Cloud computing is the marketing focus of many IT companies.

Ads touting the benefits of cloud computing and the “cloud readiness” of software products are visible in airports, print media and on TV, and surveys predicting the rapid adoption of cloud computing solutions appear regularly. But how do cloud computing solutions affect the production of electronic documents and information in a litigation setting?

Smart Business spoke with James P. Martin, CMA CIA CFE, managing director of Cendrowski Corporate Advisors, regarding the issues that can arise when attempting to obtain information when a party has information stored in the cloud.

What is cloud computing?

Cloud computing describes an IT model in which computing resources can be obtained and utilized on an as-needed basis; this is why cloud computing is often referred to as ‘utility computing.’ The end user is provided a turnkey solution that is supported and maintained by the service provider at a remote location.

Cloud computing is enabled by rapid, reliable Internet communications, and, in fact, ‘the cloud’ is a term referring to the pool of resources hosted on the Internet.

What are some common cloud solutions that should be considered in litigation?

Cloud computing applications include hosted email products, such as Gmail or Hotmail, picture hosting services, text message services, hosted document processing, as well as social media services such as Facebook, Myspace, or dating sites. These sites would potentially have data that could be relevant to the litigation.

How does a cloud solution affect electronic discovery?

Moving to a cloud computing solution does not remove an organization’s document retention requirements, and many cloud solutions tout their ability to help the organization meet statutory requirements.   If the cloud vendor performs services to the public, access to the data stored in that solution would be subject to the restrictions of the Stored Communication Act.

It is also important to understand that this is an emerging area of law. Third-party solutions are evolving rapidly, and social media services are creating issues and carrying information that was inconceivable a few years ago. The legal system is dealing with emerging issues related to these new technologies and case law is changing rapidly.

What is the Stored Communication Act?

Data hosted by a third-party service provider may be covered by the Stored Communications Act (18 U.S.C. §§ 2701-2712 (SCA). This act was included as Title II of the Electronic Communications Privacy Act of 1986.

The SCA states that ‘a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service.’ The SCA was primarily written to protect the end user of computing services from government surveillance. In civil litigation, some courts have concluded that contents of communications cannot be disclosed to litigants even when presented with a civil subpoena.

How can a litigant obtain information subject to the SCA?

The SCA defines three categories of information; each category has different requirements to obtain the information. In litigation, the parties will tend to need access to ‘contents,’ such as email conversations and documents, which has the highest threshold. Contents generally require a subpoena with notice, a court order with notice, or search warrant.

One wrinkle is that the SCA defines a ‘court of competent jurisdiction’ as any district court of the United States, and the U.S. Court of Appeals; it is silent on whether state courts may issue orders to providers outside their districts.

Are there any exceptions to these requirements?

Yes, the SCA includes several exceptions.  Importantly, contents can be produced with the permission of the subscriber.  Also, contents can be released in emergency situations related to the commission of a crime, death, or serious physical injury, or if it is submitted to the National Center for Missing and Exploited Children.

Also, the SCA applies only to companies that provide the service to the public.  For example, consider a consultant who is provided an email account by a company where he or she is assigned for work.  Court decisions have determined that the company providing such an email account is not covered by the SCA, as it does not provide services to the public.

How are courts dealing with discovery in a civil matter?

In a recent decision, the court noted that a subscriber could grant permission for the provider to release contents and reasoned that the information held by the provider was under the control of the subscriber, and therefore had a duty to exercise this control and retrieve the content. The court allowed a subpoena to the subscriber directing it to provide permission to produce the information. Courts continue to evaluate aspects of the SCA, and case law continues to build around these issues.

Investigators attempting to access information held by a third party will need to evaluate an appropriate course of action depending on the type of information to be received, as well as the relative cooperation of the subscribing party.

JAMES P. MARTIN, CMA, CIA, CFE, is managing director for Cendrowski Corporate Advisors LLC. Reach him at (866) 717-1607 or

jpm@cendsel.com.

Insights Accounting is brought to you by Cendrowski Corporate Advisors LLC

Published in Chicago

As American and world markets remain volatile, many companies are striving to further lean out their operations.  Cutting waste out of an organization requires calculated decisions and requires managers to take a hard look at all areas of a company to assess how changes will affect operations.

Whether looking to cut costs by improving efficiencies, renegotiating contracts or reducing the work force, it is important for companies to consider the big picture. Managers must also involve those at the highest levels of their company, including board members.

“It is essential that directors become more involved in the day-to-day operations of the firm,” says Adam Wadecki, manager of operations, Cendrowski Corporate Advisors LLC.

Doing so is important, Wadecki says, because directors bring a different perspective than the management team and can help the firm’s members see issues from another angle.

Smart Business spoke with Wadecki about how to become a leaner company and streamline operations.

How do you define a lean organization?

A lean organization is one that can quickly convert its resources into cash. The time it takes to convert resources into cash is equivalent to the time it takes the firm to convert raw materials into finished goods, finished goods into receivables and, finally, receivables into cash.

An organization becomes lean by decreasing the time between each of these steps. Many organizations track the average time spent in each of these conversion processes; however, a more thorough analysis will look at not only the mean time spent in each process but also at the distribution of the time spent in each process. This analysis should be included in an organization’s risk management strategy, as decreasing time to realize cash will help the organization improve its working capital management.

What steps can an organization take to start becoming leaner?

With respect to production processes, lean manufacturing and Six Sigma are probably the most widely used tools. Each of these has gained in popularity in the last 20 years. Accountants also have developed tools to use when assessing operations, generally under the guise of internal control.

For a long time, the accounting profession largely concentrated on what it called internal accounting controls within a business. However, the profession has since moved to a broader definition of what it labels internal control, emphasizing that operations are indeed a part of an internal control assessment.

Lean manufacturing, Six Sigma, and internal control all serve to increase efficiency and reliability, though they do so in different ways. Lean manufacturing is generally less quantitative than Six Sigma and internal control methods, but can deliver formidable results.

What types of analyses can management perform to improve a company’s operations?

Historically, managers operating in volatile environments have placed great emphasis on cash management at all levels of the organization. We see this today in the large cash balances held by many companies in spite of what appears to be a rebounding (albeit slowly) economy. This emphasis is underscored by the need of management to understand the day-to-day finances of the firm’s operations and also the ability of the firm to service any outstanding debt obligations. However, it also is important to quantify the risks to these cash flows based on the likelihood and impact of potential events. This should be an essential part of the organization’s risk management process.

How can an organization quantify risks to cash flow?

This is a process that both management and the board of directors must be involved in. Cash flow risk assessments must be performed with accurate and timely information. It’s also important to consider the human element in the risk assessment process. For instance, when directors receive risk assessments from management, they should consider management’s track record in providing these assessments. Are risks generally understated? How tolerant is management of low-likelihood risks? How does management test its risk assumptions? How are likelihood and impact estimates quantified? Management can pose similar questions to the company’s support staff.

By understanding risks, organizations can identify with a laser focus those operations in need of improvement. This process is especially important for organizations that have lean operating strategies or those that are attempting to improve their leanness; such organizations often rely on steady, predictable operations to maintain high profitability.

What are some mistakes organizations make when proceeding toward lean operations?

Organizations need to ensure that they are, in fact, ready for change before they begin implementation. To borrow a phrase from the accounting profession, a proper tone at the top needs to be set, and employees must buy in to the process.

This tone is set not only by management but also by a firm’s directors. If these individuals are not able to garner worker support, any initiative is likely to fail. Where possible, it may be advantageous to tie employee performance with company profitability in order to make sure everyone is properly incentivized; workers must believe the benefits of their activities will exceed the costs.

However, organizations must be careful not to create incentives for workers to optimize myopically rather than over the long term. This was a central problem at the heart of the current crisis that began several years ago — improper incentives that led to socially suboptimal decisions. Remember the adage, ‘What gets measured gets done.’

Adam Wadecki is manager of operations at Cendrowski Corporate Advisors LLC. Reach him at (866) 717-1607 or aaw@cendsel.com.

Published in Chicago

Venture capital (VC) backed portfolio companies are highly susceptible to macroeconomic, industry and unique risks. In addition, VC fund ownership interests in portfolio companies are subject to risks, including market factors. How these parties address risks can significantly impact the value of companies and fund interests therein. An enterprise risk management (ERM) process involves identifying risks relative to an organization’s objectives, assessing them for likelihood and impact, developing a response strategy and monitoring progress. A well-defined ERM framework can protect and create value for the portfolio company and its parent VC fund.

“How a portfolio company addresses risk can have a significant impact on the harvest value of a business as well as interim mark-to-market valuations,” says John T. Alfonsi, CPA, ABV, CFF, CVA, CFE, a managing director of Cendrowski Selecky PC.

Smart Business spoke with Alfonsi about portfolio company risks and how they impact valuation.

Where is risk addressed in a portfolio company valuation?

The most common method of valuing a business is the ‘income approach,’ which requires a valuation analyst to project a business’s future cash flows, then calculate the present value of the sum of these cash flows by employing an appropriate discount rate.

When using the income approach, a valuation analyst must address risk in two primary areas: projected future cash flows and the discount rate. Effective ERM processes can help portfolio companies increase value by affecting the estimates for these quantities.

How does risk impact projected future cash flow?

Projections contain risk: There exists a risk that the portfolio company will not achieve the projected figures. As such, the process by which portfolio company management and the VC fund project future cash flows can impact a valuation analyst’s assessment of the business. A key risk is information integrity, the quality of information generated through monitoring and data assimilation. Information integrity allows management to make well-informed decisions and should provide a valuation analyst with greater confidence in a business’s projections.

Valuation analysts can analyze information integrity by examining historical projections and assessing elements of the internal control environment. While VC-backed companies are often nascent firms, the development of a robust internal control environment is an essential component to maximizing value.  Potential strategic and financial acquirers, as well as investment bankers who may take a portfolio company public, want to see control environments supported by strong culture focused on mitigating risks. This culture will be evaluated by valuation professionals when they examine projections.

In analyzing historical projections, a valuation analyst should examine the variance between historical projections and a business’s actual performance as well as the business’s ability to reach milestones in a timely manner. If a strong correlation exists between projected and actual performance, a valuation analyst can be confident in current projections, if the process employed by the organization in making projections remains constant. If a strong correlation does not exist, the analyst must examine the variance between past projections and actual performance to discern whether bias existed in past estimates and may exist in current projections.

What about risks in the discount rate?

The discount rate is the yield necessary to attract capital to a particular investment, given the risks associated with that investment. In determining the discount rate, there are two sources of risk to be quantified: systematic and unsystematic. Systematic risk is the risk one must bear for taking on a risky investment in the market, which encompasses all available risky investments, including public and private equities, real estate, foreign currencies, etc. However, systematic risk is estimated by calculating the return to public equities due to availability of data. The ERM process has little impact on systematic risk unless the business’s performance is heavily tied to market performance, as was the case with Lehman Brothers and Bear Stearns in their final days.

Unsystematic risk is sometimes broken down into two components, industry risk and company-specific risk. Industry risk reflects the risks identified with the industry in which a business operates. Company-specific risk encompasses all other risks, including (but not limited to) size, depth of management, geography of operations, customer and/or vendor concentration, competition and financial health. This last component of the discount rate is one that portfolio companies can impact, and commensurately increase or decrease their valuation. Identifying and minimizing company-specific risks through an ERM process can positively impact the value of a business, as a company subject to less risk is more valuable than one subject to greater risks.

How can ERM processes mitigate company-specific risks and increase value?

An ERM process should quickly gather and assimilate high-quality information for use in the organization’s decision-making process, allowing the organization to rapidly assess the impact and likelihood of risks associated with changes in its internal and external environments. Early assessment and mitigation can help preserve value and cash in the business as well as allow it to capitalize on risky events when competitors do not react as swiftly to environmental changes. By capitalizing on risky events, portfolio companies increase the chance of improving their market share or establishing an industry-leading position. The ability to successfully mitigate risky events should be recognized by a valuation analyst through lower estimates for company-specific risks, leading to higher valuation estimates.

John T. Alfonsi, CPA, ABV, CFF, CFE, CVA, is a managing director of Cendrowski Selecky PC. Reach him at (248) 540-5760 or jta@cendsel.com.

Published in Detroit

Venture capital (VC) backed portfolio companies are highly susceptible to macroeconomic, industry and unique risks. In addition, VC fund ownership interests in portfolio companies are subject to risks, including market factors. How these parties address risks can significantly impact the value of companies and fund interests therein. An enterprise risk management (ERM) process involves identifying risks relative to an organization’s objectives, assessing them for likelihood and impact, developing a response strategy and monitoring progress. A well-defined ERM framework can protect and create value for the portfolio company and its parent VC fund.

“How a portfolio company addresses risk can have a significant impact on the harvest value of a business as well as interim mark-to-market valuations,” says John T. Alfonsi, CPA, ABV, CFF, CVA, CFE, a managing director of Cendrowski Corporate Advisors LLC.

Smart Business spoke with Alfonsi about portfolio company risks and how they impact valuation.

Where is risk addressed in a portfolio company valuation?

The most common method of valuing a business is the ‘income approach,’ which requires a valuation analyst to project a business’s future cash flows, then calculate the present value of the sum of these cash flows by employing an appropriate discount rate.

When using the income approach, a valuation analyst must address risk in two primary areas: projected future cash flows and the discount rate. Effective ERM processes can help portfolio companies increase value by affecting the estimates for these quantities.

How does risk impact projected future cash flow?

Projections contain risk: There exists a risk that the portfolio company will not achieve the projected figures. As such, the process by which portfolio company management and the VC fund project future cash flows can impact a valuation analyst’s assessment of the business. A key risk is information integrity, the quality of information generated through monitoring and data assimilation. Information integrity allows management to make well-informed decisions and should provide a valuation analyst with greater confidence in a business’s projections.

Valuation analysts can analyze information integrity by examining historical projections and assessing elements of the internal control environment. While VC-backed companies are often nascent firms, the development of a robust internal control environment is an essential component to maximizing value.  Potential strategic and financial acquirers, as well as investment bankers who may take a portfolio company public, want to see control environments supported by strong culture focused on mitigating risks. This culture will be evaluated by valuation professionals when they examine projections.

In analyzing historical projections, a valuation analyst should examine the variance between historical projections and a business’s actual performance as well as the business’s ability to reach milestones in a timely manner. If a strong correlation exists between projected and actual performance, a valuation analyst can be confident in current projections, if the process employed by the organization in making projections remains constant. If a strong correlation does not exist, the analyst must examine the variance between past projections and actual performance to discern whether bias existed in past estimates and may exist in current projections.

What about risks in the discount rate?

The discount rate is the yield necessary to attract capital to a particular investment, given the risks associated with that investment. In determining the discount rate, there are two sources of risk to be quantified: systematic and unsystematic. Systematic risk is the risk one must bear for taking on a risky investment in the market, which encompasses all available risky investments, including public and private equities, real estate, foreign currencies, etc. However, systematic risk is estimated by calculating the return to public equities due to availability of data. The ERM process has little impact on systematic risk unless the business’s performance is heavily tied to market performance, as was the case with Lehman Brothers and Bear Stearns in their final days.

Unsystematic risk is sometimes broken down into two components, industry risk and company-specific risk. Industry risk reflects the risks identified with the industry in which a business operates. Company-specific risk encompasses all other risks, including (but not limited to) size, depth of management, geography of operations, customer and/or vendor concentration, competition and financial health. This last component of the discount rate is one that portfolio companies can impact, and commensurately increase or decrease their valuation. Identifying and minimizing company-specific risks through an ERM process can positively impact the value of a business, as a company subject to less risk is more valuable than one subject to greater risks.

How can ERM processes mitigate company-specific risks and increase value?

An ERM process should quickly gather and assimilate high-quality information for use in the organization’s decision-making process, allowing the organization to rapidly assess the impact and likelihood of risks associated with changes in its internal and external environments. Early assessment and mitigation can help preserve value and cash in the business as well as allow it to capitalize on risky events when competitors do not react as swiftly to environmental changes. By capitalizing on risky events, portfolio companies increase the chance of improving their market share or establishing an industry-leading position. The ability to successfully mitigate risky events should be recognized by a valuation analyst through lower estimates for company-specific risks, leading to higher valuation estimates.

John T. Alfonsi, CPA, ABV, CFF, CFE, CVA, is a managing director of Cendrowski Corporate Advisors LLC. Reach him at (866) 717-1607 or jta@cendsel.com.

Published in Chicago

Successful organizations achieve a diverse set of objectives. The pursuit of these objectives is especially challenging in today’s highly competitive environment.

Operational assessments assist organizations in achieving their objectives by ensuring that their strategic goals are appropriately translated into operational objectives and that the risks associated with the achievement of these operational objectives are mitigated.

“Operational assessments help firms evaluate how they are performing with respect to their goals and the chance they will continue to achieve these goals in the future,” says James P. Martin, CMA, CIA, CFE, managing director of Cendrowski Selecky PC. “Irrespective of the economic environment, operational assessments can provide significant benefits to firms.”

In last month’s issue, Smart Business spoke with Martin about the basics of operational assessments. This month’s issue provides further context regarding the purpose and execution of these assessments.

What is the purpose of an operational assessment?

All businesses, regardless of size, face risks in pursuing strategic objectives. Operational assessments focus on the mitigation of risks in the design and execution of processes created to achieve strategic goals.

The distinction between process design and execution is central to operational assessments, and different procedures must be followed depending on the type of assessment that is being performed within an organization.

What are the key components of a process design assessment?

The first step in a process design assessment is an evaluation of the organization’s process design objectives. More specifically, this evaluation will examine how process design objectives reinforce the organization’s strategic goals; if feedback from prior risk assessments was considered in the design process and whether or not process owners understand their role in achieving the organization’s strategic objectives.

After process design objectives have been evaluated, process design risks must be tabulated and assessed. The likelihood and impact of risks that may prevent the achievement of the organization’s objectives should be assessed by numerous individuals, and the results of these assessments should be shared with all participants. Special attention should be paid to outlying likelihood and impact assessments, as the individuals who provided an outlying estimate may have specialized knowledge of specific risks facing the organization.

Next, the design of process controls must be evaluated, along with the ability of these controls to bring risks in line with the organization’s risk tolerance. Those processes in which inefficiencies and inadequate controls exist must be redesigned in accordance with the organization’s risk tolerance.

Special attention should be paid to high likelihood/high impact risks, as these present the greatest level of exposure to the organization. Low likelihood/high impact risks should also receive attention, as the organization may rarely face these events and be unaccustomed to dealing with them should they occur.

What are the key components of a process execution assessment?

A process execution assessment begins with the disaggregation of designed processes into executable tasks. Process operators should be interviewed to determine their perception of a process’s tasks, and they should also be observed to make certain that any process tasks were not forgotten in the initial interview.

Once executable tasks have been identified, an assessor must determine the existing level of process controls that mitigate each task. This includes the tabulation of preventive controls, as well as detective and corrective controls designed to minimize the likelihood and impact of risks, respectively.

Subsequent to the evaluation of process controls, key controls are tested to ensure they are functioning as intended. Testing should focus on those risks identified by process operators as having a low likelihood of occurrence or low impact. An assessor should also consider altering a company’s internal audit plan and rotation schedule to make control testing a periodic activity.

Lastly, a plan must be developed to correct processes requiring improvement, especially high likelihood/high impact processes. The root cause behind a high likelihood or high impact score must be well understood prior to developing a process improvement plan.

What resources exist for organizations looking to perform operational assessments?

Interested parties should request a copy of Cendrowski Corporate Advisors’ Operational Assessment Guide available at www.cca-advisors.com/operational-assessments-overview.php, as well as view last month’s introductory article. Both provide an excellent starting point for any organization looking to perform an operational assessment.

James P. Martin, CMA, CIA, CFE, is managing director for Cendrowski Selecky PC. Reach him at (248) 540-5760 or                                   jpm@cendsel.com.

Published in Detroit

Once strategic objectives are set by a company’s executive team and its board of directors, managers must move to enable the business’s operations to achieve these goals.

All businesses face risks in pursuing objectives. Operational assessments assist businesses in mitigating process design and execution risks associated with the achievement of the operational objectives.

“Operational assessments assist organizations in achieving their objectives by ensuring that strategic goals are appropriately translated into process design and execution objectives, and that the risks associated with the achievement of these operational objectives are mitigated,” says James P. Martin, CMA, CIA, CFE, managing director of Cendrowski Selecky PC. “Different procedures must be followed depending on which of these assessments is being performed.”

Operational assessments, however, are not without their own pitfalls. This month’s issue concludes a three-part series of interviews with Martin by examining frequent operational assessment pitfalls. Pitfalls pertaining to both process design and execution assessments are addressed.

Interested readers are encouraged to view Cendrowski Corporate Advisors’ Operational Assessment Guide, included in this month’s issue of Smart Business, as well as previous months’ interviews with Martin at www.cca-advisors.com/articles.php.

Smart Business spoke with Martin about pitfalls commonly encountered in process execution assessments and process design assessments.

What are some common pitfalls in process execution assessments?

One of the first steps in performing process execution assessments is interviewing employees. By conducting interviews, an assessor can determine the tasks that are performed by process operators, as well as the risk mitigation procedures they follow in performing those tasks.

Interviews, however, can present an assessor with misleading information and a potential false sense of security. For instance, an employee may be able to readily identify risk mitigation procedures associated with his or her tasks; whether or not the employee actually follows these procedures is a different story.

In order to guard against this issue, an assessor should not only interview process operators but also observe them as they perform their tasks. Observation will, preferably, occur after a professional rapport has developed between the assessor and the process operator, and the process operator feels comfortable in the presence of the assessor. If an operator is fully conscience of an assessor’s observation, and is uncomfortable with the observing party, he or she may alter usual behavior.

This is undesirable, as an assessor most wants to observe how a process operator conducts himself in the absence of out-of-the-ordinary supervision.

What are some common pitfalls in process design assessments?

A process design assessment examines risks that prevent the achievement of process design objectives and, indirectly, strategic objectives. A portion of this assessment involves the evaluation of the impact and likelihood of process design risks by process designers. (The impact associated with a risk represents organizational consequences in the event that the risk is realized, while the likelihood represents the chance or probability that the risk will occur.) Process designers may have differing views regarding the impact and likelihood of risks, and in some instances these differences may be significant.

When an assessor encounters such differences, it is essential that he take the time to examine the discrepancies, as well as consensus impact and likelihood values. When a process designer views a risk differently from his peers, he may have unique knowledge of a risk. This knowledge may arise from the designer’s intimate involvement with a process, his knowledge of the organization’s internal environment, or through other means.

No matter why they occur, discrepancies in risk estimates represent an important component of operational assessments, and one that assessors must carefully analyze and not gloss over.

Once an assessment has concluded, how can those who conducted an operational assessment ensure that recommendations and improvement plans are followed subsequent to the assessment’s conclusion?

Follow-through on recommendations and plans begins with the assignment of clear roles and responsibilities to team members who take charge of the improvement effort.  The success of an improvement initiative depends on the success of each individual team member; if one fails to achieve his or her individual goals, this failure may derail the entire improvement plan.

Monitoring by higher-level managers and/or the board of directors serves to mitigate this risk. In addition to monitoring, merit pay tied to the achievement of improvement items may be awarded to further incentivize leaders to achieve established goals.

What additional resources exist for organizations looking to perform operational assessments?

Interested parties should sign up to receive Cendrowski Corporate Advisors’ complementary Operational Assessment Guide at www.cca-advisors.com/operational-

assessments-overview.php. It’s an excellent starting point for any organization looking to perform an operational assessment.

James P. Martin, CMA, CIA, CFE, is managing director for Cendrowski Selecky PC. Reach him at jpm@cendsel.com or (248) 540-5760.

Published in Detroit

Once strategic objectives are set by a company’s executive team and its board of directors, managers must move to enable the business’s operations to achieve these goals.

All businesses face risks in pursuing objectives. Operational assessments assist businesses in mitigating process design and execution risks associated with the achievement of the operational objectives.

“Operational assessments assist organizations in achieving their objectives by ensuring that strategic goals are appropriately translated into process design and execution objectives, and that the risks associated with the achievement of these operational objectives are mitigated,” says James P. Martin, CMA, CIA, CFE, managing director of Cendrowski Corporate Advisors. “Different procedures must be followed depending on which of these assessments is being performed.”

Operational assessments, however, are not without their own pitfalls. This month’s issue concludes a three-part series of interviews with Martin by examining frequent operational assessment pitfalls. Pitfalls pertaining to both process design and execution assessments are addressed.

Interested readers are encouraged to view Cendrowski Corporate Advisors’ Operational Assessment Guide, included in this month’s issue of Smart Business, as well as previous months’ interviews with Martin at www.cca-advisors.com/articles.php.

Smart Business spoke with Martin about pitfalls commonly encountered in process execution assessments and process design assessments.

What are some common pitfalls in process execution assessments?

One of the first steps in performing process execution assessments is interviewing employees. By conducting interviews, an assessor can determine the tasks that are performed by process operators, as well as the risk mitigation procedures they follow in performing those tasks.

Interviews, however, can present an assessor with misleading information and a potential false sense of security. For instance, an employee may be able to readily identify risk mitigation procedures associated with his or her tasks; whether or not the employee actually follows these procedures is a different story.

In order to guard against this issue, an assessor should not only interview process operators but also observe them as they perform their tasks. Observation will, preferably, occur after a professional rapport has developed between the assessor and the process operator, and the process operator feels comfortable in the presence of the assessor. If an operator is fully conscience of an assessor’s observation, and is uncomfortable with the observing party, he or she may alter usual behavior.

This is undesirable, as an assessor most wants to observe how a process operator conducts himself in the absence of out-of-the-ordinary supervision.

What are some common pitfalls in process design assessments?

A process design assessment examines risks that prevent the achievement of process design objectives and, indirectly, strategic objectives. A portion of this assessment involves the evaluation of the impact and likelihood of process design risks by process designers. (The impact associated with a risk represents organizational consequences in the event that the risk is realized, while the likelihood represents the chance or probability that the risk will occur.) Process designers may have differing views regarding the impact and likelihood of risks, and in some instances these differences may be significant.

When an assessor encounters such differences, it is essential that he take the time to examine the discrepancies, as well as consensus impact and likelihood values. When a process designer views a risk differently from his peers, he may have unique knowledge of a risk. This knowledge may arise from the designer’s intimate involvement with a process, his knowledge of the organization’s internal environment, or through other means.

No matter why they occur, discrepancies in risk estimates represent an important component of operational assessments, and one that assessors must carefully analyze and not gloss over.

Once an assessment has concluded, how can those who conducted an operational assessment ensure that recommendations and improvement plans are followed subsequent to the assessment’s conclusion?

Follow-through on recommendations and plans begins with the assignment of clear roles and responsibilities to team members who take charge of the improvement effort.  The success of an improvement initiative depends on the success of each individual team member; if one fails to achieve his or her individual goals, this failure may derail the entire improvement plan.

Monitoring by higher-level managers and/or the board of directors serves to mitigate this risk. In addition to monitoring, merit pay tied to the achievement of improvement items may be awarded to further incentivize leaders to achieve established goals.

What additional resources exist for organizations looking to perform operational assessments?

Interested parties should examine Cendrowski Corporate Advisors’ complementary Operational Assessment Guide included in this month’s issue, or download the document at www.cca-advisors.com/operational-assessments-overview.php. It’s an excellent starting point for any organization looking to perform an operational assessment.

JAMES P. MARTIN, CMA, CIA, CFE, is managing director for Cendrowski Corporate Advisors LLC. Reach him at (866) 717-1607 or jpm@cendsel.com.

Published in Chicago

Expert witnesses are frequently used by attorneys in the courtroom.  While many qualified experts exist, the “right” expert can greatly assist counsel and the litigation with his testimony.

“An expert witness can offer testimony about a scientific, technical, or professional issue in a court case,” says John Alfonsi, CPA, ABV, CFF, CFE, CVA, managing director of Cendrowski Corporate Advisors LLC. “Finding the ‘right’ expert is often a difficult task, but our experience demonstrates that attorneys generally look for several attributes when selecting an expert witness.”

Smart Business spoke with Alfonsi about what attributes attorneys generally look for in an expert witness.

What are some key attributes that an expert witness should possess?

In our experience, attorneys generally seek an expert witness (aka ‘expert’) who possesses at least four attributes: 1) relevant professional experience; 2) a history of testimony in which that person has represented both plaintiffs and defendants; 3) active involvement in his or her field of expertise; and 4) credentials.

Why are a track record of professional experience and a history of testimony for both plaintiffs and defendants essential qualities of an expert witness?

Opposing counsel may try to discredit an expert witness by demonstrating a lack of relevant business and/or courtroom experience. Though a potential expert may have years of experience, this does not necessarily mean he has a high level of expertise in the specific area of the case, or that his experience demonstrates the requisite unbiased nature that an expert must possess.

For example, some experts have only provided their services on behalf of either the defendant or plaintiff. Such a track record might be used by opposing counsel to infer a bias on the part of the expert, even if the bias does not exist; the appearance of bias in and of itself may undermine the expert’s testimony.

Why is active involvement an essential quality of an expert witness?

Active involvement often manifests itself in an expert’s writing and speech; both are key elements of his testimony. Experts who contribute to their field generally pride themselves on having a thorough understanding of the subject matter. They may be most up to date on recent rulings and opinions regarding relevant analytical techniques, and will generally ensure their testimony complies with these items.

Active involvement may also manifest itself on the stand in the expert’s ability to convey findings to nontechnicians, such as a judge or jury members. Experts primarily work with individuals who readily understand the technical terms and analytical methods of the field.  This peer group may be quite different from a judge or jury pool.

Involved experts will recognize this difference and have a profound understanding of their area of expertise, permitting them to successfully articulate their findings.

Do attorneys generally look for specific credentials in selecting an expert witness?

Attorneys generally engage experts who hold credentials in their field requiring the expert to pass rigorous tests, participate in continuing education programs, and/or possess significant, related experience.  In some instances, multiple credentials adhering to such criteria might exist within a given field.

For instance, business valuation credentials fitting the previously mentioned criteria include Accredited in Business Valuation (ABV), Certified Valuation Analyst (CVA), Certified Business Appraiser (CBA), and Accredited Senior Appraiser (ASA). No one credential is generally better than the other, but credentials generally emphasize the expert’s commitment to his profession and understanding of the technical issues.

Is analytical ability the most important attribute of an expert?

It is a key attribute, but sometimes not the most important. Though an expert may have strong analytical abilities, it is important that he be able to articulate his findings in a clear and concise manner, both on the stand and in written testimony.

In a recent U.S. Tax Court case, Estate of Gallagher v. Commissioner, the presiding judge faulted the taxpayer’s expert witness numerous times for failing to adequately explain his analytical methods and resultant conclusions included in his business valuation. Thus, in spite of the expert’s analytical methods, the court found his arguments less persuasive than those of the opposing IRS expert.

To specifically address this issue, some experts purposefully make liberal use of visual tools, including graphs and flowcharts, in reports and include detailed explanations to ensure findings are well articulated and written at a level that non-business professionals can fully comprehend.  These experts might also assume a reader has little-to-no prior knowledge of the technical aspects of the case, or of the analytical methods employed.

This strategy helps ensure a reader or listener will not be confused by necessary technical jargon or methods that might otherwise be nonintuitive to a layperson.

John T. Alfonsi, CPA, ABV, CFF, CFE, CVA, is a managing director of Cendrowski Corporate Advisors LLC. Reach him at (866) 717-1607 or jta@cendsel.com.

Published in Chicago

When President Barack Obama signed into law the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) on July 21, 2010, it was one of the most sweeping changes to financial regulation in the United States since the Great Depression.

Among other things, the act created the Financial Stability Oversight Council, whose role is to identify and respond to emerging risks that may pose a threat to the U.S. financial system. Members of the council will include the secretary of the Treasury, the Federal Reserve Board and SEC administrators.

Dodd-Frank applies to all public, non-bank financial companies, as well as larger public bank holding companies. However, the act’s implications can and should be used as best practices in other types of organizations. For example, private companies can benefit by implementing risk management processes in the same vein as those discussed in the act. Dodd-Frank also affects all federal financial regulatory agencies and almost every aspect of the nation’s financial services industry.

On May 25, 2011, the SEC adopted final rules implementing whistleblower provisions of Dodd-Frank. While politicians and practitioners have touted the Dodd-Frank provisions as an advancement in corporate governance, these provisions may provide less incentive for whistleblowers to come forward in tax-related matters than the existing rules on which they are based, the Internal Revenue Code, says James P. Martin, CMA, CIA, CFE, managing director of Cendrowski Corporate Advisors LLC.

“More specifically, whistleblowers may elect to report unlawful actions to the IRS as opposed to the SEC due to greater perceived anonymity and monetary rewards, a lower materiality threshold for tax assessments than financial statements and the administrative structure of the IRS and SEC whistleblower programs,” says Martin.

Smart Business spoke with Martin about Dodd-Frank and how it affects whistleblowers.

What types of pressures do whistleblowers face?

Whistleblowers often face significant pressure to remain quiet rather than report unlawful actions. Recent studies indicate that between 82 and 90 percent of whistleblowers are fired, quit under duress, or are demoted. Competitive employers have blacklisted more than 60 percent of whistleblowers.

For individuals working in a geographical area with few employers, or in an industry with little competition, the effects of whistleblowing can be substantial. Whistleblowers may find themselves ostracized by local, regional and national businesses for their actions. They may also face adverse social consequences.

How are these pressures mitigated by legislation?

Many whistleblower laws have anti-retaliation provisions. For example, whistleblower provisions of Dodd-Frank provide for anti-retaliation protection and state that the SEC will protect the identity of the whistleblower to the largest extent possible. However, a whistleblower must satisfy numerous conditions to receive these benefits — arguably more conditions than the Internal Revenue Code on which Dodd-Frank is based.

Many whistleblowers may not come forward because they might assume they will eventually be exposed. Whistleblower laws also incentivize individuals to come forward by offering them a bounty reward in the event that a governmental body successfully recovers monies.

How does Dodd-Frank compare to existing IRS whistleblower laws?

With respect to Dodd-Frank, the SEC must pay an award of between 10 and 30 percent to eligible whistleblowers. Section 7623 of the Internal Revenue Code, however, mandates a whistleblower award of between 15 and 30 percent of the amount recovered by the IRS. Thus, the IRS is required to minimally pay a 50 percent larger award than the SEC for information resulting in successful enforcement of unlawful actions.

Existing IRS whistleblower laws are also more favorable than Dodd-Frank due to the concept of materiality. In enforcing securities laws (including the Sarbanes-Oxley Act of 2002), the SEC is largely concerned with matters that are material to financial statements. The concept of materiality thus constrains the SEC’s actions. If the SEC feels an item is immaterial, it may forego investigation of the issue, and the whistleblower will not receive a monetary reward. The concept of materiality, however, largely does not apply to tax assessments.

As such, a whistleblower with knowledge of tax issues is incentivized to report the issue to the IRS as he or she is unconstrained by the concept of the materiality; the IRS may elect to investigate an issue that the SEC would otherwise not investigate.

How do the SEC and IRS differ in their administration of whistleblower claims?

Currently, the SEC lacks an independent whistleblower office to handle tips, whereas the IRS has a separate, independent whistleblower office, which serves as the central repository for all whistleblower claims. The director of this independent office reports to the IRS commissioner, decreasing the possibility that a claim remains uninvestigated by lower-level IRS managers. The IRS’s organizational structure, with its separate whistleblower office, may incentivize potential whistleblowers to report their concerns to the IRS as opposed to the SEC.

JAMES P. MARTIN, CMA, CIA, CFE, is managing director for Cendrowski Corporate Advisors LLC. Reach him at (866) 717-1607 or jpm@cendsel.com.

Published in Chicago

As the economy picks up and there is a renewed interest in the sale and acquisition of business interests, buyers and sellers should consider the tax rules regarding sales of S corporation shares.

Some of the most misunderstood transactions involve the sale and transfer of interests in entities taxable as an S corporation. The rules regarding the taxability of S corporations are often rigid and transactions involving transfers of S corporation interests can produce some harsh results.

“As most people are aware, S corporations are ‘flow-through’ entities,” says Walter M. McGrail, JD, CPA, a senior manager at Cendrowski Selecky PC. “S corporation shareholders, not the S corporations, are subject to income tax on S corporation earnings. S corporations also provide a shelter from self-employment tax, as an S corporation shareholder’s allocable share of the S corporation’s earnings are exempt from self-employment taxes.”

Smart Business spoke with McGrail about ways to mitigate S corporation taxation issues.

How rigid are S corporation rules?

Of all the flow-through entities, the rules regarding S corporations are the least flexible. Each shareholder must generally be allocated income on the same basis as every other shareholder, on a per-share per-day basis, regardless of when the distributable cash was generated. Also, to qualify as an S corporation, each shareholder must receive the same distributions, regardless of when the cash was generated from S corporation earnings. However, there is no requirement for an S corporation to distribute its earnings. The combination of these rules has historically resulted in some unanticipated results.

How are transfers of S corporation shares affected by these rules?

While many examples of the pitfalls of transferring S corporation shares exist, transfers can have the same result: a shareholder is allocated income and does not receive a distribution commensurate with the income allocated. For example, S corporation shareholders sell their interest to a third party or have their shares redeemed by the S corporation. The shareholder negotiates the sale price or, in the case of redemption, the sale price may be in accordance with the terms of an existing buy-sell agreement. The S corporation has a history of distributing cash to at least cover the tax liability associated with the allocated earnings. Former shareholders receive their Schedule K-1 reporting a large share of earnings and discover that policy and obligation are two different things. The corporation does not have any obligation to distribute and the former shareholders failed to account for this when negotiating the sale price. This happens even when the selling shareholder receives counsel, but not necessarily tax counsel.

There is another way in which shareholders can get surprised when receiving their schedule K-1 for the year that they sell shares. Perhaps selling shareholders were sophisticated enough to determine a fair price for their shares, which takes into account the taxable income to be allocated on their final S corporation Schedule K-1. But if the S corporation has significant earnings after the sale date of their shares, the selling shareholders’ Schedule K-1 may include such post sale date earnings. If the earnings after the date of sale are disproportionately higher from the pre-sale period, such a shareholder will find himself or herself surprised. They will receive a Schedule K-1 that reports earnings far in excess of what they anticipated or for which they receive cash. Similarly, shareholders paying what they believe to be fair market value may think they have paid the selling shareholder for the tax associated with earnings prior to their acquisition, only to discover on their Schedule K-1 that they are picking up a share of earnings from before they became shareholders. Further, they may find the S corporation has already distributed the earnings attributable to this period prior to the sale date.

Are there remedies to avoid unintended results?

First, make sure that whomever you use to assist with the sale or purchase has a working knowledge of the taxation of S corporations and their shareholders, as there are some things you can do to avoid surprises. The S corporation rules permit an exception to the per-share-per-day rule for transfers and redemptions, which results in the termination of a shareholder’s interest. If properly elected, the S corporation can ‘cut off’ its books and records as of the share transfer date and allocate items among shareholders before and after the sale date. While this typically eliminates surprises, it may require analysis of the income allocated between such pre- and post-transfer dates to ensure that the cut-off is properly made. For example, if the acquiring shareholder has control of the books and records, there is an incentive to defer deductions to the post-sale date or to accelerate income into the pre-sale period.

Secondly, an S corporation is permitted to distribute amounts to former shareholders after the effective date of the transfers. Consideration should be given to post-termination distributions at the time of the share transfer. Likewise, selling shareholders should consider the income to be reported on their final Schedule K-1 in negotiating a fair price.

When acquiring S corporation shares, perform due diligence to find out whether buy-sell agreements apply and, if so, whether they include provisions to handle the tax allocations on a transfer of shares. Likewise, investigate the contractual obligations of the S corporation to distribute earnings or to make post-transfer distributions and not on its historical practices.

With sales of S corporation shares, the old adage of forewarned is forearmed is all too true.

WALTER M. MCGRAIL, JD, CPA, is a senior manager at Cendrowski Selecky PC. Reach him at (248) 540-5760 or wmm@cendsel.com, or visit www.cendsel.com.

Published in Detroit
Page 2 of 3