HOW TO OPTIMIZE THE INTERNAL AUDIT FUNCTION. June 27, 2017

Transcription

1

2 HOW TO OPTIMIZE THE INTERNAL AUDIT FUNCTION June 27, 2017

3 Presenter Jennifer Murtha Senior Director, Risk Advisory Services RSM US LLP Brett Friedman Audit Partner RSM US LLP brett.friedman@rsmus.com

4 Panel Susan Grant, CPA Deputy City Manager City of Coral Springs Clara Ewing, CIA Director, Risk Advisory Services RSM US LLP Jennifer Boyd-Pugh, M.S., SHRM-SCP VP for Human Resources and Title IX Coordinator Barry University Stephen Burdett, CPA Finance Director Brevard County

5 What is internal auditing? Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations [1] Internal Auditing [1] IIA's definition of audit

6 What is Internal auditing? It assists an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes

7 Why is it important in Government? To demonstrate stewardship, accountability, and compliance Improve operating efficiency Provide reliable outcome data to stakeholders

8 History repeats: The ancestry of Government accountability Federal initiatives: SEC OMB GAO Data Act Single Audit State/Local initiatives Ethics Laws/Ordinances Program Compliance/Results Increased citizen demands for transparency and accountability ACCOUNTABILITY: It is not only what we do, but also what we do not do, for which we are accountable. Moliere

9 Forward: more accountability How does internal auditing fit in? More governments are establishing internal audit functions to improve performance and respond to stakeholder accountability demands

10 Approach to Internal Audit

11 Traditional approach Historically, internal audit has been narrowly focused Fiscal-oriented audits Gotcha attitude (real or perceived) Annual cycle of traditional reviews Audits not linked to comprehensive assessment of risk

12 New approaches to government internal audit Government agencies are increasingly challenged to review and improve their governance and operating processes and structure New approach to internal audit has an expanded focus: Experts and key advisors on all facets of risks, processes, and controls Fewer routine and predictable reviews Increased use of risk assessments and risk-based reviews

13 New approaches to government internal audit Provides assurance to management and the audit committee that risks are understood and managed appropriately Helps protect the organization against traditional and emerging risks Provides consultation on the balancing of opportunities and vulnerabilities Makes valuable recommendations for assessing and strengthening management oversight

14 New Approach ESTABLISH A BASELINE DEEPEN UNDERSTANDING ADD STRATEGIC VALUE Compliance Focused Risk-Based Approach Effective & Detective Business Enhancements & Efficiencies Value-Added Observations Traditional Approach What could go wrong approach focused on mitigating existing top enterprise risks Historical Provider of independent assessments of historical performance Promote compliance Historical evaluation of existing policies and controls Internal Audit Function Continuum Compliance Financial Performance (Operational) Information Technology Optimized Approach What must go right approach focused on achieving strategic organizational objectives Transformational Sought out as a partner that enhances the organization s ability to achieve key objectives Promote quality improvement and innovation Strategic evaluation of legal and regulatory requirements balanced with reputation risk appetite

15 Keys to audit effectiveness Independence and objectivity Professionalism & quality work Being responsive to user needs Competent & appropriate mix of staff Flexibility & adaptability

16 Fraud Refresher Why are we here?

17 Fraud Triangle Unrealistic deadlines Unrealistic performance goals Personal vices Inadequate or no: Supervision & review Segregation of duties Management approval System controls a.k.a. Rationalization reconciling behavior with commonly accepted notions of decency & trust. 17

18 Fraud Diamond Pressure Unrealistic deadlines Unrealistic performance goals Personal vices Inadequate or no: Supervision & review Segregation of duties Management approval System controls Convinced self that fraudulent behavior is worth the risk Necessary traits and ABILITIES to be right person to pull it off Recognized this particular fraud opportunity and can turn it into reality 18

19 Just the Facts The United States continues to bear the highest instance of fraud across the world. Average losses in the US have increased 20% in 2 years from $100K in 2014 to $120K in Rise in billing schemes; decrease in check tampering alone, but combined with fraudulent expense reimbursement and skimming still represent nearly 47% of Asset Misappropriation cases reported. In the Government cases reported in 2016, 38.4% of cases were for Corruption, 25.3% were billing schemes, followed by Expense Reimbursement (15.7%). Corruption is the abuse of public office for private gain, which would include conflicts on interest, procurement schemes, and bid tampering, etc. The most prominent organizational weakness that contributed to the frauds in our study was a lack of internal controls, which was cited in 29.3% of cases, followed by an override of existing internal controls (more than 20% of cases). Source: Association of Certified Fraud Examiners, Report to the Nations on Occupational Fraud & Abuse

20 Victim Organizations In 2014, the % of Government cases was 15.1%, with a median loss of $90K. As shown below, those numbers are on the rise. Source: Association of Certified Fraud Examiners, Report to the Nations on Occupational Fraud & Abuse

21 Fraud Detection Source: Association of Certified Fraud Examiners, Report to the Nations on Occupational Fraud & Abuse 2016 While tips are still the highest method of fraud detection, Management Review and Internal Audit procedures represent nearly 30% of detection. This would include performance of data analytics over high risk categories of transactions. The % of cases detected by tips increases to 47% when there is an anonymous hotline. 21

22 Panel Discussion

23 Governance Breakdowns 23

24 Governance Development of a Charter Independent Reporting Structure Audit Committee Methodology Resources 24

25 Governance Develop an internal audit charter. Purpose, authority, responsibility Unrestricted access Independence Review and by-in by senior management Approval by board 25

26 Governance Independent Reporting Structure Board or Council Superintendent County Executive City Manager Internal Audit Function Management 26

27 Governance Audit Committee 5 to 7 members From outside A financial professional Board or Council Superintendent County Executive City Manager Audit Committee Management 27

28 Governance Audit Committee Responsibilities Oversight Guidance Independence Reporting 28

29 Governance Adopt a widely accepted methodology. For Example: COSO Framework Committee of Sponsoring Organizations 29

30 Governance Resources Employee Full Staff Out-source Co-source Budget Allocation Competencies -CPA s -CISA s -CIA s -CFE s -Actuary 30

31 Governance Summary of Updates What s changed Whether you.. 1. Outsource 100% 2. Co-Source 3. Employee a Full Staff Chief Auditor Chief Auditor must Assist audit committee to assure its charter, activities, and processes achieve its responsibilities 2. Ensure internal audit s charter is responsive to the needs of the committee 3. Maintain open, direct and effective communications with the committee 4. Be viewed as a trusted advisor Slide Source: COSO IC-IF Outreach Deck_ ( 3

32 Managing resources Challenge Maintaining a staff size large enough to handle all of the audits and special services required to address critical risks and provide timely feedback to management Mitigation with contracted auditors Avoid the costs of maintaining a staff that can meet the needs of every audit engagement Managing the expense of an internal staff that can handling the variety and complexity of services needed to address all business risk Handle unplanned audits, fraud investigations, and requests received from management and Board members For sensitive issues, the public may not have confidence in work conducted by Internal Auditors An objective, independent auditor can restore confidence that the agency is interested in identifying and correcting problems

33 Panel Discussion

34 Risk Assessment The objective of the risk assessment is to ensure that the entity has sufficient and continuous internal audit coverage of those areas judged as having a relatively high risk profile considering both impact and likelihood. 34

35 Risk Assessment Institute of Internal Audit standards require risk assessments be conducted every 3 years with updates conducted on the off years. 35

36 Risk Assessment A Risk Assessment should be conducted by applying a broad-based, business view on risk, keeping in mind and identifying opportunities and vulnerabilities. Interviews should be conducted at all levels within the organization to obtain a highlevel understanding of - What keeps them up at night? It is critical to drill down into department and/or functional areas to understand risk from the perspective of the individuals responsible for controlling such risks. 36

37 Risk Assessment When we talk about risk we mean: Financial Risk Performance Risk Compliance Risk Public Perception 37

38 Risk Assessment Risk Components or Factors Control Environment -- describes the overall tone and control consciousness of the subentity/function. It involves the integrity, ethical values and competence of personnel as well as management philosophy and operating style. Change -- addresses the extent to which change has impacted or is expected (in the near term) to impact the sub-entity/function, including changes in key personnel, the organization, its products, services, systems or processes. Process Risk -- addresses the inherent risk of the activities performed by the subentity/function, including the assets managed or in the custody of the sub-entity/function. Process risk addresses the extent of support the sub-entity/function provides to vital business functions, including the threat to continuity of the business caused by failures or errors; the probability of failure due to the amount of judgment, academic or technical skill required to manage the unit or perform key activities. External Factors -- describes the environment in which the sub-entity operates, and the type and amount of external interaction in which the sub-entity engages. Factors to consider include overall County and regulatory environment, the level of interaction with users and success in satisfying user requirements, the financial reporting environment and results of regulatory compliance audits. Revenue Source -- describes resources available to the sub-entity/function. Factors to consider include maximizing revenues, obtaining additional revenue sources and producing revenues outside of the standardized tax base. 38

39 Risk Impact Risk Assessment Inherent Risk Risk of an occurrence before the effect of any existing controls. If you were building this process, what would you be concerned about? What can we not prevent? Moderate Exposure Risk Coverage Periodic Low Exposure High Exposure Risk Coverage High Priority Moderate Exposure Residual Risk Risk remaining after the application of controls. Potentially reduced impact or likelihood. Risk Coverage Monitoring Only Likelihood of Occurrence Risk Coverage Periodic

40 Panel Discussion

41 Internal Audit Plan The Internal Audit Plan is compiled based on the results of the Risk Assessment- It is a working draft that should continually be updated and refreshed. 41

42 Internal Audit Plan COMPLIANCE Independent assessment of an organization s adherence to specific rules, regulations, or policies FINANCIAL Independent, objective opinion on the financial statements and whether they are fair, accurate, complete, and reliable PERFORMANCE (OPERATIONAL) Objective advisory, facilitative, and training activities focused on operational improvement and value creation, in an efficient, costeffective manner INFORMATION TECHNOLOGY Assessment automated information processing systems, related nonautomated processes, and the interfaces among them SINGLE (OMB A-133 AUDIT) Required by the US Federal Government for entities that spend >$500K of Federal Funds per year YELLOW BOOK (GAGAS) Used when required by provisions of laws, regulations, contracts, or grant agreements; framework for conducting audits with a focus on quality, competence, integrity, objectivity, and independence Quality Control, Enterprise Risk Assessments, Management Action Follow-Up Develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity, including appropriate supervision, periodic internal assessments and ongoing monitoring of quality assurance

43 Internal Audit Plan COMPLIANCE Independent assessment of an organization s adherence to specific rules, regulations, or policies Such rules may be defined by: Legislation Regulation Contractual Requirements Grant Agreements Organization Policy FINANCIAL Independent, objective opinion on the financial statements and whether they are fair, accurate, complete, and reliable Determine if financial information was properly recorded and documented May cover: Income & Expenses Budgets & Forecasts Accounts Payable Asset Management Payroll PERFORMANCE (OPERATIONAL) Objective advisory, facilitative, and training activities focused on operational improvement and value creation, in an efficient, cost-effective manner Assessment of the performance of a specific area such as a single department, program, project or process / workflow to evaluate the efficiency and effectiveness Use results for: Performance Improvement Cost Reduction Decision Making Public Accountability INFORMATION TECHNOLOGY Assessment automated information processing systems, related nonautomated processes, and the interfaces among them Review of specific functions including: IT Project Management IT Governance IT Security Disaster Recovery Plans May be performed in conjunction with Financial Audits Attestation Engagements Performance Audit Quality Control, Enterprise Risk Assessments, Management Action Follow-Up Develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity, including appropriate supervision, periodic internal assessments and ongoing monitoring of quality assurance

44 Internal Audit Plan COMPLIANCE CATEGORIES: Contracts & Agreements Policy & Procedure Regulatory Ethics & Fraud EXAMPLES: Fraud Detection Analyze patterns and anomalies, ex. the Medicare Fraud Strike Force uncovered $452 million in false billings Construction Cost Recovery Audit construction contracts to ensure that the primary risks of these major transactions are sufficiently mitigated FINANCIAL CATEGORIES: Accounting Analytics Finance Financial Reporting EXAMPLES: KPIs Average time to issue property tax refunds, % of parking tickets paid within 90 days, % of ACH/EFT transactions, analytics for collections, vendor payments, speed of procurement Budget Optimization Evaluate a budgeting process that is outcome-driven and focused on hard data PERFORMANCE (OPERATIONAL) CATEGORIES: Public Perception Relevance Business Operations Process Improvement Program Management Project Management Resource Management EXAMPLES: Improve Transportation Use real-time analysis to anticipate problems that could disrupt transportation flow, alleviate traffic congestion or address transit issues Improved Emergency Response and Community Interaction Analyze 311 and 911 data to determine where to focus resources Increase Service Capacity Redesign case management processes to reduce wait times, increase the number of families served, and gain savings Strategic ERM Approach Evaluating risk based on its impact to promote or reduce stakeholder value INFORMATION TECHNOLOGY CATEGORIES: Business Intelligence Information Security System Management Technology Advisory EXAMPLES: Mobility Roadmap Host a workshop to understand core applications, existing technology, & opportunities for efficiencies; Identify needs for infrastructure, security, support, and policy Social Media Assessment Website analysis, peer group analysis, objective review, internal resources, technology capabilities review

45 Internal Audit Plan ESTABLISH A BASELINE DEEPEN UNDERSTANDING ADD STRATEGIC VALUE Compliance Focused Risk-Based Approach Effective & Detective Business Enhancements & Efficiencies Value-Added Observations Traditional Approach What could go wrong approach focused on mitigating existing top enterprise risks Historical Provider of independent assessments of historical performance Promote compliance Historical evaluation of existing policies and controls Internal Audit Function Continuum Compliance Financial Performance (Operational) Information Technology Optimized Approach What must go right approach focused on achieving strategic organizational objectives Transformational Sought out as a partner that enhances the organization s ability to achieve key objectives Promote quality improvement and innovation Strategic evaluation of legal and regulatory requirements balanced with reputation risk appetite

46 Internal Audit Plan Internal Audit Hybrid Best in Class Internal Audit Function Continuum Compliance Focused ESTABLISH A BASELINE ADD STRATEGIC VALUE Value- Added Observations Risk-Based Approach Business Enhancement & Efficiencies Effective & Detective DEEPEN UNDERSTANDING

47 Internal Audit Plan Ongoing Audit Functions Cycle Audits Entity-Wide Audits Individual Function Audits Special Audits or Requests 47

48 Internal Audit Plan Ongoing Audit Functions: Risk Assessment and Updates Quality Control Fraud Awareness and/or other Seminars Follow-up 48

49 Internal Audit Plan Cycle Audits are typically performed in functions that are inherently high risk, they are narrower in scope and occur more often than full audits. 49

50 Internal Audit Plan Entity-Wide Audits these audits are of areas or functions that cross over functions and departments and often have multiple responsible parties. Examples include: Timekeeping Human Resources Asset Management Purchasing Contract Management 50

51 Internal Audit Plan Individual Function Audits are narrower in focus that entity-wide audits with more specific ownership tied to the Department or Function. 51

52 Internal Audit Plan Special Audits and Requests: Forensic Investigations Financial Condition Reviews Whistle Blower Investigations / Allegations Board Requests 52

53 Panel Discussion

54 Internal Audits Internal Control Assessment Risk Assessment and Brainstorming Planning and Scoping Execution of Audits / Reviews Communicate Results On-Going Monitoring and Follow-Up Process Analysis Process Improvement Process Assurance Understand and Document Process Assess Design Effectiveness Document Existing Controls Assess Operating Effectiveness Analyze Deficiencies Significant Transaction Cycles 54

55 Internal Audits Facilitated Sessions/Process Documentation Trained Facilitators Efficient and effective Common Language Encourages discussion and enhanced process Identification of Risk Key Control Points Functional Bands Purchase to Payables for Assets and Expenses Purchase Requisition Accounts Payable Department Accounting Manager A Start Pg. 1 A A/P System Run Transaction Edit report In the A/P System 1 Contractors Check Request Utilities Expense Reports Enters Invoices Into the A/P System Investigate difference and fixes errors Obtains New Vendor Set- up form and W- 9 on file via or phone (01.01) Maintained in office file Manually opens Mail And restrictively Date stamps each document Code Invoice With Vendor # No Inputs the new vendor Information Into the A/P System (01.03) Does Transaction Edit rpt equal Invoices? Yes A/P System Sorts by payment terms: Immediate Pay Net 10 & 45 days Matches Invoice to requisition & packing slip or receiving docs (04.02) Approves the coding Amounts and posts The invoices to the A/P System (01.02) Pg. 3 B Contractors Check Request Utilities Expense Reports Obtain approval of dept. mgr. and Add G/L Coding to Invoice & travel Expense reports Invoices Gives the invoices Back to the A/P Clerk No Is vendor a new Vendor? A Files Alphabetical Yes Accounting Manager Reviews the Vendor Master File Annually to verify Integrity and pertinence Process Step Legend: Control 1 Gap

56 Internal Audits Organization: Client ABC Business Process: Revenue Cycle Sarbanes-Oxley Process Documentation Process Owner: XX, Controller Backup Process Owner: XX, CFO Year End: December 31, 2009 Risk # Orders and Invoicing 1 Inherent Risk Customer credit limits are not appropriately authorized, monitored and updated. Financial Statement Assertion E,C,V Risk Level Medium Legend: E - Existence or Occurrence C - Completeness V - Valuation or allocation R - Rights & Obligations P - Presentation & Disclosure Control Objective Controls to ensure credit checks are performed consistently in accordance with the credit management policy. Control # "As is" Control Description Review of the A/R aging schedule is performed by A/R Clerk to determine outstanding balances monthly. A/R Clerk contacts customers to follow up on outstanding payments as needed. Payment plans are negotiated. If contract is not paid on timely basis then customer is changed to COD ONLY by the A/R Rep. This usually happens with only one occurrence of non-payment. Controller reviews A/R schedule for outstanding overdue balances, she then notifies A/R Rep to follow up on any other customers that have not been previously identified. Contracts are reviewed for terms and pricing and are verified by V.P. of Operations to make sure proper conditions have been met for the sale. Contracts Employee enters contract information into Wide Area Work Flow (WAWF), (which apply to Government contracts only). Information is obtained from the Contract folders which hold the most updated contract terms and conditions. Testing Reference Type of Control Manual Detective Manual Preventive Manual Detective Manual Preventive Anti-Fraud Control? Level of Control Assessment of Design Effectiveness in Meeting Control Objective Control Owner Frequency of Control Operation Yes Key/Primary Needs Improvement AR Clerk Monthly No Secondary Needs Improvement Yes Secondary Needs Improvement Yes Key/Primary Meets Objective Contracts Manager Contracts Manager VP of Operations Per Occurrence Monthly Per Occurrence Risk and Control Matrix captures risks, our preliminary assessment as to the effectiveness with which they are managed, specific control objectives, related control descriptions, and testing strategies to be used for future audit purposes. 56

57 Internal Audits Internal Control Assessment Risk Assessment and Brainstorming Planning and Scoping Execution of Audits / Reviews Communicate Results On-Going Monitoring and Follow-Up Process Analysis Process Improvement Process Assurance Understand and Document Process Assess Design Effectiveness Document Existing Controls Assess Operating Effectiveness Analyze Deficiencies Significant Transaction Cycles 57

58 Internal Audits Keys to a Successful Audit Communication Communication Kick off Meeting and Setting Expectations Set the Right Timeline Timing is Key Discussions throughout the Audit Leave behind the Got-Cha Factor No Surprises Exit Conference 58

59 Panel Discussion

60 Audit Reports Executive Summary Objectives & Scope Background Issues Matrix 60

61 Audit Reports Issues Matrix: Risk Rating of the Issue High, Moderate, Low Full detailed Write-up of the Issue Include the So-What Factor Include the specifics What did we find Recommendation Managements Response Action, Estimated Completion Date and Responsible Party 61

62 Panel Discussion

63 Follow-up Included within Management Response in issued internal audit reports should be the targeted implementation date for remediation and the responsible party. Routinely, procedures for those issues where the target dates have been reached are performed to verify and report the implementation status of the recommendations to all the previously reported findings. Objectives of the overall follow-up procedures are to determine if open issues from previous audit reports have been properly remediated. Follow-up is meant to validate, on a sample basis, the effectiveness of the remediated controls of the previously reported open issues. 63

64 Panel Discussion

65 Use of Data Analytics

66 Data Analytics What is Data Analytics (DA)? How is it employed in the internal audit / consultative environment? How can it be used as a tool in an investigation? Proactive versus reactive data analytics What are the advantages of the use of data analytics versus traditional forensic investigative techniques? 66

67 Understanding the Need for Data Analytics More data is stored electronically than ever: - Financial - Customer - Vendor - Marketing / Sales Leads - Communications ( , text, social media) Data analysis techniques and specialized software can identify red flags for fraud, and can analyze large sets of data rather than using statistical, random or judgmental sampling of transactions 67

68 What are we looking for? What might we find with Data Analytics (DA)? Control gaps / failures Errors and inefficiencies Fraud or fraud risks Proactive/detective data analytic purposes: Generally looking for previously unknown patterns indicative of fraud or loss Identification of high risk areas to enhance controls or concentrate further investigative efforts/action Can also be used to confirm suspected patterns and help determine root cause relationships Can be used to support an overall Fraud Risk Assessment and Fraud Management / Awareness Program What is different with an investigations context? [Often] you know where to begin your focus Process(es), patterns, specific accounts/vendors, etc. May analyze more detailed information, such as meta data, or larger populations of data (longer time periods) Heavier review of results, including comparing results to other publically available information (e.g., social media) or requesting information via subpoena 68

69 Fraud Risks/Schemes in Common Processes Vendors / Accounts Payable (AP) Conflict of interest / kickbacks Embezzlement/Theft Fictitious/Ghost vendor False invoicing scheme Bid rigging Anti-corruption Corporate Expenses/Purchase Card Embezzlement/Theft (personal expenses) Anti-corruption (entertaining or making payments to government officials) Employees / Payroll Embezzlement/Theft Ghost employee (never or was previously employed Unauthorized or improper payroll payments Falsified or inflated hours or overtime Anti-corruption (in addition to Ghost employee risks) Hiring unauthorized/illegal employees (incl. government) 69

70 Fraud Risks/Schemes in Common Processes Customers / Accounts Receivable Embezzlement/Theft Lapping / Re-directing deposits Conflict of interest / kickbacks Earnings management (inflating assets / revenue) Manual Journal Entries (GL) Earnings management, most typically: Increase assets, revenue Decrease liabilities, expense Balance sheet gross-up Concealment of improper cash disbursements Data mining or data analysis (often used interchangeably) can target specific activities or transactions that are at higher risk of fraud using indicators such as specific types of transactions, patterns within the data, or relationships between sets of data that should not exist. 70

71 Methodology for Performing Data Analytics Business Environment Business & concerns Processes & systems Scope Processes to analyze Data to collect (tables, time frame) Number and types of routines Tool Selection and Determination of Risk Factors What tools will you use How will you determine high-risk records / criteria 71

72 Methodology for Performing Data Analytics Load Data Process Data Results Review and Reporting of Risk Areas Import tables Quality checks Run routines Quality check results Review findings Report to stakeholders 72

73 Ongoing Benefits of Routine DA Include Identify compliance failures on a timely basis Continually evaluate control environment adequacy and effectiveness Mitigate control weaknesses Objective basis for quantifying system-wide risk Allocate limited resources efficiently Eliminate inefficiency and waste Uncover high risk relationships Improve existing internal audit protocols Assess compliance with regulatory environment Identify area of improvement for training and development, targeted and agency-wide Reduce cost by correcting errors 73

74 Current Challenges Increasingly Complex Regulatory Environment: Foreign Corrupt Practices Act (FCPA) / Dodd-Frank Whistleblower Sarbanes and Oxley Business processes and controls don t operate perfectly Collusion is difficult to prove / uncover Compliance resources must be allocated efficiently Performance pressures may create unintended incentives to achieve metrics Obtaining a COMPLETE data set from all available sources (oft missed examples may include data stored on smart phones, personal laptops, cloud-based environments) 74

75 Other Limitations and How to Overcome Quality Assurance Data import issues Complete population All fields necessary / desired are not readily available (e.g., MCC Codes, purchasing warehouses, etc.) Sampling vs. complete population - Test 100% of population, when possible (Big Data) Use of summary trends rather than transaction-level - Frequencies - Time lines - Various other visualizations Time consuming to repeat - Scripts - Normalization Involvement of IT Department, selected vendors (Financial institution), corroborating manual tests, and other techniques can help to resolve these issues. 75

76 Panel Discussion

77 77

78 78

79 RSM US LLP This document contains general information, may be based on authorities that are subject to change, and is not a substitute for professional advice or services. This document does not constitute audit, tax, consulting, business, financial, investment, legal or other professional advice, and you should consult a qualified professional advisor before taking any action based on the information herein. RSM US LLP, its affiliates and related entities are not responsible for any loss resulting from or relating to reliance on this document by any person. Internal Revenue Service rules require us to inform you that this communication may be deemed a solicitation to provide tax services. This communication is being sent to individuals who have subscribed to receive it or who we believe would have an interest in the topics discussed. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit rsmus.com/aboutus for more information regarding RSM US LLP and RSM International. RSM and the RSM logo are registered trademarks of RSM International Association. The power of being understood is a registered trademark of RSM US LLP RSM US LLP. All Rights Reserved.