On Monday, March 26, Senate Bill 402, The Enhanced Investment Authority Act, passed a floor vote of the Georgia House of Representatives.  The bill has now passed both chambers of the General Assembly.  It will go to Conference for consideration of  minor language differences prior to being presented to the Governor for signature.  As previously reported, this bill, soon to be an Act of Law, will allow large retirement systems to invest in certain types of “alternative investments” with limitations on the allocation relative to the aggregate of the committed and invested amounts.  You can see the full text of the bill, as passed by the House and Senate, on our website in the section “The News.”  We will have several sessions on alternative investing at our conference in September.  If you have any comments regarding the bill, or anything here on the website, please send your comments to This e-mail address is being protected from spambots. You need JavaScript enabled to view it .”

Last Thursday, on February 16, the Senate Retirement Committee unanimously passed out of committee SB 402, “The Enhanced Investment Authority Act.”  This bill, which now goes to the Senate floor, provides the authority for all large retirement systems, except TRS, to invest in non-traditional assets such as venture capital, private equity, and private debt instruments through pooled funds and direct offerings.  Pension funds will be limited to committing 1% of total assets per year and capped at 5% of total assets invested.  We will try  to keep you apprised of the bill’s progress through the entirety of the General Assembly and if successful, signage into law.

Government Affairs Committee

Report from the Government Affairs Committee:

The General Assembly Session convened on January 9th, and to date, we have had two House Retirement Committee meetings and one Senate Retirement Committee meeting.  The bills considered thus far have been plan specific with the exception of HB 293, HB 297, and HB 308.  HB 293 includes in the definition of fiscal impact any change to a public retirement system that grants or allows the purchase of an insurable interest in its participants.  HB 293 effectively prohibits a public retirement system from expending or obligating funds to purchase life insurance on its members unless the member's estate or beneficiary is designated by the member.  HB 308 further defines the duties of a board of trustees to be consistent with those of common law when not inconsistent with Title 47.  HB 308 came about last year when we raised the issue that Title 47 does not contain a standard of prudence to guide and protect trustees in the performance of their duties as fiduciaries.  There is more to come on this issue.  All three bills passed through the Committees unanimously.

We have engaged the Office of the State Auditor regarding the issue of whether a biennial actuarial study is required (47-1-3,4) or a triennial study is required (47-20-21).  This has opened the question of what constitutes a "public" retirement system and a "legislatively controlled" retirement system.  We will seek some answers and, perhaps in time, some Code clarifications that will serve all of us well.

Signed:

Your Government Affairs Committee"

How The New SSAE 16 Will Help You Assess the Quality of Your Service Partners

By Bradley K. Rinsem
President & Chief Executive Officer, Salem Trust Company

For 19 years, the standard for service company monitoring has been the Statement on Auditing Standards No. 70, usually just called SAS 70, developed by the American Institute of Certified Public Accountants (AICPA). After June 15, 2011, The SAS 70 will no longer be used.

By June 15, U.S. auditors who review risk management controls for service companies that have an impact on your financial reporting will have transitioned to a new standard. The result will include a comprehensive report authored by the service provider which will provide detail on how they operate. The new standard developed by AICPA is called the Statement on Standards for Attestation Engagements No.16, Reporting on Controls of a Service Organization, which will likely become known as the SSAE 16.

Why not stay with the SAS 70?
The business climate has substantially changed in the past two decades. Trustees who monitor service company safety and soundness are now asking questions not asked years ago. That is one reason for this change. The SAS 70 was developed, primarily, as a tool for an auditor to examine a service company’s financial statement. Even though the SAS 70 evolved over the years to include descriptions of a company’s risk management controls, the SSAE 16 will furnish a comprehensive system description detailing what the company does and how it does it, and will require the company’s management to formally certify this description. This internal assertion changes the nature of the accompanying auditor’s report from a financial audit to a formal confirmation of management’s assertion.

SSAE 16 is also consistent with the recommendations of the International Federation of Accountants. Even though our SAS 70 was looked at by much of the world as the gold standard, it nevertheless was not adopted universally. The SSAE 16, although designed for U.S. companies, will mesh with the standards adopted by foreign nations, which will greatly promote your understanding of a U.S. company’s operation which has outsourced operations to foreign companies.

Some changes to look for:
The new standard will promote a greater understanding of a company’s purpose, how it operates, how it communicates and how it manages risks to itself and its clients. Although companies may have listed risk management controls in their SAS 70s, now all service organizations will be describing them in greater detail.

You will be provided with a comprehensive description of the company, including how it processes client transactions, and how these transactions are authorized, recorded and corrected. This is the description for which the company will provide a signed assertion by management plus an attestation by the external auditor. This description can be seen as an expanded version of the controls described by the SAS 70.

The SSAE 16 will require a description of how client reports are prepared, and will describe the processes by which information is provided. Anything of relevance to concern the trustee or other evaluator of a service partner who has an effect on your financial well-being should be disclosed, described and evaluated by this new report.

Is this change for the best?
I think that the majority of financial service providers, such as the company I work for, operate with absolute integrity toward their clients. This new reporting standard gives you the opportunity to see what goes on behind the scenes in these environments, and evaluate their safety and soundness with your own judgment.

Transparency is a key ethic that I have insisted on during my entire career. There is no such thing as a little honesty. You are either honest, or you are not. And if you are indeed honest, you will welcome every chance to be examined by an independent assessor, and by your clients. In my opinion, the new SSAE 16 will be an opportunity for companies who have worked hard over the years at risk management to show their clients how their resources are being used, and why.

The financial services industry is being scrutinized to a level never before known. On the heels of scrutiny comes talk of further regulation. I’m not opposed to regulation, but I also think that is for the best that, instead of more regulation for the sake of regulation, we instead ask the end users of financial services to better understand the risks and controls inherent in the service providers they employ. By that method, if trustees or plan officials begin demanding greater degrees of risk management, more companies will adopt stricter risk management controls in order to meet pubic demand. So, yes, I think this reporting change is a step in the right direction and will promote greater understanding of vital internal operations that may always not be apparent to the end user.