We’re in the market for some synonyms for precipitous, because how many precipitous drops can you really have? Should we call it a steep decline? A really, really big dip?

In any case, the SEC and PCAOB majorly pulled back on enforcement activity in 2025. You know what? Fine, it was a precipitous drop.

SEC enforcement actions pertaining to accounting and auditing reached their lowest level in nine years in 2025, according to new analysis from Cornerstone Research. The agency initiated just 10 actions, marking a 68% year over year decrease compared with 2024, the report said.

Meanwhile, over at the PCAOB, a similar picture emerged: The organization finalized the lowest number of enforcement actions (37) since 2021, a decline from 51 actions in 2024, per Cornerstone.

Some of this is normal-ish—enforcement actions often drop amid administration changes—but the gravity of both declines is notable.

Keep reading.—NP

The key to keeping a CFO around might have been found, at least according to a 2025 study. According to the research, the answer may be for an organization to hire a chief accounting officer or controller so that a CFO can delegate tasks.

Retaining finance talent has been a challenge in recent years: CFO turnover hit a seven-year high in 2025, 12% above the seven-year average, and the average tenure of a CFO in 2025 across Fortune 500 and S&P 500 companies was only 4.7 years, according to a study from Crist Kolder Associates, nearly three years shorter than the average CEO stint.

The study found that companies where a CFO delegated significant oversight or policy decisions for the accounting function, likely to a CAO or controller, were 17.8% less likely to see their CFO voluntarily depart.

The study presented two theories as to why: First, offloading the accounting “likely reduces [CFO] burnout and increases engagement.”

Keep reading.—JK

Born to flex, diamonds on the neck—there’s nothing AI agents like more than (no) checks (on their power).

Yes, yes, we know, AI agents can’t “like” anything. But as the technology is given expanded permissions to shop for users and organizations, we could see attackers manipulate agentic access.

Let me in. It comes down to permissions, according to Jordan Mauriello, CTO at SHI. Major providers like Mastercard and Visa, as well as online systems like Google, have given AI agents the ability to make purchases on behalf of users. But sellers haven’t necessarily restricted what those agents can do.

“People will try to solve a very specific problem with agentic AI,” Mauriello said. “They’ll open up permissions to solve that problem and then forget to go back and lock those permissions down, and now the agent has access to things that maybe it should not have access to.”

What’s also important, Torii CEO Uri Haramati told IT Brew, is identity access management. Agents are hopefully acting with some form of limited access capacity—knowing which human to alert if something goes wrong is helpful.

Keep reading on IT Brew.—EH

Federal prosecutors in New York are offering companies a path to avoid criminal charges for voluntary disclosure. Here’s how the new “fast track” program works—and why it could reshape corporate risk decisions.