Skip to Main Content

insightsarticles

Artificial intelligence and the future of internal audit

08.28.18

Artificial Intelligence, or AI, is no longer the exclusive tool of well-funded government entities and defense contractors, let alone a plot device in science fiction film and literature. Instead, AI is becoming as ubiquitous as the personal computer. The opportunities of what AI can do for internal audit are almost as endless as the challenges this disruptive technology represents.

To understand how AI will influence internal audit, we must first understand what AI is.The concept of AI—a technology that can perceive the world directly and respond to what it perceives—is often attributed to Alan Turing, though the term “Artificial Intelligence” was coined much later in 1956 at Dartmouth College, in Hanover, New Hampshire. Turing was a British scientist who developed the machine that cracked the Nazis’ Enigma code. Turing thought of AI as a machine that could convince a human that it also was human. Turing’s humble description of AI is as simple as it is elegant. Fast-forward some 60 years and AI is all around us and being applied in novel ways almost every day. Just consider autonomous self- driving vehicles, facial recognition systems that can spot a fugitive in a crowd, search engines that tailor our online experience, and even Pandora, which analyzes our tastes in music.

Today, in practice and in theory, there are four types of AI. Type I AI may be best represented by IBM’s Deep Blue, a chess-playing computer that made headlines in 1996 when it won a match against Russian chess champion Gary Kasparov. Type I AI is reactive. Deep Blue can beat a chess champion because it evaluates every piece on the chessboard, calculates all possible moves, then predicts the optimal move among all possibilities. Type I AI is really nothing more than a super calculator, processing data much faster than the human mind can. This is what gives Type I AI an advantage over humans.

Type II AI, which we find in autonomous cars, is also reactive. For example, it applies brakes when it predicts a collision; but, it has a low form of memory as well. Type II AI can briefly remember details, such as the speed of oncoming traffic or the distance between the car and a bicyclist. However, this memory is volatile. When the situation has passed, Type II AI deletes the data from its memory and moves on to the next challenge down the road.

Type II AI's simple form of memory management and the ability to “learn” from the world in which it resides is a significant advancement. 
The leap from Type II AI to Type III AI has yet to occur. Type III AI will not only incorporate the awareness of the world around it, but will also be able to predict the responses and motivations of other entities and objects, and understand that emotions and thoughts are the drivers of behavior. Taking the autonomous car analogy to the next step, Type III AI vehicles will interact with the driver. By conducting a simple assessment of the driver’s emotions, the AI will be able to suggest a soothing playlist to ease the driver's tensions during his or her commute, reducing the likelihood of aggressive driving. Lastly, Type IV AI–a milestone that will likely be reached at some point over the next 20 or 30 years—will be self-aware. Not only will Type IV AI soothe the driver, it will interact with the driver as if it were another human riding along for the drive; think of “HAL” in Arthur C. Clarke’s 2001: A Space Odyssey.

So what does this all mean to internal auditors?
While it may be a bit premature to predict AI’s impact on the internal audit profession, AI is already being used to predict control failures in institutions with robust cybersecurity programs. When malicious code is detected and certain conditions are met, AI-enabled devices can either divert the malicious traffic away from sensitive data, or even shut off access completely until an incident response team has had time to investigate the nature of the attack and take appropriate actions. This may seem a rather rudimentary use of AI, but in large financial institutions or manufacturing facilities, minutes count—and equal dollars. Allowing AI to cut off access to a line of business that may cost the company money (and its reputation) is a significant leap of faith, and not for the faint of heart. Next generation AI-enabled devices will have even more capabilities, including behavioral analysis, to predict a user’s intentions before gaining access to data.

In the future, internal audit staff will no doubt train AI to seek conditions that require deeper analysis, or even predict when a control will fail. Yet AI will be able to facilitate the internal audit process in other ways. Consider AI’s role in data quality. Advances in inexpensive data storage (e.g., the cloud) have allowed the creation and aggregation of volumes of data subject to internal audit, making the testing of the data’s completeness, integrity, and reliability a challenging task considering the sheer volume of data. Future AI will be able to continuously monitor this data, alerting internal auditors not only of the status of data in both storage and motion, but also of potential fraud and disclosures.

The analysis won’t stop there.
AI will measure the performance of the data in meeting organizational objectives, and suggest where efficiencies can be gained by focusing technical and human resources to where the greatest risks to the organization exist in near real-time. This will allow internal auditors to develop a common operating picture of the day-to-day activities in their business environments, alerting internal audit when something doesn’t quite look right and requires further investigation.

As promising as AI is, the technology comes with some ethical considerations. Because AI is created by humans, it is not always vacant of human flaws. For instance, AI can become unpredictably biased. AI used in facial recognition systems has made racial judgments based on certain common facial characteristics. In addition, AI that gathers data from multiple sources that span a person’s financial status, credit status, education, and individual likes and dislikes could be used to profile certain groups for nefarious intentions. Moreover, AI has the potential to be weaponized in ways that we have yet to comprehend.

There is also the question of how internal auditors will be able to audit AI. Keeping AI safe from internal fraudsters and external adversaries is going to be paramount. AI’s ability to think and act faster than humans will challenge all of us to create novel ways of designing and testing controls to measure AI’s performance. This, in turn, will likely make partnerships with consultants that can fill knowledge gaps even more valuable. 

Challenges and pitfalls aside, AI will likely have a tremendous positive effect on the internal audit profession by simultaneously identifying risks and evaluating processes and control design. In fact, it is quite possible that the first adopters of AI in many organizations may not be the cybersecurity departments at all, but rather the internal auditor’s office. As a result, future internal auditors will become highly technical professionals and perhaps trailblazers in this new and amazing technology.

Related Industries

Related Services

Consulting

What the C-Suite should know about CECL and change management

Read this if you are at a financial institution. 

Some institutions are managing CECL implementation as a significant enterprise project, while others have assigned it to just one or two people. While these approaches may yield technical compliance, leadership may find they fail to realize any strategic benefits. In this article, Dan Vogt, Principal in BerryDunn’s Management and IT Consulting Practice, and Susan Weber, Senior Manager and CECL expert in BerryDunn’s Financial Services Practice, outline key actions leaders can take now to ensure CECL adoption success.  

Call it empathy, or just the need to take a break from the tactical and check in on the human experience, but on a recent call, I paused the typical readiness questions to ask, “How’s the mood around CECL adoption – what’s it been like getting others in the organization involved?” The three-word reply was simple, but powerful: “Kicking and screaming.”  

Earlier this year, by a vote of 5-2, the FASB (Financial Accounting Standards Board) closed the door to any further delays to CECL adoption, citing an overarching need to unify the industry under one standard. FASB’s decision also mercifully ended the on-again off-again cycle that has characterized CECL preparation efforts since early 2020. One might think the decision would have resulted in relief. But with so much change in the world over the past few years, is it any wonder institutions are instead feeling change-saturated?  

Organizational change

CECL has been heralded as the most significant change to bank accounting ever, replacing 40+ years of accounting and regulatory oversight practices. But the new standard does much more than that. Implementing CECL has an effect on everything from executive and board strategic discussions to interdepartmental workflows, systems, and controls. The introduction of new methods, data elements, and financial assets has helped usher in new software, processes, and responsibilities that directly affect the work of many people in the organization. CECL isn’t just accounting—it’s organizational change. 

Change management

Change management best practices often focus on leading from optimism—typically leadership and an executive sponsor talk about opportunities and the business reasons for change. Some examples of what this might sound like as it relates to CECL might include, by converting to lifetime loss expectations, the institution will be better prepared to weather economic downturns; or, by evolving data and modeling precision, an institution’s understanding and measure of credit risk is enhanced, resulting in more strategic growth, pricing, and risk management. 

But leading from optimism is sometimes hard to do because it isn’t always motivating—especially when the change is mandated rather than chosen.  

Perhaps a more judiciously used tactic is to focus on the risk, or potential penalty, of not changing. In the case of CECL, examples might include, your external auditor not being able to sign-off on your financials (or significant delays in doing so), regulatory criticism, inefficient/ineffective processes, control issues, tired and frustrated staff. These examples expose the institution to all kinds of key risks: compliance, operational, strategic, and reputational, among them.

CECL success and change management

With so much riding on CECL implementation and adoption going well, some organizations may be at heightened risk simply because the effort is being compartmentalized—isolated within a department, or assigned to only one or two people. How effectively leadership connects CECL implementation with tenets of change management, how quickly they understand, then together embrace, promote, and facilitate the related changes affecting people and their work, may prove to be the key factor in achieving success beyond compliance.  

One important step leaders can take is to perform an impact assessment to understand who in the organization is being affected by the transition to CECL, and how. An example of this is below. Identifying the departments and functions that will need to be changed or updated with CECL adoption might expose critical overlaps and reveal important new or enhanced collaborations. Adding in the number of people represented by each group gives leaders insight into the extent of the impact across the institution. By better understanding how these different groups are affected, leaders can work together to more effectively prioritize, identify and remove roadblocks, and support peoples’ efforts longer term.           

 
No matter where your institution is currently in its CECL implementation journey, it is not too late to course-correct. Leadership—unified in priority, message, and understanding—can achieve the type of success that produces efficient sustainable practices, and increases employee resilience and engagement.

For more information, visit the CECL page on our website. If you would like specific answers to questions about your CECL implementation, please visit our Ask the Advisor page to submit your questions. For more tips on documenting your CECL adoption, stay tuned for our next article in the series, revisit past articles, or tune in to our CECL Radio podcast. You can also follow Susan Weber on LinkedIn.

Article
Implementing CECL: Kicking and screaming

Read this if you are a community bank.

The Federal Deposit Insurance Corporation (FDIC) recently issued its first quarter 2022 Quarterly Banking Profile. The report provides financial information based on Call Reports filed by 4,796 FDIC-insured commercial banks and savings institutions. The report also contains a section specific to community bank performance. In first quarter 2022, this section included the financial information of 4,353 FDIC-insured community banks. BerryDunn’s key takeaways from the report are as follows:

Community banks continue to feel the impact of shrinking net interest margins and inflation.

Community bank quarterly net income dropped to $7 billion in first quarter 2022, down $1.1 billion from a year ago. Lower net gains on loan sales and higher noninterest expenses offset growth in net interest income and lower provisions. Net income declined $581.3 million, or 7.7 percent from fourth quarter 2021 primarily because of lower noninterest income and higher noninterest expense.

Loan and lease balances continue to grow in first quarter 2022

Community banks saw a $21.5 billion increase in loan and lease balances from fourth quarter 2021. All major loan categories except commercial & industrial and agricultural production grew year over year, and 55.3 percent of community banks recorded annual loan growth. Total loan and lease balances increased $35.1 billion, or 2.1 percent, from one year ago. Excluding Paycheck Protection Program loans, annual total loan growth would have been 10.2 percent.

Community bank net interest margin (NIM) dropped to 3.11 percent due to strong earning asset growth.

Community bank NIM fell 15 basis points from the year-ago quarter and 10 basis points from fourth quarter 2021. Net interest income growth trailed the pace of earning asset growth. The yield on earning assets fell 28 basis points while the cost of funding earning assets fell 13 basis points from the year-ago quarter. The 0.24 percent average cost of funds was the lowest level on record since Quarterly Banking Profile data collection began in first quarter 1984. 

Community bank allowance for credit losses (ACL) to total loans remained higher than the pre-pandemic level at 1.28 percent, despite declining 4 basis points from the year-ago quarter.


NOTE: The above graph is for all FDIC-Insured Institutions, not just community banks.

The ACL as a percentage of loans 90 days or more past due or in nonaccrual status (coverage ratio) increased to a record high of 236.7 percent. The decline in noncurrent loan balances outpaced the decline in ACL, with the coverage ratio for community banks emerging 57.9 percentage points above the coverage ratio for noncommunity banks. 

The banking landscape continues to be one that is ever-evolving. With interest rates on the rise, banks will find their margins in flux once again. During this transition, banks should look for opportunities to increase loan growth and protect and enhance customer relationships. Inflation has also caused concern not only for banks but also for their customers. This is an opportune time for banks to work with their customers to navigate the current economic environment. Community banks, with their in-depth knowledge of their customers’ financial situations and the local economies served, are in a perfect position to build upon the trust that has already been developed with customers.

As always, please don’t hesitate to reach out to BerryDunn’s Financial Services team if you have any questions.

Article
FDIC issues its First Quarter 2022 Quarterly Banking Profile

Read this if you are interested in GASB updates. 

The Governmental Accounting Standards Board (GASB) issued GASB Statement No. 99, Omnibus 2022 on May 9, 2022. The statement enhances comparability in accounting and financial reporting and improves the consistency of authoritative literature by addressing (1) practice issues that have been identified in previous GASB Statements, and (2) adding guidance on accounting and financial reporting for financial guarantees.

We’ve reviewed the statement in its entirety, and broken down key components for you to know. Here are the highlights.  

Accounting and financial reporting for exchange or exchange-like financial guarantees

Financial guarantees is a guarantee of an obligation of a legally separate entity or individual, including a blended or discretely presented component unit, that requires the guarantor to indemnify a third-part obligation holder under specified conditions, in an exchange or exchange-like transactions. 

An entity that extends an exchange or exchange-like financial guarantee should recognize a liability and expense related to the guarantee when qualitative factors and historical data indicate that is it more than likely not a government will be required to make a payment related to the guarantee.

Statement 99 excludes guarantees related to special assessment debt, financial guarantee contracts within the scope of Statement 53, or guarantees related to conduit debt obligations. 

Certain derivative instruments that are neither hedging derivative instruments nor investment derivative instruments

Derivative instruments that are within the scope of Statement 53, but do not meet the definition of an investment derivative instrument or the definition of a hedging derivative instrument are considered other derivative instruments. These “other derivative instruments” should now be accounted for as follows:

  1. Changes in fair value should be reported on the “resource flows statement” separately from the investment revenue classification.
  2. Information should be disclosed in the notes to financial statements separately from hedging instruments and investment derivative instruments.
  3. Governments should disclose the fair values of derivative instruments that were reclassified from hedging derivative instruments to other derivative instruments. 

Leases

If your entity has leases please review the following as Statement 99 clarifies numerous issues from Statement 87, specifically:

  • Lease terms as it relates to options to terminate and option to purchase the underlying assets, in paragraph 12 of Statement 87 has been clarified;
  • Short-term leases in paragraph 12 of Statement 87 has been clarified as it relates to an option to terminate the lease;
  • Lessee and lessor recognition and measurement for leases other than short-term leases that transfer ownership has been clarified, and
  • Lease incentives in paragraph 61 of Statement 87 has been further defined.

Public Private and Public-Public Partnerships (PPPs)

If your entity has PPPs, Statement 99 clarifies the following: 

  • PPP terms
  • Receivable for installment payments (transferor recognition)
  • Receivable for the underlying PP Asset (transferor recognition)
  • Liability for installment payments (operator recognition)
  • Deferred outflow of resources (operator recognition)

Subscription-Based Information Technology Arrangements (SBITAs)

Subscription terms and definitions have been clarified, specifically as it relates with options to terminate, short-term SBITAs, and measurement of subscription liabilities.

If your entity has SBITAs, review the provisions of each SBITA to ensure compliance with Statement 99 paragraphs 23–25.

Replacement of LIBOR

Check with your banking institutions to confirm when they have phased out of LIBOR. Confirm with your banking institutions what specifically has replaced LIBOR and update Financial Statement disclosures as needed. 

SNAP

State governments should recognize distributions of benefits from Supplemental Nutrition Assistance Program (SNAP) as a nonexchange transaction. Review Financial Statement disclosure and determine if a disclosure is needed. 

Disclosure of Nonmonetary Transactions

If you engage in one or more nonmonetary transactions during the fiscal year, you will need to disclose those transactions in the notes to the financial statements the measurement of attribute(s) applied to the assets transferred, rather than basis of accounting for those assets.

Pledges of future revenues when resources are not received by the pledging government

When blending the financial statement of a debt-issuing component unit into the financial statements of a primary government pledging revenue for the component unit’s debt, the primary government should reclassify an amount due to the component as an interfund payable and an interfund transfer out simultaneously with the recognition of the revenues that are pledged.

Focus of the government-wide financial statement

Statement 99 reiterates that there should be a total overall government-wide column within the MD&A, Statement of Net Position, and Statement of Activities. This column should exclude all fiduciary activities, including custodial funds. 

Terminology updates

No action is needed. Terminology has been updated in previous pronouncements, for terminology as it relates to Statements 63 and 53. 


Effective dates

The requirements related to the extension of the use of LIBOR, accounting for SNAP distributions, disclosures of nonmonetary transactions, pledges of future revenues by pledging governments, clarification of certain provisions in Statement 34 and terminology updates related to GASB 53 and 63 are effective upon issuance.

The requirements related to leases, PPPs, and SBITAs, are effective for fiscal years beginning after June 15, 2022.

The requirements related to financial guarantees and the classification and reporting of derivative instruments within the scope of Statement 53 are effective for fiscal years beginning after June 15, 2023.

Earlier application is encouraged and permitted for all.

If you would like more information regarding Statement 99, please contact our Audits of Governmental Component Units team. We’re here to help.

Article
Key considerations from GASB Statement No. 99 

Read this if you are a financial institution.

Choosing a method for estimating lifetime expected losses is a commitment. A commitment that signals, in spite of any other option, you’re certain this method is the right one for you—your segment, portfolio, and institution. While you might be able to support a change in method later, it is much more likely you’ll be living with this decision a good long while. So, how exactly does one know which method is the right one? Let’s take a few minutes to answer some frequently asked questions about selecting methods for CECL.

How many CECL methods are there?

This depends on who you ask. Section 326-20-30-3 of the standard names five (5) categories: discounted cash flow, loss-rate, roll-rate, probability of default, and aging schedule. Some categories, like loss-rate, have several methods. Additionally, some methods seem to be referred to by different names, giving people the impression that there are exponentially more options out there than there really are. With this in mind, I tend to think of two (2) broad categories, and seven (7) unique methods:  

  • Loss-rate methods
    • Snapshot (open pool, static pool, cumulative loss rate)
    • Remaining Life and Weighted Average Remaining Maturity (WARM)
    • Vintage
       
  • Other methods
    • Scaled CECL Allowance for Losses Estimator (SCALE) (option for banks with assets <$1 billion)
    • Discounted Cash Flow (DCF)
    • Probability of default 
    • Migration (roll rate, aging schedule)  

What’s the difference?

The loss-rate methods use actual historical net charge-off information in different ways to derive a loss rate that can then be used to calculate expected losses over the remaining life of a pool. In general, they do this by holding the mix of a group of loans constant (e.g., by year of origination) and then tracking net losses tied to that grouping over time. The “other” methods employ a variety of mathematical techniques and/or credit quality information to estimate expected lifetime losses. For a quick overview of each method and corresponding resources, access our CECL methodologies guide here.

How do I know which to use?

This is the CECL equivalent of the proverbial million-dollar question. Technically, any institution could use any one, or all of these methods. But there are considerations that make some of them a more or less likely fit. For example, if your institution has >$1 billion in assets, SCALE is not even an option for you, and you can cross it off the list. If you are not in a position to afford software, or lack the internal expertise to build a similar model internally, then discounted cash flow and probability of default methods would likely be extremely burdensome in the normal course of business. For that reason, you may need to cross those off your list. If you lack large pools with consistently diverse performance over time, then migration methods will be difficult to support. If you have a relatively stable loan mix, consistent credit culture, and a lot of reliable historical loss data—especially through multiple economic cycles—the loss-rate methods may be a good fit, with or without software. If your portfolio has undergone a lot of changes—products, underwriting standards, merger and acquisition activity—and/or there are significant gaps in key data that cannot be restored, then you might want to re-consider software and one of the “other” methods. 

What are the pros and cons of the various methods?

One pro of the loss-rate and SCALE methods is they have been shown to be manageable without software. Examples of all of these methods have been illustrated using Excel spreadsheets. The use of Excel is also potentially a con, given that more spreadsheets and, maybe more people, are likely going to be involved in computing the Allowance for Credit Losses (ACL). As a result, version control as well as validation of spreadsheet macros, inputs, formulas, math, and risk of accidentally overwriting or deleting values should be addressed. One pro of the discounted cash flow method is that it is a bottom-up approach, meaning each loan’s discounted cash flow (DCF) is computed and then rolled up to the segment level. Because of this, DCF can more easily handle mixed pools, e.g., loans of all vintages, sizes, terms, payment and amortization schedules, etc. A potential con of DCF is that it really requires software, staff trained to use the software appropriately, and an understanding of the vast array of choices, levers, and decisions that come with it.     

Does my choice of method affect my qualitative adjustment options?

How’s this for commitment: maybe. In general, I think it’s safe to say that CECL requires additional thought be given to the nature and degree of adjustments. This is especially true when you look at the combination of potential segmentation changes, new elements of the calculation, and the variety of methods now available. Consider the example of a bank using a loss-rate method and facing a potential economic downturn. If that bank has sufficient history and a relatively stable portfolio mix, credit culture, and geography, then it might elect to use a different time period—say, historical loss-rates observed from the last recession—rather than those more recently computed. In this case, the loss-rate method would already be using a recessionary experience. 

How then, would the bank approach additional qualitative adjustments for changing economic outlooks to ensure it is not layering (or double counting) reserve? Going back to the original “maybe” response, perhaps the answer is less about inherent conflicts between methods and qualitative adjustments. Rather, it’s about understanding that given your chosen method, you may be faced with even more decisions about if, where, and how much adjusting you are doing.

CECL adoption is required. Struggling to adopt isn’t. We can help.

No matter what stage of CECL readiness you are in, we can help you navigate the requirements as efficiently and effectively as possible. For more information, visit the CECL page on our website. If you would like specific answers to questions about your CECL implementation, please visit our Ask the Advisor page to submit your questions.

For more tips on documenting your CECL adoption, stay tuned for our next article in the series. You can also follow Susan Weber on LinkedIn.

Article
Questions to ask when deciding your CECL Method

Read this if you are a financial institution.

As you know by now, ASU No. 2016-13, Financial Instruments – Credit Losses (Topic 326), better known as the CECL standard, has already been implemented for some and will soon be implemented for all others (fiscal years beginning after December 15, 2022 to be exact). During your implementation process, the focus has likely been on your loan portfolio, and rightfully so, as CECL overhauls 40+ years of loan loss reserve practices. But, recall that the CECL standard applies to all financial instruments carried at amortized cost. So, it therefore includes held-to-maturity (HTM) debt securities. And, although not carried at amortized cost, the CECL standard also makes targeted enhancements to available-for-sale (AFS) debt securities. As if re-hauling your entire allowance methodology wasn’t enough! Before tearing out your hair because of another CECL-related change, let’s quickly review what is currently required for securities, and then focus on how this will change when you implement CECL.

Current US GAAP

Under current US generally accepted accounting principles (GAAP), direct write-downs on HTM and AFS debt securities are recorded when (1) a security’s fair value has declined below its amortized cost basis and (2) the impairment is deemed other-than-temporary. This assessment must be completed on an individual debt security basis. Providing a general allowance for unidentified impairment in a portfolio of securities is not appropriate. The previous amortized cost basis less the other-than-temporary impairment (OTTI) recognized in earnings becomes the new amortized cost basis and subsequent recoveries of OTTI may not be directly reversed into interest income. Rather, subsequent recoveries of credit losses must be accreted into interest income.

CECL: Held-to-maturity securities

Then comes along CECL  and changes everything. Once the CECL standard is implemented, expected losses on HTM debt securities will be recorded immediately through an allowance for credit loss (ACL) account, rather than as a direct write-down of the security’s cost basis. These securities should be evaluated for risk of loss over the life of the securities. Another key difference from current GAAP is that securities with similar risk characteristics will need to be assessed for credit losses collectively, or on a pool basis, not on an individual basis as currently prescribed. Also, contrary to current GAAP, since expected losses will be recorded through an ACL account, subsequent improvements in cash flow expectations will be immediately recognized through earnings via a reduction in the ACL account. CECL effectively eliminates the direct write-down method, with write-offs only occurring when the security, or a portion thereof, is deemed to be uncollectible. 

In practice, there may be some types of HTM debt securities that your institution believes have no risk of nonpayment and thus risk of loss is zero. An example may be a US Treasury debt security or possibly a debt security guaranteed by a government-sponsored enterprise, such as Ginnie Mae or Freddie Mac. In these instances, it is acceptable to conclude that no allowance on such securities is necessary. However, such determination should be documented and changes to the credit situation of these securities should be closely monitored.

Financial institutions that have already implemented CECL have appreciated its flexibility; however, just like anything else, there are challenges. One of the biggest questions that has risen is related to complexity, specifically from financial statement users in regards to the macroeconomic assumptions used in models. Another common challenge is comparability to competitors’ models and estimates. Each financial institution will likely have a different methodology when recording expected losses on HTM debt securities due to the judgment involved. These concerns are not unique to the ACL on HTM debt securities but are nonetheless concerns that will need to be addressed. A description of the methodology used to estimate the ACL, as well as a discussion of the factors that influenced management’s current estimate of expected losses must be disclosed in the financial statements. Therefore, management should ensure adequate information is provided to address financial statement users’ concerns.  

CECL: Available-for-sale securities

Upon CECL adoption, you are also expected to implement enhancements to existing practices related to AFS debt securities. Recall that AFS debt securities are recorded at fair value through accumulated other comprehensive income (AOCI). This will not change after adoption of the CECL standard. However, the concept of OTTI will no longer exist. Rather, if an AFS debt security’s fair value is lower than its amortized cost basis, any credit related loss will be recorded through an ACL account, rather than as a direct write-down to the security. This ACL account will be limited to the amount by which fair value is below the amortized cost basis of the security. Credit losses will be determined by comparing the present value of cash flows expected to be collected from the security with its amortized cost basis. Non-credit related changes in fair value will continue to be recorded through an investment contra account and other comprehensive income. So, on the balance sheet, AFS debt securities could have an ACL account and an unrealized gain/loss contra account. The financial institution will be responsible for determining if the decline in the value below amortized cost is the result of credit factors or other macroeconomic factors. In practice, the following flowchart may be helpful:

Although changes to debt securities may not be top of mind when working through CECL implementation, ensuring you reserve time to understand and assess the impact of these changes is important. Depending on the significance and composition of your institution’s debt security portfolio, these changes may have a significant impact on your financial institution’s financial statements from CECL adoption forward. For more information, visit the CECL page on our website. If you would like specific answers to questions about your CECL implementation, please visit our Ask the Advisor page to submit your questions.

Article
Don't forget about me! Changes in debt security accounting resulting from CECL 

Read this if you are at a financial institution.

While documentation of your CECL implementation and ongoing practices is essential to a successful outcome, it can sometimes feel like a very tall order when you are building a new methodology from the ground up. It may help to think of your CECL documentation as your methodology blueprint. While others will want to see it, you really need it to ensure that what you are building is well-designed, structurally sound, appropriately supported, and will hold up to subsequent “renovations” (model changes or tweaks). To help you focus on what’s essential, consider these documentation tips:

Getting started

Like any good architect, you need to understand the expectations for your design—what auditors and regulators want to see in your documentation. Two resources that can really help are the AICPA Practice Aid: Allowance for credit losses-audit considerations1, and the Interagency Supervisory Guidance on Model Risk Management2. One way to actively use these guides is to take note of the various section/subject headers and the key points, ideas, and questions highlighted within each, and turn that into your documentation checklist. You’ll also want to think strategically about where to keep the working document, who needs access to it, and how to maintain version control. It is also a good idea to decide up-front how you will reference, catalog, and store the materials (e.g., data files, test results, analyses, committee minutes, presentations, approvals, etc.) that helped you make and capture final decisions. You can download our CECL Documentation checklist now.   

What to watch out for

What’s new under CECL are areas requiring documentation (e.g., broader scope of “financial assets,” prepayments, forecasts, reversion, etc.). But watch out for elements that seem familiar—they may now have a new twist (e.g., segmentation, external data, Q factors, etc.). It’s a good idea to challenge any documentation from the past that you feel could be re-purposed or “rolled into” your CECL documentation. Be prepared also to spend time explaining or customizing vendor-provided documents (e.g., model design and development, data analysis memos, software procedures, etc.). 

While this material can give you a running start, they will not on their own satisfy auditor and regulator expectations. Ultimately, your documentation will need to reflect your own understanding and conclusions: how you considered, challenged, and got comfortable with the vendor’s work; what validations and testing you did over that work, and how you’ve translated this into policies and procedures appropriate for your institution’s operations, workflows, governance, and controls. For more information on making the vendor decision, and for suggestions of vendor selection criteria, read our previous article “CECL Readiness: Vendor or no vendor?” 

Point of view

It is human nature, especially whenever entering new territory, to want to know how others are approaching the task at hand. Related to CECL, networking, joining peer discussion groups, researching what and how those who have already adopted CECL are disclosing, are all great ways to see possibilities, learn, and gain perspective. When it comes to CECL documentation, however, the most important point of view to communicate is that of your institution’s management. Consider the difference in these two documentation approaches: (a) we looked at what others are doing, this is what most of them seem to be doing, so we are too; or (b) this is what we did and why we feel this decision is the best for our portfolio/risk profile; as part of our decision-making process, we did this type of benchmarking and discovered this. Example b is stronger documentation: your point of view is the primary focus, making it clear you reached your own conclusions. 

Other elements for CECL documentation

Documenting your CECL implementation, methodology, and model details is critical, but not the only documentation expected as you transition to CECL. It has been said that CECL is a much more enterprise-wide methodology, meaning that some of the model decisions or inputs may require you use data and assumptions traditionally controlled in other departments and for other purposes. One common example of this is prepayments. Up to this point, prepayment data may have been something between management and a vendor and used for management discussion and planning, but not necessarily validated, tested, or controlled for in the same way as your loss model calculations. Under CECL, this changes specifically because it is now an input into the loss estimate that lands in your financial statements. As a result, prepayments would be subject to, for example, “accuracy and completeness” considerations, among others (for more information on these expectations, refer to our earlier articles on data and segmentation). Prepayments is just one example, but does illustrate how CECL adoption will likely trigger updates to policies, procedures, governance, and controls across multiple areas of the organization.    

One final note: There are some new financial statement disclosures required with CECL adoption. Beyond those, there may be other CECL-related information either you want to share, or your audit/tax firm recommends be disclosed. Consulting with your auditor at least a quarter prior to adoption will help make sure you aren’t scrambling last minute to draft new language or tables.  

Struggling with CECL documentation or other elements of CECL? 

No matter what stage of CECL readiness you are in, we can help you navigate the requirements as efficiently and effectively as possible. For more information, visit the CECL page on our website. If you would like specific answers to questions about your CECL implementation, please visit our Ask the Advisor page to submit your questions.

For more tips on documenting your CECL adoption, stay tuned for our next article in the series. You can also follow Susan Weber on LinkedIn.

1You can find the AICPA Practice Aid here.
2The interagency guidance was released as OCC Bulletin 2011-12, FRB SR 11-7, and as FDIC FIL 22-2017

 

Article
CECL documentation: Your methodology blueprint

Read this if you are a Chief Financial Officer at a financial institution.

The Financial Accounting Standards Board (FASB) issued its second Accounting Standards Update (ASU) of 2022 on March 31, 2022. Seen as a fairly quiet year thus far on the accounting standards issuance front, both ASUs issued so far should catch the attention of financial institutions’ accounting and finance teams. For readers who may have missed it, on March 31, 2022, we wrote about the FASB’s first ASU of 2022: ASU No. 2022-01, Derivatives and Hedging (Topic 815): Fair Value Hedging – Portfolio Layer Method. Seen as enhancing the flexibility of hedge accounting, this ASU, among other things, expands on the “last-of-layer” hedging method by allowing multiple hedged layers to be designated for a single closed portfolio of financial assets or one or more beneficial interests secured by a portfolio of financial instruments.

The most recently issued ASU, ASU No. 2022-02, Financial Instruments – Credit Losses (Topic 326): Troubled Debt Restructurings and Vintage Disclosures, responds to feedback received during the FASB’s Post-Implementation Review process of ASU No. 2016-13, Financial Instruments – Credit Losses (Topic 326): Measurement of Credit Losses on Financial Instruments. Commonly known as the “CECL (current expected credit loss) standard,” financial institutions that have not yet adopted ASU No. 2016-13 should be well into their CECL implementation plan. ASU No 2016-13 is effective for fiscal years beginning after December 15, 2022, including interim periods within those fiscal years. 

The CECL standard is seen as a major disruptor event for financial institutions. I encourage you to check out my colleague Susan Weber’s CECL implementation series (the latest article can be found here) for best practices on a successful CECL implementation.

As soon as you see the acronym “CECL” in an article, especially one in regards to a new accounting standard, you may be already looking to “X” out of your web browser and save whatever horrors this ASU brings for another day. But, the changes that are forthcoming as a result of ASU No. 2022-02 are generally seen as being well received by accounting and finance teams (and likely credit teams as well). 

As its name implies, ASU No. 2022-02 addresses two separate issues: Troubled debt restructurings and vintage disclosures.

Troubled debt restructurings

The ASU eliminates the current troubled debt restructuring accounting guidance within Accounting Standards Codification (ASC) Subtopic 310-40 in its entirety. To help illustrate the impact of the proposed changes, let’s quickly review ASC Subtopic 310-40. ASC Subtopic 310-40, among other things, indicates a troubled debt restructuring should not be accounted for as a new loan because a troubled debt restructuring is part of a creditor’s ongoing effort to recover its investment in the original loan. A loan modification is considered a troubled debt restructuring if made to a borrower experiencing financial difficulty and if the modification grants a concession. Furthermore, all troubled debt restructurings are considered impaired loans. After adoption of the ASU, financial institutions will evaluate whether the modification represents a new loan or a continuation of an existing loan, in accordance with current ASC guidance (ASC 310-20-35-9 through 35-11). 

Current ASC guidance indicates a loan modification shall be treated as a new loan if the terms of the modification are at least as favorable to the lender as the terms for comparable loans to other customers with similar collection risks who are not refinancing or restructuring a loan with the lender. This condition would be met if the new loan’s effective yield is at least equal to the effective yield for such loans and modifications of the original debt instrument are more than minor. A modification is considered “more than minor” if the present value of the cash flows under the terms of the new debt instrument is at least 10 percent different from the present value of the remaining cash flows under the terms of the original instrument. However, even if the difference is less than 10 percent, the financial institution should evaluate whether the modification is more than minor based on the specific facts and circumstances surrounding the modification.

The ASU also modifies disclosure requirements. Rather than disclosing information on troubled debt restructurings, financial institutions will now be required to disclose information on loan modifications that were in the form of principal forgiveness, an interest rate reduction, an other-than-insignificant payment delay, or a term extension (or a combination thereof) made to debtors experiencing financial difficulty. Among other things, ASC 310-10-10-50-42 through 50-44 requires financial institutions to disclose, by class of financing receivable, the types of modifications utilized and certain financial effects of the modification, depending on the type of modification. ASC 310-10-55-12A provides an example of the disclosures required by ASC 310-10-10-50-42 through 50-44. The new disclosures must be made regardless of whether a modification to a debtor experiencing financial difficulty results in a new loan. In part, this section of the ASU is seen as providing structure around some of the types of modification disclosures financial institutions were providing during the coronavirus pandemic. 

Financial institutions have long had internal controls surrounding the determination of troubled debt restructurings given the impact such restructurings can have on the allowance for loan losses and financial statement disclosures. Although internal controls surrounding loan modifications will still need to exist, they will likely need to evolve as a result of ASU No. 2022-02. Furthermore, the data gathered for preparation of financial statement disclosures will also change. However, the data needed to satisfy the new disclosure requirements should be readily available, with possibly minor manipulation required to obtain the information needed under the new disclosure requirements.

Vintage disclosures

The ASU amends ASC 326-20-50-6 to require public business entities to disclose current-period gross writeoffs by year of origination for financing receivables and net investment in leases within the scope of ASC Subtopic 326-20. ASC 326-20-55-79 provides an example of this disclosure.

ASU No. 2022-02 is effective for fiscal years beginning after December 15, 2022, including interim periods within those fiscal years—the same effective date for those who have not yet adopted ASU No. 2016-13. As always, if you have any questions as to how this ASU may impact your financial institution, please reach out to BerryDunn’s Financial Services team or submit a question via our Ask the Advisor feature.
 

Article
FASB is on a roll: Another ASU aimed at financial institutions

Read this if you are a not-for-profit organization.

With springtime upon us, it may be difficult to start thinking about this upcoming fall, but that is exactly what many folks in the nonprofit sector are starting to do. The reason for this? It’s because 2022 brings with it the mid-term election cycle. While technically an off-year election, many congressional and gubernatorial races are being contested, in addition to a myriad of questions that will appear on ballots across the country. It is around this time of year we start to see many questions from clients in the nonprofit sector in the area of political campaign activities, lobbying (both direct and grassroots), and education/advocacy.

This article will discuss the three major types of activities nonprofit organizations may or may not undertake in this arena and will offer guidance to give organizations the vote of confidence they need to not run afoul of the potential pitfalls when it comes to undertaking these activities.

Political campaign activity

Political campaign activities include participating or intervening in any political campaign on behalf of (or in opposition to) any candidate for elective public office, be it at the federal, state, or local level. Examples of such activities include contributions to political campaigns as well as making public statements in favor of or in opposition to any candidate. The IRS explicitly prohibits section 501(c)(3) organizations from conducting political campaign activities, the consequence of doing so being loss of exempt status. However, other types of exempt organizations (such as 501(c)(4) organizations) are allowed to engage in such activities, so long as those activities are not the organization’s primary activity. Only Section 527 organizations may engage in political campaign activities as their primary purpose. 

Direct lobbying

Direct lobbing activities attempt to influence legislation by directly communicating with legislative members regarding specific legislation. Examples of direct lobbying include contacting members of Congress and asking them to vote for or against a specific piece of legislation.

Grassroots lobbying

Grassroots lobbying, on the other hand, attempts to influence legislation by affecting the opinions of the general public and include a call to action. Examples of grassroots lobbying include requesting members of the general public to contact their representatives to urge them to vote for or against specific legislation.  

A quick way to remember the difference:
Political = think “P” for People – advocating for or against a specific candidate 
Lobbying = think “L” for Legislation – advocating for or against a specific bill

Education/advocacy

Organizations may engage in activities designed to educate or advocate for a particular cause so long as it does not take a specific position. For example, telling members of Congress how grants helped constituents would be considered an educational activity. However, attempting to get a member of Congress to vote for or against specific piece of legislation that would affect grant funding would be considered lobbying. Another example would be educating or informing the general public about a specific piece of legislation. Organizations need to be mindful here as taking a specific position one way or the other would lend itself to the activity being deemed to be lobbying, and not merely education of the general public. There is no limit on how much education/advocacy activity a nonprofit organization may conduct.

Why does this matter?

As you can see, there is a very fine line between lobbying and education, so it is important to understand the differences so that an organization conducting educational activities does not inadvertently end up conducting lobbying activities.

Organizations exempt under Code Section 501(c)(3) can conduct only lobbying activities that are not substantial to its overall activities. A 501(c)(3) organization may risk losing its exempt status and may face excise taxes on the lobbying expenditures if it is deemed to be conducting excess lobbying, whereas section 501(c)(4), (c)(5), and (c)(6) organizations may engage in an unlimited amount of lobbying activity.

What is substantial?

Unfortunately, there is no bright line test for determining what is considered substantial versus insubstantial. As an industry standard, many practitioners have taken a position that insubstantial means five percent or less of total expenditures, but that position is not codified and could be challenged by the IRS. 

Section 501(c)(3) organizations that intend to conduct lobbying activities on a regular basis may want to consider making an election under Code Section 501(h). This election is only applicable to 501(c)(3) organizations and provides a defined amount of lobbying activity an organization may conduct without jeopardizing its exempt status or becoming subject to excise tax. The 501(h) election limit is based on total organization expenditures with a maximum allowance of $1 million for “large organizations” (defined as an organization with total expenditures over $17,000,000). 

While the 501(h) election provides some clarity as to how much lobbying activity can be conducted, it may be prohibitive for some organizations whose total expenditures greatly exceed the $17,000,000 threshold. Another item to be aware of is that the lobbying threshold applies to all members of an affiliated group combined, which means the entire group shares the maximum threshold allowed. 

Another option for those engaging in lobbying is to create a separate entity (such as a 501(c)(4) organization) which conducts all lobbying activities, insulating the 501(c)(3) organization from these activities. As previously mentioned, organizations exempt under Code Section 501(c)(4) can conduct an unlimited amount of lobbying activities but can only conduct limited political campaign activities.

What about political campaign activities?

Section 527 organizations, known as political action committees, are exempt organizations dedicated specifically to conducting political campaign activities. If a 501(c)(4), (c)(5), or (c)(6) organization makes a contribution to a 527 organization, it may be required to file a Form 1120-POL and be subject to tax at the corporate tax rate (currently a flat 21%) based on the lesser of the political campaign expenditures or the organization’s net investment income. State income taxes may also be applicable. Section 501(c)(3) organizations may not make contributions to 527 organizations. 

If your organization is considering participation in any of the above activities, we would recommend you reach out to your not-for-profit tax team for additional information. We’re here to help!

Article
Lobbying and politics and education, oh my!

Read this if you are a Chief Financial Officer at a financial institution.

Back in November 2021, we wrote about Accounting Standards Update (ASU) No. 2017-12 and the flexibility it adds to hedge accounting. In the article we mentioned a proposed ASU the Financial Accounting Standards Board (FASB) had issued in May 2021. On March 28, 2022 the FASB finalized this proposed ASU with the issuance of its first ASU of 2022: ASU No. 2022-01, Derivatives and Hedging (Topic 815): Fair Value Hedging – Portfolio Layer Method. Among other things, the ASU expands on the “last-of-layer” hedging method by allowing multiple hedged layers to be designated for a single closed portfolio of financial assets or one or more beneficial interests secured by a portfolio of financial instruments. As a result, an entity may be able to achieve hedge accounting for hedges of a greater proportion of its interest rate risk inherent in the assets included in the closed portfolio, further aligning hedge accounting with risk management strategies. The “last-of-layer” method has thus been renamed the “portfolio layer” method. 

The ASU also allows an entity to reclassify debt securities classified in the held-to-maturity category at the date of adoption of the ASU to the available-for-sale category. However, this reclassification may only occur if the entity applies portfolio layer method hedging to one or more closed portfolios that include those debt securities. The decision of which securities to reclassify must be made within 30 days after the date of adoption, and the securities must be included in one or more closed portfolios that are designated in a portfolio layer method hedge within that 30-day period.

ASU No. 2022-01 is effective for public business entities for fiscal years beginning after December 15, 2022, and interim periods within those fiscal years. For all other entities, the ASU is effective for fiscal years beginning after December 15, 2023, and interim periods within those fiscal years. Early adoption is permitted for those entities that have adopted ASU No. 2017-12 for the corresponding period.

This ASU further enhances the flexibility of hedge accounting and ultimately builds upon the framework set by ASU No. 2017-12. Financial institutions using, or looking to use, derivatives and hedge accounting to manage interest rate risk should review this ASU to determine if it provides opportunity for revised hedging techniques and strategies that may benefit the institution. As always, if you have any questions as to how this ASU may impact your financial institution, please reach out to BerryDunn’s Financial Services team or submit a question via our Ask the Advisor feature.
 

Article
FASB issues its first ASU of 2022: Much anticipated changes to hedge accounting are here