Sunday, June 29, 2008

SEC regulatory proposal for Credit Rating Agencies.

After a tumultous year or two in the financial markets, finally some regulatory action. In mid June, the SEC invited comments to a planned proposal to reduce the influence of credit rating agencies (CRA) in the financial markets. The central theme of such a proposal is 'to address concerns about the integrity of their credit rating procedures and methodologies in the light of the role they played in determining credit ratings for securities collateralized by or linked to subprime residential mortgages' No surprises there... Following the recent market turmoil (everybody's favorite phrase),the Senate Banking Committee held a hearing on the role of the credit rating agencies in the mortgage mess. They directed that the Securities and Exchange Commission (SEC) impose tough regulations on the rating industry.

The SEC plans to propose new rules that would be aimed at enhancing disclosure, comparability as well as provide more detailed information on the processes and methodologies behind the credit ratings. These rules would also add reporting requirements and address conflicts of interest that may arise in the structured products rating process.

According to the Wall Street Journal, the SEC will propose new rules that may 'diminish the importance of credit ratings in determining the amount of capital that investment banks are required to hold'. Floyd Norris of the New York Times, says that credit rating agencies are being made the scapegoats in a crisis that seems to have no end to it. Besides rating agencies, weak regulations that let borrowers with poor credit history borrow money are also to blame.

While that may be true, lets not forget Moody's credit rating 'computer glitches' reported by the Financial Times a few weeks back followed by a 'confession' by S&P reporting its own rating 'glitch'.

Friday, June 6, 2008

XBRL tagged financial reporting to be made mandatory.

The SEC has announced a proposal that would require all U.S. public companies that follow the U.S. Generally Accepted Accounting Principles, to provide financial information using the 'interactive data' format.Specifically, for companies whose market capitalization is more than $5 billion this requirement would become effective from fiscal years ending in late 2008 and the remaining companies would be expected to comply over the next two years. The first set of financial statements in the new format would be available to the public starting 2009.

The interactive financial data would be in the e(X)tensible Business Reporting Language (XBRL). XBRL is from the family of 'XML' languages. It is a language that is used for transmitting information.

Imagine if you were to download a company's annual report. The way things stand today, this data would be a block of text. However, using XBRL, computer tags would be attached to this data such that each individual financial information would have its own tag that is computer readable. For eg: inventories would have its own tag. A tag would serve the purpose of not only an identifier but also provide information on the tagged item such as whether it is a percentage, fraction or a monetary item. As a result, it would be possible to efficiently collect data from different business units (they may even have different accounting systems) and generate internal management reports as well regulatory filing reports such as financial statements. Instead of wasting effort and money over time consuming data entry, companies can simply validate the received XBRL data through available software and speed up their research and analysis of this data. XBRL tagged data would have particular use not only for companies looking to simplify their financial reporting process but also for analysts, researchers and lenders.

XBRL is a standard that is being adopted worldwide. The most important information- XBRL is free of cost and there are no license fees.Obviously, different XBRL taxonomies would be required for different financial reporting purposes as well as for different national jurisdictions.

The fact that SEC is making XBRL filings mandatory for U.S. public companies is a very important development for vendors of accounting software as well as for outsourced data processing companies. With XBRL tagged information easily available, the need to outsource data entry of financial information or the need to outsource the preparation of financial filings could potentially drop.

Tuesday, June 3, 2008

Sensitive Information Breach at Walter Reed Army Medical Center.

Sensitive information related to approximately 1000 patients has been breached at Walter Reed Army Medical Center and other military hospitals. Although the compromised information did not include health related information such as diagnosis, prognosis or medical records, information related to names, addresses, social security information and other data has been compromised. Walter Reed officials were informed of this breach on May 21st by an outside company. The details on how this breach occurred has not yet been disclosed.

Data security has been a critical issue for government organizations. In 2006, the Committee on Government Reform had issued a detailed report on the government agencies that had faced some kind of data breach between 2003 and 2006. According to that report, all 19 Departments and agencies reported at least one loss of personally identifiable information since January 2003.

Agency/Department- Number of data breach incidents between 2003 and 2006
Social Security Administration- 3
Office of Personnel Management- 3
Veteran Affairs- hundreds of security and privacy incidents
Treasury- 340 incidents involving loss or compromise of sensitive personal information
Transportation- 1
State- 1
Labor- 3
Justice- 2
Interior- 8
Housing and Urban Development- 1
Homeland Security- 6
Health and Human Services- 24
Energy- 7
Education- 41
Defense- 43
Commerce- 297
Agriculture- 8

The letters received by the Committee from these departments showed that, in many cases, agencies did not know what information had been lost or how many individuals could be impacted by a particular data loss. The report also pointed out that in many cases the private contractors that many federal government agencies had come to depend on especially for information management services were responsible for the data breaches.