by Meridian | Aug 6, 2018 | Accounting and Reporting
Preparing financial statements can be a painful, yet necessary, compliance exercise for most organisations, big and small. It can take up valuable time and resources, yet financial statements not only tick the box for compliance, they also serve as a very important communication tool to your key stakeholders.
Here are our key tips for reducing your compliance burden:
1. Engage your auditors early
Most large audit firms produce updated model financial statements at least every 6 months taking into consideration the required disclosure changes from new accounting standards. Obtaining these up-front can provide you with a guide as you prepare your accounts. This can save time by not having to process mark-ups from your auditors at the last minute. Ensure you consult with your advisers and ask them to highlight any changes which may be applicable to your organisation.
2. Check ASIC focus areas
ASIC publish their focus areas for each reporting period and most audit firms include these focus areas in their audit plans. Being aware of the ASIC focus areas that affect your organisation will ensure you prioritise critical judgemental areas and provide adequate disclosure. If in doubt, consult with your auditors on which areas are most likely to be relevant for your organisation.
3. Streamline your disclosures
Often financial statements contain disclosures that may be immaterial or don’t add value for the users. Streamlining your financial statements involves challenging the type of information you disclose and where and how it is presented. The key is to reduce the clutter, avoid repetition and highlight critical judgmental areas. Streamlining projects can also be phased over a couple of reporting cycles, starting with grouping or reordering note disclosures, reducing immaterial disclosures and advancing to adopting graphs or charts to display information. If you plan to streamline your accounts, ensure you consult early to confirm which disclosures are material, this will avoid having to add them back in at the last minute.
4. Plan ahead
Some of the steps required to prepare your financial statements can be done outside of the ‘usual’ financial reporting timeframes (e.g. July to September or January to March). For example, preparing new accounting disclosures or setting up your templates may be activities that can be done ahead of time. It also helps to plan ahead for critical dates, such as audit and risk committee paper deadlines or audit visits and work backwards to see when information will be required. This exercise may highlight bottlenecks or times where additional resources may be required. It will also assist in creating a time line to help you meet your tight reporting timeframes.
5. Consider outsourcing
Take stock of the pain points in your reporting cycle and the time they take. It can sometimes be easier and more cost effective to outsource all or parts of your financial statement preparation to relieve the compliance burden for your organisation. Month-end or adhoc financial reporting that helps management deliver your organisation’s strategy can often be a better focus for your finance team’s resources. Don’t underestimate the benefits of outsourcing some more complex and time consuming areas of your financial statements such as financial instruments, hedging or tax accounting.
Do you spend a lot of time processing audit comments or minor changes? Consider tracking this time and weighing up the cost versus benefit of using an independent proof reader or key advisor during your reporting cycle to review the financial statements and assist with processing changes from the auditors.
Need help?
If you require any assistance in preparing your financial statements or would like to discuss some suggestions for making your reporting cycle a little more bearable, please feel free to contact a member of our team.
by Meridian | Jun 12, 2018 | Governance and Compliance
On 2 May 2018, the Australian Securities Exchange (‘ASX’) Corporate Governance Council (‘the Council’) released the consultation draft of the fourth edition of its Corporate Governance Principles and Recommendations (‘the Principles and Recommendations’).
The Principles and Recommendations were first introduced in 2003 with a second edition being published in 2007 and a third edition in 2014. The Principles and Recommendations set out best practice corporate governance principles for ASX listed entities and cover key areas of investor interest such as board structure and risk management.
As governance practices adopted by an entity depend on several factors such as size, complexity and culture, the Principles and Recommendations are not mandatory and are implemented on an “if not, why not” basis. That is, if a listed entity decides to not adopt a recommendation, it must explain why not in its corporate governance statement included in its annual report under ASX Listing Rule 4.10.3.
In the fourth edition of the Principles and Recommendations, the primary change to the Principles is the re-drafting of Principle 3 from ‘Act ethically and responsibly: a listed entity should act ethically and responsibly’ to ‘Instil the desired culture: a listed entity should instil and continually reinforce a culture across the organisation of acting lawfully, ethically and in a socially responsible manner’. The proposed change to Principle 3 recognises that a listed entity has a social licence to operate and in order to maintain this licence needs to act lawfully, ethically and in a socially responsible manner. The re-drafting of Principle 3 seeks to address recent governance issues that have arisen from poor conduct or culture in listed entities.
The fourth edition of the Principles and Recommendations also proposes to expand the number of Recommendations from 29 to 38 with additional Recommendations being added to Principles 2, 3, 4, 5, 6 and 8.
It is estimated by the Council that the final version of the fourth edition will be released in early 2019 and will take effect for an entity’s first full financial year commencing on or after 1 July 2019.
The closing date for public submissions on the fourth edition of the Principles and Recommendations is Friday 27 July 2018.
For further details refer to the consultation paper at https://www.asx.com.au/documents/asx-compliance/consultation-paper-cgc-4th-edition.pdf
Need help?
If you would like more information or have any questions, please feel free to contact us to discuss further.
by Meridian | Mar 7, 2018 | Governance and Compliance
The Notifiable Data Breaches (‘NDB’) scheme established under the Privacy Amendment (Notifiable Data Breaches) Act 2017 came into effect on 22 February 2018. The NDB scheme requires organisations to notify the Australian Information Commissioner and affected individuals when an eligible data breach has occurred.
Who must comply?
The NDB scheme applies to any organisation that has responsibilities under the Privacy Act 1988, including Australian government agencies and all businesses and not-for-profit organisations with an annual turnover of $3m or more. The NDB scheme also applies to certain other businesses such as private sector health service providers, educational and child care institutions and those that buy or sell personal information including credit reporting bodies.
What is considered an eligible data breach?
The NDB scheme applies only to eligible data breaches. The government considers a data breach to be eligible if there is unauthorised access to, unauthorised disclosure of, or loss of, personal information held by an entity that is likely to result in serious harm to the individual affected.
Although ‘serious harm’ is not defined in the Privacy Act 1988, in the context of a data breach it is taken to include physical, psychological, emotional, financial or reputational harm. Directors of organisations will need to perform an objective assessment to determine if a data breach is likely to result in serious harm.
What must be reported and how?
When there are reasonable grounds to believe that an eligible data breach has occurred, an organisation is obligated to notify the Australian Information Commissioner and affected individuals of the breach as soon as practicable. The notification of the breach must include a description of the data breach, the kinds of information concerned and recommended steps for the affected individual to take in order to protect themselves.
How to protect your organisation?
The NDB scheme shifts more of the onus of overseeing cybersecurity to directors of the organisation. It is important for directors to understand the potential risk areas and have a breach management plan in place regarding data security as they can be held liable if it is shown their organisation has been willfully negligent about securing data.
The Australian Information Commissioner can seek civil penalties for not adhering to the legislation of up to $340,000 for individuals and $1.7 million for corporates, as well as the payment of compensation for damages or other remedies.
Directors need to review their organisations to identify what data they hold and where it may be at risk. It is then important that the organisation develop a data protection plan to manage the risk areas identified and confirm that all personnel understand the importance of data security and how to ensure it is protected. Organisations also need to develop systems to identify and respond to any breaches in a timely and appropriate fashion that will ensure compliance with the NDB scheme.
Click here for further information on the NBD scheme.
Need help?
If you would like more information or have any questions, please feel free to contact us to discuss further.