Archive for the ‘Corporate Perfomance Management’ category

Why now is the time to adopt Power Bi – ask Synergy Software Systems, Dubai

August 19th, 2022

Power BI innovation never stops. For several years in a row now, it is positioned as a leader in the 2021 Gartner Magic Quadrant for Analytics and Business Intelligence Platforms, furthest to the right for completeness of vision and furthest up in the ability to execute within the Leaders’ quadrant.

The gaps are widening with interactive reports, paginated reports, datasets, dataflows, deployment pipelines, scorecards, dashboards, metrics, data alerts, and much more, and recently announced in public preview, self-service datamarts. No wonder, customers are adopting Power BI at an accelerated pace. Boost Office 365 productivity with Power BI integrated into PowerPoint and Microsoft Teams, connect to data anywhere with hundreds of built-in connectors, leverage industry-leading AI, go quickly from insight to action with the Microsoft Power Platform, and provide best-in-class mobile experiences with Power BI Mobile.

Reports can be mobile friendly, they can be paginated, and you can link into Azure Analysis Services.

Cybercrime update – increasingly scary

June 13th, 2022

According to the recent 2022 Ransomware Trends Report” (Veeam), compiled by surveying 1,000 global IT leaders, paying a ransom for an organization’s hijacked data doesn’t ensure return of the stolen data.   

  • 24 percent of organizations that paid the amount demanded by ransomware attackers ended up not recovering their stolen data.
  • 19 percent of those affected by ransomware were able to recover their data through their own means and without having to pay off the attackers.
  • When data is eventually recovered after remediation through payment, data recovery took an average of 18 days.
  •  (22 percent) reported it took one to two months to fully recover the data,
  • 3 percent said they were down for two to four months.
  • Some time was spent decrypting the encrypted stolen data, but much of the downtime is attributed to deep scans of restored systems to confirm they were “clean” from any ransomware remnants.
  • Backup repositories were targeted 94 percent of the time.
  • Specific production platforms or application types were targeted in 80 percent of successful ransomware attacks, making ransomware prevention not just the duty of IT security
  • Phishing e-mails and malicious links and Web sites continue to be the top (44 percent) ransomware entry points,
  • Infected patches and software are close behind with 41 percent of all ransomware attacks by those surveyed.
  • The remaining entry point sources:
    • Compromised credentials and spraying attacks (35 percent).
    • Insider threats (32 percent).
    • Zero-day vulnerabilities (26 percent).
    • Only 1 percent of those who experienced a ransomware attack were not able to identify the entry point

About 25 years ago a business report indicated that a majority of companies that lost their computer system for more than one week went out of business within 18 months. A sobering thought given our increased dependence on systems in the digital age, and the surge in state sponsored cybercrime.

The 2022 Ransomware Trends Report” indicates that most organizations don’t have the tools or know-how  to recover their hijacked data before they end up paying for their data back.

  • A strong Modern Data Protection strategy requires a commitment to a clear policy that the organization will never pay the ransom, but do everything in its power to prevent, remediate and recover from attacks,.  
  • IT should routinely test their data protection solutions and protocols and ensure that employees are well-versed in spotting possible ransomware attacks.

Veeam credits the improvements in monitoring tools and a concerted effort toward ransomware prevention by many IT shops for the high success in identifying the source of ransomware.

The report finds that.

“This alone should drive broader conversations within IT, so cyber security isn’t just the delegated to the security team; database administrators should also help ensure that database servers are secure and administrators should help ensure hypervisors are patched, that Windows updates are routinely run, etc.,”

How to protect yourself against ransomware

Whether a simple ransomware attack, a double- or triple-extortion attack, a self-contained threat family, or a RaaS attack executed by an affiliate network, the defense strategy is the same: employ the principles of zero trust to limit vulnerabilities, prevent and detect attacks, and limit the blast radius of successful breaches.

 Here are some best practices recommendations to safeguard your organization against ransomware:

  • Get your applications off of the internet. Ransomware actors start their attacks by performing reconnaissance on your environment, looking for vulnerabilities to exploit, and to calibrate their approach. The more applications you have published to the internet, the easier you are to attack.
  • Use a zero trust architecture to secure internal applications, make those invisible to attackers.
  • Enforce a consistent security policy to prevent initial compromise. With a distributed workforce, it is important to implement a security services edge (SSE) architecture that can enforce consistent security policy no matter where your users are working (in office or remotely). 
  • Use sandboxing to detect unknown payloads. Signature-based detection is not enough in the face of rapidly changing ransomware variants and payloads. Protect against unknown and evasive attacks with an inline, AI-powered sandbox that analyzes the behavior rather than the packaging of a file.
  • Implement a zero trust network access (ZTNA) architecture. Implement granular user-to-application and application-to-application segmentation, brokering access using dynamic least-privileged access controls to eliminate lateral movement. This allows you to minimize the data that can be encrypted or stolen, reducing the blast radius of an attack. 
  • Deploy inline data loss prevention. Prevent exfiltration of sensitive information with trust-based data loss prevention tools and policies to thwart double-extortion techniques.
  • Keep software and training up to date. Apply software security patches and conduct regular security awareness employee training to reduce vulnerabilities that can be exploited by cybercriminals.
  • Have a response plan. Prepare for the worst with cyber insurance, a data backup plan, and a response plan as part of your overall business continuity and disaster recovery program.
  • To strengthen defences against ransomware, embrace layered defenses that can disrupt the attack at each stage—from reconnaissance to initial compromise, lateral movement, data theft, and ransomware execution.

The amount of time cyber criminals intruders are spending inside victims’ networks is increasing, providing them with the ability to carry out higher complexity campaigns and more damaging cyber attacks.

According to analysis by cybersecurity researchers at Sophos, who examined incidents targeting organisations around the world and across a wide range of industry sectors, the median dwell time which cyber criminals spend inside compromised networks is now 15 days, up from 11 days the previous year.

The 2022 ThreatLabz State of Ransomware report breaks down a year’s worth of intelligence from a variety of sources, including over 200 Billion daily transactions and 150M daily blocked threats across the Zscaler Zero Trust Exchange, and shows that ransomware is becoming even more attractive to criminals. Attackers are able to wage increasingly profitable campaigns based on three major trends:

  • Supply chain attacks,
  • ransomware-as-a-service ecosystems,
  • multi-extortion tactics.

Ransomware attacks increased by 80% year-over-year, accounting for all ransomware payloads observed in the Zscaler cloud.

  • Double extortion ransomware overall increased by 117%.
  • Manufacturing was the most targeted industry for the second year running, – almost 20% of double-extortion ransomware attacks.

 Some industries saw particularly high growth of double-extortion attacks, including:

  • healthcare (643%),
  • food service (460%),
  • mining (229%),
  • education (225%),
  • media (200%),
  • manufacturing (190%).

Some recent events………

The DeadBolt ransomware started 2022 with attacks that targeted internet-facing Network-Attached Storage (NAS) devices.

  • First target was QNAP Systems, Inc. in January 2022. According to a report from Censys.io, Jan. 26, 2022, out of 130,000 QNAP NAS devices that were potential targets, 4,988 services showed signs of a DeadBolt infection.
  • ASUSTOR, another NAS devices and video surveillance solutions vendor, also experienced DeadBolt ransomware attacks that targeted an unknown number of its devices.
  • In March, DeadBolt attackers again targeted QNAP devices; and  the number of infections reached 1,146 by March 19, 2022.
  • On May 19,2022, QNAP released a product security update stating that internet-connected QNAP devices were again bargeted by DeadBolt, this time aiming at NAS devices using QTS 4.3.6 and QTS 4.4.1.
  • The number of DeadBolt-infected devices is very high for a ransomware family that exclusively targets NAS devices.

LockBit 2.0 is ransomware as a service (RaaS)

  • This first emerged in June 2021 as an upgrade to its predecessor LockBit (aka ABCD Ransomware), which was first observed in September 2019.
  • Since its inception, the LockBit 2.0 RaaS attracted affiliates via recruitment campaigns in underground forums, and thus became particularly prolific during the third quarter of calendar year 2021. The LockBit 2.0 operators claimed to have the fastest encryption software of any active ransomware strain as of June 2021, claiming accordingly that this added to its effectiveness and ability to disrupt the ransomware landscape.

An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it’s only getting bigger.

  • Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful. Just one landing page – out of around 400 Pixm found – got 2.7 million visitors in 2021, and has already tricked 8.5 million viewers into visiting it in 2022.
  • The flow of this phishing campaign isn’t unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account.

The Vice Society ransomware group has claimed responsibility for the recent cyber attack on the city of Palermo in Italy, which has caused a large-scale service outage.

  • The attack occurred last Friday, and all internet-relying services remain unavailable, impacting 1.3 million people and many tourists visiting the city.
  • The authorities admitted the severity of the incident on Monday and explained that all systems had to be taken offline to contain the damage, warning that the outages might last a few more days.

Shields Health Care Group Inc., which provides imaging and ambulatory surgical services at dozens of locations, said in a notice on its website Tuesday that data including names, Social Security numbers, dates of birth, and medical or treatment details is among the information that may have been compromised.

  • The breach has been reported to federal law enforcement and the U.S. Department of Health and Human Services Office for Civil Rights.
    • That agency reported on its website that 2 million people were affected.
    •  An FBI spokesperson said the agency had no comment.

The Cuba ransomware operation has returned to regular operations with a new version of its malware found used in recent attacks.

  • Cuba ransomware’s activity reached a peak in 2021 when it partnered with the Hancitor malware gang for initial access.
  • By the end of the year, it had breached 49 critical infrastructure organizations in the United States.

Russia-Ukraine

The Kremlin-backed cyberattack against satellite communications provider Viasat, which happened an hour before Russia invaded Ukraine, was “one of the biggest cyber events that we have seen, perhaps ever, and certainly in warfare,” according to Dmitri Alperovitch, co-founder of CrowdStrike and chair of security-centric think tank Silverado Policy Accelerator.

  • An obvious purpose of the attack was to  disrupt Ukrainian communications during the invasion, by wiping the modems’ firmware remotely, it also disabled thousands of small-aperture terminals in Ukraine and across Europe.
  •  The attack disrupted satellite connectivity for thousands, and disabled remote monitoring of 5,800 wind turbines in Germany.

The Russia-Ukraine conflict has the world on high alert.

  • Several attacks associated with the Russia-Ukraine conflict, combined multiple tactics, such as HermeticWiper and PartyTicket ransomware.
  • Most of this activity has targeted Ukraine.
  • Government agencies have warned organizations to be prepared for more widespread attacks as the conflict persists.

Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India.

  • The Microsoft Digital Crimes Unit said the gang, dubbed Bohrium, took a particular interest in those working in technology, transportation, government, and education sectors: its members would pretend to be job recruiters to lure marks into running malware on their PCs.
  • “Bohrium actors create fake social media profiles, often posing as recruiters,” said Amy Hogan-Burney, GM of Microsoft’s Digital Crimes Unit. “Once personal information was obtained from the victims, Bohrium sent malicious emails with links that ultimately infected their target’s computers with malware.”

Last month the notorious Russian ransomware gang Conti threatened that if a ransom wasn’t paid it would overthrow Costa Rica’s government.

This month, the Hive ransomware gang hit Costa Rica’s Social Security system, and also struck the country’s public health agency, which had to shut down its computers on Tuesday to prevent the spread of a malware outbreak.

The Costa Rican government said at least 30 of the agency’s servers were infected, and its attempt at shutting down systems to limit damage appears to have been unsuccessful. Hive is asking for $5 million in Bitcoin to unlock infected systems.

As ransomware becomes less profitable or carries a higher risk for attackers It is logical for ransomware actors to eventually convert their operations to business email compromise (BEC) attacks.

In the US, the Federal Bureau of Investigation has repeatedly found that total money stolen in BEC scams far exceeds that pilfered in ransomware attacks—though ransomware attacks can be more visible and cause more disruption and associated losses.

The newer Industrial Spy group is applying greater pressure on victims by hacking their websites to display ransom notes.

The Canadian Department of National Defence confirmed recently that a key supplier – CMC Electronics  a key supplier to a critical defence initiative.–  reported that they were victim of a ransomware attack.

  • CMC makes cockpit systems integration, avionics, display solutions, and high-performance microelectronics for military and commercial aircraft.
  • It was recently selected to supply the avionics and software applications for the Royal Canadian Air Force’s new Calidus B-250 turboprop light attack combat and training aircraft
  • It was reportedly attacked by a gang calling itself AlphV. The FBI say the gang also operate under the name BlackCat. and had compromised over 60 organizations worldwide as of March of this year.

Power Apps April release wave 1 2022 for Model-driven apps

March 12th, 2022

The Power Apps April release wave 1 for Model-driven apps is now available for you to take advantage of. In this release wave you can take advantage of cohesive and modern experiences while collaborating with team members in Power Apps.

Collaboration with colleagues and task productivity is more important than ever before for business users.   These are two main focuses of the Wave 1 release, and we have several features you can opt into in order to streamline productivity.

Task productivity updates include:

  • Modern Power Apps grid and view pages have been enhanced and will be auto enabled during this wave

Opt-In Updates:

  • Modern Advanced Find allows users to access any table and use advanced filters to explore data
  • Users can be alerted to key items to address, which makes them more likely to be successful leveraging In App Notifications

Collaboration opt-in updates include:

  • See colleagues who are currently working on the record and easily start chats with them
  • See on-line status of colleagues in-app and easily start chats with them via improved people card
  • Easily share links to records with colleagues

Task Productivity

Power Apps grid

Model-driven apps are first to feature the new Power Apps grid, a new read-only grid control, both inside the view page and inside forms (sub-grids). The new grid control follows Microsoft Accessibility Standard and will be auto enabled as part of this wave release.

In addition to improved performance, the new control supports:

  • Remembering grid view settings across the session
  • Ability to resize columns
  • Ability to reorder columns (via column options UI)

The grid view page in Model-driven apps now features column options settings that let app users customize which columns are shown in the grid. Additional text make sit easy for your end users to discover this capability.

With this feature, users can:

  • Add new columns, from current or related tables.
  • Remove columns.
  • Change the order of columns in the grid

When the grid is auto enabled with this release, the classic jump bar experience is disabled by default, but can be enabled.  Infinite scrolling will be an option in future waves. To opt out of the new Power Apps read-only grid control, the Power Platform Admin Center to toggle the “Enable the modern-read only grid experience” switch under the “Grids and views” section.

Modern Advanced Find

With modern advanced find, you can access any table in a model-driven app through search and use advanced filters to explore the data easily. The new view management experience will provide you with options to share views so you can collaborate with your team easily. Managing views is simpler with personalization options to build your own set of views.

In App Notifications are Generally Available starting in April 2022

The in-app notification feature that was announced for public preview July 2021 with Model-driven app adds in-app notifications will reach general availability in April 2022. A maker can opt-in to this feature using the modern app designer preview.  Open the settings > Upcoming features and then enable “In-app notifications”.

Multiplayer App Collaboration

Co-presence in records and Owner field online presence

Now you can see who’s currently working on a record including their online status. You can also start a chat or send them an email and take collaboration to the next level.  This feature is currently available on the Account, Case, Opportunity, and Contact tables.

Avatar and on-line availability of colleagues is immediately obvious in the UI with the new persona card shown in the form owner field, lookups and grids. Click on the avatar to expose the improved contact card to start a chat or email.

Easy record sharing

Share records as easy as Office documents. Use the new share button to email a link or copy the link and share it with someone else. A link to the record can only be shared with users who have permissions to access the record currently, but we are working on expanding this in the future.

Get started today by opting your environment into the 2022 April Release Wave 1, learn how ( https://docs.microsoft.com/power-platform/admin/opt-in-early-access-updates  ).

U.A.E. to introduce Corporate Tax – 2023 -ask Synergy Software Systems

February 2nd, 2022

Background

The UAE has long positions itself as a place where foreign investors are welcome and where incomes are tax free. Low taxes and a friendly business environment helped to transform the 50-year-old nation.

The UAE faces steep competition from neighboring Saudi Arabia, which is working overtime to attract businesses and families to relocate to the kingdom

The UAE’s Finance Ministry said that it will aunch corporate tax in line with worldwide efforts to combat tax evasion and to meet issues posed by the global economy’s digitization,

The ministry also stated that the measure will prepare for the implementation of a worldwide minimum tax rate, which will apply a different corporate tax rate to large multinationals that meet certain conditions.

It was announced on Jan 31 that for the first time, the United Arab Emirates (UAE) will establish a federal corporate tax of 9% on profits on business profits on June 1, 2023,

  • Businesses engaged in the extraction of natural resources will be exempt from the UAE CT as such businesses shall continue to be subject to Emirate level taxation
  • The UAE CT shall be a Federal level corporate taxation. Thus, all UAE businesses, corporations and entities engaged in and licensed to undertaken commercial activities shall be subject to the UAE CT.
  • Corporate tax will be payable on the profits of UAE businesses as reported in their financial statements prepared in accordance with internationally acceptable accounting standards “with minimal exceptions and adjustments”, 
  • The corporate tax will not apply to personal income from employment, real estate and other investments, nor to income earned from a business licensed outside the UAE.

Introduction of Transfer Pricing

Under the CT regime, UAE businesses will be required to comply with transfer pricing rules and documentation requirements as set out in the OECD Transfer Pricing Guidelines

Free Zone Businesses

Free zone businesses will be within the scope of UAE CT and required both to register and to file a CT return.

Those businesses will however continue to benefit from CT holidays / 0% taxation while they comply with all regulatory requirements and do not conduct business in mainland UAE. 

Multinationals

The press release and FAQs indicate that there will be a different tax rate for large multinationals that meet the criteria under ‘Pillar Two’ of the OECD Base Erosion and Profit Shifting project (i.e. those that have consolidated global revenues above EUR 750m).

Tax basis

The Federal Tax Authority will be responsible for the administration, collection, and enforcement of CT.

Where a business is resident for CT purposes will be determined either based on the place of incorporation / registration (legal seat), or the place of effective management and control of the business.

To help small firms and entrepreneurs, the ministry further stated that the new system entails:

  • a basic statutory tax rate of 9%,
  • a 0% rate for taxable profits up to 375,000 dirhams, ( about $102,107.50 . )

CT will be payable on the accounting net profit reported in the financial statements of the business, with minimal exceptions and adjustments

Tax losses incurred from the CT effective date can be carried forward to offset taxable income in future financial periods.

No UAE CT will apply to:  

  • Employment income, income from real estate, income from savings, investment returns and other income earned by individuals in their personal capacity that is not attributable to a UAE trade or business;
  • Dividends, capital gains and other investment returns earned by foreign investors.  

Exemption from UAE CT will be available for: 

  • Capital gains and dividends earned from qualifying shareholdings; 
  • Qualifying intra-group transactions and restructurings.

Domestic and cross border payments of interest, dividends, royalties and other payments will not attract a withholding tax in the UAE.

UAE CT will have to be filed electronically once for each financial period but without a requirement for advance UAE CT payments on the basis of provisional tax returns. 

The tax scheme will allow UAE business groups to be taxed as a single entity or to apply for relief amid losses or restructuring. UAE group companies can form a tax group and file a single tax return for the entire group, and transfer tax losses to other members of the group.

Foreign tax credits will be available for taxation incurred by UAE businesses on income earned outside the UAE’s corporate tax to avoid double taxation.

The UAE CT regime should remain one of the most competitive in the world. The UAE will offer the most competitive CT regime in the region, with Egypt, Jordan, Kuwait, Lebanon, Oman, Saudi Arabia and Qatar imposing CT at rates between 10% to 35% (Bahrain currently does not have a broad based CT regime). 

The introduction of a UAE CT regime would enable the UAE to adopt and implement the OECD BEPS 2.0 measures to address the tax challenges arising from the digitalisation of the global economy, and the introduction of a global minimum tax rate for large multinationals.

What next?

The relevant legislation for the CT regime is currently being finalised and will be subsequently promulgated. Once promulgated, the UAE CT Law will provide more details and guidance on several critical aspects.

Further information is expected to be made available by mid-2022, to give UAE businesses at least 12 months to get ready.

Key considerations for UAE businesses

To prepare for the new corporate tax (CT) profile of the UAE consider an internal working team and whether auditor discussions are needed

Consider the application and impact of the new UAE CT Law on :

  • UAE entity(ies) and/or operations
  • Revenue booked under Mainland UAE versus Free Trade Zone setups
  • Economic substance profile and/or CbCR filings
  • Group structure
  • Inter-company transactions
  1. Investment/Holding structures
  2. Be prepared to adopt new tax and transfer pricing compliances (where applicable).
  3. Consider impact on share price and ability to raise finance
  4. Review IT systems and their configuration to support taxation, and budget for any external consulting resource to e.g. create filing returns reports, or to amend existing reports e.g. TB, cash flow.
  5. Consider whether there needs to be any changes to policies and training for the finance team.
  6. Consider a dry run pilot in a test system to ensure that you can produce timely accurate reports in the correct format.

(Most Dubai stocks fell in the Middle East on February 1 after the United Arab Emirates unveiled that it will be taxing corporate earnings from next year.

Moody’s said: “the introduction of the 9% federal corporate tax is broadly credit negative for domestic UAE corporates because it will reduce their operating cash flows.”)

Assets with Dynamics 365 Finance & Supply Chain – ask Synergy Software Systems

October 19th, 2021

Assets include for example buildings and machinery, IT equipment. company mobile phones and credit cards, cars, shipping vehicles and containers and son on.. TA malfunction or failure of your assets for example a production machine or a delivery vehicle can negatively impact your supply chain. Aa global enterprise will have thousands of assets.

Dynamics 365’s, Asset Management module allows companies to manage their maintenance operations with real-time access to their maintenance costs without having to separately collect data, to analyze it. Use Asset Management to both plan and execute maintenance and and servicing of equipment in your company, . It integrates seamlessly with several Dynamics 365 modules and other apps.

Functional Locations and Assets

Use Functional locations to manage assets on locations and to track asset costs at functional locations. Functional locations are structured hierarchically, and locations can have sub-locations.. Assets can be installed on functional locations and, be reinstalled on other functional locations.

Asset costs always follow the location of the asset. When you install an asset on a new functional location, the asset automatically uses the financial dimensions that are related to the new functional location. Therefore, asset costs are always related to the functional location that the asset is currently installed. This automatic handling of financial dimensions helps guarantee accurate cost tracking when your company does project controlling and reporting on functional locations.

Also build a hierarchy of functional locations for your company internal equipment maintenance, or for servicing customer equipment.

Assets and Work Orders

. An asset is a machine assembly  or machine part that requires on-going maintenance and service.

Assets can be created in a hierarchical structure, and they can be related to functional locations.

Maintenance jobs can be planned at all levels in the asset structure.

For each asset set up related data, such as asset specification, and required maintenance plans and the affiliation of assets to job types.

Every work order has a work order type, such as preventive or corrective maintenance, or inspection.

The work order contains one or more work order jobs. Every work order job defines a job that must be performed on an asset and a related job type.

Examples of related job types include 10,000 km, 50,000 km, 1-year overhaul, and safety inspection.

One work order can be related to multiple assets.

A work order can be related to another work order, and job types can contain succeeding jobs that create a work order. In general, there are no dependencies between work orders. Therefore, they can change their work order lifecycle state and can be scheduled independently of each other.

Integration with ERP

The integration of Asset Management with Dynamics 365  applications supports drill down into your maintenance data to understand exactly what is driving your costs, and to determine how optimise your assets.

  • Project management and accounting – allows a holistic view into the costs associated with work on specific objects, by area, by a worker, etc.
  • Human resources – provides the capability to assign workers to specific work requests and allows for a clearer vision of the true cost of maintaining your assets.
  • Fixed assets – allows greater visibility into the cost of maintaining an asset.
  • Inventory management – maintains spare parts inventory.
  • Master planning – provides planned purchase orders based on criteria set up in the system, ensuring that the maintenance department never runs out of parts.
  • Procurement and sourcing – allows maintenance departments to have clear visibility into their orders and expenditures.
  • Accounts payable – allows vendors to be paid on time and allows the accounting department greater visibility into maintenance expenses.
  • General ledger – grants visibility into the maintenance process from an accounting perspective.

Power BI autp install for TEAMS is coming.

September 17th, 2021
  • Power BI will begin automatically installing the Power BI app for Teams for users when they visit the Power BI service
  • Power BI admins can choose not to auto-install through a new Power BI tenant setting
  • The tenant setting has started to roll-out now, giving admins time to opt-out if desired.
  • The automatic installation will start to take effect in November 2021, for organizations with the setting enabled.

Auto-install for Power BI app for Microsoft Teams

When the Power BI app for Microsoft Teams is installed, users get better experiences without leaving Teams, like:

These capabilities are available once the Power BI app for Teams is installed for a user

The Install Power BI app for Microsoft Teams automatically tenant setting is added to the Power BI admin portal. Power BI admins can control the auto-install behavior. By default, the auto-install is enabled.

Power BI tenant setting that controls automatically installation of the Power BI app for Microsoft Teams for a user.

The automatic installation happens for a user under the following conditions:

  1. The Power BI app for Microsoft Teams is set to allowed in the Microsoft Teams admin portal
  2. The Power BI tenant setting Install Power BI app for Microsoft Teams automatically is enabled
  3. The user has a Microsoft Teams license
  4. The user opens the Power BI service (e.g. app.powerbi.com) in a web browser

Initially, auto-install applies to new users the first time they visit the Power BI service in a web browser. In the future, auto-install will occur for all active users of the Power BI service who meet the criteria.

When auto-install occurs, the following notification is shown in the Power BI service notification pane.

Graphical user interface, text, application Description automatically generated

Questions and Answers

What happening today?

Pre-announcing auto-install of Power BI in Teams.

Starting to roll-out a Power BI tenant admin setting which enables Power BI admins to choose to opt-out of the automatic installation behavior.

When will these changes take effect?

In November 2021, Power BI auto-install of Power BI in Teams will start rolling out.

Which users will be affected?

When the Power BI tenant setting is enabled, the Power BI app for Microsoft Teams will be installed for users who meet the criteria specified. Initially, automatic installation will apply to new users and will expand to all users who visit the Power BI service in a web browser after the initial roll-out in November 2021.

When should I use a Microsoft Teams App Setup Policy?

Microsoft Teams app setup policies allow Microsoft Teams Admins to install an app for a target set of users. Since this applies to all users in the specified group, you can ensure everyone who needs Power BI has it, even when they’re not active Power BI users. Use app setup policies to pin the Power BI app in Teams to the Microsoft Teams left rail. This additional step makes data and analytics prominently available throughout your organization..

Read more about automatic installation in the Power BI documentation

Read more about the Power BI app for Microsoft Teams

Read more about collaboration in Microsoft Teams with Power BI

IFRS16 Asset leasing in Dynamics 365

September 1st, 2021

Asset leasing helps customers feel more confident that they’re following the proper accounting standards for ASC 842 and IFRS 16, reducing the risk of spending extensive time doing offline calculations. Asset leasing will reduce manual errors and save your users time through automatic lease status updates, right of use assets, wholistic monitoring and analytics, and calculations of net present value, lease interest, and future cash payments.

Dynamics 365 Finance > Asset leasing > Lease management

Asset leasing can help you with the following:  

Automates the complex lease calculation of present value and its subsequent processes such as future lease payment, lease liability amortization, right-of-use asset depreciation, and expense schedules.

Automatically classifies the lease as either operating or finance, or as a short-term lease or low-value lease. The lease classification tests include transfer of ownership, purchase option, lease term, present value, and unique asset.

Centralizes the management of lease information, such as important dates, including the commencement and expiration dates, as well as the lease’s transaction currency, payment amounts, and payment frequency.

Helps to generate accounting entries for the initial recognition, and subsequent measurement of the lease liability and right-of-use asset.

Reduces time for complex calculation of lease modification and automatic adjustment transactions.

Provides posting to different layers to accommodate different reporting purposes, such as tax reports that are available in Dynamics 365 Finance.

Complies with the accounting standards to represent leases on a balance sheet using the Balance sheet impact calculator.

Provides audit controls over the integrity of the lease data to ensure that the posted transactions match the calculated amounts of the present value, future payments, and liability amortization.

Provides tools to import from or export to Excel for all lease data using data management.

Includes features that help in preparing asset leasing reports, particularly the preparation of disclosures and notes.

Integrates with company chart of accounts, currencies, fixed assets, vendors, journals, data management, and number sequences.

Asset leasing integrates seamlessly with other components of Dynamics 365 Finance, including Fixed assets, Accounts payable, and General ledger. Integrates with your company chart of accounts, currencies, fixed assets, vendors, journals, data management, and number sequences.

  • Complies with the accounting standards to represent leases in balance sheets using the Balance sheet impact calculator.
  • Provides audit controls over the integrity of the lease data to ensure that the posted transactions match the calculated amounts of the present value, future payments, and liability amortization.
  • Provides tools to import from or export to Excel for all lease data.

If you need to comply with IFRS16 , or need assistance with implementation or support of Dynamics 365 Finance and SCM then contact Synergy Software Systems 009714 3365589.

IFRS 17 – compliance accelerator system- ask Synergy Software Systems.

September 1st, 2021

IFRS 17 is the newest IFRS standard for insurance contracts and replaces IFRS 4 on January 1st 2022. It states which insurance contracts items should by on the balance and the profit and loss account of an insurance company, how to measure these items and how to present and disclose this information.

This is a big change for insurance companies and data administration, financial presentation and actuarial calculations will need to change.

 

Why are IFRS 9 and IFRS 17 implemented together?

  • The insurance liability (IFRS 17) is always closely connected to the financial instruments (IFRS 9) within insurers.
  • When a client buys an insurance, the insurance liability is created and with the paid premiums are financial instruments bought.
  • Insurers want to reduce the volatility in their earnings and there are some choices within IFRS 9 and IFRS 17 which they can make which can impact the volatility.
  • Under IFRS 17 insurers can decide whether results of changing financial risk assumption go through OCI or through the profit and loss account.
  • Under IFRS 9 insurers can decide whether changes in equity will go through profit and loss or through OCI.

Both standards will impact earning volatility and hence balance sheet management choices are connected. Consequently, the IFRS board decided it is better that insurers are granted the option to implement both standards together.

IFRS 9 explains the classification and the measurement of financial instruments. Hence IFRS 9 helps to improve the information disclosure around financial instrument. Many perceive the information disclosure around financial instruments during the financial crisis as inaccurate for example impairments on financial instruments were taken too late and the amounts were too little.

IFRS 9 makes the classification of each financial instrument more logical and principle based. There are two questions which need to be answered for the classification:

  • Why is the company holding the asset; just for collecting the cash flows from the underlying asset, or is the asset also held for trading?
  • What kind of asset is the financial asset? Is it a derivative, an equity or a debt instrument? With the SPPI (solely payment of principal and interest) model it can be tested whether an instrument is really a debt instrument.

 The classification determines:

  • which accounting principle is used;
  • should the instrument be measured at fair value or at amortized cost
  • and whether earnings and losses should go through the profit and loss account or through the OCI (other comprehensive income) account.

IFRS 9 also includes a more dynamic credit loss model instructing when an insurer should take an impairment on financial assets. The model is forward looking thereby also expected future losses should be taken into account with the impairment.

 IFRS 9 also makes hedge accounting possibilities more rule based, thereby being in line with how risks are  managed within insurers.

Why does this matter?

There is a huge impact on insurers and a big change in the disclosure.

  • Almost all of the asset and liability side is hit by the combination of IFRS 9 and IFRS 17.
  • New concepts and terms are introduced.
  • The standards will impact the presented numbers. Under IFRS 17 the insurance liability needs to be based on updated assumptions which is not currently a requirement. .
  • More data with more granularity and more history will challenge internal data storage, reporting and IT performance.
  • Reporting timelines are shortened, which will challenge the systems, and the cooperation between different departments.
  • New components like the unbiased Cash Flows, Risk Adjustment, Discount Rate and CSM are introduced. This means the insurer needs to understand the IFRS 17 principles and decide how to implement IFRS 17. For example which measurement model to choose for an insurance product, which transition measure to user. Read here more about the IFRS 17 model, and here about the transition period.
  • In the balance and income statement, insurance liability will n be specified in a different way, the importance of gross written premiums will disappear, while equity will be impacted.
  • The presentation of the balance and P&L are also significantly affected.
  • Risk engines are needed to calculate the CSM and cope with all the different groups
  • Insurers need to disclose information bases on group of contracts.
  • A group is a managed group (often a product) of contracts which were all profitable, onerous, or may become onerous (decided at inception) with a certain inception year. Insurance companies can have hundreds of groups and IFRS 17 insists on this grouping to have more transparency as insurance companies cannot offset the result of one group to another

Synergy Software Systems has been implementing and supporting financial solutions in the insurance vertical for 25 years. If you need to rapidly implement a solution for IFRS 17 compliance that will sit alongside your existing erp and finance systems then call us on 0097143365589.

August 24th, 2021

A bungled data migration of a network drive caused the deletion of 22 terabytes of information from Dallas Police Department police force’s systems – included case files in a murder trial,during a data migration exercise carried out at the end of the 2020-21 financial year

“On August 6, 2021, the Dallas Police Department (DPD) and City of Dallas Information and Technology Services Department (ITS) informed the administration of this Office that in April 2021, the City discovered that multiple terabytes of DPD data had been deleted during a data migration of a DPD network drive,” said a statement [PDF] from the Dallas County prosecutor’s office.

14TB were recovered, presumably from backups, but “approximately 8 Terabytes remain missing and are believed to be unrecoverable.”

The Home Office initially issued a statement saying the data loss was down to a “technical issue”, which had been resolved, There must have been some technical resolution because the Home Office later said it was not a technical issue after all, and in fact a “housekeeping error” with Home Secretary Priti Patel saying: “Home Office engineers continue to work to restore data lost as a result of human error during a routine housekeeping process earlier this week.”

In a letter published by The Guardian, National Police Chiefs’ Council (NPCC) deputy chief constable Naveed Malik, lead for the organisation on the Police National Computer (PNC), said approximately 213,000 offence records, 175,000 arrest records and 15,000 person records had potentially been deleted in error. The DNA database connected to the PNC saw 26,000 records corresponding to 21,710 subjects potentially deleted in error, “including records previously marked for indefinite retention following conviction of serious offences”. The letter also said 30,000 fingerprint records and 600 subject records may have been deleted in error.

The PNC dates back to the 1970s. The current iteration is a Fujitsu BS2000/OSD SE700-30 mainframe based in a Hendon data centre, running Software AG’s natural programming language-using ADABAS database. The UK’s territorial and regional police forces, Serious Fraud Office, Security and Secret Intelligence Services (MI5, MI6), HM Revenue & Customs, and the National Crime Agency all make use of it. They have controlled and 24-hour access from remote terminals and through local police force systems.

These incidents highlight the importance of backups and backup and recovery processes. How often do you test whether you can restore your back ups? Does this still work for restoring older back ups when you upgrade? Has a move to the cloud changed the retention of your back ups, the frequency of upgrades, or the ease or time for restore?

AML/CFT – Anti-money Laundering & Combating the Financing of Terrorism – Regulatory compliance

August 23rd, 2021

Global Governments have implemented concerted measures to increase the scrutiny of AML/CFT processes and controls, to fight financial crimes.

In December 2020, the UAE Cabinet adopted the formation of the Executive Office of the Anti-Money Laundering and Countering the Financing of Terrorism with an aim to follow the international requirements in this sector. The Ministry of Economy (MoE) sent out e-mails to all companies with a link to the Annual AML/ CFT Risk assessment form along with deadlines for each category of DNFBPs.

All Designated Non-Financial Businesses and Professions (“DNFBP’s) must register on a “goAML portal” before 31 March 2021.  So any ‘grace period ‘ is well over.

The goAML portal is a integrated platform used to file Suspicious Transaction Reports (STRs) and/or Suspicious Activity Reports (SAR).

It is your obligatory duty under the Federal Decree Law 20 of 2018 and Article 20(2) of Cabinet Decision No. (10) of 2019, to have procedures in place to report Suspicious Transactions to manage anti-money laundering (“AML) and counter terrorist financing (“CFT”). This system will allow you to help authorities identify criminal and suspicious activity.Failure to register on goAML may result in severe penalties invoked by the Ministry of Economy. We therefore urge you to treat this notice as a matter of priority and complete your application to ensure access to the goAML system.

Non- compliance to this will attract fines up to AED 5 Million!
In addition to the financial sector, this regulation applies to all Designated Non-Financial Businesses and Professions (DNFBP), and the members of their boards of directors, management, and employees, established and/or operating in the territory of the UAE. They are applicable to all such natural and legal persons in the following categories: 

Auditors and accountants; 
• Lawyers, notaries and other legal professionals and practitioners; 
• Company and trust service providers; 
• Dealers in precious metals and stones; 
• Real estate agents and brokers; 
• Any other Designated Non-Financial Businesses and Professions (DNFBPs) not mentioned above.

All such businesses must:

• register with the Financial Intelligence Unit (go AML)

enroll on the Committee for Commodities Subject to Import and Export Control system (Automatic Reporting System for Sanctions List).

To determine whether you are likely to be a DNFBP go to: https://www.economy.gov.ae/english/AML/goAML/Pages/verify.aspx