by Gregory S. Dowell February 29, 2020 A  local business had taken an ownership position in a distillery in the Midwest. The distillery was the brainchild of one man, and he came to the concept of micro-distillery at exactly the right time. The industry was not set to explode for a couple of years yet, so he was an entrepreneur who was in the right place and the right time, just as the demand curve was accelerating. The distillery business was exciting, and was piggy-backing on the buzz of the microbrewery boom that had taken place. By virtue of knowing my client, the entrepreneur was also fortunate to have the right investor – someone with deep pockets and industry connections that could help the distillery get to market quickly. The plan, as articulated to the investor, was to expand, expand, and expand, selling as many barrels as possible to gain a foothold, then to sell out to one of the big distilling houses. Everything was rosy during the “dating” stage; the investor was enamored with the entrepreneur and vice versa. However, it wasn’t long before the flow of information from the investor slowed to a trickle. Sure, he was always there with plenty of verbiage and marketing hype, but he didn’t like to put hard, cold financial information in front of the investor. At the same time, there were always capital calls that needed to be made within a tight timeframe – maybe it was a great opportunity to buy supplies or product, or maybe it was a too-good-to-pass-up chance to expand with more equipment, but the demands for cash were always immediate and significant. When the investor had enough of the financial demands and the dancing around, he contacted our firm. He was several million into the deal. The task sounded deceptively simple: Figure out if the distillery was making money. If it wasn’t, what was the reason, and what realistically was the rate of cash burn for the foreseeable future? The entire experience can be summed up from the initial meetings that were held. From the moment of our first interview with the entrepreneur, we were uncomfortable. He was less than forthcoming when we asked pointed questions about the financials. He said he couldn’t let us look at the accounting records immediately because they had fallen behind with the recordkeeping. Later, he indicated that they lacked the ability to accurately track their expenses and cost of goods sold. Our team of CPAs went on-site to one of their locations (they had two), with the express intent of seeing what data might or might not exist – we were kicking the tires and looking under hood. The visit was planned well in advance, and the business had plenty of time to prepare. From one perspective, the day on-site was wasted, as there was a lot of standing around while the entrepreneur and his internal accounting team attempted to pull the records together. From another perspective, that day told us volumes about the business, re-affirming our initial gut reaction to the business and the entrepreneur. When we finally received information, it was a nearly useful blend of excel spreadsheets and handwritten notes. This engagement lasted several weeks, with many more delays caused by the entrepreneur and many more reams of bad data. All the while, however, the entrepreneur continued to pressure the investor for another capital infusion. The paradox, of course, was that the entrepreneur could not show that he had been a good steward of what had been entrusted with him, and yet he wanted more. While we were saddled with bad data and an entrepreneur who was interested in obfuscating the truth, our team of CPAs persevered. Using forensic accounting techniques, we pulled together the most reliable financial data possible, so that we could ultimately give our client a sense of the real financial condition of the business, as well as where it was headed. After sharing the results and our insights, it was clear that our investor needed to find an exit strategy, or at least limit any further financial damage. From our perspective, we look back on this engagement as a reminder of the power of doing the fundamental things right in a business. All of the talk and hype may sound clever and mesmerizing, but eventually what counts is financial performance. Transparency is important; when business partners cease being transparent, let the buyer beware.

by Gregory S. Dowell August 26, 2019 I  t’s not the first time this has happened, but scammers are once again using emails to pose as the IRS in an attempt to steal and extort money from the public. The emails mimic the look and feel of the IRS’ communications and bear subject lines such as “Automatic Income Tax Reminder” and “Electronic Tax Return Reminder”. This most recent scam just turned up in the last week or so, and the IRS and its security partner, Security Summit, are eager to get the word out to taxpayers. The Security Summit, by the way, is a partnering between the IRS, major tax preparation chains, tax preparation software providers, and state taxing authorities to combat tax scams and identity theft. It has been widely reported, but bears repeating again: The IRS does not send unsolicited emails to taxpayers, and the IRS never emails taxpayers about the status of their returns. The latest scam has embedded links to what appear to be an IRS.gov website. The website tries to lure the visitor to sign on by using a one-time or temporary password to access files, tempting the visitor with access to a refund. The goal is to get the visitor to access the files, which turn out to be a strategy to transfer malware and other viruses to the visitor’s computer. Once there, the malware does it thing – collecting personal data and financial information. The IRS notes that these scams are growing more and more sophisticated, not only in the look and feel of the fictitious communication from the government, but also in the way the scam is deployed across numerous websites, making the scam very difficult to shut down, even after it has been detected. Taxpayers should bear a very simple rule in mind: The IRS will not contact a taxpayer via email or social media or the phone in an unsolicited attempt to demand payment or financial information. The IRS sends notices via the US mail. Another simple rule that is equally important is that the recipient of an unsolicited email should never open an attachment on that email. This includes emails that appear to be from friends, family, attorneys, accountants, business partners, the IRS, etc. If there is enough concern that the email and attachment might be valid, pick up the phone and call the sender to validate the email. Those rogue emails should be permanently and immediately deleted (not just deleted or sent to trash) from the computer.

July 30, 2019 by Gregory S. Dowell A  s reported by several news outlets, a lawsuit has been filed by KeyBank, claiming that the bank is the victim of a massive payroll fraud that was perpetrated by a payroll processing company. According to the lawsuit, KeyBank is out about $122 million dollars, which was to be covered by funds drawn on another bank (Lake City Bank), but the checks bounced when the account at Lake City Bank was overdrawn. It appears that other businesses are out funds as well. Several businesses have been advised by employees that payroll funds did not hit their accounts, and businesses have had to use additional funds to cover the shortfalls. Presumably, taxes were not deposited with the Federal and State governments as well. It remains to be seen who will suffer the ultimate losses (insurance may pick up some of the brunt of the fraud), but businesses will certainly be impacted. The payroll processing company, IOI, has been in business for several years and claims to have some 6,000 clients across the country. Its owner, Najeeb Khan, is well-known and sits on several corporate boards. Apparently, he is also a lover of the good things in life, and has an extensive collection of cars, boats, and planes. While there is more information needed to complete this story, businesses can learn some lessons from this experience. If the fraud charges are accurate, the lavish lifestyle of the owner served as a tip. Businesses should have a process to check every payroll period to be sure that taxes were deposited with the proper authorities. Mailing addresses for payroll should not be changed from the business’ address, so that delinquent notices will come to the attention of management. While IOI was relatively large, businesses should also think twice before using a payroll service that is unknown or too small; in those cases, it may be very difficult to have any semblance of internal controls, the owners may have unfettered access to the employer’s cash, and it may be impossible to recover any funds.

by Gary Lasker October 1, 2018 I  ntroduction The new revenue recognition standard will become effective for most entities in 2019. This new standard created a totally new accounting model for recognizing revenue. Its purpose is to standardize the way entities recognize revenue. Some entities may have insignificant changes as a result of this new standard while other entities may end up with a large impact upon adoption. However, almost all entities will have to deal with additional disclosure requirements. Significant Changes There are some major changes between current accounting guidance and the new guidance. For instance, revenue is currently recognized when the transfer of risks and rewards of ownership occurs either at a point in time or over time. The new standard replaces this risk and rewards model with various transfer of control scenarios as the gauge to determine when revenue should be recognized. Another big change is the modification of the unit of accounting grouping used to account for revenue recognition. Units of account under which a transaction price and hence revenue are determined will be known as performance obligations. Performance obligations are analogous to deliverables or elements of a contract. Under the new revenue recognition standard, performance obligations may differ from the units of account used currently to account for and recognize revenue. Consequently, this could impact the amount and timing of revenue recognition which can affect key performance measures such as bank loan covenant ratios. Multiple performance obligations included in a contract will not be that unusual with the new separate unit of accounting criteria. As a final point, one of the pillars of revenue recognition in current revenue guidance is that the seller’s price to the customer is fixed or determinable. The new standard changes this by allowing for variable consideration which can accelerate revenue recognition in some circumstances. Five-Step Revenue Recognition Model The fundamental principle of the new standard is that an entity should recognize revenue to depict the transfer of promised goods and services to customers in an amount that reflects the consideration (payment) to which the entity expects to be entitled in exchange for those goods or services. To carry out this objective, the standard created a five-step model for most entities to follow when recognizing revenue: Identify the contract or contracts with the customer. Identify the performance obligations in the contract. Determine the transaction price. Allocate the transaction price to the performance obligations in the contract. Recognize revenue when or as the entity satisfies a performance obligation. Given the above framework, let us begin a brief review of the five-step process. Step 1 – Identify the contract or contracts with the customer The term contract, as defined by the Financial Accounting Standards Board, is an agreement between two or more parties that creates enforceable rights and obligations. The contracts can be written, oral, or electronically produced. Agreements do not have to be in writing to be considered a contract in the context of the pronouncement. The parties must have approved the contract and be committed to perform their acknowledged obligations. Step 2 – Identify the performance obligations in the contract Performance obligations are analogous to deliverables, elements, or components of a contract in the present guidance. Performance obligations are essentially what the entity is doing to earn the revenue. All arrangements will need to be analyzed to determine the goods and/or services the entity promises to transfer to a customer. An identification of all distinct performance obligations in an arrangement is a requirement in this step. In many cases, contracts will have more identified performance obligations that would be accounted for separately than under the existing revenue recognition rules. Step 3 – Determine the transaction price The transaction price is the amount of consideration (for example, payment) the entity expects to be entitled to for transferring the promised goods and services to its customers, excluding amounts collected on behalf of third parties. The transaction price could be fixed, variable, or even a combination of both. When the promised amount of consideration is variable, the transaction price is estimated using either the expected value method or the most likely amount method depending on which estimate is the better predictor of the consideration to which the seller is entitled. These methods provide estimates of the transaction price the entity would expect to receive. The amount of the resulting transaction price estimate should be only to the extent that it would be probable that a significant reversal of this estimate would not occur after the uncertainty related to the variable consideration is eventually resolved. Variable consideration can come from discounts, rebates, incentives, bonuses, and other like items. Businesses must also consider the effects of significant financing components and noncash payments when determining the transaction price. Step 4 – Allocate the transaction price to the performance obligations in the contract If a contract has more than one performance obligation, the seller allocates the transaction price to each performance obligation based on their relative standalone selling prices. The standalone selling price is the price at which the entity would sell a good or service separately to a customer. There are three suitable methods mentioned in the new standard to estimate standalone selling price if not observable. These three methods are the adjusted market approach, expected cost plus margin approach, and the residual method. Sometimes the transaction price has a discount or another form of variable consideration that relates to one or more of the performance obligations in a contract. Variable consideration would only be allocated to the performance obligations they are related to. Step 5 – Recognize revenue when or as the entity satisfies a performance obligation This is the last step in the five-step model. Under the new guidance, an entity should recognize revenue when or as it satisfies a performance obligation by transferring a good or service to a customer. A good or service is considered transferred when or as the customer obtains control over the good or service. Control by the customer would be attained either at a point in time or over time. It is up to the entity to evaluate whether the performance obligation is satisfied at a point in time or over time. Control in the new revenue recognition standard context is defined as the ability to direct the use of and obtain substantially all of the remaining benefits from the asset. Control would also include the ability to prevent other entities from directing the use of and getting benefits from the use of the asset. The new standard provides a list of transfer of control indicators which includes having legal title to an asset, having physical possession, and acceptance of the asset to name a few. Footnote Disclosures It should be no surprise to anyone that the new revenue recognition standard requires enhanced footnote disclosures. These disclosures are supposed to provide readers of financial statements with comprehensive information regarding the entity’s major revenue streams. Various disclosure requirements under the new standard include a.) Disaggregation of revenue into various categories [some examples are by major product lines, geographical, type of customer], b.) Disclosure of Contract balances and changes in the opening and closing balances during the reporting period, c.) Transaction prices allocated to the remaining performance obligations that are unsatisfied at the end of the reporting period, d.) Judgements made in applying the revenue recognition guidance, and e.) Information pertaining to performance obligations with the entity’s customers. Transition Effects Some entities may find that following the five revenue recognition steps are easy and some entities may find those steps rather difficult to follow. When a fixed amount is received at the same time the transaction occurs, the transaction price is easy to establish. But when consideration is deemed variable and there are multiple performance obligations in a contract, recording the proper revenue amount is more difficult. The effort required to transition to the new standard should not be underestimated. Many new estimates and judgements must be made in order to comply with the five-step model. Thus, implementation of the new standard cannot start soon enough.

By Gary Lasker T  o properly respond to fraud, business owners need to understand why certain individuals commit fraud. The fraud triangle has become the model for providing an understanding of fraud. The basis of the fraud triangle is that every fraud has the following three elements in common: 1.) pressure (generally financial), 2.) opportunity to pilfer cash and other assets (ability to commit the fraudulent act), and 3.) rationalization of the fraudulent act (the reason for justifying the fraud). One of the major accounting cycles in every establishment is sales and cash receipts. In fact, every business establishment makes deposits. Cash receipts, cash disbursements, and payroll are common areas of employee embezzlement as these areas are where the cash flows. Certain cash controls should be in place regardless of the size of the business. Accordingly, in this article, we will briefly discuss important internal controls to prevent the stealing of cash and other remittances received by a business. The basic premise of internal control is that no single employee should handle all phases of a transaction and maintain all the related accounting records. Thus, separation of duties is the key element to having good cash receipt controls as it helps to prevent an employee from committing and concealing a fraud. Employers normally cannot control employee financial pressure, motivation, or even influence an individual’s own code of ethics. But, employers can control the opportunity to steal element of the fraud triangle. The best way to limit opportunity is to have good internal controls. Separation of duties reduces the opportunity for embezzlement to near zero. Lax internal controls provide a temptation to steal for employees at all levels of an organization, especially for those with financial problems. Separation of cash receipt duties involves having a person, and preferably two people, being present to open the mail and to initially record all cash and checks received in either a computerized or manual cash receipts log. The cash receipts log should preferably be in a prescribed form and normally includes the date received, customer’s name, type of payment (cash, check, or wire), and a description of what the payment was for. All checks should be immediately restrictively endorsed “for deposit only” with a hand stamp that includes the name and bank account number of the business. Next, another employee should prepare the deposit slip from the log. Subsequently, yet a different individual should post the accounts receivable payments to the customer accounts. A different employee altogether should make the daily bank deposit. A person independent of the cash receipts and account receivable functions should compare the details in the cash receipts log to the bank deposit slips and then to the bank statement. Ideally, duties of the initial recording of cash receipts, the bank deposit, bank reconciliation, posting of cash receipt payments, and reconciliation of the accounts receivable subsidiary ledger with the general ledger balance should be segregated to help prevent cash theft. In very small organizations, where segregation of duties can be a challenge, focus on segregating the duties of handling the cash receipts from the revenue and accounts receivable recording functions. In addition to separation of duties, there are other important controls to implement to decrease the risk of fraud during the cash receipt process. Some of these controls include: 1.) signing of the cash receipt log to establish a permanent record of the initial cash receipt intake, 2.) making daily deposits as this makes it easier to trace and reconcile daily postings to the bank deposits, 3.) keeping undeposited funds in a safe, 4.) considering the use of a lockbox whereby payments are remitted to a post office box and the bank collects and processes the remittances especially for entities with a large volume of cash receipts, 5.) using multi-part bank deposit slips, 6.) bonding of employees who handle cash receipts, 7.) monitoring the work of employees involved in the cash receipting system, and 8.) considering having your customers transfer funds electronically. Good controls are the most important means of limiting opportunities to steal funds. The above controls normally reduce the risk of cash receipt theft to a very low likelihood. Of course, every business must evaluate each control on a cost-benefit basis to decide which controls to implement.

by Gregory S. Dowell August 16, 2018 N  onprofits are subject to fraud and theft, even more so than for-profit businesses. There are a variety of reasons, but at the core of this tendency are almost always scant controls over cash, too much control invested in one or two people, and a lack of oversight. The New York Times reported recently on a story that underscores these unfortunately common themes. In this case, cafeteria workers embezzled close to $500,000 in lunch money (yes, lunch money) from middle and high school cafeterias in New Canaan, Connecticut. For those not familiar, New Canaan is a very affluent city on the east coast, pulling much of its population from the wealthy citizens of New York City. The loss of $500,000 is believed to have happened between 2012 and 2017, and was apparently under the radar screen of school officials until very recently. However, the fraud may go back as far as 15 years. The New Canaan police department has now arrested two women – sisters, no less – who are the alleged perpetrators. According to police, the sisters, who were in positions of authority as supervisors, would routinely take cash from the collection drawer that was paid by students for their lunches. As an indicator of the amounts possibly involved, the police noted that after one of the sisters had resigned from her job, the average daily cash intake from one of the schools jumped from about $40 to $150 per day. It was the implementation of some additional financial controls by the school district that finally flushed out the fraud; prior to those controls being put in place, the district was unaware of the problem. The alleged criminals were patient, stole money over a long period of time, and kept the amounts that they ciphered off at relatively small levels on a daily basis. Not to excuse the school district, but those particular characteristics make it very difficult to spot fraud. Clearly, no checks and balances existed and internal control policies did not exist (or were not enforced). Nonprofits, particularly those that deal in cash, should read this story carefully and then do a little self-reflection. This is not the kind of publicity or stewardship that makes donors happy.

By Gregory S. Dowell August 9, 2018 B  ack in 2016, an audit standard was adopted by the Financial Accounting Standards Board (ASU 2016-14), which makes changes to the financial statements for virtually every nonprofit organization. Because the implementation date was delayed, this standard has not received much attention by nonprofit organizations. However, the standard will make these changes mandatory and will affect the 2018 financial statements of many nonprofits. Nonprofits should also be aware that implementing these standards may come at a cost – both internally (in their accounting department or requiring more time from volunteers), or externally (as external auditors have to implement the changes to the financials). The goal of the standard is clarity; the effort is to make the financial statements (and the organization’s financial position) more clear and understandable to the reader, user, donor, creditor, etc. The following is a brief overview of the changes resulting from ASU 2016-14:. Net Asset Classification: The new guidance will require your financial statements to present the amount for each of two classes of net assets on the face of the statement of financial position, as follows: net assets with donor restrictions net assets without donor restrictions The previous categories of temporarily and permanently restricted net assets are no longer presented, but are combined into a single category. To enhance readers’ understanding of the donor restrictions, footnote disclosures will be required to include the timing and nature of the restrictions, as well as the composition of net assets with donor restrictions at the end of the period. The disclosures will continue to show an analysis by time, purpose, and perpetual restrictions. Underwater Endowments: As part of the change to classification of net assets, endowments that have a current fair value that is less than the original gift amount (or amount required to be retained by donor or by law), known as underwater endowments, will now be classified in net assets with donor restrictions, instead of the current classification in unrestricted net assets. Expanded disclosures will be required to include the following information: The original amount of the endowment The NFP’s policy relating to spending from these funds Whether that policy was followed Board-designated Net Assets: At times, an NFP’s governing board may make designations or appropriations that result in self-imposed limits on the use of resources without donor restrictions, known as board-designated net assets; enhanced disclosure information will be required on the amounts and purposes of these designations. In addition, the placed-in-service approach will be required when releasing restrictions related to long-lived assets. The option to imply a time restriction and release the restriction over an asset’s useful life will no longer be permitted. Information about Liquidity: NFPs will be required to disclose both quantitative and qualitative information about the availability of and how the NFP manages its liquid available resource to meet cash needs for general expenditures within one year of the balance sheet date. The goal of this change is to improve the ability of financial statement users to assess the NFP’s available financial resources and the liquidity of those resources. Presenting Expenses: To make information about expenses more comparable and useful, all NFPs will be required to provide information about their operating expenses by both nature and function—on the face of the statement of activities, as a separate statement, or in the notes to the financial statements., supplemented with enhanced disclosures about the methods used to allocate costs among functions. Investment Return: A net presentation of investment expenses against investment return will be required on the face of the statement of activities. External and direct internal investment expenses will be netted against the investment return. Disclosing the components of investment expense will no longer be required. Statement of Cash Flows: NFPs can continue to present either the direct or indirect method of reporting operating cash flows. However, the presentation or disclosure of the indirect method reconciliation is no longer required if the NFP uses the direct method. Effective Date and Transition: The amendments are effective for annual financial statements issued for fiscal years beginning after December 15, 2017, and for interim periods within fiscal years beginning after December 15, 2018. Because virtually every nonprofit organization will be impacted by ASU 2016-14, we recommend that boards (and their finance and/or audit committees) take the time to address these changes prior to the end of the year. New financial resources may need to be allocated to implementing the changes, and the board should be aware of those estimated costs as well. Holding a conference with the external auditor is a good place to begin this process.

Gregory S. Dowell March 13, 2018  The Not-for-Profit section of the AICPA recently published a list of 10 steps that nonprofits can take to facilitate their annual financial audit. For the benefit of our nonprofit clients, we are re-printing the list in its entirety: If preparing for your upcoming audit seems daunting, you’re not alone. Many of us feel a sense of dread at fiscal year-end. We’ve compiled our best tips to help you have a smooth audit: 1. Plan ahead. Devote additional time both prior to and in connection with year-end close to adequately prepare for the audit, to be available during audit fieldwork, and to communicate with those involved in the audit process. Proper planning and clear expectations will help minimize anxiety and frustration. To be ahead of the curve, treat audit preparation as a year-long process. By keeping schedules and reconciliations up-to-date throughout the year, you can reduce the time it takes to prepare for the audit at the end of the year. Also, maintain an open line of communication between the organization and the external auditors during the year rather than waiting until the audit to discuss new or unusual transactions. This will minimize surprises and allow the organization to make appropriate plans or necessary changes. 2. Stay up-to-date on accounting standards. New accounting pronouncements may affect your organization’s audit. You will want to stay up-to-date because you may need to manage or track data in a different way (for example, by updating documentation or reorganizing the chart of accounts) in order to implement new standards. Also, be sure to assess whether accounting personnel require any additional training or information in order to implement the new requirements. The AICPA provides eNewsAlerts for its members on new and emerging trends affecting NFPs through its Not-for-Profit Section and also publishes the annual Not-for-Profit Entities – Audit & Accounting Guide . To go straight to the source, refer to the Financial Accounting Standards Board’s website, fasb.org, to determine which new accounting pronouncements are effective for the year under audit. 3. Assess changes in activities. Did the organization start a new program or receive a new grant? Are there any new reporting requirements? Were any activities discontinued, or were there any impairments? Were there significant changes in internal control systems? Such changes in activities may trigger accounting and reporting considerations that should be communicated to the auditor during the planning process. 4. Learn from the past. Take stock of any prior year audit adjustments, internal control recommendations, or struggles encountered during prior audits. These can be a starting point for self-review and a memory-jogger to insure these issues are not repeated. During the planning meeting with the auditors, discuss what went well during last year’s audit and where there may be opportunities for improvement or more effective communication between the organization and the auditors. 5. Develop timeline and assign responsibility. Review the list of workpapers and schedules requested by the auditors, making sure to obtain clarification of requested information when necessary. Assign each item from the list to a responsible person and include a due date. Make sure to allow adequate time for review and correction of schedules if necessary. Tackle the most difficult, complex, or time-consuming areas first when possible. The drafts of the financial statements, schedules, workpapers or other items requested by the auditor should be available on or before the first day of audit fieldwork. 6. Organize data. Create a repository of audit schedules that can be accessed in future years by the appropriate personnel. Consider creating subfolders for significant transaction cycles or categories, such as cash, revenue and receivables, expenses and payables, investments, fixed assets, debt, etc. to make it easier to manage and retrieve schedules. Schedules and workpapers containing sensitive information, such as payroll, may need to be password-protected or maintained in an appropriately restricted network location. 7. Ask questions. If an item requested by the auditor is unclear, ask for clarification prior to the start of fieldwork to avoid potential delays. Auditors are generally happy to answer accounting questions regarding unusual or infrequent transactions the organization may need assistance in accounting for. Also, ask questions of those within the organization to obtain information necessary to prepare required footnote disclosures. Such discussions could include significant accounting estimates, pending or threatened litigation, related party transactions, commitments and contingencies, and other topics necessary to prepare required footnote disclosures. 8. Perform a self-review. Once all year-end closing entries are made, review schedules and workpapers to ensure amounts agree or reconcile to the trial balance. Take a step back and assess the overall financial statements for reasonableness. Also read and update the notes to your financial statements, and refer to a disclosure checklist to make sure you have included all the required information. Be prepared to explain financial statement line item variances from year to year or from budget to actual. 9. Be available during fieldwork. Avoid key personnel scheduling time off during the audit, and consider rescheduling or postponing non-critical meetings for finance and accounting staff heavily involved with the audit. Although most of the schedules and workpapers will have been requested by the auditors prior to the start of audit fieldwork, understand that the auditors will be asking for additional information, including supporting documents and explanations, throughout fieldwork. Consider having brief status meetings or obtaining an open items list from the auditors at logical intervals during the engagement to track progress. 10. Evaluate results. Maintain communication with the auditors during the time between fieldwork and the issuance of the audit report. If there are any open items at the end of fieldwork, establish agreed upon dates for the information to be provided to the auditors whenever possible. If the auditor is to attend meetings with the audit or finance committee and/or board of directors, confirm that the auditor has the date, time, meeting location and other pertinent details of the meeting. Consider holding a post-audit closing meeting with employees involved in the audit to communicate results and solicit feedback.

September 11, 2017 W  hen Equifax announced last week that its data systems had been compromised by a hacker during the May to July timeframe of this year, every consumer in the U.S. should have taken notice. Names, addresses, social security numbers and financial information were exposed to hackers. As one of the three huge credit monitoring companies in the U.S., Equifax presumably has financial and personal data on most adults in the country. By their estimate, the personal and financial data of some 143 million Americans was potentially exposed. We encourage everyone to check to see if they were affected by the data breach by going to the following website: www.equifaxsecurity2017.com. If an individual is affected, Equifax will provide one year’s worth of free credit monitoring through its affiliated company. Equifax originally caught heat from consumer groups because it required consumers who were affected to waive their rights to take further legal action when they signed up for the free credit monitoring. Recently, Equifax has amended its approach and will not require the waiver of rights.