Cloud computing has grown in popularity because it can help boost productivity and reduce costs by allowing organizations and employees to work collaboratively over the Internet from the office and remote locations.

But that ease of access to your business applications and data brings increased risk.

“Cloud computing presents a number of risks, ranging from data leakage to cyberattacks on cloud computing vendors and their customers,” says Jim Stempak, a principal at Crowe Horwath LLP.

Smart Business spoke with Stempak about a methodology to periodically assess cloud computing IT security risks.

What risks are associated with cloud computing?

Whether you sign up for software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS) or some combination of service models, your organization is exposed to risk because security is applied differently than in traditional noncloud IT environments. Additionally, your vendor might not have security standards on par with your own.

Some areas of risk are:

  • Cloud governance risk. Cloud governance refers to controls and processes for cloud planning and strategy, vendor selection, contract negotiation, implementation, operation and possible termination of service. Some companies rush into cloud computing and don’t properly assess risks and implement controls to mitigate them.
  • Weak identity and access management controls. Moving to the cloud can drastically change how customers control access to accounts and computing resources, thus introducing new security risks.
  • Unsecured data connections. With the cloud, much of the data communication takes place outside of your IT environment. It’s important to understand where your data is and assess vendor protection of data in transport and storage.
  • Workforce security risk. Often employees use personal cloud storage services such as Dropbox, Evernote, Google Apps, SkyDrive and iCloud to transfer and store work-related files without authorization or oversight from IT management. A recent Nasuni Corp. survey of 1,300 corporate IT users found one in five respondents put work files in personal Dropbox accounts. Personal cloud storage services lack enterprise-class security protection, and, in turn, could put sensitive data at risk and increase the chance your organization is noncompliant with industry and government standards.

How should a company assess its cloud security risks?

Companies should review all layers of risk associated with the specific use of cloud services in their IT environment. Start with a review of common controls, including cloud governance, identity and access management, and transmission security. A corporate cloud security assessment typically focuses on controls affecting cloud governance, such as cloud planning and strategy, vendor selection, implementation, termination and transition of cloud services; identity and access management, such as account setup, level of access and single sign-on; and secure connectivity, such as encryption, backup plans, logging and monitoring.

You also need to conduct a workforce assessment to identify unauthorized use of personal cloud services, which includes:

  • Network scanning — special software applications scan networks for the most popular services for storing and transferring data in the cloud.
  • Passive monitoring — applications track network traffic to uncover connections with website addresses associated with personal cloud services.
  • Log analysis — servers have log files that capture useful data about network activity to help pinpoint cloud services traffic.
  • Workforce survey — ask if employees are using personal cloud services for work and why. This can help you understand cloud service needs and identify potential risks.

Cloud computing changes the way people work and is here to stay. Organizations need to completely understand how they are using cloud services — in both known and unknown ways — before valuable data winds up in the wrong hands.

Jim Stempak is a principal at Crowe Horwath LLP. Reach him at (214) 777-5203 or

Insights Accounting is brought to you by Crowe Horwath LLP

Published in Dallas

Related-party transactions have played a significant role in accounting failures and frauds. In a study of Securities and Exchange Commission fraud allegations by the Committee of Sponsoring Organizations of the Treadway Commission, 18 percent of companies alleged to have committed fraud were accused of using related-party transactions to hide misstatements in financial reports.

“Yet the rules on accounting for these transactions have remained stagnant, and very little accounting guidance exists to assist preparers of financial statements,” says Wayne Williams, a partner at Crowe Horwath LLP.

Smart Business spoke with Williams about how related-party transactions can pose reporting problems.

What transactions are prone to errors?

Three that create the most confusion are:

1. Owner’s debt converted to equity. In these cases, there is little accounting guidance. When a business owes debt to an owner and the owner converts it into equity, the fair value of the equity often doesn’t equal the remaining balance of the debt. That means a gain or loss, or some other type of transaction, needs to be recognized for the difference. For example, if a company exchanges $50 million in debt outstanding to its owner for $80 million in equity, the business could make a credit to equity for $50 million or recognize a loss representing the fact that $80 million of equity was exchanged for only $50 million of debt.

The concept of recognizing expenses from certain transactions with related parties is widespread within U.S. generally accepted accounting principles (GAAP). However, what if the entity exchanged $50 million in debt for $40 million of equity? Unlike expenses, gains from capital-type transactions have little support within GAAP. In this scenario, the business should derecognize the carrying value of its debt, which would include elements such as a discount or premium on debt, with the offsetting credit to equity.

2. Related-party forgiveness of debt. An entity shouldn’t recognize a gain when forgiving related-party debt because assumption of debt ordinarily doesn’t result in a loss. When a business borrows from a related party, the business gets cash or other assets. To later recognize a gain from these assets provided by a related party would create an unusual result where invested funds could be treated as income, which appears to contradict existing GAAP on capital contributions when the transaction is considered as a whole. The holder of related-party debt is in effect changing the nature of its investment in the entity from debt to equity, so no gain should be recognized in net income.

3. Related-party forgiveness of other liabilities. An owner or other related party might provide goods or services to an entity and subsequently forgive the entity’s obligation to pay. For example, an owner/manager could have deferred compensation that has been accrued as an expense. If forgiven, should the business recognize a gain, or is forgiveness of the liability a capital transaction? GAAP does not prohibit either.

When deciding the appropriate accounting approach, consider how the original transaction was recognized, the nature of the relationship and the underlying economics of the transaction. In the example of deferred compensation, the arrangement had been recognized as an expense, so a gain might be appropriate. In other cases, the nature of the relationship dictates the answer — owners are more likely to engage in capital transactions because they generally benefit from the risks and rewards of ownership. Related parties are more likely to engage in transactions that would result in gain recognition when the underlying liability is forgiven.

What best practices remove risks involved with related-party transactions?

Know the related parties. Otherwise, you run the risk of failing to identify a transaction, allowing it to bypass internal controls established to evaluate and capture information about related-party transactions.

It’s also important to document related-party transactions as if they involve unrelated parties. Often, rights and responsibilities in related-party transactions are ‘understood,’ but not clearly expressed in documents.

Proceed with caution, maintain a vigilant watch for related-party transactions and you can reduce the chance of errors.

Wayne Williams is a partner at Crowe Horwath LLP. Reach him at (214) 777-5217 or

Insights Accounting is brought to you by Crowe Horwath LLP


Published in Dallas

By ruling that part of the Defense of Marriage Act (DOMA) was unconstitutional, the U.S. Supreme Court also set in motion some changes regarding federal income taxes.

The June decision struck down Section 3, holding that same-sex individuals who are married under state law also must be treated as married for income and estate tax purposes.

“The court’s decision will have an impact on many tax laws in states that recognize same-sex marriage,” says Tom Tyler, a partner at Crowe Horwath LLP. “Though being treated as married for federal tax purposes might provide certain tax benefits, it might also result in increased tax liability.”

Smart Business spoke with Tyler about the tax implications of the DOMA ruling and what they mean for employers.

How many states have legalized same-sex marriage, and which ones recognize those marriages from other states?

In addition to the District of Columbia, 13 states allow same-sex marriage: California, Connecticut, Delaware, Iowa, Maine, Maryland, Massachusetts, Minnesota, New Hampshire, New York, Rhode Island, Vermont and Washington. Thirty-five states, including Texas, have banned same-sex marriage, either through legislation or constitutional provisions. New Jersey and New Mexico have no laws either banning or allowing same-sex marriage. Five states — Colorado, Hawaii, Illinois, New Jersey and Oregon — allow civil unions or domestic partnership between same-sex couples, but not marriage.

What affect does the ruling have on federal income tax returns?

Joint returns can be filed for federal income taxes in states that recognize same-sex marriage. If not filing jointly, each spouse will need to file using married filing separately status. Affected taxpayers should review their 2013 filing status and adjust withholding and estimated payments as necessary, keeping in mind the marriage penalty for joint filers.

Generally, the statute of limitations for federal income taxes is three years, so the 2010, 2011 and 2012 tax years are open and returns can be amended. The IRS is expected to issue guidance regarding amending returns under the court’s decision. Taxpayers should wait for this guidance before amending returns.

How have strategies regarding estate and gift taxes changed?

The estate tax exclusion was increased earlier this year to $5.25 million, meaning an estate equal to that amount will not pay any estate taxes provided the decedent has the full $5.25 million exclusion remaining. In addition, the exclusion was made portable such that a deceased spouse’s unused exclusion amount carries over to the surviving spouse upon his or her death for use by the survivor. Therefore, a married couple could shelter up to $10.5 million by simply leaving everything to a surviving spouse. Same-sex couples can now take advantage of these rules as a result of the DOMA ruling. Before the ruling, they couldn’t.

For gift tax purposes, same-sex couples will be able to elect gift splitting, which treats gifts as made half by each spouse. Splitting gifts often allows each spouse to claim the full annual exclusion for gifts made to each recipient, currently $13,000 per person. This allows a spouse to gift up to $26,000 to a recipient without paying gift tax.

What should employers do in response to the DOMA ruling? How does it differ in relation to their state’s legal position on same-sex marriages?

Employers should review the decision with legal counsel to determine its impact. For example, employer-provided medical insurance is now available to same-sex couples on a tax-free basis. Prior to the court’s decision, these benefits were taxable to the nonemployee spouse. Employers might be able to claim a refund of payroll taxes paid on these benefits on a taxable basis, and individuals might be able to claim a refund of income taxes paid on these amounts.

As stated previously, Texas is one of the states that bans same-sex marriage. However, if a Texas business has employees in any of the 13 states or District of Columbia that recognizes same-sex marriage, it could be affected.

Tom Tyler is a partner at Crowe Horwath LLP. Reach him at (214) 777-5250 or

Insights Accounting is brought to you by Crowe Horwath LLP


Published in Dallas

Government pensions have received significant scrutiny over the past few years, and several studies indicate that the state and local government pension plans are severely underfunded, with cumulative estimates ranging from $1 trillion to $4 trillion in the U.S. New Governmental Accounting Standards Board (GASB) reporting standards will make the problem more apparent by making the shortfalls prominent on financial statements of the government employer. This transparency likely will drive increased scrutiny by legislatures, taxpayers, rating agencies and other stakeholders.

Instead of recognizing pension costs on balance sheets as annual expenditures based on a funding approach, government entities will need to address net pension liability — the difference between present value of projected benefit payments and investments set aside to cover those obligations.

“In some instances, reporting agencies could be required to show millions of dollars in new liabilities on their balance sheets and make sizeable adjustments to their income and expense statements as well,” says Kevin W. Smith, CPA, partner at Crowe Horwath.

Smart Business spoke with Smith about the new standards and how they will affect state and local governments.

How will the new standards take effect?

GASB Statement No. 67, ‘Financial Reporting for Pension Plans,’ and Statement No. 68, ‘Accounting and Financial Reporting for Pensions,’ take effect in fiscal years starting after June 15, 2013, and June 15, 2014, respectively. They replace requirements in GASB Statements Nos. 25, 27 and 50.

The fundamental change is that the previous standards did not require pension benefits to retired employees to be reported as a liability; employers disclosed an estimated amount of unfunded pension liability only in notes to the financial statements and in required supplementary information, but the net pension liability itself was not reflected on the balance sheet.

New standards require government entities to report the net underfunded pension obligations on financial statements prepared under the accrual basis — a statement of net position, for example.

Government entities also will have to adjust their estimate value of assets set aside to meet pension promises. Governments had been allowed to use an assumed long-term rate of return, with current rates of 7 percent or more as expected return on invested assets. If certain conditions are met, that will change to a blend between long-term rate of return and municipal bond rates, currently about 4 percent, which will have a significant impact on the projected liability.

How will local and state governments be affected by the change?

For many governments this ‘new’ liability will completely offset all of an entity’s net assets — similar to equity in a private entity.

Some cities, counties, school districts or special purpose governments might be affected by both new standards. As local government employers, these institutions must comply with GASB 68. If they administer pension plans for police, firefighters or others, they must adhere to GASB 67 plan administrator requirements.

The new standards spell out requirements for disclosing related information in the notes with the financial statements, which includes descriptions of plan and benefits provided, assumptions used to determine net pension liability and descriptions of benefit changes. Preparing these disclosures will take a significant effort.

What should be done now in anticipation?

The purpose of the new standards is to provide a clearer picture of financial obligations to current and former employees and to treat net pension liability like other long-term obligations. However, the standards might make government entities appear to be financially weaker, even though their financial reality is unchanged. Financial officers should be prepared to explain the situation to taxpayers, employees and other stakeholders. Management should take a proactive approach and begin now to explain anticipated changes to all stakeholders.

Local agencies also need to be ready to take on the extra workload that will be associated with the transition. The GASB is expected to release implementation guidance this summer that will clarify the next steps for state and local governments.

Kevin W. Smith, CPA, is a partner at Crowe Horwath. Reach him at (214) 777-5208 or

Insights Accounting is brought to you by Crowe Horwath LLP

Published in Dallas

The federal financial institution regulators want to avoid a repeat of risky lending practices that contributed to the recent recession. New guidance sets higher standards for borrowers, including private equity firms and companies, seeking leveraged loans.

“This is a proactive move on the part of bank regulators to avoid some of the underwriting pitfalls that institutions encountered prior to the recessionary conditions we had going into 2007 and 2008,” says Dickie Heathcott, a partner at Crowe Horwath LLP.

Smart Business spoke to Heathcott about the guidance — which had a compliance date of May 21 — and what it means for borrowers and financial institutions.

What is the guidance, and do financial institutions have to adhere to its provisions?

Although a guidance isn’t necessarily a rule, it effectively becomes one in the field. Banks have to follow it because that’s what regulators are going to use when they examine the bank.

The guidance, issued by the Federal Reserve, Federal Deposit Insurance Corporation (FDIC) and Office of the Comptroller of the Currency (OCC), covers transactions with borrowers who have a degree of financial leverage that significantly exceeds industry norms.

It focuses on sound, levered lending activities, including:

•  Underwriting considerations.

•  Assessing and documenting enterprise value.

•  Risk management expectations for credits awaiting distribution.

• Stress-testing expectations.

• Pipeline portfolio management.

•  Risk management expectations for exposures held by the institution.

The guidance applies to all financial institutions supervised by the agencies, but significant impacts are not expected for community banks because few have substantial involvement in leveraged lending.

Are there certain industries where leveraged lending is of particular concern?

Construction and development lending is being looked at very closely because of what’s happened in recent years. This type of lending is generally considered commercial real estate lending.

The OCC and the Fed released a white paper in April with findings from the regulators’ study of bank performance in the context of the 2006 interagency guidance, “Concentrations in Commercial Real Estate Lending, Sound Risk Management Practices.” That guidance established supervisory criteria for banks that exceeded 100 percent of capital in construction lending and 300 percent of capital in total commercial real estate lending.

According to the paper:

•  13 percent of banks that exceeded the 100 percent construction-lending criterion failed during the economic downturn from 2008 to 2011.

•  23 percent of banks that exceeded both the construction and commercial real estate criteria failed from 2008 to 2011, compared to 0.5 percent of banks that exceeded neither criteria.

•  An estimated 80 percent of losses in the FDIC fund from 2007 to 2011 were attributed to banks exceeding the 100 percent construction-lending criterion.

What does the guidance mean for businesses seeking loans?

Business owners can look for financial institutions to be very cautious in their underwriting. They will not have access to credit like they did in 2006, even though it seems that the economy has stabilized.

Regulators are being proactive; they can see that credit underwriting is loosening up. Quality deals are being priced so thin that financial institutions are looking at areas where they can make more profit, which, of course, brings additional risk.

From a financial institution standpoint, it’s becoming a very competitive environment again. That means pricing more thinly or a loosening of underwriting standards. Institutions may be willing to finance certain types of loans they would have pulled the reins in on completely three or four years ago. The guidance is about ensuring that to the extent institutions enter into leveraged financing again, they do so in a more prudent manner.

Dickie Heathcott is a partner at Crowe Horwath LLP. Reach him at (214) 777-5254 or

Website: For more information on regulatory guidance for financial institutions, visit Crowe’s Regulatory Reform Competency Center.

Insights Accounting is brought to you by Crowe Horwath LLP

Published in Dallas
Friday, 30 November 2012 20:04

How to plan for year-end tax changes

Tax planning is even more uncertain and complex this year because of the number of tax changes scheduled to take place when the calendar flips to 2013.

“The expiration of the Bush-era tax cuts, the imposition of the Medicare surtax in 2013, whether or not certain tax provisions will be extended and President Obama’s proposed extension of the 36 percent tax bracket to married couples earning more than $250,000 adds a level of uncertainty to year-end tax planning not seen in years,” says Tom Tyler, partner with Crowe Horwath LLP.

Smart Business spoke with Tyler about potential tax changes and what business owners should do in preparation.

What are the Bush-era tax cuts, and what would be the effect of their expiration?

President George W. Bush cut individual tax rates to 10 percent, 15 percent, 28 percent, 33 percent and 35 percent, depending on a taxpayer’s taxable income, and reduced to 15 percent the rates for qualified dividends and capital gains. Taxpayers in the 10 percent and 15 percent brackets pay zero percent on qualified dividends and capital gains.

If Congress does not extend these rates beyond 2012, the new tax rates beginning in 2013 would be 15 percent, 28 percent, 31 percent, 36 percent and 39.6 percent. Dividends would no longer receive preferential tax treatment; instead, they would be taxed at ordinary income rates. Capital gains would be taxed at 20 percent — 10 percent for taxpayers in the 15 percent tax bracket.

In addition, President Obama has proposed extending the 36 percent tax bracket to adjusted gross incomes greater than $200,000 and $250,000 for single filers and joint filers, respectively. Note that adjusted gross income is determined before personal exemptions and itemized deductions; taxable income is determined after personal exemptions and itemized deductions. Absent the Obama changes, the 36 percent bracket would start at taxable income of $183,250 and $223,050, for single and joint filers, respectively.

What other tax changes are on the way in 2013?

The Patient Protection and Affordable Care Act added a 3.8 percent Medicare surtax beginning in 2013 for higher-income taxpayers. The tax applies to the lesser of a taxpayer’s net investment income or the amount by which the taxpayer’s modified adjusted gross income — adjusted gross income with foreign income added back — exceeds $200,000 in the case of a single filer or $250,000 in the case of a joint filer. Net investment income includes interest, dividends, royalties, rents, capital gains and passive income from trade or business activities. Higher income individuals with wages or self-employment income exceeding $200,000 for single filers and $250,000 for joint filers will see an increase in their Medicare tax rate from 1.45 percent to 2.35 percent.

For the past two years, the employee share of Old Age, Survivors, and Disability Insurance (OASDI) has been reduced from 6.2 percent to 4.2 percent. This rate reduction is scheduled to expire at year-end and will return to 6.2 percent. Employers that typically pay bonuses after year-end should consider accelerating the payment of those bonuses into 2012 for those employees below the Social Security wage base of $110,100.

Any other steps people should take before the tax rates change?

With respect to the tax rate increases and Medicare surtax, individuals might want to consider selling in 2012 appreciated capital assets that would generate long-term capital gains to take advantage of the 15 percent tax rate — zero percent for those in the 10 percent or 15 percent bracket. Loss assets could be held and sold in 2013 when the loss could be deducted at higher rates and result in increased savings.

If an individual controls a C corporation, consider distributing dividends from the corporation in 2012 instead of 2013, when the maximum rate on dividends is 15 percent instead of a potential rate of 43.4 percent — 39.6 percent plus 3.8 percent Medicare surtax. An S corporation that was formerly a C corporation and is considering distributing former C corporation earnings and profits could do so in 2012 to take advantage of the 15 percent tax rate on dividends.

Taxpayers also might want to consider repositioning their investment portfolios in light of these changes. Higher tax rates make tax-exempt investments more appealing. A shift away from dividend-paying stocks to nondividend paying stocks makes tax sense given the expiration of the favorable tax rate on dividends and the application of the 3.8 percent Medicare surtax to dividend income in 2013.

These tax saving ideas should be considered just one tenet of an individual’s overall investment plan.

Are deductions and exemptions going to change as well?

Unless extended by Congress, personal exemptions and itemized deductions will be subject to a phase-out beginning in 2013. Personal exemptions will begin to phase out at $267,200 of adjusted gross income for joint filers and $178,150 for single filers. Itemized deductions will be reduced by 3 percent of the amount adjusted gross income exceeds a threshold, projected at $178,150 for 2013.

Another uncertainty is the alternative minimum tax (AMT) exemption. Without congressional action, the exemption for 2012 would be $45,000 for joint filers and $33,750 for single filers. However, we are hopeful that an AMT ‘patch’ will be passed prior to year-end and increase the exemption. Last year’s exemption for joint filers was $74,450.

Tom Tyler is a partner with Crowe Horwath LLP. Reach him at (214) 777-5250 or

Insights Accounting is brought to you by Crowe Horwath LLP

Published in Dallas

The purchase price in the majority of merger-and-acquisition transactions is calculated using a common formula: Multiply the target company’s earnings before interest, taxes, depreciation and amortization (EBITDA) by an agreed-upon multiple.

However, Tom Vande Berg, a partner with Crowe Horwath LLP’s Transaction Services Group, says a seller can juggle a company’s assets and liabilities before the deal is finalized in ways that reduce its future cash flows without affecting its EBITDA.

“This can lead to the purchase price staying the same, although the company’s future cash flows could be considerably different than what the buyer expected,” he says.

This is where a working capital hurdle can be used to protect the buyer’s interest in future cash flows.

Smart Business spoke with Vande Berg about working capital hurdles and how they can positively affect M&A transactions.

What is a working capital hurdle?

A working capital hurdle is a predetermined amount of working capital built into the purchase price of a business. It can be a specific amount or set as a range, and it can be adjusted up or down based on the actual working capital at closing. Working capital hurdles help protect the buyer from changes in the targeted company that don’t show up in EBITDA but that have the potential to reduce expected future cash flows.

The adjustment typically is dollar for dollar, but it could be derived from a tiered structure in which the purchase price would change by a predetermined amount based on available working capital when the deal closes.

What is the benefit of working capital hurdles?

A working capital hurdle attempts to include in the transaction the normal working capital needed to run the business. Without the protection of a working capital hurdle, the buyer could end up with less future cash flow than bargained for because it is possible for a seller to maintain its EBITDA but not deliver the promised mix of assets and liabilities.

A working capital hurdle also has noncash-flow benefits such as increasing the likelihood the seller will maintain normal course business relationships.

Assuming cash is excluded from the definition of working capital, a seller could manipulate its assets by aggressively collecting accounts receivable. If receivables are reduced ahead of the transaction, the buyer will not receive the expected future cash flow from them.

A seller also could liquidate inventories by reducing production and inventories for sale. When the buyer then takes over the company, it will have less inventory to sell and will need to incur higher-than-expected costs to rebuild inventory levels. Another possible detrimental action by the seller is slowing payments of accounts payable, which will leave the buyer facing higher-than-expected obligations when the company is acquired.

A working capital hurdle can pre-empt certain noncash-flow issues, such as any ill will that might develop among vendors if a seller stretches accounts payable ahead of closing. It can also help a buyer deal with other issues that affect a deal’s bottom line.

For example, consider a target company that does not maintain an accounts receivable allowance for bad debt. Say the buyer finds that the company should have reported an allowance throughout the year preceding the transaction. Adjustments made by the seller to provide for the allowance at the beginning and ending dates of the analysis period will make it look as if there was no net income effect, and both the EBITDA and the purchase price will not change. However, the balance sheet could overstate the asset balance for accounts receivable, which means it has also overstated working capital. Hurdles can include adjustments for such overstatements and would result in a lower purchase price.

Sellers can also benefit from a working capital hurdle, as it can create a higher purchase price for delivering working capital above the hurdle.

How is the amount of a hurdle determined?

Most often, a hurdle is calculated based on the average monthly adjusted working capital over 12 months. The asset or stock purchase agreement might, for example, define working capital as current assets (excluding cash), less current liabilities (excluding debt), less items that are excluded by definition in the purchase agreement plus/minus pro forma or due diligence adjustments determined during the financial due diligence analysis.

However, a 12-month analysis is not always appropriate because, for example, it might not reflect the company’s current working capital needs if it is experiencing substantial growth. If revenue has grown 75 percent in the second half of the year, it is likely that the working capital at closing will be higher than a hurdle calculated on a 12-month average, which would drive up the purchase price. In this case, the hurdle might best be calculated based on the most recent three or six months.

It is also important to note that 12-month hurdle calculations generally factor out seasonality, but working capital levels could swing significantly depending on whether the purchase is made in or out of season. During a peak-season purchase, working capital is likely to be higher than average, leading to a higher purchase price, while the opposite is true for an off-season purchase.

Like most points in an M&A transaction, the hurdle amount is open to negotiation.  However, the existence of the hurdle should usually be non-negotiable.

Tom Vande Berg is a partner with Crowe Horwath LLP’s Transaction Services Group. Reach him at (214) 777-5253 or

Insights Accounting is brought to you by Crowe Horwath LLP

Published in Dallas

Banks have been dealing with evolving regulations for as long as banks have been in existence. So while the Dodd-Frank Wall Street Reform and Consumer Protection Act has given some in the banking industry cause for worry, the critical issue is how institutions will evaluate the potential effect and cope with increased regulations. While some banks might buckle under the threat, others will adapt to the new laws and regulations without allowing the complexity and costs of compliance to become an impediment.

“Savvy institutions recognize that the key is aligning their adjustments with their business models and processes,” says Jim Stempak, a principal at Crowe Horwath LLP. “By integrating compliance with normal business operations, banks stand to extract greater value from their business processes.”

Smart Business spoke with Stempak about how banks can find opportunity in new and revised regulations where others find dismay.

What regulations must banks be prepared to deal with in the near term?

Compliance officers are struggling with the efforts of bank regulators as they implement regulations under Dodd-Frank. Banks do not know what to expect from future regulatory examinations or where examiners will focus, so those expectations remain a moving target.

Questions also remain about the range of authority of the Consumer Financial Protection Bureau (CFPB), the agency established by Dodd-Frank. All banks will be directly or indirectly affected by CFPB rulemaking. Some will be required to work with this new agency’s examiners, who will be conducting exams and assuming responsibility for consumer compliance regulations in certain banks (those with more than $10 billion in assets). The CFPB is in the process of bringing its employees up to speed on the agency’s mission. Banks, however, are waiting without clear direction regarding the scope and timing of the CFPB examination process and how the new agency will coordinate efforts with other federal bank regulatory agencies. Financial institutions will be forced to contend with this environment of uncertainty for quite some time. Meanwhile, there are some measures that banks can take now that will allow them to successfully navigate this changing environment.

How have banks historically coped with increased regulation while managing to stay successful?

As the dust settles on Dodd-Frank’s initial effects, banks can begin to see that successful adaptation comes down to taking a measured and systematic approach to integrating the requirements with normal processes, often using enhanced technology. However, a silo approach to compliance is unlikely to succeed. Saddling the compliance officer with the sole responsibility of adapting to this new reality is unrealistic. Instead, success requires that key managers throughout the organization get on board. Line-of-business managers, for example, will need to integrate Dodd-Frank compliance into their daily activities, while IT managers will need to adjust existing technology platforms to integrate processes that facilitate compliance, or possibly design entirely new processes and technologies.

History offers examples of how banks learned to turn difficult regulatory requirements into opportunities. Take, for instance, the Know-Your-Customer (KYC) identification programs required by Bank Secrecy Act (BSA) regulations. This mandated banks to catalog their customers’ banking activity to better identify suspicious behavior. To do this, some banks used the information they gathered to develop a profile of each customer.

Another, more effective, approach manipulated existing processes and technology platforms to better gather information while sending a message to each customer that outlined how the bank’s inquiries were intended to better understand each customer and provide him or her with personalized products and services. As a result, the customer experience was improved, new accounts were opened in less time and many cross-selling opportunities became available to the bank. The customer service enhancements were in addition to establishing a solid platform for efficiently and effectively complying with the regulatory requirements.

Similar to what was done for KYC compliance efforts, information obtained through Dodd-Frank mandated data collection also likely will provide opportunities for banks to use the information for marketing and other value-added opportunities. By ingraining the requisite activities in their existing processes, banks were able to successfully adapt to the regulations rather than treating them as if they were burdensome compliance activities.

How can organizations best cope with complying with these regulations?

To facilitate compliance with new or revised regulations, organizations should develop cross-functional teams that alert the organization to changes that are likely to be required or that are coming. Teams can begin to develop strategies for implementing new or revised processes and technology. This will necessitate involvement from thought leaders from all levels of the organization, rather than taking an approach focused solely on compliance. Teams should develop a client-focused experience that also improves product development and existing processes as they work to bring the organization into compliance.

When dealing with certain consumer lending regulations, the team should consist of management representatives from areas including mortgage origination, consumer lending, regulatory compliance, IT and marketing. Teams should coordinate efforts to monitor specific regulations that affect consumer financial products, analyze the customer’s fit with the product and deliver products fairly to all consumers. This is especially important considering CFPB will be carefully evaluating compliance with new and revised regulations for consumer financial products, including mortgage loans.

Every financial institution will be touched by the regulations and it is up to banks to take an integrative approach to compliance to make a smooth transition while positioning them to take a competitive advantage. This will allow them to comply with the regulations while simultaneously advancing their business.

Jim Stempak is a principal at Crowe Horwath LLP. Reach him at (214) 777-5203 or

Insights Accounting is brought to you by Crowe Horwath LLP

Published in Dallas

For many companies, tax accounting is not a core competency. However, even if you don’t have qualified personnel on staff, keeping sufficient controls over your tax processes is of critical importance. Recently enacted laws have put more pressure on company executives to certify that their company’s accounting reports are accurate, says Tom Tyler, CPA, a partner with Crowe Horwath LLP in its Dallas office.

“One of the most common reported weaknesses is in the area of tax accounting,” Tyler says. “Partnering with a firm that has the resources and does this day in and day out can help a company avoid a material weakness.”

Smart Business spoke with Tyler about how partnering with an outside agency to handle tax functions can help you stay compliant and keep your business focused on what it does best.

Why are companies outsourcing their tax function?

The outsourcing of a company’s tax function is due first and foremost to the fact that tax management is increasingly complex, particularly if you are operating in multiple states or multiple countries. Also, considering the many types of taxes — income, payroll, property, sales and use, value-added, transfer taxes — it is important to have expertise in each of those areas, which is not often found under one roof.

Furthermore, outsourcing your tax function frees up time that allows employees to spend their energy on issues related to the business’s core competency. Those who handle tax management are typically responsible for other aspects of a business, as well, so taxes don’t get all of their attention. In addition, some companies don’t want to hire additional in-house staff for what some perceive as a compliance function.

Outsourcing often refers to a job function performed outside of a company’s home country. Is this the case with tax outsourcing?

While some might see tax outsourcing as moving the preparation of tax returns overseas, that’s not really the most common case. Although it is certainly one form of tax outsourcing, what is more often meant is engaging a competent third-party provider to perform three related functions or some part of those functions: accounting for income taxes, tax planning and annual tax compliance, or tax return preparation. All of those activities are done domestically, not overseas.

Co-sourcing is another option in which specific tax areas are handled by a third-party provider, for example, sales and use taxes, or real and personal property taxes. Companies that have an in-house tax function, however robust, are often in a co-sourcing relationship for some piece of their tax planning or preparation.

Why would a company choose to outsource the accounting for income taxes?

For public companies, the answer can be found in the 2002 Sarbanes-Oxley Act. SOX requires both the CEO and CFO to certify that a company’s annual and quarterly reports filed with the Securities and Exchange Commission fully comply with certain requirements of the Securities Exchange Act of 1934 and that the reports fairly present the company’s financial condition and results of operations.

In addition, SOX requires companies to test their internal controls over financial reporting and correct any deficiencies or report them as material weaknesses. Tax accounting is an area most commonly reported as a weakness. To strengthen this area and ensure that your company remains in compliance, work with a firm that focuses on tax accounting as its primary business.

Privately owned companies can also benefit from outsourcing the accounting for income taxes. In the case of a growing business in which key employees need to focus their efforts on markets, product lines and other strategic issues, it makes sense to look externally for this expertise.

Accounting departments might be stretched thin and the CFO or controller is likely to wear many hats. The time that they can devote to the tax area may not be sufficient, and outsourcing can remove a time-consuming task, allowing efforts to be focused on the most strategic issues related to a company’s core competencies.

Turnover can cause a company to seek an outsourcing solution, particularly when the departing employee was the most qualified to handle this task. Temporary absences could also create gaps in expertise that could be filled by outsourcing.

When should a company consider outsourcing?

A company should consider outsourcing when it doesn’t have the technical skills or the resources to do the job in house, or when the costs to have a fully staffed tax function outweigh the benefits. In addition to salaries, consider the cost of benefits, software, hardware and training, among other things. The software costs alone might be prohibitive and at times can be as high as the cost of outsourcing.

Co-sourcing makes sense when a company doesn’t possess the specific skill for the function it wants to co-source. For example, a company that is acquisition minded might co-source the tax planning and compliance associated with acquisitions to a firm that has expertise in the mergers and acquisitions arena.

A company with personnel who possess the skills and technical knowledge regarding income taxes might not possess the skills to adequately comply with and plan for personal property taxes.

Tom Tyler, CPA, is a partner with Crowe Horwath LLP in the Dallas office. Reach him at (214) 777-5250 or

Insights Accounting is brought to you by Crowe Horwath LLP

Published in Dallas

For banks involved in acquisitions, a changing regulatory landscape poses some potential pitfalls. The Dodd-Frank Wall Street Reform and Consumer Protection Act, enacted in the wake of the recent economic downturn, stepped up regulatory oversight of banks and created a new federal regulator, the Consumer Financial Protection Bureau (CFPB), to protect consumers from financial fraud.

Together, the CFPB and other federal regulators are actively enforcing a wide range of safety and soundness rules, anti-money laundering regulations and consumer rules at financial institutions.

“As consolidation continues, more banks are struggling to combine regulatory risk methodologies,” says Dickie Heathcott, partner with Crowe Horwath LLP.

“When banks combine through a merger, acquisition, or joint venture, the target bank is incorporated into a larger organization, which then assumes the combined regulatory risks, both known and unknown,” he says. The process is further complicated by the task of bringing together two separate cultures, governance structures, risk environments and control environments. In addition, the regulatory risk of the acquiring bank increases along with the range of products, services, customers and locations.

“Acquiring a customer base that is more cash intensive, conducts more international activity or that is geographically dispersed can increase the newly combined entity’s risk related to money laundering,” Heathcott says.

Smart Business spoke with Heathcott about how banks can meet the challenges of assessing regulatory risk in a combined entity by merging methodologies and establishing a foundation for regulatory risk assessments.

What processes should be combined in order to increase regulatory risk assessment efficiency?

Compliance executives need to establish a shared language by explicitly defining risk and risk tolerance levels. Doing so will establish a definition of terms such as ‘moderate risk’ so they are better understood by process owners in individual business units. Consistency should be established for categorizing or rating risk so the combined organization uses a single rating system to indicate its severity.

As part of restructuring the newly combined company, people and financial resources should be aligned with governance and oversight to synchronize responsibility and reporting for regulatory compliance requirements.

How can a newly merged entity keep abreast of its post-acquisition risk?

A comprehensive regulatory risk assessment conducted immediately following the combination establishes an institutional baseline for identifying and measuring regulatory risk consistently in the future. This helps the acquiring bank better understand the nature of the risks it has taken on and establishes a framework for an ongoing regulatory compliance program. A post-acquisition risk assessment should define the scope of risk. Each new customer type, territory, product and service gained through the acquisition represents new risk that must be recognized and managed. Identifying the spectrum of actual and potential exposure is necessary in order to ramp up compliance in new areas of business.

In fair lending regulators look at data that spans counties and ZIP codes to make sure institutions are investing credit dollars appropriately and are not engaging in predatory lending or redlining. If the acquired organization has been operating in underserved areas, the combined entity might have to build additional branches or expand community outreach initiatives in order to meet the requirements of the Community Reinvestment Act.

Also, the acquiring bank can create a comprehensive regulatory risk inventory that documents the defensible universe of risk that the organization faces. Banks can define and prioritize the subsets of risk in the inventory document that apply to the combined organization and that may need to be assessed, managed and monitored. Once an inventory is compiled, the controls that are in place to mitigate exposures can be assessed and scored for effectiveness using the common language of the combined entity.

Furthermore, regulatory risk assessments should be documented and shared across the organization to make enterprisewide risk transparent. The results can be distributed widely, including to the highest levels, to support strategic decisions. They can also be distributed to the business-unit owners and areas, such as the risk, compliance or legal function, that can best manage the risk.

What are the critical areas for which action plans need to be developed?

Now that the newly combined organization has isolated its residual risk — the exposure that exists after establishing mitigating controls — by conducting a regulatory risk assessment, plans can be developed to close control gaps and strengthen regulatory compliance focus and clarity on the highest risk priorities.

The regulatory risk of a lending product, for example, offered by an acquired bank in a limited geographic area, should be assessed for Community Reinvestment Act compliance by quantifying the number of loans affected and the total dollar value of the loans to determine the residual risk of the loan product. If this assessment determines that 400 customers representing $14 million in assets of an acquired money services operation presents too high a residual risk, the newly combined financial institution could divest those customer relationships. Conversely, if the relative risk of maintaining those customers is low, the financial institution might consider a plan for extending those relationships.

In developing a process for assessing regulatory risk, an acquiring financial institution builds the foundation for a sustainable and transparent regulatory risk management program that is able to overcome the differences between entities and straddle the complexities of combining them. Once in place, the risk assessment methodology can be used repeatedly and consistently to assess enterprisewide regulatory risk in a way that is useful to process owners and defensible to regulators and the board of directors.

Dickie Heathcott is a partner with Crowe Horwath LLP in the Dallas office. Reach him at or (214) 574-1000.

Insights Accounting is brought to you by Crowe Horwath LLP

Published in Dallas
Page 1 of 3