First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Accounting Systems and Controls

Talking about risk and opportunity

Some talk about opportunity as “the other side of the coin” from risk. COSO views the two words, risk and opportunity, as one is good and the other is bad. ISO seems them differently, defining risk as the effect on objectives. That effect could be positive or harmful.

 

, ,

SEC investigates cyber-related frauds

On October 16th, the US Securities and Exchange Commission published Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934 Regarding Certain Cyber-Related Frauds Perpetrated Against Public Companies and Related Internal Accounting Controls Requirements.

 

, , , , ,

Bitcoin and cryptocurrency litigation

Bitcoin and other cryptocurrencies are gaining more attention as days pass. Aside from the advantages that cryptocurrencies have like anonymity and easy international transactions, people are enticed by the fact that it can become a good investment.

 

, , , ,

Use payroll reports to improve internal controls

Payroll reports, if properly designed, prepared, distributed and reviewed, assist with more than just cost control—they can help to significantly improve several internal controls. Very simply put, internal controls include the activities, processes, policies and procedures which an organization implements to ensure that it meets its objectives.

 

, , , , , , ,

What constitutes a MAC in an M&A deal?

On October 1, 2018, the Delaware Court of Chancery released its decision in Akorn, Inc. v. Fresenius Kabi AG, finding for the first time that a buyer had properly terminated a public company merger agreement based on the occurrence of a “material adverse effect” (sometimes also referred to as a “material adverse change,” “MAC” or “MAE”).

 

, , ,

Uniting risk management with strategic planning

Who can argue that the consideration of what might happen (what some refer to as risk) should be part of the strategic planning process? Objectives and strategies should be set only after thinking carefully about where you are, what is happening around you, and what may happen in the future.

 

, ,

Why are SOX compliance costs increasing so much?

From a recent survey by Protiviti, the information on how many organizations had to issue a cyber-security disclosure is interesting. Apparently, this generally resulted in an increase on SOX compliance hours – although the reason for a significant increase is not clear.

 

, , , , ,

Draft amending regulations issued under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, including in respect of virtual currencies and prepaid cards

New regulations issued June 9, 2018, follow the recent 2016 Financial Action Task Force (FATF) Mutual Evaluation Report for Canada (the “FATF Report”) which concluded that Canada largely has a strong legal framework and competent authorities dealing with money laundering and terrorist financing risks, but noted certain deficiencies that needed to be addressed.

 

, , ,

FCAC releases report on best practices in financial consumer protection

The Report on Best Practices in Financial Consumer Protection published by the Financial Consumer Agency of Canada outlines several best practices for financial consumer protection regimes.

 

, , ,

What is an internal control, really?

What is a control, at an abstract level: what is it supposed to achieve, and how is it supposed to operate within an organization?

 

, , ,

So what if the risk is high?

Most organizations cannot afford to reduce every single risk to what some practitioners would deem acceptable. Providing actionable information about all the things that might happen, not by using terms like High, Medium, or Low, but in specific business terms will help evaluate which risks to take.

 

, , , , ,

New COSO ERM Guidance for ESG

It is essential to provide leaders with actionable information. Simply rating a risk as high or valuing it at $250,000 is meaningless. Leaders need to be able to make decisions between addressing one risk vs another, and going forward with a project given all the uncertainties related to its success. For that they need clear, detailed information, not a simple risk rating.

 

, , ,

Department of Finance Canada issues consultation paper on review of the Canadian Payments Act

A recent Consultation Paper sought comments on whether the 2015 Amendments had been successful in better enabling Payments Canada to meet its mandate to promote the efficiency, safety, and soundness of its systems while taking into account the interests of users.

 

, , , , ,

30 months in jail for facilitating false donation tax scheme

While donors to fraudulent donation schemes may not be morally innocent, their culpability does not reach the level of the promoters of these schemes. It is refreshing to see the CRA prosecuting those responsible, rather than merely reassessing and penalizing taxpayers.

 

, , ,

European commission releases proposal to regulate crowdfunding

Crowdfunding Service Providers (CSPs) can provide businesses and individuals with a digital platform to reach out to potential investors for funding. Presently, some EU countries have their own national legislation on crowdfunding while others require CSPs to be licensed and operate under EU frameworks.

 

, , , , ,

Previous Posts