May 2020 Articles - Suits the C-Suite | SGV & Co. | EY

25 May 2020

Philip B. Casanova and Nathaniel F. Dizon

Stay safe! Cybersecurity during COVID-19

The COVID-19 pandemic has forced a majority of companies to promote work from home (WFH) arrangements. What used to be considered a benefit to improve employee work-life balance is now the new normal for most companies as a safety measure against coronavirus infection. While some companies have proven to be technologically well-equipped for WFH arrangements, unfortunately, many are also not ready. The ill-equipped are once again the targets of cyber threat actors. These insidious groups know very well the meaning of Winston Churchill’s words, “Never let a good crisis go to waste” and they will take advantage of the seemingly chaotic situation. They are even more active now due to three reasons: weakened corporate cybersecurity controls, taking advantage of FUD (Fear, Uncertainty and Doubt), and heightened use of technology. WEAKENED CORPORATE CYBERSECURITY Some companies are loosening, bypassing, or simply turning off cybersecurity controls in order to allow employees to access company systems while at home. They are turning off their secure remote network access controls (i.e., Virtual Private Networks and token authentication) because they only have a fraction of the licenses to accommodate the employees working from home or remote locations. In this scenario, the only protection the company has is a text password which could be eventually guessed by cyber threat actors. Critical security patches and updates may not be installed on employees’ computers in time, if at all. The deployment of these security patches is typically done from a central server in the company’s network. It’s easier to deploy the security patch in the office since the network speed is usually fast. However, in most cases, the security patch will be hard to deploy through the narrow bandwidth of the employee’s home Internet connection. This means that many of these unpatched company computers are left vulnerable to cyber threat actors while connected to the Internet. There will also be employees who will try to disable or bypass the company security controls in their laptops in order to install unauthorized software or access restricted websites. This action leads to inviting a wide range of malware to infect the computer (e.g., keyboard stroke loggers, audio/video recorder, or ransomware). TAKING ADVANTAGE OF FUD Cyber threat actors are also using the current atmosphere of Fear, Uncertainty, and Doubt for unjust monetary gain. They are using COVID-19 to target both people and companies with carefully crafted phishing messages. Many of the phishing campaigns currently in progress have frequently been related to groups specializing in ransomware attacks. The current crisis has led people to be more curious about the virus and what’s happening, especially in their communities. Sophisticated phishing emails and malicious websites now abound to exploit this knowing that somebody who wants to stay updated on the pandemic will eventually make that “click” and compromise his or her computer. HEIGHTENED USE OF TECHNOLOGY The use of technology and the Internet is unprecedented at this time. One can really just stay at home to purchase goods, pay bills, or watch a movie with just a few clicks. There is a rise in the usage of video conferencing and online banking systems. Almost immediately, new fake domains have been set up to mimic these systems. Moreover, malicious executable files were also quickly developed around these popular systems with the goal of making people install malware onto their devices to harvest usernames and passwords, among others. STAY SAFE! “Stay Safe” is now a common expression when ending a conversation. Similar to all the precautions that we take to keep the COVID-19 from infecting us, we must do the same for our technology. To help mitigate the risks, consider some recommendations from the article of EY’s Global Advisory Cybersecurity Leader, Kris Lovejoy, “Seven ways to keep ahead of cyber attackers during COVID-19.” 1. Understand your company’s remote connectivity and authentication capabilities. Be mindful of potential workarounds which employees might be using to do their work and keep in mind insecure use of these technologies is the easiest path for an attacker. 2. Assess and implement new security analytics models to account for privileged activity and use of new administrative tools and services (i.e., system administrator’s activities). 3. Review your current e-mail security controls and take into consideration current remote workforce conditions. Utilize current controls provided by your e-mail provider to the fullest before looking to purchase additional services or technologies. 4. Assess the current visibility of assets (i.e., computers) and network traffic to identify what has changed due to workforce relocation. 5. Update and test your incident response and disaster recovery plans to ensure they are applicable to the current state of your workforce. Update your external incident response provider and consider an additional external provider if a more appropriate response time is needed. 6. Test the ability to recover from your backups in a timely manner with a keen eye to ensuring that your organization is backing up all the data it needs in a format that is accessible yet secure to prevent both explicit or inadvertent tampering or corruption. 7. Review, update and recommunicate cybersecurity training to all employees. Ensure that the latest threats to your organization and employees are highlighted. The unprecedented scale of global disruption caused by the COVID-19 pandemic has wrought significant paradigm shifts in nearly every sector and aspect of society. However, companies that take decisive action to deal with the situation now, create contingencies for what happens next, and proactively plan for the world beyond the pandemic will have better chances to survive and thrive in the new normal. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co. Philip B. Casanova is an Advisory Partner and Nathaniel F. Dizon is a Manager of SGV & Co.

18 May 2020

Smith Lim

Short-term financial management for COVID-19

May 18, 2020COVID-19 is generating unprecedented levels of challenges in company ecosystems — including supply chains, customer demand, strategic planning and operations, and liquidity — alongside high levels of uncertainty and volatility. Given this, it has become more essential than ever for companies to focus on short-term financial management as part of their overall business continuity plans. This article discusses methods of short-term financial management, specifically (1) generating cash and protecting liquidity; (2) preserving working capital; and (3) creditor and debt management. GENERATING CASH AND PROTECTING LIQUIDITY To generate cash and protect liquidity, companies can look into cash reserves in subsidiaries and business units, as well as ways to repatriate said cash to areas of the business where it is most needed. Untapped loan facilities and other lines of credit are also options, but these require communication with lenders to confirm availability given these challenging times. Liquidating short-term securities and other non-essential assets can also be a source of cash. However, care must be taken as to which assets to sell, given the current all-time low in asset valuations. Government stimulus funds and moratoriums on payment of certain bills can also help companies stay afloat. Similarly, insurance claims specifically for business interruptions should be explored. However, given insurers’ recent experience with SARS and MERS, it should be noted that some insurance contracts may include specific exclusions on pandemics or epidemics. Even so, the cash generation exercise should not be short-lived, given the continuing uncertainty of the COVID-19 situation. Companies need to identify and sequence longer-term cash sources and maintain discipline to perform daily cash tracking, cash flow planning, and determining liquidity strategies. These longer-term cash sources can involve identifying alternative revenue sources for the company and looking at areas within the business where costs can be further optimized. PRESERVING WORKING CAPITAL Another area that needs to be managed is how to preserve the company’s working capital reserves. This requires looking into the three aspects of working capital: suppliers (payables), customers (receivables), and inventories. Delaying payments to suppliers is one possible way to manage working capital. However, care must be taken to distinguish which suppliers are considered essential and non-essential for business continuity. In the case of essential suppliers, open, clear, and transparent communication is key. Companies cannot unilaterally decide to delay all outstanding payments when such payments may make or break key supplier relationships in these challenging times and further worsen the state of an already troubled supply chain. For businesses that have healthy financials, the situation may present a potential opportunity to re-negotiate more favorable payment terms. Our present situation requires company customer relationship management teams to be more proactive with customers. One approach is for companies to offer discounts on receivables to accelerate payment. As with suppliers, this situation presents an opportunity to re-negotiate pricing and payment terms for existing contracts with customers while taking into consideration their respective financial health. It is crucial to establish better levels of communication with existing customers to establish stronger relationships and generate longer term value that benefits both parties. In the case of inventory, the general tendency is for companies to liquidate excess inventory to generate as much cash as possible. However, care should be taken given the uncertainty of the pandemic in terms of reliability of the supply chain. There may actually be a need to increase the amount of inventory at hand to decrease the risk of shortages and further damaging customer relationships. Companies will need to reassess their traditional assumptions on economic order quantity and optimal inventory levels, among others. CREDITOR AND DEBT MANAGEMENT In the wake of disruption brought about by COVID-19, company short and long-term cash flow forecasts will need to be taken into account and reassessed to determine the likelihood of breaching any debt covenants, as well as the potential inability to service debts as they come due. Scenario planning and analysis should be considered when forecasting said cash flows, while aggressive, base, and conservative (ABC) assumptions must be developed to take into account indeterminate factors. As an example, “aggressive” can assume fast recovery post-COVID (V-shaped), “base” can assume slower recovery post-COVID (U-shaped), and “conservative” can assume a prolonged impact of COVID (L-shaped). It will be best for companies to be proactive when it comes to discussions with lenders, who will especially appreciate transparency as key stakeholders in the business. Practicing transparency may even open doors to negotiating for better terms or even additional facilities. This is, of course, provided that the negotiating company can clearly prove that they have robust financial management plans in place, and have substantial, well-thought out assessments of how COVID-19 has impacted them. STAYING ONE STEP AHEAD COVID-19 continues to present unique challenges for companies today, dampening demand while simultaneously disrupting supply. Staying one step ahead and being proactive in short-term financial management as well as long-term value creation will allow companies to emerge stronger and wiser after this global crisis comes to pass. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co. Smith Lim is a Senior Director from the Transaction Advisory Services of SGV & Co.

11 May 2020

Maria Kathrina S. Macaisa

Strengthening today’s supply chains for tomorrow

Ever since the World Health Organization (WHO) declared the global COVID-19 outbreak a pandemic on March 11, nearly every country has been hard-pressed to contain the spread of the coronavirus. The global economic turmoil caused by the rapid spread of COVID-19 has significantly impacted businesses and industries — in particular, their supply chains. Many companies were shut down while others had to ramp up to deal with panic-buying of essential goods. Many companies struggled to read and plan for demand, with panic-buying and inadequate supply altering consumer buying behaviors and patterns. Manufacturers in Luzon also struggled to maintain staffing and output under social distancing and the enhanced community quarantine (ECQ) rules. Many enterprises experienced the disruption of their distribution and logistics due to the resulting lockdown. These conditions were experienced by all companies, from small third-tier suppliers to billion-dollar conglomerates, with the likelihood that many will not recover for years to come. The lockdown struck various industries, but not all to the same extent. Industries such as automotive, tourism, consumer goods, electronics and retail in particular have been profoundly affected by the ECQ. Car manufacturers, for example, had to shut down their factories due to their suppliers’ inability to deliver critical components. While there are efforts to revisit and identify new suppliers, preventive measures such as maintaining multi-tier relationships with vendors and alternative providers could have helped companies minimize the impact and maintain a minimal level of utilization or productivity in their manufacturing lines. The tourism sector was also severely affected with the government expecting roughly 30,000 to 60,000 jobs lost due to travel restrictions. Consumer goods firms, on the other hand, have had to modify their demand forecasting because prior sales history is no longer an effective predictor of future sales considering the abrupt market shift. Retail companies have also had to revisit their omnichannel strategy, as the demand shifts to online purchases from bricks and mortar stores which were shuttered by the lockdown, or, even if still open, affected by social distancing rules. Business leaders must take bold action to manage their supply chains, and they must realize that understanding and planning for disruption is more critical than ever. How business leaders combat the current disruption will have a direct follow-on effect on their companies’ performance. This challenges business leaders to provide well-thought-out and agile solutions for their current supply chain while avoiding any adverse impact on their future supply chain. Based on the developments from this pandemic, coupled with learnings from past disruptive events, this article lists key considerations to help companies build a resilient supply chain. END-TO-END SUPPLY CHAIN RISK ASSESSMENTS As companies address the new normal, proactive engagement and strategic partnerships with supply chain ecosystem partners are vital. Regular checks must identify changing demand and inventory levels to locate critical gaps in supply, production capacity, warehousing and transportation. These should then be further synthesized to create an outcome-driven resiliency strategy with the aim of efficiently and effectively leveraging additional networks within the pool of production and distribution networks of various suppliers. A real-time supply chain risk intelligence system should also be in place to provide early warning in case of potential and pervasive disruption to the supply chain. ROBUST RISK MANAGEMENT AND DIVERSIFIED SUPPLIER NETWORK Enterprises should map out supply chain networks from end consumers to tier-N suppliers. Firms should establish a methodology to measure risk for each supply chain node/arc-like channel, warehouse, factory, supplier, or transportation mode. DIGITAL AND AUTOMATED MANUFACTURING CAPABILITY Several manufacturers are now looking at leveraging automation and Internet of Things (IoT) solutions for smart manufacturing operations to mitigate reliance on labor-intensive processes. While companies in the Philippines tend to take advantage of low labor costs, manufacturers should balance labor and manufacturing productivity needs in case of disruption. A strong manufacturing excellence program enabled by digital technology can allow the standardization of daily work and job aids, relieving the pressure of relying on specific individuals to maintain operational performance. IoT capabilities can help foster a digital ecosystem of connected systems providing users with relevant and updated data to make the most informed decision at any given time. Automated manufacturing capabilities will also enable a company to run a manufacturing operation using interchangeable personnel while reducing labor requirements. EVALUATE AND ADJUST PROCUREMENT CATEGORY STRATEGIC PRIORITIES Procurement should be transformed into a value-generation function through timely reviews and adjustments to category strategic priorities, defining new business relationships with suppliers to meet the company’s overall supply chain objectives. An agile procurement operations system enabled by various technologies and factoring in category strategic priorities across variables such as cost, quality, delivery, innovation, etc. will also help drive resiliency. Companies can introduce digital procurement technologies to benefit from supplier social networks. Implementing such networks in sourcing and in supplier lifecycle management can strengthen sourcing capability and collaboration under challenging circumstances. MORE COLLABORATIVE AND AGILE PLANNING AND FULFILLMENT CAPABILITY The art-of-possible concept today in technologies that can bring more agility and collaboration within the enterprise as well as across business partners is endless. IoT devices for demand sensing and goods movement tracking to advanced forecasting solutions and social media demand behavior monitoring are heavily impacting how companies understand demand signals and how quickly they can react to them. These capabilities are extremely important for business performance even in normal business conditions and they increase the supply chain resilience during challenging events like the pandemic. BUILDING A RESILIENT SUPPLY CHAIN The pandemic has inevitably caused disruption in all sectors, with various degrees of impact. Through the chaos of recovery, it will be very easy to overlook the root causes and gaps within a supply chain that may have paralyzed businesses during this unprecedented global event. However, it is time for companies to rapidly assess, recover, and respond quickly through numerous obstacles and challenges that remain, as building towards a resilient supply chain will be at the epicenter of future discussions for years to come. This article is for general information only and is not a substitute for professional advice the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co. Maria Kathrina S. Macaisa is a Partner from the Performance Improvement Service Line of SGV & Co.

04 May 2020

Rosalie T. Lapuz

Annual reporting despite business interruptions

“Gradually and then suddenly” was how Ernest Hemingway described going bankrupt in The Sun Also Rises and the description seems to apply to the global response to COVID-19. The Securities and Exchange Commission’s (SEC) response also follows this pattern, making adjustments over a short period to address the effects of the Enhanced Community Quarantine (ECQ) on annual reporting. The SEC originally issued SEC Memorandum Circular No. 2 on Jan. 21, setting the period between April 20 and May 22 as the deadline for companies whose fiscal year ended on Dec. 31 to file their Annual Financial Statements (AFS). Companies whose fiscal year ends on a date other than Dec. 31 have a filing date of 120 calendar days from the end of their fiscal year. General Information Sheets (GISs), on the other hand, should be filed within 30 calendar days from the following dates based on the type of the corporation: a) Stock Corporations: date of actual annual stockholders’ meeting b) Non-Stock Corporations: date of actual annual members’ meeting c) Foreign Corporations: anniversary date of the issuance of the SEC License However, after the President declared a state of public health emergency, the SEC issued on March 12 SEC Memorandum Circular (MC) No. 5, Series of 2020 extending the filing of 2019 Annual Reports (ARs) as well as the applicable Quarterly Reports for 2020 and 2019 AFS. AR AND AFS DEADLINE EXTENSION Invoking its regulatory power under Sec. 5.1(g) of the Securities Regulation Code (SRC) and Sec. 179 (o) of the Revised Corporation Code (RCC), the SEC granted affected companies an extension, without penalty, to submit their ARs and/or AFS for the period ended Dec. 31. a) Companies with domestic operations only: until June 30 b) Companies with domestic and foreign operations: until June 30 or 60 days from the date of lifting of travel restrictions/ban by the authorities (whichever comes later). The extension is subject to the submission of a written request, confirmation and continuous observance of disclosure obligations for affected publicly-listed and non-publicly listed corporations. On March 18, two days following President Duterte’s ECQ declaration, the SEC issued a notice further relaxing the requirements for extension requests by dispensing with documents such as the sworn certification by the company’s President and Treasurer confirming that (1) its financial year-end is Dec. 31; (2) it has significant business operations or significant subsidiaries in areas/countries/territories affected by COVID-19, and (3) the preparation of AFS and timely completion of statutory audit of the company’s FS has been affected by travel restrictions, temporary suspension of business operations and/or measures imposed by the authorities or companies in response to COVID-19. The sworn certification by the company’s external auditor confirming 2 and 3 was also dispensed with. Instead, affected publicly listed corporations now need to submit the following requirements to avail of the extension: a) Upload SEC Form 17-LC (announced on April 8) via PSE Edge not later than five days before the regular filing deadline; b) Continuous observance of disclosure obligations under Republic Act No. 8799 or the Securities Regulation Code, and Philippine Stock Exchange’s Consolidated Listing and Disclosure Rules; and c) Indicative date to convene the Annual Stockholders’ Meeting. AR, AFS AND GIS FILING GUIDELINES Corporations whose preparation of financial statements or completion of statutory audits are not affected by the COVID-19 outbreak must file their ARs and/or AFS for the year ended 31 December 2019 within the periods prescribed under existing rules and regulations. Companies with fiscal years ending Nov. 30 also receive a similar extension. On March 18, the SEC issued SEC MC No. 09-2020, which provided the guidelines for the filing of the GIS during the COVID-19 outbreak and ECQ. a) If a company holds its Election of Directors, Trustees and Officers, the company must submit its GIS within 30 days from the actual meeting to designated channels. Companies are also required to submit printed copies within 30 calendar days from lifting of the ECQ. b) If the Annual Meeting and Election of Directors or Officers is not held due to COVID-19 health and safety reasons and the corporation has no remote communication facilities, the company reports the same to the SEC through a notice within 30 days from the original meeting date. The report should include a new date for election that is 60 days from the originally scheduled date. c) If the Annual Meeting of Election of Directors, Trustees or Officers is not held due to other causes, the company reports the same to the SEC within 30 days from the original meeting date, including a new date for election no later than 60 days from the originally scheduled date. d) If an election initially reported as not held due to COVID-19 precautionary reasons is verified as unrelated to COVID-19 upon application of a stockholder, member, director, or trustee, the same may nevertheless be considered as a non-holding of election due to other causes. e) If a company does not justify the non-holding of an election under the current circumstances, the SEC issues an order directing a notice stating the time and place of the election in accordance with Section 25 of the RCC. f) Companies will submit reports relating to the non-holding of annual meetings due to COVID-19 precautionary reasons and due to other causes to the SEC. g) Companies will report results of the election of directors, trustees, or officers subsequent to the report of non-holding of an election meeting for COVID-19 reasons and other causes, and which is held outside the covered period, to the SEC through a GIS submission within 30 days from the date of the actual election meeting. The GIS submitted pursuant to this paragraph is subject to penalty. In addition, in MC No. 10-2020 issued March 20, the SEC allowed the filing of the AFS, GIS and other general and special forms and letters through e-mail as long as the documents are in PDF format with electronic signatures. These e-mails must be sent as MIME (Multipurpose Internet Mail Extensions) from a valid company e-mail account or address of an authorized representative and include a declaration of authenticity, a commitment to submit physical copies after the ECQ is lifted, and a request for Return Receipt and Delivery Status Notification. The AFS and GIS may not be notarized. E-mails sent between 8 a.m. to 5 p.m. on a regular workday shall be considered filed within the day they were sent. ADAPTING TO UNCERTAIN TIMES After SEC MC No. 09-2020 comes into force, and upon evaluation of ongoing developments relative to COVID-19 and the ECQ, the SEC may further extend the covered period provided as deemed necessary. Given the current challenging business conditions, the SEC has proven its ability to take timely and decisive action to help businesses cope with their reportorial obligations. Companies, organizations and other regulatory groups that wish to survive and quickly recover after the pandemic would do well to also take purposeful steps of their own, not gradually and suddenly but with a sense of urgency and resoluteness. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co. Rosalie T. Lapuz is a Senior Director from the Business Tax Services Service Line of SGV & Co.

May 2020

Stay safe! Cybersecurity during COVID-19

Short-term financial management for COVID-19

Strengthening today’s supply chains for tomorrow

Annual reporting despite business interruptions

Other SGV News and Publications

SyCip Gorres Velayo & Co. SGV Main Office

Our Locations Where to find us?

From Our Site Helpful Links

SyCip Gorres Velayo & Co. SGV Main Office

Our Locations Where to find us?

From Our Site Helpful Links