Nonprofit Standard Newsletter - Fall 2020

Table of Contents

 

 

President Signs Protecting Nonprofits from Catastrophic Cash Flow Strain Act to Assist Nonprofit Organizations into Law

By Lee Klumpp, CPA, CGMA

On Aug. 3, 2020, President Trump signed the legislation to assist nonprofits and governmental entities into law.

 

The purpose of the legislation is noted as: “The Protecting Nonprofits from Catastrophic Cash Flow Strain Act aims to ensure that nonprofits, state and local governments, and federally recognized Tribes that operate as reimbursing employers under state unemployment insurance (UI) systems can receive the UI relief secured through the CARES Act (Coronavirus Aid, Relief, and Economic Security Act) without bearing onerous cash flow burdens that threaten liquidity.” State and local governments and federally recognized tribes have been able to remain financially viable during the COVID-19 pandemic by ensuring they receive federal help for unemployment payments upfront, instead of being reimbursed later. Nonprofits have not had these same benefits.

Nonprofit organizations, state and local governments, and federally recognized American Indian tribes generally have the option of operating as “reimbursing employers” (also known as “reimbursable employers”) under state unemployment insurance systems. This means that they make “payments in lieu of contributions” to finance unemployment benefits attributable to them. Most states periodically bill reimbursing employers for benefits paid out during that period to their former employees. In turn, employers who opt for this payment method are not obligated to pay unemployment insurance payroll taxes.

Section 2103 of the CARES Act, was intended to provide emergency relief to reimbursing employers by federally financing 50% of the UI obligations for these employers for the period beginning March 13, 2020 and ending Dec. 31, 2020. However, as interpreted by the Department of Labor (DOL) in guidance issued on April 27, reimbursing employers “must pay their bill in full” before they can receive reimbursement for one-half of their obligation. For many employers, the requirement to pay 100% of the UI bill before securing relief exacerbates the financial impact of historically high claims triggered by the pandemic, increasing the risk of further layoffs, closures or substantial reductions in services.

This new legislation would enable states to provide the CARES Act’s 50% emergency relief to reimbursing employers without requiring these nonprofits or other entities to pay their full bill first. While the net cost to the employer and the federal government would remain the same, as the employer would still be responsible for paying 50% of its bill and the federal government would still finance the remaining 50%, the procedural fix included in this legislation would significantly mitigate the cash flow concerns for reimbursing employers.

For states that have already begun administering Section 2103 relief under current law requirements, the legislation includes an explicit safe harbor for claim weeks prior to the date of enactment.

 

The following is an example that outlines how this process works under the current DOL guidance and how it would work under this new legislation.

Former and furloughed employees of a charitable nonprofit file UI claims collectively amounting to $50,000 in a given calendar quarter. The state workforce agency bills the nonprofit for $50,000 at the end of the quarter, at which point the nonprofit must pay the full bill or risk financial penalties. If the employer can pay the full bill, then the state can ultimately reimburse it for $25,000, provided by the federal government for this express purpose.

Under the new legislation, if the nonprofit pays any portion of its bill, the state workforce agency uses a federal transfer to the state unemployment trust fund to effectively reduce the bill to $25,000, which the nonprofit can pay without needing to pay the full $50,000 first.

Adapted from BDO Nonprofit Standard blog.

For more information, contact Lee Klumpp, National Assurance Partner – Nonprofit & Government, at [email protected].

Return to the Table of Contents

 

“Are we paying our executives appropriately?”

 

Answer these 3 questions and you'll know.

By Michael Conover
 


Board members are specifically charged with responsibility for managing the pay for top executives, but many have little to no experience with the subject. Those individuals with some compensation experience with other organizations, frequently have little to no experience directly related to the nonprofit board on which they serve. This is likely the explanation for the prevalence of “Are we paying our executives appropriately?” question.

It is a good question. And it is one that all boards, or at least their compensation committee, should be able to answer. If a board member does not know the answer, there should be no reluctance to ask the question. Unfortunately, people are sometimes hesitant to do so. People not familiar with the compensation topic or new to the organization’s board hold back. Whether unwilling to admit they have questions or feeling a need to “go along with others who seem to know what to do” or “continue to do things the way we’ve always done them”—the important question above just does not get asked. The path of least resistance is to simply chime in for the all too familiar “All those in favor, say Aye” board chorus.

In these COVID times there are, however, some new questions about executive compensation that need to be answered. Many of the familiar and essential factors normally included in board decisions about executive pay are no longer available or relevant. The disruption related to the virus has broadly impacted all sectors of the economy. The issue of competitiveness in terms of compensation is muted at least for the moment. Uncertainties abound and everyone is searching for answers about what they should do. For most organizations, the answers will come from within. Each must chart its own way for the foreseeable future. For this reason, I’d like to suggest the following three new questions to be considered to arrive at an answer for your organization related to whether executive pay is appropriate in these COVID times when unknowns seem to be the order of the day.

 

Question #1

Do our current financial condition and outlook for the next 18 to 24 months allow us to continue our current methods and levels of compensation for staff members and our executives?

Affordability is a critical issue and. possibly the most urgent one. If there are concerns about finances, there are a series of progressively more stringent techniques that can be taken, including: discontinuation of “voluntary” plans / payments; salary freeze; salary reduction; furloughs; staff reduction, etc. Each of these must be carefully weighed to arrive at the best answer for your organization. The consideration is not solely financial. Retention of key personnel, staff morale / engagement, continuation of critical services, stakeholder reactions, etc. are also important factors to consider.

Once decisions have been made about any cost-saving actions, they should be fully communicated to all concerned with as much advance notice as possible. In particular, all the details about the duration of the change(s) should be included to the degree that they can confidently be set. Future communications should be made as conditions change, as well as to affirm that the subject has not been forgotten.

 

Question #2

Under current conditions, should our competitive pay positioning policy be maintained?

Even if the organization’s financial condition can support holding current executive compensation at target levels in the competitive market, should they stay the same? There are several factors to consider.

COVID times have disrupted the availability and relevance of many sources of competitive compensation data. Newer IRS Form 990 filings are not being posted and are even more outdated than in normal times. Most compensation surveys are reporting on data collected pre-COVID and do not reflect current conditions. Reliable information on competitive compensation may not be available to guide pay decisions.

In some instances, competitive compensation levels have likely decreased due to temporary salary reductions, suspension of bonus / incentive plans, etc. The pressure to keep up with the market has decreased significantly for most organizations.

Finally, there are other factors that may weigh more heavily in executive compensation during these times such as: public / stakeholder perception of executive pay actions, equitable treatment of staff members vs. executives; etc.

For the next 12 to 18 months, executive compensation should be carefully considered as part of a thorough assessment of the organization’s situation and circumstances. As mentioned previously, competitiveness may not be as prominent a consideration now. Again, regular communication to all concerned about any change / moderation of traditional approaches to pay is critically important.

 

Question #3

What factors should be considered in executive pay decisions that are needed for 2020 or 2021?

COVID times may have deprived the organization of its traditional benchmarks or made its performance metrics no longer relevant. For this reason, many organizations will need to make pay decisions on a largely discretionary basis. Discretionary should not imply a hastily made monetary “thanks for everything” at year end. I am suggesting a thoughtful approach, one that requires pre-planning and discussion by the compensation committee of the criteria that will be used for any pay-related decision making.

Rather than delaying a discretionary decision until the final compensation committee meeting for 2020, boards would be well-advised to begin discussions and planning now for the specific factors that will be considered when these decisions are made. Board members can exchange and consider ideas to arrive at a general consensus about several critical factors that will be used.

For example, boards may consider:

  • How well has management cared for the organization’s employees?
  • How have the organization’s stakeholders been treated?
  • How have the organization’s vendors been treated?

 

These types of questions focus on the executives’ stewardship of the organization for the longer term. Once decided, the factors should be communicated to all concerned parties in advance. That information will highlight the behaviors and results that are important for moving forward through this time.

In summary, good answers to the three questions we’ve raised here are essential for a good answer to the “big” question—“Are we paying our executives appropriately?”—during these unprecedented times. Arriving at the right answer for your organization is critically important.

If you do not know the answer to “Are we paying our executives appropriately?” for your organization, please ask!

For more information, contact Michael Conover, managing director, Specialized Tax Services – Global Employer Services, at [email protected].

Return to the Table of Contents

 

FASB Issues ASU on Contributed Nonfinancial Assets

By Tammy Ricclardella, CPA
 


The ASU was issued to address stakeholder concerns about how nonprofit entities report contributed nonfinancial assets. Stakeholders expressed a need for additional transparency surrounding the amount of contributed nonfinancial assets and how they are used in a nonprofit’s programs and activities. Others noted the need for clarity in how these contributed nonfinancial assets were valued.

Though the update does not change the current recognition and measurement requirements in generally accepted accounting principles (GAAP), which is included in Accounting Standards Codification (ASC) 958-605, Revenue Recognition, the ASU is intended to improve current GAAP through enhancements to presentation and disclosures of contributed nonfinancial assets.

The scope of the ASU is limited to gifts of nonfinancial assets. The term nonfinancial assets includes fixed assets such as land, buildings and equipment; the use of fixed assets or utilities, materials and supplies such as food, clothing or pharmaceuticals; intangible assets; recognized contributed services; and unconditional promises of those assets. Many nonprofit organizations rely on these contributions to conduct their programs and mission-related activities.

The ASU requires that a nonprofit present contributed nonfinancial assets as a separate line item in the statement of activities apart from contributions of cash or other financial assets.

The ASU requires the following information be disclosed related to the contributed nonfinancial assets:

  • The contributed nonfinancial assets recognized in the statement of activities disaggregated by categories that depict the type of contributed nonfinancial assets.
  • Each category of contributed nonfinancial assets recognized as noted above should disclose the following:
    • Qualitative information about whether the contributed nonfinancial assets were either monetized or utilized during the reporting period.
  • If utilized, a description of the programs or other activities in which those assets were used.
  • The nonprofit’s policy (if any) about monetizing rather than utilizing contributed nonfinancial assets.
  • A description of any donor restrictions associated with the contributed nonfinancial assets. An example of this would be if an entity received contributed pharmaceuticals, and the donor restricted these for use outside of the United States.
  • The valuation techniques and inputs used to arrive at a fair value measure in accordance with the requirements in ASC 820, Fair Value Measurements, at initial recognition.
  • The principal market (or most advantageous market) used to arrive at a fair value measure if it is a market in which the recipient nonprofit is prohibited by a donor-imposed restriction from selling or using the contributed nonfinancial assets.

 

The amendments in the ASU should be applied on a retrospective basis and are effective for annual reporting periods beginning after June 15, 2021. Early adoption of the ASU is permitted.

Reprinted from the Nonprofit Standard blog.

For more information, contact Tammy Ricciardella, director, at [email protected].

Return to the Table of Contents

 

IRS Proposes Excise Tax Relief for Exempt Organization Executive Compensation Under Code Section 4960

By Marc Berger, CPA, JD, LLM, Alex Lifson, MBA, MST, Norma Sharara, JD, and Joan Vines, CPA
 

 

Background

The Tax Cuts and Jobs Act of 2017 (Public Law 115-97) created IRC Section 4960. As a result, starting in 2018, most tax-exempt organizations and certain governmental units, as well as for-profit employers who “control” or who are “controlled by” an “applicable tax exempt organization” (ATEO), may owe a 21% excise tax on (1) annual “remuneration” over $1 million paid to “covered employees” or on (2) any “excess parachute payments” (even if those are under $1 million).

ATEOs of all sizes (and their related for-profit entities) might owe this tax if they paid any employee $125,000 or more during any year beginning on or after Jan. 1, 2018. So even if the ATEO never paid any employee more than $1 million, the tax on excess parachute payments made to “highly compensated employees” could still be owed.

Section 4960 introduced several important new defined terms, including the following:

“Excess parachute payments” are amounts that exceed three times the covered employee’s five-year average wages and are contingent on an involuntary termination of employment.

“Remuneration” generally means Code Section 3401(a) wages paid during a calendar year ending with or within the employer’s tax year, excluding (1) Roth, tax-qualified retirement plans, 403(b) plan and governmental 457(b) plan contributions and distributions and (2) amounts paid to a licensed medical professional for the direct performance of medical services, but including amounts required to be included in income under 457(f)’s special timing rules (i.e., amounts are generally taken into account for the 4960 excise tax in the calendar year when the amount vests, regardless of when it is paid or included in income).

  • The proposed rules confirm that this special timing rule for determining annual remuneration does not include the 457(f) exceptions for short-term deferrals, certain severance payments and earnings on vested nonqualified deferred compensation (so such amounts would be included when determining 4960 excise tax). For example, short-term deferrals under 457(f) and 409A may be included in an employee’s taxable income in a different year than the year that those amounts must be included in 4960 excise tax calculations. Likewise, subsequent earnings on vested 457(f) amounts would be included in taxable income in a different year than the year those amounts must be included in 4960 excise tax calculations (for 4960, subsequent earnings on vested amounts are treated as paid annually, even if the amounts are not actually paid until later).
  • Under the proposed rules, remuneration and parachute payments that vested before the date in 2018 that the rules became effective for the ATEO are generally exempt from 4960 taxes (but would still count for purposes of determining whether an employee is a covered employee).

 

  • The proposed rules also clarify that remuneration includes taxable, below-market, compensation-related loans made to employees (which might arise, for example, in connection with certain split-dollar life insurance arrangements). The proposed rules clarify that nontaxable expense allowances and reimbursements (such as under an accountable plan) and other nontaxable benefits (like directors’ and officers’ liability insurance coverage) are not included in remuneration. The IRS asked for comments on whether certain taxable employee benefits (like group term life insurance over $50,000) should be included in remuneration.
  • The proposed rules create an administrative exception for payroll periods that cross over calendar years, which tracks the Form W-2 reporting rule. Specifically, regular wages are treated as paid when actually or constructively paid (not when vested). So, if a pay period ends on Dec. 30, 2020, but salary for that period is not actually paid until Jan. 6, 2021, then the salary is treated as paid in 2021 (and the salary is not treated as being vested in 2020). But that exception would not apply to bonuses or other irregular compensation, so if those amounts vest on Dec. 31, 2020, they are included in 4960 for 2020, even if they are not paid until 2021.

 

“Covered employee” means a common law employee (including any former employee) of an ATEO if the employee is one of the five highest-compensated employees of the organization for the taxable year or was a covered employee of the organization (or a predecessor) for any preceding taxable year beginning after Dec. 31, 2016. This means that ATEOs need to identify who their common law employees are under Code Section 3401 (i.e., for purposes of withholding federal income tax from paychecks).

 

 

New Volunteer/Limited Services Exceptions

One of the most sought-after changes the IRS adopted in the proposed regulations is that certain employees of a related for-profit employer providing services to an ATEO will no longer be treated as a “covered employee,” provided that the individual’s remuneration or hours of service satisfy specific limits. Generally, the exception will apply if (1) the services provided by the individual for the ATEO are not more than 10% of the total hours of service that the individual performs for all related organizations and (2) neither the ATEO nor any other entity controlled by the ATEO pays the individual for such services. The proposed rules set out a safe harbor for individuals who do not work more than 100 hours per year for the ATEO.

Many stakeholders wanted this exception to avoid 4960 excise taxes on the compensation paid to executives of for-profit companies that volunteer at a related ATEO, perform minor services as unpaid officers, perform limited services, or work limited hours. For example, many for-profit executives serve as officers of a corporate foundation created by the for-profit entity and many corporations have employee-sharing arrangements with their corporate foundation. Under the statute and Notice 2019-09, those arrangements would have subjected their compensation from the corporation to 4960 excise taxes.

The proposed rules also set out a more complicated “non-exempt funds” exception that might rescue certain situations where the individual who primarily works for the for-profit entity provides no more than 50% of his/her services to the ATEO and other conditions are satisfied. The proposed rules also include details on how to count hours of service for purposes of these exceptions.

Further, the proposed rules confirm that 4960 taxes apply only to employees, not to independent contractors or members of the board of directors who are not also employees of the ATEO.

 

 

New Controlled Group/Predecessor Rules

Generally, the proposed regulations define “control” for 4960 excise taxes by using Section 512(b)(13) (i.e., the same rules for reporting related organizations on IRS Form 990). For example, the proposed rules provide that a person (or governmental entity) controls a nonstock corporation if (1) the person has the power to remove and replace more than 50% of the organization’s directors; or (2) more than 50% of the organization’s directors are “representatives” (trustees, directors, officers, employees or agents) of that person. But the proposed rules create a new exception, where an employee will not be considered a “representative” if the employee lacks authority commonly exercised by an officer, doesn’t actually act as a representative of the person, and this fact is reported on the organization’s Form 990. So, if a majority of lower-level corporate employees serve as directors or trustees of an ATEO, the for-profit entity would not be “related” to the ATEO for 4960 purposes. This alleviates concerns over “accidental control.” The IRS also clarified how “indirect control” and attribution principles work for 4960 purposes.

The proposed rules also confirm that the owner of a single member entity (such as an LLC) is the employer of the employees of that entity.

In addition, the proposed regulations clarify that federal government “instrumentalities” are subject to 4960, but requested comments on that issue.

Although the proposed rules say that a foreign organization that otherwise qualifies as an ATEO would be subject to 4960 excise taxes, the IRS has asked for public comments on whether foreign organizations that are related to an ATEO should be subject to 4960 excise taxes. The proposed regulations also clarify that a foreign organization that receives substantially all of its support from sources outside the United States would not be an ATEO.

Keep in mind that a “covered employee” includes any employee who was a covered employee of a predecessor ATEO. The proposed regulations outline when an entity is considered to be a predecessor ATEO, including asset acquisitions, corporate reorganizations and chains of predecessors.

 

New Short Tax Year Rule

The proposed regulations provide guidance for determining how to handle short tax years, such as the initial or final calendar year that the ATEO is subject to 4960. For 4960 purposes, the applicable year for measuring remuneration and excess parachute payments is the calendar year that ends “with or within” the ATEO’s taxable year. For example, for an ATEO with a fiscal year from July 1, 2021 to June 30, 2022, the applicable tax year is calendar year 2021 for determining who is a covered employee and what remuneration is subject to 4960 excise taxes.

 

 

Only ATEOs Owe Parachute Excise Tax

The proposed regulations revise Notice 2019-09 by providing that only ATEOs could owe an excess parachute payment excise tax, based on a separation from employment with the ATEO. Notice 2019-09 implied that an ATEO or its related organizations are liable for excess parachute payment excise tax based on the aggregate parachute payments made by the ATEO and its related organizations, including parachute payments based on separation from employment from a related organization. Now it is clear that a separation from employment from a related entity that is not itself an ATEO would not trigger 4960 tax liability. Nevertheless, the proposed rules retained the concept that payments from for-profit related organizations must still be counted when determining the “base amount” and total payments that are contingent on involuntary separation from employment for 4960 excise tax purposes.

 

Unreasonable Positions

In the proposed regulations, the IRS repeated the warning it gave in Notice 2019-09 by confirming that the following are not reasonable, good faith interpretations of 4960:

  • Related for-profit or governmental entities are not liable for their share of the 4960 excise taxes.
  • A covered employee ceases to be a covered employee after a period of time.
  • A group of ATEOs may have only five highest-compensated employees among all related ATEOs.

 



Reprinted from BDO Nonprofit Standard blog.

For more information, contact Marc Berger, National Director Nonprofit Tax Services, at [email protected], Alex Lifson, Principal, Compensation and Benefits National Leader, at [email protected], Norma Sharara, Managing Director, National Tax – Compensation and Benefits, at [email protected], or Joan Vines, Managing Director, National Tax – Compensation and Benefits, at [email protected].

Return to the Table of Contents

 

Is Your Organization Audit Ready?

By Barbara Finke, CPA
 


First, what is an audit (and what is it not)? The purpose of an audit, as defined by the American Institute of Certified Public Accountants (AICPA), is “to provide financial statement users with an opinion by the auditor on whether the financial statements are presented fairly, in all material respects, in accordance with the applicable financial reporting framework. An auditor’s opinion enhances the degree of confidence that intended users can place on the financial statements.” An audit provides reasonable assurance, not absolute assurance, that the financial statements are correct (not materially misstated) within a defined threshold. The AICPA provides a set of standards that all audit firms are required to follow to achieve the appropriate level of assurance to issue the opinion. But an audit is not just a generic set of checklists. The auditor creates a tailored set of procedures based on a gained understanding of your organization that will mitigate the risk of material misstatements in your financial statements.

What might cause you to need an audit for the first time? New funding sources, whether debt or grants, may require an organization to submit financial statements audited in accordance with generally accepted accounting principles . Therefore, before any new grant or debt is signed, make sure someone in the accounting department is reviewing the requirements thoroughly. A first-time audit is not something you want to be surprised with!

During the COVID-19 pandemic, your organization may have taken on new debt that requires an audit. In addition, you may have received funding from the Coronavirus Aid, Relief, and Economic Security (CARES) Act or other pandemic related funding that may require an audit under Office of Management and Budget’s Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). To understand if the funding you received is subject to the Uniform Guidance, you should review the Assistance Listing available online or contact the funding source.

 

So, how can you ensure that your organization is prepared for the first audit? Follow these 10 steps:

1. Gather all of your organizational documents and significant contracts into one central location (preferably electronically), including:

  • Articles of Incorporation
  • Bylaws
  • Corporate Operating Agreement
  • Internal Revenue Service (IRS) exemption determination letter
  • IRS Form 1023 or 1024
  • Applicable state tax determination letters
  • All significant contracts (customer/grants/leases/vendor/pledge agreements)
  • Board minutes from the year(s) under audit
  • Commercial insurance policies
  • Trust agreements (annuities, life insurance policies, split-interest agreements, etc.)
  • All pension and post-retirement plan documents
  • Legal titles for real property owned
  • Corporate organizational chart
  • Staff organizational chart
  • Organization policies and procedures manuals
  • Other organizational documents

2. Document your key financial statement processes and policies. During the documentation process consider if your organization has proper internal controls and if the performance of those controls is adequately documented. Remember to consider your controls and policies over information technology systems that support your accounting records.

  • For guidance around internal controls, certain resources are available from the Committee of Sponsoring Organizations of the Treadway Commission or the Green Book published by the U.S. Government Accountability Office.

3. Compile a list of related parties, including related entities, and clearly document the relationship with each related party including a listing of any related agreements between the parties.

  • Consider consulting with your legal counsel (internal or external) to ensure all legal relationships are properly documented.

4. Review your accounting records and ensure that reconciliations are available for any balance sheet account as necessary to reconcile sub-ledger data (or any data maintained outside of the ledger) to the trial balance.
5. Ensure that transactional data from the period under audit (proof of expenses, sales, contributions or payroll records) is organized and available for testing as requested.
6. Ensure that a full schedule of all property and equipment, and related depreciation and amortization, is available.
7. Obtain sample audited financial statements of similar organizations. Review the financial statements to gain an understanding of what data to have available to produce the required footnote disclosures. Sample financial statements can be found on the Guide Star nonprofit’s website or on the Federal Audit Clearinghouse website (if the nonprofit was required to have an audit performed in accordance with Uniform Guidance).

Once you’ve hired your firm of choice (and before any recurring engagement) you should:
8. Facilitate a meeting with the audit team and those individuals you have designated as your financial governance committee (audit committee, finance committee, board of directors, etc.) to set expectations and discuss specific risks related to your organization.
9. Hold a meeting with the audit team and your management to discuss timing and specific items that you will need to prepare based on the tailored approach prepared by the auditor. Finalize the timeline of all deliverables to ensure that your financial statements will be issued by the date required. Once you have received the specific list of items to be prepared by the organization, hold an internal meeting to assign responsibility for each task and consider how the information will be organized and reviewed prior to delivery to the auditor.
10. If your organization has inventory, ensure that you invite the audit team to the year-end count or the next scheduled perpetual count.

With careful consideration of these steps and allowing adequate time for your team to pull and organize this information, even a first-year audit should run smoothly.

 

And for recurring audits? In addition to Tips 8-10 above, consider:

  • After the initial audit, the relationship with your audit firm shouldn’t be just the yearly audit. Keep in touch throughout the year to discuss changes in your strategies, funding, processes, etc. so your auditors can advise if there are any potential accounting or compliance issues you should consider. A nonprofit’s financial statements are often public documents, so checking in on how new events and transactions may impact your audit and financial statement presentation can help mitigate unwanted surprises. Talk to your auditors about any changes in accounting controls or any new funding streams that might impact compliance requirements.
  • Stay informed about any changes to legislation, accounting pronouncements or other compliance updates that will impact your organization’s financial statement presentation or compliance rules. While it is often assumed that it is only the auditor’s job to keep up with changes, management is ultimately responsible for all the information in the financial statements and, therefore, should have a working knowledge of requirements. Keeping up with the changes will also ensure that the accounting system and records are set up to produce the required information the auditors will need to audit your organization’s adoption of new standards.
  • Stay organized! Create a logical electronic filing system to ensure that you can easily locate the information that has been requested and your team has prepared. Then, keep the files until the following year for reference.
    • The COVID-19 pandemic required many organizations to move office personnel to a remote environment. Some localities are still under shelter-in-place mandates, and some organizations have chosen not to bring the full team back into the office. In all likelihood a portion, if not all, of your audit in the coming months will be handled remotely. The keys to a successful audit under COVID-19 pandemic restrictions are communication and flexibility. Here are some additional considerations as you prepare for a remote audit:
  • Review what, if any, changes have occurred in the internal control processes to accommodate remote working. Are there changes in the check writing or depositing process? Are there changes to approval controls? Discuss these changes with your auditor ahead of the scheduled audit.
  • Discuss with your auditor what file repository system will be utilized for the remote sharing of data from your organization to your auditors in a secure manner. Ensure that the filing system will meet the cybersecurity requirements of your organization.
  • Discuss the timeline with your auditor well in advance this year. Consider if additional time may be required for your team to transfer physical files to electronic copies.
  • Consider using video technology to allow for the auditor to observe processes through the digital environment and allow for “in-person” meetings and interviews throughout the audit. An auditor could potentially even use digital methods to conduct a physical inventory count observation.
  • Consider safety protocols that your organization and the audit firm will require if in-person work or meetings are considered necessary. Ensure that each team understands the legal and organizational requirements for protective equipment and social distancing protocol.

 

The word audit can often be a source of fear and dread. However, if you follow the tips above, your organization can be audit ready. An organization that is well prepared will see the audit process as a helpful tool for financial health and not an exhaustive exercise in pulling data. Communication with your auditors has always been important but with the current COVID-19 restrictions both communication and flexibility will be even more critical to a smooth audit process.

For more information, contact Barbara Finke, assurance director, at [email protected].

Return to the Table of Contents

 

Privacy Shield Invalidated - Nonprofits May not be Affected but Should be Aware

By Jibran Hussain, Andrew Tobel, J.D., CIPP/US, and Derrick King, CIPP/US

 

GDPR Applicability Background

Any nonprofit that collects or processes any information relating directly or indirectly to identifiable individuals, in connection with the offer of goods and/or services or monitoring of EU residents, is subject to the General Data Protection Regulation (GDPR). This could include the collecting or processing of EU members', benefactors’, grantees’, grantors’, or trustees’ Personal Data. Per the GDPR Personal Data are any data related to an identified or identifiable natural individual. Examples of Personal Data are first and last names, home address, Internet Protocol (IP) address, cookie identifiers and credit card numbers.

Nonprofits are not exempt from the GDPR, especially if they hold seminars or meetings in the EU, and/or monitor the online behavior of EU residents who visit their website, and/or maintain records on EU residents. Moreover, nonprofit activities that may also be in scope include the processing of Personal Data of volunteers, employees, donors, beneficiaries or fundraising activities. For example, if a U.S. nonprofit organization is aiding Yemeni refugees based in Germany – it would be required to comply with the GDPR as it is engaging in data processing activities pertaining to individuals in the EU. Lastly, the submission of grant reports to agencies or submission of accounting transactions from foreign office locations to U.S. home offices which include E.U. Personal Data may also have GDPR implications.

The CJEU’s decision is a major setback as it removes a commonly used method for transferring Personal Data from the EU to the U.S., i.e., the Privacy Shield. The Privacy Shield was administered by the Federal Trade Commission (FTC); however, 501(c)(3)s and other nonprofits, are not typically under the jurisdiction of the FTC and therefore likely could not participate in the Privacy Shield. Nonetheless, nonprofit organizations should be put on notice that transfer mechanisms are a requirement under the GDPR and subject to strict scrutiny by the courts. There are other data transfer mechanisms available should nonprofit organizations engage in EU-U.S. data transfers:

  • Standard Contractual Clauses
  • Binding Corporate Rules
  • Adequacy Decisions
  • Derogations for Specific Circumstances
  • Certification Mechanism

 

Permissible Data Transfer Mechanisms

The GDPR permits EU data transfers to non-EU countries which are deemed by the EU Commission to provide an “adequate” level of data protection standards. However, if there is no “adequacy decision,” organizations can utilize other data transfer mechanisms such as Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), and Derogations for specific circumstances. Crucially, the CJEU upheld the validity of SCCs, but stated there must be supplemental measures and additional data protection safeguards in place with special attention to access by judicial and administrative authorities. In particular, SCCs should include sufficient data protection safeguard provisions when organizations engage in EU-U.S. data transfers. As a result, organizations should reassess their SCC provisions by:

  • Reviewing the types of EU Personal Data subject to transfer and whether there is a risk of subpoenas by U.S. National Security agencies;
  • Assessing if the transfer of EU Personal Data is necessary and, if not, reducing the scope of the data transfer;
  • Including strong provisions that outline strong data retention practices (e.g., immediate deletion of EU Personal Data if no longer required);
  • Implementing strong encryption to protect EU Personal Data.
    • Additionally, BCRs are also a permissible data transfer mechanism that require similar SCC data protection safeguard provisions but require the approval of EU supervisory authorities. While this can take several months for approval, BCRs are more flexible for organizations as they result in less administrative burden once they are implemented. However, they can be a costly and lengthy process to implement.
    • On the contrary, under Article 49 of the GDPR, if a nonprofit organization has exhausted the data transfer options including BCRs or SCCs, a data transfer can still take place for a limited number of data subjects under Derogations for specific circumstances:
  • The data controller has assessed and provided sufficient safeguards pertaining to the protection of Personal Data of data subjects;
  • The data subject has consented to the data transfer after being informed of the risks associated with the data transfer due to a no adequacy decision or sufficient data transfer safeguards;
  • The data transfer is required for the performance of a contract between the data subject and the controller;
  • The data transfer is required for public interest reasons;
  • The data transfer is required to protect the vital interests of a data subject.
    • Nonprofit organizations, as the data controller, should inform the applicable data protection authority of the data transfer and subsequently inform the data subject.

 

Enforcement

Nonprofit organizations that fail to comply may risk fines by Data Protection Authorities (DPAs). As a Belgian nonprofit organization recently discovered, DPAs certainly have the appetite to punish organizations that fail to comply with data transfer requirements. The Belgian nonprofit organization was fined €1000 by the Belgian DPA, as it utilized a complainant’s Personal Data for direct marketing purposes and did not have a valid legal basis for processing the complainant’s Personal Data—which is a breach under the GDPR.

 

Conclusion

Given the CJEU’s ruling on Privacy Shield, U.S. nonprofit organizations engaging in cross-border data transfers can be under greater scrutiny by the EU Commission and will be subject to regulatory fines and reputational loss for violations. However, by bolstering or implementing the aforementioned data transfer mechanisms, nonprofit organizations will be better equipped to navigate and adapt to the evolving data privacy requirements, primarily EU data transfers.

For more information, contact Jibran Hussain, senior associate and member of BDO Digital’s Governance and Risk Compliance group, at [email protected], Andrew Tobel, manager and member of BDO Digital’s Governance and Risk Compliance group, at [email protected], or Derrick King, director and member of BDO Digital’s Governance and Risk Compliance group, at [email protected].

Return to the Table of Contents

 

Using Data to Create an Infrastructure of Success

By Matthew Becker, CPA
 

 
To build an inimitable data strategy, it is crucial to first look within and ask what you already know about your organization before collecting data to ensure meaningful insight and actionable analytics. Data can be collected from a vast array of sources and the internet of things (IoT) has transformed the way we access and use data. Nonprofits must be able to leverage data from various sources to create an infrastructure of success both internally and externally.

For example, actionable data analytics can rapidly identify donor spending habits from data collected via donations through paper check, website, wire transfer and mobile device. This allows you to tailor a marketing campaign during the most effective time periods for donations. Further analysis can determine the effectiveness of these campaigns allowing for additional refinements, which may also increase revenues from donations.

It is important to note that a robust data governance framework is a vital bulwark for data-driven impact. As outlined in more detail in our Comprehensive Guide to Data Governance, adopting a foundation of governance, risk and compliance is needed to springboard data strategy.

Once relevant organizational data has been inventoried, each organization must ask itself critical questions to develop an effective data impact strategy:

  • Can your current technology provide for the integrity of your data? If not, consider a cloud-based solution with a lower total cost of ownership.
  • Do you have a clear definition of what success looks like and what data is used to measure that? If not, consider application/data mapping to identify your organization's relevant and actionable data.
  • How do you engage with the stakeholders of your organization? Leveraging data will tell your organization's story and communicate success to donors and other key stakeholders.
  • What correlations can you develop from the data? This helps you identify the types of data analytics that will have the most  impact.
  • How does spending further the mission and contribute to the overall revenue of the organization and provide future revenue streams? How your organization deploys capital will measure return on investment for critical spending.
  • What key performance indicators (KPI) provide critical financial insight? Identifying the critical KPI will allow you to monitor and modify the most crucial financial aspects of your organization.
  • How are you securing your sensitive data given increased data privacy concerns and regulations? Failure to comply with data protection regulations can result in steep financial penalties from regulatory bodies.
  • How are you measuring operational efficiency? Identifying this will allow you to monitor and modify the most crucial operational aspects of your organization.
  • What can you learn about achieving your goals and how will you know when you achieved success? Such results will provide management and those charged with governance the information necessary to monitor the success of programs and identify potential loss leaders.

Internally, answering these questions will help drive your data strategy. Data collection and analytics can help you develop quantitative evidence and help you determine what programs are working and where improvements might be needed. Building a successful data strategy can even drive healthy competition internally whereas programs can use comparative data to measure each other or even for fundraising to challenge revenue goals. Actionable data also will build correlations and a profile of excellence as your data gets stronger. This will provide a higher level of confidence allowing you to make stronger strategic decisions.

Externally, using data to make your philanthropic endeavors and guiding principles stand out can help win the fight for critical funding and lead to organizational success. Communicating your mission through data-based stories will continue to attract stakeholders and promote your mission through evidence-based analyses, which help your organization thrive.

For more information, contact Matthew Becker, director, at [email protected].

Return to the Table of Contents

 

Nonprofits have Additional Time to Comply with New Lease Accounting Standards

By Lee Klumpp, CPA, CGMA
 

 
Under the previous standards, operating leases were off-balance sheet. That essentially allowed companies to omit certain lease assets and liabilities from their balance sheets, potentially skewing their debt-to-equity ratio. In 2016, the International Accounting Standards Board estimated that public companies using either the International Financial Reporting Standards or accounting principles generally accepted in the United States of America (U.S. GAAP) had around $3.3 trillion of lease commitments, 85% of which were not recorded on their balance sheets. This, of course, makes it difficult for shareholders (stakeholders), investors and lenders to get a true sense of an organization’s financial health. Under the previous ASC 840 standard, operating leases were only required to be disclosed in the footnotes of the financial statements. Under ASC 842, the only leases that may be omitted from financial statements are short-term leases with an original term of fewer than 12 months. ASC 842 increases transparency and comparability among organizations that enter into lease agreements and provides a clearer picture of an organization’s liabilities related to leasing obligations. ASC 842 also includes extensive disclosures intended to enable users of financial statements to understand the amount, timing and judgment related to an entity’s accounting for leases and the related cash flows as well as disclosure of both qualitative and quantitative information about leases.

But what it also does is implement a one-size-fits-all accounting standard that significantly increases the reporting burden on smaller, nonpublic companies, including nonprofits. Implementation will involve significant challenges and require major investments in time, money and other resources. Fortunately at its Oct. 16, 2019 meeting, FASB affirmed its decisions on two proposed Accounting Standards Updates (ASUs) – one of which extended the implementation deadline for the new standards on leases that were not yet effective for private companies and nonprofits to the first fiscal year after Dec. 15, 2020, instead of Dec. 15, 2019, as originally mandated.

Subsequently, in June 2020 the FASB decided to provide near-term relief for the adoption of the leasing standards based on feedback from stakeholders regarding challenges with the adoption as a result of the current business and capital disruptions caused by the coronavirus (COVID-19) pandemic. As a result, the FASB issued ASU 2020-05 which provides an additional one-year deferral of the effective date of the leasing standards. As a result, the leasing standards will now be effective for private companies and private nonprofits for fiscal years beginning after Dec. 15, 2021. Public nonprofits who had not issued their statements as of June 3, 2020, can also opt to defer adoption until fiscal years beginning after Dec. 15, 2019. This is an elective deferral so entities can still choose early adoption if they wish.

This is good news for nonprofits, which now have extra time to implement these changes. However, it should also serve as a wake-up call, as many organizations weren’t even aware of the change and the need to become compliant. Even within this updated timeline, ensuring compliance will be a significant effort.

 

Nonprofits face multiple significant implementation challenges such as:

  • Identifying embedded leases in business arrangements

  • The number of business arrangements that were previously not identified as leases may now be identified as meeting the definition of a lease or embedded lease

  • Existing systems and processes may need to be modified or enhanced in order to provide information necessary to address the new reporting and disclosure requirements

  • Multiple departments across the organization will be affected by this standard, including information technology (IT), tax, legal, treasury, and financial planning and analysis, among others

  • Ongoing efforts to remain compliant might be more significant than the initial implementation effort

It’s clear that complying with ASC 842 is a time-consuming process. Organizations should develop an implementation timeline keeping several factors top of mind, including existing lease commitments, data governance maturity and cross-function coordination needs.

To get started, organizations should first learn one of the key lessons from public companies that have already gone through this process: The standard requires the collection of significant data from every lease and business arrangement that could contain an embedded lease that exists on, or will exist after, the effective date. Analyzing leases and business arrangements to identify and extract those details for inclusion in the organization’s financial reports requires substantial time and resources. It is crucial to identify the full population of leases upon adoption of ASC 842.

 

Nonprofits should also consider adopting the following best practices:

Solicit the involvement of the entire organization: Although the implementation of ASC 842 is primarily the responsibility of the organization’s accounting department, successful implementation requires support from across the entity, especially when an organization has a large real estate portfolio or embedded leases. This may mean seeking assistance from IT, legal or procurement departments. Soliciting executive sponsorship to champion implementation will also help to streamline the process.

Use technology to your advantage: Under the stress of deadlines, the compilation of lease terms and data can be daunting, especially within larger nonprofits where leases may exist across departments – and possibly internationally if the organization has international operations. For organizations that have developed a robust data governance program or specific procedures to collect and manage enterprise data, implementation should be considerably easier. However, for the many organizations that have yet to build out these structures, there are off-the-shelf and purpose-built technology solutions that can help standardize and aggregate the information.

Keep an open line of communication: Organizations that maintain a large physical footprint are impacted the most. They should factor in extra time for both implementation and keeping stakeholders informed. Unexpected roadblocks, such as a delay in receiving necessary data from external sources, should also be accounted for in the timeline. Benchmarking the organization’s progress on implementation against its timeline throughout the process is paramount in keeping on task and meeting goals.

The bottom line is that even with the extension, it will take a concerted effort to become compliant in time. Nonprofits need to start the implementation process now.

Adapted from article in the Nonprofit Standard blog.

For more information, contact Lee Klumpp, National Assurance Partner – Nonprofit & Government, at [email protected].

Return to the Table of Contents

 

Other Items to Note

OMB Issues 2020 Compliance Supplement

 

Did you ever take an open book test in school? It always made doing well much easier. The 2020 Compliance Supplement is a textbook for your organization’s equivalent of a compliance exam (the single audit). Its primary purpose is to assist auditors in performing single audits, but it is also a resource to help your organization comply with the requirements of your federal direct and pass-through grants and contracts.

On Aug. 18, 2020, the Office of Management and Budget (OMB) issued the 2020 Compliance Supplement (Supplement). The Supplement is effective for single audits of fiscal years beginning after June 30, 2019 – so June 30, 2020 fiscal year-ends.

The Supplement provides the information needed by auditors to perform the single audits and is updated annually for new programs and changes to existing programs. This document is extremely helpful to recipients of federal awards because in Part 2, known as the “Matrix,” the Supplement outlines the compliance requirements applicable to federal programs that are included in the Supplement. Additionally, the Supplement also provides information to assist an organization in identifying the compliance requirements that it must adhere to for those programs that are not specifically listed in the Supplement (see Part 7).

As all organizations have experienced, everything is changing because of COVID-19. The 2020 Supplement currently only provides a discussion of the general implications of the COVID-19 pandemic to single audits. The Supplement does not include the new COVID-19 related programs or information on modified compliance requirements that are unique to COVID-19 for existing programs. OMB is working with federal agencies to identify additional guidance that is needed for new COVID-19 related programs and existing programs where compliance requirements have changed due to COVID-19. OMB plans to publish an addendum to this Supplement in the fall of 2020.

 

FASB Defers Effective Date of ASC 606, Revenue from Contracts with Customers

The FASB issued ASU 2020-05 which provides an optional deferral of the effective date of ASC 606 related to revenue recognition for one year for all privately held entities. The effective date of the revenue recognition standard is annual periods beginning after Dec. 15, 2019.

 

Form 1023 Going Paperless

As of Feb. 1, 2020, organizations filling out Form 1023 (Application for Recognition of Exemption Under Section 501(c)(3) of the Internal Revenue Code) to apply for tax exempt status must submit the form online at Pay.gov. The IRS introduced this new procedure in the hopes that electronic filing will reduce errors and offer a more seamless application process for those seeking tax exemption.

While the electronic Form 1023 is similar to its paper counterpart, a few questions are new and have been reordered. When filling out the online form, it will be helpful for nonprofits to have all necessary information available and ready to be entered, as organizations must complete each section of the form before moving on to the next. Additionally, the required user fee for Form 1023 remains $600 for 2020. Applicants must pay the fee through Pay.gov when submitting the form, either directly from a bank account or by credit or debit card.

Form 1023 should be submitted within 15 months after an organization is established. The IRS generally reviews applications for exemption in the order they receive them and typically contacts applicants within 180 days. However, some circumstances may warrant expedited review so long as a compelling written explanation is provided. Examples of such situations include:

  • A grant to the applicant is pending and the failure to secure the grant may have an adverse impact on the organization’s ability to continue operations.
  • The purpose of the newly created organization is to provide disaster relief to victims of emergencies such as floods and hurricanes.
  • An IRS error has caused delays in review of the application.

 

Return to the Table of Contents

 

Main Street Lending Program Open To Nonprofits

The Main Street Lending Program's (MSLP) Nonprofit Organization New Loan Facility (NONLF) and Expanded Loan Facility (NOELF) are now fully operational and accepting submissions of eligible loans through the Main Street lender portal by registered eligible lenders. MSLP loans, funded under the Coronavirus Aid, Relief, and Economic Security (CARES) Act, are intended to help small-and medium-sized businesses that were in sound financial condition before the pandemic maintain their operations until they can recover.

See the Nonprofit Standard blog for additional information on the MSLP as information on these programs is being updated frequently. Additional information on the programs can be found on the Federal Reserve website.

For more information, contact Joyce Underwood, Nonprofit Tax Services Director, at [email protected].

Return to the Table of Contents

 

BDO Professionals In The News

BDO professionals are regularly asked to speak at various conferences due to their recognized experience in the industry. You can hear BDO professionals speak at these upcoming events:
 

October

Jake Cook is a co-presenter of a live webinar entitled “Private Foundation Audit Response: The Current IRS Initiative, Form 4720, Disqualified Persons” via Strafford on Oct. 7.
 

November

Michaela Kay is a co-presenter of a session on the topic of Single Audits at the Washington State Society of CPAs Not-for-Profit and Health Care Virtual Conference on Nov. 18.

Related Resources

Blog Post

Distributed Denial of Service (DDoS) Mitigation: What Nonprofits Need to Know

April 24, 2024
Blog Post

Distributed Denial of Service (DDoS) Mitigation: What Nonprofits Need to Know

April 24, 2024

Distributed denial of service (DDoS) attacks are one of the most common cyberattacks, with 13 million attacks occurring in 2022 alone. However, there are three key steps nonprofits can take to protect their organization and mitigate the impacts of a DDoS attack. Read the insight to learn more.

Read More

Blog Post

4 Considerations for Nonprofits Planning to Embrace AI

April 17, 2024
Blog Post

4 Considerations for Nonprofits Planning to Embrace AI

April 17, 2024

BDO Director of Data and AI, Noah Mattern, participated in a series of AI strategy sessions with clients toward the end of 2023, and one thing rang true throughout the conversations: both non- and for-profit organizations across all sectors and industries are leaning into the power of AI but are often face challenges in fully implementing it.

Read More

Article

GASB 102, Certain Risk Disclosures

April 10, 2024
Article

GASB 102, Certain Risk Disclosures

April 10, 2024

GASB 102 addresses financial reporting regarding certain concentrations or constraints and related events that may have a substantial impact and negatively affect the level of service a government provides.

Read More

Article

Empowering Users: Unleashing the Data Rights Revolution

April 10, 2024
Article

Empowering Users: Unleashing the Data Rights Revolution

April 10, 2024

There have been 13 state privacy laws signed since the GDPR took effect and this number is rapidly increasing as more states recognize individuals’ right to exercise greater control over their personal information.

Read More