Category Archives: Nonprofit Organizations

3 Ways to Protect Yourself and Organization Against Cyber Threats

by Meagan Bulloch

In light of recent data breaches at major retailers in the US, the public have been reminded just how vulnerable both their personal and organization’s data is to cyber-attacks.  This has left many companies scrambling to make sure the data they are entrusted with does not become the target of another round of headlines and lawsuits.identity_theft

While you are never 100% protected from hackers, here are five ways you can reduce your risk of falling victim to a cyber-attack:

  1. Strong Complex Passwords – It seems this advice has been given year after year and almost seems trite, however, for many; passwords are the first level of defense against a cyber-attack.  As such, it is ever more critical that passwords be lengthy, complex and changed often.  According to the SANS Institute’s sample password policy available at https://www.sans.org/security-resources/policies/general/pdf/password-protection-policy  a strong password is at least 15 characters in length.  For many, the deterrent to having a complex password or changing it often is the issue of remembering the complex password.  If this is a concern for you or your organization, you should consider implementing a password management tool such as RoboForm, Password Depot, and LastPass to assist in creating, storing and recalling passwords.
  2. Alternative Authentication Measures – If you have already tackled your passwords what else can you do?  As an additional layer of protection many are considering the use of alternative authentication measures such as fingerprint readers and key fobs.  Basic fingerprint readers can be purchased for only $35 in today’s market.  Using such devices can eliminate the need for a password to log in to a computer.  If the objective is to protect extremely sensitive data then the use of a multifactor authentication may be the best option.  This would involve an employee using both a password and something held in their possession – such as a code generated by a key fob- to log into a computer, application or website.   By requiring two forms of authentication you can greatly reduce the access a hacker could have to your system.
  3. Develop a formal policy for “BYOD.”  Often referred to today as “bring your own device” has created a new level of vulnerability for organizations.  In today’s environment it can be very beneficial for employees to be connected to an organization’s email and other network data through a mobile device.  The issue comes when this access is obtained informally by employees and not managed by the organization.  Often the organization has no way of knowing which devices are attached to their network and therefore, cannot take the necessary security measures to protect sensitive organizational data.  To protect your organization it is imperative to develop a formal BYOD policy that address security issues before an employee can connect their personal device to your network.  If devices have already been connected, you should implement a BYOD policy retroactively.  Regardless, each employee should agree to the policy and indicate so through a signature before they can access the organization’s network.  The BYOD policy should at a minimum include the following: the fact that the organization owns the data the employees will access, the procedure for erasing the organization’s data from the device in the event the employees leaves the organization, which type of websites and applications can be accessed, security measures the end user must implement as a condition of accessing the organization’s network, and the process for notifying appropriate organizational personnel in the vent a device is lost or stolen.  See sample policy template at http://www.itmanagerdaily.com/byod-policy-template/.

While each of these tools is important independently, a layered approach is truly the best defense against a cyber-attack for you or your organization.

Meagan Bulloch ([email protected]) is an audit manager at Langdon & Company LLP focused primarily on non-profit clients.

Spring Cleaning: Document Retention Policies for Non-Profits

by Brittany Powell spring-cleaning-office

Determining what documents and files you need to keep can be a daunting task and all too often turns into a case of “I’ll keep this…just in case.”  Establishing a formal document retention and destruction policy for your non-profit organization can help prevent clutter from piles of unneeded documents.  In fact, a document retention policy is one of several policies that the IRS Form 990 asks specifically if a nonprofit organization has.

The IRS Form 990 instructions define a document retention and destruction policy as a policy that “identifies the record retention responsibilities of staff, volunteers, board members, and outsiders for maintaining and documenting the storage and destruction of the organization’s documents and records.”  As the National Council of Nonprofits points out in its article, “Document Retention Policies for Nonprofits,” a written document retention policy provides consistency in the document retention/destruction habits of both staff and volunteers.

So, as your organization is spring cleaning, what documents should you keep and what can be tossed?  The following categories are derived from the AICPA’s sample document retention policy and provide a guideline for how long certain documents should be kept.

Documents that should be kept permanently:

–          Audit reports

–          Correspondence regarding legal and important matters

–          Deeds, mortgages, and bills of sale

–          Determination letter from the IRS

–          Tax returns

–          Articles of Incorporation, Bylaws, etc.

–          Minutes of board meetings and resolutions made by the board

–          Retirement and pension records

–          Trademark registrations and copyrights

Documents that should be kept for 7 years:

–          Expired contracts, mortgages, notes, and leases

–          Payroll records and summaries

–          Personnel files for terminated employees

–          Timesheets

–          Withholding tax statements

–          Invoices (to customers and from vendors)

Documents that should be kept for 2-3 years:

–          Bank reconciliations and statements

–          General correspondence

–          Duplicate deposit slips

–          Employment applications

–          Inventory records

–          Correspondence with customers and vendors

These guidelines can help your organization begin establishing its own document retention policy and guidelines.  However, as we become a more technologically-driven society, it is important to be consider documents stored in the cloud or on a server and to have a back-up plan in place for your electronic documents.  Additionally, the National Council of Nonprofits points out in its article that organizations should give consideration to email records and how they fit into the procedures defined in the document retention policy.

If you have additional questions or would like additional information, please contact our office.

Brittany Powell ([email protected]) is an audit senior at Langdon & Company LLP and has experience with a broad range of non-profit clients.

The Why, Who, What and How of an effective audit committee for nonprofit organizations

by Meagan Bullochhands

The establishing and maintaining an audit committee is considered a best practice for nonprofit organizations.  An audit committee can greatly help the governing board perform their fiduciary and oversight roles over financial reporting, reducing risk and maintaining donor confidence.  Some organizations may utilize their finance committee as an audit committee.  What is important is not the form of the committee but the substance.

Q: Why should a nonprofit consider forming an audit committee?

A: In addition to Sarbanes Oxley and state requirements imposed for organization’s soliciting funds within certain states, the Form 990 asks if an organization has an audit committee.  Although, such a committee is not a requirement, the establishment of one is considered a best practice by the IRS.  As the Form 990 is a public document, answering “no” to this question may lead to funders questioning why the organization is not following a suggested best practice.  The American Institute of Certified Public Accountants’ (AICPA) Audit Committee Toolkit: Not-for-Profit Organizations, 2nd Edition (available at AICPA Store) lists numerous reasons as to why a nonprofit organization should consider forming an audit committee, including providing better: financial results, decision-making in terms of accuracy and quality of financial reporting; ability to build stronger relationships with stakeholders; as well as facilitating transitions in leadership.

Q:  Who makes the best audit committee members?

A:  Audit committee’s typically consist of 3-6 members with diverse backgrounds and experience all of which are considered “financially literate.”  To be financially literate, members should be able to read and understand fundamental financial statements and recognize when the numbers along with associated disclosures to not make business sense.  Additionally, the best audit committee members are fully involved and engaged with the organization and ensure that two-way constructive dialogue occurs at all times between all parties involved.  Members should also be independent in both fact and appearance.  To be truly effective, the committee must be able to resist any attempt by management to compromise financial reporting.  The following relationships are considered to impair independence:

  1.  An audit committee member who is or has been an officer or employee of the organization during the past 3 years
  2. A member who is an immediate family member of an officer or someone in management
  3. A member who has a direct business relationship with the organization in the past three years; such as a consultant

Q:  Who can serve as a financial expert on the audit committee?

A:  The inclusion of at least one financial expert is a highly recommended best practice.  The following attributed are deemed essential components of a financial expert:

  1.  An understanding of generally accepted accounting principles (GAAP) and nonprofit financial statements
  2.   The ability to assess the general application of such principles in connection with the accounting for estimates, accruals and reserves
  3. Experience preparing, auditing, analyzing or evaluating financial statements that are comparable to those of the organization
  4. An understanding of internal controls and procedures for financial reporting
  5. An understanding of the audit committee function
  6. A general understanding of nonprofit financial issues and specific knowledge of the nonprofit industry in which the organization operates

It is worth noting that an audit committee financial expert has no greater obligations or liability than any other members of the audit committee and board of directors who are not designated as financial experts.

Q:  What should be the mission of an effective audit committee?

A:  Simply put, the mission should be oversight.  Specifically, the following areas should be their main focus:

  1.  Financial reporting
  2. Risk Management

Audit function – oversight of and communication with independent auditors, both internal and external

Langdon & Company LLP will be happy to assist with your audit needs.  Please contact our office!

Meagan Bulloch ([email protected]) is an audit manager at Langdon & Company LLP focused primarily on non-profit clients.

Audit Options

by Katie Anthony

You may think that since you are not a publicly held company that you don’t need an audit. However, audits are for private companies as well. Many non-profits are required to have audits in order to comply with federal and state grant requirements. Other companies just want to make sure that they are on the right track, and have an audit done in order to have an independent accountant take a look at their financial statements. In addition, there are different types of audits.

You may not think about it in your day to day activities, but your processes may be inefficient. Having an efficiency audit done can pinpoint areas that need work so that you can save money. All companies want to save money and being more efficient will allow your employees to either work less hours, or have time to accomplish more. Another factor could be that your employees are stressed out and don’t have time to get everything done. With just a few process changes, your employee satisfaction could go through the roof due to less job frustration. Happy employees make for a pleasant working environment and better employee retention.

working

Still don’t think you need an audit? Langdon & Company’s auditors can also perform Agreed-Upon-Procedures. With some direction from our Partners, you can take a look at your needs and tailor a report to the needs of your company. Maybe your industry has very particular regulations. Auditors can come in and make sure that you are complying with these regulations and are keeping the necessary documentation. A good example here is the trucking freight industry. CDL drivers and companies that employee these drivers are required to keep specific and detailed records regarding time spent driving, fuel bought and used across state lines, as well as annual checklists on driving records and other driver-specific information.

Give Langdon & Company LLP a call today to set up an appointment with a manager or partner concerning your company.

Katie Anthony ([email protected]) is an audit staff member at Langdon & Company LLP.  She enjoys working with a variety of clients and offering a fresh perspective on a multitude of issues.

On the Horizon: Revenue Recognition

by Lee Byrd

content updateOn May 28, 2014, Financial Accounting Standards Board’s (FASB) released Accounting Standards Update (ASU) 2014-09, Revenue from Contracts with Customers (Topic 606). The ASU replaces more than 600 pieces of current revenue recognition guidance with a five-step model. Under the current guidance, entities recognize revenue when earned and realizable. Under the new ASU, entities will recognize revenue to depict the transfer of promised goods or services to customers in an amount that reflects the consideration to which the entity expects to be entitled in exchange for those goods or services. As such, the application of the revenue recognition criteria is based on the terms of the contract with the customer rather than on industry specific guidance. The standard requires entities to make more estimates and use more judgment than current guidance.

The five-step model is as follows:

Step 1 – Identify Contracts with Customer

Step 2 – Identify Performance Obligations

Step 3 – Determine Transaction Price

Step 4 – Allocated Transaction Price to the Performance Obligations

Step 5 – Recognize Revenue When (or as) Performance Obligations are Satisfied

The standard becomes effective for public and private companies in 2017 and 2018, respectively. Early adoption is not permitted for public companies. While this gives entities time to become familiar with the new guidance, entities will need to use this time wisely to analyze the cost and benefits of the two approaches to implementation. Entities can choose the full retrospective method, which requires that the standard be applied retrospectively to each prior reporting period presented, or the modified retrospective method, which allows the cumulative effect of initially applying the update recognized at the date of initial application with disclosure of the amount by which each financial statement line item is affected in the current year. If the full retrospective method is chosen, the ASU allows some practical expedients to be used during implementation.

Langdon & Company LLP can provide further information or assist with implementation of ASU 2014-09. Please contact our office for more information.

Lee ([email protected]) is an audit manager focused primarily on single audit procedures associated with healthcare clients.

Upcoming NFP Changes: Accounting for Shared Services

by Brittany Powellaccountant-real deal

In April 2013, FASB issued ASU 2013-06 – Not-for-Profit Entities (Topic 958): Services Received from Personnel of an Affiliate which requires not-for-profit organizations to recognize contributed services received from an affiliate that directly benefit the not-for-profit entity.  This means that a not-for-profit entity may have to record services provided by an affiliate that the affiliate does not charge the recipient not-for-profit entity for.  According to ASU 2013-06, contributed services should be recognized if they meet one of the following criteria:

  1. The services provided “create or enhance nonfinancial assets”, or
  2. The services provided “require specialized skills, are provided by individuals possessing those skills, and typically need to be purchased if not provided by donations.”

Typically, in accordance with ASU 2013-06, the contributed services should be recorded “at the cost recognized by the affiliate for the personnel providing those services.”  However, if recording the services at cost would significantly misstate the value of the services received, ASU 2013-06 allows the not-for-profit entity to elect to record the contributed services at either cost or at fair value.

ASU 2013-06 will be effective for fiscal years beginning after June 15, 2014, or in other words beginning with fiscal year ended June 30, 2015 for not-for-profit entities with a June 30 year-end.  Early adoption of ASU 2013-06 is permitted.

With the approaching implementation date of ASU 2013-06, please contact our office with any questions regarding the application of ASU 2013-06 or its applicability to your not-for-profit organization.

Brittany Powell ([email protected]) is a Senior Accountant with Langdon & Company LLP.  She specializes in audit, serving a wide variety of nonprofit organizations.

Tax Exempt Status Does Not Imply Freedom from All Taxes and Related Filing Requirements

by Tony Pandiscia,

As a CPA firm, we often encounter new or existing organizations inquiring about becoming tax exempt under a misconception that “tax exempt status” provides a broad immunity from all taxes and tax return filings.  As a refresher, Tax Exempt Organizations (or “TEOs”) attain a legal existence under the province of state law (such as North Carolina’s “Nonprofit Incorporation Statutes”) before applying for “tax exempt status” with our Federal Government.   Once the Internal Revenue Service grants a TEO Federal exempt status, a key benefit is the exclusion from income tax on all program service related revenue (i.e. revenues generated from activities directly related to a TEO’s exempt purpose).   However the following represent other tax-related filings and liabilities that nevertheless apply to TEO:

INCOME TAX FILINGS AND UNRELATED INCOME.  Although enjoying an exemption from income tax liability on “program service revenue”, to preserve its tax exempt status a TEO must annually file Form 990, Return of Organization Exempt from Income Tax and disclose all relevant financial information and exempt function policies and procedures.  In addition, whenever income is generated via activities that are not related to an organization’s stated exempt purpose, “Unrelated Business Income Tax” (or “UBIT”) is earned.  A UBIT tax return must be filed with both the Internal Revenue Service and North Carolina Department of Revenue and corresponding UBIT tax payments remitted.

SALES TAXES.  Apart from the income tax reporting requirements, TEOs are put on a nearly level playing field with all businesses and consumers with respect to North Carolina Sales & Use Tax.  North Carolina’s “Sales & Use Tax” is an ad valorem tax typically levied at the point of purchase, although a TEO may later recoup (via filing of a refund claim form) any taxes paid for purchases used directly in furtherance of its exempt purpose.

Beginning in 2015, TEOs who charge admission to attend a live function will be subject to Sales & Use Tax on the admission charge levied on attendees.  Only TEOs that rely entirely on volunteer workforce and do not compensate any of the performers in the entertainment event will qualify for exemption.   In addition, TEOs should properly designate those amounts that do not strictly represent a charge for admission (including membership fees, specific charitable donations, and payment for amenities such as parking or merchandise discounts) as they may excluded from the sales tax base.

SOLICTATION LICENSES.  All TEOs that solicit contributions in North Carolina must register with the Secretary of State and obtain a “Charitable Solicitation License” [“CSL”].  Once obtained, the organization must annually renew the CSL with the filing of a renewal form, payment of a fee, and submission of financial data.  A very narrow exemption from the licensing requirements applies for TEOs that solicit less than $25,000 of contributions per year and which are run entirely by volunteer labor.  Upon request, the Secretary of State does permit affiliate organizations to request a “consolidated” license that covers all organizations in the group.

In summary, as a sound tax policy designed to incentivize organizations to engage in charitable activities, tax exempt status grants to a TEO a valuable freedom from income tax on program service revenue. However organizations must remember that the exemption from income tax is not a blanket exemption from all manner of taxes and filing requirements.  Tax Exempt Organizations must plan accordingly to meet the filing and tax payment obligations, and avoid subjecting themselves to excessive penalties and exemption jeopardy.

Langdon & Company ADTony lead’s our tax department as an attorney and Certified Public Accountant with over twenty years of experience.  Tony consults regularly with exempt organizations on matters related to recognition and preservation of tax status, unrelated business income tax, executive compensation, and internal policy matters.  His expertise includes additional industries such as healthcare, real estate, research & development, manufacturing, and professional services.  Tony is a frequent seminar instructor for the North Carolina Association of CPAs, for local trade groups and is regularly called upon by litigation counsel to provide expert witness testimony.

Please feel free to contact our office for more information.  Tony and our highly qualified tax department are available to answer your tax questions and provide any assistance you may need.


Adult Care Update

dhhsWith the recent announcement about the required Adult Care Home Cost Reports, we have been patiently waiting for more information.  NC DHHS has published the software for these reports along with instructions.  They have chosen to use the same software interface as in prior years – Microsoft Access.  For providers with 21 beds or more, a cost report audit IS required, but details are pending.  For those with a bed capacity from 7-20, this is NOT an audit year for this size home.  For any home with 6 beds or less, there is NO cost report required this year.

Langdon & Company LLP has incredible breadth of experience with health care providers and the associated State requirements.  Please contact our office if you have any questions or if we can help your Organization in any way.

The Fine Line: Debt vs. Equity

by Bennett Strickland

Distinguishing between debt and equity has long been debated in the accounting world and is one of the most complex issues in practice today.  Take an instrument like mandatorily redeemable preferred stock for example.  Is it classified as a liability or as equity?  This clearly affects reported amounts of liabilities and equity, and also things such as the debt-to-equity ratio and the asset-to-equity ratio.

debt equityThe line between liabilities and equity is also critical in measuring income.  So companies began to take advantage of manipulating their debt and equity and therefore manipulating their net income.  Neither changes in the values of a company’s outstanding equity instruments or transactions between a company and its owners, affect reported income.  Whereas, interest payments and at least some changes in the values of liabilities actually do affect reported income.

A lot of companies will try and classify their equity as debt and some may get away with it.  However, the consequences can be substantial if the IRS deems that the company needs to reclassify.  In Laidlow Transportation Inc. v. commissioner (TC Memo 1998-332), the taxpayer’s tax liability was increased by more than $55 million after the IRS made the company reclassify their debt as equity.  So when companies are walking the fine line of debt versus equity they must ask themselves, is it worth it?

The staff at Langdon & Company LLP are all too familiar with such an issue and would be happy to help your company decide which classification is proper.  Please contact our office for more information.

Bennett ([email protected]) is an auditor at Langdon & Company LLP.  He primarily focuses on healthcare and nonprofit organizations.

Accounting Changes for Goodwill

by Dwayne Murphy

The Financial Accounting Standards Board (FASB) Accounting Standards Update (ASU) 2014-02 is giving private companies another option when it comes to accounting for goodwill. Effective for new goodwill recognized in annual periods beginning after December 31, 2014 (early adoption is permitted).  Private companies will be able to subsequently amortize goodwill on a straight-line basis over a period of ten years, or less if the company is able to demonstrate that a lower useful life is better suited.  Before this update U.S. GAAP did not allow any amortization of goodwill.Goodwill

FASB Accounting Standards Update (ASU) 2014-02 also permits private companies to use a simplified impairment model, which allows them to test for impairment only when a triggering event occurs that would indicate that the fair value of a company (or a reporting unit) may have fallen below its carrying amount.  If the accounting alternative election is made, an additional election of whether to test goodwill for impairment at either the company level or the reporting unit level must be made.  Before this update U.S. GAAP required that testing of impairment be done at least annually and in some cases more frequently if certain conditions were met.

These changes should be beneficial to private companies as it allows for amortization expense and it lessens the burden of not having to test for impairment every year.

For public companies and not-for-profit companies the FASB is still considering the following alternatives for goodwill accounting at their last meeting on March 26, 2014:

  1. Same alternative as listed above for private companies.
  2. Amortize goodwill with impairment tests over its useful life, not to exceed a maximum number of years.
  3. The direct write-off of goodwill at the acquisition date.
  4. A nonamortization approach that uses a simplified impairment test.

Dwayne Murphy ([email protected]) is a Senior Accountant with Langdon & Company LLP.  He specializes in audit, serving a wide variety of nonprofit organizations.