Download PDF Version
Table of Contents
10 Steps Nonprofits Should Take to Increase Cybersecurity
By Karen Schuler, CFE, IGP
Cybersecurity has become a top‑of-mind issue for organizations across both the nonprofit and for‑profit sectors. From the 110 million Target customers whose credit and debit cards were compromised in 2013 to the more than 250 million Google and Yahoo! email usernames and passwords that were exposed by Russian hackers last month, we’re constantly bombarded by news of major companies being hacked and consumers’ data being stolen.
Nonprofit leaders might ask themselves, “Who would want to hack my organization?” but recent ransomware attacks on U.S. hospitals send a clear message that few organizations are exempt from hacking activity. According to the 2015 NetDiligence Cyber Claims Survey, nonprofits made up 4 percent of cyber claims, while hospitals, listed as a separate category, made up 21 percent of claims—the most affected sector among those surveyed.
In fact, nonprofits are particularly vulnerable, given that they often retain vast amounts of donor information, including financial information as well as staff employment and insurance data. Many philanthropic organizations are operating under tight resource constraints, and cybersecurity measures may not have historically been a top priority. If you have not paid attention to your organization’s cybersecurity policies, now is the time. Here are 10 steps that can help you better govern your information and assets.
- Identify the Program Champion
Prior to initiating a program that helps to better govern your information and assets, it is extremely important to obtain sponsorship from those charged with governance and senior management. Without this, programs tend to be less successful. The goal of the champion is to help you make the business case to promote better cyber governance throughout the organization. Your champion will help you identify key stakeholders (such as the board of directors, managers, auditors, etc.) as well as individuals that could contribute to a committee, and will help to map out initial rules and procedures for making decisions related to an organization’s data privacy and protection.
- Assess your risks
Risk management is a team effort and should include representatives from Information Technology, legal and compliance, Human Resources, accounting and finance and operations. The risk assessment team’s first project should be to inventory your organization’s systems and data, ranking data types and systems by levels of importance and sensitivity. Following your inventory and vital records ranking, it is important to determine if one of your assets failed, if data was lost or stolen and whether HIPAA privacy rules were violated. For each of these potential threats, list ways to avoid or mitigate the risk, as well as the cost of each mitigation strategy and a plan to respond to an incident. In order to keep pace with changing technology, it’s important that organizations review their risk management practices regularly.
- Analyze your data
To help minimize risk, detect fraud and limit unauthorized exposure of your assets, organizations should utilize analytics to help make reasonable assessments of risks and potential threats. Best practices are to take proactive measures periodically (or in reaction to non-specific compliance concerns) that involve the use of investigative techniques and limited legal and forensic accounting principles. A gap analysis can help you evaluate the efficacy of your organization’s policies, procedures and controls to help you enhance protection and deter and detect compliance failures. It can also help you determine whether the organization conforms to best practices for the industry and for organizations of a similar size. Further investigation, including forensic technology or due diligence, can follow if it appears there is a high risk of compliance failures. This in-depth analysis provides insight into your organization’s policy changes and, ultimately, when implemented, leads to improved controls.
- Form a committee to develop the program
Once an organization has a cybersecurity program in place, it should also select a committee that can consistently oversee its implementation and meet regularly to determine its effectiveness and adjust the program as needed. This committee should include representatives from all key areas of your organization. It is also important to select one owner of the program to ensure that the team follows through with its responsibilities. Additionally, it is critical to determine roles, responsibilities, supporting personnel and materials, and individuals that should be consulted and informed of the committee’s activities. Ultimately, this committee will build the organization’s overall governance strategy, framework, policies, teams and processes to establish a strong data protection and privacy program.
- Improve controls and governance strategy
Using the analytics and lessons learned, stringent internal controls need to be developed, implemented and monitored across the organization. Organizations should work with their technology, financial, operations and other teams to leverage analytics as they develop a data governance strategy, improve their compliance capabilities and deliver intelligence and consistent reporting throughout the organization. The committee should work across the different departments to build governance structures to distribute the roles and responsibilities of different participants in the organization.
- Enhance efficiency and balance your investment
Organizational efficiency doesn’t only result in long-term cost savings; it also reduces room for error, fraud and other cybersecurity issues. There are several steps an organization can take to increase its efficiency, including enhancing automation to reduce manual processes that are subject to mistakes and subjective evaluations. While implementing these processes involves an initial cost, in the long term, increased efficiency can help to limit expensive losses, improve consistency across the organization and reduce redundancies throughout operations, technology and file storage. Finally, we have found that automation and appropriate controls aid organizations in improving their data availability and quality to ensure that information sent to clients, donors and customers is accurate. Nonprofits may be intimidated by the potential financial commitment, but it’s essential for them to effectively balance their investment in different areas of data security. For example, if a nonprofit invests heavily in cyber insurance, but forgoes conducting appropriate assessments and implementing necessary controls, it may leave itself vulnerable.
- Incident response tabletop exercise
Once an incident response plan is developed, a best practice for an organization is to conduct a simulation to see how the plan works in action. Key steps to conducting an incident response exercise include:
- Determining if team members understand their roles and responsibilities as they relate to responding to an incident
- Generating awareness that incident response is important
- Ranking gaps, weaknesses and strengths throughout the organization
- Assessing current team members’ capabilities
- Identifying outside parties that will be required (e.g., outside counsel, forensic examiners, cyber investigators, notification companies)
- Identifying any additional mitigation and remediation strategies
In completing this simulation, you may find that your response plan needs to be adjusted to address new risks identified. Be sure to implement insights resulting from the exercise into a revised plan.
- Determine if cyber insurance is right for your organization
In the process of developing a cybersecurity program, nonprofits may want to consider cyber insurance. In order to determine if cyber insurance is a smart investment, be sure to:
- Evaluate marketplace cyber insurance providers, including product types and coverage limitations
- Understand areas of risk and vulnerabilities through scenario-based analyses
- Determine business interruption and recovery costs through incident simulations
- Develop and understand coverage adequacy thresholds
- Align expectations with coverage requirements
- Understand current coverage
- Determine policy options
- Develop a review frequency to maintain continuous coverage optimization
- Build a comprehensive program
Once all of the above steps are completed, organizations should put together a comprehensive cybersecurity plan, data protection plan and privacy program, outlining potential risks, policies, responsible parties and procedures. Organizations should be sure to consider business operations, legal, compliance, technology, security, data, information and records.
- Develop a communications strategy
For many organizations, effective communication is an aspect of cybersecurity that often falls by the wayside. A communications plan provides updates, as required or necessary, to your personnel, clients, board members and other stakeholders. Training your staff can help to remove certain threats within your organization. Ensure that your communications strategy includes a training component, which will help your teams better understand their requirements and responsibilities in protecting the organization. It’s essential to develop an overall communications and training strategy to deliver information in a consistent and meaningful way in the event of a cyberattack.
Cyber and financial crimes against nonprofits don’t often make the front page like hacks of major financial institutions and retailers, but threats are still looming. Organizations should act proactively to implement comprehensive cybersecurity programs now to avoid worries in the future. To learn more about BDO’s cybersecurity offerings, visit: https://www.bdo.com/services/consulting/cybersecurity/overview
Article reprinted from the BDO Nonprofit Standard blog.
For more information, contact Karen Schuler, managing director, BDO Litigation and Forensic Technology Systems, at email@example.com.
Author Profile: Karen Schuler
Karen Schuler is the National Data & Information Governance Practice Leader in the Greater Washington D.C. office of BDO. She has a broad background in multidisciplinary fraud, cybersecurity and government investigations, as well as civil litigation spanning a variety of subject matters, including securities, intellectual property and products liabilities. She is a nationally known speaker and author on enterprise risk management, cybersecurity and investigations.
With 25 years of experience in risk management, governance, legal and technology, she is recognized for aiding her clients with mitigating their operational, compliance and data protection risks. Ms. Schuler has participated in Rule 26(f) meet-and-confer conference, been designated as the 30(b)6 expert for multiple clients, and testified numerous times as an opinion expert.
Founder of one of the first digital forensics investigations firms in the United States, she frequently publishes and presents at conferences and has been quoted in the media. Ms. Schuler is also the author of “eDiscovery: Creating and Managing an Enterprise-wide Program | A Technical Guide to Digital,” a comprehensive book on information governance and e-discovery. Prior to BDO, she held senior positions at cyber investigations, cyber-security, and at an expert services firm, as well as being a Senior Forensic Investigator for the United States Securities & Exchange Commission.
Ms. Schuler is currently a board member of an information governance software company, current member of the Association of Certified Fraud Examiners’ Advisory Council, a board member of ARMA-DC, and served previously on the board of the MidAtlantic Chapter of HTCIA.
Return to Table of Contents
By Patricia Duperron, CPA
New Governmental Accounting Standards Board (GASB) Pronouncements
GASB has several new pronouncements that will be effective in the current year and future years:
GASB Statement No. 72, Fair Value Measurement and Application
, addresses accounting and reporting issues related to fair value measurements. Fair value is defined as the price that would be received to sell an asset or transfer a liability in an orderly transaction between market participants at the measurement date. For those who also audit other nonprofit and for-profit entities, this definition should be familiar as it is the same as Accounting Standards Codification (ASC) 820. Fair value is an exit price and is not adjusted for transaction costs, such as broker fees when selling an investment. The assumption is that the transaction takes place in a government’s principal market or the most advantageous market if there is no principal market. The principal market is the one with the greatest volume of activity for the asset or liability. The most advantageous market is the one that maximizes the price that would be received.
The pronouncement provides for three valuation techniques: the market approach, the cost approach and the income approach. The valuation technique should be consistently applied, maximize the use of relevant observable inputs and minimize the use of unobservable inputs. The hierarchy of inputs used to measure fair value falls into three categories: Level 1 is quoted market prices for identical assets or liabilities; Level 2 is for observable inputs either directly or indirectly; Level 3 is unobservable inputs. Illustrations 1-3 in Appendix C of GASB Statement No. 72 provide examples of Level 1, 2 and 3 inputs. Illustration 5 of Appendix C provides example disclosures.
Certain items currently measured at fair value will now be measured at acquisition value (an entry price): donated capital assets, donated works of art, historical treasures and capital assets received in a service concession arrangement. Certain items that were excluded by GASB 31 continue to be excluded from fair value calculations. Some examples include investments in 2a7-like pools, money market instruments that have a remaining maturity at time of purchase of one year or less, and investments in life insurance policies.
The pronouncement defines an investment as a security or other asset that (a) a government holds primarily for the purpose of income or profit and (b) its present service capacity is based solely on its ability to generate cash or to be sold to generate cash. The purpose is determined at acquisition. Illustration 4 in Appendix C provides examples for applying the definition of an investment. The pronouncement will be effective for the years ending June 30, 2016, and will require restatement of prior periods.
GASB Statement No. 73, Accounting and Reporting for Pensions and Related Assets not within the Scope of GASB 68 and Amendments to GASB 67 and 68
, applies the approach to accounting and financial reporting established in GASB 68 to all pension plans that are not within the scope of GASB 68, with certain modifications. Because plans that are not held in trust do not have any assets accumulated, the total pension liability must be recorded instead of the net pension liability under GASB 68. The discount rate must be the yield or index rate for 20-year tax-exempt bonds with an average rating of AA/Aa or higher. Governments cannot use the long-term rate, which would allow for a smaller liability. Any assets held to pay pension benefits should be reported as assets of the employer.
Amendments to GASB 67 and 68 relate to information about investment-related factors and clarify that only information about trends that the plan has influence over should be presented. It also clarifies that payables to a pension plan for any unpaid financing obligations are not separately financed specific liabilities as defined by GASB 67. The last amendment relates to recognizing revenue for support of nonemployer contributions to a pension plan and requires that the contribution be recognized in the same period as the change in the net pension liability is recognized. The amendments will be effective for years ending June 30, 2016.
GASB Statement No. 78, Pensions Provided through Certain Multiple-Employer Defined Benefit Pension Plans
, addresses an issue related to union-sponsored plans that are not governmental plans but provide benefits to governmental employees as well as employees of other employers. Even though the plans meet the requirements of GASB 68, they are not governmental plans and report under Financial Accounting Standards Board (FASB) guidance. Because of this, governments were not able to get the information from the plans that was required by GASB 68. The pronouncement excludes such plans from GASB 68 and instead requires pension expense to be recognized equal to the employer’s required contributions during the reporting period. There is a specific note disclosure required and 10-year required supplementary information (RSI) schedule of employers’ required contributions with retroactive reporting for all 10 years. The pronouncement will be effective for years ending Dec. 31, 2016, with early application encouraged.
GASB Statement No. 82, Pension Issues
, addresses three issues that arose during implementation of GASB 67 and 68. The first relates to the definition of covered payroll included in RSI. GASB 67 defined covered-employee payroll as the payroll of employees that are provided pensions through the plan. GASB 25 and 27 defined covered payroll as all elements included in compensation paid to active employees on which contributions to a pension plan are based--basically pensionable wages. Using the new definition, plans had a hard time getting the total payroll information from the employers as employers only reported to the plans the amount of pensionable wages. This pronouncement changes it back to the old definition: compensation paid to employees on which contributions are based. Restatement will be required for all prior year ratios included in RSI.
The pronouncement also clarifies that a deviation
from actuarial standards is not considered to be in conformity with the requirements of GASB 67 or 68 for selection of assumptions in determining the total pension liability. GASB became aware that actuaries may deviate from the actuarial standards to derive reports for plan management but this pronouncement bans such practices for external financial reporting.
The last issue relates to employer-paid member contributions, commonly referred to as employer pick-up. When an employer pays contributions on behalf of members they should be classified as member contributions for GASB 67 plan statements and as employee contributions for GASB 68 reporting and included in salary expense. The issue arose because GASB 67 and 68 required those payments to be classified as employee contributions if the employer reported salary expense; otherwise the payments were classified as employer contributions. This became a challenge for cost-sharing plans in determining an employer’s proportionate share of the collective net pension liability (NPL). Because the allocation of pension amounts is based on contributions, some employers would be allocated a larger share of the NPL if they picked up member contributions. GASB concluded that those payments should not be pension expense. The pronouncement is effective for years ending June 30, 2017.
GASB Statement No. 74, Financial Reporting for Postemployment Benefit Plans other than Pension Plans
Other Postemployment Benefits (OPEB) Standards
, addresses reporting for state and local government OPEB plans that are administered through trusts and replaces GASB Statement No. 43 for those plans. While the financial statements will be very similar to current statements, the pronouncement provides for enhanced note disclosures and new Required Supplementary Information (RSI). RSI will consist of (1) schedule of changes in net OPEB liability and related ratios; (2) schedule of employer contributions (if actuarially determined); and (3) schedule of investment returns (annual money-weighted rate of return). Each schedule should be for the most recent 10 years.
The pronouncement also requires the net OPEB liability to be measured as the total OPEB liability less the amount of the plan’s net position and specifies the approach to measuring the liability (entry age normal as a level percent of pay). The discount rate will be the long-term rate to the extent there is a plan net position and the municipal bond rate once net position is depleted. However, one blended rate is used. To do this, governments will need to project future revenues and payments. The pronouncement will be effective for years ending June 30, 2017.
GASB Statement No. 75, Accounting and Financial Reporting for Postemployment Benefits other than Pensions
, establishes requirements for governments that provide their employees with OPEB through a trust and replaces GASB Statement No. 45 for those government employers. The most significant change is that governments will now be required to recognize their net OPEB liability, which is the difference between the total OPEB liability (the portion of the present value of projected benefit payments that is attributed to past periods) and the value of OPEB assets available to pay pension benefits. Additional note disclosure and the first two RSI schedules from GASB 74 will be required. This requirement also applies to cost sharing, multiple-employer plans and plans that are not administered through a trust. Unlike pension plans, which most governments have been funding for quite a while, many OPEB plans are severely underfunded, and the liability to be recorded will be significant.
The statement mirrors the pension requirements of GASB 68. Most changes in the net OPEB liability will be included in current period expense. Other components, such as changes in economic assumptions, will be recognized over a closed period equal to the expected remaining service lives of all employees that are provided benefits. Differences between expected and actual investment rate of return will be recognized in expense over a closed five-year period. The pronouncement will be effective for years ending June 30, 2018.
GASB is working on Implementation Guides for GASB Statements 74 and 75 and expects to issue the Statement 74 Guide draft in October 2016 and finalize it in February 2017. The Statement 75 Guide draft should be issued in June 2017 and finalized in Nov. 2017.
GASB Statement No. 77, Tax Abatement Disclosures
Other GASB Pronouncements
, will not result in any accounting or reporting changes but will require specific note disclosures in the financial statements. Tax abatements are widely used by state and local governments to encourage economic development. Tax abatement is defined as an agreement between a government and a taxpayer in which the government agrees to forego tax revenues and the taxpayer agrees to take a specific action that contributes to economic development or achieves a public benefit. The statement requires disclosure about a reporting government’s own tax abatement agreements and those that are entered into by other governments that reduce the reporting government’s tax revenues (such as when a city or county enters into an agreement that reduces a school district’s tax revenue). Disclosure requirements include the number of tax abatement agreements entered into during the reporting period; the total number in effect at end of the reporting period; the dollar amount by which tax revenues were reduced during the period; and a description of other commitments made in the agreements. Disclosures should be organized by each major program and should continue until the tax abatement agreement expires. The pronouncement will be effective for years ending Dec. 31, 2016.
GASB Statement No. 79, Certain External Investment Pools and Pool Participants
, establishes the criteria for an external investment pool to measure all of its investments at amortized cost. If a pool meets the criteria and measures its investments at amortized cost, pool participants should also measure their investment in the pool at amortized cost. If the pool doesn’t meet the criteria, the pool should apply the provisions of paragraph 16 of GASB 31. This statement was issued to address changes the Securities and Exchange Commission (SEC) made in the Investment Company Act of 1940, Rule 2a7, which contains the regulations applicable to money market funds. Under GASB 31, pools that were “2a7 like” were allowed to use amortized cost. Due to the SEC change in the 2a7 rules, GASB issued this statement to update the guidance for pools. The pronouncement will be effective for years ending June 30, 2016.
GASB Statement No. 80, Blending Requirements for Certain Component Units
, requires that component units incorporated as a nonprofit, when the primary government is the sole member, should be reported as a blended component unit. Component units that are included in accordance with GASB 39 are excluded from this statement. The pronouncement will be effective for years ending June 30, 2017.
GASB Statement No. 81, Irrevocable Split-Interest Agreements
, provides recognition and measurement guidance when a government is a beneficiary of a split-interest agreement. Governments will be required to recognize assets, liabilities and deferred inflows of resources at fair value at the inception of the agreement and must re-measure them annually. Examples include charitable lead trusts, charitable remainder trusts, life-interest in real estate and charitable annuity gifts. The pronouncement will be effective for years ending Dec. 31, 2017.
Other GASB Projects
GASB issued the Exposure Draft, “Certain Asset Retirement Obligations,” that applies to certain asset retirement obligations, such as nuclear power plants and sewage treatment facilities, which would require governments to recognize a liability and deferred outflow when the liability is both incurred and reasonably estimable. Similar to the rules over landfills, the liability should be based on the current value of the expected future outlays. The expected effective date is for years ending Dec. 31, 2018.
GASB issued an Exposure Draft, “Fiduciary Activities,” related to fiduciary activities which would establish criteria for reporting fiduciary activities and replace agency funds with a new custodial fund for activities that are not held in trust. For activities for which a trust agreement exists, an investment trust fund or private purpose trust fund will be used. Pension funds not held in trust would be classified as custodial funds. The expected effective date is for years ending Dec. 31, 2018.
The GASB Exposure Draft, “Leases,” would require governments to recognize a lease liability and an intangible right-to-use lease asset. Lessors would recognize a lease receivable and deferred inflow of resources and would not derecognize the underlying asset. This differs from private sector standards. Short-term leases (maximum term of 12 months or less) are excluded. The expected effective date is for years ending Dec. 31, 2019.
GASB is reexamining the financial reporting model and GASB Statement Nos. 34, 35, 37, 41 and 46, and GASB Interpretation No. 6, and considering presentation alternatives for resource flows. It recently initiated projects to re-examine going concern disclosures and footnote disclosures.
GASB is also reviewing debt extinguishments when only existing resources are placed in an irrevocable trust for the purpose of extinguishing debt and has tentatively decided that in-substance defeasance treatment should be applied. The difference between the reacquisition price and net carrying amount would be recognized immediately, unlike GASB 7 and 23, which allow for the difference to be deferred. GASB expects to issue an exposure draft on this topic in August 2016 and to be finalized in May 2017.
The GASB Omnibus Project will address several practice issues covering a variety of topics. An exposure draft is planned for September 2016 and the final is expected in March 2017.
For more information, contact Patricia Duperron , director, at firstname.lastname@example.org.
Return to Table of Contents
By Michael Ward, CPA, CGMA
Is a Merger for You?
With more than 1.5 million nonprofit organizations in the United States, it is not unusual to find two organizations serving the same or a related purpose in a given catchment area. This is particularly true in the areas of social services and healthcare, in which numerous organizations have been created to serve various sub-segments, such as individuals with disabilities or those with mental health needs. As community needs evolve and shift, organizations with narrower target populations may not be able to sustain themselves. The 2008 economic downturn placed significant pressure on endowments, donors, foundations and government resources, but organizations serving the neediest populations have been struggling for years.
In 2004, I was serving as the President and CEO of the Lt. Joseph P. Kennedy Institute (the Institute), one of several social concerns agencies in the Archdiocese of Washington. The Institute provided services to children and adults with developmental disabilities. Another organization served individuals with mental health needs and yet another focused resources on the Latino immigrant community. Having several Catholic agencies addressing different segments of the community resulted in the same donors being asked to give to numerous causes, redundancy in administrative and back office functions, and less leverage when approaching state and local governments on contracting and collaboration. After months of planning and deliberation, these three agencies were merged into a larger one designed to meet a broader array of needs. Because few, if any, services were overlapping, the consolidation was primarily in governance and administration. Today, a stronger agency addressing a range of community needs can reach out to donors and government funding services with a unified message and a comparatively leaner organizational structure.
However, a merger may not be the only solution to respond to economic pressure. In 2008, a group of Chicago-based nonprofit organizations considered the possibility of collectively purchasing shared back-office services, creating The Back Office Cooperative. While they ultimately determined there were too many unique accounting and reporting requirements to share in one accounting and finance solution, their efforts coalesced into a group-buying solution, allowing them to gain leverage in negotiating with suppliers, which has already saved several million dollars for its members. The participating organizations offer a broad array of services headquartered in the Chicago area, but some operate in multiple states. A merger was not a solution for these organizations but they nonetheless found immense benefits in combining some of their efforts.
Cost pressure is just one motivator in considering a merger. Integration of services and the ability to better allocate real estate and other resources are also outcomes that can be realized through mergers. The improved outcomes and related growth of in-home support services have fundamentally changed how healthcare for individuals with certain chronic conditions is met. Not too many years ago, lengthy stays in hospitals or intermediate care or rehabilitation facilities were common. Today, organizations constrained to a certain treatment modality struggle to shift to a decline in demand, with in-home services replacing inpatient and ambulatory services at substantially lower costs. Either by merger or diversification, such organizations need to increase their leverage to remain viable. Combinations in the nonprofit healthcare sector may become more prevalent as these organizations seek to maximize the value of their assets and guard against obsolescence.
Financial Accounting Standards Board (FASB) Accounting Standards Codification (ASC) 958-805, Business Combinations,
governs the accounting for nonprofit business combinations, with distinctly different treatments for a merger versus an acquisition. Under a strict merger, in which a new governing body takes control over the combined activities of the merging organizations, the assets and liabilities of each merging entity are carried forward from their respective balance sheets. Should one governing body take control of the other entity, that combination is treated as an acquisition and the acquired entity’s assets and liabilities are recorded at fair value in the balance sheet of the acquiring entity. The difference between the fair values of the assets and liabilities is recorded either as goodwill or as a non-operating item of income or expense depending on the nature of the revenue streams of the acquired entity. This divergence in accounting can be leveraged to extract value on an otherwise cost-constrained balance sheet. If one entity has significantly depreciated real estate used in its operations with a much higher market value, that value could be recognized on the balance sheet if the entity is acquired.
Nonprofit boards and executives will continue to grapple with the best way to generate the greatest value from their assets, seeking to achieve their mission while preserving portfolios from the impact of operating losses. With many nonprofit executives approaching retirement, there may be one less barrier to a business combination—the career path of the current leadership. With over 40 million Americans in retirement (more than at any point in U.S. history and a number that is expected to double over the next 30-40 years), we will need a strong and robust nonprofit sector to address the unique needs of our aging population while still serving the myriad needs of our children and younger adults. It is incumbent upon the leaders in this sector to determine the best structure to achieve that goal.
For more information, contact Michael Ward, partner, Business Services & Outsourcing, at email@example.com
Return to Table of Contents
By: Lee Klumpp CPA, CGMA
Limited Partnerships—To Consolidate or Not to Consolidate, That is the Question
The Financial Accounting Standards Board (FASB) has added a project entitled Clarifying When a Not-For-Profit Entity That Is a General Partner Should Consolidate a For-Profit Limited Partnership (or Similar Entity),
to its agenda. Its objective is to clarify when a nonprofit entity that is a general partner should consolidate a for-profit limited partnership into its financial statements.
This project was added to the agenda because the FASB issued its Accounting Standards Update (ASU) 2015-02, Consolidation (Topic 810): Amendments to the Consolidation Analysis
, in February 2015. Since the issuance of that ASU, FASB staff have received feedback from various stakeholders indicating that the guidance fails to make clear when a nonprofit that is a general partner should consolidate a for-profit limited partnership or similar entity.
Prior to the issuance of ASU 2015-02, Accounting Standards Codification (ASC) Subtopic 958-810, Not-for-Profit Entities—Consolidation,
provided that a nonprofit entity that is a general partner of a for-profit limited partnership or a similar entity should apply the consolidation guidance in Subtopic 810-20, Consolidation: Control of Partnerships and Similar Entities
, unless that partnership interest is reported at fair value in conformity with certain other guidance. The problem is that ASU 2015-02 eliminated Subtopic 810-20 and instead referred a nonprofit that is a general partner of a for-profit limited partnership or a similar entity to the consolidation guidance in ASC Subtopic 810‑10.
In subsequent feedback from stakeholders, the FASB learned the guidance in the General Subsections of ASC Subtopic 810-10, as amended, is written only in the context of when a limited partner should consolidate. Specifically, paragraph 810-10-15-8A states that “the usual condition for a controlling financial interest, as a general rule, is ownership by one limited partner, directly or indirectly, of more than 50 percent of the limited partnership’s kick-out rights through voting interests.” To use the guidance in that paragraph, it is appropriate for the nonprofit first to navigate through the Variable Interest Entities (VIE) Subsections of Subtopic 810-10 before applying the General Subsections. However, that is a problem because nonprofits are scoped out of the VIE guidance, unless the guidance is being used to circumvent those subsections. As a result, when a nonprofit that is a general partner navigates directly to the General Subsections of Subtopic 810-10, the guidance fails to make clear when the general partner should consolidate.
At the March 30, 2016 FASB meeting, the staff presented and the board discussed outreach performed on alternatives that would address when a nonprofit general partner should consolidate a for-profit limited partnership (or similar entity).
The board decided to maintain current practice for nonprofits that are general partners by reinstating the consolidation guidance that previously existed in ASC Subtopic 810-20, Consolidation: Control of Partnerships and Similar Entities, and including it in ASC Subtopic 958-810. Because the board decided to reinstate the consolidation guidance that previously existed in Subtopic 810-20, the board decided not to supersede the guidance related to special-purpose-entity (SPE) lessors from Subtopic 958-810 and agreed not to perform further outreach on the SPE guidance.
Additionally, the board decided to provide transition guidance because some entities may have early-adopted the amendments in ASU 2015-02. Those nonprofits that have adopted the amendments in ASU 2015-02 should apply the proposed amendments using a modified retrospective approach by recording a cumulative-effect adjustment to net assets (equity) as of the beginning of the fiscal year of adoption, or they would apply the amendments retrospectively. Nonprofits that have not yet adopted the amendments in ASU 2015-02 would apply the proposed amendments using the same effective date and transition provisions in ASU 2015-02.
The FASB directed the staff to draft a proposed ASU with a comment period of 60 days. At the time of this article the exposure draft had not yet been released by the FASB.
For more information, contact Lee Klumpp, director, at firstname.lastname@example.org
Return to Table of Contents
By Laurie De Armond, CPA
How to Retain, Recruit and Engage Great Board Members
The nonprofit world has already seen a number of board shakeups this year— from board members resigning en masse from the Frost Science Museum following fundraising and cash-management woes, to the issues at the Northwest Museum of Arts and Culture in Spokane, in which a spiraling relationship with the board led to the firing of the CEO.
The right qualifications, a good cultural fit, dedication to the mission and a solid dynamic among nonprofit leaders are critical for a healthy organization.
A crucial challenge for both new and long-standing nonprofit organizations is how to find and keep the right leadership group in place. Board members can make or break a nonprofit, depending on their abilities, decisions and group dynamic. Let’s address how you can locate the right mix of board members and set them up for success.
The Big Question: Where Do You Find Potential Board Members?
Even if you already have a solid board of directors in place, it won’t remain the same forever. The board must engage in an ongoing process to use its current connections and to establish new relationships to draw from an expanding and increasingly diverse pool of potential candidates.
When you are identifying potential candidates, it is better to make your criteria as specific as possible to ensure you are only considering the candidates who prove to be a good fit for the organization. One way to find candidates who fit your culture and mission is to look to people who have already shown an interest in the work of the organization. If no one qualified has already shown an interest, you can bolster your recruiting efforts by holding events designed to introduce the work of your organization to a key pool of qualified people.
Finding the right board members is not a simple task; one or more leaders, or possibly a committee of the board, should be tasked with this role to ensure someone is accountable for advancing the effort. Determine who will be responsible for contacting candidates with materials and developing the messaging to use when approaching potential candidates. However, nonprofit organizations don’t have to take on this task alone. There are various consultants and programs that assist with everything from establishing board recruitment plans to seeking out board members.
Determining the Right Skill Sets Needed on the Board
A nonprofit board should be composed of a diverse group of individuals with various skill sets in order to carry out its fiduciary responsibilities most effectively. Depending upon the mission of an organization, the skill sets needed vary. In addition to individuals who are passionate and knowledgeable about the mission of the organization, it might be beneficial to have individuals with legal, financial, development or technical backgrounds on the board. Demographic diversity is also very important, as the most effective boards represent individuals of diverse backgrounds.
Integrating New Board Members
Like your organization, the board is a community in itself. New members must be welcomed and oriented to its culture. Develop a board manual for new board members that includes standard documents, including the mission, bylaws and other important literature, as well as job descriptions for the positions to be filled. In addition, the organization should provide an orientation to walk through the expectations for new board members, the code of conduct and interactive training on the organization’s code of ethics.
To help new members get acclimated and actively participating, provide them with a clear role on the board, including committee assignments. From the very beginning, new board members should be brought into board conversations. It’s also helpful to provide new members with a mentor who can address their questions and check in on them periodically.
An ineffective board of directors can severely hurt an entity’s financial health and reputation, so it’s crucial for leadership to put the right recruiting and onboarding processes in place, and to seek assistance if necessary to ensure it can secure collaborative and qualified new board members.
Article reprinted from the BDO Nonprofit Standard blog.
For more information, contact Laurie De Armond, partner, at email@example.com.
Return to Table of Contents
By Rebekuh Eley, CPA, MST
10 Common Self-Dealing Mistakes Private Foundations Make
What may seem like a simple transaction could pose a big problem for private foundations. The self-dealing rules unique to private foundations prohibit any transactions between the foundation and insiders of the organization or other disqualified persons, such as an officer, a trustee or a relative of one of those persons. Simply put, if a person has influence over the decisions of the private foundation, it’s likely that he or she is a disqualified person.
There are six types of prohibited transactions affected by these rules:
- Sale, exchange or leasing of property
- Lending of money or other extension of credit
- Furnishing of goods, services or facilities
- Payment of compensation or payment or reimbursement of expenses
- Transfer to, or use by or for the benefit of a disqualified person, any income or assets of the private foundation
- Agreement to pay a government official
The prohibited transaction rules are all-encompassing and are strictly interpreted by the Internal Revenue Service (IRS). As a result, private foundations have been surprised when they are faced with the consequences—including severe excise taxes and correction requirements—of a transaction they didn’t think was subjected to these rules.
With such broad coverage of transactions, how can organizations ensure they do not inadvertently become exposed to these rules and their potential consequences? Below are 10 common examples of how private foundations can go wrong and how they can stay on the straight and narrow to avoid penalties.
- When accepting non-cash gifts such as property, there should be no mortgage or lien on the property; otherwise it may be considered a sale from a disqualified person.
- Grants should not satisfy the pledge of the founder or other disqualified person, as that would be considered payment of an obligation or debt of the disqualified person.
- Private foundations should not advance foundation managers more than $500 for private foundation expenses that are reasonable in relation to the duties of the manager to ensure the transaction is not an act of self-dealing.
- Document any operating arrangement the private foundation has alongside the founder’s family office or corporation to ensure there are no direct or indirect benefits to the family office (such as a reduced rental rate).
- Expense payments for use of a disqualified person’s property should be made to a third-party vendor when appropriate, not directly to a disqualified person.
- Do not arrange for the foundation and a disqualified person to jointly pay for a ticket to a benefit event. Disqualified persons should only attend as representatives of the foundation if appropriate for their role and if they would not otherwise have attended the event; otherwise, the disqualified persons should pay their way in full.
- Unless there is a business reason for the spouse of a disqualified person to attend an event, the spouse should pay his or her own way.
- If a grantee provides special privileges to the foundation in exchange for its grant, adopt a conservative policy of disclaiming membership privileges, requiring that disqualified persons pay for their own memberships or pass along the privileges to employees who are not disqualified persons.
- As government officials are considered disqualified persons, avoid any payment to a government official that does not clearly qualify as one of a few exceptions, such as an employment payment after the official’s term ends.
- Vet vendors to avoid indirect self-dealing with an entity controlled by the private foundation or by a disqualified person.
Aside from these basic preventive measures, private foundations should take steps to be well versed in complex self-dealing regulations to identify other transactions that could trigger penalties such as an excise tax. All proposed transactions with anyone who is considered a disqualified person, as well as a disqualified person’s relatives and related entities, should be carefully scrutinized prior to making any arrangement. To ensure this happens on a continuous basis, private foundations should develop and maintain policies and procedures to avoid any potential self-dealing transactions.
Article reprinted from the BDO Nonprofit Standard blog.
For more information, contact Rebekuh Eley, senior tax director, Central Region Nonprofit Tax Practice Leader, at firstname.lastname@example.org.
Return to Table of Contents
By Lee Klumpp, CPA, CGMA
Revenue Recognition of Grants and Contracts by Nonprofits—Is it Time for a Change?
At its April 20, 2016 meeting, the Financial Accounting Standards Board (FASB) voted to add a project to its agenda to improve and clarify existing guidance on revenue recognition of grants and contracts by nonprofits. The FASB directed its staff to perform additional research on the identified issues to best address stakeholder concerns and to develop an approach for clarifying and improving the existing guidance. The FASB began its initial deliberations at its board meeting on June 1, 2016.
The issues that have been raised by stakeholders (including the Not-for-Profit Advisory Committee [NAC], the American Institute of Certified Public Accountants [AICPA] Expert Panels, the AICPA NFP Revenue Recognition Task Force and others) indicate that there are difficulties and diverse practices among nonprofits related to the following issues:
- Issue 1: Characterizing grants and similar contracts with government agencies and others as (i) reciprocal transactions (exchanges) or (ii) nonreciprocal transactions (contributions).
- Issue 2: Distinguishing between conditions and restrictions for nonreciprocal transactions.
Stakeholders have conveyed to the FASB that despite the existing guidance, there is significant diversity in practice among nonprofits related to these issues for many grants and contracts. In some instances, similar grants and contracts are accounted for as nonreciprocal transactions (generally conditional) by some nonprofits and as reciprocal transactions (exchanges) by other nonprofits. The diversity in practice related to this issue can lead to two different nonprofits recording the same transaction with totally different revenue recognition and measurements that result in differing presentations on each of their financial statements.
These two issues have been an implementation problem for many nonprofits for some time. However, with the issuance of the FASB Accounting Standards Update No. 2014-09, Revenue from Contracts with Customers (Topic 606)
, they have been brought to the forefront and have received new focus due to the elimination of limited exchange transaction guidance in Accounting Standards Codification (ASC) Subtopic 958-605. The additional disclosure requirements that will be required under Topic 606 going forward have some stakeholders expressing that they do not think these disclosures are relevant for these transactions.
In various meetings with the FASB, stakeholders have expressed that there has historically been difficulty related to these transactions that have been identified as contributions. These grants and contracts often carry specific terms, and issues arise in distinguishing whether these terms are a condition or a restriction. This is particularly the case when funds are provided to a nonprofit with the stipulation that certain outcomes must be met, but the contract has no return of funds language specified.
Additionally, there is also diversity in practice in determining whether the likelihood of failing to meet a condition is remote, which can impact the determination of when a contribution is recognized. While these issues occur for grants and contracts from various types of funders (federal and state governments, private foundations, international non-governmental organizations, other nonprofits and individuals), government grants and contracts cause the most concern among stakeholders. Overall, the conclusions reached by the nonprofit on these issues can affect the timing and net asset classification of the revenue recognized in such transactions, as well as the presentation of this revenue in its financial statements. Consensus in the industry is critical so that these transactions are treated uniformly by all nonprofits.
For more information, contact Lee Klumpp, director, at email@example.com.
Return to Table of Contents
By Laura Kalick, JD, LLM in Taxation
Pending Nonprofit Tax Legislation: What’s on the Way?
Although tax legislation will likely wait until after the presidential election, Congress continues to introduce bills for when that day comes. Previous bills and budget proposals have attempted to reduce the benefits of the charitable deduction for taxpayers. The charitable sector demonstrated in numerous hearings that such a reduction would have a significant adverse impact on organizations’ ability to provide needed services. And now, Congress is exploring actions that could help protect the charitable deduction.
Senator John Thune (R-S.D.) introduced S. 2750 CHARITY Act (Charities Helping Americans Regularly Throughout the Year). This bill conveys that the goal of tax reform should be to encourage charitable giving, and Congress should ensure that the charitable deduction endures through a comprehensive rewrite of the tax code. The bill includes the following provisions:
- The Individual Retirement Account rollover from charities would be available for a rollover from a donor advised fund;
- The excise tax on private foundations’ investment income would be reduced to 1 percent;
- In order to enhance transparency, all Forms 990 would be filed electronically;
- The mileage rate for charitable volunteer services using an automobile would match the rate for medical expenses; and
- An exception to the excess business holding rules would allow a business received by a private foundation through a will or trust to be held by the charity if the business’s profits go to the charity.
Senator Tom Udall (D-N.M.) introduced S. 2648, Create Act of 2016, which includes a special rule allowing a donor who makes a qualified artistic charitable contribution (i.e., literary, musical, artistic or scholarly work, or contributes the copyright to a charitable organization) to deduct the fair market value of the contribution from gross income.
On the House side, “Preventing IRS Abuse and Protecting Free Speech Act” (HR 5053), introduced by Peter Roskam (R-Ill.-6), was passed. This bill prohibits the Internal Revenue Service from requiring a tax-exempt organization to include in annual returns the name, address or other identifying information of any contributor. The bill includes exceptions for:
- Required disclosures regarding prohibited tax shelter transactions; and
- Contributions by the organization's officers, directors or five highest compensated employees (including compensation paid by related organizations).
As the sector stands by during the final months of election season, we’ll be watching and waiting for more developments in tax legislation.
Article adapted from the Nonprofit Standard blog.
For more information, contact Laura Kalick, National Nonprofit Tax Consulting Services, national director, at firstname.lastname@example.org.
Return to Table of Contents
BDO Professionals in the News
BDO professionals are regularly asked to speak at various conferences due to their recognized experience in the industry. You can hear BDO professionals speak at these upcoming events:
Matt Cromwell will present a session entitled “Ask the Auditor” on July 12 at the InsideNGO Annual Conference in Washington, D.C.
Gerald Zack will lead a two-day course entitled “Developing an Integrated Anti-Fraud, Compliance and Ethics Program” for the Association of Certified Fraud Examiners (ACFE) on Aug. 8-9 in Washington, D.C.
Zack will also lead a two-day course entitled “Financial Statement Fraud” for the AFCE on Aug. 24-25 in New York, N.Y.
Mike Conover will present a session entitled “Related Parties & IRS Intermediate Sanctions—Connected? You Bet!—Designing a Compensation and Benefit Program for Your University” on Sept. 12 at the Association of College and University Auditors Annual Meeting in Miami, Fla.
Zack will also be a co-instructor for the “Certified Fraud Examiner Review Course” for the AFCE, being offered Sept. 26-29 in Washington, D.C.
Return to Table of Contents
Other Items to Note
Changes to Charity Navigator’s Rating System
Influential assessment organization Charity Navigator unveiled a new rating system June 1, which it claims gives donors a better picture of organizations’ long-term performance. The nonprofit updated seven metrics used for evaluating charities’ financial health, which comprises half of the rating. Metrics for accountability and transparency, which make up the other half, are unchanged.
Charity Navigator CEO Michael Thatcher said that user experience will remain largely the same, and organizations will still be rated on a scale of zero to four stars. Many nonprofit organizations consider their Charity Navigator star rating a critical metric that can help them obtain resources and attract new donors, according to The New York Times
Key measures being adjusted include:
Expenses for program, administration and fundraising costs
Liabilities to assets ratio
- Then: Calculated using data from the most recent fiscal year.
- Now: Averages data from the three most recent fiscal years.
Administrative expenses and overhead
- Then: Not included in rating criteria.
- Now: Used as a measure to detect potentially excessive debt.
- Then: Only organizations with zero administrative expenses could receive 10 out of 10 points.
- Now: Organizations that score within a given range for their type of organization can receive 10 out of 10 points. (See our previous insights on the overhead myth here).
Nonprofit Times reported
- Then: Organizations spending less than 33 percent of budget on programs automatically receive zero points for their full financial score (which makes up half their Charity Navigator rating). This remains unchanged.
- Now: Criteria expanded such that organizations spending more than 85 percent of budget on programs receive 10 out of 10 points for program expense. Those spending between 33 and 50 percent of budget on programs will receive 0 out of a possible 10 for the program spending criteria.
that more than 2,100 of the 8,000 organizations Charity Navigator rates, (approximately 27 percent) will experience a change in their ratings as a result of the new system implemented June 1. Ratings improved by one star for 19 percent of charities examined, and dropped by one star for 8 percent. Fourteen charities saw their rating increase by two stars and just two saw their rating decrease by two stars.
We recommend organizations evaluate the new criteria to determine the impact it will have on your rating and prepare development and program personnel with the information necessary to respond to stakeholder inquiries.
2016 Office of Management and Budget (OMB) Compliance Supplement
As of the date this newsletter was prepared, OMB had not issued the final 2016 Compliance Supplement. The expectation is that the 2016 Compliance Supplement (CS) will be issued by mid-July. The 2016 CS is effective for fiscal years beginning after June 30, 2015, and will supersede the 2015 OMB CS.
Appendix V of the CS, List of Changes in the 2016 Compliance Supplement
, identifies all changes in the 2016 CS and should be reviewed to begin your process of assessing the changes in the 2016 CS.
Based on the draft version of the 2016 CS, one change that was made to the 2016 CS is the addition of the applicable row from Part 2, Matrix of Compliance Requirements
, to each program/cluster included in Parts 4, Agency Program Requirements
and Part 5, Cluster of Programs
. This has been added to assist auditees and auditors in identifying the applicable compliance requirements and put this in one location.
The 2016 CS will include Part 6, Internal Control, whereas the 2015 CS Part 6 was blank. Part 6 provides an overview and the objectives of internal control. Part 6 describes the characteristics of internal control relating to each of the five components of internal control that should reasonably assure compliance and highlights the relationship between those characteristics and the 17 principles of internal control.
Once the 2016 CS is issued, organizations should review the document for changes to compliance requirements to their programs and ensure they have the proper controls and processes in place.
New Overtimes Rules Issues: What It Means for You
On May 18, the Department of Labor (DOL) issued its final overtime rules which take effect on Dec. 1, 2016. The rules will significantly raise the salary level used to determine whether employees are eligible for overtime and will affect more than 4 million salaried employees. The DOL has more than doubled the current salary threshold for the overtime exemption from $455 per week ($23,660 per year) to $913 per week ($47,476 per year). In addition, it increased the total annual compensation amount required to exempt highly compensated employees from $100,000 to $134,000. These thresholds will automatically increase every three years.
Organizations should review their employee classifications and determine what steps need to be taken to address these new rules. The impact of these new rules on nonprofits needs to be carefully examined as the new regulations will result in higher salary costs for employers.
Update on FASB’s Not‑for‑Profit Financial Reporting Exposure Draft
The FASB is expected to vote on the final Accounting Standards Update on this topic by the end of June. If this occurs as expected, a final ASU should be issued during the summer. The ASU is projected to provide examples that will assist organizations in drafting their statements under the revised guidance.
Return to Table of Contents
For more information on BDO USA's service offerings to this industry, please contact one of the following national practice leaders who will direct your inquiry to the appropriate partner in your market:
National Practice Leader, Nonprofit & Education Industry Group
National Nonprofit & Education IG Catalyst, New York
|Laurie De Armond
National Nonprofit & Education IG Catalyst, Greater Washington, D.C.