|
Newsletters
Archives
September 2005
Helping to Control Your Clients' Technology Risks 
Managing risks of all types is becoming increasingly critical in today's business environment. At the same time, most companies are becoming increasingly reliant on technology to manage their business, customer assets and intellectual property. Often technology risks are not given the same level of oversight as more traditional business controls while threats from both inside and outside their organizations are escalating. In addition, smaller businesses often lack the resources to adequately protect their computerized information and networks. The result can be a "time bomb" threatening the business and years of effort by the owners.
Information security risk assessments and reviews have become much more complex as new technologies and systems are implemented. Understanding new threats requires significant time investment and ongoing monitoring in an environment where new computer exploits can spread worldwide within minutes. Checklist tests, the standby of traditional audit programs, continue to be helpful but are of limited value without security validation tools that actually crawl through networks looking for security holes. Maintaining up-to-date tools and expertise is hard for organizations of all sizes, but especially for smaller businesses with limited staff and budget.
The most recent information security survey conducted by the FBI in conjunction with the Computer Security Institute (CSI) highlights the challenges of securing information systems. Some of the results include:
- 40% spent less than 2% of their technology budgets on security
- 78% detected security incidents that impacted their systems
- 22% were unsure if they had experienced a security incident
- 82% conducted security audits of some type
Summary survey results can be downloaded through CSI's Web site at www.gocsi.com .
Companies are increasingly using outsourced services to assist with technology risk assessments and monitoring to help protect their assets. To help address these needs, RSM McGladrey developed a national Technology Risk Management Services (TRMS) group to assist clients across the country. TRMS currently has over 90 staff members in 14 regional locations to serve middle market companies with their domestic and selected international requirements. TRMS has also helped many Network firms and their clients assess and mitigate technology risks.
Some of the services TRMS can provide include Risk Assessments, Network Security Assessments, Managed Intrusion Detection Services (MIDS), SAS 70 Reviews, Business Continuity/Disaster Recovery Planning, Technology Strategy Development and Systems Selections, IT Sarbanes Oxley and Internal Audit Services and Computer Forensics and Investigations.
Published in the RSM McGladrey Network News for September 9, 2005. Regular reviews are key to retirement plan compliance
Because of their complexity and potential long-term impact on the bottom line, retirement plans are among the most visible source of frustration in any organization. Many companies implement a plan when they start doing business but revisit it only when their third-party administrator, or vendor, recommends a change.
But most vendors cannot focus their energies on one company, and many prefer to sell and maintain "off-the-shelf" plans for the sake of efficiency and profit. With that in mind, experts say smart finance and human resource managers should stay abreast of ever-changing laws and consider a comprehensive third-party plan design review every three to five years.
These reviews can quickly identify current or potential opportunities or problems and ensure that your business is cost-effectively complying with retirement laws, while providing employees with up-to-date benefit opportunities.
Legal changes past and present
Qualified retirement plans, such as 401(k) or profit-sharing arrangements, have been affected in recent years by a number of legislative changes. For example, writing for the Martindale-Hubbell legal database, attorneys William Freedman and Ben Wells note that changes to recent laws should have been adopted by qualified retirement plans no later than one of the following dates (depending upon the plan and certain circumstances): Feb. 28, 2002; Sept. 30, 2003; or Jan. 31, 2004. The varying amendment deadlines applied to the following laws:
- General Agreement on Tariffs and Trade/Uruguay Round Agreements Act (GATT)
- Uniformed Services Employment and Reemployment Rights Act of 1994 (USERRA)
- Small Business Job Protection Act of 1996 (SBJPA)
- The Taxpayer Relief Act of 1997 (TRA 1997)
- The IRS Restructuring and Reform Act of 1998 (RRA 1998)
More recently, the Economic Growth and Tax Relief Reconciliation Act of 2001 (EGTRRA) brought extensive changes to retirement plan regulations. According to the Internal Revenue Service, EGTRRA affects a wide range of issues, including:
- Elective deferral amounts
- Catch-up contributions for participants 50 years old and older
- Annual addition limits in defined contribution plans
- Annual benefit limits in defined benefit plans
- Eligible compensation dollar limits
- Vesting schedules
- Tax credits for low-income participants
- Hardship distributions
- Key employee and "top heavy" plan definitions
- Plan loans for owner employees
- Rollover rules among different types of retirement plans
New legislative changes also affect automatic rollover of mandatory cash-out distributions, as well as taxation on Roth contributions to 401(k) plans. Here's how these changes can affect your business:
- Automatic rollover rules. Some companies require a cash-out of an employee's retirement plan balance upon termination of employment. However, in a change that became effective earlier this spring, mandatory cash-outs of more than $1,000 must be transferred directly into an IRA unless the participant elects to receive it or roll it into another retirement plan. Employers have two options regarding this new law: comply with the automatic rollover rules or eliminate mandatory cash-outs. Eliminating cash-outs may require the employer to maintain small accounts for short-term former employees and incur the associated administrative costs for these accounts. On the other hand, complying with the mandatory cash-outs requires a new process and an IRA provider to handle the rollovers.
- Roth contribution option. Effective Jan. 1, 2006, employers sponsoring 401(k) plans may allow plan participants to choose whether to pay taxes upfront on employee deferrals - thus avoiding future taxes on any income generated by the account - or make contributions on a tax-deferred basis and pay taxes when they withdraw funds from the account. Offering this option will require companies to make changes to their 401(k) or 403(b) plan to authorize such funds to accommodate the pre- or post-tax election, plan documents, benefits materials and other retirement administration functions.
Review your plan regularly
Not sure if your company is in compliance? You're not alone. With the complexity and frequent changes in retirement plan legislation, most executives don't have the time or expertise to keep pace. Ideally, a company's third-party administrator will take the lead in suggesting a review process. However, if that does not happen, experts recommend that key HR, benefits and finance staff meet with an outside retirement plan professional to conduct a plan review every three to five years.
Typically, there are two types of retirement plan reviews. A plan design review takes into account your company's particular goals and needs, employee demographics and turnover, total compensation packages, and legislative changes that may make your company's retirement plan better for employees, more cost-effective for you, or both.
On the other hand, a compliance review is a detailed assessment of all retirement plan documentation, amendments, annual administrative testing and governmental reporting to ensure regulatory requirements are met. A good time to conduct this type of review is after certain "triggering events," such as a change in third-party administrators or the departure of a key internal benefits staff member.
These steps can benefit your business in three main ways:
- Avoiding penalties for noncompliance. For example, if the vendor that manages your 401(k) plan is acquired, sold or merges with another company, plan amendments may be lost or overlooked. Missing a required amendment deadline could disqualify the plan from tax-favored treatment, meaning that a company could be forced to pay taxes on the nonvested amount of plan contributions, while employees could be required to pay tax on vested amounts. While it is best to avoid actions that could disqualify the plan, a compliance review can be a proactive tool to discover and correct problems before the IRS knocks at your door.
- Minimizing costs and maximizing savings. Recent business-friendly legislation means that a second look at your company's retirement benefits may boost your company's bottom line. Here's an example: If a smaller company with about 30 employees is using old contribution formulas to allocate retirement plan dollars, it may well be paying tens of thousands of dollars over what is required under the current statutes and regulations.
- Rewarding your best employees. A regular review of retirement benefits enables you to adjust a retirement plan to better reward the employees most responsible for your company's success. This review also allows you to consider changes in your company's vesting schedule, which could save money and provide financial rewards for long-term employee loyalty.
By taking these steps, you can protect your company from potentially expensive legal and compliance risks, while improving your ability to attract and retain top talent.
Published August 2005 RSM McGladrey's Advantage Electronic Newsletter
Increase in the optional standard mileage rates
The IRS has announced an increase in the optional standard mileage rates used by employees, self-employed individuals, and other taxpayers for the last four months of 2005. The rate has been increased to 48.5 cents per mile for all business miles driven between September 1 and December 31, 2005. This represents an increase of eight cents from the 40.5 cent rate in effect for the first eight months of 2005. The increased four-month rate used for computing deductible medical or moving expenses is 22 cents per mile. The 14 cents-per-mile rate used for providing services to charitable organizations is set by statute and did not change. Coffee Talk
The Beason & Nalley team raised $2,280 to be matched by Lowe's for a total of $4,560 for the Hurricane Katrina relief effort. Thanks again for your support.
Congratulations to Beason & Nalley's clients who were winners at the 2005 Small Business Awards.
Scott Butler attended the RSM McGladrey Manager Forum for Audit and Marketing held in Chicago, Illinois.
Denise Miles and Paige Nix attended the AICPA National Advanced Accounting and Auditing Symposium held in New York City.
Melissa Anderson will be speaking to the Alabama Society of Women Accountants and giving a GAAP Update presentation on Friday, September 23rd at the Holiday Inn Select Hotel (previously the Hilton).
Stephanie Kingsford will be speaking to the Alabama Society of Women Accountants and giving a Tax Update presentation on Friday, September 23rd at the Holiday Inn Select Hotel (previously the Hilton).
Sandra Baker and Carolyn Scarborough attend the RSM McGladrey Manager Forum for HR/Firm Administrators in Chicago, Illinois. Related Information:
BACK to Archives Also see:
Why Choose Us? | Industries | Contact Us
|
