Cybersecurity Road Map

September 19th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletAs we have witnessed in the last few years, the cost of cyber threats has grown to be a substantial risk that all organizations face. According to Forbes, cybercrimes are projected to reach $2 trillion globally by 2019. The attempt to mitigate cyber risks through the use of anti-virus software and other turnkey solutions has been proven to be inadequate when faced with today’s threats.

In the past, risk mitigation could be achieved by employing a single dedicated department. That is no longer the case. Executive management and the Board of Directors (“BOD”) must collaborate with Information Technology (“IT”) personnel to develop a dynamic plan that considers both current and future threats. The scale of the plan should not be disproportionately weighted on the financial goals of the company, but should be aligned with the organizations business or mission objectives, regulatory requirements, and threat environment.

On February 12, 2014, the National Institute of Standards and Technology (“NIST”) released the Framework for Improving Critical Infrastructure Cybersecurity. This voluntary guidance should be a roadmap for the Chief Financial Officer (“CFO”) when recommending a robust cybersecurity IT plan. The NIST Framework is divided into four tiers to provide context on how an organization views cybersecurity risk and the effort to mitigate those risk.

Tier 1: Partial

  • Risk Management Process – Organizational cybersecurity risk management practices are not formalized, and risk is managed in an ad hoc and sometimes reactive manner. Prioritization of cybersecurity activities may not be directly informed by organizational risk objectives, the threat environment, or business/mission requirements.
  • Integrated Risk Management Program – There is limited awareness of cybersecurity risk at the organizational level and an organization-wide approach to managing cybersecurity risk has not been established. The organization implements cybersecurity risk management on an irregular, case-by-case basis due to varied experience or information gained from outside sources. The organization may not have processes that enable cybersecurity information to be shared within the organization.
  • External Participation – An organization may not have the processes in place to participate in coordination or collaboration with other entities.

Tier 2: Risk Informed

  • Risk Management Process – Risk management practices are approved by management but may not be established as organizational-wide policy. Prioritization of cybersecurity activities is directly informed by organizational risk objectives, the threat environment, or business/mission requirements.
  • Integrated Risk Management Program – There is an awareness of cybersecurity risk at the organizational level but an organization-wide approach to managing cybersecurity risk has not been established. Risk-informed, management-approved processes and procedures are defined and implemented, and staff has adequate resources to perform their cybersecurity duties. Cybersecurity information is shared within the organization on an informal basis.
  • External Participation – The organization knows its role in the larger ecosystem, but has not formalized its capabilities to interact and share information externally.

Tier 3: Repeatable

  • Risk Management Process – The organization’s risk management practices are formally approved and expressed as policy. Organizational cybersecurity practices are regularly updated based on the application of risk management processes to changes in business/mission requirements and a changing threat and technology landscape.
  • Integrated Risk Management Program – There is an organization-wide approach to manage cybersecurity risk. Risk-informed policies, processes, and procedures are defined, implemented as intended, and reviewed. Consistent methods are in place to respond effectively to changes in risk. Personnel possess the knowledge and skills to perform their appointed roles and responsibilities.
  • External Participation – The organization understands its dependencies and partners and receives information from these partners that enables collaboration and risk-based management decisions within the organization in response to events.

Tier 4: Adaptive

  • Risk Management Process – The organization adapts its cybersecurity practices based on lessons learned and predictive indicators derived from previous and current cybersecurity activities. Through a process of continuous improvement incorporating advanced cybersecurity technologies and practices, the organization actively adapts to a changing cybersecurity landscape and responds to evolving and sophisticated threats in a timely manner.
  • Integrated Risk Management Program – There is an organization-wide approach to managing cybersecurity risk that uses risk-informed policies, processes, and procedures to address potential cybersecurity events. Cybersecurity risk management is part of the organizational culture and evolves from an awareness of previous activities, information shared by other sources, and continuous awareness of activities on their systems and networks.
  • External Participation – The organization manages risk and actively shares information with partners to ensure that accurate, current information is being distributed and consumed to improve cybersecurity before a cybersecurity event occurs.

Once an initial tier has been selected, the CFO and the Chief Information Officer (“CIO”) should collaborate frequently to determine if the initially selected tier is sufficient based upon the achievement of the organization’s target profile. The decision to progress to a higher tier should only be made if the change would reduce the organization’s risk and would be cost effective to do so. As a result, justifying the progression to the BOD may be difficult, especially if the current tier appears to be providing the security necessary to meet the organization’s goals. Utilizing the expertise of the CFO, who understands the financial implications of a breach, and the CIO, who can provide valuable insight based upon observations within the organization and trends that are occurring within the industry, a business case can be presented that addresses the risks, costs, and benefits.

The damage that occurs as a result of a cyber-attack is often embarrassing and in many cases could have been prevented if the proper precautions were taken. Performing a risk assessment is not only considered a best practice, in many cases it is a required step to meet many compliance obligations. Placing emphasis on strategic risks focuses on risks that can have the largest impact on the organizations value, well-being, and reputation.

For more information, please contact a member of the Whitley Penn Risk Advisory Services Team.

Daniel Pitts Audit Staff Dallas Office

Daniel Pitts
Audit Staff
Dallas Office


Changes Coming for Not-for-Profit Financial Statements – Are you ready?

September 8th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletFully comprehending the substance of a Not-for-Profit (“NFP”) entity’s financial statements can be a difficult task for an external user. In fact, current reporting requirements raise many questions for both external users and board members alike, such as:

  • What is or is not donor restricted, and are those restrictions temporary or permanent?
  • How do restrictions imposed by donors, grantors, and governing boards affect an entity’s liquidity, classes of net assets, and financial performance?
  • How should users make sense of inconsistencies in the type of information provided about expenses of the period?

The Financial Accounting Standards Board (“FASB”) hopes to have clarified and improved NFP financial statements for all users with Accounting Standards Update (“ASU”) No. 2016-14, which was issued in August 2016.  The main objective of this ASU is to provide more useful and consistent information to financial statement users from donors, grantors, creditors, or other users, and enable organizations to be more transparent in sharing the results of their mission. Although, this ASU is effect for fiscal years beginning after December 15, 2017 (with early adoption permitted); there are several key provisions that we believe NFP entities should be aware of now.

First, NFP entities will present two classes of net assets on their financial statements, rather than for the currently required three classes.  In other words, rather than presenting Unrestricted, Temporarily Restricted, and Permanently Restricted classes, upon adoption of the ASU NFPs will report amounts for net assets “With Donor Restrictions” and “Without Donor Restrictions”. Disclosures describing the nature and amounts of different types of donor restrictions will still be required.  Additionally, under-water amounts of donor restricted endowments will be classified under net assets with donor restrictions.

Additionally, all NFP entities will be required to present expenses by both their natural and functional classifications, provided in one location, which could be on the face of the statement of activities, as a separate statement, or in notes to financial statements. NFPs will also be required to disclose the method(s) used to allocate costs among program and support functions. It should be noted in the first year of applying this ASU, a NFP entity may omit comparative information for any periods presented before the adoption.

The ASU also provides for disclosures specifically regarding qualitative and quantitative information on the NFP’s liquidity and availability of resources for one year from the date of the statement of financial position.   These disclosures will provide financial statement users with meaningful information regarding the NFP’s ability to meet cash needs within one year of the balance sheet date. Similar to the functional expense requirement, NFPs may omit comparative information in the first year of adoption.

NFP entities will continue to have the choice in using the direct or indirect method of reporting for the statement of cash flows.  If the direct method is utilized, the reconciliation of changes in net assets to cash provided by operating activities is no longer required.

The summary above is not all-inclusive of the updates; however, please contact a member of the Whitley Penn Not-for-Profit team who will be glad to guide you through these and the other changes discussed in the ASU.  We can work together to improve the classification, presentation and disclosures in your NFP’s financial statements.

For more information please contact Susan Powell or Kimberly DeWoody.

Hillari Rawls Audit Staff Fort Worth Office

Hillari Rawls
Audit Staff
Fort Worth Office


Proposed Treasury Regulations Curtail Estate and Gift Tax Valuation Discounts

September 6th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletOn August 2, the Treasury Department issued proposed regulations under Internal Revenue Code Section 2704. The regulations are designed to eliminate the use of certain valuation discounts for controlled entities for estate, gift, and generation-skipping transfer taxes.

Specifically, if the proposed regulations are finalized, they would essentially disallow valuation discounts customarily applied to closely-held family business entities including family limited partnerships (“FLP”). The regulations implement the new rules by revising the existing regulations that define various valuation discount concepts such as what constitutes control and determine the effect of lapses in voting and liquidation rights and restrictions.

The proposed regulations will become effective 30 days after they are finalized by the Treasury Department. With regard to the timing of that effective date, the Treasury Department has provided a 90-day comment period which ends on November 2, 2016.  All comments on the regulations are due on that date.  A hearing is scheduled for December 1, 2016.

The Treasury Department has indicated the new rules will be applied on a prospective basis.  Since the regulations will not become effective until 30 days after finalization, taxpayers may have a window of time to receive the benefits of discounting by gifting FLP or other closely-held family business entity interests before the end of 2016.

Due to the extreme time sensitivity surrounding these changes, we recommend that you contact your Whitley Penn LLP tax advisor who can work with you and our Estate and Gift Tax group to determine what planning techniques can be implemented before the end of the year.

Telephone Scammers Use Threatening Phone Calls to Con Taxpayers

August 18th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletAs you may be aware, a recent tactic used by telephone scammers is calling taxpayers at their homes or places of business posing as IRS agents.  The telephone scammers will demand the immediate payment of federal taxes from taxpayers by threatening them with civil or even criminal action.  In the event that you receive a call from anyone purporting to be affiliated with the IRS, do not give any information over the phone. The IRS website provides a list of several actions that they will never take when attempting to collect a debt from a taxpayer:

  1. Call and demand immediate payment over the phone.
  2. Call regarding a federal tax debt without first mailing a formal notice of assessment and request for payment.
  3. Demand payment of tax without providing the opportunity to challenge or appeal the amount of the assessment.
  4. Require the use of a specific payment method to satisfy a tax liability including a credit card or prepaid debit card.
  5. Request a credit or debit card number over the phone.
  6. Threaten to utilize local police departments or other law enforcement organizations to arrest a taxpayer for failure to pay a federal tax debt.
  7. Request personal or financial information using electronic communication sources including text messages, e-mail, or social media.
  8. Request PIN numbers, passwords, or other similar confidential information.

The scammers often sound authentic and use increasingly sophisticated methods to establish legitimacy.  These tactics include the use of Caller ID, e-mails from the IRS, local law enforcement or administrative agencies such as the DMV, and the provision of certain personal taxpayer information such as home or work addresses or the last four digits of social security numbers.  If you are contacted by someone claiming to be an IRS agent, remember the items previously described and take one or more of the following IRS recommended actions:

  1. Hang up the telephone immediately.
  2. Call the IRS at 1-800-829-1040 to verify your current federal tax status.
  3. Contact the U.S. Treasury Inspector General for Tax Administration (TIGTA) at 1-800-366-4484 or
  4. Contact the Federal Trade Commission at to file a complaint.

If you have already provided your federal tax information via telephone or other method or if you have any questions or concerns regarding this issue, please contact your Whitley Penn tax advisor.

Kristen Sayegh Tax Senior Houston Office

Kristen Sayegh
Tax Senior
Houston Office

Erroneous Employment Tax Deposit Penalty Notices Issued by IRS

August 12th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletThe due dates for remitting employment taxes depends on several factors and vary for each employer.  An employer may be required to deposit employment taxes on a next-day, semi-weekly, or monthly basis.   However, if the applicable due date falls on a Saturday, Sunday, or legal holiday, special rules may change that due date for employment tax deposits.

This year the Memorial Day holiday was observed on May 30, 2016.  Therefore, the due date for next-day payroll tax deposits that normally would have been due on May 30 was instead Tuesday, May 31, 2016.   The due date for semi-weekly deposits that normally would have been due on Wednesday, June 1, 2016 was instead Thursday, June 2, 2016.

Due to a programming error, the IRS taxpayer records system did not recognize the changed due dates attributable to the Memorial Day holiday and incorrectly issued late payroll tax notices to certain next-day and semi-weekly payroll tax depositors.  The IRS has acknowledged the error and issued official guidance on its website regarding the remedy for any assessment related to the error.

Taxpayers who received Notice CP161 regarding a failure to deposit penalty will receive updated notice CP210/220 stating that their account has been  adjusted and that no penalty will be assessed.  Taxpayers who received Notice CP276B regarding an incorrect payroll tax deposit with no corresponding penalty assessment will not receive any further correspondence.

If you are an affected employer who received a notice solely related to the changed due dates attributable to the Memorial Day holiday, your employer tax accounts should be automatically updated and no further correspondence is required on your part.   If you continue to receive correspondence from the IRS or have any concerns that your accounts have not been properly adjusted, please contact your Whitley Penn tax advisor to discuss the additional steps necessary to correct any errors.

The 2016 OMB Compliance Supplement is finally available!

August 3rd, 2016 by Whitley Penn | Permalink

WPlogoColorbulletThe 2016 OMB Compliance Supplement (CS) is effective for single audits of fiscal years beginning after June 30, 2015, and supersedes the 2015 OMB CS.

The link where to find the CS has changed. If you have a bookmark in your browser, be sure to change it to this link.

Please click this link to access the 2016 OMB CS.

There are several changes to the 2016 CS, this is a brief summary of notable changes:

  • The Uniform Guidance (2 CFR 200) is referenced throughout the compliance supplement.
  • The usage of the terms “must” and “should” was reviewed and clarified.
  • Requirements D and K are still shown as “reserved”.
    • The “old” requirement D (Davis-Bacon Act) is now part of requirement N (Special Tests and Provisions) for certain federal grants.
    • The “old” requirement K (Real Property Acquisition and Relocation Assistance) has been removed.
  • The matrix of compliance requirements (Part 2) will clearly show “N” if the program normally does not have activity subject to that type of compliance requirement. This is a small change, in that the 2015 CS showed shaded cells when a requirement was not applicable.
    • Keep in mind that although a compliance requirement is labeled as “N” in the matrix, understanding the program’s grant agreement or contract is key since it might require the auditor to test the compliance requirement if the requirement could have a direct and material effect on a major program.
  • Part 3 – Compliance Requirements
    • This part is still divided in two: Part 3.1 (requirements for Federal awards made prior to December 26, 2014) and Part 3.2 (requirements for Federal awards made on or after December 26, 2014).
    • Discusses effect of Council on Financial Assistance Reform (COFAR) published Frequently Asked Questions (FAQs) updated September 2015, related to the Uniform Guidance and its application.
      • Per the 2016 CS these FAQs should be considered when planning and performing single audits subject to the Uniform Guidance.
      • The FAQs can be found here.
    • Discusses the current micro-purchase, small purchase and simplified acquisition thresholds for procurements methods.
    • Reflects the two full fiscal year grace period for the implementation of the procurement standards specified in the Uniform Guidance.
  • Part 6 – Internal control is added back to the 2016 CS, it was removed from the 2015 CS.
    • This section discusses: the objectives of internal control, the 5 components of internal control, and the 17 principles of internal control. It also provides overall assistance for the auditor to plan and perform the audit.
  • Appendix VII Other Audit Advisories
    • Discusses the effect that the Uniform Guidance has on the major program determination.
    • Covers the effect that the non-availability of the Federal Audit Clearinghouse has, during part of 2015 for the submission of the data collection form, on the low-risk auditee status.

For a full list of the 2016 CS changes consult Appendix V “List of Changes for the 2016 Compliance Supplement”.

The AICPA GAQC has released Alert # 311 listing other key changes and important aspects of the 2016 CS.

For more information, please contact a member of the Whitley Penn Public Sector Audit Team.

Thania Gonzalez Audit Manager Houston Office

Thania Gonzalez
Audit Senior Manager
Houston Office

Whitley Penn Serves the Tarrant Area Food Bank

July 20th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletThe Tarrant Area Food Bank (TAFB), combined with 300 Partner Agencies throughout 13 counties, serves more than 2 million meals each month to more than 53,000 households.  The Partner Agencies, mobile solutions, children’s programs and social services provide access to 460,000 nutritious meals on a weekly basis.

I grew up on a farm in Hill County and am the youngest of 10 kids. We worked in the fields every day, unless you were the unlucky one who got stuck working in the garden or canning.  We ate what we grew and if I went to bed hungry it was because I was a picky eater, not because food was not available.

1 of 4 children in our community live in “food-insecure” households.  Wait… what?!!!  “Food insecure”?  What does that mean to you? To me it means that my husband Pat and I have not been to the grocery store and we’re arguing about who is going to pick up the pizza. To these children, it means that they don’t know when their next meal will be.

That anyone, much less a child, does not have food is appalling to me.

I believe that we are here on earth to help each other in any way we can.  We may not all have money to donate but we can come up with three hours a month to help someone else.

Whitley Penn started volunteering with the Tarrant Area Food Bank in 2011. Packing kids’ backpacks with food for their evening meal, or for the weekend, when they do not have access to the free breakfast or lunch programs at school.  Such a simple thing… sorting and packing food. Anyone can do it, and we have had SO MUCH FUN! Join me! We volunteer the second Wednesday of each month by inspecting, sorting and packing food items to be used in the Children’s Food Program at the Tarrant Area Food Bank.

Whitley Penn has been rooted in Tarrant County for more than 33 years and it is our honor to volunteer with an organization that provides assistance for the future leaders of our community. Their next meal shouldn’t be a worry and we are proud to assist with the mission to end child hunger in Tarrant County.

Fore more information on how you can get involved, visit the TAFB website or email to join our monthly volunteer shift.

Ronnie Craven Assistant Controller Fort Worth Office

Ronnie Craven
Asst. Controller
Fort Worth Office

Survival Tactics for Internal Audit in a Struggling Economy

July 18th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletIt’s no secret that we are in the midst of a struggling economy. Networking events that were once filled with upbeat conversations about opportunity and growth are now filled with talk of workforce reductions and impending bankruptcies. The effects of an economic downturn are eventually felt across all industries and in all areas of organizations, including Internal Audit (“IA”). One challenge that IA groups face during a downturn is an increasing pressure to prove their worth within their organizations.

When asked to consider the various terms used to describe IA groups inside the companies in which I have worked, the following come to mind: cost center, support group, non-core function. Let’s face it, none of these titles do a great job of selling the important role that IA plays inside an organization. It is up to us to adapt our role to the changing risk environment and find creative ways of demonstrating our value to the organization. The following four concepts should help you promote your current audit plan in a more constructive way or provide you with new ideas to incorporate into your plan that directly help organizations when money is tight.

  1. Play a key role in the organization’s cost reduction plan. Although IA activities do not typically generate revenue, there are projects you can add to your plan to directly assist your organization in saving money. As organizations embark on developing cost reduction plans, IA can play various roles to aid in the plan’s success. During the planning phase, IA can add value by providing an objective perspective on the proposed plan, evaluating feasibility of estimated savings and helping think through potential unintended consequences to ensure that the plan does not put the company at risk (e.g. cutting IT budget means baseline security activities can’t be carried out). Additionally, IA often has insight into many areas of the organization and can provide valuable input into the key processes that drive certain costs. Once the plan is underway, IA can audit the savings numbers that are reported by each department. This is not only a good practice, but one that is sure to be appreciated by management. By including regular reviews as part of your audit plan, you support sustainability of the program and provide management with objective assurance that the reported results are accurate.
  1. Introduce cost recovery audits. Probably the most direct, or obvious, way to demonstrate that IA can support the company’s cost saving initiatives is to spearhead your own. If you don’t already perform contract compliance audits as part of your audit program, now is a good time to start. The objective of these audits is simple – to detect and recover over-billed costs from contractors, vendors and/or suppliers. These audits can be outsourced to various cost recovery firms that perform the audits for a contingency fee only, meaning it costs your organization nothing unless the auditors recover money. This may be one of the only times you get to actually deliver a check along with your audit report.
  1. Measure Value. It can be difficult to quantify the value added by IA, which is why these metrics are often excluded from reporting materials. In July of 2015, the Institute of Internal Auditors Research Foundation (“IIARF”) published the Global Internal Audit Common Body of knowledge (“CBOK”) report, Driving Success in a Changing World: 10 Imperatives for Internal Audit. A surprising insight from this report is that less than 32% of respondents indicated that they measure internal audit value. To truly demonstrate IA’s worth, you have to measure it. There are endless publications on the various KPIs that IA departments can report to management and the Audit Committee. However, the challenge is deciding which metrics are meaningful in demonstrating value in a way that will speak to your audience. Instead of highlighting traditional KPIs such as department productivity or audit report cycle time, try using one of these in your next Audit Committee presentation:
    1. Number of projects that support key business initiatives
    2. Number of major compliance findings (a clear way to demonstrate risk avoidance)
    3. Dollars spent vs. dollars audited
    4. Number of recommendations made that resulted in process efficiencies (even better if you can link to dollars or internal hours saved as a result)
  1. Embark on a marketing campaign. If someone asked you to describe IA’s value, you could certainly rattle off a lengthy list of contributions to your organization; risk management, fraud prevention, increased process efficiency, internal control oversight… just to name a few. However, the truth is, no one is going to ask you. You are going to have to tell them, and in most cases, multiple times and in multiple ways in order to get your point across. Although promoting IA takes time and effort, the payoff is well worth it. Here are some ways you can start marketing your department today:
    1. Create marketing materials. This can be as simple as a power point deck, a poster, or a brochure. The materials should include basic information on what the IA group does and highlight how the group can help individuals or departments manage risk or iron out process inefficiencies. The good news is you don’t have to start from scratch. There are resources that provide templates or ideas for promotional materials. For example, the month of May was declared International Internal Audit Awareness Month by the Institute of Internal Auditors (“IIA”) and a toolkit aimed specifically at helping auditors raise awareness can be found on the IIA website.
    2. Identify your audience. Make it an annual team goal to present materials to a certain number of groups within the organization. Getting buy in from all areas of the organization is key to establishing yourself as a vital part of the company.
    3. Maintain awareness. In order to sustain the benefits of your marketing efforts, you must continue to stay present within your organization. These efforts can range from simply visiting other department’s staff meetings to update them on relevant projects to creating an internal website that highlights the department’s recent accomplishments. The goal is to stay “top of mind” with your stakeholders.

The bottom line is, we do not get to choose the risks facing our organizations, but we can choose how we react to them. With a little flexibility and creativity IA can support the organization’s risk strategy and ensure their efforts are recognized.  Is your IA group adapting to the current risk landscape? For more information, please contact a member of the Whitley Penn Risk Advisory Services team.

Anne Slattery, CPA, CIA Risk Advisory Services Senior Manager Houston Office

Anne Slattery, CPA, CIA
Risk Advisory Services Senior Manager
Houston Office


What Your Lender Wants to See – Commercial Versus Asset Based Lending

June 2nd, 2016 by Whitley Penn | Permalink

WPlogoColorbulletHow much information your lender wants to see from you is dictated by their assessment of your risk profile.  How much availability do you need?  Will you actually utilize your line or are you just using it as a safety net?  What are the market conditions of your industry?  How leveraged are you?  What risk factors affect your business?

  • Market Concentration Risk?
  • Customer Concentration Risk?
  • Vendor Concentration Risk?
  • Inventory Risk?
    • Does the company have slow moving or obsolete inventory?
    • Is the inventory over-valued?

A company needs to be able to paint a picture of how these risk factors are mitigated and have that picture ready for showing at any given time.  Also, your painting needs to be contemporary.  No one wants to see a Renaissance piece that doesn’t accurately reflect the current status of the company and the direction the company is heading.  This is achieved by having this information as part of your routine financial reporting and planning process.

Commercial Lending is where most companies start out their capital acquisition process.  The primary advantage of Commercial Lending is the reporting, auditing and valuation requirements are less onerous.  Also, Commercial Lending has less direct and indirect costs.  At the heart, commercial lending has the same basic requirements as asset based lending: a set of financial statements, a borrowing base calculation and a compliance certificate.

The borrowing base is a calculation that shows the value of your pledged collateral at a point in time.  In a typical commercial lending situation, reporting is required monthly and is typically based upon a percentage of eligible accounts receivable and inventory, which is usually valued in the same manner as it is on the company’s books.  Eligible accounts receivables and inventory are found by deducting any pre-defined “Ineligibles”.  Ineligibles take into account items that are perceived to have more risk, such as aged inventory, aged accounts receivable, and accounts receivables with a concentration of aged invoices, customer concentration risk and foreign risk.  In a commercial lending environment these ineligible items may not be as clearly defined as in an asset lending environment.  For instance there may not be a definition of what constitutes “slow-moving and obsolete” Inventory leaving the interpretation of what constitutes “slow-moving and obsolete” to the company.

In general, the lending industry sets the bar for ineligible inventory at inventory that has not been used for one year, depending upon the type of business and business cycles.  Accounts receivable are usually considered ineligible at 60-90 days.  Terms can be different for customers that have a lower risk profile and are able to be negotiated up front.

There may be even more room for flexibility in terms utilizing an asset based lending platform as these borrowing base reports tend to be more customized to the client’s needs.  Even though flexibility is a selling point, the primary advantage of the asset based lending model is the potential for increased availability.  Asset based lenders usually will consider larger deals than commercial based lenders before having to partner with another organization in a “Club Deal.”  In exchange for this flexibility, the fees and interest rates are usually higher and there is increased scrutiny and reporting requirements.

For instance, the commercial lender may agree to accept an internally generated balance sheet and income statement or a lesser level of accounting report such as a compilation or review (again dependent upon risk assessment).  Alternatively, asset-based lenders are more likely to require an audit report.  Asset based lenders tend to prefer reporting on a more frequent basis, such as weekly.  The borrowing base reports are significantly more detailed and are more likely to be subject to field audits by the lender, the cost of which will be borne by the client.  Lenders may even require audits on a more frequent basis than annually if the risk assessment warrants.  Independent valuations of inventory and other collateral such as real estate that may secure the line are more common in the asset based model. These valuations can lead to a higher discounting of values from the amount reported on the books and records of the company.  For instance, although asset based lending may provide a higher advance rate on inventory, the starting point for valuation may be net orderly liquidation value rather than lower of cost or market.  That is the cost at which the inventory would be sold if the lender had to seize and liquidate the inventory, less the cost associated with the liquidation process.

Regardless of which financing vehicle works best for your business needs, you still need to paint the same picture of why you need the financing and what you are doing to mitigate the inherent risk in your industry and environment.  This picture should consist of solid, accurate and timely financial statements.  Although, the lender may accept a balance sheet and an income statement they will likely prefer a full set of financials including a statement of cash flows and notes to the financial statements.  A well formatted, full set of financials illustrates a different level of sophistication to your lender than one that is simply printed from the accounting software.

Financial Statements provide the background of your picture and may be enough for your current needs.  However, it is a good idea to have a more detailed financial package available, if requested by the lender.  Some reasons for having more information than required readily available include but are not limited to:

  • A business opportunity that arises that needs immediate capital outlays
  • An unplanned market down-turn, such as what is currently being experienced in the oil and gas industry
  • An unplanned natural disaster such as hurricane or flooding

When contemplating an increase in credit facility, lenders like to see a solid business plan that includes the following information: forecasts, budgets, 13-week cash-flow projections and long-term cash flow forecasts.  These financial reports are also excellent tools for making operational decisions.

For cash flow statements, they have key information that show a company’s ability to cover their obligations, a few of these are listed below:

  • Can the company pay its cost of human capital (employee’s salaries and benefits)?
  • Can they cover their facilities cost?
  • Can they pay their tax obligations?

Another point to keep in mind is that a lender can give you a credit line, but if the company does not have the borrowing base to support it, it will never be able to utilize the full capacity of the line.  It is important to include a forecast of your borrowing base availability with your cash flow forecasts, this is especially important during periods of tight liquidity.  Lenders typically like to see a good cushion of undrawn availability, usually between 15 – 20% of the total credit facility.  Although, it is ok to temporarily max out your credit facility, lenders are adverse to clients constantly remaining at the maximum amount drawn.  Staying in this position will increase your risk rating with the lender and therefore increase your costs, decrease your ability to increase the credit facility, and increase audit and documentation requirements.

Lenders, also, like to see how the company is performing compared to its budget by analyzing plan to actual variance data.  So it is best to have this information readily available to the lender, if it is requested.

If these items are prepared as part of routine reporting and planning process, then you will be ready if the need arises.  Additionally, you will have a vivid picture that tells the story of where your company has been and where it is going.  Further, you will have invaluable tools to help you in making your operational decisions.  It is a win-win situation with both practical everyday application and an insurance policy and disaster recovery document all in one.

For more information, please contact a member of the Whitley Penn Tax Team.

Mary Gauss Tax Senior Manager Houston Office

Mary Gauss
Tax Senior Manager
Houston Office

FASB Proposes Update to Standards for Restricted Cash

May 4th, 2016 by Whitley Penn | Permalink

TWPlogoColorbullethe Financial Accounting Standards Board (FASB) has indicated that diversity exists in the way changes in restricted cash are classified and presented on the statement of cash flows. In response to this finding, FASB’s Emerging Issues Task Force (EITF) has issued an exposure draft proposing changes regarding the treatment of restricted cash on the statement of cash flows.

The EITF claims that current GAAP (General Accepted Accounting Principles) lack specific guidance that addresses how to classify and present changes in restricted cash or restricted cash equivalents that occur when there are transfers between cash, cash equivalents, and amounts generally described as restricted cash or restricted cash equivalents. There is similarly no guidance to address the classification and presentation of changes in restricted cash and equivalents that occur when there are direct cash receipts into restricted cash or equivalents, or when there are direct cash payments made from restricted cash or equivalents.

This lack of specific guidance has resulted in the diversity in practice. On the statement of cash flows, entities currently classify transfers between cash and restricted cash as operating, investing, or financing activities, or as a combination of the three. Additionally, some entities present direct cash receipts into, and direct cash payments made from, a bank account that holds restricted cash as cash inflows and outflows, while others disclose those cash flows as noncash investing or financing activities.

The amendments in the proposed update would reduce the aforementioned diversity in practice by requiring that a statement of cash flows explain the change during the period in the total of cash, cash equivalents, and amounts generally described as restricted cash or restricted cash equivalents. Therefore, amounts generally described as restricted cash and restricted cash equivalents would be included with cash and cash equivalents when reconciling the beginning-of-period and end-of-period total amounts shown on the statement of cash flows. These amendments would be applied retrospectively to all periods presented.

The exposure draft is open to public comment on the proposed changes until June 27, 2016. The effective date of these amendments will be determined after that date, once the EITF has reviewed the feedback on the proposed update. To view the FASB Exposure Draft, follow this link.

For more information, please contact a member of the Whitley Penn audit team.

Kevin Barr Audit Staff Dallas Office

Kevin Barr
Audit Staff
Dallas Office

Whitley Penn

About Whitley Penn

Established in 1983, Whitley Penn has become one of the region's most distinguished accounting firms by providing exceptional service that reaches far beyond traditional accounting.

Today, with offices in Dallas, Fort Worth and Houston, 40 partners, approximately 300 exceptional employees, and a worldwide network affiliation through Nexia International, we are strategically positioned to grow and excel in the future.

Contact Whitley Penn

Dallas: 214-393-9300

Fort Worth: 817-259-9100

Houston: 713-621-1515

masters in accounting

AICPA’s CPA Letter Daily