|
|
|
|
|
|
|
|
|
|
|
|
|
|
At-A-Glance
For more than thirty years COSO, the respected accounting industry backed group, has developed frameworks to assist organizations with managing controls, risk, governance and fraud. In recent years, the guidance has incorporated technology issues into the frameworks. Artificial intelligence is the focus of COSO’s newest publication, addressing the potential as well as the related risks associated with this transformative innovation. This issue highlights the report.
Our Worldwide Update is again split into two sections. The first covers COVID-19 news from organizations across the globe, while the second covers other news.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Managing Artificial Intelligence for Performance and Risk
New guidance for applying the COSO Framework to help fully realize AI potential
|
|
|
|
|
|
|
|
|
|
|
Since 1992, the Committee on Sponsoring Organizations of the Treadway Commission (COSO) has been providing organizational guidance and frameworks for addressing and managing aspects of internal controls, risk management, governance, and fraud deterrence. Overseen by its members, AICPA, AAA, FEI, IMA and IIA, COSO has often supplemented the general Enterprise Risk Management Framework (ERM) with specific direction on topics such as strategy and performance, sustainability, the healthcare provider industry, cyber risks, creating and protecting value, risk appetite, blockchain, compliance, and cloud computing.
The latest guidance, released on September 15, 2021, in collaboration with Deloitte, and focusing on the rapidly developing technology of artificial intelligence, is titled Realize the Full Potential of Artificial Intelligence, Applying the COSO Framework and Principles to Help Implement and Scale Artificial Intelligence.
The employment of artificial intelligence applications, whether intentional or by indirect means, has accelerated in recent years. Some of the ways the guidance reports that organizations have put artificial intelligence to work center on reducing costs, speeding operational execution, improving predictive analytics, expanding forms of human digital engagement, and fueling innovation. Studies by both Deloitte and Gartner, the technology research company, show that 75% of respondents expect artificial intelligence to have a significant impact in their organizations within the next three years.
Even so, artificial intelligence brings a unique set of risks that need to be considered. “Fortunately,” according to the report, “AI is like other technological components of an organization and thus can be successfully governed by effective ERM.”
However, underlying the effective management and monitoring of ERM is the assumption of a basic understanding of AI and machine learning principles. The report gives an all too brief one page summary, which at most should cause readers to realize how little they know of this complex topic, encouraging them to seek further training. For example, short explanations are given of machine learning algorithms (formulas) which are classified as:
- Non-deep-learning – such as regression analysis
- Deep-learning – such as conversational bots in customer websites
- Reinforcement learning models – such as route optimization.
Then the building of algorithms is explained with short descriptions using the steps of problem definition, data profiling, data preparation, algorithm evaluation, model development, model deployment, monitoring, and maintenance.
From here the report connects the process of AI implementation to the five ERM Components:
- Governance & Culture
- Strategy & Objective-Setting
- Performance
- Review & Revision
- Information, Communication, & Reporting
Noting that AI is often not restricted simply to an organization’s information technology function, but may have broadly felt impact across various functions, the report emphasizes the importance of an organization-wide approach to managing related risks.
Governance & Culture involves setting the tone at the top. The Board of Directors should have a basic understanding of AI and how data is acquired, used, and by whom. Personnel should be tasked with overseeing related ethical concerns and risks, as well as having a Board level technology/AI expert.
Strategy & Objective-Setting should consider how AI can further enhance attainment of goals, while taking into account underlying risks. For example, AI may provide more comprehensive approaches to tracking processes, while at the same time be subject to shortcomings related to the relative level of maturity of the AI model.
The Performance component entails evaluating the trustworthiness of AI models prior to implementation. The robustness of an AI application may depend on the level of accuracy required. Where the severity of results from an undesired outcome is low, a less refined AI solution may suffice, whereas a critical function would demand a highly proven AI model. Once implemented, continual monitoring and assessment of outcomes should be conducted.
Review & Revision applies to individual AI applications as well as the overall effect of AI on the organization. The goals of AI, such as reducing costs, speeding operations, improving predictions, and driving innovation, are expected to have transformational impact. The review function should assess whether and how effective the transformation has been, or if certain aspects are leading in the wrong direction, requiring course corrections.
Information, Communication, & Reporting are critical to assure that all appropriate parties are kept informed “regarding key performance measures and risk indicators for performance of the organization’s AI models, as well as results from key oversight and monitoring processes.” The report recommends that a crisis response plan be in place to deal with any undesired incidents that occur related to AI.
The report summarizes with a five-point call to action:
- Establish a governance structure for AI program.
- Get an AI risk strategy together.
- Take the initiative with AI risk assessment.
- Develop a portfolio view of risks and opportunities for AI initiatives.
- Lay out an approach to manage AI risks and report to stakeholders for transparency.
Further details can be found at COSO Releases New Guidance: Realize the Full Potential of Artificial Intelligence.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Worldwide Update
Periodic roundup of recent and upcoming actions and activities by auditing and accounting organizations throughout the world.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
COVID-19 Related
International
IASB – International Accounting Standards Board (www.ifrs.org)
- Coronavirus Information and resources – link –
https://www.ifrs.org/news-and-events/2020/03/the-coronavirus-and-the-foundations-work/
IFAC – International Federation of Accountants (www.ifac.org)
- COVID-19 Resources from IFAC's Network – link -
https://www.ifac.org/knowledge-gateway/series/COVID-19-resources-ifacs-network
ACCA – Association of Chartered Certified Accountants (www.accaglobal.com/)
- Coronavirus Information and resources – link -
https://www.accaglobal.com/us/en/cam/coronavirus.html
CIMA – Chartered Institute of Management Accountants (www.cimaglobal.com)
- Update on the Coronavirus and Impact for Association Activities – link -
https://www.cimaglobal.com/Members/Update-on-Coronavirus/
VRF- The Value Reporting Foundation (www.thevrf.org)
- The Value Reporting Foundation is the result of the merger of the
International Integrated Reporting Council and the Sustainability Accounting
Standards Board on June 9, 2021.
World Economic Forum – (www.weforum.org)
- The COVID Action Platform – link - https://www.weforum.org/platforms/covid-action-platform - focuses on three priorities: 1. Galvanize the global business community for collective action. 2. Protect people’s livelihoods and facilitate business continuity. 3. Mobilize cooperation and business support for the COVID-19 response.
|
|
|
|
|
|
|
|
|
|
|
Africa, Europe, India, and the Middle East (AEIME)
FRC – Financial Reporting Council of the UK (www.frc.org.uk)
- FRC guidance for companies and auditors during COVID-19 crisis – link - https://www.frc.org.uk/covid-19-guidance-and-advice.
ICAEW - Institute of Chartered Accountants in England and Wales (https://www.icaew.com/)
- Coronavirus – updates – link - https://www.icaew.com/insights/coronavirus.
EFRAG – European Financial Reporting Advisory Group (www.efrag.org)
|
|
|
|
|
|
|
|
|
|
|
Americas, Asia, Australia and New Zealand (AAANZ)
AICPA – American Institute of Certified Public Accountants (www.aicpa.org)
- AICPA Coronavirus (COVID-19) Resource Center – link - https://www.aicpa.org/news/aicpa-coronavirus-resource-center.html
FASB – Financial Accounting Standards Board (www.fasb.org)
- FASB Response to COVID-19 – link - https://www.fasb.org/COVID19
GASB – Governmental Accounting Standards Board (www.gasb.org)
- GASB Response to COVID-19 – link - https://www.gasb.org/COVID19
COSO - The Committee of Sponsoring Organizations of the Treadway Commission (www.coso.org)
PCAOB – Public Company Accounting Oversight Board (www.pcaob.org)
- PCAOB Response to COVID-19 – link - https://pcaobus.org/Pages/response-to-COVID-19.aspx
SASB – Sustainability Accounting Standards Board (www.sasb.org)
- See The Value Reporting Foundation above.
SEC – Securities and Exchange Commission (www.sec.gov)
- SEC Coronavirus (COVID-19) Response – link - https://www.sec.gov/sec-coronavirus-COVID-19-response
CAANZ - Chartered Accountants Australia and New Zealand (https://www.charteredaccountantsanz.com/)
- Financial Reporting and Audit Guide: Financial reporting and audit issues stemming from COVID-19 – link - https://www.charteredaccountantsanz.com/tools-and-resources/client-service-essentials/reporting/financial-reporting-and-audit-guide-financial-reporting-and-audit-issues-stemming-from-covid19
|
|
|
|
|
|
|
|
|
|
|
Other Updates
International
IASB – International Accounting Standards Board (www.ifrs.org)
IFAC – International Federation of Accountants (www.ifac.org)
- How Global Standards Become Local, Framework for transitioning global standards into local standards, published September 9, 2021, to help jurisdictions prepare for standards to be developed by the International Sustainability Standards Board.
ACCA – Association of Chartered Certified Accountants (www.accaglobal.com)
- Professional accountants at the heart of sustainable organisations, professional insights report published September 29, 2021, “considers the future of the accountancy profession and identifies four new emerging career zones of opportunity for finance professionals where they can make vital contributions to businesses and other organisations: Zone 1: Transformation drivers, Zone 2: Enterprise analysts, Zone 3: Assurance providers, Zone 4: Stakeholder reporters, The report also outlines the core competencies needed in assessing the outlook to 2030, reflecting the skills, knowledge and behaviours required for an ACCA-qualified accountant to meet the future needs and demands of the profession.”
CIMA – Chartered Institute of Management Accountants (www.cimaglobal.com)
- Reimagining Performance Management, research report published September 22, 2021, in conjunction with the American Institute of CPAs (AICPA) and the World Business Council for Sustainable Development (WBCSD), stating that “as the drive toward the digitisation of the economy continues to accelerate, businesses must look beyond traditional ways of managing performance to become more responsive and build their resilience.”
VRF - The Value Reporting Foundation (www.thevrf.org)
World Economic Forum – (www.weforum.org)
|
|
|
|
|
|
|
|
|
|
|
Africa, Europe, India, and the Middle East (AEIME)
FRC – Financial Reporting Council of the UK (www.frc.org.uk)
- Structured reporting: an early implementation study Applying Disclosure Guidance and Transparency (DTR) Rules 4.1.14 and the European Single Electronic Format (ESEF), report published October 12, 2021, “supports companies in the move towards high-quality digital reporting…The Lab report sets out key considerations and tips for companies covering: how to set up the structured reporting process; how to enhance the usability of structured reports; and common tagging issues to avoid.”
ICAEW - Institute of Chartered Accountants in England and Wales (https://www.icaew.com/)
EC - European Commission
EFRAG – European Financial Reporting Advisory Group (www.efrag.org)
- Towards Sustainable Businesses: Good Practices in Business Model, Risks and Opportunities Reporting in the EU, report published October 4, 2021, “presents the state of play and the drivers of current reporting practices, the application of technological solutions, and suggests a path to improvement in the reporting of sustainability risks, opportunities and their linkage to the business model.”
|
|
|
|
|
|
|
|
|
|
|
Americas, Asia, Australia and New Zealand (AAANZ)
AICPA – American Institute of Certified Public Accountants (www.aicpa.org)
- Auditing Standards Board (ASB) - Statement on Auditing Standards (SAS) No. 145, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement, issued October 12, 2021, “to supersede SAS No. 122, as amended, section 315 of the same title, and to amend various AU-C sections in AICPA Professional Standards. SAS No. 145, for example, enhances the following: • Requirements and guidance related to the auditor’s risk assessment, in particular, obtaining an understanding of the entity’s system of internal control and assessing control risk • Guidance that addresses the economic, technological, and regulatory aspects of the markets and environment in which entities and audit firms operate…SAS No. 145 does not fundamentally change the key concepts underpinning audit risk, which is a function of the risks of material misstatement and detection risk. Rather, SAS No. 145 clarifies and enhances certain aspects of the identification and assessment of the risks of material misstatement to drive better risk assessments and, therefore, enhance audit quality. The SAS becomes effective for audits of financial statements for periods ending on or after December 15, 2023.”
FASB – Financial Accounting Standards Board (www.fasb.org)
- Exposure Draft-Proposed Accounting Standards Update, Fair Value Measurement of Equity Securities Subject to Contractual Sale Restrictions, issued September 15, 2021, “would clarify that a contractual restriction on the sale of an equity security I”s not considered part of the unit of account of the equity security and, therefore, is not considered in measuring fair value.” Comment period ends November 14, 2021.
GASB – Governmental Accounting Standards Board (www.gasb.org)
- No new developments
COSO - The Committee of Sponsoring Organizations of the Treadway Commission (www.coso.org)
PCAOB – Public Company Accounting Oversight Board (www.pcaob.org)
- Release No. 2021-004 – Rule Governing Board Determinations Under the Holding Foreign Companies Accountable Act, issued September 22, 2021, “provides a framework for the PCAOB to use when determining, as contemplated under the HFCAA, whether the Board is unable to inspect or investigate completely registered public accounting firms located in a foreign jurisdiction because of a position taken by one or more authorities in that jurisdiction.” Effective immediately.
SASB – Sustainability Accounting Standards Board (www.sasb.org)
SEC – Securities and Exchange Commission (www.sec.gov)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Audit & Accounting Alert is a publication of Integra International intended to highlight emerging issues in the profession. The goal is to give Integra members an awareness of developments impacting the practice of Audit & Accounting enabling them to stay on the forefront of industry trends.This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax, or other professional advice. Please refer to your advisors forspecific advice.
Editor Gerald E. Herter
www.Integra-International.net
© 2021 Integra International. All Rights Reserved.
If you wish to stop receiving email from us, you can simply remove yourself by visiting http://members.integra-international.net/members/[email protected]&h=5ebe9682d3aad414b02b5b27eee969bacdde96a8
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|