Meanwhile, in the Senate, the Democrats held their own, gaining one seat and defying the typical midterm losses seen by the party in control of the White House. Their new 51-49 majority will give Senate Majority Leader Chuck Schumer, D-N.Y., a modestly larger margin both in committees and on the Senate floor. It also will mean that Vice President Kamala Harris will be called to the Senate less often to break any 50-50 ties.
The change in control of the House and a newly divided government will radically shift the policy priorities and political landscape in Washington D.C. for the next two years. What does this new political dynamic mean for internal auditors as new members of Congress are sworn in, committee assignments are finalized, and the 2024 presidential campaign is already showing early signs of starting? Here are five major issues that U.S. lawmakers will tackle in the coming months that may impact the internal audit profession.
In the last Congress, many lawmakers sought to bring greater clarity to unregulated cryptocurrency markets and enact legislation to better protect crypto investors. Several bills were introduced, including a bipartisan proposal by Sens. Debbie Stabenow, D-Mich., and John Boozman, R-Ark., the chair and ranking member of the Senate Agriculture Committee, respectively.
One ongoing point of contention among crypto advocates has been who should regulate cryptocurrencies. The Stabenow-Boozman bill would give that power to the Commodities Futures Trading Commission. Conversely, some lawmakers would prefer to empower the Securities and Exchange Commission with that authority, and SEC Chair Gary Gensler has already aggressively pursued enforcement actions and sued several companies under the theory that certain cryptocurrencies are securities.
On Nov. 11, the entire political debate over crypto oversight was radically upended by the massive bankruptcy of cryptocurrency exchange FTX. The exchange, lacking internal controls and fundamental accounting processes, left more than one million customers without access to their assets and a long list of creditors with unpaid debts estimated to exceed $3.1 billion.
FTX co-founder Sam Bankman-Fried was arrested in December in the Bahamas, and faces eight U.S. federal criminal charges, including wire and securities fraud and money laundering. New CEO John Ray III, who took over after the bankruptcy, called the company’s implosion “a complete failure of corporate controls and … a complete absence of trustworthy information.”
On Dec. 5, IIA President and CEO Anthony Pugliese wrote to congressional leaders pointing out the critical role internal audit could have played in identifying and mitigating material risks at FTX, thereby protecting investors and customers. In his letter, he called for Congress to enact legislation requiring crypto exchanges operating in the U.S. to possess a “sufficiently resourced and highly qualified internal audit function.” Moreover, such legislation should require senior management of those exchanges to certify that their exchanges’ “internal controls are adequate and appropriate based on an independent internal audit assessment,” he wrote.
Lawmakers held three hearings on FTX in December, and more hearings and efforts to pass legislation protecting crypto investors are expected in 2023. The IIA will continue to push for internal audit-based protections.
Data privacy legislation has been one of the few areas of bipartisan consensus in the last few years that significantly increases the chances for legislative action in the new Congress. One recent bill, the American Data Privacy and Protection Act, is championed by outgoing House Energy and Commerce Committee Chair Frank Pallone, D-N.J., and ranking member Cathy McMorris Rodgers, R-Wash. The legislation would establish a uniform, national privacy standard for the first time and add safeguards to how consumers’ data is managed and shared. The bill passed out of the House Energy and Commerce Committee in July 2022 by a 53-2 vote.
Despite the momentum from the committee vote, the proposal never made it to the House floor last year because of a provision in the bill that would preempt existing state privacy laws. Outgoing House Speaker Nancy Pelosi did not want to overrule the privacy protections in a law enacted in her home state of California.
However, with Pelosi no longer in a position to decide what bills come before the House, proponents of the bill say its chances for floor consideration have improved considerably this year. That is especially true as both Democrats and Republicans look for a few issues of bipartisan consensus they can tout to voters.
While last year’s bill does not mention internal audit, The IIA’s Advocacy team in Washington will be talking to lawmakers this year about the need to provide objective assurance around large data holders’ internal controls over customer data (see “Advocates for Auditors” on this page).