How federal CFOs can “corral” PP&E

Introduction

The complexities of managing and accounting for PP&E can be further exacerbated by antiquated legacy or disparate software systems that are not capable of producing vital information or allowing for the flow of such information.

With significant operational and business activity occurring affecting the PP&E lifecycle across organizational elements, federal chief financial officers (CFOs) face the constant challenge of keeping a finger on the pulse of agency PP&E, as asset activity results in a financial impact.

Fortunately, federal CFOs are in a better position than ever. Advances in risk sensing and risk monitoring provide today's CFOs with the ability to identify and manage PP&E risks and improve asset-related financial requirements. Of course, the end goal is for CFOs to help agencies provide high value to stakeholders and set the strategies vital to their agency's future performance.

Back to top

CFOs as the key to success

CFOs may not own the PP&E lifecycle, but they have established responsibilities over the financial elements related to PP&E. Today's CFOs are expected to play four diverse and challenging roles (as depicted herein). CFOs are familiar with the two traditional roles of steward (preserving the assets of the organization by minimizing risk and maintaining accuracy of the books) and operator (running a tight finance operation that is efficient and effective).

Beyond that, it is increasingly important for CFOs to be strategists (helping to shape overall strategy and direction) and catalysts (instilling a financial approach and mind set throughout the organization to help other parts of the agency perform better). Gone is the simple back-office support function¹.

With so many complexities involving PP&E, CFOs at times do not know about key operational events before they occur, making it more difficult for CFOs to fulfill their responsibilities. To provide the required financial data, CFOs are dependent on key PP&E personnel executing properly designed and effective business processes. In larger, more complex agencies, this can involve multiple organizational elements and PP&E management systems. The organizations that CFOs oversee may have implemented highly efficient and effective financial reporting procedures and internal controls, but without the efficient flow of correct data, CFOs cannot properly execute their responsibilities.

Considering these challenges, how can federal CFOs achieve their objectives as they relate to PP&E when they have no responsibility for the systems or the completeness and accuracy of the data?

Fortunately, CFOs are depending on evolving accounting and internal control standards to help them achieve their objectives. They also have access to new and innovative tools, including risk sensing and risk monitoring, which can help them get the applicable information to the relevant people at the appropriate time². These advances enable federal CFOs to support not only financial, but business and operational events.

Back to top

Risk sensing and risk monitoring

• Risk monitoring aims to proactively identify, manage, monitor, and respond to known risks that could prevent disruption to the agency. 
• Risk sensing aims to detect emerging risks so that management can mitigate those risks before they generate potentially significant damage or costs or require higher investments³.

Effective risk sensing and risk monitoring practices focus on the key risks that could affect mission performance. They should incorporate mechanisms for developing an integrated view of risks and opportunities; and support responses that are economical, practical, and productive to the agency. They should be developed with ongoing input from senior executives to remain relevant, timely, and responsive to their planning and decision-making circumstances and to those of the primary organizational elements, risk managers, and compliance function.

Risk sensing and risk monitoring should also be integrated into the governance program. This calls for clear communication and responses combined with actionable reports that are useful to executives, risk managers, and organizational heads, which means that summary reports and visualization tools (e.g., dashboards) are also an essential element.

When an anomaly occurs, leaders can identify and address the underlying root cause of a weaknesses, monitor activity and process performance, elevate awareness and oversight for high-risk activities, and more effectively respond to risks and issues that arise.

The identification of risks can also lead to the identification of new opportunities to improve or re-shape operations in support of the agency’s mission and strategies. With correct data in hand, agencies can continuously monitor operations, business practices, and risk management strategies to focus on high-risk areas (e.g., refining, changing, or improving activities) and de-emphasize low-risk areas (e.g., streamlining or cancelling certain activities).

Risk sensing and risk monitoring programs can do more than highlighting risks. In antiquated legacy system environments, or those with disparate and disconnected systems, risk monitoring programs can help reconcile data and build a common data source for analysis. Further, a properly designed and implemented program can provide management with the relevant data to show when processes and related controls are effective. This information is equally valuable for executives, allowing them to focus their attention on high risk transactions and better support the annual statement of assurance process.

Back to top

Focus on operational risks to address financial risk

Although each organization faces different PP&E-related risks, we know that operational risks affect financial risks. To address PP&E accounting and financial reporting risks, CFOs should first focus on operational and mission risks, typically seen as outside their purview.

Beginning with core business activities, CFOs should establish a link between operations and finance, and implement a risk sensing and risk monitoring program for personnel key to the PP&E lifecycle across the agency. For example, acquisitions or improvements, changes in use or estimated useful lives, deferred maintenance, impairments, or disposals may lead to a financial event. The CFO has responsibility in these areas, as financial reporting weaknesses could affect the CFO’s ability to help protect and preserve critical agency PP&E, let alone properly report the financial effects of the agency’s operations to internal and external stakeholders.

An effective operational risk monitoring program could help to demonstrate the controls over the underlying processes are implemented and operating as designed or identify a potential deficiency in need of remediation (e.g., untimely execution of specific processes, non-compliance with procedures, ineffective internal control, hiring and retention issues, and deficiencies in training).

CFOs should design and implement a program that provides specific, prioritized, and actionable data to enable risk management by key personnel, address the root cause of identified deficiencies, and take remedial action. By helping to guide improvements to the underlying operational processes, CFOs will surely affect improvements to the transparency of data, quality of data, and the completeness and accuracy of data, providing greater relevancy of the financial data.

CFOs can begin to lower risk of data entry errors prone to re-work; improve poor processes; remediate ineffective high-risk internal controls through the automation of low-value, manually intensive and repetitive processes with high transaction volumes; and confidently shift valuable resources from manual information gathering and analysis to focus on high-value mission-focused analytics leading to strategic decision making. Operators can also shift resources that are freed-up through gained efficiencies with automation and analytics.

CFOs can provide greater accuracy of the cost to operate an asset, facility, or mission area. They can help identify other, more efficient and effective ways to accomplish their mission or identify areas of decreased operational efficiency and effectiveness necessitating change.

Risk sensing and risk monitoring can also identify external risks to operations, such as potential supply chain disruptions, changes in location and level of operational activity, unexpected maintenance and related trends, and mission scope creep. Each of these risks affect operations and lead to the risk of inaccurate financial reporting that should be considered during the strategic decision-making process.

Using the same foundational pool of data CFOs can employ risk sensing and risk monitoring to lessen the burden associated with data gathering and provide not just descriptive insights, but forward looking, predictive and prescriptive insights to help improve daily decision making and shape tomorrow’s strategies. This meaningful insight can help CFOs create a more efficient and effective governance process, leading to a more nimble organization that’s prepared to effectively respond to changing conditions.

Back to top

Designing and implementing an effective risk sensing and risk monitoring program

Risk sensing and monitoring is flexible enough to allow agencies to focus on the risks and priorities vary based on a number of factors, and so too will the implementation. Risk sensing and risk monitoring allows agencies to identify, prioritize, and manage the risks relevant to their organization and mission. It is valuable at maturity levels of the PP&E lifecycle management program, whether an agency is focusing on establishing an opening balance or is certified under International Organization for Standardization (ISO) 55000.

There are five key stages in designing and implementing a program to meet an agency’s requirements:

Define strategic objectives: Strategic objectives are long-term organizational goals that help to convert a strategy from a broad vision into more specific plans and are supported by identifiable and reliable data sources. Using the organization’s strategic objectives, agencies should establish a risk sensing and risk monitoring vision to guide and focus the strategy.

Identify strategic risks: With strategic objectives in place, an agency should next identify internal and external risks that challenge the organization’s ability to achieve its strategic goals and objectives. Risks should encompass operational, financial, and support functions. For higher risk areas, such as PP&E management, it may be required to conduct a more detailed risk assessment to analyze the efficiency and effectiveness of existing processes, guidance, internal controls, and system usage. This information could then help to define (or update) key processes and the associated risk portfolio as well as establish the agency’s risk appetite and risk tolerance, as appropriate.

Establish observable indicators: For each risk, agencies should identify qualitative and quantitative factors to detect changes, track performance, and predict emerging changes related to strategic objectives that are based upon data modules or existing analytics tools. It is important to align work to the agency’s mission to support strategic objectives and improve stakeholder engagement, and focus on material items and risks across the PP&E lifecycle for each line of business. Each objective should have identified risk thresholds for action and consider the agency’s risk tolerance.

Conduct sensing and monitoring: With a process in place, agencies should begin to establish a process to actively sense and monitor indicators that alert management and signal the need for further assessment and decision making when indicators move outside established parameters. Effective programs benefit from executive level dashboards to support oversight paired with tailored, detailed reports providing relevant and actionable data, which allow key personnel to respond to events. Correct, relevant, and actionable data allows key personnel to investigate and resolve specific events, identify poor processes and ineffective internal controls for remediation, and ultimately support financial reporting and accounting requirements.

Prioritize process improvements: Once monitoring is in place and providing relevant and actionable data, executives and program managers can assess the effectiveness of the programs and related compliance. If applicable, agencies should share the relevant data and develop a plan to identify and prioritize desired improvements to strengthen processes and internal controls to reduce risk and increase efficiencies and effectiveness.

In establishing a risk sensing and risk monitoring program, it is important to recognize that many agencies already have a variety of risk management practices in place. Agencies can build on that foundation by incorporating and connecting existing monitoring practices to drastically increase the monitoring value.

Back to top

Taking advantage of new risk sensing and risk monitoring advancements

Effectively managing, accounting for, and reporting on PP&E can be complicated and involves a variety of risks. Federal CFOs can use risk sensing and risk management to help reduce unnecessary work and strengthen mission performance. By focusing on operational risks, CFOs can identify and address the root causes of their various financial risks to improve the effectiveness and efficiency of their accounting and financial reporting, and to help better protect and preserve critical agency PP&E.

The benefits of risk sensing and risk monitoring goes well beyond improved financial reporting to positively impact mission execution and help determine strategies vital to an agency’s future operational performance. With effective risk monitoring in place, organizations can begin to prioritize and address known risks, improve internal controls, and continuously improve business practices across the organization. CFOs can help to more efficiently and effectively identify, prioritize, and address emerging risks (importantly, those caused by operational changes); incorporate correct and relevant financial information to support strategic decisions; reinforce alignment of business lines; provide timely feedback of the effectiveness of internal controls; and provide data to support budget development with a focus on mission execution and agency success.

Back to top