Financial Institutions In Focus Newsletter - Summer 2017

June 2017

Download PDF Version

Table of Contents

Federal Tax Reform Part II - What to expect in the second half of 2017
Blockchain and Cryptocurrency in the Regulatory and Audit Environment
BDO and Herrick Feinstein LLP Discuss Newly Implemented NYDFS Cybersecurity Regulation at Joint Breakfast Panel
BDO Spotlight: Q&A with Jeff Jaramillo


Federal Tax Reform Part II

What to expect in the second half of 2017

By Glenn James

It’s been three months since the publication of our first article on tax reform titled: “Federal Tax Reform: What We Are Likely to See in 2017.” At least two major events discussed in that article have already transpired. 

First, with barely a moment’s hesitation, the U.S. Senate majority acted by a vote of 52 to 48 to further limit the application of Senate Rule 22 (known as the “Filibuster” or the “Cloture” rule) and reduce the number of senators required to confirm a U.S. Supreme Court justice nomination to a simple majority of 51. The president’s nominee to the Court, Neil Gorsuch, was then promptly confirmed with 54 votes. And now all presidential nominees can be confirmed in the Senate with a simple majority vote.

Considering these developments, it is difficult to construct a compelling argument that assumes the majority party would not also repeal Rule 22 to advance tax legislation and a budget resolution. If that occurs, the congressional minority might well become irrelevant in the short term, in which case, the future of tax reform will be dependent solely upon the ability of the congressional majority to line up its own members behind whatever legislation the majority leadership proposes.

The initial failure of the majority party to bring a bill repealing the Affordable Care Act of 2010 to a floor vote fueled doubts that the majority would be able to build consensus on such sweeping policy changes. That doubt was beaten back when, rather abruptly, a repeal and replace bill, the “American Health Care Act,” was passed six weeks later in the U.S. House of Representatives by a vote of 217 to 213. Tax reform should be much less controversial than healthcare, especially given that, in broad principle, the majority proposal and the president’s campaigned-on proposal are substantially identical.

Accordingly, it now appears more likely than not that tax reform will be enacted this year which will represent a sea change in the way the U.S. taxes business entities. The president and his spokespeople have, since our last article, issued further commentary that can be regarded as an abbreviated, updated proposal. Here is what we can anticipate based on what they are telling us now.

Tax Reform Proposals: Candidate Trump vs. President Trump
The president’s campaigned-on proposal called for a reduction in the top individual tax rate from the current 43.4 percent (39.6 percent regular income tax plus 3.8 percent investment income tax) to a 33 percent rate (33 percent regular income tax and no net investment income tax). The president’s latest proposal calls for a reduction only to 35 percent (35 percent regular income tax and no net investment income tax).

The president’s latest proposal apparently remains in line with his campaigned-on proposal and keeps the maximum rate of taxation on long-term capital gains and corporate dividends at 20 percent. And just as in the president’s campaigned-on proposal, the revised proposal eliminates personal exemptions, eliminates itemized deductions (except for home mortgage interest expense and charitable contributions), may cap those deductions at $200,000 for a married couple ($100,000 single), and may eliminate most deductions against gross income to arrive at adjusted gross income except for retirement savings deductions.

The latest proposal calls for the elimination of a number of tax breaks, including the so-called “carried interest” that taxes investment fund managers on their performance-based compensation at capital gains tax rates rather than ordinary income tax rates. It also proposes eliminating tax breaks relating to items that are considered preferences under the current alternative minimum tax regime.

While the president’s latest proposal continues to call for repeal of the net investment income tax and the alternative minimum tax, it remains silent, as did the campaigned-on proposal, with respect to the fate of the Medicare surtax introduced under the Affordable Care Act of 2010. Individual members of Congress have suggested that the surtax may be kept in order to fund costs that will continue under the American Health Care Act.

The president’s latest proposal, like the campaigned-on proposal, also calls for elimination of the federal estate tax (the “Death Tax”), apparently accompanied by an elimination of the “step-up-in-basis” presently given to property passing through an estate.

In relation to business entities (corporations, S-corporations, partnerships and limited liability companies), the latest proposal, like the campaigned-on proposal, continues to call for a 15 percent income tax rate, parity between so-called C-corporations and pass-through entities, and base broadening by elimination of deductions and other tax breaks to business entities.

What to Make of What We Know Now
The prospect of tax reform suggests the following action: Corporations should be prepared for a substantial write-down of their deferred tax assets on account of the corporate tax rate reduction.

Business entities should, to the extent possible, accelerate deductions into 2017 and defer income to later years (hedging against the possibility that reform will not take effect until 2018). This means that even those business entities not typically interested in deductions representing merely a deferral of tax because of their low cost of borrowing—i.e., banks—ought to have a keen interest in all such strategies because they may very well represent substantial permanent tax savings due to the reduction in tax rate.

After considering the individual tax-benefit eliminations in the latest proposal as well as the somewhat nominal decrease in the top tax rate, it would appear that individual taxpayers don’t stand to gain a great deal under tax reform except, perhaps, simplicity. Nevertheless, individuals should, to the extent they are able, apply the same strategy suggested above for business entities, which is to say they should defer income and accelerate deductions in order to position themselves to benefit in the transition.

Tax reform now seems to be definitely on the way, and barring the continued escalation of controversy swirling around the Oval Office, the GOP seems resolved to come together to push reform through.

Glenn James is a partner and tax practice leader in BDO’s Financial Institutions & Specialty Finance practice. He can be reached at [email protected]


Blockchain and Cryptocurrency in the Regulatory and Audit Environment

By Sanjay Marwaha, Chuck Pine and Greg Schu

Blockchain technology provides a chronological, permanent and public ledger of transactions that support many different uses, from transacting in cryptocurrencies like bitcoin to the growing promise of trade settlement on Wall Street. For financial fraud investigators in law enforcement, a permanent and public ledger can prove to be a critical and important piece of evidence that can link an individual or group of co-conspirators to potentially illegal financial transactions, including money laundering or other financial frauds.

While cryptocurrency offers the appeal of anonymity to those involved in illicit activity, it can be overcome by law enforcement through the use of confidential informants, undercover operations, cooperating co-conspirators, consensual monitoring, wiretaps and other special investigative law enforcement techniques. That is not the case, however, for anti-money laundering (AML) professionals, money service businesses and institutions designated as a “financial institution” by the Bank Secrecy Act. For them, blockchain and anonymous cryptocurrencies such as bitcoin present new challenges that require increasingly creative AML policies, procedures and internal controls.

Existing risk assessment, Know-Your-Customer, customer due diligence and transaction monitoring methodologies can be modified and enhanced to address money laundering risks associated with blockchain technology. Unlike law enforcement professionals, who utilize search warrants, arrest warrants, subpoenas for documents and testimony, and the special investigation techniques described above, AML professionals must adjust to the anonymity and lack of transaction traceability that blockchain may produce. This requires the increased use of some very basic and available tools and methodologies.

Some of these tools include:
  1. Collaborate with individuals and groups at conferences, consortiums and typology sessions who are impacted by blockchain and cryptocurrency challenges in the AML world. This enables both the enrichment and leveraging of resources, ideas, suggestions and leading practices. It also can assist in establishing a stronger knowledge base, forming new partnerships and relationships and standardizing related AML terminology.
  2. Establish an organizational process where previously reported suspicious activity reports (SARs) that involve cryptocurrency are reviewed and analyzed by your team. Identify the details and patterns that exist in the SARs and make modifications and enhancements to your AML compliance program to detect similar characteristics and conduct.
  3. Closely monitor Financial Crimes Enforcement Network and other relevant legal and regulatory authorities for new legislation, regulations, guidance, updates, results of examinations and enforcement actions related to AML and the use of bitcoin or other cryptocurrencies.

Financial institutions that deal with cryptocurrency must put effective, appropriate and comprehensive AML controls in place to protect against the unique AML risks associated with virtual currency. Increased collaboration among common partners, a real-time understanding of characteristics present in other suspicious cryptocurrency transactions, and the close monitoring of legal and regulatory updates will help financial institutions understand and address AML concerns resulting from the use of bitcoin and other cryptocurrencies. 

Applications of Blockchain in the Audit Process
Despite the broad implications—both positive and challenging—for blockchain, there are, however, several aspects of the audit process where blockchain could provide a clear enhancement. Today’s audit and compliance activities can be resource intensive. They can trigger rounds of manual reconciliations, involve data that requires significant sampling or full testing, and ultimately demand hours of often duplicative data analysis due to a lack systems integration.

Those efforts required to validate transactions manually can drive up the cost, lengthen the process and decrease the efficiency of the audit procedure. As mentioned earlier, the underlying structure of blockchain is to have distributed, electronic ledgers that maintain, in real time, transactions that are validated and protected via encryption solutions.

What does that really mean? A blockchain transaction could be validated when it occurs and can be reviewed for completeness and accuracy through the use of entities exchanging transactions via a common platform. The auditor should be able to more quickly and efficiently reconcile data, amounts, assets, ownership, transactions and other detailed information across the distributed general ledger. The following is a current state overview of an audit and compliance review process.

By leveraging blockchain for audit and compliance activities, data transparency could be improved, and the need for duplicative and manual reconciliation and validation processes between organizations and across disparate systems would be greatly reduced. By making transactions updated and available in real time, blockchain technology can help reduce the potential for errors and improve the overall quality of the audit process. Furthermore, with the added automation and integration of systems, blockchain has the potential to greatly reduce the time required to perform the testing and validation of the information. Below is a potential future state of an audit and compliance review process leveraging automated solutions such as blockchain.

World Economic Forum
To learn more about how BDO can help you address both the challenges and opportunities tied to the rise of blockchain, please contact one of the authors of this article.

Sanjay Marwaha is a managing director and leader of BDO’s Risk Advisory Financial Services practice. He can be reached at [email protected]
Chuck Pine is a managing director in BDO’s Consulting practice. He can be reached at [email protected].
Greg Schu is a partner in BDO’s Risk Advisory Services practice. He can be reached at [email protected]



BDO and Herrick Feinstein LLP Discuss Newly Implemented NYDFS Cybersecurity Regulation at Joint Breakfast Panel

On March 28, BDO co-sponsored a cybersecurity breakfast panel, “New York DFS Cybersecurity Regulation—The New Normal,” with law firm Herrick, Feinstein LLP at Herrick’s offices in New York. The event, which featured a joint panel with Herrick’s Richard Morris and Erica Markowitz and BDO Managing Director Michael Stiglianese, focused on how financial institutions can comply with the newly implemented New York Department of Financial Services (NYDFS) cybersecurity regulation.

Below are the top event takeaways:
  • The new DFS regulation is groundbreaking in scope, in both its level of prescription and accountability. New York will be deemed the leader, but regulators are likely to look to the DFS regulation as a minimum standard for cybersecurity.
  • While there are exemptions, most are limited and pertain primarily to small entities. Even though an organization falls within a limited exemption, it must still comply with many of the key requirements of the regulation and will be required to go through periodic processes to re-affirm they qualify for exemptions.
  • DFS has broad authority to bring enforcement actions for noncompliance, and while it is still unclear what enforcement profile the DFS will elect to adopt, possible remedies may include fines, license revocation and/or the engagement of an independent monitor, among others.
  • Liability will extend beyond the DFS. A cyber event that causes a loss to your clients or business will expose you to possible class action and other litigation and claims. Organizations need to prepare their records and documentation for the inevitable cyber event, including a robust response plan.
  • Consider cyber insurance, but make sure it covers your company’s unique cyber risk profile. Look for coverage for regulatory fines and for security incidents for data controlled by service providers. Require third-party service providers to carry their own cyber insurance and make sure their coverage will apply if there is a breach involving data in their possession. In addition, check levels of D&O coverage in light of the new responsibilities imposed by the DFS.
  • Add “notify your insurance carriers” to your incident response plan. Insurance may not be top of mind when a security event takes place but most cyber insurance policies require prior consent of the insurer before you incur any expenses in connection with the event.  New York will be deemed the leader but regulators are likely to look to the DFS regulation as a minimum standard for cybersecurity.

Financial services institutions should also remember the following points, as noted in BDO’s prior financial services alert on the new NYDFS regulation:
  • Board members and senior management are now responsible for cybersecurity. Under the regulation, a member of the board or senior officer must personally certify compliance on an annual basis.
  • Non-exempt covered entities need a Chief Information Security Officer (CISO). While you can elect to outsource the CISO role to a third party, you cannot outsource responsibility for oversight or accountability as DFS requires that someone within the company oversee the CISO - you cannot delegate your obligation.
  • Look at third-party service providers as an extension of your own organization. The regulation requires companies to vet and manage service providers that access or control nonpublic information. A risk assessment should be undertaken to ensure all service providers are in compliance with your policies – your policies should take precedence.
  • Organizations should comply prior to the compliance date. Compliance obligations exist now because of your fiduciary duties. You cannot look to a client and note that a breach occurred prior to the compliance date and expect that will assuage their response.

With the NYDFS cybersecurity regulation now in effect, companies must ensure that they have the necessary cybersecurity and compliance programs in place with the proper personnel, policies and processes. Financial institutions should also take care to ensure that their cyber insurance policies adequately cover their unique cyber risk profiles.

BDO works with insurers and financial institutions to develop a comprehensive approach to cybersecurity and compliance, taking a 360-degree view of information risk and opportunity. We are well-versed in the DFS regulation, and well-equipped to help clients quickly address any areas of noncompliance. BDO’s Cybersecurity Risk Assessment Portal, our proprietary state-of-the-art online tool, provides a cost-effective assessment and an easy-to-understand scorecard and report, highlighting areas of strength and uncovering areas for improvement.


BDO Spotlight: Q&A with Jeff Jaramillo

Jeff Jaramillo recently joined BDO as the partner and national leader of the U.S. Securities and Exchange Commission (SEC) practice. Based in Washington D.C., he joins BDO from the national SEC practice of a Big Four accounting firm, where he spent the majority of his 20-year career. He also served as a branch chief at the SEC for approximately eight years. He has extensive experience in assisting companies with complex SEC reporting issues. 

Can you tell us more about your background and experience prior to joining BDO?

Very early on in my career, I developed an interest in working with U.S. SEC reporting companies. More specifically, I was intrigued with understanding the characteristics and operating features of publicly held companies, which led me on my current career path. Prior to joining BDO, I worked in the national SEC practice of a Big Four accounting firm, where I cleared complex SEC accounting and reporting issues and, before then, I served directly at the SEC as an accounting branch chief in the Division of Corporation Finance. I have extensive experience working with companies on initial public offerings (IPOs) and other capital-raising transactions, mergers and acquisitions, carve-outs, spin-offs and periodic reporting. In addition, I have been active in various public forums throughout my career, including being a frequent speaker on current and emerging SEC accounting and reporting topics, and I have well-established relationships with the SEC staff. I am grateful for the opportunity to lead BDO’s national SEC practice and am committed to the firm’s continued success.

What were some of the top issues you tackled during your tenure as a branch chief for the SEC?

As a branch chief in the SEC’s Division of Corporation Finance (the Division), I was responsible for ensuring that our branch met all of our goals, in order to assist with meeting the requirements under the Sarbanes-Oxley Act, which requires the SEC to review all issuers at least once every three years. This requirement included reviewing each reporting company’s periodic filings on Forms 10-K and 10-Q to identify any reporting or accounting deficiencies.

Additionally, in this role I functioned as a key SEC accounting and reporting expert, regularly corresponding with management of SEC reporting companies to provide them guidance and recommendations on being compliant with applicable SEC reporting requirements. These tasks and initiatives were important to the Division’s mission and required the use of judgement and critical thinking to carry out the Division’s board program objectives. The lessons learned from my tenure at the SEC are ones that I apply daily at BDO.

What are some of the top SEC regulatory developments you anticipate in the year ahead, and how may the agency’s recent leadership changes affect its direction?

The SEC’s leadership is typically the critical factor that drives changes to its rulemaking activities and agenda. Just recently, Jay Clayton was sworn in as chairman of the SEC. While he may lay out his priorities in future speeches (as previously done by his predecessors), it may take some time before they are officially translated into policy.

An equally important consideration that will determine the SEC’s future direction is the question of who will fill the two currently vacant SEC commissioner seats, both of which are to be appointed by President Trump. To ensure that the SEC remains non-partisan, no more than three out of the five Commissioners can belong to the same political party, so the Trump administration will need to fill one of the two open vacancies with a Democrat and the other with a Republican. The speed at which Clayton can promote his agenda will depend partly on how quickly these seats can be filled as well as on his ability to gain consensus among the other SEC commissioners to support his agenda.

While the impact of the recent SEC leadership change is difficult to predict at this point, the House’s Financial CHOICE Act may provide a better indication of the changes that may occur under the new administration. Just recently, this bill was reintroduced as the Financial CHOICE Act 2.0 (the Act). Some of the main provisions would repeal or modify several key provisions of the Dodd-Frank Act. In addition, this Act includes several new provisions that would reform SEC enforcement and rulemaking authority and modify securities laws governing capital raising and ongoing reporting requirements. It is important for all companies to stay on top of these changes to ensure their business strategies and priorities continue to be aligned with what’s coming up in the year ahead.

What common SEC trends have you noticed during the past year, and do you anticipate these trends will continue?

Over the past year, we have seen a lot of media attention and SEC speeches as it relates to non-GAAP financial measures. After the SEC staff issued its revised Compliance & Disclosure Interpretations (C&DIs) on non-GAAP measures in May last year, the staff has been heavily focused on this area—reflected in the increased number of non-GAAP comments in SEC comment letters over the last year. Lately, the SEC staff has acknowledged the substantial progress companies have made, particularly in providing with equal or greater prominence the most directly comparable GAAP measure when presenting non-GAAP measures.

However, among other items, the SEC staff is still concerned about the appropriateness of non-GAAP measures that appear to eliminate normal recurring expenses, as well as the effectiveness of the related disclosure controls and procedures to ensure that companies present non-GAAP measures in accordance with SEC rules. While the overall comment letter activity may be expected to decline moving forward, the SEC staff is expected to continue to pursue non-GAAP disclosures, which they perceive to violate the C&DIs and the applicable SEC rules on non-GAAP measures.

In addition, the SEC may implement an additional focus on how registrants disclose key operating metrics (metrics), which are typically different from non-GAAP measures. For example, these metrics may include certain ratios or data derived from information that does not come from the financial statements. In a recent speech, SEC Chief Accountant Wes Bricker noted that many registrants disclose these metrics and that much of the recent lessons learned with non-GAAP disclosures can also be considered in other types of reporting, including the disclosure of metrics. Thus, current SEC registrants should consider providing clear disclosures on how their metrics are defined, how they are calculated, and how the metrics relate to their financial performance and profitability.

Are there any major topics you feel clients are not focusing on as much as they ought to be?

Many SEC registrants may be behind with the implementation of the new revenue recognition accounting standard and for many registrants the timing and pattern of revenue recognition will change. In some areas, the change will be very significant and require careful planning. Additionally, the new standard also introduces an overall disclosure objective together with significantly enhanced disclosure requirements for revenue recognition. In practice, even if the timing and pattern of revenue recognition does not change, it is possible that new and/or modified processes will be needed in order to comply with the expanded disclosure requirements. For SEC registrants with a calendar year-end, there is less than a year before this standard is required to be adopted. Consequently, for those entities that are behind in their implementation process, it is recommended that they finalize a good execution plan as soon as possible to allow them adequate time for proper implementation.

In addition to reminding registrants of the importance of successfully implementing this new revenue recognition standard, the SEC staff has also focused its attention on the required transition disclosures under Staff Accounting Bulletin No. 74 (codified in SAB Topic 11-M). This SEC staff interpretation requires registrants to disclose the impact that the recently issued accounting standards will have on their financial statements when adopted in a future period. The SEC staff has indicated that it expects these disclosures to evolve over time as the entity begins to better understand how the new revenue recognition standard will impact its financial statements.

For registrants that are not yet able to disclose the quantitative effects of the standard on their financial statements, the SEC staff expects that they should at least provide qualitative disclosures. For example, registrants should provide (1) a description of the effect of the accounting policies that the registrant expects to apply and a comparison to the registrant’s current accounting policies, and (2) the status of the registrant’s process to implement the new standard and the significant implementation matters yet to be addressed.

Registrants should also consider making any additional qualitative disclosures necessary to help financial statement users understand the impact of the new standard. This may include disclosures of the potential impact of other significant matters resulting from the adoption of the standard, such as potential technical violations of debt covenants or planned changes to business practices. Finally, the method of transition should also be disclosed as soon as one is elected, which will likely vary across entities.

What market issues and services does your practice focus on?

Our practice is well-equipped to help SEC reporting companies, as well as private companies looking to undergo an IPO in the future. We can help with the latter by providing guidance on and assisting them with producing financial statements that are IPO-ready and comply with the applicable SEC form and content rules. These financial statements would be included in their initial registration statement and submitted to the SEC staff for review. In addition, we provide counsel and advice on the latest SEC trends and focus areas, help our clients navigate the SEC comment letter process, as well as advise them on how to pre-clear convoluted SEC form and content fact patterns. By combining our long-standing industry expertise with our well-established relationships with the SEC staff, our team can provide public and private companies with the value-added services they need to be successful.

Jeff Jaramillo is a partner and national leader of BDO’s Securities Exchange Commission (SEC) practice. He can be reached at [email protected].