government, Financial Institutions, Healthcare, Manufacturing & Distribution (M&D), Not for Profit, Retail & Hospitality
Professional Overview Richard has 12 years of IT consulting/audit experience as an IT Risk Management professional primarily with Big Four and national firms. His main focus is providing IT related assurance, consulting, advisory and security services. His range of experience includes assessing IT environments of public (accelerated and non-accelerated filers, including Fortune 500 companies) and private enterprises both large and small from an internal and external perspective. He also has experience implementing the updated COSO 2013 framework.
He has experience leading SOC1 and SOC2 engagements. In addition, Richard’s ERP experience includes: SAP, Oracle, JD Edwards, and PeopleSoft – operating systems: Unix/Linux, iSeries (AS/400), Windows Server and mainframe – and databases; Oracle, SQL, DB2, and Informix among others. Richard has worked with various frameworks including: COBIT, FFIEC, AICPA, PCAOB, COSO, and FISMA.
Education, Credentials and Special Training Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified in Risk and Information Systems Controls (CRISC) M.S., Accounting, University of North Carolina at Wilmington (UNCW) B.S., Accounting, University of North Carolina at Wilmington
Professional Affiliations and Advisory Boards Information Systems Audit and Control Association (ISACA), Charlotte, NC Research Triangle, NC Chapter and SC Midlands Chapters Institute of Internal Audit (IIA) Member Alabama, Georgia, North Carolina, Ohio, South Carolina, Tennessee and Virginia Banking Associations UNCW MSA and Wingate University MAC Advisory Boards
Tallan Financial Center Suite 1100, Two Union Square Chattanooga, TN 37402 Direct: 423.266.2308 Office: 423.756.7100 Fax: 423.756.0510 [email protected]
Jennifer Goodman, CPA, CGMA Shareholder Services: Assurance | Industries: Manufacturing and Distribution, Not-for-Profit, Software Development Professional Overview Jennifer provides audit and assurance services, including audits of internal control over financial reporting, to privately held businesses, public companies and not-for-profit organizations. Jennifer serves manufacturing and distribution clients with annual revenues approximating $1.8 billion operating both domestically and internationally. She serves many subsectors of manufacturing and distribution but concentrates much of her time in the baked foods, industrial machinery and apparel industries. Jennifer’s public company experience includes financial statement audits, audits of internal control over financial reporting and limited scope consulting engagements for foreign firms performing assurance engagements for foreign SEC filers. Jennifer’s experience also includes not-for-profit entities where she specializes in educational institutions, religious entities and health and welfare organizations. She currently oversees not-for-profit clients ranging in size from $300,000 to $65 million in annual revenue. Education, Credentials and Special Training Certified Public Accountant Chartered Global Management Accountant B.S., Accounting, University of Tennessee at Chattanooga Professional Affiliations American Institute of Certified Public Accountants Tennessee Society of Certified Public Accountants Tennessee Association of Manufacturers Civic and Community Activities Audit Committee, Tennessee Society of Public Accountants Executive Committee, Friends of the Festival for Chattanooga Riverbend event Executive Committee, Craniofacial Foundation of America
Tallan Financial Center Suite 1100, Two Union Square Chattanooga, TN 37402 Direct: 423.266.8170 Office: 423.756.7100 Fax: 423.756.0510 [email protected]
Cindy Lusk, CPA, RPA Manager Services: Assurance | Industries/Specializations: Employee Benefit Plans, Manufacturing & Distribution Professional Overview With more than 15 years of experience, Cindy works primarily on assurance and review across a number of industries. Cindy has specialized experience working on employee benefit plan audits. A significant portion of her career has been dedicated to auditing plans ranging in size from 100 to 35,000 participants with assets up to $548 million. She is committed to helping her clients meet their fiduciary responsibilities and fully understands the latest laws and regulations concerning benefit plans. Cindy also serves as a firm resource for HUD audits. She manages more than 50 HUD audits for the second largest group of nursing homes in the nation, which operates more than 235 skilled nursing homes, assisted living facilities, retirement living communities, home care services and Alzheimer's centers. Education, Credentials and Special Training Certified Public Accountant Retirement Plans Associate B.S., Accounting, University of Tennessee at Chattanooga Professional Affiliations American Institute of Certified Public Accountants Tennessee Society of Certified Public Accountants Civic and Community Activities Audit Committee, Girl Scout Council of the Southern Appalachians Former Finance Chairman and Treasurer, Craniofacial Foundation of America
200 East Broad Street Suite 500 Greenville, SC 29601 Direct: 864.370.5640 Office: 864.242.3370 Fax: 864.255.4014 [email protected]
J. Russell Madray, CPA Scholar-in-Residence Services: Assurance Professional Overview As Scholar-in-Residence at Elliott Davis, Russ provides technical guidance on accounting and auditing matters and regulatory developments. He also develops technical training programs as well as publishes articles focused on emerging accounting and auditing issues. With more than 25 years of professional experience, Russ helps CPAs throughout the country understand and manage technical A&A issues. He is also a Senior Lecturer in the School of Accountancy and Finance at Clemson University, an author of several best-selling books, and a frequent contributor to the AICPA and the Journal of Accountancy. Education, Credentials and Special Training Certified Public Accountant Certified Global Management Accountant Certified Internal Auditor Certified Management Accountant Master of Professional Accountancy, Clemson University B.S., Accounting, Clemson University
Professional Affiliations American Institute of Certified Public Accountants Accounting and Review Services Committee, 1998-2001 South Carolina Association of Certified Public Accountants Board of Directors, 2004 Chair, CPE Committee, 2013-2014
Civic and Community Activities Elder, Westminster Presbyterian Church Thought Leadership “Financial Reporting Framework for Small- and Medium-Sized Entities: Implementation Guide,” AICPA, June 2013 “The Trend Toward Fair Value Accounting,” Journal of Financial Service Professionals, May 2008 “How to Handle It: Considering Fraud and Illegal Acts in Compilations and Reviews,” Journal of Accountancy, January 2006 “An Update on Review Engagements,” Journal of Accountancy, August 2004 “An End to the Plain-Paper Debate?” Journal of Accountancy, January 2001 “A New Approach to Compilations,” Journal of Accountancy, April 2000
Tallan Financial Center Suite 1100, Two Union Square Chattanooga, TN 37402 Direct: 423.266.4021 Office: 423.756.7100 Fax: 423.756.2939 [email protected]
Pam Mantone, CPA, CFF, CFE, FCPA, CITP, CGMA, MAFF Director Services: Consulting| Industries/Specializations: Government, Financial Services, Not-for-Profit Professional Overview Pam specializes in litigation support services with emphasis on forensic accounting and fraud examinations. She has performed forensic and fraud auditing services for organizations, including the gathering of forensic evidence and testifying to findings. Pam also provides consulting services regarding implementation of fraud prevention and fraud detection internal control systems. Her experience includes conducting and supervising audits of local banks, credit unions, local not-for-profit organizations and HUD audits. She manages and performs external and internal audits of financial institutions. Pam is an accomplished author. Her book, Using Analytics to Detect Possible Fraud – Tools and Techniques, was published in 2013 and provides a common source of analytical techniques used in forensic accounting investigations. It is also used as a college textbook. Education, Credentials and Special Training Certified Public Accountant Forensic Certified Public Accountant Certified in Financial Forensics Master Analyst in Financial Forensics Certified Information Technology Professional Chartered Global Management Accountant B.A., Accounting, Lakeland College Professional Affiliations American Institute of Certified Public Accountants Tennessee Society of Certified Public Accountants Forensic Certified Public Accountant Society National Association of Certified Valuators & Analysts Civic and Community Activities Advisory Council, Association of Certified Fraud Examiners President, Chattanooga Chapter of TSCPA