The IASB has defined SME’s as entities that publish general purpose financial statements for external users and do not have public accountability.  Most private companies in the United States will fit into this category although certain entities such as banks, insurance companies, and brokers and dealers are specifically excluded.  Over the next few years, we expect more private companies to begin the transition from US GAAP to IFRS for SME’s, particularly those who may be owned by foreign entities or a supplier to foreign companies (some private companies have already adopted full IFRS).  One significant factor as to the transition period will be how quickly financial statement users of private companies, such as lending institutions and investment bankers, accept IFRS for SME’s as an acceptable method of accounting.  The AICPA has already recognized the IASB and IFRS as generally accepted accounting principles, but it may be longer before financial statement users are ready for that change.

Although the exact timing is still uncertain, it appears likely that all companies will ultimately be required to adopt some form of IFRS, either the full IFRS or IFRS for SME’s.

Have you begun the process of understanding IFRS (or IFRS for SME’s) and how these new standards may impact your significant accounting processes, information systems, and financial reporting requirements?

A quote that stuck out to me was, “there is no shortage of guidance to explain what ERM is and how to implement it, though most of this information is written for risk and control specialists. To succeed, ERM efforts need to include people with other priorities.”

Getting buy-in from management is a top roadblock to successfully implementing an ERM program – or at least to implementing an ERM program that won’t fizzle out quickly. Fortunately, as noted above, there is a multitude of documentation on the concept and benefits of ERM…. and in a later post, I’ll identify the most relatable ways to talk about ERM with management.

After some quick web searching, I found this interesting article on the difference between ERM and GRC.

In it’s simplest form, the difference is simply in their names. ERM includes identifying risk appetite, assessing risk, integrating risk management in daily decisions, and monitoring risks. GRC is an umbrella philosophy that includes risk management, governance, and compliance. GRC may include ERM as the methodology of managing risk, but it may not. If an ERM program is linked to governance and risk, then it might transition into a true GRC program.

There is certainly more to ERM and GRC programs, but that is the nuts and bolts difference between the two.

Are you interested in implementing ERM or GRC programs successfully?  If you’ve already implemented these programs at your organization – what pitfalls have you faced?  What success stories do you have?”