Fraud: Is Your Nonprofit Ripe for the Picking?

Fraud has always been a concern for nonprofit organizations, and it’s not going away. A recent Association of Certified Fraud Examiners report shows the median loss is more than $100,000.

Click on the following link for the article: armaninollp.com

Dave Tate’s Comments. Internal controls and the potential for fraud are very real issues for nonprofits, their management and officers, and their boards. If you are a nonprofit board member you cannot simply assume that internal controls, the accounting function, and the external audit, review or compilation are taking care of everything. Are these issues that the board has on its agenda, and that the board discusses and evaluates? Have you requested that these issues be put on the agenda? You should.

Dave Tate, Esq. and licensed CPA (inactive) in California.

Blogs: http://directorofficernews.com and http://californiaestatetrust.com

See also Tate’s Excellent Audit Committee Guide, which you can find at http://directorofficernews.com

Tate’s Excellent Audit Committee Guide – Completed Initial Edition – 115 Pages Plus Additional Links

Click on the link at the bottom of this post for a pdf of the completed initial edition of Tate’s Excellent Audit Committee Guide 08042015. The guide is for boards and audit committees of public companies, private companies, nonprofits, and governmental entities. This edition of the guide is 115 pages, plus links to additional resources and materials. The guide is updated regularly as new developments occur, and developments will also be posted to this blog. Please do tell other people about the guide and pass it along. Enjoy, and best to you.

Dave Tate, Esq. (San Francisco/California)
Click on the following link for the guide: Tate’s Excellent Audit Committee Guide 08042015

New Audit Committee Standard of Care – External Auditor Assessment Tool From NACD, NYSE Governance Services, Center for Audit Quality, and Others

Several influential organizations have issued External Auditor Assessment Tool, A Reference for Audit Committees Worldwide. Here is a link to a PDF of the Tool auditor_assessment_tool_worldwide.

The tool is presented by the NACD, NYSE Governance Services, the Center for Audit Quality, the Independent Directors Council, the Association of Audit Committee Members, and Tapestry Networks. And that is why, i.e., because of the stature of the presenting organizations, this document has or will present a standard of care, i.e., a standard in the relevant community, for audit committees on the topics that the tool covers.

Every audit committee member of a public company needs to read, digest and understand this document (it’s not very long – basically 10 pages in length and large type font). On its face the document provides sample questions and issues for audit committees to discuss and consider when assessing their organization’s external auditor. But the document provides more – as you analyze the questions and issues, they present sample questions and issues that the external auditor needs to have satisfied and that the audit committee needs to oversee.

Consider for example the following sample questions:

1. Did the lead audit partner discuss the audit plan and how it addressed company/sector-specific areas of accounting and audit risk (including fraud risk) with the audit committee?  Well . . . did this occur and in what detail?

2.  During the audit, did the auditor meet the agreed-upon performance criteria as reflected in the engagement letter and audit plan?  So . . . did the audit satisfy for example the applicable Statements on Auditing Standards?

3.  In private sessions, did the auditor discuss sensitive issues candidly and professionally?

4.  Did the auditor adequately discuss the quality of the company’s financial reporting, including the reasonableness of accounting estimates and Judgments?

5.  Were there any significant differences in views between management and the auditor?

6. Is the external auditor responsive and communicative (e.g., by soliciting input relative to business risks or issues that might impact the audit plan, identifying and resolving issues in a timely fashion, and adapting to changing risks quickly)?

7. Does the external auditor proactively identify opportunities and risks (e.g., by anticipating and providing insights and approaches for potential business issues, bringing appropriate expertise to bear, and by identifying meaningful alternatives and discussing their impacts)?

And the suggested questions and issues continue.

Although many of these suggested questions and issues already are covered in various Statements on Auditing Standards, how often do you hear Statements on Auditing Standards discussed in the context of audit committee responsibilities? They have been in my published materials for years (including for example, many audit committee guideline and evaluation discussion papers; Audit Committee Functions and Responsibilities, Chapter 5A for the California Continuing Education of the Bar publication, Advising and Defending Corporate Directors and Officers (October 2007); and Accounting and Its Legal Implications, A Guide for Managers, Business Owners, and Entrepreneurs (Irwin Professional Publishing, Business One 1994).

This audit committee assessment tool, presented by high-stature organizations, puts the spotlight on the topics that the document discusses.  Some people will think this is good, and some will think it is bad. Some people will believe that the document goes too far, and other people will identify the many questions and issues that it does not cover. Nevertheless, most of these questions and issues have already existed for years.

Dave Tate, Esq. (San Francisco/California), http://directorofficernews.com

Lessons Learned from the Transition to COSO 2013

Protiviti has shared with us a useful Top 10 Lessons Learned from Implementing COSO 2013. I especially like this section: It is presumed that everyone understands that a top-down, risk-based approa…

Click on the following for the discussion: normanmarks.wordpress.com

A good COSO 2013 discussion from Norman and Protiviti.

Dave Tate, Esq. (San Francisco/California)

My other blog: trust, estate, conservatorship and elder abuse litigation, http://californiaestatetrust.com

SSARSs Clarity Project

The standard eliminates the need for the accountant to determine whether they?ve prepared financial statements by drawing a clear line between preparation and compilation.

Click on the following for the article: www.cpa2biz.com

Why is this important?  Well . . . if you are an accountant who performs review and compilation services, it should be important to you. And if you are someone who depends on information and representations provided in reviews or compilations, it should be important to you, if you care to know whether a compilation or review provides you with any useful information. Speaking of the subject, I never hear anyone discussing whether a quarterly review for a public company provides any useful information. I believe that at least in theory they do, but, if not, then why continue with the expense?  Dave Tate, Esq. (San Francisco)

My other blog: trust, estate, conservatorship and elder abuse litigation and administrations, http://californiaestatetrust.com

On the 2015 Audit Committee Agenda

10 things that audit committees should keep in mind as they consider and carry out their 2015 agendas.

Click on the following link for the discussion: www.kpmg-institutes.com

Good broad topic areas to consider, although I prefer the following discussion materials that I have written as they are more specific – click on the following link – Audit Committee Self-Evaluation Form David Tate Esq 10302014.

Dave Tate, Esq. (San Francisco / California).

3 Major Changes Congress Wants to Make to Social Security – On the Scale of Risk Management How Would You Score Congress?

Social Security needs change to survive over the long run, and Congress seems willing to take up the daunting task of a Social Security overhaul. – Sean Williams – Investment planning

Click on the following link for the article: www.fool.com

No surprise here.  Inactive and lack of diligent long-term planning. This issue has been around for 40-50 years.  A serious issue for old, middle age and young alike.

If you are young, why do you want to pay 13-14% (half from you and half from your employer) into this program when there is no reasonable certainty that it will be around for you when you retire, and if it is around there is no reasonable certainty about what the benefits will be.

If you are near or at retirement and you paid into this program for 40-50 years you are probably safe, if you don’t live for another 20 years.

If you are in the middle, not near retirement, and have been forced to pay into this program for 25-35 years, good luck to you.

How would you rate the Social Security program risk management? See my prior blog post about the NIST cybersecurity risk management framework, Click for Post .  I would rate Social Security risk management as Tier 1 – Tier 2.

Dave Tate, Esq. (San Francisco / California)

UK pressures Bank of America unit on risk management – Wall Street Journal

(Reuters) – British regulators are pressuring Bank of America Corp’s European investment-banking arm to improve its risk management practices, saying the current ones are “simplistic” an…

Click on the following for the article: au.news.yahoo.com

You may have been following the efforts to bring European and U.S. accounting standards into conformity, and how difficulty that has been.  I would evaluate the chance of bringing the various different governance and risk management codes into conformity as zero. And as the European regulatory agencies appear to be getting more active and demanding both with the code provisions and enforcement, we might expect European developments in these areas to become more center stage.  Dave Tate, Esq. (San Francisco / California)

Regulator launches consultation on ‘The essential trustee’ – Press releases – GOV.UK

U.K. Guide to trustees’ duties is updated.

I am following up on a post by a LinkedIn group member about a new regulatory initiative by the U.K. Charity Commission on trustee standard of care.  You can click on the following link to access the article: www.gov.uk

The following are my initial comments about the post and the regulatory proposal.

Thank you Jane.  I clicked on the materials.  As they are rather long for a morning before work read, I’ll have to get back to them in detail.  Preliminarily it appears to pretty much follow what in the U.S. would be the business judgment rule.

The very real distinction is whether a regulatory agency will really enforce the requirements. And with charities there are so many different types and missions, and people of tremendously different backgrounds who serve on the boards.

I have served on two nonprofit boards and as an audit committee chair – on one of the boards all members were pretty sophisticated, on the other board perhaps less than half would fit that criteria. But on both boards they all supported the mission, did not have conflicts, and tried to make correct and diligent decisions within their abilities.

Should some of the board members on the second board not be allowed to serve as board members?  Tough call. Depending on the final outcome of the regulations, they could have a chilling or at least limiting effect on who can or wants to serve on a charity board. The U.K. initiative will be very interesting to watch.

Dave Tate, Esq. (San Francisco / California)