bdo 2019 nonprofit summit · shared servicing, pnc riverarch capital, and pnc erieview capital are...
Post on 05-Jun-2020
4 Views
Preview:
TRANSCRIPT
BDO 2019
NONPROFIT
SUMMIT
May 16, 2019
2019 BDO Nonprofit Summit
Agenda
8:00 AM – 8:45 AM REGISTRATION / NETWORKING / BREAKFAST
8:45 AM – 8:50 AMWELCOME
Laurie De Armond National Co-Leader, Nonprofit & Education Practice, BDO
8:50 AM – 9:40 AM
DISRUPTIVE TECHNOLOGY AND INNOVATION: FINANCIAL PROCESS TRANSFORMATION
OPPORTUNITIES FROM THE EVOLVING PAYMENT LANDSCAPE
David Temme Senior Vice President, Treasury Solutions Group Leader, PNC
9:40 AM – 10:30 AM
NAVIGATING PRIVACY AND RISK MANAGEMENT ISSUES OF EVOLVING TECHNOLOGY
Andras Kosaras Counsel, Arnold & Porter
Nancy Perkins Counsel, Arnold & Porter
Derrick King Senior Manager, Governance and Risk Compliance, BDO
Taryn Crane Manager, Governance and Risk Compliance, BDO
10:30 AM – 10:45 AM BREAK
10:45 AM – 12:00 PM
NONPROFIT VOICES – A DISCUSSION AMONGST YOUR PEERS
Maria Georges Senior Vice President and Managing Director, PNC
Christian Curtin Controller, NPR
Alex Galeano CFO, ASIS International
12:00 PM – 12:40 PM LUNCH
2019 BDO Nonprofit Summit
Agenda
12:40 PM – 1:30 PMLEADING DURING A TIME OF CHANGE
Seth Verry VP Go Team, Indiggo
1:30 PM – 2:45 PM
ACCOUNTING AND TAX UPDATE
Lee Klumpp National Assurance Partner, Nonprofit & Education Practice, BDO
Marc Berger National Director, Nonprofit Tax Services, BDO
Amy Duffin Assurance Director, Nonprofit & Education Practice, BDO
2:45 PM – 2:55 PM BREAK
2:55 PM – 4:35 PM
IMPACT RE-ENVISIONED: HOW TECHNOLOGY IS HELPING NONPROFITS ACHIEVE GREATER
IMPACT
Kirstie Tiernan Managing Director, Data Analytics and Automation, BDO
4:35 PM – 4:45 PM
CLOSING REMARKS
Laurie De Armond National Co-Leader, Nonprofit & Education Practice, BDO
Glenn Groninger Senior Vice President & Managing Director, PNC
4:45 PM – 6:00 PM NETWORKING RECEPTION
Join the conversation on Twitter @BDONonprofit #BDONonprofitSummit
2019 BDO Nonprofit Summit
Disruptive Technology and Innovation:
Financial Process Transformation
Opportunities from the Evolving Payment
LandscapeDavid Temme, Senior Vice President, Treasury Solutions Group Leader, PNC
Disruptive Technology and InnovationFinancial Process Transformation Opportunities From The Evolving Payment Landscape
2019 Non Profit SummitWashington, DCMay 16, 2019
IntroductionEvolving Expectations and Related Opportunities
Impact of MillennialsPayments are
Speeding Up
Peer to Peer Networks
Offer New Financial
Connection Channels
Real Time Connectivity
and Processing
Fintechs Introduce
Innovation and
Disruption
Accelerating Technology
Advances
IntroductionDigital Transformation Focus and Status
The Hackett Group: Building a Value Driven Business Case for Digital Transformation (August 2018)
Key Transformation Value Drivers
0% 20% 40% 60%
System Usability
Operating Cost
Business Value
Cycle Time
Service Quality
Agility
Customer Satisfaction
Identified by Respondent Top Performers
Where is the Most Activity?
0% 20% 40% 60% 80% 100%
Treasury
Business Analysis
Planning
Accounting
Revenue Cycle
Disbursements
Completed Piloting Exploring
Digital Transformation Projects By Life Cycle Stage
Multiple Paths to Explore
Faster Payments
Smart Automation
Application Program Interface
(API’s)
Block Chain and Distributed
Ledger
Account and Identity
Verification
Application Program Interface (API)
▪ An API is a technology protocol that allows for
disparate software programs to communicate with
one another
▪ API’s make a request and receive a response …
versus webhook
▪ Will API’s replace current batch-based processes?
▪ Where API’s best fit
− When an improved, cohesive experience for the
complementary systems are needed
− When looking to control the online user experience
in systems and apps
− To transmit data in real-time rather than wait for
batch processing to occur
▪ Bank approach
− Utilize API’s to more seamlessly connect internal
system operations
− Create discrete capabilities to collect, pay and
receive information
− Enable development and integration with third
party solutions
What is It? Why Should I Care?
Google Maps API that lets developers
easily embed Google Maps on web pages
:
Application Program Interface (API)Banking View
Aite Group: Corporate Banking API Strategies (2018)
0 20 40 60 80 100
Supply Chain Finance
Trade Finance
Comml Lending
Treasury Mgt
Retail
% of Respondents
Which Product Management Areas of Your Bank are Involved in API
Projects?
0 20 40 60 80 100
Support Open BankingPlatform That AllowsDevelopers AccessVia Published APIs
Use Internally toConnect Systems
% of Respondents
What is the Status of Your Bank’s Initiatives Regarding API?
> 2 Years Within Last Year Planning In Next 2 Years
Application Program Interface (API)Examples
Information Reporting into Quick Books
Mobile Check Deposit
Invoice Automation into NetSuite
Transit Routing Number Verification
Smart Automation
DOING THINKING
Artificial Intelligence
Machine Learning
Robotic Process
Automation
Robotic Desktop
Automation
AU
TO
MA
TIO
N …
CO
MP
LE
XIT
Y
PROCESS DRIVEN DATA DRIVEN
Smart AutomationStill Early, But Inevitable?
Outsourcing relationships have
largely failed to deliver on
technology and information-related
value drivers, especially for top
performers
Hackett Group: 2016 Business Process and
IT Outsourcing study, 2016
BPO Limited to Labor
Arbitrage?Humans are … Human
Typical failure rates in businesses
using common work practices
range from 10 to 30 errors per
hundred opportunities
Lifetime Reliability Solutions: Understanding
the Hidden Truths in Human Error Rate
Tables, 2019
Potential Impact of Digital
Labor
RPA technology costs one third of
the amount of an offshore
employee, and one fifth of a
domestic employeeGartner Inc.: Revolutionizing via Robotics,
2018
62% of respondents from larger
enterprises are already investing or
are planning to invest in digital
labor (which includes artificial
intelligence, automation, and robotics)
Harvey Nash/KPMG: CIO Survey (2017)
Planned InvestmentWhere Are We Now – RPA
Adoption
0% 25% 50% 75% 100%
Within 2 Years
Current
Broad Limited
Hackett Group: Key Issues Study (2019)
Where Are We Now – AI and
Cognitive Computing Adoption
0% 25% 50% 75% 100%
Within 2 Years
Current
Broad Limited
Hackett Group: Key Issues Study (2019)
Smart AutomationIn Practice
Data Capture
Extract key data fields for
cash application and
invoice automation
solutions
Client Onboarding
RPA used to support
onboarding of new card
service clients
Cash Forecasting
Provide on-demand
analysis of cash flow
forecasting and
recommend tactics and
solutions to further optimize
cash flow
Denied Claims
Analyzing healthcare
claims to identify likely
denials prior to
submission
Faster Payments Emerging Payment Channels
Real Time Payments
▪ Developed and hosted by The Clearing House
▪ Consistent with design principles of Federal
Reserve Faster Payments initiative
▪ First truly new US payment channel in 40 years
▪ Focus on payer controlled credit push –
complemented with integration of Request for
Payment messaging
▪ Key Attributes
− Network availability – 24/7/365
− Speed - < 15 seconds
− Irrevocable
− Transparent
− Collaborative
Payments Through P2P Network
▪ Enables expedited, electronic payment without
associated banking information – payee email
address is the token used to execute notification
and payment
▪ Focus on Business to Consumer and Government
to Consumer payments
▪ Expedited payment (minutes) for in network banks,
1-3 days for out of network banks
▪ Network Reach
− 148 network banks – representing 60% of
consumer accounts
− >27M users (vs. 22M for Venmo)
▪ Options for prepaid card and check issuance for
recipients who decline to participate
ERP providers incorporating RTP capabilities
Transaction limit increases
Alignment and likely asset sharing between Zelle and TCH
Building integration foundation through a library of API’s
Leading banks expanding capabilities to transact
Faster PaymentsRTP Key Developments
Faster PaymentsRTP Path to Ubiquity
Where are we now?
Perspective
from the past
Defining
effective
ubiquity
Key next steps
Announcement
from Fed
Faster PaymentsEarly Use Case Examples for Faster Payments
18
Same Day ACH ePayments Real-Time Payments
▪ Emergency Payroll
▪ Selected B2B payments
▪ Emergency Payroll -extended processing window, value of confirmation
▪ Termination Pay
▪ Drawdown of foundation funds from designated investment accounts for program distribution
▪ Donation Enablement –integration with online organization experience
▪ Health study participation payments
▪ Intelligent Routing
▪ Property and casualty claims payments
▪ Refunds
▪ Other program disbursements …
Electronic alternative when banking information is not
available
Block Chain and Distributed LedgerTransforming Traditional Systems
Traditional Systems:
▪ Transactions are recorded in multiple
ledgers. At best, each one captures a
moment in time and reflects the information
held by a single party.
▪ No record of what happens next, what came
before, or the role of others – partners,
suppliers, consumers – in the transaction.
▪ Prone to human error and vulnerable to
tampering.
Blockchain Solutions:
▪ Distributed ledgers can be shared and
updated in near real-time across a group
of participants.
▪ Every transaction becomes part of the
permanent record and can be scrutinized
by those that have permission.
▪ Relevant information can be shared with
others based on their roles and access
privileges.
Block Chain and Distributed LedgerTransforming Traditional Systems
Distributed Network
Leverages a distributed network of computers sharing and “hosting” the exact history of activity, transaction data
Security/Privacy
Enhances security and privacy through encryption
Single Source of Truth
Provides a single, consistent and shared view of the state of a business process
Immutable Record
No one unilaterally has the power to edit transactions
Provenance
Establishes provenance, or a record of an entire transaction, workflow
‘Smart’ Contracts
Automates transaction execution and integrate workflows
Separation of crypto-currency from the transformational potential of
underlying distributed ledger technology
Block Chain and Distributed LedgerSmart Contracts Unlock the Full Power of Block Chain
A Smart Contract is a computerized
transaction protocol that executes and
enforces the terms of an agreement.
Like traditional contracts, Smart Contracts
define the operating rules and penalties
between parties around an agreement.
Unlike traditional contracts, Smart
Contracts also automatically enforce
those obligations.
What are Smart
Contracts?What is their role?
Process, workflow and transactions automation.
Allow parties to interact directly, eliminating the
need for a “middle man” or additional
communication to validate that activities are being
carried out according to defined terms.
What is their value
proposition?
Block Chain and Distributed LedgerPNC Perspective
Investments
PNC invested in distributed ledger
software startup in December 2016
PNC joined financial services
consortium focused on developing
blockchain solutions
Connected to Block Chain Based Network
Operationalizing cross-border
payment solution – first US Bank
to connect to RippleNet payment
network via xCurrent technology
Healthcare Concepts in Development
Healthcare claims straight-
through processing
Bundled payment program
administration
Is There A Potential Use Case?
Need for multiple parties to interact?
Value in data sharing?
Reliance on manual processes /
reconciliation?
Can parties agree to common /shared
operating rules?
Account and Identify VerificationImportance of Really Knowing Customers, Vendors, Employees
72% of respondents listed cyber and information security as a high risk (Hackett Key Issues Study 2019)
Cybercriminals utilize social engineering techniques to obtain employee credentials to conduct payroll diversion (FBI 2018)
Account takeover grew significantly last year - $5.1B in losses last year (Javelin Strategy and Research: Identify Fraud Study 2018)
77% of organizations experienced Business Email Compromise (AFP Payments Fraud and Control Survey 2018)
Account and Identify VerificationReal Time Access Via API or Web Interface
National Shared Directory (NSD)
Verify Account Number and
Transit & Routing Number
Authenticate Account
Owner
Validate Digital DNA of
Consumer or Business
Telecommunication Consortiums and
Mobile Network Operators
Large Billers, Utility Companies,
Financial Institutions and Bank
Consortiums
Law Enforcement Records, Vehicle
Registration, OFAC Federal Watch
Lists
Credit Bureaus, Bankruptcy and
Deceased Records
Account and Identify Verification
▪ Persistent ACH return activity
− Organization specific or common industry issue
▪ Process for onboarding donors / suppliers / students / others
− How do you verify who you are working with?
− How are you validating the information captured, including
payment information?
▪ Process for managing trigger events:
− How do you validate changes to names, address, email, phone,
bank account information?
− How do you confirm identify, account information prior to
disbursements?
▪ Priorities around ensuring regulatory compliance
Where Will This Fit Best?
Standard Disclosure
PNC, PNC Bank, ACHIEVEMENT, PINACLE, Working Cash, ActivePay, Global Trade Excellence, Vested Interest, Midland Loan Services, Enterprise!, CMBS Investor Insight, Portfolio Investor Insight, Borrower Insight, Shared Servicing, PNC Riverarch Capital, and PNC Erieview Capital are registered marks of The PNC Financial Services Group, Inc. (“PNC”). PNC Retirement Solutions is a service mark of PNC.
Bank deposit, treasury management and lending products and services, and investment and wealth management and fiduciary services, are provided by PNC Bank, National Association (“PNC Bank”), a wholly-owned subsidiary of PNC and Member FDIC. Certain fiduciary and agency services are provided by PNC Delaware Trust Company. Foreign exchange and derivative products (including commodity derivatives) are obligations of PNC Bank. Equipment financing and leasing products are provided by PNC Equipment Finance, LLC, a wholly-owned subsidiary of PNC Bank. Energy financing is provided by PNC Energy Capital LLC, a wholly-owned subsidiary of PNC Equipment Finance, LLC. Aircraft financing is provided by PNC Aviation Finance, a division of PNC Equipment Finance, LLC. Asset–based lending is provided by PNC Business Credit, a division of PNC Bank and PNC Financial Services UK Ltd. (an indirect wholly-owned subsidiary of PNC Bank) in the United Kingdom. Specialty finance products are provided by Steel City Capital Funding, a division of PNC Bank. Merchant services are provided by PNC Merchant Services Company. Direct equity investing and mezzanine financing are conducted by PNC Capital Finance, LLC through its PNC Riverarch Capital, PNC Mezzanine Capital and PNC ErieviewCapital divisions. Investment banking and capital markets activities are conducted by PNC through its subsidiaries PNC Bank, PNC Capital Markets LLC, Harris Williams LLC, Harris Williams & Co Ltd. and Solebury Capital LLC. Services such as public finance investment banking services, securities underwriting, and securities sales and trading are provided by PNC Capital Markets LLC. Merger and acquisition advisory and related services are provided by Harris Williams LLC and Harris Williams & Co. Ltd. Equity capital markets advisory and related services are provided by Solebury Capital LLC. PNC Capital Markets LLC, Harris Williams LLC and Solebury Capital LLC are registered broker-dealers and members of FINRA and SIPC, and Harris Williams & Co. Ltd is authorized and regulated by Financial Services Authority (FRN No. 540892). Harris Williams & Co is the trade name under which Harris Williams LLC and Harris Williams & Co. Ltd. conduct business. Retail brokerage services and managed account advisory services are offered by PNC Investments LLC, a registered broker-dealer and a registered investment adviser and member of FINRA and SIPC. Annuities and other insurance products are offered through PNC Insurance Services, LLC. PNC Bank is not registered as a municipal advisor under the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Act”). Investment management and related products and services provided to a “municipal entity” or “obligated person” regarding “proceeds of municipal securities” (as such terms are defined in the Act) will be provided by PNC Capital Advisors, LLC, a wholly-owned subsidiary of PNC Bank. PNC Bank and certain of its affiliates including PNC TC, LLC, an SEC registered investment advisor wholly-owned by PNC Bank, do business as PNC Real Estate. PNC Real Estate provides commercial real estate financing and related services. Through its Tax Credit Capital segment, PNC Real Estate provides lending services, equity investments and equity investment services relating to low income housing tax credit (“LIHTC”) and preservation investments. PNC TC, LLC provides investment advisory services to funds sponsored by PNC Real Estate for LIHTC and preservation investments. Registration with the SEC does not imply a certain level of skill or training. This material does not constitute an offer to sell or a solicitation of an offer to buy any investment product. Risks of each fund are described in the funds’ private placement memorandum or other offering documents.
Important Investor Information: Securities and insurance products are:Not FDIC Insured • Not Bank Guaranteed • Not A DepositNot Insured By Any Federal Government Agency • May Lose Value
In Canada, PNC Bank Canada Branch, the Canadian branch of PNC Bank, provides bank deposit, treasury management, lending (including asset-based lending through its Business Credit division) and leasing and lending products and services (through its Equipment Finance division). Deposits with PNC Bank Canada Branch are not insured by the Canada Deposit Insurance Corporation. Deposits with PNC Bank Canada Branch are not insured by the Federal Deposit Insurance Corporation, nor are they guaranteed by the United States Government or any agency thereof. In the event of the failure of PNC Bank, deposits with PNC Bank Canada Branch would be treated as unsecured general liabilities, and creditors would be considered general creditors of PNC Bank.
Lending and leasing products and services, as well as certain other banking products and services, require credit approval.
PNC does not provide legal, tax or accounting advice unless, with respect to tax advice, PNC Bank has entered into a written tax services agreement. PNC does not provide investment advice to PNC Retirement Solutions and Vested Interest plan sponsors or participants.
©2017 The PNC Financial Services Group, Inc. All rights reserved.
2019 BDO Nonprofit Summit
Navigating Privacy and Risk Management
Issues of Evolving TechnologyAndras Kosaras, Counsel, Arnold & Porter
Nancy Perkins, Counsel, Arnold & Porter
Derrick King, Senior Manager, Governance and Risk Compliance, BDO
Taryn Crane, Manager, Governance and Risk Compliance, BDO
© Arnold & Porter Kaye Scholer LLP 2019 All Rights Reserved
arnoldporter.com
© Arnold & Porter Kaye Scholer LLP 2019 All Rights Reserved
arnoldporter.comPrivileged and Confidential
Navigating Privacy and Risk Management for Nonprofits
Nancy Perkins, Arnold & Porter
Andras Kosaras, Arnold & Porter
Derrick King, BDO
Taryn Crane, BDO
May 16, 2019
arnoldporter.comarnoldporter.comPrivileged and Confidential
Agenda
• Why are privacy laws changing
• Federal and state laws and issues related to privacy
• Key themes in privacy legislation
• Responding to breach
• Developing and implementing a privacy compliance plan
arnoldporter.comarnoldporter.comPrivileged and Confidential
Why Privacy Laws are Changing
73%...
…of consumers say a company’s ability to keep their data private is extremely
important.
…of consumers say businesses focus on profits over protecting consumers’
privacy rights.
At least 15 large retailers have experienced loss of personal data since January 2017.
78%...
Source: Harris Poll for IBM, online survey of 2,039 U.S. adults March 27-29
The impact of the consumers’ voice
arnoldporter.comarnoldporter.comPrivileged and Confidential
Data Protection & Privacy Business Drivers
Why privacy is such a hot topic
arnoldporter.comarnoldporter.comPrivileged and Confidential
Privacy Issues at the Federal Level
Congressional
Hearings
Response to GDPR LegislationData Scandals
Among Major Tech
Companies
arnoldporter.comarnoldporter.comPrivileged and Confidential
Privacy Legislation at the State Level
California
California Consumer
Privacy Act will take effect
in January 2020.
New Jersey
Retail privacy law took
effect in October 2017.
Vermont
Data broker regulation
went into effect in
January 2019.
Colorado
Data protection law took
effect in September 2018.
States that are currently considering or have
recently considered privacy legislation
States that have recently passed privacy
legislation
arnoldporter.comarnoldporter.comPrivileged and Confidential
Laws & Regulations Driving Data Protection & Privacy
Imposes new rules on organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents, no matter where they are located. This law went into effect on May 25, 2018.
Enhanced personal privacy rights
Increased duty for protecting data
Mandatory breach reporting
Significant penalties for non-compliance
General Data Protection Regulation
(GDPR)
California Consumer Privacy Act
(CCPA)
Administered through an active regulator (CA AG), it protects California residents by giving them rights similar to the GDPR, but in some cases is more rigid. This act is set to go into effect on January 1, 2020.
Enhanced personal privacy rights
Increased duty to inform and provide notice
Broader definition of PI
Enforcement by both CA AG and private plaintiffs through class actions
China Cyber-Security
China has a current Cybersecurity law that applies to cross-border transfer that applies to “Critical Information Infrastructure (CII)”. Regulators have also drafted requirements that will apply to “Network Operators” which may be finalized by year end of 2018.
Localized storage of PI and important data
Enhanced security assessments before cross-border transfer
arnoldporter.comarnoldporter.comPrivileged and Confidential
Themes in Privacy Legislation
Additional Rulemaking Authority for the Federal Trade Commission
Federal Preemption of State Laws
Opt-in vs. Opt-out Requirements for Data Access, Use, or Sharing
Data Security Requirements
Data Breach Notification Requirements
Requirements for Notifying Consumers about Privacy Policies
arnoldporter.comarnoldporter.comPrivileged and Confidential
California Consumer Privacy Act
The right to request that a business delete personal information that it has collected about a consumer
The right to request and receive information about, and specific pieces of, personal information that has been collected or sold or disclosed to third parties by a business
The right to opt out of the sale of a consumer's personal information
The right not to be discriminated against due to the exercise of any right established by the CCPA
Although not applicable to nonprofits in its current form (to be effective Jan. 2020), the CCPA may serve as a template for future privacy regulation that may apply to nonprofits. In addition, organizations that nonprofits partner with may revise their data sharing policies as a result of the CCPA that applies to them.
arnoldporter.comarnoldporter.comPrivileged and Confidential
FTC and Other Federal Agencies
• Federal Trade Commissiono Uses its general unfair and deceptive acts and practices (UDAP) authority
(FTC Act § 5) to regulate privacy and data security in the IoT space
o Protect consumers from harm and practices that frustrate meaningful, informed choices about IoT data privacy and security
‒ False or misleading statements about how data is collected, used, or stored
‒ Practices that cause substantial harm without countervailing benefits to competition or that consumers cannot reasonably avoid – failing to provide reasonable security; using data in ways that consumers would not expect
o Without unnecessarily hindering innovation, eliminating competitors, or entrenching incumbents
arnoldporter.comarnoldporter.comPrivileged and Confidential
FTC and Other Federal Agencies
• Federal Trade Commission (cont’d)o Enforcement actions
‒ alleged deceptive statements about security of devices and lack of reasonable security features
‒ alleged failure to get consent for tracking personalized viewing data and deceptively described interactivity and tracking functions
▪ Outcome: required to prominently disclose tracking practices, and obtain express consent to track and share viewing data
‒ alleged deceptive statements about encryption of data and inadequate security measures
▪ Outcome: required to implement data security program with biennial audits for 20 years
arnoldporter.comarnoldporter.comPrivileged and Confidential
FTC and Other Federal Agencies
• Federal Trade Commission (cont’d)o Hearings on Competition and Consumer Protection in the 21st Century
‒ Privacy themes
▪ Big data
▪ Cognizable privacy/informational injuries
▪ Notice and choice
o Potential Enforcement Changes
‒ More specific data security orders
‒ Calls to hold more individuals liable
‒ May start to bring enforcement actions more quickly
‒ FTC supports national legislation giving it specific privacy and data security enforcement authority
arnoldporter.comarnoldporter.comPrivileged and Confidential
FTC and Other Federal Agencies
• Federal Communications Commission (FCC)o FCC has authority to enforce basic privacy protections granted by the Communications Act
• National Institute of Standards and Technology (NIST)o Non-regulatory agency within the Commerce Department
o Currently developing a voluntary privacy framework with input from various private and public stakeholders
o Tool to provide a catalog of privacy outcomes and approaches to help organizations of all kinds prioritize strategies for managing the particular privacy risks they face, rather than prescribing one-size-fits-all requirements
• National Telecommunications and Information Administration (NTIA)o Commerce Department agency responsible for advising the President on telecommunications and
information policy issues
o NTIA completed a request for comment on a “Flexible Risk-Based Approach to Consumer Privacy” in the fall of 2018
‒ RFC aimed at how the Administration should “advance consumer privacy while protecting prosperity and innovation” with a flexible, risk-based approach
‒ Broad consensus on the need for federal privacy legislation, the FTC as lead enforcement agency and some alignment with international standards
‒ Disagreements in comments centered on the regulatory approach (risk-based flexibility v. prescriptive requirements), preemption of state privacy laws, and powers to be given the FTC and state AGs
arnoldporter.comarnoldporter.comPrivileged and Confidential
HIPAA: Scope of HIPAA Privacy and Security Rules
• The HIPAA rules regulate uses and disclosures of:o “Protected health information” (PHI), which is:
‒ individually identifiable health information; and
‒ created, received or maintained by a HIPAA-covered entity or an employer
• Entities subject to the HIPAA rules are:o “Covered entities”:
‒ Health care providers that conduct “standard” reimbursement-related transactions electronically;
‒ Health plans (HMOs, PPOs, health insurers);
‒ Health care clearinghouses (companies that convert health data into standard formats); and
o “Business associates”:
‒ Persons/entities that process PHI for or on behalf of a covered entity or other business associate
arnoldporter.comarnoldporter.comPrivileged and Confidential
HIPAA: Who Is Using a Mobile Health App?
More than four in ten smartphone or tablet owners possessed a health or wellness app.
ONC Data Brief, No. 40, April 2018
arnoldporter.comarnoldporter.comPrivileged and Confidential
HIPAA: Mobile Health Technologies
• Mobile health technologies are subject to HIPAA privacy, security, and data security breach notification rules if a HIPAA-covered entity or business associate:o Uses the technology;
o Offers the technology for use by an individual for purposes of the covered entity/business associate’s relationship with the individual.
• Developers of such technologies become HIPAA business associates in these circumstances.
arnoldporter.comarnoldporter.comPrivileged and Confidential
HIPAA: Mobile Health Technologies
Examples
• Consumer downloads a diabetes health app to her smartphone and inputs blood glucose levels and blood pressure readings she obtained herself using home health equipment.
• As directed by her provider, patient downloads a health app to her smart phone. Provider has contracted with app developer for patient management services, including electronic health record (EHR) integration and application interfaces, and the information the patient inputs is automatically incorporated into the provider’s EHR.
• Consumer downloads a health app to her smartphone that is designed to help her manage a chronic condition. She downloads data from her doctor’s EHR through a patient portal onto her computer and then uploads it into the app. She also adds her own information to the app.
arnoldporter.comarnoldporter.comPrivileged and Confidential
GDPR Article 33: Notification of a personal data breach
The controller shall without undue delay and, where feasible, not later than 72 hours* after having become aware of it, notify the personal data breach to the supervisory authority. Failure to comply could result in fines of 2% of global revenues or €10 million.
INVESTIGATE
• Nature of breach
• Categories & number of data
subjects
• Categories and records
affected
NOTIFY
• Regulators & impacted Data Subjects
• Describe likely consequences
• Describe containment plan
• Provide DPO or other contact point for
more info
DOCUMENT
• Nature of breach – who, what, when, where,
and how
• Organizational and technical measures in place
at the time
• Risks to individual rights and freedoms of
natural persons
• Remediation/mitigation plan
• Forensic report
* Where such notification cannot be achieved within 72 hours, the reasons for the delay should accompany the notification
arnoldporter.comarnoldporter.comPrivileged and Confidential
OPERATIONS
PRINCIPLES
OBLIGATIONS
INDIVIDUAL RIGHTS
Policies, procedures, IT,
security, third parties, products
Personal data locations, notice,
consent, data transfers
Fair, lawful, data minimization,
accuracy, storage limitations
Access, restriction, erasure,
transparency, objections,
portability, cookies
1. Adopt a Principles based privacy program that is resilient to change; 2. Assign privacy ownership and accountability;3. Know your data and operational risks;4. Assess, design, build, and monitor your technical, administrative, and
organizational controls; and5. Sustain by adopting a privacy by design and default mindset.
GDPR, CCPA, and Other Coming Privacy Regulations
How to comply
arnoldporter.comarnoldporter.comPrivileged and Confidential
Step-By-Step Privacy Compliance Approach
Assess
Identify personal data sources, map sources, evaluate governance structure & operating models, assess risk, conduct third party risk assessments and assess data sharing relationships
1
Design
Update policies, procedures, utilize PbD operating model to develop security & data sharing practices, categorize personal information, and map solutions to address consumer requests
2
ImplementEstablish controls to prevent, detect, and respond to consumer requests, vulnerabilities and incidents3
Monitor & Govern
Keep required documentation, manage data requests
and breach notifications, automate consumer requests,
and perform regular governance
4
arnoldporter.comarnoldporter.comPrivileged and Confidential
Nonprofit Sector’s Privacy Activities
• Donor information
• Changing technologies in fundraisingo AR, VR, collecting information about donors
o Partnering with third-parties that may desire to collect certain specific information about donors
• List trading
arnoldporter.comarnoldporter.comPrivileged and Confidential
Questions & Discussion
arnoldporter.comarnoldporter.comPrivileged and Confidential
Speakers
Nancy Perkins, Counsel, Washington, DC
nancy.perkins@arnoldporter.com, +1 202.942.5065
Andras Kosaras, Counsel, Washington, DC
andras.kosaras@arnoldporter.com, +1 202.942.5271
Derrick King, Senior Manager, Data & Information Governance, McLean, VA
dking@bdo.com, +1 703.245.8659
Taryn Crane, Manager, Data & Information Governance, McLean, VA
tcrane@bdo.com, +1 703.770.4441
2019 BDO Nonprofit Summit
Nonprofit Voices – A Discussion Amongst Your
PeersMaria Georges, Senior Vice President and Managing Director, PNC
Christian Curtin, Controller, NPR
Alex Galeano, CFO, ASIS International
2019 BDO Nonprofit Summit
Lunch Break
2019 BDO Nonprofit Summit
Leading During a Time of Change
Seth Verry, VP Go Team, Indiggo
Return on Leadership®
Leadershipin a Time of Rapid Change
Seth Verry
Indiggo
Return on Leadership®
Focused Leadershipin a Time of Rapid Change
Seth Verry
Indiggo
Return on Leadership®
Return on Leadership®
in a Time of Rapid Change
Seth Verry
Indiggo
The Assault on the Modern Leader
Achieving Return on Leadership®
ROL Practices
• Treat Capacity Like Capital
• Extreme Focus on Priorities
• Put the Rocks in the Jar First
The Rise of Virtual Collaboration (Inundated)
Source: Bain & Co.
The Rise of Network-Based Work (Interconnected)
Source: CEB
System Overload
Messaging Overload
“Over” Collaboration
Meeting Overload
Information Overload
30,000communications
per leader per year
(1,000 in 1970s)
60% of employees now coordinate with 10+ individuals on a day-to-day
basis
Managers spend 25% of time in meetings that shouldn’t even
happen
76% employees spending more
time finding and reviewing data
and information
It’s Amazing We Get
Anything Done at All!
Assault on the Modern Leader
Pulled in too many directions64% cite conflicting priorities
Overwhelmed, drowning in work2/3 say not enough time
Constantly interrupted, shifting gearsEvery 3 min 5 seconds on average
No time for thinking or reflectionJust 5% of the average workday
Feeling that time allocation is sub-optimalJust 8% say “very satisfied”
this is not sustainable
DEMANDSCOMPLEXITYUNCERTAINTYOVERWHELM
There’s a Financial Cost, Too
What’s the Cost at Your Organization?
• Take out your smartphone
• Open your browser
• Go to indiggolead.com
• Scroll down to the calculator
(shown)
• Follow the prompts
Live Results This Group Live Results All
Table Discussion
Which of these struggles resonates most with you?
• Keeping up with an avalanche of email
• Find myself in reactive mode too often
• Find myself wasting time in meetings I shouldn’t be a part of
• Seems like important priorities aren’t getting enough attention
• Struggle to get it all done, feel like there’s not enough time
• Look back on some days and wonder where all the time went
Return on Leadership®
RETURN ONLEADERSHIP®
• Accountability
• Focus
• Action On What Matters
• Control
• Reduced Uncertainty
• Increased Confidence
• Peace Of Mind
The Assault on the Modern Leader
Achieving Return on Leadership®
ROL Practices
• Treat Capacity Like Capital
• Extreme Focus on Priorities
• Put the Rocks in the Jar First
We Treat Leadership Capacity as Limitless
We Can’t Execute Without Capacity
Source: CEB “Growth Unlocked: Closing the Strategy-to-Execution Gap” 2015
Impact on Success of Execution
$$$$$$$
Invest your most
expensive and
influential resource as
strategically as you
would invest your
financial capital
$$$$$$$
Treat Capacity Like Capital
With capital, we…
• recognize that it’s finite
• make intentional decisions on how to allocate it
• allocate it to highest ROI opportunities
• put controls in place
• don’t waste it…
Use It or Lose It
Shifting 1 hour a day…
for you personally
=25 more days per yearfor you
for a teamof 10
=250 more days on the most important deliverables
for a 500leader firm
=Adds the equivalent of 50 new managers w/o hiring anyone new
The Assault on the Modern Leader
Achieving Return on Leadership®
ROL Practices
• Treat Capacity Like Capital
• Extreme Focus on Priorities
• Put the Rocks in the Jar First
Extreme Focus on Priorities
“The 80-20 Rule”
Disproportionate Focus on a Few Key Priorities
Board Engagement
Team Building
Staff Coaching
Finance Transformation
Finance Operations
Stakeholder Engagement
Recruiting
Communications
Upward Management
2020 Planning
Bank Relationships
Innovation
Recruiting40%
Communications25%
2020Planning
20%
Other Work15%
JUNE TIME ALLOCATION
Setting Meaningful Priorities
Specific Filters
• Look at the upcoming month or quarter versus the year
• The most vital areas for you to focus now (subset of annual goals)
• As specific and tangible as possible: right level of granularity
• Aligned with departmental / organizational priorities
Key Test
• Do you feel compelled to protect and fight for time for your
priorities?
Priorities and Goals are Different
Goals Priorities
Horizon 12 months 1-2 months
Number 10-15 3
ScopeBroad outcomes or output of your work
Specific activities or focus areas needing your personal
limited capacity
• Your priorities help you realize your goals
• Priorities reflect the more narrow areas
that need your dedicated capacity and
mindshare right now
• We feel a meaningfully different level of
commitment – that’s more emotional –
to our priorities because they deeply
impact our life in the near term
Powerful Filters for “Yes” or “No”
follow-up actions
reading emails
internal meetings
impromptu huddles
admin tasks
planning
writing emails
client meetings
self-improvement
conference calls
strategic thinking
management by walking
around
Priority #1
Priority #2
Priority #3
“No Way!”
“Hell Yeah!”
Priority Filter
From all the $#!^ competing for your attention… …to clear choices
Mastering the “Productive No”
ProductiveNo
Not now
Not me
Never
(Delay)
(Delegate)
(Delete)
The Assault on the Modern Leader
Achieving Return on Leadership®
ROL Practices
• Treat Capacity Like Capital
• Extreme Focus on Priorities
• Put the Rocks in the Jar First
Seen this on YouTube?
1
2
3
Consistent, dedicated capacity to the few areas of activity that create the most value
Put the Rocks in the Jar First
Protecting capacity for the important
things first
Failure Success
Here’s the problem
If it’s not in the calendar, it may never happen
Recruiting
Communications
2020 Planning
June Priorities
“how much focus time will I need, and when?”
~ an hour / day
~ 2-3 hours / week
~ 20-30% of my time this month
June Calendar
Blocking Focus Time
Blocking Focus Time
Developing My Team
Developing My TeamDeveloping My Team
Developing My Team
Developing My Team
Tips on Focus Time
1. Start small: 20% of your time at most
2. Work in 1- to 3-hour time blocks
10% of a working month (200 hours) =
ten 2-hour blocks
3. Make this part of your existing daily/weekly/monthly planning
4. If you have to schedule over a block: don’t delete it, move it
5. Start your day with Focus Time
The start of a good day
• Build focus time in the morning
• Save as much of email and other
necessary evils for the afternoon
• Check for urgent messages
• Build in time for breaks
• Minimize distractions (DND mode)
• Let your colleagues know
The Assault on the Modern Leader
Achieving Return on Leadership®
ROL Practices
• Treat Capacity Like Capital
• Extreme Focus on Priorities
• Put the Rocks in the Jar First
Indiggo – The Leadership Platform
2019 BDO Nonprofit Summit
Accounting and Tax Update
Lee Klumpp, National Assurance Partner, Nonprofit & Education, BDO
Marc Berger, National Director, Nonprofit Tax Services, BDO
Amy Duffin, Assurance Director, Nonprofit & Education Practice, BDO
BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK
company limited by guarantee, and forms part of the international BDO network of independent member firms.
BDO 2019
NONPROFIT
ACCOUNTING
UPDATE
2019 BDO Nonprofit Summit
LEE KLUMPPNational Assurance Partner,
Nonprofit & Education, BDO
703-336-1497
lklumpp@bdo.com
MARC BERGERNational Director, Nonprofit Tax
Services, BDO
703-336-1420
mberger@bdo.com
AMY DUFFINAssurance Director
703-770-1059
aduffin@bdo.com
With You Today
2019 BDO Nonprofit Summit
Agenda
Accounting Update
Presentation of Financial Statements of Not-for-Profit Entities, ASU 2016-14
Revenue Recognition from Contracts with a Customer, ASU 2014-09
Clarifying the Scope and Accounting Guidance for Contributions Received and
Contributions Made, ASU 2018-08
Updating the Definition of Collections, ASU 2019-03
FASB Projects: Exposure Draft
• Not-for-Profit Entities (Topic 958): Intangibles - Goodwill and Other and Business
Combinations
2019 BDO Nonprofit Summit
Presentation of Financial Statements of NFP
Entities (ASU 2016-14)
2019 BDO Nonprofit Summit
Key Provisions of ASU 2016-14
Net Asset Classification
Updated net asset classification scheme to two classes, changes
to underwater endowment accounting, enhanced disclosures
Liquidity & Availability
Quantitative & qualitative disclosures about liquidity and
availability of resources Expenses
Requirement to report expenses by function (already required), nature, and an analysis showing
the relationship between function and nature
Statement of Cash Flows
Continue to allow direct or indirect method for operating cash
flows; indirect reconciliation no longer required for direct method
Investment Return
Present investment return net of external and direct internal
investment expenses, no longer required to disclose netted
expenses
Effective Date: Fiscal years beginning after 12/15/2017
2019 BDO Nonprofit Summit
Implementation Issues
2019 BDO Nonprofit Summit
ASU 2016-14 – Implementation Issues
Nonprofits will have to determine if any contributions of long-lived assets need to be
reclassified from net assets with donor restrictions to net assets without donor
restrictions upon adoption of the ASU. Policies may also have to be updated to reflect
change in reporting of contributed long-lived assets.
Nonprofits will now have to include disclosures that will reflect how much of their assets
are in reserve and not available for use. If these analyses were not done in the past,
some results may be surprising. Nonprofits may want to look at establishing an operating
reserve as part of its process of managing liquidity.
Nonprofits should review their allocation methodologies to determine if there are any
changes that are necessary to comply with the ASU, especially in adhering to the
definition of direct conduct and supervision. Nonprofits will also have to develop wording
for its allocation methodology disclosures.
To comply with the ASU, nonprofits needs to fully understand the definitions of internal
investment expenses to ensure these costs are being appropriately and accurately
captured and reported.
2019 BDO Nonprofit Summit
Revenue From Contracts with a Customer
(ASU 2014-09)
2019 BDO Nonprofit Summit
Revenue Recognition (Topic 606)
Objective: To develop a single, principle-based revenue standard for U.S. GAAP and IFRS
The revenue standard aims to improve accounting for contracts with customers by:
• Providing a robust framework for addressing revenue issues as they arise
• Increasing comparability across industries and capital markets
• Requiring better disclosure
Substantially converged with IFRS on major provisions
2019 BDO Nonprofit Summit
Scope
All contracts with customers, except
• Lease contracts
• Insurance contracts
• Financial instruments
• Guarantees
• Non-monetary exchanges in the same line of business to facilitate sales to customers
Contracts not with customers are excluded:
• Contributions
• Collaborative arrangements
2019 BDO Nonprofit Summit
Final U.S. GAAP Model – Recognition
Core Principle:
Steps to apply the core principle:
Recognize revenue to depict the transfer of promised goods or services to customers in
an amount that reflects the consideration to which the entity expects to be entitled in
exchange for those goods or services
1. Identify
the contract(s)
with the
customer
2. Identify the
performance
obligations
3. Determine
the transaction
price
5. Recognize
revenue when
(or as) a
performance
obligation is
satisfied
4. Allocate
the transaction
price
2019 BDO Nonprofit Summit
Revenue Recognition – Transition
Transition
method
PY2
(2016)
PY1
(2017)
CY
(2018)CY Footnotes
Retrospective
(with optional
practical
expedients) Cum
ula
tive
catc
h-u
p
Contracts under new standard
Cumulative effect
at date of
application
Contracts under
legacy standard
Cum
ula
tive
catc
h-u
p Existing and
new contracts
under new
standard
Existing and new
contracts under
legacy standard
for CY (2018)
Transition dates for non-public entities are extended one year later than the dates above
2019 BDO Nonprofit Summit
Revenue Recognition – Transition Practical
Expedients
No restatement required for contracts that begin and are completed within the same
annual reporting period
Completed contracts that have variable consideration:
• Use transaction price at completion
• No estimation required
No restatement required for contract modifications that occur before the beginning of the
earliest period presented
Modified retrospective approach may be applied to all contracts or completed contracts
only
Significant judgment needed
2019 BDO Nonprofit Summit
Implementation Issues
2019 BDO Nonprofit Summit
ASU 2014-09 – Implementation Issues
There may be differences between existing practices and the new standard, therefore
current revenue streams of NFP organizations should be evaluated in order to determine
what steps may need to be taken.
There may be changes in the way NFP organizations address contract modifications,
therefore, current practices should be reviewed in order to determine if changes need to
be made.
Revenue may have to be recognized over time or at a point in time based on the new
criteria. Systems, processes and controls at NFP organizations may need to be updated as
a result of the new criteria and any changes in timing of revenue recognition.
Data gaps may need to be identified between what is presently available at the NFP and
what will be needed for the required disclosures in the new standard.
2019 BDO Nonprofit Summit
Revenue Recognition of Grants and Contracts
by NFP Entities
Clarifying the Scope and Accounting Guidance for Contributions
Received and Contributions Made
2019 BDO Nonprofit Summit
Scope
Applies to all entities (NFPs and business entities) that receive or make contributions
unless otherwise indicated.
Excludes transfers of assets from the government to business entities.
Applies to both contributions received by a recipient and contributions made by a resource
provider.
The term used in the presentation of financial statements to label revenue (for example,
contribution, grant, donation) that is accounted for within the Scope of Subtopic 958-605
is not a factor for determining whether an agreement is within the scope of that guidance.
2019 BDO Nonprofit Summit
Grants and Contracts to NFPs – Background
Long-standing diversity in practice in classifying grants and contracts, particularly from governmental entities
Issue 1: Reciprocal Versus Nonreciprocal Issue 2: Conditional Versus Unconditional
ASU 2014-09, Revenue from Contracts with Customers, including related disclosures, heightened the issue
Raised question as to whether grants and contracts are in scope of that guidance (reciprocal or nonreciprocal)
Project added to FASB’s Technical Agenda to improve and clarify existing guidance
2019 BDO Nonprofit Summit
Issue 1: Reciprocal (Exchange) vs. Nonreciprocal
(Nonexchange/Contribution) TransactionsWho Receives the Benefit?
1
1
3
General PublicDirect Commensurate
Value to Resource Provider
Specified Third Parties
EXCHANGE
Direct Commensurate Value to Resource
Provider General Public
EXCHANGE NONEXCHANGE
Specified Third Parties
Government/Resource
Provider is a 3rd Party
Payer on Behalf of an
Identified Customer*
Follow Topic 606 (or other, such as Leases)
Current Practice
Clarification
Follow Topic 958-605
*The revenue recognized would actually be the underlying contract’s patient service revenue, tuition revenue, etc.
**A focus on whether or not there is a “performance obligation” could even ultimately include some contracts
where the general public is the primary beneficiary.
Continue to monitor
GASB and IPSASB
projects in this
area**
2019 BDO Nonprofit Summit
Indicators to Determine a Barrier
The inclusion of a measurable performance-related barrier or other measurable barrier.
Whether a stipulation is related to the purpose of the agreement.
The extent to which a stipulation limits discretion by the recipient.
To determine what is a barrier, an NFP would consider indicators, which would include, but are not limited to, the following:
2019 BDO Nonprofit Summit
NFP Revenue Recognition Decision Process
No
Restrictions
present (i.e.
limited
purpose or
timing)?
Reciprocal
transaction. Apply Rev
Rec (ASC 606) or other
guidance.
Unconditional and
restricted
Unconditional and
without restrictions
(unrestricted)
Yes
Transaction in
which each
party directly
receives
commensurate
value?*
Conditions
present (i.e.,
right of
return/release
and barrier)?
Conditional - Recognize revenue
when condition is met
Nonreciprocal transaction. Apply
contribution (non-exchange) guidance.
*Includes third-party payments on behalf of identified customers. These do not create new revenue.
2019 BDO Nonprofit Summit
Effective Date
The effective date is the same as the new Revenue Recognition standard (Topic 606), but allows for early implementation.
Annual periods beginning after June 15, 2018, including interim periods:
• Public Business Entities
• NFP that has issued, or is a conduit bond obligor for, securities that are traded, listed, or quoted on exchange or an over-the-counter market
Annual periods beginning after December 15, 2018, and interim periods beginning after December 15, 2019:
• All other entities
Different Implementation Dates for Resource Providers
2019 BDO Nonprofit Summit
Implementation Issues
2019 BDO Nonprofit Summit
2018-08 – Implementation Issues
Some grants that are considered exchange transactions under current US GAAP will be
accounted for as conditional contributions under this ASU.
Some grants that are considered contributions with no donor-imposed conditions under
current US GAAP will be considered conditional under this ASU.
Some judgment will be required to support accounting conclusions upon determination
between exchange transactions and contributions
Nonprofits will have to review the language in their contracts and agreements in order to
distinguish between exchange transactions and contributions.
2019 BDO Nonprofit Summit
ASU 2019-03
Updating the Definition of Collections
2019 BDO Nonprofit Summit
Topic 958: Updating the Definition of Collections
Purpose: To clarify and improve the accounting guidance for collections and to eliminate
diversity by clarifying the definition of collections.
Who is affected: Accounting for collections is primarily for certain NFP entities that hold
collections. However, this ASU would apply to all entities, including business entities,
that maintain collections.
Provisions: To modify one of the existing conditions in order to not recognize contributions
of works of art. This update would allow the proceeds from sales of collection items to be
used to support the direct care of existing collections in addition to the current
requirement that proceeds from sales of collection items be used to acquire other items
for collections.
Effective Date: The amendments in this Update are effective for annual financial
statements issued for fiscal years beginning after December 15, 2019, and for interim
periods within fiscal years beginning after December 15, 2020. Early application of the
amendments is permitted. The amendments in this Update should be applied on a
prospective basis.
2019 BDO Nonprofit Summit
FASB Projects: Exposure Draft
2019 BDO Nonprofit Summit
Topic 958: Extending the Private Company Accounting
Alternatives on Goodwill and Certain Identifiable
Intangible Assets to Not-for-Profit Entities
Purpose: To improve and simplify the accounting for goodwill and certain identifiable
intangible assets for NFP entities.
Who is affected: The amendments in this proposed Update would apply to all not-for-
profit entities including those that are conduit bond obligors.
Provisions: To allow the alternative for NFPs to amortize goodwill on a straight line basis
and test for impairment upon a triggering event rather than testing goodwill impairment
annually, and to allow impairment testing to be done on an entity-level basis.
Effective Date: This proposed Update would be effective upon issuance for all entities.
The proposed final Update would be applied on a prospective basis, for all existing
goodwill and new goodwill generated in acquisitions by NFP entities after the effective
date.
2019 BDO Nonprofit Summit
Tax Update
2019 BDO Nonprofit Summit
Agenda
Tax reform - UBTI Silos and Notice 2018-67
Tax reform - UBTI from Fringe Benefits and Notice 2018-99
Tax reform - Excise Tax on Executive Compensation and Notice 2019-09
Q&A
2019 BDO Nonprofit Summit
UBTI Silos – IRC Sec. 512(a)(6) and Notice 2018-67
The Act disallows tax-exempt organizations from taking the business losses from one
unrelated trade or business and deducting them from the income of another unrelated
trade or business.
Losses incurred in tax years beginning before January 1, 2018 can be carried forward and
used to offset any UBI up to 80% of current year’s income.
Notice 2018-67 issued on 8/21/2018
• Separate unrelated trades or businesses
• Allocation of expenses
• Investment activities
• Net operating losses
2019 BDO Nonprofit Summit
UBTI increased by Certain Fringe Benefit Expenses-
IRC Sec. 512(a)(7) and Notice 2018-99
UBTI shall be increased by any amount…
i. for which a deduction is not allowed under IRC §274, and
ii. which is paid or incurred for
− any qualified transportation fringe,
− any parking facility used in connection with qualified parking, or
− any on-premises athletic facility.
Effective: Amounts paid or incurred after Dec. 31, 2017
IRS Notice 2018-99 issued 12/10/2018
• Qualified transportation fringe benefits
• Parking
2019 BDO Nonprofit Summit
Excise Tax for Excessive Executive Compensation –
IRC Sec. 4960 and Notice 2019-09
For employer’s tax years beginning after December 31, 2017
“Applicable Tax-Exempt Organization” pays an excise tax of 21% on “remuneration” over
$1 million paid to covered employees.
Tax also applies to excess parachute payments
Notice 2019-09 issued on 12/31/2018
• Who owes the tax?
• Taxable year
• Covered employee
• Remuneration
• Excess parachute payments
• Reporting and paying the tax
2019 BDO Nonprofit Summit
Questions
2019 BDO Nonprofit Summit
Resources
2019 BDO Nonprofit Summit
Resources
Visit BDO’s Institute for Nonprofit Excellence Resource Center here
Visit our FASB Financial Reporting Guidance page here for information on ASU 2016-14
that includes:
• Links to FASB Resources
• Podcasts and videos
• Articles and blog posts
2019 BDO Nonprofit Summit
Resources
BDO’s Publication: How to Read Nonprofit
Financial Statements: A Practical Guide
Link: https://www.bdo.com/resource-
centers/institute-for-nonprofit-
excellence/book-promo
2019 BDO Nonprofit Summit
Impact Re-Envisioned: How Technology is
Helping Nonprofits Achieve Greater ImpactKirstie Tiernan, Managing Director, Data Analytics and Automation, BDO
2019 BDO Nonprofit Summit
IMPACT RE-ENVISIONED:
HOW TECHNOLOGY IS HELPING ACHIEVE GREATER IMPACT.
KIRSTIE TIERNAN, CFE, OCAManaging Director,
Data Analytics & Automation
2019 BDO Nonprofit Summit
With You Today
Kirstie Tiernan,
Managing Director, Data
Analytics & Automation, BDO
2019 BDO Nonprofit Summit
Digital Transformation: Helping Achieve Greater
Impact
Business Intelligence
Automation Artificial Intelligence
Business Intelligence
2019 BDO Nonprofit Summit
Investigation
CFO Start DateCFO Termination
Date
6,000 Vendors Limited by:
• Location of interest
• Vendor spend over $50,000 160
Vendors to Review
2019 BDO Nonprofit Summit
Investigation
CFO Start DateCFO Termination
Date
Limited by:
• Specific user time of
employment
• Round dollar amounts
• 11 Vendors to Review
2019 BDO Nonprofit Summit
Investigation
$350,000 Fraud 2010-2015
2019 BDO Nonprofit Summit
Investigation
2019 BDO Nonprofit Summit
Vendor Geographic Region
Quality Health - $38K St. Pete’s Hospital - $29K
AutoMak Body Repair - $40K Gen Chiropractor - $12K
2019 BDO Nonprofit Summit
2019 BDO Nonprofit Summit
Benford’s Law
The principle that in any large, randomly produced set of natural numbers, around 30
percent will begin with the digit 1, 18 percent with 2, and so on, with the smallest
percentage beginning with 9.
2019 BDO Nonprofit Summit
Benford’s Law
Good
Bad
Payments begin with $40*
($400, $4,000, $40,000)
$500K of payments are
to Heavy Equipment
Training Company
2019 BDO Nonprofit Summit
2019 BDO Nonprofit Summit
University ClientRevenue Testing (tuition/financial aid, meals, housing, etc.)
Choose sample of 15 students and pull documents related to class registration
and payments
Students must use ID badge on campus (food, buildings, parking, etc.)
Students actually attending classes will not be expected to be getting all D’s/F’s
Obtain badge security swipe data
Obtain transcript data
Run analysis to check for students with fewer than 10 swipes
Run analysis to check for students with all Ds/Fs implying that they aren’t
actually attending classes (will expect some false positives for deadbeat
college kids)
2019 BDO Nonprofit Summit
Expenses Analysis
AIRFARE
HOTEL
RENTAL CAR
FUEL
TRIP
MISC
UNKNOWN
AIRPORT
What is Misc for $1,500?
Why are there airfare
expenses with no airport
expenses? Meals?
Why so many gas
reimbursements?
2019 BDO Nonprofit Summit
Base Analytics
Employee
Vendor/employee similar name, address, phone
or tax ID
Payroll trend analysis by function
Duplicate employees
Employees without payroll deductions
Employees with a PO box address
Invoice Invoices created on weekends, holidays, or in off
hours
Round dollar invoices
Keyword analysis on description
Zero amount invoices
System created invoices
Invoices from vendors not in vendor master
Invoices with no description
Vendor One time vendors
Blocked/deleted/do not use vendors
Vendors without an address
Vendors with similar names or addresses
Vendors with non-standard payment terms
Inactive vendors with activity in last year
Keywords analysis of vendor name
Duplicate vendor IDs
Disbursement Payments created on weekends, holidays, or in
off hours
Round dollar payments
Duplicate payments (same amount, payee, date)
Keyword analysis on payment description
Benford’s Law on payment amounts
Payments just below approval limit
Summary of payments by users
Payments to vendors not in vendor master
2019 BDO Nonprofit Summit
Predictive Analytics
Historical data
External data
Statistical algorithms
Machine learning
Beyond forecasting…predicting the future
2019 BDO Nonprofit Summit
Internet of Things
The inter-networking of physical
devices, vehicles, buildings, and
other items embedded with
electronics, software, sensors,
actuators, and network connectivity
which enable these objects to
collect and exchange data.
2019 BDO Nonprofit Summit
Sensors – Subway Doors
DATA POINTS CAPTURED
# of times open/close
Force used to close
Temperature
Humidity
Indoors/Outdoors
Weather
Time of day
DATA USAGE
Replace parts
Schedule technicians
Purchase inventory
Sell data back to manufacturing engineering
team for improvements
2019 BDO Nonprofit Summit
Stretch and Learn
2019 BDO Nonprofit Summit
Discussion
How does/could your nonprofit
utilize predictive analytics to
achieve greater success?
Automation
2019 BDO Nonprofit Summit
Robotic Process Automation
2019 BDO Nonprofit Summit
A Typical Process
Transformation Process
Transformation Process SYSTEM
2019 BDO Nonprofit Summit
Multi-Location Data Extraction Bot
John SmithFinancial Reporting Developer
Each morning I begin by
collecting the franchisees’ sales
data…
Now I can analyze the data and
email to the other departments
Access DB
Original process: 5-10 min/store
New process: Runs overnight = NO TIME
2019 BDO Nonprofit Summit
Address Cleansing Bot
Sales data is obtained from multiple systems/clients/formats
City/State/Zip Code combinations are often incorrect or misspelled
The cleaned file with corrected address combination is exported for
review and processing
Software robot reviews the address combination and updates the
misspelling automatically
Chicago Hieghts, IL 60411should be
Chicago Heights, IL 60411
Original process:
3-5 hours
New process:
5 minutes
2019 BDO Nonprofit Summit
Contract Review
BULK FILE LOCATION
UPLOAD PORTAL
CONVERT ANALYZE REPORT
Original process:
1 hour / contract
New process:
5 min / contract
2019 BDO Nonprofit Summit
Stretch and learn
2019 BDO Nonprofit Summit
Discussion
What are the perceived
challenges for automation
adoption? How could they
be overcome?
Artificial Intelligence
2019 BDO Nonprofit Summit
Artificial Intelligence
Learned to bluff
“It’s not about the money, it’s about preserving
human dignity, and it’s not going well.”
https://www.theverge.com/2017/1/25/14358246/ai-poker-tournament-cmu-libratus-vs-human-losing
2019 BDO Nonprofit Summit
2019 BDO Nonprofit Summit
MindBridge Ai Auditor
Domain Expertise
Business RulesStatistical
Methods
Machine
Learning
Cross
Correlation
Standard TestsAdvanced Tests
Completeness Checks
Benford’s law, Regression, 3 Digit Testing
Humint ScoringOutlier Detection
Reinforced Learning
External Data SourceSanction Lists
Negative Databases
MindBridge‘sAi Auditor
2019 BDO Nonprofit Summit
Artificial Intelligence
2019 BDO Nonprofit Summit
Computer Vision
2019 BDO Nonprofit Summit
Sponsorship Exposure Analysis
2019 BDO Nonprofit Summit
Facial Recognition
2019 BDO Nonprofit Summit
Extended Reality
2019 BDO Nonprofit Summit
Mixed Reality – Inspection/Maintenance
2019 BDO Nonprofit Summit
What’s Next
2019 BDO Nonprofit Summit
2019 BDO Nonprofit Summit
Thank You
2019 BDO Nonprofit Summit
Closing Remarks
Laurie De Armond, National Co-Leader, Nonprofit & Education Practice, BDO
Glenn Groninger, Senior Vice President and Managing Director, PNC
Thank You
top related