gasb audit update - marcum events€¦ · gasb audit update presented by julian sardinas. ......
TRANSCRIPT
GASB Audit Updatepresented by Julian Sardinas
Presentation Overview
Implemented Pronouncements
Outstanding Exposure Drafts
Projects currently being reviewed
Effective Dates 2017
Statement 73--Pensions not within the scope of 67/68--June 30 Statement 74--OPEB (plans)--June 30Statement 77--Tax abatement disclosures--December 31Statement 80--Blending requirements--June 30Statement 81--Irrevocable split-interest agreements-December 31Statement 82--Pension issues--June 30 (early adoption is encouraged)Implementation Guide 2016-1
2018Statement 75--OPEB (employers)--June 30Statement 82--Pension issues--June 30+
Effective Dates (cont.) 2016
Statement 72--Fair Value--June 30Statement 73--Amendments to Statements 67 and 68--June 30 Statement 76--GAAP hierarchy--June 30Statement 78--Certain multiple-employer pension plans--December 31Statement 79--Certain investment pools and participants--June 30
and December 31Implementation Guide 2015-1--June 30
Fair Value Measurement and Application: Statement 72
What: establishes a hierarchy of inputs to valuation techniques used to measure fair value
Why: Review of existing standards found opportunities to improve the measurement of resources available to governments, and to increase comparability and accountability
When: Effective for fiscal years beginning after June 15, 2015
Accounting and Financial Reporting for Pensions and Related Assets That Are Not within the Scope of GASB Statement 68, and Amendments to Certain Provisions of GASB Statements 67 and 68: Statement 73
What: comprehensive review of the effectiveness of existing standards of accounting and financial reporting for all postemployment benefits with regard to providing decision-useful information, supporting assessments of accountability and interperiod equity, and creating additional transparency
Why: improve the usefulness of information about pensions included in the general purpose external financial reports of state and local governments for making decisions and assessing accountability.
Accounting and Financial Reporting for Pensions and Related Assets That Are Not within the Scope of GASB Statement 68, and Amendments to Certain Provisions of GASB Statements 67 and 68: Statement 73
When:
the requirements of this Statement that address financial reporting for assets accumulated for purposes of providing those pensions are effective for fiscal years beginning after June 15, 2015
not within the scope of Statement 68 are effective for financial statements for fiscal years beginning after June 15, 2016,
Other Postemployment Benefits:Statements 74 & 75
What: The Board issued Statements 74 (plans) and 75 (employers), making OPEB accounting and financial reporting consistent with the pension standards in Statements 67 and 68
Why: Pension and OPEB standards were updated subsequent to a review of the effectiveness of the standards – objective was to establish a consistent set of standards for all postemployment benefits, providing more transparent reporting of the liability and more useful information about the liability and costs of benefits
When: Effective for periods beginning after June 15, 2016 (plans) and June 15, 2017 (employers)
Plan and Asset Reporting Scope includes defined benefit and defined contribution OPEB plans administered through trusts that meet specified criteria
Also addresses assets accumulated for purposes of providing OPEB through defined benefit OPEB plans that are not administered through trusts that meet the criteria
Assets reported as assets in employer’s governmental/ proprietary funds
Assets held for other government reported in an agency fund
Plan and Asset Reporting (cont.)
Few changes from Statement 43 for financial statement recognition
Notes/RSI changes primarily to reflect changes in measurement of defined benefit liabilities of employers
Employer Scope & Applicability
Applies same definition of OPEB as used in Statement 45
All postemployment healthcare benefits
Other forms of postemployment benefits not provided through a pension plan
Applies to employers and nonemployer contributing entities that have a legal obligation to make contributions directly to an OPEB plan or to make benefit payments as those payments come due
GAAP Hierarchy: Statement 76
What: In June 2015, the Board issued Statement 76 and cleared a revised compilation of implementation guidance
Why: The GAAP hierarchy was incorporated (by Statement 55) from the auditing literature essentially “as is”—this Statement simplifies the hierarchy and explains how to identify the relevant literature within the hierarchy
When: Effective for periods beginning after June 15, 2015
Categories of Authoritative GAAP
Category Sources Due Process
A GASB Statements
Formally approved by the Board for thepurpose of creating, amending,
superseding, or interpreting standards, ANDexposed for a period of public comment
B
GASB Technical Bulletinsand Implementation
Guides; AICPA literaturespecifically cleared
by GASB
Cleared by the Board, specifically madeapplicable to state and local governmental
entities, AND exposed for a period of public comment
Implementation Guidance
Now classified as Category B authoritative GAAP
Revised due process
Public exposure of new Q&A guidance going forward
Will continue to issue Guides to individual pronouncements (such as Statements 74 and 75 on OPEB) and annual updates with new Q&As on various pronouncements
Implementation Guidance Updates
What: GASB updated its Q&A implementation guidance by approving Implementation Guide 2015-1 in June 2015 and Implementation Guide 2016-1 in March 2016
Why: New guidance is added as new pronouncements are issued and new issues arise; existing guidance is revised to reflect the effects of new pronouncements
When: 2015-1 is effective for periods beginning after June 15, 2015; 2016-1 is effective for periods beginning after June 15, 2016
Implementation Guidance Updates (cont.)
Implementation Guides are now Category B authoritative GAAP following Statement 76
Implementation Guides can be downloaded free from the GASB website
Implementation Guides 2015-1 and 2016-1
IG 2015-1 is the result of a complete review of all previously issued Q&A guidance
IG 2016-1 updates 2015-1:
Adds new questions on recent standards regarding fair value and tax abatement disclosures
Reinstates certain previously superseded Q&As that have been updated
Tax Abatement Disclosures: Statement 77
What: The Board issued Statement 77, which requires disclosures about a government’s tax abatement agreements
Why: Information about revenues that governments forgo is essential to understanding financial position and economic condition, interperiod equity, sources and uses of financial resources, and compliance with finance related legal or contractual requirements
When: Effective for periods beginning after December 15, 2015
Definition and Scope
Does not include all transactions that reduce tax revenues
Emphasis is on the substance of the arrangement meeting the definition, not on its name or form
Definition and Scope (cont.)Tax abatement definition:
A reduction in tax revenues that results from an agreement between one or more governments and an individual or entity in which
(a) one or more governments promise to forgo tax revenues to which they are otherwise entitled and
(b) the individual or entity promises to take a specific action after the agreement has been entered into that contributes to economic development or otherwise benefits the governments or the citizens of those governments.
Tax Abatement? Yes or No?Implementation Guide 2016-1:
Tax Increment Financing (4.77)
Sales Tax (4.78)
Motor Fuel Tax (4.80)
General Disclosure PrinciplesA government would disclose separately (a) its own tax abatements and (b) tax abatements that are entered into by other governments and reduce the reporting government’s taxes
Disclose own tax abatements by major program
Disclose those of other governments by the government and specific tax abated
General Disclosure Principles (cont.)
Brief Descriptive Information Government’s Own Abatements
Other Government’s Abatements
Name of program
Purpose of program
Name of government
Tax being abated
Authority to abate taxes
Eligibility criteria
Abatement mechanism
Recapture provisions
Types of recipient commitments
General Disclosure Principles (cont.)
Other Disclosures Government’s Own Abatements
Other Government’s Abatements
Dollar amount of taxes abated
Amounts received or receivable from other governments associated with
abated taxesOther commitments by
the governmentQuantitative threshold for
individual disclosureInformation omitted due to
legal prohibitions
Pensions Provided through Certain Multiple-Employer Pension Plans: Statement 78
What: The GASB has proposed revisions to Statement 68 on pensions to address concerns raised by stakeholders about governments with employees who are provided defined benefit pension benefits through federally sponsored or private multiple-employer pension plans
Why: The Board addresses requests to revisit existing standards when the concerns are significant and raise new issues
When: Effective for periods beginning after December 15, 2015
Statement 78: Exception to Statement 68
Statement 78 provides an exception to the general requirements of Statement 68, to be replaced with recognition of required contributions and descriptive note disclosures The Statement should be applied only to pensions provided to employees of state or local governmental employers through a cost-sharing multiple-employer defined benefit pension plan that meets all three of the following criteria:
Statement 78: Exception to Statement 68 (cont.)
not a state or local governmental pension planused to provide defined benefit pensions both to employees of state or local governments and to employees of employers that are not state or local governmental employersno predominant state or local governmental employer
Governments applying Statement 78 should present an RSI schedule of required contributions for the past 10 years
Certain External Investment Poolsand Pool Participants: Statement 79
What: The GASB has revised the accounting and financial reporting standards for 2a7-like investment pools
Why: Securities and Exchange Commission changes to Rule 2a7 would make it difficult for external investment pools to meet the criteria to continue to report as 2a7-like
When: Effective for reporting periods beginning after June 15, 2015, except for the provisions in paragraphs 18, 19, 23 26, and 40, which are effective for reporting periods beginning after December 15, 2015
Rule 2a7 2014 AmendmentsAmong other changes, requires money market funds to:
Transact at a floating net asset value per share (some exceptions)
Have the ability to impose liquidity fees and redemption gates
Calculate their shadow price on a daily basis
Disclose additional information on their websites on a daily basis
External investment pools would have to adopt those changes in order to remain 2a7-like
GASB has developed its own criteria
Criteria for Pools to Use Amortized CostAn external investment pool needs to meet all of the following in order to report investments at amortized cost:
Transact with participants at stable net asset value per share – $1.00 per share
Meet certain portfolio maturity requirements
Meet certain portfolio quality requirements
Meet certain portfolio diversification requirements
Meet certain pool liquidity requirements
Meet shadow price requirements
Disclosures for Pools and ParticipantsPools that report at amortized cost should disclose the fair value measurements as required by paragraphs 80–82 of Statement 72
Pools and pool participants that report at amortized cost should disclose the presence of any limitations or restrictions on participant withdrawals, such as redemption notice periods, maximum transaction amounts, and the pools’ authority to impose liquidity fees or redemption gates
Blending Requirements for CertainComponent Units: Statement 80
What: Statement 80 revises the standards regarding how certain component units should be presented in the financial statements of the primary government
Why: There is diversity in practice with some component units
When: Effective for reporting periods beginning after June 15, 2016
Additional Blending CriterionA component unit should be included in the reporting entity financial statements using the blended method if:
The component unit is organized as a not-for-profit corporation in which the primary government is the sole corporate member, as identified in the component unit’s articles of incorporation or bylaws, AND
The component unit is not included in the financial reporting entity pursuant to the provisions of Statement 14.
Irrevocable Split-Interest Agreements: Statement 81
What: Statement 81 addresses irrevocable split-interest agreements, which are particularly prevalent among public colleges and universities and public healthcare entities
Why: Limited guidance exists for irrevocable split-interest agreements in which the government acts as trustee (and is one of the beneficiaries); no guidance exists for situations in which a third party is the trustee and the government is one of the beneficiaries; users need information about these arrangements
When: Effective for periods beginning after December 15, 2016
ScopeIrrevocable split-interest agreements for which the government is the intermediary (trustee or agent) and a beneficiary
Donor gives resources to government that also is a beneficiary in the agreement
Lead interest: payments during the life of the agreement, generally to non-governmental beneficiary Remainder interest: assets remaining at termination of the agreement; generally goes to government
Scope (cont.)
Beneficial interests in resources held and administered by 3rd parties
Refers to the right to receive resources in a future reporting period, from resources administered by a 3rd party
Pension Issues: Statement 82
What: Statement 82 addresses concerns raised by stakeholders during the implementation process of Statements 67 & 68
Why: The Board addresses requests to revisit existing standards when the concerns are significant and raise new issues
Pension Issues: Statement 82 (cont.)When: Effective for reporting periods beginning after June 15, 2016, except requirements related to the selection of assumptions in a circumstance in which an employer’s NPL is measured as of a date other than the employer’s most recent FYE.
In that circumstance, those requirements are effective for that employer in the first reporting period in which the measurement date of the NPL is on or after June 15, 2017 or later
Exposure Draft, LeasesWhat: The GASB has proposed revisions to existing standards on lease accounting and financial reporting (primarily Statement 62) based on public comments received on the November 2014 Preliminary Views
Why: The existing standards have been in effect for decades without review to determine if they remain appropriate and continue to result in useful information; FASB and IASB conducted a joint project to update their lease standards; opportunity to increase comparability and usefulness of information and reduce complexity for preparers
When: Comment period ended May 31, 2016; public hearings in June
Estimated to be adopted in 2020
Scope and ApproachApplied to any contract that meets the definition of a lease:
“A lease is a contract that conveys the right to use a nonfinancial asset (the underlying asset) for a period of time in an exchange or exchange-like transaction.”
Leases are financings of the right to use an underlying asset
Therefore, single approach applied to accounting for leases with some exceptions, such as short-term leases
What is proposed as the lease term?Lease term
Includes noncancellable period, plus periods covered by a lessee’s option to renew, if it is reasonably certain the option will be exercised
Excludes periods covered by a lessee’s option to terminate, if it is reasonably certain the option will be exercised
Excludes periods for which lessor only has, or lessee and lessor each have, the option to terminate (cancellable periods)
Fiscal funding/cancellation clauses considered like any other option to terminate
Proposed Lessee Reporting
Lessee recognition and measurementRecognize an intangible asset for the right to use the underlying asset and a liability for future payments
Proposed Lessee Reporting (cont.)Lessee recognition and measurement (continued)
Lease liability payments be discounted using the rate the lessor charges the lessee and if that rate cannot be readily determined, the lessee’s incremental borrowing rate
Initial measurement of a lease asset includes:The value of the initial lease liabilityAny prepayments (amounts paid for the lease prior to measuring the lease liability)Initial direct costs if they are ancillary charges to place the leased asset into use
Lease incentives received should be reductions in the cost of lease assets
Proposed Lessee Reporting (cont.)Lessee recognition and measurement (continued)
Lease liability remeasured by calculating amortization on discount (interest) and reducing liability for actual payments less amortizationLease asset amortized using a systematic and rational method over the shorter of the lease term or the useful life of the underlying asset
Classify the amortization of the lease asset as amortization expense and the amortization of the discount on the lease liability as interest expense
Reassessment of a lease liability when certain judgments change
Variety of disclosures proposed
Proposed Lessor ReportingLessor recognition and measurement
Recognize a lease receivable and deferred inflow of resources
Do not derecognize the underlying assetDiscount the lease receivable at the rate the lessor chargesThe leased asset should be depreciated, unless it is required to be returned in its original or enhanced condition or the leased asset has an indefinite useful lifeReceivable does not include variable lease payments that are dependent on a lessee’s performance or usage of an underlying asset
Proposed Lessor Reporting (cont.)Lessor recognition and measurement (continued)
Purchase option payments or termination penalties recognized when exercisedResidual value guarantees recognized as a receivable when the amount of the payment has been decided but not yet paidInitial measurement of the deferred inflow of resources includes the receivable amount plus cash received up frontRecognize revenue over the lease term on a systematic and rational basis
Initial ReportingAssets Liability Deferred Inflow
Lessee
Underlying asset
Value oflease liability plus
prepayments and initial direct costs that are
ancillary to place asset in use
Present value of future leasepayments (incl. fixed payments,
variable payments based on index or rate, reasonably certain
residual guarantees, etc.)
N/A
LessorLease receivable
Continue to report leased asset
N/A
Equal to leasereceivable plus any
cash received upfront that relates to
a future period
Subsequent ReportingAssets Liability Deferred Inflow
LesseeAmortize the intangible
asset over shorterof useful life or lease term
Reduce by lease payments(less amount
for interest expense)N/A
Lessor Depreciate leased asset
Reduce receivable by lease payments
N/A
Recognize revenue over the lease term in
a systematic and rational manner
Short-Term LeasesAt beginning of lease, maximum possible term under the contract is 12 months or lessLessees recognize expenses/expenditures based on the terms of the contract
Do not recognize assets or liabilities associated with the right to use the underlying asset for short-term leases
Lessors recognize lease payments as revenue based on the payment provisions of the contract
Do not recognize receivables or deferred inflows associated with the lease
Leases: Other ProvisionsLease terminations—lessee and lessorLease modifications—lessee and lessorLeases with multiple componentsContract combinationsSubleasesLeases with related parties and component unitsSale-leasebacks and lease-leasebacks
Exposure Draft, Fiduciary ActivitiesWhat: The GASB has proposed standards that clarify when a government has a fiduciary responsibility and is required to present fiduciary fund financial statements
Why: Existing standards require reporting of fiduciary responsibilities but do not define what they are; use of private-purpose trust funds and agency funds is inconsistent; business-type activities are uncertain about how to report fiduciary activities
When: Comment deadline was March 31, 2016; public hearing on April 21 in Rosemont, IL
Estimated to be adopted in 2019
Proposal: When Is a Government a Fiduciary?
An activity is a fiduciary activity of a government if (1) the government controls the assets of the activity, (2) those assets are not derived solely from the government’s own-source revenue, and (3) one of the following is met:
The assets are administered through a trust agreement or equivalent arrangement in which the government itself is not a beneficiary
Proposal: When Is a Government a Fiduciary? (cont.)
The assets are to be used for the benefit of individuals that are not required to be residents or recipients of the government’s good and services as a condition of being a beneficiaryThe assets are to be used for the benefit of organizations or other governments that are neither part of the financial reporting entity nor recipients of the government’s goods or servicesThe assets result from a pass-through grant for which the government does not have administrative or direct financial involvement in the program
Proposal: When Is a Government ControllingResources?
A government controls the assets of an activity if:The government holds the assets.The government has the ability to direct2 the use, exchange, or employment of the assets in a manner that provides benefits to the specified or intended recipients. Restrictions from legal or other external restraints that stipulate the assets can be used only for a specific purpose do not negate a government’s control of the assets.
Proposal—Initial ConsiderationsIf the assets are from a pass-through grant, apply the reporting provisions in Statement 24If the assets are for post employment benefits, and are controlled by the government, follow the reporting guidance in the relevant pension or OPEB standard.
Trust or equivalent arrangement?If the assets are not derived primarily from the government’s own source revenues
Does the government control the assets?Who are the beneficiaries?
Who are the Beneficiaries?Are the resources to be used for the benefit of:
the government itself?individuals that are residents or recipients of the government’s services as a condition of being a beneficiary?organizations or other governments that are part of the financial reporting entity?
Yes--the resources are reported as assets of governmental or business type activities and the inflows and outflows are recognized as revenues and expenses/expendituresNo--the resources are reported in a fiduciary fund
What type of fiduciary fund?
Proposals: Fund Types and Stand-AloneBTAs
Fiduciary fund types:New definitions for pension trust funds, investment trust funds, and private-purpose trust funds that focus on the resources that should be reported within each.
A stand alone BTA’s fiduciary activities should be reported in separate fiduciary fund financial statements.
Resources expected to be held 3 months or less can be reported instead in the statement of net position, with inflows and outflows reported as operating cash flows in the statement of cash flows
Other ProposalsPresent additions disaggregated by source and, if applicable, separately display investment income and investment costs
Present deductions disaggregated by type and, if applicable, separately display administrative costs
Applies to statement of changes in fiduciary net position for all fiduciary funds except custodial funds held for three months or less
For these custodial funds, governments would be allowed to report total additions and total deductions in the aggregate, as long as the descriptions of the totals are sufficient to indicate the nature of the resource flows
Exposure Draft, Certain Asset Retirement Obligations
What: The GASB has proposed accounting and financial reporting standards for legal obligations to retire certain capital assets, such as nuclear power plants
Why: Existing standards (Statement 18) address only municipal landfills but governments have retirement obligations for other types of capital assets. There is diversity in practice for these other types.
When: Comment deadline was March 31, 2016
Estimated to be adopted in 2019
Proposals: Definition & ScopeAsset retirement obligation— A legal obligation associated with the retirement of a capital asset
Retirement of a tangible capital asset--The other-than-temporary removal of a capital asset from service (such as from sale, abandonment, recycling, or disposal)
Would include:Retirement of tangible capital assets, for example:
Nuclear power plant decommissioningCoal ash pond closure (those that are not landfills)Contractually required land restoration such as removal of wind turbines
Financial Reporting Model -Re-examination of Statement 34
What: In September 2015, the Board decided to add a project to examine the effectiveness of the financial reporting model –Statements 34, 35, 37, 41, and 46, and Interpretation 6
Why: The GASB is committed not only to establishing standards but also to ensuring that they continue to be effective; most of the requirements of Statement 34 became effective between 2002 and 2004; the provisions related to reporting existing general infrastructure assets were fully effective in 2006 and 2007
When: Initial due process document expected at the end of 2016
Estimated to be adopted in 2021
Governmental Funds
Tentatively developing three possible recognition approaches to replace current financial resources/modified accrual:
Near-term financial resources
Working capital
Total financial resources
Other Topics to Be Addressed in the Project
Management’s Discussion and Analysis (MD&A)—options for enhancing the financial statement analysis component, eliminating requirements that are boilerplate and no longer necessary
Major Funds—explore options for providing additional information about debt service funds, either individually or in aggregate in the financial statements or the notesProprietary Fund and Business-Type Activity (BTA) Financial Statements—explore operating performance measure alternatives
Other Topics to Be Addressed in the ProjectExtraordinary and Special Items—explore options for clarifying the guidance for more consistent reporting
Fiduciary Fund Financial Statements—explore where these financial statements should be presented in the basic financial statements
Budgetary Comparisons—explore the appropriate method of communication (either as basic financial statements or required supplementary information) and which budget variances, if any, should be required to be presented
Certain Debt ExtinguishmentsWhat: In September 2015, the Board added a project to consider whether guidance is needed for debt refundings that use a government’s existing resources
Why: Research found that Statements 7 and 23 on debt refundings and Statement 62 on debt extinguishments are working effectively, but that standards may be needed for refundings with existing resources
When: Deliberations began in February 2016, ED currently in process
Estimated to be adopted in 2017
Omnibus
What: In April 2016, the Board added a project to consider amendments to certain existing literature
Why: The Board periodically reviews the need for amendments to existing literature based on stakeholder feedback and technical inquiries. Omnibus projects are used to address issues in multiple pronouncements that, individually, would not justify a separate project.
When: Deliberations began in May 2016
Estimated to be adopted in 2017
Topics to Be Considered
Requirements for blending component units for single column business-type activities
Reporting of existing goodwill
Clarifications to Statement 72 for (1) classification of multi-use assets and (2) measurement of money market investments and participating interest earning investment contracts at amortized cost
Recognition of on-behalf payments by employers in financial statements prepared using the current financial resources measurement focus
Topics to Be Considered (cont.)
Applicability of Statement 75 for employers whose employees are provided with OPEB through multiple employer defined benefit OPEB plans that have characteristics similar to those identified in Statement 78
Presentation of payroll-related measures in required supplementary information for purposes of Statements 73, 74, and 75
Requirements for employer-paid member contributions for OPEB
Revenue and Expense Recognition
What: Development of a comprehensive application model for recognition of revenues and expenses from nonexchange, exchange, and exchange-like transactions
Why: Stakeholders have raised questions about how to account for revenues from transactions that are neither fully exchange or nonexchange; the revenue recognition standards incorporated in Statement 62 have not been revised for governments in nearly 50 years; current literature does not provide guidance for exchange and exchange-like expenses
When: The Board added the project in April 2016
Estimated to be adopted in 2018
Topics to Be ConsideredShould revenue recognized at the time of sale or when (or as) the obligation is fulfilled?
Should a performance obligation approach be used for transactions of a government? If so, for which transactions?
Should guidance for nonexchange transactions be revised in light of the GASB Concepts Statements?
Should guidance be developed for exchange expenses that are not in the scope of existing guidance?
Should additional information be disclosed regarding revenue and expense transactions?
GASB Statement No. 72 Fair Value Measurement and Application
Presented by: Michael D. Futterman
The Board issued Statement 72 to update the existing standards on fair value (primarily Statement 31)
Review of existing standards (GASBs 25, 31, 34, 40, 53) found opportunities to improve the measurement of resources available to governments, and to increase comparability and accountability
Includes a more detailed definition of fair value and accepted valuation techniques
What and Why?
3
Governments that may have started to implement Statement 72 may have noticed how their investments are not quite comparable to a similar government’s investments.
Unlike many standards, Statement 72 is not a “one disclosure fits all” standard.
General purpose governments (state and local) will have an easier time than Pension and OPEB Plans.
What and Why?
4
The price that would be received to sell an asset or paid to transfer a liability in an orderly transaction between market participants at the measurement date.
An exit price v.s. entry priceOther characteristics of fair value
Market-basedBased on a government’s principal or most advantageous market
Fair Value Definition
5
Active MarketA market in which transactions for an asset or liability take place with sufficient frequency and volume to provide pricing information on an ongoing basis.
Exchange MarketA market in which closing prices are both readily available and generally representative of fair value. An example of such a market is the New York Stock Exchange.
More Definitions
6
Principal MarketThe market with the greatest volume and level of activity for an asset or liability.
Most Advantageous MarketThe market that maximizes the amount that would be received to sell an asset or minimizes the amount that would be paid to transfer a liability, after taking into account transaction costs and transportation costs.
More Definitions
7
Market ParticipantsBuyers and sellers that (1) are in the principal (or most advantageous) market for an asset or liability and (2) have all of the following characteristics:a. They are independent of each other. That is, they are not
related parties, although the price in a related-party transaction may be used as an input to a fair value measurement if a government has evidence that the transaction was entered into at market terms.
More Definitions
8
Market Participants (cont.)
b. They are knowledgeable, having a reasonable understanding about the asset or liability and the transaction using all available information, including information that might be obtained through due diligence efforts that are usual and customary.
c. They are able to enter into a transaction for the asset or liability.
d. They are willing to enter into a transaction for the asset or liability. That is, they are motivated but not forced or otherwise compelled to do so.
More Definitions
9
Measurement DateThe date as of which the fair value of an asset or liability is determined.
InputsThe assumptions that market participants would use when pricing an asset or liability, including assumptions about risk, such as the following:
a. The risk inherent in a particular valuation technique used to measure fair value (such as a pricing model)
b. The risk inherent in the inputs to the valuation technique.
Inputs may be observable or unobservable.
More Definitions
10
Observable InputsInputs that are developed using market data, such as publicly available information about actual events or transactions, and which reflect the assumptions that market participants would use when pricing an asset or liability.
Unobservable InputsInputs for which market data are not available and that are developed using the best information available about the assumptions that market participants would use when pricing an asset or liability.
Unit of AccountThe level at which an asset or liability is aggregated or disaggregated formeasurement, recognition or disclosure purposes.
More Definitions
11
Apply valuation technique(s) that best represents fair value in the circumstances – market approach, cost approach, and income approach (transaction costs are excluded)
Market approach – Using prices and other relevant information generated by market transactions involving identical or similar assets or liabilities
Valuation Techniques
12
Cost approach – Amount that would be required currently to replace the service capacity of an asset
Income approach – Converts expected future amounts (for example, cash flows) to a single current amount (that is, discounted)
Revisions due to a change in valuation technique(s) are considered a change in accounting estimate
Valuation Techniques
13
Inputs:Level 1: quoted prices (unadjusted) in active markets for identical assets or liabilities, most reliable
Level 2: quoted prices for similar assets or liabilities, quoted prices for identical or similar assets or liabilities in markets that are not active, or other than quoted prices that are observable
Level 3: unobservable inputs, least reliable
Maximize use of relevant observable inputs and minimize use of unobservable inputs
Valuation Techniques
14
Fair Value Hierarchy - Examples
1 2 3
• Mutual Funds• Equity securities
included in the S&P 500
• Listed futures and options contracts
• U.S. Government and Agency bonds
• Corporate bond issuances not traded in an active market
• Certain mortgage-backed and asset-backed securities
• Municipal bonds not traded in an active market
• Interest rate swaps• Some U.S. Govern-
ment agency bonds
• Subordinate (residual) tranches in securitization structures
• Private equity investments
• Most nonfinancial assets
15
Assets that meet the definition of an investment generally should be measured at fair value
Exception to fair value (such as money market investments, life insurance, fully benefit responsive investment contracts, GICs, and investments in 2a7-like pools) would remain
Definition of an investment: A security or other asset that a government holds primarily for the purpose of income or profit and with a present service capacity that is based solely on its ability to generate cash or to be sold to generate cash
Service capacity refers to a government’s mission to provide services
Held primarily for earnings or gains
Investments and Fair Value
16
Unit of AccountLevel at which an asset or a liability is aggregated or disaggregatedExamples of the Application of the Unit of Account (GASB 72, Appendix C, Illustration 1)- Multiple Investments – Each individual security- External Investment Pool – Each share held- Mutual Fund – Each share held- Limited Partnership – Ownership interest in LP
Fair Value
17
InvestmentInvestments in nonparticipating interest-earning investment contracts
Investments in unallocated insurance contracts
Money market inv. And participating interest-earning inv. Contracts with remaining maturity at time of purchase of one year or less
Investments held by qualifying external investment pools
Synthetic guaranteed investment contracts (GICs) that are fully benefit responsive
Investments in life insurance contracts
Donated capital assets, works of art, historical treasures, and similar assets
Capital assets received in a service concession arrangement
Investments and Other Assets NOT Measured at Fair Value
AccountingCost based measure per GASB 31, paragraph 8
Reported as interest-earning investment contracts per GASB 31, paragraph 8 and GASB 59 paragraph 4
Amortized cost per GASB 31, paragraph 9
Amortized cost per GASB 79, paragraph 4
Amortized cost per GASB 79, paragraph 41, if the pool meets the criteria to measure its investments at amortized cost
Contract value per GASB 53, paragraph 67
Cash surrender value
Acquisition value
Acquisition value
18
GASB Statement No. 72 allows but does not require investors to use NAV as a practical expedient for the fair value of investments that report NAV as long as:
Fair value is not readily determinableNAV is calculated as of the government’s measurement dateNAV is calculated in a manner consistent with the FASB’s measurement principles for investment companiesIt is not probable that all or a portion of the investment will be sold at an amount other than NAV
Equity security has a readily determinable fair value if it meets any of the following:
Sale price or bid-and-asked quotations are currently available on a securities exchange registered with the SEC or in the over-the-counter market with publicly reported quotations
Using NAV as a Practical Expedient to Fair Value
19
Equity security traded on a foreign market that is of breadth and scope of one of the U.S. marketsMutual fund fair value per share is determined and published and is the basis for current transactions
NAV should be the fair value of all assets owned by a fund, minus the fair value of all liabilities, divided by the number of units issuedAdjustments to reported NAV may be needed if:
NAV is not calculated as of the measurement dateNAV is not calculated in a manner consistent with the measurement principles or investment companies
Using NAV as a Practical Expedient to Fair Value
20
The following information for each class or type of assets and/or liabilities measured at fair value should be disclosed:
The fair value measurement at the end of the reporting period for recurring fair value measurement (each year) and for nonrecurring (specific events) fair value measurements, the reasons for the measurement
The level of the fair value hierarchy within which the fair value measurements are categorized in their entirety (Level 1, 2, or 3)
A description of the valuation technique(s) or change in valuation techniques with significant impact and reason for change
Disclosures
21
Managing Investments
Management reviews the entity’s financial statements on a periodic basis and investigates significant variances from budgets and expected results.
Interest and dividend income calculations and accruals are reviewed.
Third-party statements are reconciled to sub-ledger and general ledger account(s).
Investment and derivative instruments activity is reviewed at regular intervals by an appropriate level of management.
Internal Controls Over Investments
22
Management approves investment and derivative instruments transactions to ensure that they are valid and in compliance with the entity’s policies and procedures.
Periodically, an investment committee, appropriate member of management, or another appropriate person reviews investments and investment return for accuracy and compliance with restrictions or limitations imposed by laws, funding sources, or the governing body.
Accounting policies and procedures specify the correct treatment for valuing investments and derivative instruments, including those requiring management’s estimates and judgments.
Internal Controls Over Investments
23
Possible Approaches to Testing Measurement
24
Developing an independent
fair value estimate
Substantive evidence for fair value
measurements
Testing management’s
process
TestingSubsequent Events and
Transactions
Relevant events and transactions after the date of the statement of financial position but before the date of the auditor’s report may provide persuasive audit evidence regarding management’s fair value estimate.
Reviewing relevant subsequent events and transactions to determine if any comparable transactions exist.Obtaining information regarding executed client transactions on or around the measurement date for the same, or substantially the same, investments.Assessing the relevance and reliability of comparable subsequent transactions.
Testing Subsequent Events and Transactions
25
Identifying assets (or liabilities) where fair value application is required?
Identifying investments where fair value application is NOT required?
Is the unit of account appropriate?
Determined valuation technique? Does this maximize observable inputs and minimize unobservable inputs? Considered the consistent application?
Determined audit approach for testing value?
Common Statement 72 Implementation Issues
26
27
28
Example 1 General Purpose Government (cont.)
29
30
31
32
33
Questions?
34
R E G U L A T I O N , R A T E S A N D O P P O R T U N I T Y
The Marcum Governmental Symposium
October 2016
Chase, J.P. Morgan, and JPMorgan Chase are marketing names for certain businesses of JPMorgan Chase & Co. and its subsidiaries worldwide (collectively, “JPMC”). This document was prepared solely and exclusively for the benefit and internal use of the party to whom it is directly addressed and delivered (the “Company”) in order to make a preliminary presentation to the Company regarding certain products or services that might be provided by JPMC. This document and any related presentation materials are for discussion purposes only and are incomplete without reference to, and should be viewed solely in conjunction with, a related oral briefing provided by JPMC. This presentation does not constitute a commitment by any JPMC entity to extend or arrange credit or to provide any other services. The Materials and oral briefing (collectively the “Information”) contain information which is confidential and proprietary to JPMC and may only be used by the Company for the purpose of evaluating the products and services described in the Information and may not be copied, published, disclosed or used, in whole or in part, for any other purpose other than as expressly authorized by a JPMC entity.In preparing the Information, JPMC has relied upon and assumed, without independent verification, the accuracy and completeness of information available from public sources or provided to it by or on behalf of the Company. JPMC does not guarantee the accuracy, completeness or reliability of that information. JPMC’s opinions and estimates contained herein reflect prevailing conditions and our views as of this date, which are accordingly subject to change, and should be regarded as indicative, preliminary and for illustrative purposes only. Our analyses are not and do not purport to be appraisals of the assets, stock, or business of the Company or any other entity.The Information is not intended and shall not be deemed to constitute or contain advice on legal, tax, investment, accounting, regulatory, technology or other matters on which the Company may rely, and the Company should consult with its own financial, legal, tax, accounting, compliance, treasury, technology, information system or similar advisors prior to entering into any agreement for JPMC products or services. The Company is responsible for its own independent assessment as to the cost, benefit, suitability and appropriateness of any products or services it obtains from JPMC. JPMC makes no representations as to the actual value which may be received in connection with any JPMC product or service or the legal, tax, or accounting implications of consummating any transaction contemplated by the Information.The Information contained herein is intended as general market and/or economic commentary, does not constitute and should not be treated as J.P. Morgan research. The Information may differ from that contained in J.P. Morgan research reports. The Information is not intended as nor shall it be deemed to constitute advice or a recommendation regarding the issuance of municipal securities or the use of any municipal financial products. JPMC is not providing any such advice or acting as the Company’s agent, fiduciary or advisor, including, without limitation, as a Municipal Advisor under Section 15B of the Securities and Exchange Act of 1934, as amended.The Information does not purport to set forth all applicable terms or issues and are not intended as an offer or solicitation for the purchase or sale of any financial product or service or a commitment by JPMC as to the availability of any such product or service at any time. JPMC products and services are subject to applicable laws, regulations, service terms and policies of JPMC. Not all products and services are available in all geographic areas or to all customers. Eligibility for particular products and services is subject to satisfaction of applicable legal, tax, risk, credit and other due diligence, JPMC’s “know your customer,” anti-money laundering, anti-terrorism and other policies and procedures.Products and services may be provided by commercial bank affiliates, securities affiliates or other JPMC affiliates or entities. In particular, securities brokerage services other than those which can be provided by commercial bank affiliates under applicable law will be provided by registered broker/dealer affiliates such as J.P. Morgan Securities LLC, J.P. Morgan Institutional Investments Inc. or by such other affiliates as may be appropriate to provide such services under applicable law. Such securities are not deposits or other obligations of any such commercial bank, are not guaranteed by any such commercial bank and are not insured by the Federal Deposit Insurance Corporation.All trademarks, trade names and service marks appearing in the Information are the property of their respective registered owners. © 2016 JPMorgan Chase & Co. All rights reserved.
RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Basel III – a comprehensive set of reforms with several goals
The Changing Regulatory Environment
Protect the market andbroader economy from the impact of an isolated stress
event in a single bank
Improve the banking sector’s ability to
absorb shocks arisingfrom financial and economic stress
Strengthen regulation, supervision and riskmanagement in the
banking sector
Ensure banks have reliable, stable sources of funding in times of
stability and stress
Ensure banks have reliable, stable sources of funding in times of
stability and stress
Ensure banks have reliable, stable sources of funding in times of
stability and stress
Basel III
Basel III was developed by the Bank for International Settlements (“BIS”) which was established in 1930; the goal is to help central banks with monetary and financial stability. Their head office is in Basel, Switzerland.
1RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
US Basel III Components – Capital and Liquidity
Capital and Liquidity – Two sides of the Same Coin
Capital and Liquidity
Asset size based CushionCounterparty
Risk Based
Liquidity Coverage
RatioNet Stable
Funding Ratio
2RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Capital Measurements – Asset-Based Considerations
BIS Standardized Capital Requirements
All asset types are allocated full capital requirement with minimal modificationU.S. Treasuries and other assets with full U.S. Guarantee – 0% capital requirementMunicipal General Obligations 20% capital requirementMunicipal Revenue Obligations 50% capital requirementCorporate Loans 100% capital requirements
U.S. Supplemental Leverage Ratio (“SLR”)All assets require 3% capital For GSIBs, all assets require 6% capital
3RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Capital Measurements – Counterparty Risk Considerations
BIS III – Advanced Capital Requirements
Banks model various risks and assign capital. Factors include:
Counterparty Credit Risk
Operational risk component
Market risk component
Comprehensive Capital Analysis and Review (“CCAR”) – Economic Stress Testing
“The Comprehensive Capital Analysis and Review (CCAR) is an annual exercise by the Federal Reserve to assess whether the largest bank holding companies operating in the United States have sufficient capital to continue operations throughout times of economic and financial stress and that they have robust, forward-looking capital-planning processes that account for their unique risks.” ¹
1. Board of Governors of the Federal Reserve System; Banking Information and Regulation; June 2014
4RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Capital Measurements – Cushion Considerations
GSIB – Additional Capital for Size and Complexity of Institution
TLAC – Additional Capital and Liquidity
TLAC requirements aim to bolster GSIBs’ capital and leverage ratios, ensuring these banks are equipped to continue critical functions without threatening financial market stability or requiring further taxpayer support
US G-SIB guidelines announced by the Fed in December 2014
Identified U.S. G-SIBs are: Bank of America, Bank of New York Mellon, Citigroup, Goldman Sachs, JPMorgan Chase, Morgan Stanley, State Street and Wells Fargo
U.S. G-SIB capital buffer percentage ranges from 0% to over 5.5%
U.S. method for G-SIB calculation varies from the Basel Committee calculation by including Short-termWholesale Funding (STWF); which adds further pressure on these banks’ treatment of non-operatingdeposit balances
SizeInter-
connectednessComplexity
Cross-
jurisdictional
Activity
Short-TermWholesaleFunding(<1 year)
5RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Liquidity Coverage Ratio (LCR)
Net Stable Funding Ratio (NSFR)
LCR requires banks to hold enough high quality liquid assets (HQLA) in reserve to meet all liabilities in a 30-day stress scenario
NSFR seeks to reduce a bank’s funding risk over a one-year horizon by promoting longer term funding sources
HQLA
Net Cash Outflows 100%
Incentive for banks to hold more HQLAHQLA includes cash, central bank reserves, government securities, corporate debt securities, etc.Potentially limits banks capacity to make loans
Stable Funding
Weighted long-term assets> 100%
Reduces dependency on short-term wholesale funding (STWF)Encourages better assessment of funding riskPromotes funding stabilityTargets mismatches between liquidity profile of a bank’s assets and liabilities
U.S. Basel III Components – Liquidity
These financial measures focus on ensuring banks have available, reliable funding during times of stability and stress
6RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
The classification of the balance has a direct impact on the usability of that funding for banks and the opportunity for return.
Under the regulations, a higher percentage of non-operating balances need to be deployed against High Quality Liquid Assets (HQLA).
The Changing Regulatory Environment
Less Reliable Funding More Reliable Funding
Limited Return Increased Return
Non-OperatingDeposits
OperatingDeposits
HQLA Loans/ Securities
Liabilities
Assets
HQLA (e.g. U.S. Treasuries) provide liquidity and reliability but offer reduced return when compared with the return opportunity for reliable funding deployed against a traditional bank loan.
Restrictions on the use of non-operating balances limit the opportunity for return
Bank funding sources: usability and return
7RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Liquidity linked to operating services
Non-operating / Wholesale liquidity
For every $100MM in wholesale (“corporate”) deposits: 30 day run-off during a market event 25%Required bank liquidity $25MM
For every $100MM in deposits: Corporates, Sovereigns, Central Banks and Public Sector Entities (PSE):
– 30 day run-off during a market event 40%– Required bank liquidity $40MMFinancial institution (FI) and correspondent banking balances:
– 30 day run-off during a market event 100%– Required bank liquidity $100MM
What Are the Key Impacts of the Basel III Framework on Deposits?
8RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Key TakeawaysKey Takeaways
What Are the Key Impacts of the Basel III Framework on Deposits?
There will be more demand for HQLA under the new regulations potentially impacting the supply available to serve as collateral for Public Sector deposits
Banks will carry significantly higher costs on public sector and non-operating balances vs. Corporate operating balances which may impact available yields
There could be a disparity between how clients define operating balances and what the regulators will permit banks to classify as operating balances
Banks will likely channel certain non-operating funding to appropriate off–balance sheet vehicles such as Money Market Mutual Funds
9RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
SEC money market fund reforms – 2014
New amendments to Rule 2a-7 further strengthen this short-term investment vehicle
SEC MONEY MARKET FUND REFORMS
A floating net asset value (NAV) is now required of certain types of funds
Fund Boards may use liquidity fees and redemption gates
Additional reforms enhance disclosure and reporting
Greater diversification and stress testing required
10
RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Floating NAV
Certain money market funds can no longer transact at a stable $1.00 NAV and face potential tax complications
Institutional prime/municipal money market funds (not government money market funds) Required to value portfolio securities based on current market value and must round their NAV to four decimal places, rather than rounding to the nearest penny
Floating NAV money market funds may face potential tax complications. These are mitigated by regulations issued by the U.S. Department of Treasury and the IRS that offer a simplified tax accounting method to track gains and losses.
Government money market funds Must invest at least 99.5% of total assets in cash/government securities and/or qualified repurchase agreements
Retail money market fundsMust comply with “natural persons” test
Must now useFLOATING
NAV
May continueto use a
STABLENAV
11
RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Liquidity fees and redemption gates for institutional prime/municipal and retail money market funds
Fund Boards now have new ways to directly address a run on a fund. Government money market funds are not required to be subject to the provisions, but may opt into them if properly disclosed.
Fees and gates must be removed when a fund passes above 30% weekly liquid assets and can be removed in a Board’s discretion.
$FUND BOARDS MAY IMPOSE FEES UP TO 2% ON ALL REDEMPTIONS IF:
The fund’s level of weekly liquid assets falls below 30% of its total assets and the fund’s Board determines that such a fee is in the best interest of the fund
FUND BOARDS MUST IMPOSE A 1% FEE ON ALL REDEMPTIONS IF:
The fund’s weekly liquid assets fall below 10% of its total assetsException: The fee does not have to be implemented if the fund’s Board determines that such a fee is not in the best interest of the fund or that a lower or higher (up to 2%) liquidity fee is more appropriate
FUND BOARDS MAY IMPOSE FEES UP TO 2% ON ALL REDEMPTIONS IF:
The fund’s level of weekly liquid assets falls below 30% of its total assets and the fund’s Board determines that such a fee is in the best interest of the fund
FUND BOARDS MUST IMPOSE A 1% FEE ON ALL REDEMPTIONS IF:
The fund’s weekly liquid assets fall below 10% of its total assetsException: The fee does not have to be implemented if the fund’s Board determines that such a fee is not in the best interest of the fund or that a lower or higher (up to 2%) liquidity fee is more appropriate
FUND BOARDS MAY SUSPEND WITHDRAWALS FROM THE FUND IF:
The fund’s level of weekly liquid assets falls below 30%
The fund’s Board determines that imposing such a gate is in the fund’s best interest
GATES ARE LIMITED TO NO MORE THAN 10 BUSINESS DAYS IN ANY CONSECUTIVE 90-DAY PERIOD
FUND BOARDS MAY SUSPEND WITHDRAWALS FROM THE FUND IF:
The fund’s level of weekly liquid assets falls below 30%
The fund’s Board determines that imposing such a gate is in the fund’s best interest
GATES ARE LIMITED TO NO MORE THAN 10 BUSINESS DAYS IN ANY CONSECUTIVE 90-DAY PERIOD
LIQUIDITY FEES REDEMPTION GATES
12
Required compliance with the final, most significant amendments of the 2014 reforms took place on October 14, 2016.
RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
$0
$500
$1,000
$1,500
$2,000
$2,500
0.00
0.10
0.20
0.30
0.40
0.50
0.60
0.70
0.80
0.90
1.00
2010 2011 2012 2013 2014 2015 2016
$ Bi
llions%
3 month LIBOR Prime Fund Assets Government Fund Assets
Money Fund Reform Impact on Money Market Fund Flows & Interest Rates
13
Money Market Fund balances
3 month LIBOR
Government fund balances surpassed Prime fund balances in early 2016 with the differential widening YTDPrime fund balances down $820B YTD & ~$460B since Aug 1st. Nearly 1:1 increase in Government fund balances YTD Prime fund outflows expected to stabilize as yield differential vs. Government funds eventually widen, likely 1Q17
As Prime funds position for outflows, there is less demand for bank commercial paper issuances with maturities past Oct 14th which has caused a spike in 3 month LIBOR despite a stable Target Fed Funds rate
Source: iMoneyNet, JPMorgan Markets
Overview: U.S. interest rates are expected to rise but global economic conditions & regulatory changes have a significant impact on the banking industry and liquidity management strategies.
RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
Deposits are viewed differently in the new regulatory environmentCertain deposit types will be more valuable than others to banksClients may need to revisit their liquidity strategy and investment policies
Deposits are viewed differently in the new regulatory environmentCertain deposit types will be more valuable than others to banksClients may need to revisit their liquidity strategy and investment policies
Basel III highlightsImpact Public Sector depositsMoney Market Fund Reform
Basel III highlightsImpact Public Sector depositsMoney Market Fund Reform
Potentialimpacts and ways to adapt
Potentialimpacts and ways to adapt
RegulatoryChangesRegulatoryChanges
Market Rate HistoryDrivers of U.S. Interest Rate PolicyInterest Rate Outlook
Market Rate HistoryDrivers of U.S. Interest Rate PolicyInterest Rate Outlook
Interest Rate OverviewInterest Rate Overview
Interest Rate History & Outlook
Breakdown of Key Regulatory Changes
What it Could Mean For You
14
Market Interest Rate History
Historical Perspective: Rates are still near all time lowsR
EG
UL
AT
ION
, R
AT
ES
AN
D O
PP
OR
TU
NIT
Y
Source: Federal Reserve Bank of St. Louis
15
What factors does the Fed consider when deciding to adjust interest rates?R
EG
UL
AT
ION
, R
AT
ES
AN
D O
PP
OR
TU
NIT
Y
The Federal Open Market Committee’s stated objectives when setting target interest rates are:Full employment with a stable unemployment rate between 4%-6% Stable Inflation levels with a core inflation target of 2%
16
Sept Unemployment rate: 5.0%
Aug. Inflation (Core PCE): 1.69%
2% Inflation target
Additional factors impacting U.S. monetary policyR
EG
UL
AT
ION
, R
AT
ES
AN
D O
PP
OR
TU
NIT
Y
Unemployment Rate
U.S.& Global GDP growth
Wage Growth & Labor Market
Slack
Strength of US Dollar vs. global currencies
Inflation Levels
In addition, many other factors are considered:
Foreign Central Bank policiesEnergy PricesHousing market conditions, etc.
While U.S. unemployment & inflation rates are two primary drivers of Fed policy, the U.S. economy is intertwined with global economic conditions which requires the Fed to consider many factors when setting rate policy including:
Despite improvements in the overall labor market, inflation has remained below the Federal Open Market Committee’s 2% target which, combined with global economic growth concerns, has allowed the FOMC to remain patient with regard to increasing interest rates.
17
0
0.5
1
1.5
2
2.5
3
3.5
%
Projected Fed Funds rate as of Dec. 2015 Projected Fed Funds rate as of Sept. 2016
Median FOMC forecast: Sept Median FOMC forecast: June 2016
Rates are expected to rise eventually but the timing & pace is still uncertainR
EG
UL
AT
ION
, R
AT
ES
AN
D O
PP
OR
TU
NIT
Y
The Fed Funds futures market has been volatile but predicts a slow pace of rate increases in 2016-17
There continues to be a divergence in FOMC published target fed funds rate estimates and “market” expectations
Source: U.S. Federal Open Market Committee, Bloomberg
18
Source: Bloomberg
Long run “normalized” TFF rate forecast at 2.9%
0%10%20%30%40%50%60%70%80%90%
100%
Jan. 2016 Feb:post stock
market decline
May:pre jobs report
June:post
disappointingMay jobs
report
June:pre-Brexit
June:post-Brexit
August:post-July jobs
report
August:post softer
inflation report
August:post-Fed
Jackson Holecomments
Sept:Post-Aug jobs
report
Sept: PostFed Meeting
Probability of a Sept. 2016 rate increase Probability of a Dec. 2016 rate increase
Rate Outlook takeaways:R
EG
UL
AT
ION
, R
AT
ES
AN
D O
PP
OR
TU
NIT
Y
Despite the 0.25% increase in the Target Fed Funds rate in December 2015, US interest rates remain near historic lows
With the FOMC’s dual mandate of stable inflation (2%) and full employment within sight, the FOMC has signaled that a rate increase could occur in 2016
The pace of future rate increases is expected to be gradual and data dependent particularly given global economic uncertainty and continued accommodative monetary policies worldwide
19
Impact to Banks How it may impact you
Higher capital reserve requirements for all deposit types particularly collateralized public sector funds and non-operating balances
Banks are impacted by enhanced capital requirements and higher regulatory compliance costs
Some types of deposits may no longer be attractive to some banks
Holistic banking relationships will be critical; operational accounts are keyBanks may look to channel excess non-operating liquidity into off balance sheet alternatives
Lower yields for excess liquidity is likely the new normal
Strategies for managing liquidity in the new environment
Consider collateral alternatives for public deposits including: Federal Home Loan Bank Standby Letters of CreditExpanded collateral types such as local municipal securitiesReduced or no collateral requirements for certain balances
Focus on forecasting and segmenting liquidity to maximize the value of cash throughout the cycles of receipts and payments
Optimizes operating cash, intermediate reserve cash as well as longer term strategic investment funds
Utilize direct investment in U.S. Treasury & Agency securities for excess non-operating liquidity
Improved Financial Regulation: What it could mean for you
20RE
GU
LA
TIO
N,
RA
TE
S A
ND
OP
PO
RT
UN
ITY
GASB 68, Revisited
presented by
Piotr Krekora,Moises D. Ariza, & Geovanne Neste
Objectives for The Session
GASB 68/71Overview of requirementsInvolvement of the ActuaryIssues and Struggles
Issues encountered and challengesBest PracticesYear 2 – What can we expect?
GASB Statement No. 73 and 82
2
GASB StatementsGASB Statement No. 68, Accounting and Financial Reporting for Pensions, Effective 6/30/15 [EMPLOYER]
This Statement replaces the requirements of Statement No. 27, Accounting for Pensions by State and Local Governmental Employers, as well as the requirements of Statement No. 50, Pension Disclosures, as they relate to pensions that are provided through pension plans administered as trusts or equivalent arrangements.
GASB Statement No. 71, Pension Transition for Contributions Made Subsequent to the Measurement Date (amendment of GASB Statement No. 68), Effective 6/30/15
3
Actuarial Valuations
4
Two Actuarial Valuation Reports Are NeededAV for Funding
AV for Accounting
Required to be performed at least every two years.If the date of the valuation report is not the measurement date the “Total Pension Liability (TPL)” needs to be rolled forward. (Note: Valuation report has to be performed as of a date no more than 30 months and 1 day prior to the employer's most recent year-end in order to be rolled forward). Entry age actuarial cost method ONLY is to be used for the actuarial present value of projected benefit payments
Measurement Date
5
ReportingDate (RD)9/30/16
Employer FYE
Measurement Date (MD)(Generally 9/30/15)
MD Must Be Within One Year of RD
Contributions Made - DeferredOutflow
Measurement Date (MD for FRS)
(Generally 6/30/16)
Remember .. GASB 67 does not use the term Measurement Date onlybecause, for plan reporting, all liabilities and assets are measured as of the plan’s Reporting Date; a plan’s Measurement Date = its Reporting Date. This is not necessarily true for the employer.
6
Impact on Employer Financial StatementsNet Pension Liability (“NPL”) is recorded on the employer’s statements prepared using the economic resources measurement focus and accrual basis of accounting (Government Wide for governmental funds and both fund level and government wide for enterprise funds.)
Changes in the components of the net pension liability will provide the pension expense, deferred inflows and deferred outflows that also need to be recorded
Recording Pension Expense: includes/considers: (a)changes in the total pension liability resulting from current-period service cost, (b) interest on the prior year total pension liability, (c)changes of benefit terms, (d) Projected earnings on the pension plan's investments and (e)Current period amortization of the deferred outflows and deferred inflows.
7
Impact on Employer Financial Statements (continued)
Deferred Outflows/Inflows of resources include:changes of economic and demographic assumptions or of other inputs.differences between expected and actual experience.Amortized over the average of the expected remaining service lives of all employees (active and inactive) that are provided with benefits through the pension plan.differences between the projected earnings on pension plan investments and actual experience. (Amortized over a closed period of five years)Employer contributions subsequent to the measurement date (deferred outflow).
8
Impact on Employer Financial Statements (continued)Notes to the financials should include:
Current year sources of changes in the NPL.Significant assumptions and other inputs used to calculate the TPL.The date of the actuarial valuation used to determine the TPLCurrent year sources of changes in the NPL.Significant assumptions and other inputs used to calculate the TPL.The date of the actuarial valuation used to determine the TPL
New Required Supplementary Information (RSI): 10 most recent fiscal years of:Sources of changes in the net pension liabilityThe components of the net pension liability and related ratios including the pension plan’s fiduciary net position as a percentage of the TPL, and the NPL as a percentage of covered-employee payroll.Notes to the RSI should include:
Significant methods and assumptions used in calculating the actuarially determined contributions.Factors that significantly affect trends in the amounts reported in the schedules (changes of benefit terms, change in size or composition of the population covered, etc.)
9
Impact on Cost-Sharing Employer Financial Statements
For FRS and HIS plans:Proportionate share of the NPL will be recorded on the employer’s statements prepared using the economic resources measurement focus and accrual basis of accounting. The amount is determined in a manner consistent with the method in which contributions to the pension plan are determined (i.e. covered payroll).A cost-sharing employer is required to recognize pension expense and report deferred outflows and deferred inflows related to pensions for its proportionate shares of collective pension expense and collective deferred outflows and deferred inflows related to pensions. A cost-sharing employer also has employer specific pension expense related to their change in proportion of contributions as of the measurement date.
10
FRS Investment Plan
For disclosure purposes, the FRS website provides the cost-sharing employer with a generic defined contribution disclosure related to the Plan. This information can be obtained at: http://www.dms.myflorida.com/workforce_operations/retirement/publications/annual_reports
The employer is responsible for determining the employer contribution amount related to the Investment Plan.
The employer contribution reported should be for the year presented in the cost-sharing employer’s financial statements.
Target Asset Allocation and Assumed Real Returns
11
Asset Class Target Allocation
Long-Term Expected Real Rate of Return
Allocation-Weighted Long-Term Expected Real Rate of
Return
Fixed Income 40% 2.25% 0.900%
Domestic Equity 40 5.95 2.380
International Equity 0 6.20 0.00
Private Equity 5 7.65 0.383
Real Estate 10 4.35 0.435
Commodities 0 2.10 0.000
Cash 5 0.05 0.003
Total 100% 4.10%
Expected Inflation 2.25%
Total Return 6.35%
Real rate is the rate above inflation.
Target Asset Allocation and Assumed Real Returns –Where do they come from?
12
Past vs. Forward-looking perspectives
Seek experts in forecasting
Turn to more than just one expert source
Rely more on mid-term forecasts than long-term
There is safety in consensus
Target Asset Allocation and Assumed Real Returns -Safety in Consensus
13
Sample Plan
These are arithmetic meansBased on a GRS library of 8 major investment consultants: Aon Hewitt*, BNY/Mellon, J.P. Morgan, Mercer*, NEPC, Pension Consulting Alliance, R.V. Kuhns & Associates, Willis Towers Watson*
Investment Consultant
Investment Consultant Expected
Nominal Return
Investment Consultant Inflation
AssumptionExpected Real Return (2)–(3)
Actuary Inflation Assumption
Expected Nominal Return
(4)+(5)
Passive Investment Expenses
ExpectedNominal Return Net of Expenses
(6)-(7)(1) (2) (3) (4) (5) (6) (7) (8)
1 4.93% 2.12% 2.81% 2.25% 5.06% 0.25% 4.81%2 5.61% 2.50% 3.11% 2.25% 5.36% 0.25% 5.11%3 5.71% 2.50% 3.21% 2.25% 5.46% 0.25% 5.21%4 5.52% 2.25% 3.27% 2.25% 5.52% 0.25% 5.27%5 5.70% 2.11% 3.60% 2.25% 5.85% 0.25% 5.60%6 6.03% 2.20% 3.83% 2.25% 6.08% 0.25% 5.83%7 6.34% 2.26% 4.08% 2.25% 6.33% 0.25% 6.08%8 6.55% 2.20% 4.35% 2.25% 6.60% 0.25% 6.35%
Average of 8 5.80% 2.27% 3.53% 2.25% 5.78% 0.25% 5.53%
Target Asset Allocation and Assumed Real Returns -No End Justifies the Means
14
Don’t be influenced by the answer you wantBe objective and detached when you adopt a forecast assumption for future investment returns.We cannot just wish or hope our way toward a given returnReturn assumption:
Is not a simple lever to tweak so as to obtain an affordable contributionIs our defensible and mainstream expected future net compound-average return of the portfolio over time useable in an actuarial valuation.
Sensitivity Exhibits – Return on Investments not Guaranteed
15
NPL Sensitivity to changes in the discount rate.
Problem: We don’t get to pick how much our investments earn
Current Single Rate
1% Decrease Assumption 1% Increase
6.00% 7.00% 8.00%
$ 33,000,000 $ 16,000,000 $ (1,000,000)
Sensitivity Exhibits – Return on Investments not Guaranteed
16
Arithmetic or Geometric
Stochastic returns, Volatility Drag.
Investment Consultant
ExpectedNominal Return Net of Expenses
Distribution of 15-Year Average Geometric Net Nominal Return
Probability of exceeding
40th 50th 60th 7.00%1 4.81% 3.84% 4.42% 5.00% 13.4%2 5.11% 4.08% 4.69% 5.30% 17.1%3 5.21% 4.21% 4.81% 5.41% 17.9%4 5.27% 4.08% 4.76% 5.43% 20.2%5 5.60% 4.56% 5.17% 5.78% 22.6%6 5.83% 4.86% 5.44% 6.03% 25.1%7 6.08% 5.06% 5.67% 6.27% 28.9%8 6.35% 5.15% 5.83% 6.51% 33.2%
Average of 8 5.53% 4.48% 5.10% 5.72% 22.3%
Sensitivity Exhibits – Return on Investments not Guaranteed
17
A different way to look at UAAL under uncertain returns.
18
Issues and ChallengesAvailability of GASB 68 Report (Timing):
Remember actuary needs a fully adjusted trail balance from the Plan to produce their valuation.
• Does this mean the actuary needs to wait until the plans financials are drafted?
• If the final audit net position of the Plan changes as compared to the unaudited figures, what impact will that have on the valuation timing?
A “stale” roll-forward valuation is provided but significant changes have occurred:
• Benefit provisions• Long term assumed rate of return• Changes in membership (retirement, layoffs, etc.)
19
Issues and ChallengesLong-term expected rate of return:
The long-term expected rate of return should be based on the nature and mix of current and expected pension plan investments over a period representative of the expected length of time between (a) the point at which an employee begins to provide service to the employer and (b) the point at which all benefits to the employee have been paid.The long-term expected rate of return should be determined net of pension plan investment expense but without reduction for pension plan administrative expense.Inconsistencies between amounts reported/confirmed by the Plans investment advisor and the amounts presented in the employers financial statements (based on Plans stand-alone).
20
Year 2 – What can we expect?Continued amortization of prior year recognized deferred inflows and outflowsRecording of newly established deferred inflows and outflowsExpensing of prior year deferred outflows related to contributions and recording of current year deferred outflows for contributions made after the MD.
FRS Schedules:To be available January 11, 2017Changes in Proportionate ShareDon’t forget Short-Term Liability Portion
21
Year 2 – What can we expect?Deferred Inflows and Outflows:
Continue to amortize the deferred inflows and deferred outflows from year 1
Same Amortization Period from YR-1
Add another “layer” in your deferral tracking sheet for YR-2
New amounts to amortize
Different amortization periods
22
Year 2 – What can we expect? – EXAMPLENet Pension Liability as of MD
9/30/2014 $10,000,000
9/30/2015 $11,500,000
Contributions Made Subsequent to MD
9/30/2014 $900,000
9/30/2015 $1,200,000
The Average of the expected remaining service lives of all employees :
9/30/2014 5 years
9/30/2015 6 years
23
Year 2 – What can we expect? – ExampleTHE EMPLOYERS REPORTING DATE IS 09/30/2016
Net Pension Liability as of MD Contributions Made Subsequent to MD9/30/2014 10,000,000$ 9/30/2014 900,000$ 9/30/2015 11,500,000$ 9/30/2015 1,200,000$
Deferred outlfows of resources: Life Amount Remaining 9/30/2016 9/30/2017 9/30/2018 9/30/2019 9/30/2020 9/30/2021Changes in assumptions:
9/30/2014 5 12,000 3,000 3,000 3,000 3,000 - - 9/30/2015 6 90,000 15,000 15,000 15,000 15,000 15,000 15,000
Difference between projected andactual earnings on investments
9/30/2014 5 - - - - - - 9/30/2015 5 125,000.00 25,000 25,000 25,000 25,000 25,000
Total Amortization - Deferred Ouflow 43,000 43,000 43,000 43,000 40,000 15,000
Deferred inflows of resources:Difference between expected and actual experience on the TPL
9/30/2014 5 - - - - - - - 9/30/2015 6 (30,000) (5,000) (5,000) (5,000) (5,000) (5,000) (5,000)
Difference between projected andactual earnings on investments
9/30/2014 5 (75,000.00) (18,750) (18,750) (18,750) (18,750) 9/30/2015 5 - - - - -
Total Amortization - Deferred Inflow (23,750) (23,750) (23,750) (23,750) (5,000) (5,000)
Net Amortization (PENSION EXPENSE) 19,250 19,250 19,250 19,250 35,000 10,000
Amortization Year = REPORT DATE
24
Year 2 – What can we expect? – Journal Entry
Entry # 1 Account Dr CrTo record the beginning Net Pension Liability and Deferred Outflow at MD 9/30/14, per GASB 68
Net Position 10,000,000 -Net Pension Liability - 10,000,000
Deferred Outflow 900,000 -Net Position - 900,000
Entry # 2 Account Dr CrTo record current year deferred outflow for employer contribution and change in NPL
Pension Expense 1,500,000 Net Pension Liability 1,500,000
Deferred Outflow 300,000 Pension Expense 300,000
25
Year 2 – What can we expect? – Journal EntryEntry # 3 Account Dr CrTo record opening D/O and D/I from Prior Year and Record CY D/O and D/I
Deferred Outflow - Changes in assumptions: 12,000 Deferred Inflow - Diffbetween projected and actual earnings on investments 75,000
Net Position 63,000 75,000 75,000
Deferred Outflow - Changes in assumptions: 90,000 Deferred Outflow - Diff. between projected and actual earnings on investments 125,000
Deferred Inflow - Diff.between expected and actual experience on the TPL 30,000 Pension Expense 185,000
215,000 215,000
Entry # 4 Account Dr CrTo record amortization of D/O and D/I
Amortization - Deferred Outflow 3,000 Amortization - Deferred Outflow 15,000 Amortization - Deferred Outflow 25,000
Amortization - Deferred Inflow 5,000 Amortization - Deferred Inflow 18,750
Pension Expense 19,250 43,000 43,000
26
NPL – Due within one year?GASB – Implementation Guide (2015-1)
7.22.6. Q – If a government reports a liability for pensions or OPEB in its government-wide statement of net positon, how is the “amount due within one year” determined?
A – If the employer reports a net pension liability under Statement 68, the amount of the net pension liability that is “due” within one year is the amount of benefit payments expected to be paid within one year, net of the pension plan's fiduciary net position available to pay that amount. Therefore, there would be no amount that is “due” within one year unless the pension plan's fiduciary net position is less than the amount of benefit payments expected to be paid within one year.
27
NPL – Due within one year? (continued)
28
NPL related to HIS should include a portion classified as “to be paid in one year” for the City’s proportionate share of the approximate $389.226 million ($440m less $50.774m)
NPL – Due within one year? (continued)
Implementation StoriesTalk to your providers before you revise entries
What happened to our Net Pension Asset?
One plan, or two (or three)?
Valuation Date vs. Measurement Date vs. Reporting Date.
29
30
Issues and Challenges – FRS SpecificConfusion as to what figures to use for the RSI schedules as they relate to covered employee payroll for September 30, 2016 year-end cost-sharing employers:
The cost-sharing employer’s covered payroll for purposes of the Schedule of Employer Contributions should be for the year ended September 30, 2016.The cost-sharing employer’s contractually required contributions for purposes of the Schedule of Employer Contributions should be for the year ended September 30, 2016.
Confusion as to what figures to use for the RSI schedules as they relate to covered employee payroll for September 30, 2016 year-end cost-sharing employers (continued):
Reporting these amounts as of June 30th is a common mistake made by employers. Check the prior year amounts reported.
For purposes of reporting covered employee payroll for the HIS Plan, cost-sharing employers may mistakenly omit Investment Plan payroll amounts which contributed to the HIS Plan.
31
32
GASB 73 OverviewThis statement sets the standards for the following:
Financial reporting for pension assets that are not within the scope of GASB Statement No. 68.Clarifying amendments to GASB Statements 67 and 68Accounting and Financial Reporting by Employers for pensions that are not within the scope of GASB Statement No. 68. This will require:
The Employer to provide financial note disclosures similar to those required by GASB Statement No. 68.Any assets related to the pension plan should be considered assets of the employer.A single employer will recognize the TPL as its pension liability.
33
Financial reporting for pension assets that are not within the scope of GASB Statement No. 68
Where are assets reported for pensions not administered through a trust?
As provided by GASB Statement No. 73, any assets accumulated for pension purposes not within the scope of GASB Statement No. 68 should be reported as assets of the employer.If the government holds the assets in a fiduciary capacity, these assets should be reported as an Agency Fund.
This requirement is effective for fiscal years beginning after June 15, 2015.
34
Clarifying amendments to GASB Statements 67 and 68
The following clarify amendments to GASB Statements 67 and 68, effective June 15, 2015:
Information in the Notes to the 10-year Schedules of Required Supplementary Information related to investment-related factors that significantly affect trends should be limited to factors over which the pension plan or employers have influence. External factors should not be presented.Other clarifying amendments include:
Accounting and financial reporting for separately finance specific liabilities.Revenue recognition for support of non-employer contributing entities that are not in a special funding situation.
35
Accounting and Financial Reporting by Employers for pensions that are not within the scope of GASB Statement No. 68
This statement is for accounting and financial reporting for pensions that are not within the scope of GASB Statement 68.Defined benefit and define contribution pensions are not within the scope of Statement No. 68 if they are not administered through trusts. The criteria of a pension administered trough a trust as defined by GASB are:
Contributions from employers to the pension plan are irrevocable, including investment earnings; Plan assets are dedicated to providing pensions to plan members in accordance with benefit terms; andPlan assets are legally protected from the creditors of the employers and plan administrator. For a DB pension plan, plan assets must also be legally protected from the creditors of plan members
36
Accounting and Financial Reporting by Employers for pensions that are not within the scope of GASB Statement No. 68 (Continued)
Employers will be reporting pension plans similar to reporting under GASB 68 with the following differences:
Since the assets accumulated for the pension plan are reported as assets of the employer, pension expense for the period will be the changes in the TPL during the current period with the exception of:
Differences between expected and actual economic/demographic experienceChanges in assumptions about future economic and demographic factors or other inputs
The above factors should be recognized over a closed period equal to the average of the expected remaining service lives of all employees.Amounts paid by the employer for pension benefits should not be recognized in pension expense.
37
Accounting and Financial Reporting by Employers for pensions that are not within the scope of GASB Statement No. 68 (Continued)
Employers will be reporting pension plans similar to reporting under GASB 68 with the following differences (continued):
The description of the plan should include the fact that there are no assets accumulated in the plan that meet the criteria of a plan being administered through a trust.The discount rate is based solely on municipal bond yields.Required Supplementary Information will include:
10-year schedule of changes in the TPL10-year schedule of TPL as a percentage of covered-employee payroll
Requirements that address accounting and financial reporting by employers for pensions that are not within the scope of GASB Statement No. 68 are effective for fiscal years beginning after June 15, 2016.
38
39
OverviewThe objective of this Statement is to improve consistency in the application of pension accounting and financial reporting requirements by addressing certain issues that have been raised with respect to Statements No. 67, No. 68 and No. 73. This includes:
Presentation of payroll related measures in RSISelection of assumptionsClassification of Employer paid member contributions
These requirements are effective for reporting period beginning after June 15, 2016. Earlier application is encouraged.
40
Presentation of payroll related measures in RSIFor single-employer and cost-sharing pension plans administered through a trust (GASB 67) and employers that provide pensions through such plans (GASB 68):
The measure of payroll to be presented in the RSI schedules should be covered payroll.
Covered payroll has been clarified to payroll on which contributions to a pension plan are based.
This may exclude overtime, paid time off, or any other excluded payroll as per the plan document
41
Classification of Employer-Paid Member Contributions
Payments made by an employer to satisfy contribution requirements that are identified by the pension plan terms as plan member contribution requirements should be classified as plan member contributions. For purposes of applying GASB Statement No. 68, including for purposes of determining a cost-sharing employer’s proportion, those amounts should be classified as employee contributions. An employer’s expense and expenditures for those amounts should be recognized in the period for which he contribution is assessed and classified in the same manner as the employer classifies similar compensation other than pensions (for example, as salaries and wages or as fringe benefits).
Questions?
42
Single Audit Updatepresented by Beila Sherman
Effective Date Reminders and ImplementationKey Audit Areas with Changes or Transitional Issues
Uniform Guidance OverviewAuditee RequirementsEvaluating and Reporting Findings under Uniform Guidance
Helpful Websites
Objectives for The Session
2
3
December 2013 —Final Uniform GuidanceDecember 2014 —Joint Interim Final Rule
Accomplished agency adoption of Uniform GuidanceNot totally uniformTechnical corrections (some UG shoulds changed to must)
Non federal entities implement the new administrative requirements and cost principles for all new federal awards made on or after December 26, 2014 and to incremental fundingAudit requirements effective for audits after December 26, 2015
Key Dates – Uniform Guidance
4
Auditee needs to determine federal agency differences first since it relates to their complianceA few examples of differences:
Department of Defense did not apply the Uniform Guidance requirements to incremental fundingDepartment of Housing and Urban Development does not permit certain costs that would otherwise be allowable under the UG
Understand Agency Differences
5
6
7
Audit threshold (200.501)Low risk auditee determination (200.520)Auditor prepares SEFA (200.510)Major program determination based on risk (200.518)Compliance supplement overall format (Appendix XI)Testing internal control and compliance (200.511)Report (200.515)Submitting to Federal Audit Clearinghouse (FAC) (200.512)Audit follow-up and corrective action (200.511)
Audit Requirements – Key Sections with Changes
Uniform Guidance revised the threshold for a single audit upwardWhen a non-federal entity expends federal awards (either direct or indirect awards) in excess of $750,000 in their fiscal year, a single audit is requiredWhen a non-state entity expands State awards (either direct or indirect) Sections 215.97(2)(a) and 215.97 (8)(a) Florida Statutes states threshold equal to or in excess of $750,000 in a fiscal year.
Single Audit Threshold Revised
8
Must meet all of the following for each of the two preceding years:
Annual single audits, including timely filing with Federal Audit Clearinghouse (FAC)Unmodified opinions on financial statements in accordance with a generally accented accounting principles (GAAP) Unmodified in-relation-to opinion on the SEFANo material weaknesses in internal control over financial reportingNo auditor reporting of going concern
Low-Risk Auditee Status
9
Program-Level CriteriaNo program had any the following in either of the two preceding years in which they were Type A programs:
material weaknesses in internal control over compliancemodified opinion on a major programknown or likely questioned costs > 5% of expenditures for a Type A program
Low-Risk Auditee Status
10
11
Face of SEFA must include all federal awards expended including:Noncash AssistanceLoan programs (beginning balance of outstanding loans plus loans disbursed during period plus interest subsidy, cash, or administrative cost allowance)Loan guarantee programsAmounts passed through to sub-recipients for each program
Schedule of Expenditures of Federal Awards (SEFA)
12
Footnotes to SEFA must include:Significant accounting policiesOutstanding loan balances at end of audit periodWhether or not entity used 10% de minimus cost rate
Schedule of Expenditures of Federal Awards (SEFA)
13
AuditeesAreas Highlighted:
Review of Risk (2CFR section 200.331(b))Pass-through entities required to evaluate risk associated with a recipient Sub-recipients prior experience with these types of awardsResults of prior auditsNew personnel or new systemsAnd agency monitoring of sub-recipient
Procurement Standards (2 CFR section 200.318(b))Maintaining “oversight”
Areas Highlighted (continued):Procurement Standards (continued)
Addressing conflicts of interest – requires nonfederal entity to have “strong policies preventing organizational conflicts of interest” and must disclose any such conflicts to the awarding agency
Mandatory DisclosuresIn a timely manner (“timely” is not specifically identified) nonfederal award entities must disclose in writing any violations of federal criminal law involving fraud, bribery, or gratuity violations affecting the award; failure to disclose could result in suspension or debarment
Auditees
Internal ControlsEntities must establish and maintain effective internal control over federal awards that provides reasonable assurance that the non-federal entity is managing its federal award in compliance with federal statutes, regulations, and the award terms and conditionsInternal control should (as in a best practice) be in compliance with the Green Book (COSO)Must take reasonable measures to safeguard protected personally identifiable information
Auditees
Here are the titles of the internal control principles by internal control component as presented in COSO’s 2013 Framework:
Control EnvironmentDemonstrates commitment to integrity and ethical valuesExercises oversight responsibilityEstablishes structure, authority, and responsibilityDemonstrates commitment to competenceEnforces accountability
Internal Control Framework
Risk AssessmentSpecifies suitable objectivesIdentifies and analyzes riskAssesses Fraud RiskIdentifies and analyzes significant change
Control ActivitiesSelects and develops control activitiesSelects and develops general control over technologyDeploys through policies and procedures
Internal Control Framework
Information & CommunicationUses relevant informationCommunicates InternallyCommunicates eternally
MonitoringConducts ongoing and/or separate evaluationsEvaluates and Communicates deficiencies
Internal Control Framework
CertificationsAnnual and final fiscal reports, or vouchers requesting payments, must include a certification signed by an official who is authorized to legally bind the nonfederal entity Certification attests among other things that document is true, complete, and accurate to best of knowledge and belief; Possible civil, criminal, or administrative penalties for fraud, false statements, false claims, or otherwise.
Auditees
Written PoliciesIncreased scrutiny and oversight can be expected from federal agencies and other fundersAuditees should create, or update, their policies and procedures
Do not rely on verbal communications as to how to perform tasksIf there are written policies when were they last updated
Written policies provide reasonable assurance that the organization can safeguard federal funds
Auditees
Written Policies (continued)Improve internal control in an organization by creating enforceable rules that can reduce the instances of fraud, waste, and abuseGive a viable defense (as long as the policies are followed) in case of a governmental audit providing reasonable assurance to an auditor that the organization is making a good faith attempt to comply with grant requirements
Auditees
Areas within the Uniform Guidance Sections referencing written policies:
Financial management (Subpart D, section 200.302)Payment (Subpart D, section 200.305)Procurement (Subpart D, sections 200.318-320)Compensation (Subpart E, sections 200.430-431)Relocation costs (Subpart E, sections 200.464)Travel costs (Subpart E, section 200.474)
Written Policies
Preparation of the SEFA is the responsibility of the auditeeSEFA based on when amounts expended (includes accruals)Cash management compliance requirement based on when paidMajor program determination is the auditor responsibility (based on SEFA provided by auditee)
Auditees and Auditor Responsibilities
Failure to combine same CFDA#s as one program for major program determination and testingClusters not treated as one program for major program determination and testingFailure to consider clusters from different agenciesFailure to identify federal expenditures when passed through a non federal entityData Collected Form (DCF) not filed or filed late
Common Deficiencies
Award Type
Amounts passed through to subrecipientsDonated propertyEndowmentsFood commoditiesGrants, cost reimbursement contractsInsuranceInterest subsidiesLoan and loan guaranteesProgram income
Basis for determining when expended
When disbursed to subrecipientWhen property is receivedWhen federally restricted amounts are heldWhen food commodities are distributed or consumedWhen expenditure transaction occursWhen insurance is in forceWhen amounts are disbursed entitling entity to subsidyWhen loan proceeds are usedWhen received or used
When is a Federal Award Expended?
26
Types of Noncash Awards
EndowmentsFood stamps, food commodities, donated property (including donated surplus property)Free rentInsurance
Basis Used to Determine Value
Value equals the cumulative balances of federally restricted amounts.Value equals the fair value at the time of receipt or the assessed value provided by the federal agency.Value equals fair value at the time of receipt or the assessed value provided by the federal agency. Free rent is not considered an award expended unless it is received as part of an award to carry out a federal program.Value equals the fair value of the insurance contract at the time of receipt, or the assessed value provided by the federal agency.
Determining Value of Noncash Awards Expended
27
Types of Noncash Awards
• Loans and loan guarantees (loans), including interest subsidies
• Loans at institutions of higher learning
Basis Used to Determine Value
• Value equals amount of new loans made or received during the fiscal year plus the balance of loans from previous years for which the federal government imposes continuing compliance requirements, plus any interest subsidy, cash, or administrative cost allowance received. The proceeds of loans that were received and expended when the laws, regulations, and the provisions of contracts or grant agreements pertaining to such loans impose no continuing compliance requirement other than to repay the loans.
• Value the same as for loans and loan guarantees (loans), including interest subsidies, except that when loans are made to students, but the institution of higher education does not make the loans, the value equals only the amount of new loans made during the year. The balance of loans for previous years is not considered federal awards expended because the lender accounts for the prior balances.
Determining Value of Noncash Awards Expended
28
29
Step 1Identify Type A programs
Step 2Identify low-risk Type A programs
Step 3Identify high-risk Type B programs
Step 4 Determine major programs to audit
Major Program Determination and Risk Assessment
30
Consolidated 8 circulars into one documentAdministrative Requirement Circulars
A-89 Program InformationA-102 States and Local GovernmentsA-110 Not For Profit OrganizationsA-50 Audit Follow-Up
Cost PrinciplesA-21 Educational InstitutionsA-87 State and Local GovernmentsA-122 Not For Profit Organizations
Audit RequirementsA-133 Single Audit
Uniform Guidance
31
Subpart A - Acronyms and DefinitionsSubpart B - General ProvisionsSubpart C - Pre-Federal Award Requirements and Contents of Federal AwardSubpart D - Post Federal Award RequirementsSubpart E - Cost PrinciplesSubpart F Audit Requirements Appendix I - Notice of Funding OpportunityAppendix II - Contract provisions for non-Federal entity contracts under Federal awardsAppendix III - Indirect (F&A) costs identification and assignment, and rate determination for Institutions of Higher Education (IHEs)
Uniform Guidance Contents
32
Appendix IV - Indirect (F&A) costs identification and assignment, and rate determination for nonprofit organizationsAppendix V - State/local government and Indian tribe-wide central service cost allocation plansAppendix VI -Public assistance cost allocation plansAppendix VII - State and local government and Indian tribe indirect cost proposalsAppendix VIII - Nonprofit organizations exempt from Cost PrinciplesAppendix IX Hospital Cost PrinciplesAppendix X Data Collection FormAppendix XI Compliance Supplement
Uniform Guidance Contents
33
No changes in the Yellow Book reportNo significant changes to Single Audit reporting
References to "OMB Circular A-133" in report changed to "Uniform Guidance“Need to watch for notes to the SEFA (can have old and new cost principles)If a finding is repeated it is given a current year number such as 2016-001 and stated that previously reported as 2015-001
Reporting Items
34
35
UG Finding Elements
2
3
4
56
7
8
9
101
[ENTITY'S LETTERHEAD]
CORRECTIVE ACTION PLAN
[Date]
Cognizant or Oversight Agency for Audit
[Name of Entity] respectfully submits the following corrective action plan for the year ended [Date] .
Name and address of independent public accounting firm:
Audit period:
Corrective Action Plan Example
36
FINDINGS—FINANCIAL STATEMENT AUDIT
SIGNIFICANT DEFICIENCY
20X2-Payroll001
Recommendation: Procedures should be implemented requiring the completion of an application form and the written approval of a senior officer prior to adding new employees to the payroll.
Action Taken: We concur with the recommendation, and it was implemented effective [Date].
MATERIAL WEAKNESS
Corrective Action Plan Example (continued)
37
FINDINGS—FEDERAL AWARD PROGRAMS AUDITS
DEPARTMENT OF ENERGY
20X2- Weatherization Assistance of Low-Income Persons—CFDA No. 003 XX.XXX.
Significant Deficiency: See Finding 20X2-001.
20X2- Weatherization Assistance of Low-Income Persons—CFDA No. 004 XX.XXX.
Recommendation: ABC Organization should again verify the eligibility of the recipients whose documentation could not be located. Procedures for approval and storage of verification documents should be reviewed.
Action Taken: Since the date of the exit conference, we have located documentation of low income status for two of the three grants referred to in this finding. The low income status has been re-verified for the third grant. Copies of the documentation are attached.
We have met with the officials and employees responsible for completion and the filing of the low income status documentation and believe the third instance was completed and has been misfiled. We discussed with the officials and employees the importance of not only completing the documentation, but also the importance of its proper filing.
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Corrective Action Plan Example (continued)
38
Amounts in data collection form (DCF) should be the same as SEFAAuditee authorizes FAC to make reporting package publicly availableAuditees and auditors must ensure their respective parts do not include protected personally identifiable information (PPll)Auditee must do final submission
Federal Audit Clearinghouse (FAC)
39
40
No universal rule for classifying certain costs as either direct or indirect, However, each item of cost incurred for the same purpose should be treated consistently
Direct costs are those which can be specifically identified with a particular federal award – i.e. salaries and benefits of employees who work on the program, costs of materials, etcAdmin and clerical salaries are normally indirect costs
Examples of other indirect costs – depreciation (if allowed by the federal program), facility maintenance costs, personnel administration, accounting;
Cost Principles - Highlights
41
Compensation – Personal Services
Allowable cost requirements have changes
More emphasis on IC over these costs and less prescriptive regarding documentation
Allows a non-federal entity to replace detailed time and effort reports and supervisor certifications (signoffs) with performance-based reporting, based on milestones
Cost Principles - Highlights
42
Compensation – Personal Services (continued)Standards for Documentation of Personnel Expenses – charges for payroll must be based on records that accurately reflect work performed. These records must:
Be supported by a system of internal control which provides reasonable assurance that the charges are accurate, allowable and properly allocatedBe incorporated into the official records of the entity (payroll policy)Reasonably reflect the total activity for which the employee is compensated by the entityComply with established accounting policies and practices of the entityMust support the distribution of the employee’s salary among specific or cost activities if the person works on more than one awardBudget estimates determined before the services are performed alone do not qualify as support for fed award charges
Cost Principles - Highlights
43
44
Useful Websites
45
Online Resources for Uniform Guidance
www.cfda.gov Catalog of Federal Domestic Assistance
http://harvester.census.gov/sac Federal Audit Clearinghouse
www.USASpending.gov ARRA reporting website
www.whitehouse.gov/omb/grants OMB Compliance Supplements and Circulars
https://cfo.gov/cofar Council on Financial Assistance Reform
Questions?
46
Common Reporting Deficienciespresented by Jim Wilkinson
Where is Providence?
2
Where is Providence?
3
Where is Providence?
4
MD&AGovernment-wide statementsGovernmental fundsProprietary fundsNote disclosuresRSIIntroductory sectionStatistical section
Our Agenda
5
6
The “A” means “Analysis”Quantifying $ and % changes is not enoughProvide reader with the whyGive them reasons, details and provide contextStick to the facts, don’t get into opinions
Keep it clear, but conciseRefer readers to the notes, instead of repeating informationBe sure to update for final figures in the notes & statements
Expectations for comparative informationStick to required elements
use transmittal letter and supplemental information for going “out-of-bounds”
MD&A
7
8
GASB #65 – Deferred Inflows and OutflowsDeferred Outflows (follows Assets)
Debit balance, positive effect on Net PositionConsumption of net assets applicable to future period
Deferred amounts from refundingPension-related items
Deferred Inflows (follows Liabilities)Credit balance, negative effect on Net PositionAcquisition of net assets applicable to future period
Grant received in advance of time requirementPension-related items
Deferrals have strict definition per GASB
Government-wide statements
9
TerminologyNet Position
Formerly, Net AssetsNet Investment in Capital Assets
Formerly, Invested in Capital Assets, net of related debtAvoid term “Fixed Assets” (many not fixed)
ExpensesExpenditures are only applicable to governmental funds
If there is no debt related to capital items should not say “net”
Search for keywords: “net assets”, “net of related debt”, “general fixed asset account group”, etc. (still see issues here)
Government-wide statements
10
11
GASB #54 Fund Balance DisclosuresDisclose by specific purpose, not by function
For example:City Hall Renovation, not General GovernmentHealth Center Operations, not Social ServicesSnow Removal, not Roads and Bridges
Order for categorization:Non-SpendableRestrictedCommittedAssignedUnassigned
Can’t create assigned if unassigned is negative
Governmental funds
12
Special Revenue FundsShould have significant external revenue source dedicated to purpose of fund (20% rule)Should not have significant capital outlays
Utilize Capital Project FundDon’t ignore recording of capital lease as Other Financing Source and Capital Outlay upon execution of transaction
Major Fund DeterminationRe-check determination often
Initial closing, after audit AJEs (watch for updates to MD&A and notes)Option to always treat a fund as major, if desired
Governmental funds
13
14
When to report debtWhen proceeds are used by proprietary fund, orWhen debt is to be repaid by proprietary fund
even when debt is general obligation of governmentBe sure to report revenues by major source on face of statement of revenues, expenses and changes in net positonRevenues should be reported net of all discounts and allowances, so avoid reporting bad debt expense (contra revenue item)Avoid reporting designations of net position on face of statement of fund net position – disclose in notes
Proprietary funds
15
16
Will we ever get a new GASB Statement that doesn’t add new pages of notes? Avoid adding boiler-plate or generic notes that don’t apply to, and remove notes that no longer apply Be sure to check the cross-referencing of amounts from financials to notes (one minor last-minute changes can effect range of related notes, RSI, statistical tables, etc.)Long-term debt roll-forward
Needs to be presentedNeeds to include all long-term liabilities including
Compensated absencesClaims and judgementsPension and OPEB liabilities
Note disclosures
17
Disclose purpose of each fund and which revenues are being reported
For example - The Substance Abuse Fund is used to account for grant revenues received from the federal and state governments that are restricted to spending on drug abuse prevention services.
Fund balance disclosuresEncumbrances are not a purpose – reclass to applicable category of restricted, committed or assigned balancesFund balance spending policy – in which order do “buckets” get expendedDescribe process to make assignments, and who holds powers
If referring to website, provide specific URL and not simply address of homepage
“just to Google it”
Note disclosures
18
For advance refundings of debt – must disclose funds held in trust for making future debt service payments until maturity or callFor all refundings, payments made with new debt are “other financing uses”For all refundings, receipts of new debt “other financing source”For Revenue Bonds
Disclose specific revenues pledged and approximate amountsTerms of the commitment (until maturity, number of years, etc.)Effect of the pledge on operations (what will fund what that revenue was being used for)
Note disclosures
19
On the horizon-GASB #68 and other pension changes will be getting some feedback for common items that can be done betterGASB # 72 – Fair ValueGASB # 77 – Tax Abatements
Note disclosures (continued)
20
21
Budgetary schedules for general and special revenue funds withlegally adopted budgets; others can be presented assupplementary information (SI) ( SI not required if notpresenting at CAFR)Avoid duplication of information already presented in notes
Decide on best position for presentationNotes to RSI or Notes to financial statementsBudget information generally presented as Notes to RSIPension and OPEB information is needed in both areas, so have rationale for which is presented where
Watch for presenting required number of years of information,disclosing to reader if presentation is “being built” on aprospective basis, or is unavailable if historical
RSI
22
23
Transmittal letter can’t be dated earlier than auditor’s opinion(FS must be audited before CAFR can be transmitted)All the information you want to put in the MD&A but couldn’tbecause of GASB #34 limitations “could” be included intransmittal letter
Be judicious – is it really relevant to readerAvoid opinions and political positions
“While the net position of our governmental activities is negative $1.3 billion and our general fund is insolvent, the mayor has been doing a great job and deserves another term at the helm.”
Focus on highlights and significant matters – does 25 cent bounty on woodchuck noses really need to be discussed in detail with historical background?
Don’t repeat info included elsewhere in the CAFR
Introductory section
24
25
Net General Obligation Debt should be net of:DiscountsPremiumsOther related amounts (deferrals from refundings, etc.)
Debt Service Ratio – P+I should not be deducted from non-capital expenditures when calculating ratio
(Debt Service Principal +Interest) / (Total Expenditures – Capital Outlay Expenditures)Don’t also reduce Total Expenditures by P+I
There is flexibility for adding relevant multi-year info to Stat Section, but ensure relevant
For example, are 20 pages of financials and notes enhanced by 165 pages of statistical section material?
Statistical section
26
Questions?
27
Cyber Breach ResponseJulie F. KlahrGoren, Cherof, Doody & Ezrol, [email protected]
Now what?!?
Hollywood Presbyterian Medical Center in L.A.
HACKED FOR RANSOM FEBRUARY 2016“Patient care has not been compromised in any way,”
“Further, we have no evidence at this time that any patient or employee information was subject to unauthorized access.”(Excerpt from Article by Justin Wm. Moyer, Washington Post, February 18, 2016)
City of Sarasota2014
Audit of IT Dept revealed vulnerabilitiesWhistleblower turned over information & evidence of breaches & unreported vulnerabilitiesJobs were lostLaw enforcement involvedFixes put in placeVulnerabilities addressed
No good deed goes unpunished…
BREACH RESPONSE PLAN
What type of information?Fire\EMS – medical records\PHIHR – personally identifying information
Name, addressDate of BirthDriver’s License NumberSocial Security Number
Building Dept.Electronic building recordsSecurity Systems
MallsHospitalsTheatersStadiums
UtilitiesWater, gas, electric
Security of Confidential Personal Information -§501.171, Fla. Stat.
REQUIREMENTS FOR DATA SECURITY.—Each covered entity, governmental entity, or third-party agent shall take reasonable measures to protect and secure data in electronic form containing personal information.
§501.171, Fla. Stat., cont.“Covered Entity”
means a sole proprietorship, partnership, corporation, trust, estate, cooperative, association, or other commercial entity that acquires, maintains, stores, or uses personal information. For purposes of the notice requirements in subsections (3)-(6),the term includes a governmental entity.
§501.171, Fla. Stat., cont.“Governmental Entity”
means any department, division, bureau, commission, regional planning agency, board, district, authority, agency, or other instrumentality of this state that acquires, maintains, stores, or uses data in electronic form containing personal information.
§501.171, Fla. Stat., cont.“Data in Electronic Form”
means any data stored electronically or digitally on any computer system or other database and includes recordable tapes and other mass storage devices.
§501.171, Fla. Stat. -“Personal Information”
means either of the following:
a. An individual's first name or first initial andlast name in combination with any one or more of the following data elements for that individual:
(I) A social security number;(II) A driver license or identification card number, passport number, military identification number, or other similar number issued on a government document used to verify identity;
§501.171, Fla. Stat. -“Personal Information”
(III) A financial account number or credit or debit card number, in combination with any required security code, access code, or password that is necessary to permit access to an individual's financial account;(IV) Any information regarding an individual's medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional; or
§501.171, Fla. Stat. -“Personal Information”
(V) An individual's health insurance policy number or subscriber identification number and any unique identifier used by a health insurer to identify the individual.
b. A user name or e-mail address, in combination with a password or security question and answer that would permit access to an online account.
§501.171, Fla. Stat. -“Personal Information”
The term does not include information about an individual that has been made publicly available by a federal, state, or local governmental entity. The term also does not include information that is encrypted, secured, or modified by any other method or technology that removes elements that personally identify an individual or that otherwise renders the information unusable.
§501.171, Fla. Stat. –Requirements For Data Security
Each covered entity, governmental entity, or third-party agent shall take reasonable measures to protect and secure data in electronic form containing personal information.
§501.171, Fla. Stat. –“Breach of Security” or “Breach”
means unauthorized access of data in electronic form containing personal information. Good faith access of personal information by an employee or agent of the covered entity does not constitute a breach of security, provided that the information is not used for a purpose unrelated to the business or subject to further unauthorized use.
§501.171, Fla. Stat. –In the Event of a Breach
Notice is required to be provided to:FL Dept of Legal Affairs
a/k/a Attorney General’s OfficeIndividualsCredit Reporting AgenciesNotice by Third PartiesAnnual Reports
§501.171, Fla. Stat. –Notice to Dept/AGO
When?Any breach of security affecting 500 or more individuals in this stateMust be provided as expeditiously as practicableBut no later than 30 days after the determination of the breach or reason to believe a breach occurred.
§501.171, Fla. Stat. –Notice to Dept/AGO
What?1. A synopsis of the events surrounding thebreach at the time notice is provided.2. The number of individuals in this state whowere or potentially have been affected by thebreach.3. Any services related to the breach beingoffered or scheduled to be offered, withoutcharge, by the covered entity to individuals,and instructions as to how to use such services.
§501.171, Fla. Stat. –Notice to Dept/AGO
4. A copy of the notice required under subsection (4) or an explanation of the other actions taken pursuant to subsection (4).5. The name, address, telephone number, and e-mail address of the employee or agent of the covered entity from whom additional information may be obtained about the breach.
§501.171, Fla. Stat. –Notice to Dept/AGO
If requested by the DeptA police report, incident report, or computer forensics report.A copy of the policies in place regarding breaches.Steps that have been taken to rectify the breach.
May provide supplemental information at any time.
§501.171, Fla. Stat. –Notice to Individuals
To Whom?
To each individual in this state whose personal information was, or it is reasonably believed to have been, accessed as a result of the breach.
§501.171, Fla. Stat. –Notice to Individuals
TimingAs expeditiously as practicableWithout unreasonable delay, taking into account the time necessary
to determine the scope of the breach of securityto identify individuals affected, andto restore the reasonable integrity of the data system that was breached,
No later than 30 days following breach
§501.171, Fla. Stat. –Notice to Individuals
Extension15 additional days if good cause for delay is provided in writing to the department within 30 days after determination of the breach or reason to believe a breach occurred.
§501.171, Fla. Stat. –Notice to Individuals
DelayIf law enforcement agency determines that notice would interfere with a criminal investigationUpon the written request of the law enforcement agencyFor a specified period determined reasonably necessary by law enforcement.Subsequent written request
Revoke, orExtend delay to a specified date if necessary.
§501.171, Fla. Stat. –Notice to Individuals
WaiverDetermined that the breach has not and will not likely result in identity theft or any other financial harm to the individuals whose personal information has been accessed.Determination must be made in consultation with law enforcement.
§501.171, Fla. Stat. –Notice to Individuals
Waiver must be documented in writing Maintained for at least 5 years. Provided to the Dept/AGO within 30 days after the determination.
§501.171, Fla. Stat. –Notice to Individuals
ContentsAt a minimum, shall include:
The date, estimated date, or estimated date range of the breach of security.A description of the personal information that was accessed or reasonably believed to have been accessed as a part of the breach of security.Information that the individual can use to contact the covered entity to inquire about the breach of security and the personal information that the covered entity maintained about the individual.
§501.171, Fla. Stat. –Notice to Individuals
Method
Written notice sent to the mailing address of the individual in the records of the covered entity; orE-mail notice sent to the e-mail address of the individual in the records of the covered entity.
§501.171, Fla. Stat. –Notice to Individuals
Substitute Noticeif such direct notice is not feasible because the cost of providing notice would exceed $250,000, because the affected individuals exceed 500,000 persons, or because the covered entity does not have an e-mail address or mailing address for the affected individuals. Such substitute notice shall include the following:1. A conspicuous notice on the Internet website of the covered entity if the covered entity maintains a website; and2. Notice in print and to broadcast media, including major media in urban and rural areas where the affected individuals reside.
§501.171, Fla. Stat. –Notice to Individuals
Substitute notice shall include the following:A conspicuous notice on the Internet website of the covered entity if the covered entity maintains a website; andNotice in print and to broadcast media, including major media in urban and rural areas where the affected individuals reside.
§501.171, Fla. Stat. –Notice to Credit Reporting Agencies
Affects more than 1,000 individuals at a single timeNotice to ALL consumer reporting agenciesNotice of the timing, distribution, and content of the notices being sent to the individuals
§501.171, Fla. Stat –Third-Party Agents (3P)
Definition: An entity that has been contracted to maintain, store, or process personal information on behalf of a covered entity or governmental entity.Who would that be in your agency?
Billing agent (Fire\EMS, utilities)Cloud storagePrivate operator of city facility – theater, pool, golf course
§501.171, Fla. Stat. –Third Party Agents (3P)
3P notifies covered entity (YOU) of a breachExpeditiously as practicable, but no later than 10 days following breachIT IS THE COVERED ENTITIES’ RESPONSIBILITY TO NOTIFY THE DEPT/AGO & INDIVIDUALS
May contract with 3P to provide notice, but covered entity remains liable
§501.171, Fla. Stat. –Annual Report
By February 1st each yearDept\AGO reports the nature of any reported breaches of security by governmental entities or their 3P agents in the preceding year
President of FL SenateSpeaker of FL House of RepsIncludes recommendations for security improvementsIncludes the identity of gov. entities that violated these notice requirements
§501.171, Fla. Stat –Enforcement
Violation treated as unfair or deceptive trade practiceCivil penalties up to $500,000.00
$1,000 for each day up to 1st 30 days for which notice violations occur$50,000 for each subsequent 30-day period or portion thereof up to 180 daysIf violation continues > 180 days, up to $500.000
Other lawsHealth Insurance Portability and Accountability Act (HIPAA)
Fair Debt Collection Practices Act
Federal Trade Commission Health Breach Notification Rule
Other ConcernsDuty to Mitigate
Credit Monitoring ServicesCredit Repair Services
Disposal of Data
ResourcesFederal Trade Commission
Data Breach Response: A Guide for Businesshttps://www.ftc.gov/tips-advice/business-center/guidance/data-breach-response-guide-business
Office of Civil Rightshttp://www.hhs.gov/hipaa/for-professionals/security/guidance/index.html
QUESTIONS?
The Legal Side of New Impact Fee Regulations
Chad S. Friedman, Esq.Weiss Serota Helfman Cole & Bierman, P.L..
Impact Fee Definition
An impact fee is a charge on new development to pay for the construction or expansion of off-site capital improvements that are necessitated by and benefit the new development.Paid at the time of building permit application.
Creation of Impact Fees
Need to have a study supporting the adoption of the feeRational Nexus
Rational Nexus
The local government must demonstrate areasonable connection, or rational nexus, betweenthe need for additional capital facilities and thegrowth generated by the development beingcharged the impact fees; and
The government must specifically earmark thefunds collected for use in acquiring capital facilitiesto benefit the development charged the impact fees.
Types of Impact Fees
Florida Impact Fee Act (Fla. Stat., Sec. 163.31801)
Ordinance required for local governmentsResolution for special districtsMost recent and localized dataSeparate accountsAdministrative charges = costs90 days notice before adoption or increase Affidavit
Florida Impact Fee Act (Fla. Stat., Sec. 163.31801)
uditor General Requirementsor local governmental entities that adopted an impact fee byrdinance or resolution during the fiscal year, an “affidavit” signednd sworn to by the Chief Financial Officer before an officeruthorized to administer oaths (e.g., notary public), stating thathe entity complied with the requirements of Section63.31801(4), Florida Statutes. Auditor General Rulesor entities that had an impact fee adopted by ordinance on theirehalf, an affidavit signed and sworn to by the Chief Financialfficer before an officer authorized to administer oaths (e.g.,otary public) stating that the ordinance complied with theestrictions of Section 163.31801, Florida Statutes. Auditor Generalhecklist
Eligible Expenses
Capital improvements onlyExpansion or creation of facilities Cannot be used for repair/maintenance Need to be used for the purpose collected Typically must by used within 6 years
Examples
Acquire Park LandBuy Playground EquipmentExpansion of RoadNew Fire TruckSplit Improvements
Examples
QUESTIONS?
By Jose Antigua, CISA, ACDA, COBIT April 2016
From sm
all disruptions caused by unsophisticated attackers (Script Kiddies) tolarge Advanced Persistent Threats (APTs), cyber threats have been am
ong the topthree concerns
[i]that “keep the executives awake at night.” Perpetrators have
different motivations that include intellectual property theft, organized crim
e,terrorism
, espionage, revenge and money. Regardless the m
otivation, cyber-attacksare a fact, and anyone could be exposed; no industry or com
pany is imm
une.
This article provides information about the im
pact related to cyber-attacks andthe com
monly used attack techniques and proposes an integral approach to
cybersecurity. The purpose is to provide executives and managem
ent dealingw
ith information security or related areas, w
ith key recomm
endations designedto confront this grow
ing problem.
CYBER-ATTACKS IMPACT
The impact related to the global problem
of cyber-security can be put into perspective by using thefour categories of objectives from
the COSO
-ERM[ii]fram
ework: strategic, reporting (including
financial), operation and compliance.The organization’s overall strategy, including goals, initiatives
in relation to new technologies, products and services, and investm
ents, as well as client inform
ation,can be exposed, resulting in significant dam
age to a reputation that may have taken years to build.
In 2012, the National Cyber Security Alliance (N
CSA) presented a report whose key finding has been
of concern (consciously or not) to thousands of organizations in regards to their reputation: 60% of
small com
panies go out of business six months after a data breach
i.
CYBERSECURITY: An Integral Approach
As for financial effects,nowadays it has becom
e comm
on for small to m
id-size organizations toreceive suspicious em
ails requesting payment to a “vendor” overseas, resulting in average losses of
$25,000 to $75,000 US dollars per case. This scam
has been investigated by the FBI, which reports
more than 17, 000 victim
s in 79 countries. Losses rose to $2.3 billion from 2013 to 2016
[iii]. Beyondthose num
bers, financial losses additionally include hidden costs that surround the breach.
Although cyber-attacks can im
pact an organization in many different w
ays, the financial consequences tend to be the hardest to face, especially w
hen the attacker hijacks key assets in orderto extort m
oney. Anger, desperation and frustration follow these events in every case.
Availabilityis an im
portant concept for any type of business. No m
atter whether it refers to the
continuity of a data center, a customer service line, an online service or a m
obile device, a businessinterruption is an event that should raise concern. The m
ore the “Internet of Things” (IoT) conceptevolves, the m
ore dependent businesses (and individuals) become on netw
ork connectivity. Itappears that at som
e point in time, the w
ell-known “M
aslow’s hierarchy of needs”
[iv]pyramid w
illneed to m
ake room for internet connectivity. The California M
edical Center, which spent m
ore thana w
eek without netw
ork and had to pay 40 Bitcoins[v]to attackers in exchange for decryption of their
data in February 2016, and Sony pictures, whose em
ployees were locked out of the com
pany’s com
puter network as part of an attack against the com
edy “The Interview” in N
ovember 2014
[vi], aretw
o significant cases of operations interrupted by cyber-attacks.
Cybersecurity is also a compliance concern.Several regulations, standards and their representing
agencies require some level of protection from
cyber threats. Agencies such as the SecuritiesExchange Com
mission (SEC) [vii]
for public companies or the Federal Financial Institutions
Examination Council (FFIEC) [viii]include specific cybersecurity requirem
ents that should be met by
some or all of their related organizations. O
n the other hand, regulations and standards may include
HIPAA, FISM
A, GLBA, PCI, H
ITRUST and others.
CYBERSECURITY: An Integral Approach
NOTE ABOUT THE COMM
ONLY USED TECHNIQUES Attacks usually occur w
ith a combination of techniques and m
ight have different levels of sophisticationdepending on the attacker and the target. Verizon, in its D
ata Breach Report of 2015[IX], presented a list
of the four threat actions that hackers had been using for the previous four years; Credentials, Phishing,RAM
Scraper and Spyware/Keylogger (in order of frequency).
Credentials is one of the most com
mon threat actions because of its effectiveness, given the great
number of vulnerabilities related to system
s, applications and devices access. Phishing, usually com
bined with Social Engineering, takes advantage of the w
eakest link in the chain: the human factor.
RAM Scraper has been the favorite technique to attack Points of Sale (PoS) in retail, grow
ing significantlyin the last three years.
ww
w.m
arcumllp.com
AssetsVulnerabilities
Threats
CYBERSECURITY: An Integral Approach
AN INTEGRAL APPROACH TO CYBERSECURITYRegardless of the fact that reducing risk is not an easy task and that there is no risk-free environm
ent,the right approach to cybersecurity w
ill take the residual risk to a comfortable level. W
hichever the approach, it should include a com
bination of efforts and techniques to cover the areas with
greatest risks.
An integral approach arises from the follow
ing fact: vulnerabilities come from
different sourcesand consequently, all those sources should be addressed in light of the risk assessm
ent.
PART I: Risk Assessment
Going back to risk assessm
ent basics, an integral approach starts with the identification of risks
related to the achievement of the organization’s objectives. Considering that resources are lim
itedand not every system
component has the sam
e contribution to the objectives, it is necessary toprioritize. Trying to cover all aspects of all system
s can result in frustration.
It is of fundamental im
portance to understand the relationship among the assets (both physical
and logical), people, processes and technology, and their contributions to the objectives. Figure 1presents an overview
of the elements to consider in an inform
ation security risk assessment, w
hichserves as the starting point to address specific cybersecurity risks. O
ne of the “questions the boardneeds to ask” is: W
hat are the top five risks the organization has related to cybersecurity?[x].
Figure 1. Elements to consider in an Inform
ation Security Risk Assessment
Errors, Accidents,Ignorance
Poor design and/oroperations
Configuration, Unm
onitored,O
bsolescence, Location,Flaw
Natural Disasters
Unethical employees or
vendors
Hacktivism
andCybercrim
e
Corporate Espionage
People
Process
Technology
ww
w.m
arcumllp.com
PART II: Address vulnerability sourcesRisks occur w
hen threats exploit vulnerabilities. The following recom
mendations w
ill help reducethe risk level by addressing the sources of vulnerabilities:
A. PEOPLE
Consider initiatives for three different audiences: top level executives (including board),Inform
ation Technology team, and the overall group of em
ployees.
For top level executives, higher level training and risk assessment should be facilitated. To
mention a few
examples, articles such as “CO
SO in the cyber age” [xi]or “Cybersecurity: w
hat theboard of directors need to ask” [xii]have the language and proper level of detail to m
ake themfeel inform
ed enough to ask questions and provide direction.
For the Information Technology team
,a variety of technical and soft skills, as well as know
ledgeand experience are necessary (across different m
anagerial and operational positions) to prevent,detect and counteract. Know
ledge includes (but is not limited to) inform
ation security framew
orks,security standards, security architecture, vendor specific certifications, security law
s and regulations, and log m
anagement. Skills include understanding of security practices, strong
knowledge of operating system
s (such as Window
s and UN
IX), web services, netw
ork devicesand overall com
puter operations, accompanied w
ith analytical thinking, problem solving,
orientation to detail, comm
unication skills, leadership and process orientation. These skills andknow
ledge, accompanied by the respective experience, could be m
apped to qualificationsfound in available certifications and accreditations in order to have a baseline. H
ere are some
examples of w
hat is available in the market:
Do you need them
all? No. In these designations, som
e of the practice areas, domains,
requirements and know
ledge overlap. Depending on the size of the organization, its risk profile
and the availability of resources, the key is to have the right balance. Since it might not be
feasible to have an extensive security team, outsourcing is a good alternative. H
ighly specializedskills or skills not required on a regular basis could be outsourced. W
ith the right service agreem
ent, it should have the same (or even better) im
pact than having a full-time em
ployee.
Finally, for all employees,aw
areness is imperative. N
ow, being in front of such a big concern, it
is necessary to take this “awareness” to the next level, turning it into action. Tim
e and dedicationare required to obtain results from
“the weakest link in the chain.” In his article “H
ow to m
ove
CYBERSECURITY: An Integral Approach
-Certified Inform
ation Security Manager (CISM
)-
Certified Information Security Auditor (CISA)
-Cyber Security Practitioner (CSXP)
-Cyber Security Specialist (CSXS)
-Cyber Security Expert (CSXE)
-Certified Inform
ation Systems Security Professional (CISSP)
-Certified Ethical H
acker (CEH)
-Com
pTIA Security+-
COBIT 5 (IT G
overnance and Managem
ent)-
GIAC Security Essentials (G
SEC)-
Cisco Certified Netw
ork Associate/Professional (CCNA/CCN
P)-
Certified in Risk and Information System
s Control (CRISC)
ww
w.m
arcumllp.com
CYBERSECURITY: An Integral Approach
employees from
awareness to action,” J. Sherw
ood[xiii]presents four levels of engagem
ent. That process can be applied to m
otivate personnel to take action for cybersecurity: awareness
(which stim
ulates the audience’s eyes and ears), understanding(w
hich aims to reach the brain),
comm
itment(w
hich engages them, touching the heart) and action
(moving em
ployee to dosom
ething, to use their feet).
B. PROCESSES
Some vulnerabilities expose the organization to a cyberattack because of a process that is
poorly designed or not in place, such as log or access monitoring. O
n the other hand, therem
ay be processes that are not operating effectively (such as an incident response plan that w
as documented, but never tested).
When considering processes, the integral approach goes one step further and integrates other
enablers around the processes: policies, principles and framew
orks[xiv].H
ere are the key areas ofaction:
�U
se the risk assessmentas a starting point. This dynam
ic tool, as mentioned before, w
illhelp prioritize.
�Ensure that you have in place (and know
n by relevant personnel) policies and procedures.These should include activities for prevention
(such as enforcement of a cybersecurity
training class for key employees and an Intrusion Prevention System
),detection(including
a mandatory review
of all access logs)and correction(e.g., a cyber recovery plan tested
periodically).�
Consider the organization’s existing compliance requirem
ents,to reduce overlappingefforts. If you already have to com
ply with H
IPAA or PCI, as an example, m
ap your cybersecurity-related activities to the initiatives required by those regulations or standards.You w
ill probably save time and other resources.
�Finally, but m
ost importantly, use available fram
eworks and standards
to articulateprocesses, policies and principles; this w
ill promote consistency, scalability and
measurability. H
ere are a few exam
ples that include one or more areas for Inform
ationSecurity (IS) and can be used for cybersecurity:
�CO
BIT 5,information technology governance and m
anagement fram
ework
from ISACA. It includes IS processes and a specific publication “CO
BIT 5 forInform
ation Security.”�
NIST,a cybersecurity standard from
the National Institute of Standards and
Technology and includes the core functions: identify, protect, detect, respond and recover
[xv].�
ISO 27001:2013,w
hich is the best known standard in the fam
ily providing requirem
ents for an Information Security M
anagement System
(ISMS) [xvi].
�O
WASP,a non-profit project dedicated to w
eb applications security. The acronymstands for O
pen Web Application Security Project
[xvii].
ww
w.m
arcumllp.com
ww
w.m
arcumllp.com
CYBERSECURITY: An Integral Approach
C. TECHN
OLO
GYTechnology is the portion of cybersecurity that usually takes all the attention. In the integratedapproach, it is just another key com
ponent of the overall solution. Technology encompasses
the information m
anagement (from
a technical perspective), infrastructure and applications.Although the policies and processes drive the use of technology, here are a few
areas of actionto consider:
�Identify and track
all classified and Personal Identifiable Information (PII), and pay special
attention at the configuration of the tools and devices that store, process and transfer anddispose of it. D
ifferent levels of encryption might be required at each stage of use.
�If third parties
have access to classified information or PPI, such as an outsourced
datacenter or hosted application provider, considering requesting independent reports of their control environm
ent, such as a SOC 2.
�As part of the security risk assessm
ent, vulnerability assessments and penetration testing
should be performed periodically to determ
ine the actual risk coverage.
�Ensure configuration m
anagementof devices and system
s. This includes making sure that
default passwords have been changed.
�If there is internal softw
are development,prom
ote secure development practices w
ithin a consistent m
ethodology.
�G
iven the frequent use of credentials-related attacks, access managem
ent(includingauthorizations) should be constant.
�U
sing the layers of the Open System
s Interconnection (OSI) m
odel, review the architecture
components
(from application through the physical layer) and ensure all higher risk assets
have the appropriate level of protection.
�For hosts and devices that apply, ensure antivirus protection, w
ith a regular update ofvirus signature definitions.
�U
se monitoring system
sthat can alert in the event of a suspicious activity or deviation
from an expected behavior.
In alignment w
ith information security m
anagement, Cybersecurity is achieved through a
combination of efforts and techniques; it is a process that involves different levels of personnel
and skills. An integral approach will m
ake sure that all relevant aspects of this challenge areaddressed, including people, processes and technology. This approach, as any other, should be im
plemented and im
proved by using the well-know
n Dem
ing cycle: planningthe strategy
according to the organization profile, doingall that applies to your risk profile in regards to the
three aspects, checkingthe effectiveness of the initiative and acting w
hen an opportunity forim
provement has been identified.
ww
w.m
arcumllp.com
CYBERSECURITY: An Integral Approach
This publication contains general information only and none of M
arcum LLP, any of its related organizations or
any of the authors of this publication is, by means of this publication, rendering accounting, business, financial,
investment, legal, tax or other professional advice or services. Inform
ation contained herein is not a substitute forsuch professional advice or services, nor should it be used as a basis for any decision or action that m
ay affect your business.
Evaluation of the information contained herein is the sole responsibility of the user. Before m
aking any decisionor taking any action that m
ay affect your business with respect to the m
atters described herein, you should consult w
ith relevant qualified professional advisors. Marcum
LLP, its related organizations and the authorsexpressly disclaim
any liability for any error, omission or inaccuracy contained herein or any loss sustained by any
person who relies on this publication.
ENDNOTES[i] ISACA; “2015 G
lobal Cybersecurity Status Report”, ISACA, 2015, http://ww
w.isaca.org/cyber/D
ocuments/2015-G
lobal-Cybersecurity-Status-Report-D
ata-Sheet_mkt_Eng_0115.pdf
[ii] COSO
. (2004). ERM. Retrieved from
Comm
ittee of Sponsoring Organizations of the Treadw
ay Comm
ission: http://ww
w.coso.org/-erm
.htm
i Strohmeyer, R.; PCW
orld, 2013 citing the National Cyber Security Alliance (N
CSA). Retrieved from: http://w
ww
.pcworld.com
/article/2046300/hackers-put-a-bulls-eye-on-sm
all-business.html
[iii] McCabe, J.; “FBI W
arns of Dram
atic Increase in Business E-Mail Scam
s”, April 4, 2016. Retrieved from: https://w
ww
.fbi.gov/phoenix/press-releases/2016/fbi-w
arns-of-dramatic-increase-in-business-e-m
ail-scams
[iv] Maslow
, A. (2013). A Theory of Hum
an Motivation (Paperback). W
atchmaker Publishing.
[v] Ragan, S.; “Ransomw
are takes Hollyw
ood hospital offline, $3.4 million dem
anded by attackers”, CSO O
nline, February 14, 2016. Retrieved from:
http://ww
w.csoonline.com
/article/3033160/security/ransomw
are-takes-hollywood-hospital-offline-36m
-demanded-by-attackers.htm
l
[vi] Grisham
, L.; “Timeline: N
orth Korea and the Sony Pictures Hack”, U
SA Today Netw
ork, January 5, 2015. Retrieved from:
http://ww
w.usatoday.com
/story/news/nation-now
/2014/12/18/sony-hack-timeline-interview
-north-korea/20601645/
[vii] OCIE; “O
CIE’s 2015 Cybersecurity Examination Initiative”, Risk Alert Septem
ber 15, 2015. Available at:https://w
ww
.sec.gov/ocie/announcement/ocie-2015-cybersecurity-exam
ination-initiative.pdf
[viii] FFIEC; “Information Security: IT Exam
ination Handbook”, 2006
[ix] Verizon; “Data Breach Investigations Report”, 2015.
[x] The Institute of Internal Auditors (IIA) et al; “Cybersecurity: what the board of directors needs to ask”, 2014.
[xi] Galligan et al; “CO
SO in the cyber age”, 2015.
[xii] See endnote x
[xiii] Sherwood, J.; “H
ow to m
ove employees from
awareness to action”, 2014. Retrieved from
: http://ww
w.engagingleader.com
/whe13-m
ove-em
ployees-awareness-action-podcast/
[xiv] ISACA; “Transforming Cybersecurity”. 2013.
[xv] NIST, Fram
ework for Im
proving Critical Infrastructure Cybersecurity. 2014. Retrieved from: http://nist.gov/cyberfram
ework/
[xvi] International Standardization Organization (ISO
); 2016. Retrieved from: http://w
ww
.iso.org/iso/home/standards/m
anagement-
standards/iso27001.htm
[xvii] Open W
eb Application Security Project (OW
ASP); 2016. Retrieved from: https://w
ww
.owasp.org/index.php/M
ain_Page
Mark Agulnik, CPA, CISA
Partner in Charge ‒ IT Practicem
ark.agulnik@m
arcumllp.com
Jose L. Antigua, CISA, ACDA, COBIT
Senior Manager ‒ IT Risk & Assurance
jose.antigua@m
arcumllp.com
ww
w.m
arcumllp.com