Regulatory News

April 2010 - Federal Financial Institutions Examination Council (FFIEC) - Financial Regulators Release Updated Retail Payment Systems Booklet

A revised Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual has been released.The revised manual provides current and consistent guidance on risk-based policies, procedures, and processes for banking organizations to comply with the Bank Secrecy Act and safeguard operations from money laundering and terrorist financing.

March 2010 - The Public Company Accounting Oversight Board proposed for comment an auditing standard on Communications with Audit Committees, and a series of related amendments to its interim standards.

The proposal addresses requirements for auditors to communicate with audit committees of public company boards of directors. It considers a number of factors, including the importance of accounting judgments and estimates in financial reporting.

The proposed standard includes a requirement for the auditor to establish a mutual understanding of the terms of the audit engagement with the audit committee and to document that understanding in an engagement letter. The proposal also includes requirements relating to:

Communication of an overview of the audit strategy, including a discussion of significant risks, the use of the internal audit function; and the roles, responsibilities, and location of firms participating in the audit;
Communication regarding critical accounting polices, practices, and estimates;
Communication regarding the auditor’s evaluation of a company’s ability to continue as a going concern; and,
Evaluation by the auditor of the adequacy of the two-way communications.

March 2010 - The Public Company Accounting Oversight Board announced the 2010 schedule of its Forum on Auditing in the Small Business Environment.

The first of seven events will be held on Thursday, April 29, in Charlotte, N.C.
The 2010 forum agenda features several case studies and the following discussion topics that address audit issues for small business public clients:
- Current economic issues and trends
- Auditing Standard No. 7, Engagement Quality Review
- Proposed standards on risk assessment
- Auditing internal control over financial reporting (ICFR) for non-accelerated filers
- Information technology issues
- Future standard-setting priorities
- Recent implementation of annual and special reporting rules

February 2010 - NIST, Partners Develop Testing Infrastructure for Health IT Systems

National Institute of Standards and Technology (NIST). NIST has released the first of four installments of a new health IT test method and related software. Starting in 2011, the federal government will provide extra Medicare and Medicaid payments to physicians’ offices that implement health IT systems conforming to specific technical standards and put to “meaningful use”, performing specifically defined functions. The health IT testing infrastructure does not create any new standards, only the tools necessary to test for compliance with existing standards that HHS announced late last year. A new Health IT Standards and Testing Web site has been established.
The site provides information about the key health IT testing initiatives underway. It provides an overview of the Health IT Standards Testing Infrastructure, information and access to the test methods to meet meaningful use technical requirements and standards, access to the Health IT Implementation Testing and Support website, as well as educational material on conformance and interoperability testing.

February 2010 – National Institute Standards and Technology (NIST) (US) - Guide for Applying the Risk Management Framework to Federal Information Systems.

The new document describes the transformation of the federal government’s Certification and Accreditation process into a Risk Management Framework that stresses security from an information system’s initial design phase through implementation and daily operations. It places equal emphasis both on defining the correct set of security controls and on implementing them in a robust continuous monitoring process.

February 2010 – Federal Financial Institutions Examination Council (FFIEC) - Financial Regulators Release Updated Retail Payment Systems Booklet

An update to the 2004 version that provided guidance on the risks and risk-management practices applicable to financial institutions’ retail payment systems activities, including checks, electronic payments related to credit cards and debit cards, and the automated clearing house (ACH).

Jan 2010 – Financial Services Authority (UK) – Consultation Paper 10/3 Effective Corporate Governance

A significant set of proposals around control functions, suggesting amended and new roles. Including recommendations from the Walker report November 2009.