April 24, 2020
Publicly listed U.S. companies and traders should take steps today in preparation for the regulatory scrutiny of tomorrow, explains this Law.com article. Major U.S. government and regulatory enforcement agencies have begun to highlight the potential for increased scrutiny related to procurement practices, insider trading, financial disclosures and other COVID-related public announcements, and attempts to profit from market volatility. The article advises that companies and traders should prepare by undertaking a comprehensive risk assessment immediately and updating their risk profile related to potential regulatory issues. Additional advice includes augmenting controls and employee training (e.g., protocols for responding to regulator inquiries), automating controls to capture possible regulatory violations, enhancing online access to anonymous whistleblower reporting, and using predictive analytics to enable early detection of potential fraud. Maintaining diligent records of the mitigation actions will enhance responsiveness to regulators.
The House of Representatives voted to approve a $484 billion package to deliver aid to small businesses and hospitals and to expand COVID-19 testing, the latest attempt by lawmakers to blunt the devastating impact of the pandemic. The vote Thursday was 388-5. The measure passed the Senate earlier this week, and President Trump has indicated he will sign it. Earlier Thursday, the Democratic-led House voted to establish a new panel with broad authority to oversee the federal response. The panel, which will be a select investigative subcommittee of the House Oversight Committee, will be one of several panels overseeing the recovery efforts.
By analyzing government data, the Pew Research Center has released a detailed report of the financial risk the COVID-19 pandemic holds for U.S. business owners by their respective demographics. The results in many respects are surprising. For example, women, while majority owners of only 21% of businesses, have significantly more exposure in higher-risk industries due to their greater role as owners in health-care and social assistance industries, where they own 33% and 27% of businesses, respectively. Additionally, while white owners hold the majority stake in 80% of businesses overall and 72% of businesses in higher-risk industries, the second largest racial or ethnic group of owners consists of Asian entrepreneurs, who run 10% percent of all businesses and 16% of businesses in higher-risk industries. Such information can grant board members valuable insight into where their organization stands in relation to the corporate landscape and reemphasizes the importance of quality assurance in high-risk industries.
South Korea — the country that has arguably been one of the most successful at mitigating the spread of COVID-19 — has released a new set of behavioral guidelines for its population to follow as they resume daily life. Dubbed "everyday life quarantine" by the country's health authorities, the recommendations cover many aspects of life — work, meals out, shopping, nightlife, and sports. All establishments are encouraged to designate a quarantine manager, whose job it is to set up safety protocols and monitor health conditions. The guidelines are non-binding, but based on their actions during the pandemic, it seems likely that the citizens will be on board.
April 23, 2020
More than half of CEOs around the world say coronavirus is a threat to their business and 11% fear their business won't survive, according to a global survey or more than 3,500 chief executives conducted last week by the Young President's Organization (YPO). Those numbers are worse for the hospitality and restaurant industry, with 41% of CEOs saying they might not survive. The responses highlight the change in business leaders' perspectives since YPO's March survey, with 84% of respondents having a grimmer business outlook today than on March 1. Just over half of CEOs polled say their total number of employees will be the same or higher one year from now.
Companies that accepted Paycheck Protection Program (PPP) loans could be investigated if they did not need the money, U.S. Treasury Secretary Steven Mnuchin warned. Reuters reports that the fund intended to assist small businesses was depleted after two weeks, with well-known chains such as Ruth Hospitality Group and Shake Shack among the recipients, while many small firms were shut out. The Justice Department said it will use data analytics to look for fraud in the PPP program. With Congress expected to pass another $310 billion in loan funds, internal auditors should understand the PPP loan requirements and advise management about the business' eligibility and the risks involved in accepting a loan.
A breach of the U.S. Small Business Administration's (SBA's) website exposed private data on nearly 8,000 applicants for small business relief loans through the Paycheck Protection Program, according to PYMNTS.com. The SBA learned about the breach on March 25, when it disabled that portion of its website and relaunched the application portal. Information included Social Security numbers, addresses, birth dates, phone numbers, citizenship status, and insurance information. Internal auditors of applicant companies should inform management of the breach and advise executives of ways to monitor their personal information in case it has been stolen.
The Kroger Co., the largest U.S. supermarket operator, released its reopening plan, Sharing What We've Learned: A Blueprint for Businesses (PDF), according to Supermarket News. The blueprint includes industry-adaptable COVID-19 safety recommendations for multiple industries, including retail, manufacturing, distribution center/supply chain, food service/restaurant, and office environments. It also details actions and lessons the company has applied to protect employees, customers, and its communities during the last six weeks, and will be updated regularly with more recommendations, insights, best practices, tools, and templates.
April 22, 2020
Although approximately 29% of workers have the ability to work from home, not every profession has such a luxury. According to the World Economic Forum (WEF), many essential workers are forced to work in industries that place them — and their families — at risk of COVID-19 transmission. To illustrate which careers are most at risk, WEF has created a detailed study that scores nearly 1,000 careers on a scale from 0 to 100, with 100 representing the highest possible transmission risk. Dental hygienists ranked at the top of the list with a score of 99.7, followed by respiratory therapy technicians with a score of 96.0. Also among the top 10 are patient care assistants, family and general practitioners, registered nurses, and radiologic technicians. Regardless of industry, internal auditors have an obligation to be aware of how at risk their organization's workers are to acquire COVID-19, as well as work with managers to identify and regularly monitor appropriate controls to ensure the health and safety of all.
Extreme circumstances (e.g., the Great Depression, World War II) are catalysts for change. Will COVID-19 change habits, values, and business practices long term?Fast Company talked to 30 tech executives, venture capitalists, and analysts to get their take on how life and the world of work may change. The thought leaders discuss the normalization of remote work, rethinking supply chain management and manufacturing, and a new digital mindset across the board — in health care, brick-and-mortar stores, education, and in our work and social lives.
An anticipated spike in data breaches is coming to fruition, cautions the International Association of IT Asset Managers (IATAM), and the problem may be greater than first predicted. The organization alerted in mid-March about potential cybersecurity gaps or failures, as much of the workforce quickly moved to telecommuting in response to the COVID-19 pandemic. According to an article in Tech Republic, IATAM finds many organizations are leaving themselves vulnerable to cyberattacks by trading security restrictions for convenience such as, removing administration permission requirements or allowing unpatched business computers to be used. Some are even allowing use of personal computers with low-end virtual private networks or none at all, according to the organization's president, Barbara Rembiesa.
Global business leaders are preparing for a drawn-out U-shaped recession due to the impact of the COVID-19 pandemic, and many fear their companies won't survive the pandemic, a survey of 3,500 chief executives showed. About 60% said they are preparing for a U-shaped recovery — a long period between recession and an upturn; 11% see the pandemic as a risk to the survival of their firm, while 40% say it poses a severe threat. The poll of chief executives from 109 countries was conducted by YPO, a business leadership network. Internal audit has a key role in assisting their organizations in navigating an ever-changing risk environment during and after the pandemic.
An article published by the World Economic Forum discusses post-pandemic paradigm shifts replacing trends. "Agility, scalability, and automation will be the watchwords for this new era… . Those businesses that have designed their solutions to use the full potential of cloud computing will not buckle under the pressure," writes Mohit Joshi, president of Infosys Limited. He contends that easy access to digital payment methods along with further robotic automation and artificial intelligence, within supply chains will enable organizations to reduce manual intervention and enhance the scalability of production in response to demand. Companies that demonstrate this combination of resilience and agility will succeed, he writes.
April 21, 2020
The Institute of Internal Auditors (IIA) will begin providing online testing for all three parts of the Certified Internal Auditor (CIA) exam and for the Certification in Risk Management Assurance (CRMA). The online option is a temporary measure in response to the pandemic. Exams are normally administered only in on-site locations around the world. However, out of the utmost caution to avoid further spread of COVID-19, most exam centers have been temporarily closed. The CIA Challenge Exam, for qualified individuals, also will be available online.
New applicants and those who signed up for in-person exams can register for the online offerings now, with scheduling to begin in late April/early May. Additionally, The IIA is offering a 20% discount on new application and registration fees to members for the CIA and CRMA exams through May.
Experts warn that insider fraud and data theft is on the rise during the current economic downturn and that companies should not cut corners when it comes to internal controls, audit, and compliance. Lax controls combined with the impulses that arise due to furloughs and loss of income create a perfect storm for cases of fraud, according to the Association of Certified Fraud Examiners' President and CEO Bruce Dorris. The ACFE recently issued a warning about the spike in fraud cases, which might include manipulation of financial and performance data; misappropriation of assets; and incidents of invoice, payroll, and accounting fraud.
The U.K. government has launched a support finder tool for businesses and self-employed individuals to help them find and access the financial support they are eligible for during the coronavirus pandemic. The tool, which was announced on GOV.UK, is a simple questionnaire that will direct businesses to a list of loans, grants, or other programs, part of package of £330 billion of loans and guarantees for businesses.
Georgia Governor Brian Kemp announced that the state will open some businesses this week, making it among the first states to lift restrictions, the Atlanta Journal-Constitution reports. Businesses such as bowling alleys, fitness centers, hair salons, and massage therapy providers may open starting April 24, while theaters and restaurants can open April 27. Neighboring states South Carolina and Tennessee also will open some businesses on April 24, CNN reports. Internal auditors should advise management about the risks from opening businesses to the public and the precautions that should be in place to protect customers and employees.
In a time of lost revenue and disrupted operations, audit committees must be vigilant and ask "the right questions" to ensure the organization's financial disclosures are accurate, according to an Agenda article. The article notes that the U.S. Securities and Exchange Commission will likely challenge management and the audit committee to provide more details about future operating conditions and resource needs, even at an uncertain time. That means going beyond normal disclosures, with half of respondents to a recent PwC chief financial officer poll saying their organizations will include COVID-19 information among their risk factors. Internal audit should assist the audit committee in assessing the many variables that may impact financial disclosures.
Oil prices fell into negative territory for the first time on record, continuing a trend caused by sharply reduced demand because of the coronavirus and a price war among oil producers, Business Insider reports. Despite an agreement among oil producing nations to reduce production, the price of West Texas Intermediate crude oil futures expiring in May fell 321% on Monday to -$40.32 a barrel. There are concerns that oil storage is reaching capacity and that oil companies may face bankruptcy if the trend continues. Internal auditors should advise their organizations about how oil prices may impact the business, and auditors working in oil companies should assess how the trend may impact operations and business viability.
April 20, 2020
An article in The National Law Review cites examples of businesses — from restaurants and bars to cinemas and barbershops — that are suing insurance companies over claim denials related to business interruption. Insurers contend that policies are generally designed to cover the results of direct physical loss or damage to property and are not designed to apply in the results of a virus or loss of income due to market conditions, a slowdown of economic activity, or a general fear of contamination. Yet in the U.S., some state legislators have introduced bills that would require carriers to pay business interruption claims. Insurance industry spokespersons warn that forcing insurers to pay retroactively for losses that are not covered under existing insurance policies could threaten the industry's stability and solvency. By monitoring the trend of such litigation, internal auditors can help their organizations weigh relevant risks.
A report from The Washington Post suggests that both the Trump administration and congressional leaders are nearing an agreement on a $470 billion deal that will fund the small-business loan program that was recently depleted as a result of the COVID-19 pandemic. The bill adds $310 billion to the Paycheck Protection Program and $60 billion to a separate small business emergency loan program, as well as additional provisions designed to boost hospital spending and COVID-19 testing. This should be a welcome sign to small businesses who are facing the task navigating this difficult time, and it is a development internal audit should follow closely as they continue to keep the board informed of cost-related developments.
The COVID-19 pandemic is slamming the businesses of doctors' practices, which serve as the home base for most patients. Some doctors are reporting that revenue is falling anywhere from 50% to 90%, according to Axios. Smaller practices could be forced to sell to hospital chains, insurers, or private equity firms, which would further consolidate the industry and lead to higher prices, or close their doors for good. Internal audit will need to follow non-COVID-related developments in health care as they assist their organizations in navigating the pandemic.
Stanford Law School's corporate governance center has released a free online database that harvests the latest counsel from the nation's 20 top law and accounting firms on important developments in the COVID-19 economic shutdown. The database also links to a second database that takes users directly to the special COVID-19-related portals at these firms. The databases are time- and money-saving resources for internal audit departments trying to stay abreast of developments in the COVID-19 pandemic.
When it comes to commercial banking, the pandemic is forcing many institutions to make rapid changes that would otherwise take years to undergo. According to anarticle in the Financial Brand, pressures imposed by the global health crisis have exposed weaknesses in the back office operating systems, credit risk models, mobile banking capacity, and digital communications expertise of many financial institutions. Social distancing also is changing what defines a positive customer experience. Going forward, banks will need to focus on human outreach, a strong digital platform, financial education, and remote support — and likely a completely revamped strategic plan for 2020.