Skip To The Main Content

Weekly National News

May 19, 2017

News provided by:
InovautusLogo

Financial Services is Industry Most at Risk for a Mega-Cyberattack: AIG Survey

(Think Advisor) May 10, 2017 – In the nightmare scenario of a corporate cyberattack, the victim is not just one bank or power supply company but many attacked at the same time, and it could happen as early as this year, according to a new study from AIG. Nine in 10 global cybersecurity and risk experts surveyed by AIG believe that cyber risk is systemic, and more than half said a systemic cyberattack on five to 10 companies is highly likely this year. More than one-third gave almost even odds of an attack on as many as 50 companies this year, and 20% gave similar odds for an attack on as many as 100 companies simultaneously.
readmore

 

Most Estate Plans Aren't Dealing with Digital Assets Properly

(Investment News) By Jamie Hopkins, May 11, 2017 – Estate planning is an unpopular topic because it often deals with the harsh realities of loss and death. Far too many people do not have an updated estate plan that meets their current needs, goals or desires. However, having a written estate plan in place is crucial to protecting your client's family, wealth and their own peace of mind. Technology, often seen as a means to ease our burdens, has created new challenges for estate planning. In fact, the need for estate planning for digital assets has rendered many of the existing estate plans, wills and trusts in the United States ill-equipped to handle the full range of an individual's assets.
readmore

 

How a Cue Can Help Veteran Auditors Better Detect Fraud

(AccountingWEB) May 10, 2017 – Let’s say you’re an auditor with at least a couple of decades in the field under your belt, and you’re listening to the CEO of a public company answer questions during an earnings conference call. Would you be able to detect deception in his answers? Chances are you won’t and for reasons you may not want to acknowledge. Unless, that is, you’re told to listen for what’s called a “negative affect” (i.e., cognitive dissonance – an uneasiness and discomfort in the CEO’s voice when lying). That’s the basic premise of a new study, Improving Experienced Auditors’ Detection of Deception in CEO Narratives.
readmore

 

Who Would Benefit from a Tax Cut on Partnerships and Other Pass-Throughs?

(Forbes) By Howard Gleckman, May 16, 2017 – Cutting tax rates on pass-through businesses to 15 percent appears to be a core element of President Trump’s tax agenda. However, new estimates from the Tax Policy Center show that such a proposal could add as much as $2 trillion to the debt over the next 10 years, while distributing nearly all the benefits to the highest income households. While pass-throughs such as partnerships and sole proprietorships are often described as small businesses and their owners characterized as middle-class, TPC found that low- and middle-income households would receive only a small fraction of the benefits of tax cut on pass-throughs.
readmore

 

Rich Retirees Are Hoarding Cash Out of Fear

(Bloomberg) May 16, 2017 – There’s a time in everyone’s life to save. There’s also a time when you’re supposed to spend. That time is commonly known as retirement. Millions of Americans aren’t doing that, however, which has put the U.S. in a perverse situation. Younger generations aren’t saving enough as their income slips further behind previous generations. Older Americans meanwhile sit atop unprecedented piles of assets built through stock market and real estate booms. Yet these retirees, or at least the affluent ones, aren’t spending it. It turns out they’re afraid of the unknown.
readmore

 

Americans Believe Manufacturing Industry Critical to Country’s Prosperity

(Industry Week) May 11, 2017 – A high percentage of Americans want their government to invest further in the manufacturing sector. A new survey from Deloitte and The Manufacturing Institute reported that quarters (76%) of Americans surveyed believe the U.S. should invest further in the manufacturing industry. "Modern manufacturing has captured the imagination of the American public and our elected leaders, said Jay Timmons CEO of the National Association of Manufacturers. “This important research indicates public opinion of the future of the industry has taken a measurable, positive jump as people acknowledge the strong connection between this industry, the U.S. economy and the American way of life.”
readmore

 

Pair of GASB Guides Help to Clarify Standards

(AccountingWEB) May 16, 2017 – Two new implementation guides issued by the Governmental Accounting Standards Board contain questions and answers that clarify or explain several accounting and financial reporting standards for state and local governments.
readmore

 

IIA Guidance Digs into Big Data Risks, Opportunities

(Compliance Week) May 11, 2017 – Big data represents both a growing risk and a growing resource for internal auditors, prompting the Institute of Internal Auditors to offer some new guidance meant to help auditors address it and leverage it. The IIA’s nearly 50-page paper provides an overview of big data for the benefit of internal auditors who may be tasked both with using it and assessing risks associated with it. The paper covers the value of big data, the components, strategies, implementation considerations, data governance, consumption, and reporting, not to mention the associated risks. The guide explains what the IIA regards as internal auditors’ roles and responsibilities when performing any kind of advisory or assurance procedures related to big data.
readmore

 

WannaCry Global Ransomware Attack Shows Why Businesses Should Prepare for Loss or Unwanted Encryption of Key Data

(JDSupra) By Stacy Harper and Tedrick Housh, May 17, 2017 – “Oops, your files have been encrypted!” On Friday, May 12, 2017, employees around the world found this message on their computer screens. A massive cyberattack has used variants of the WannaCry ransomware program to infect more than 230,000 computers in 150 countries, demanding Bitcoin ransom payments in 28 languages. Across the globe, many factories, hospitals, offices, government agencies and other entities shut down or were seriously affected. No country was immune, with Russia, Ukraine, China and EU countries hit hardest. For now, WannaCry should serve as a wake-up call to everyone.
readmore

 

Big Data Driving SEC Focus on Disclosures, Recommendations and Security

(Financial Planning) By Kenneth Corbin, May 16, 2017 – Advisers will see SEC regulators employ new methods to investigate a firm's staff training, the suitability of its investment recommendations, conflicts of interest disclosures and cybersecurity safeguards, according to attorneys at the law firm Eversheds Sutherland. Even if, as many observers expect, enforcement under newly minted SEC Chairman Jay Clayton is not as vigorous as it has been under his predecessors, there will be still be a focus on the most problematic types of conduct, enhanced by increased analysis of large swaths of data.
readmore

 

 

 

 

 

Financial Services is Industry Most at Risk for a Mega-Cyberattack: AIG Survey

(Think Advisor) May 10, 2017 – In the nightmare scenario of a corporate cyberattack, the victim is not just one bank or power supply company but many attacked at the same time, and it could happen as early as this year, according to a new study from AIG.

Nine in 10 global cybersecurity and risk experts surveyed by AIG believe that cyber risk is systemic, and more than half said a systemic cyberattack on five to 10 companies is highly likely this year. More than one-third gave almost even odds of an attack on as many as 50 companies this year, and 20% gave similar odds for an attack on as many as 100 companies simultaneously.

“While data breaches and cyber-related attacks have become more prevalent for individual businesses, concern about systemic cyberattacks are on the minds of those in the very community dedicated to analyzing and preventing this threat,” said Tracie Grella, global head of cyber risk insurance at AIG.

Financial services was ranked as the industry most vulnerable to a systemic attack (19%) in the next 12 months followed by power/energy (15%), telecommunications/utilities (14%), health care (13%) and information technology (12%), according to the survey.

When asked more specifically about systemic cyberattack scenarios in the next 12 months, respondents gave top rankings to a simultaneous attack of 15 financial services firms that cuts off service (known as a distributed denial of service, or DDoS attack) and a simultaneous mass data theft of 10 health care companies (hospitals, pharmacies, insurers) due to flaws in electronic medical records software. On a scoring of 1-10 with 1 being the most likely, both received a 4.1 rating, suggesting better than even odds (59.9%) of happening this year.

An attack on a large cloud provider was seen as the most likely multi-industry attack over the next 12 months.

While those scenarios are very serious, they are not considered the worst case by survey respondents. Their worst-case scenarios were cyber war games, leading to conventional battles between nation-states; a power grid attack during times of systemic stress, affecting a large population; and an attack on telecommunications and utilities infrastructure, impacting essential services.

In a recent Harvard Business Review article, MIT Professor Stuart Madnick, the academic director of the MIT Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity, wrote, “The scenario of losing power for a long time — weeks or even months — is not unthinkable.” But in order for that and other systemic cyberattacks to occur, three conditions must be met, according to Madnick: opportunity, capability and motivation. There is currently plenty of opportunity and capability but motivation is limited because of the possibility of retaliation acts as a deterrent, wrote Madnick.

Still, he recommends “systems-level thinking about how everything is connected … Hospitals might have backup generators, but what about the supply line for refueling … the refueling stations need electricity to operate pumps, what is the plan? We need innovative, systems-level thinking — and a sense of urgency — to mitigate the impact of a major cyberattack. And we need it now.”

AIG, which sells insurance products for businesses and individuals to protect against cyberattacks, notes that “defenses must keep pace as cyber threats continue to advance and expand” and should include investments in security software and hardware, careful vetting of vendors and training on security practices, and insurance to mitigate impact the impact of cyberattacks.

 

 

 

 

Most Estate Plans Aren't Dealing with Digital Assets Properly

(Investment News) By Jamie Hopkins, May 11, 2017 – Jamie Hopkins Estate planning is an unpopular topic because it often deals with the harsh realities of loss and death. Far too many people do not have an updated estate plan that meets their current needs, goals or desires. However, having a written estate plan in place is crucial to protecting your client's family, wealth and their own peace of mind. Technology, often seen as a means to ease our burdens, has created new challenges for estate planning. In fact, the need for estate planning for digital assets has rendered many of the existing estate plans, wills and trusts in the United States ill-equipped to handle the full range of an individual's assets.

So, what are digital assets? Most likely, when you hear "digital assets," what first comes to mind are smart phones and computers. However, digital assets are not these storage and display devices, but rather, the information stored on them and online. For example, the information and property stored on Facebook, Gmail, Yahoo, Twitter, blogs, business or personal websites and online banking accounts would be considered digital assets.

Are your client's digital assets valuable? At first glance, you might think your clients do not need to worry about these accounts because they are not valuable; however, you would be wrong. Many of these accounts have financial information or contain important communications, photos and videos. For some clients, their digitals assets, like a blog or website, may even drive their small business income. Other digital assets like BitCoin, frequent flier miles or other online rewards points have clearer financial value. It is also becoming more and more popular to purchase songs, movies, books or other assets online in a purely digital form, such as with iTunes. All of these assets have either financial or sentimental value. In some cases, digital assets left unattended, while perhaps offering no financial benefit to the client or their heirs, could still represent a financial risk. For instance, if the client has online shopping accounts with stored credit card information, you should make sure these accounts are accounted for and properly managed in case of death or incapacity. Unfortunately, online theft, including post-mortem online theft, has been steadily increasing.

What makes estate planning for digital assets so challenging? The law often lags behind technology; as far as digital assets are concerned, estate planning is still years behind. This is leaving many estates ill-equipped to deal with digital assets. Traditional wills are not designed to handle the full complexities of digital assets. Digital assets are usually secured by an online login and password, which are not traditionally contained in a will or trust. Instead, the individual must track the accounts and the accompanying login information so that the estate can access the accounts. Additionally, many digital assets are non-transferable upon death, meaning the client cannot leave the account or property to their heirs. The terms of service agreement that the individual clicked when he or she originally set up the account, most likely without reading it first, typically has language discussing the transferability of the account. As a result, many people are surprised to discover that they might not own their account, but instead merely have a life-time lease to use the account.

Despite the hurdles, some recent state laws, based on the Revised Uniform Fiduciary Access to Digital Assets Act, are starting to at least allow fiduciaries to have access an individual's digital assets if the trust, power of attorney document or will specifically grant such fiduciary access to the accounts. Many estate plans are silent when it comes to digital assets, treating them the same as all other assets, which under many state laws, is not the case. Instead, fiduciary digital asset access needs to be specifically addressed in any estate planning or advanced directive document.

Most wills and trusts need to be updated to specifically provide for language that grants fiduciary access to digital assets, and to include explicit directions about what to do with these assets. Make sure all fiduciary and estate planning documents specifically grant the fiduciary and estate access to digital assets. Furthermore, the client should do an accounting of all of his or her online accounts and access information. Without a comprehensive list and the most current access information, an estate may not be able to manage the accounts properly. Furthermore, the client should give instructions on what he or she wants to happen to each account. The client may want some accounts like a credit card or banking account to be closed and then deleted. But, they might want other accounts like Facebook memorialized. Still other accounts, like a small business website, may be assigned to their heirs, so that the business can continue uninterrupted after the client's death.

Digital assets are fast becoming the way of the world, and today's digital estate planning needs to catch up fast. While the laws are slowly changing to provide access to digital assets, individuals still need to do the planning needed to ensure that their digital assets are properly managed and dispersed upon incompetency or death. Advisers can add a lot of value here by just bringing the topic up with their clients and making sure that the estate planning attorney updates the proper documents so that the client's digital assets will be properly handled upon death or incapacity.

 

 

 

 

 

How a Cue Can Help Veteran Auditors Better Detect Fraud

(AccountingWEB) May 10, 2017 – Let’s say you’re an auditor with at least a couple of decades in the field under your belt, and you’re listening to the CEO of a public company answer questions during an earnings conference call. Would you be able to detect deception in his answers?

Chances are you won’t and for reasons you may not want to acknowledge. Unless, that is, you’re told to listen for what’s called a “negative affect” (i.e., cognitive dissonance – an uneasiness and discomfort in the CEO’s voice when lying).

That’s the basic premise of a new study, Improving Experienced Auditors’ Detection of Deception in CEO Narratives, by a team of researchers from the University of Illinois and Duke University.

The researchers found evidence that experienced auditors’ judgments about deception are less accurate for companies later linked to fraud, regulator investigation, or class-action lawsuits unless they are first instructed to look for signs of guilt in the CEO’s voice.

“Deception detection is very difficult. Most people have trouble figuring out when someone is deceiving them,” said study co-author Mark Peecher, the Deloitte Professor of Accountancy and associate dean of faculty at the College of Business at the University of Illinois. “The good news here is that very experienced auditors, who are hired because they’re supposed to be watchdogs for society, actually have the capacity to discern when upper management is being deceptive. The bad news is that they don’t fully tap into that ability and overlook fraud cues right before them, unless we make that task easier by prompting them with this cue.”

But the issue isn’t just about a lying CEO. Auditors must know what they’re listening for, have the spine to speak up about it, and call out the CEO who very likely is their client.

Easier said than done.

Citing a slew of research from 1993 to 2016, the authors posit that auditors face “disincentives” to detect fraud, use “motivated reasoning” to favor aggressive accounting methods, collect less evidence to avoid nasty interactions with managers, and are less skeptical as they gain experience.

“Collectively, these studies suggest experienced auditors are more attuned to the benefits of minimizing false positives as compared to false negatives, implying they will be more accurate at identifying nonfraud companies than fraud companies,” the study states.

But if experienced auditors are told to listen for deception (the “negative affect”) in what CEOs say, “it helps neutralize experienced auditors’ tendency to overlook or discount fraud cues, enabling them to apply audit-related knowledge that they have acquired over many years to better avoid false negatives,” the study states.

The researchers gathered 124 decisions from 31 auditors, mostly CPAs, at large public accounting firms. The test group averaged 24 years of experience in audit, assurance, or forensic services. Each participant got four companies to judge. The four were randomly drawn from five fraud and five nonfraud public companies. Excerpts were judged as fraudulent if the company’s quarterly financial statements discussed during the conference call were later restated and linked to fraud, there was an investigation by regulators, or class-action litigation resulted.

After reviewing the four excerpts, auditors decided if the CEOs’ answers were fraudulent. Researchers found that only the auditors who were instructed to look for fraud did the best. To better understand that, researchers then had the auditors indicate specific red flags in the CEOs’ comments. They found that auditors, when told to, described the red flags more extensively in companies with fraud.

“The ability to pinpoint worrisome portions of CEO narratives holds promise for auditors’ ability to tailor audit procedures to test specific accounts and transactions in need of investigation,” the study states.

Maybe, maybe not. Veteran auditors, who have the experience warranted to presumably catch more fraud, may not do so because they become “reluctant skeptics,” the study states. While auditors can face penalties for failing to detect fraud, they aren’t rewarded for doing so. And auditors who report clients to regulators can lose the client and are excluded from monetary awards for whistleblowing under the Dodd-Frank Act, the study states.

Peecher’s co-authors for the study included Jessen Hobson, assistant professor of accounting and PwC LLP Faculty Fellow, at the University of Illinois; Bill Mayew, associate accounting professor at Duke University; and Mohan Venkatachalam, accounting professor and senior associate dean of executive programs at Duke University.

 

 

 

 

 

Who Would Benefit from a Tax Cut on Partnerships and Other Pass-Throughs?

(Forbes) By Howard Gleckman, May 16, 2017 – Cutting tax rates on pass-through businesses to 15 percent appears to be a core element of President Trump’s tax agenda. However, new estimates from the Tax Policy Center show that such a proposal could add as much as $2 trillion to the debt over the next 10 years, while distributing nearly all the benefits to the highest income households.

While pass-throughs such as partnerships and sole proprietorships are often described as small businesses and their owners characterized as middle-class, TPC found that low- and middle-income households would receive only a small fraction of the benefits of tax cut on pass-throughs.

Lowering The Rate

TPC looked at several illustrative variations of a tax rate cut on pass-throughs. First, it analyzed a 15 percent rate applied to a broad definition of pass-through income (all net income including both active and passive income and all profits). That example is similar to the idea President Trump proposed during the campaign, though his plan differed in some key respects and left out important details.

Then, TPC looked at the effects of applying the 15 percent rate to a narrower definition of income, loosely based on the one used by former House Ways & Means Committee chair Dave Camp in his 2014 tax reform plan. It includes all profits from the active income of S corporations and 30 percent of active income from other pass-throughs such as partnerships and sole proprietorships.

Next, TPC analyzed the effects of a 25 percent rate, the rate used in last June’s House Republican leadership plan. Once again, it looked at both the broad and narrow definitions of income. Finally, it looked at what would happen with and without rules to limit the ability of taxpayers to recharacterize their relatively high-tax wages as profits, which would enjoy the lower pass-through rates.

$2 Trillion in Lost Revenue

A couple of other key assumptions: TPC worked from the House GOP leadership’s proposed tax rates on ordinary income—12-25-33 percent--and assumed repeal of the Alternative Minimum Tax. It treated the pass-through rate like a cap. Thus, at the 15 percent pass-through rate, people in the 12 percent tax bracket would still pay 12 percent on their business income. Finally, the modelers assumed there would be only one level of tax on pass-throughs, as there is today, not a second tax on distributions to their owners.

What did TPC find? If Congress applied the 15 percent rate to the broad definition of income, the 10-year revenue loss could be as much as $2 trillion. If it chose the narrow definition, the revenue loss could be only about half as much.

With the broad income definition, three-quarters of the benefit would go to highest-income one percent of households, who make $700,000 or more. They’d get an average tax cut of about $76,000, or 4.8 percent of their after-tax income

By contrast, fewer than five percent of middle-income households would get a tax cut, averaging $370.

There are a couple of reasons why the benefits are so skewed to upper-income households. First, nearly two-thirds of those with pass-through income are already in the 15 percent bracket or below. Thus, they wouldn’t benefit at all from cutting the pass-through rate to 15 percent. They are already there.

Second, while most pass-through filers are low- or middle-income people, most pass-through income is made by a relative handful of business owners. They may be doctors, lawyers, partners in investment firms, or even owners of large non-publicly traded businesses. TPC estimates that this year, nearly 90 percent of pass-through income will go to the top 20 percent of households and half to the top one percent.  And the benefits of the rate cuts follow the money.

A 25 Percent Rate?

What if Congress set the pass-through rate at 25 percent on that broad income base instead of 15 percent? It would give no benefit to those in the House GOP’s 12 percent or 25 percent brackets, but would cut taxes on those pass-through owners who’d otherwise pay at the 33 percent rate. Thus, the higher rate would shrink the overall size of the tax cut and benefit fewer people, but skew the benefits even more to the highest earners.

TPC estimates that a 25 percent rate on a broad income base would reduce revenue by between roughly $570 billion and $665 billion over 10 years, depending on the amount of income shifting that occurs. If the 25 percent rate is applied to the narrow income base, the revenue loss would be roughly $400 billion.

If the 25 percent rate is applied to the broad base, about 3.8 percent of households would get a tax cut, averaging about $7,300. But nearly 90 percent of the benefits would go to those in the top 1 percent. Their average tax cut of $32,500 would be less than half of what they’d get under the 15 percent rate.

While we don’t know any details of President Trump’s plan to cut taxes on pass-throughs, we do know this: A special tax rate of 15 percent on pass-through businesses could lose as much as $2 trillion in revenue over 10 years, and nearly all the benefit would go to the highest-income households.

 

 

 

 

 

Rich Retirees Are Hoarding Cash Out of Fear

(Bloomberg) May 16, 2017 – There’s a time in everyone’s life to save. There’s also a time when you’re supposed to spend. That time is commonly known as retirement.

Millions of Americans aren’t doing that, however, which has put the U.S. in a perverse situation. Younger generations aren’t saving enough as their income slips further behind previous generations. Older Americans meanwhile sit atop unprecedented piles of assets built through stock market and real estate booms.

Yet these retirees, or at least the affluent ones, aren’t spending it. It turns out they’re afraid of the unknown.

A new study finds many U.S. retirees keep saving even after they’ve retired. The average American over the age of 60 cuts spending 2.5 percent per year, or about 20 percent over a 10-year period, according to an analysis of University of Michigan survey data by financial planning software company United Income. As a result, millions of Americans are living too frugally, said Matt Fellowes, United Income’s CEO. On average and adjusting for inflation, retirees are entering their 80s richer than they were in their 60s and 70s.

Unsurprisingly, given the data, Americans are dying with more money than they used to, adding to the increasing inequality that flows from inherited wealth. United Income analyzed the estates of people who died between 2000 to 2002, and compared them with those who died between 2010 to 2012. Although the latter group had just lived through a financial crisis and worldwide recession, their estate values were 130 percent higher.

“We have to get people comfortable with enjoying their retirement and spending their money,” Fellowes said.

Other studies have found affluent older Americans hoarding money. Last year, a study in the Journal of Financial Planning found that the wealthiest fifth of U.S. retirees were spending 53 percent less than they could have. Meanwhile, the poorest 40 percent generally spend more than they safely should; the median retiree spent about 8 percent less than the safe amount.

Researchers looked at all the logical reasons why affluent retirees might be so tight-fisted, including the desire to leave an inheritance or worries about future medical needs. The big motivator turned out to be some version of fear they would run out of cash too early.

“We found that even in a worst-case scenario, they could have spent more,” said Texas Tech University Professor Christopher Browning, one of the study’s authors. “There have to be other explanations,” he said – reasons that aren’t rational.

One of those irrational reasons may be simple habit. Something strange happens when people retire, Browning says. All of a sudden, they’re not getting a regular paycheck, and that makes them scared to spend. Goals set before retirement are abandoned, along with pre-determined spending plans, because retirees are terrified see the balances on their retirement accounts drop even a tiny bit.

In all, American households and nonprofits were worth $93 trillion at the end of last year, according the U.S. Federal Reserve. That’s almost $300,000 for every man, woman, and child in the country. Of that, Americans held $25.3 trillion as retirement assets, according to the Investment Company Institute. That includes $8.4 trillion in defined-benefit pensions and $14.9 trillion in individual retirement accounts and 401(k)-style plans.

If the bulk of that money never gets spent, that’s a big problem. Set aside that the U.S. economy could use the boost. Studies show that active retirees live longer, happier lives. There are cheap ways to get out of the house, of course, but a little spending money gives retirees far more options for exercising, socializing, and traveling.

The situation for wealthier older Americans couldn’t be more different than that facing younger generations. A study released by the National Bureau of Economic Research last month found the typical American man who entered the workforce in 1983 earned up to 19 percent less over his lifetime compared with one who started working in 1967. (Women’s incomes rose over that period, but that’s because earlier generations of women earned very little money.) Based on more recent data for younger people who are still in the workforce, the authors wrote, “the stagnation of median lifetime income seems likely to continue.”

What can get rich elderly Americans spending more? One way is to reassure them they’re not going to run out of cash. Tools such as annuities and bond-ladders can turn a retirement account into a regular stream of income, mimicking a paycheck. Insurance products could also protect retirees against huge, late-in-life expenses from medical care — a dominant fear. Browning likes longevity insurance, an annuity that kicks in only if you live to 80 or 85. Other options are reverse mortgages or long-term care insurance.

Maybe the problem requires more creative solutions. Financial planners need to help retirees realize they have a “cognitive bias” that makes them too gloomy about the future, said United Income’s Fellowes. Survey data often show older Americans are less optimistic about financial matters then younger people. Fellowes analyzed the data further and found this optimism gap has been widening over the last four decades.

Even as retirees live longer, healthier lives, they’ve become more pessimistic about the economy, the stock market, and their own financial situation.

After a lifetime of saving, it requires some psychological gymnastics to start spending your nest egg. Browning’s suggestion is that financial planners urge their thriftiest clients to make big purchases–like a second home or a fancy car–before they retire, out of their pot of savings. The idea, he said, is “training people to spend.”

 

 

 

 

 

Americans Believe Manufacturing Industry Critical to Country’s Prosperity

(Industry Week) May 11, 2017 – A high percentage of Americans want their government to invest further in the manufacturing sector. A new survey from Deloitte and The Manufacturing Institute reported that quarters (76%) of Americans surveyed believe the U.S. should invest further in the manufacturing industry.

"Modern manufacturing has captured the imagination of the American public and our elected leaders, said Jay Timmons CEO of the National Association of Manufacturers. “This important research indicates public opinion of the future of the industry has taken a measurable, positive jump as people acknowledge the strong connection between this industry, the U.S. economy and the American way of life.”

Among the study’s findings:

More than 8 in 10 respondents see manufacturing as vital to America’s livelihood.

  • Among those surveyed, 83% believe U.S. manufacturing is critical to economic prosperity, and 81% feel it is important to maintaining their standard of living.
  • Eighty-one percent of Americans also believe trade and export of American manufactured goods benefit the U.S. economy.

More than three-quarters of Americans agree the U.S. should invest more in manufacturing.

  • More than three-quarters (76%) of respondents believe the U.S. needs a more strategic approach to developing its manufacturing base; the same number (76%) believe the U.S. should further invest in the manufacturing industry.
  • Seventy-one percent of respondents believe that the U.S. should ensure long-term, stable funding for programs that spur innovation and advanced manufacturing.

Future manufacturing jobs expected to be more high-skill, less manual labor.

  • Nearly 9 in 10 (88%) respondents expect future manufacturing jobs will require a higher level of technical skill, and 77% expect manufacturing jobs will require less manual labor.
  • Eighty-one percent of respondents believe that future manufacturing jobs will occur in cleaner and safer environments.
  • Nearly two-thirds (64%) of respondents believe the U.S. manufacturing industry is already high-tech, up from 43% in the 2014 survey.

Manufacturing sector fuels job creation in the U.S.

  • Parents of school-age children, people of Generation X and those most familiar with manufacturing (i.e., people who have worked or are working in the manufacturing industry) see manufacturing as the number one most preferred job-creation engine in the United States.
  • The overall public ranked manufacturing third, just after technology development centers and health care facilities, in terms of the country’s leading sectors for job creation.

“Helping Americans’ perceptions of manufacturing catch up with reality is a vital step in addressing the skills gap, as the U.S. manufacturing industry continues to create diverse jobs involving advanced technologies and innovation,” said Michelle Drew Rodriguez, senior manager, Deloitte Services LP and manufacturing leader for Deloitte’s Center for Industry Insights.

“The demand for these high-skilled positions is expected to soar over the next decade with 3.5 million manufacturing jobs becoming available between 2015 and 2025 as the industry evolves and baby boomers continue to retire,” said Rodriquez.

 

 

 

 

 

Pair of GASB Guides Help to Clarify Standards

(AccountingWEB) May 16, 2017 – Two new implementation guides issued by the Governmental Accounting Standards Board (GASB) on May 9 contain questions and answers that clarify or explain several accounting and financial reporting standards for state and local governments.

Implementation Guide No. 2017-1, Implementation Guidance Update—2017, addresses a wide variety of practice issues related to the following standards:

  • Pensions
  • Cash flow statements
  • Financial reporting entities
  • Investments
  • External investment pools
  • Fund balances
  • Tax abatements

The guide also includes amendments to previously issued GASB implementation guidance.

Implementation Guide No. 2017-2, Financial Reporting for Postemployment Benefit Plans Other Than Pension Plans, provides answers to more than 150 questions about GASB Statement No. 74, Financial Reporting for Postemployment Benefit Plans Other Than Pension Plans.

The questions and answers contained in GASB implementation guides constitute Category B authoritative guidance under US GAAP. The guidance is applicable to all state and local governments that follow GAAP when preparing their financial statements.

 

 

 

 

 

IIA Guidance Digs into Big Data Risks, Opportunities

(Compliance Week) May 11, 2017 – Big data represents both a growing risk and a growing resource for internal auditors, prompting the Institute of Internal Auditors to offer some new guidance meant to help auditors address it and leverage it.

The IIA’s nearly 50-page paper provides an overview of big data for the benefit of internal auditors who may be tasked both with using it and assessing risks associated with it. The paper covers the value of big data, the components, strategies, implementation considerations, data governance, consumption, and reporting, not to mention the associated risks. The guide explains what the IIA regards as internal auditors’ roles and responsibilities when performing any kind of advisory or assurance procedures related to big data.

That begins with considering the role of big data within the organization as part of the risk assessment and audit planning processes, the guidance says. Auditors typically plan to address big data risk in the context of multiple audits where it arises rather than a single audit looking at all big data risks. Auditors should plan to look at process and technology controls and should focus on how the data is being both consumed and acted upon within the organization.

The risks associated with big data that deserve internal audit scrutiny are numerous and complex, the IIA says. They include poor data quality, inadequate technology, insufficient security, and immature data governance practices. The company’s chief information officer should become the auditor’s go-to expert in understanding the risks associated with collecting, storing, analyzing, and securing big data.

The IIA says auditors must verify that the objectives of a big data program are aligned with the company’s business strategy, performing tests to show that the big data program provides value and is appropriately supported by leadership in the company. It is up to internal auditors to check the confidentiality, integrity, availability, and performance of big data systems, assuring they align with management’s business requirements and needs. Auditors also need to check the quality, security, and privacy of the data used for analysis, not to mention the analytical outputs.

The IIA guidance also gives internal auditors a little advice on using the data as an audit tool, beyond auditing the data or the big data effort itself. The company may have already acquired, consolidated, and integrated the data, enabling internal audit to realize efficiencies, the paper says.

 

 

 

 

 

WannaCry Global Ransomware Attack Shows Why Businesses Should Prepare for Loss or Unwanted Encryption of Key Data

(JDSupra) By Stacy Harper and Tedrick Housh, May 17, 2017 – “Oops, your files have been encrypted!” On Friday, May 12, 2017, employees around the world found this message on their computer screens. A massive cyberattack has used variants of the WannaCry ransomware program to infect more than 230,000 computers in 150 countries, demanding Bitcoin ransom payments in 28 languages. Across the globe, many factories, hospitals, offices, government agencies and other entities shut down or were seriously affected.

No country was immune, with Russia, Ukraine, China and EU countries hit hardest. Fortunately, the malware contained an inherent “kill switch,” coding defects and a non-automatic payment scheme, so that most businesses could remedy the problem, and only about 200 payments totaling $50,000 in ransom had been collected on the three WannaCry Bitcoin accounts through Monday afternoon. The danger has not been abated, however, as experts fear new strains of the ransomware will be more robust. For now, WannaCry should serve as a wake-up call to all of us.

Legal Concerns.  A company facing a ransom demand is in a quandary and should consult with computer experts and legal counsel on the pros and cons of paying a ransom. Most do not pay. As cyberjournalist Brian Krebs notes, law enforcement or white hat cyber resources may have already worked out a way to break or sidestep the encryption, sometimes posting the keys to unlock the malware online, free of charge. Payment of a ransom on Bitcoin is a unique transaction and is no guarantee the attacker will release the data to you. Further, payment often results in your company finding itself in the crosshairs of other malefactors looking for companies willing to pay. In some cases, however, the stakes may be so high you may want to assume the risk of payment.

Other legal disputes will invariably follow this massive WannaCry attack, as parties try to determine responsibility for their related losses and liabilities. If, for example, your business entrusted a vendor or other business with sensitive information, that party may have contractual or other obligations to have prevented or mitigated the ransomware harm. Also, cyber insurance may cover some or all of the damages, depending on policy language and its interpretation.

In addition to restoring your company’s access to your data, a ransomware infection may trigger notification or other regulatory obligations under state or federal law. These obligations frequently turn on the nature of the ransomware, the type of information affected (protected health information or personally identifiable information), the method of infection, and the steps you take to mitigate the incident. HHS, responsible for enforcing HIPAA, has published guidance regarding the potential impact of a ransomware infection on breach notification obligations.

What are some of the best defenses to ransomware and similar threats?

An Information Security Plan.  Adopt and maintain one. It should serve as your guidebook for data security and practices. An information security plan should not be for the exclusive use of the IT department, although they will use it most often. It should contain summaries and directions that non-IT employees can follow.    

Among other things, an information security plan should contain procedures for up-to-date software and a process for timely installing security patches. WannaCry targeted computers using Microsoft Windows XP, for which Microsoft has not issued security patches for the last three years (although Microsoft just issued a special security patch). Many businesses have found they had an old PC somewhere running Windows XP, and WannaCry found and exploited it.

Ransomware and other malware most typically enter a company’s system through “phishing” emails, upon which employees unwittingly click and download the infiltrating program. Anti-phishing programs and software are out there, but none are perfect. By training your workforce and adopting a culture of computer hygiene and threat awareness, you can reduce your exposure.  Make these and other good practices part of your Information Security Plan.

An Incident Response Plan.  If you have an Incident Response Plan and Team as part of your overall business recovery strategy, you will not be starting from square one when you become the victim of a breach or malware attack. In the process of adopting a plan, companies often realize existing, previously unknown, vulnerabilities.

As part of a comprehensive Incident Response Plan, you should have an up-to-date inventory of your key data, as well as the backup status for all your systems. By testing the recovery of data from backup in different scenarios, you will have a preview of time and success/failure rates for the various threats.

In developing the response plan, you may have different personnel, vendors and other resources in place for different threats, whether it is a Dedicated Denial of Service Attack upon your website, a lost or stolen laptop or flash drive, or ransomware.

 

 

 

 

 

Big Data Driving SEC Focus on Disclosures, Recommendations and Security

(Financial Planning) By Kenneth Corbin, May 16, 2017 –Advisers will see SEC regulators employ new methods to investigate a firm's staff training, the suitability of its investment recommendations, conflicts of interest disclosures and cybersecurity safeguards, according to attorneys at the law firm Eversheds Sutherland.

Even if, as many observers expect, enforcement under newly minted SEC Chairman Jay Clayton is not as vigorous as it has been under his predecessors, there will be still be a focus on the most problematic types of conduct, enhanced by increased analysis of large swaths of data.

In a recent presentation, Eversheds Sutherland attorney Adam Pollet highlighted the case the SEC brought against UBS involving the sale of more than $500 million of reverse convertible notes to retail investors, without sufficiently training its advisers on the contours of those complex products.

"Because of the lack of adequate education training, the SEC found that certain reps made unsuitable recommendations. The SEC charged the firm with program-wide violations, rather than finding unsuitable sale for particular customers, and that's where the big data issue comes into play," Pollet says.

"The takeaways here are, first, while RCNs and other complex products aren't per se unsuitable, this case shows that broker-dealers have to adequately train their sales force to deal with suitability issues with regard to their customers, and particularly customers with limited experience or lower net worth or income," he says.

"Second, the case demonstrates the SEC is becoming more sophisticated harnessing big data to build enforcement cases, and it's possible that there could be future unsuitability cases based just on data."

'A BIG AREA'

Last year may have brought a high-water mark for enforcement at the SEC, when the commission brought a record 868 cases, according to Eversheds Sutherland. The commission also set records for actions brought against broker-dealers and investment advisers or investment companies, at 173 and 159, respectively.

A key part of that scrutiny arises over how advisers are handling conflicts of interest, an issue of mounting concern for SEC enforcement officials.

"This is a big area, and we've seen a number of enforcement actions here," says Eversheds Sutherland partner Brian Rubin.

SEC enforcement statistics
Rubin noted the case the SEC brought against the Robare Group in 2014, where official alleged that the principals of the Houston-based RIA had failed to fully disclose the potential conflicts of interests that could arise from the payments the firm received from its custodian, Fidelity, for placing clients' assets in certain mutual funds. That case has been through a number of twists and turns, with the SEC overturning the initial decision of an administrative law judge to dismiss the matter, which is now pending an appeal in circuit court.

But regardless of how that case turns out, Rubin cautions advisers to revisit their regulatory filings to ensure that they are "disclosing all sources of compensation or potential compensation in their form ADVs that might lead to potential or actual conflicts."

"The takeaways here are first that the SEC will charge a firm for marginal conflicts, even when there's no evidence of harm," he says. "Second, the SEC found that individuals caused the violation on behalf of the adviser, and we're seeing this pop up more and more where the SEC is charging individuals for the firm violations."

SHARE CLASS, CYBER FOCUS

Similarly, the SEC has been ramping up its focus on share classes. The commission has already brought some cases — and Rubin says he knows of "several more in the works" — involving advisers who have been dinged for placing clients in fund shares that carried 12b-1 or other fees, when they were eligible for a no-fee share class.

"If any firms have not focused specifically on 12b-1 and advisory accounts, you should do that because the SEC is looking at that a lot," Rubin says.

Cybersecurity and the larger issue of safeguarding client information are another front where observers expect more activity from enforcement authorities.

In a case that Pollet cites as a cautionary tale, the SEC took action against Morgan Stanley last June, hitting the broker with a $1 million penalty for failing to safeguard client information. A former employee who should not have had access to client data transferred information about more than 700,000 accounts to his personal server, which was subsequently hacked, and some of the clients' information ended up for sale on the internet.

In announcing the disposition of that case, then-enforcement chief Andrew Ceresney noted the importance of having in place policies and procedures governing clients' personal information and who at the firm has access to that data.

"But just having policies and procedures alone isn't going to be enough. Firms should consider testing, auditing and monitoring them as well," Pollet says. "Cybersecurity and other related issues that surround it are growing in importance, and we can expect to see a lot more of these types of cases going forward."