• Pages

  • Laresa McIntyre, CMA, MBA
    Senior Finance Executive ~
    Change Catalyst ~
    Highly-Adaptable Leader

  • Visit My Website

  • Follow Me

  • Team in Training

    Donate to fight blood cancers!!

    In addition to my professional life, I run marathons and half-marathons to raise money for the Leukemia & Lymphoma Society to help in the fight against blood cancers. Contribute to the fight by making a donation -- just click on the logo above.

Don’t Risk Your Data — Assess It

Disgruntled employees, hackers, incompetent personnel and competitors engaged in corporate espionage are all concerns for a business.  Even more concerning is what they can do to your data.  Theft, corruption, errors or complete data loss are reason enough to possibly lose some sleep at night.  This is why every business must be cognizant of the potential risks to their information.  This doesn’t just refer to financial data but also key information needed to continue being a viable entity.  Customer lists, proprietary information about products or services, and contracts that give the business a competitive advantage all fall within this group.  In order to ensure that data is safe, an information security risk assessment should be conducted at least on an annual basis.

Even before a risk assessment is conducted, the business will need to determine a set of baseline standards related to data security that it should meet.  These standards will look at things like access rights, password protocols, physical controls over equipment, policies and procedures for the business and many other items.  Once these standards are set, then the risk assessment should look at the following areas:

  • What information sources does the business have and what information comes from those sources?
  • How sensitive is each data source? Does it contain information that if breached would become a legal issue (like credit card information or employee data)?  Is it commercially important to the business?  Or is it just “run of the mill” information that if disclosed would not cause any harm?
  • What would be the business impact if the data source was compromised, lost or stolen?
  • What is the level of threat and degree of vulnerability to each data source from internal attacks, external attacks, system malfunctions, process changes or regulatory requirements?
  • What is the likelihood of an incident in each of these areas occurring?
  • What are the specific risks in each of these areas that can be identified?

On the surface, this might seem a daunting task but if you assess the top four or five data sources for the business, this will usually flush out most of the major issues.

This process is usually driven by the Internal Audit department but if your company doesn’t have one, it may be the responsibility of ensuring the assessment is done will fall to the finance & accounting department.  However, this doesn’t mean you should be the only ones involved in the assessment.  Getting input from all functional areas of the company is important.  Also, this isn’t and shouldn’t be an exercise conducted by the IT department alone.  Although our friends in IT are usually on top of what’s happening in the business from a data perspective, this assessment is more than just making sure password protocols and firewalls are in place.  The assessment speaks to the entire business process and should be treated as such.

There is also another very good reason to involve others.  It is important to get consensus from within the business about what data is most vital to ongoing operations.  Everyone thinks their information is important but in the big picture, some data sources will be heads and shoulders above the rest.  These are the data sources that need to be examined with a critical eye and it makes the process easier when everyone has agreed to this.

As the risk assessment is completed, it will highlight areas of concern and a list of things to be done to improve data security will result.  Some of these things will be IT-related but the list may also include efforts by the HR department to write up policies and update employee handbooks, or require department managers to educate their employees about new procedures.  By considering the analysis on data sensitivity, business impact, threat and vulnerability, and likelihood, this list can be prioritized to drive the work to the biggest issues first.  The end result is hopefully more secure data and a few less sleepless nights.

FIN 48: Accounting for Uncertainty in Income Taxes

Today’s post is a guest post from a colleague of mine.  His name is William Crozier and he has over sixteen years of experience dealing with tax issues including their proper financial reporting.  William has his own consulting practice providing temporary tax function management, support and advisory services.

The time has finally come for private companies that issue GAAP financials to implement FIN 48 – Accounting for Uncertainty in Income Taxes.

On July 13, 2006, the FASB issued FIN 48, the most significant change to accounting for income taxes since the adoption of the liability reporting method or FAS 109.  The purpose of FIN 48 is to clarify the recognition of uncertainty by establishing a minimum threshold a tax position is required to meet before being recognized in the company’s financial statements.  FIN 48 applies to taxes covered by FAS 109 for regular for-profit organizations, pass-through entities such as partnerships, non-taxable entities, REITs and other registered investment companies.

Recognition under FIN 48 works based on a two-step process of recognition and measurement.  Recognition occurs when a tax position, based on its technical merits, is more likely than not to occur.  The amount recognized or measured will be the largest amount of benefit or liability that is more likely than not to be realized upon ultimate settlement, determined on a cumulative probability basis.

The recognition now required under FIN 48 clarifies the recognition and measurement previously done under FAS 5. The most intrusive or disheartening aspect of FIN 48 is its new disclosure requirements.  The new rules now require a tabular roll forward of the beginning and ending aggregate unrecognized tax benefits plus the specific detail related to tax uncertainties for which it is reasonably possible that an amount of unrecognized tax benefit will significantly increase or decrease within twelve months.  The “rub” comes from the fact that work product previously protected by client-attorney privilege could lose its protection since it will now have to be revived by outside auditors in support of reporting under FIN 48.  The Internal Revenue Service has had a “Gentlemen’s Agreement” that they would not automatically request FIN 48 work papers but has reserved the right to do so on an individual basis.  One such request is currently working its way through the courts.

So, what does this mean?

As with any new pronouncement from FASB, it means a lot of work.  The first thing you will want to do, if you haven’t done so already, is to meet with your outside auditors as soon as possible to scope out document requests and plan their review.  A proper FIN 48 review will look at every issue, no matter if it is questionable or not.  For example, if you have a subsidiary that pays a tax-free dividend to its parent every year, as part of your FIN 48 review process, you will have to document its proper tax treatment even though it is established law.  To give the reader an idea of the possible documentation needs, a recent FIN 48 review that I was involved with for a medium-sized multinational company consisted of about eight medium sized three-ring binders.

What Marathon Training & Business Share in Common

Over the past 4 years, I have completed 4 marathons and when I stopped to think about the effort required to train for one, it occurred to me there are many parallels to the effort expended in starting and running a business.

Deciding To Do It

Whether you want to run a marathon or start a business, at some point in time you make the decision to do it.  Each person’s motivation may be different but the end result is making the commitment to proceed.

Making a Plan

Planning is probably the most important part of the entire process because it provides the roadmap to success.  For a marathon runner it includes picking a race, putting together a training schedule, deciding if you want a coach or not and seeking one out if you want one, getting the right shoes and clothes, and finding running routes where you can train.  It’s not so different for a business.  The business plan includes setting goals and objectives, finding a mentor or advisor if you want one, buying the equipment you’ll need to run the business, setting out a marketing plan, and getting the funding needed for the business.  Without a plan, you’re just running without purpose!

Adjusting to Setbacks

The best laid plans can go awry and setbacks are inevitable.  Sometimes the setbacks can be minor — a training run that doesn’t happen because of lightning or an ad campaign that doesn’t quite create the excitement you were hoping for.  These can be overcome with some tweaks to the plan.  But sometimes the setbacks are major — an injury that makes running impossible or a necessary bank loan that doesn’t come to fruition.  These setbacks require hard decisions like whether to continue.  Just like a marathon runner who continues to train when they are injured and ends up doing more damage, possibly ending any chance of ever doing a marathon, a business that reaches an impasse too difficult to surmount can do more damage by plowing forward (like bankruptcy court).  It is possible for time to correct the setback — waiting until the injury is healed and picking a race later in the calendar, or waiting until the credit markets open up to get that loan.  You just need to decide if you want to wait.

Staying Committed

Provided you haven’t hit a major setback that puts a complete end to your plan, to be successful you must be committed to the process.  A training schedule that you don’t adhere to will lead to disaster on race day.  A business plan not followed will result in half-hearted attempts to be successful.

The Big Day

For the marathoner, race day is the culmination of all of the hard work and training that has consumed their life for the past 16 – 24 weeks.  It’s the big day and they savor every moment.  Every business has a big day as well (or several) — the pitch to a retailer that results in a purchasing contract for your product or landing a big consulting job.  Businesses should savor these moments as well.

On to the Next Challenge

Once the marathon is done, many people feel a let down.  The thing they have been working so hard to achieve is now done.  This usually leads to signing up for another race so the whole process can start again.  Yes, the marathoner is a strange breed who finds pleasure in the pain they put themselves through.  So, too, is the business person.  They work hard to get that contract and instead of resting on their laurels, they move on to the next challenge because that is what defines success for them.

Whether your race is 26.2 miles or the quest to be the best in your industry, run well, run often and never look back!

Financial Reports: Useful or Useless?

Finance & accounting departments are ultimately about reporting.  If you are a public company, there is the required reporting to the SEC and the shareholders.  And regardless of whether you are public or private, there are many other external reports that allow the business to meet its obligations to external stakeholders like banks.  But the focus of this post is on the internal reporting within every company.  This is the reporting that is hopefully adding value and helping to provide direction as the business drives towards its goals and objectives.  Unfortunately, all reports are not created equal and many fall far short of the value they were intended to create.

The problem with reports that don’t live up to their expectations is they are time wasters on two fronts — for finance & accounting who prepare the reports and for everyone else trying to decipher what information in the report is important (if any).  When this happens, people begin to question the value of not just the reports but of the finance & accounting group as a whole.  As financial professionals, we are expected to provide information that is valuable to decision-making; clear, concise & accurate in its presentation; and timely to the needs of the business.

Probably the biggest pain is the reports that have been around since the dawn of time.  They are usually the biggest drain on resources because of the way they are structured and where the information comes from.  These reports probably bear no resemblance to where the business is today and focuses on things that are no longer goals of the company.  But if you ask everyone if the report can be stopped, they drag out their pitchforks and want to lynch you for even suggesting it.  How can they possibly continue when the report has been a part of their business life for so long?  I remember one of my employees coming to me about a report like this and asked what they should do.  I looked at the report and, in my opinion, it really wasn’t a valuable report.  My advice — don’t do it for two weeks and see if anyone squawks.  Surprisingly (or not), not a single person noticed the report was missing!  The takeaway from this is every report should be reviewed with a critical eye on a regular basis to determine if it still adds value in the context of the business’ goals and objectives.  If it doesn’t, show it the door.

Equally important is reviewing reports to see if gains in efficiency can be made in preparing them.  Look for reports that contain the same information and see if they can be consolidated.  Determine if detail is really necessary or if the report users just want the summary.  Also, see how often a report is really needed.  If the report users only look at the information once a month before a scheduled meeting, why are you busting a gut getting it out weekly?  Ensuring that reporting is a value-added exercise requires good communications between finance and the rest of the business.  Understanding their needs and balancing it with what we can do given the resources we have can be a challenge.  But if the end result is better reporting leading to better decision-making, we’ve done our job well.

(De)Centralization

Someone once told me a story about a man who only kept two files in his desk — one on how to centralize the company and one on how to decentralize it.  It turns out every time there was a change in leadership, there would be a corresponding shift in the way the company was structured.  Why all the flip flopping?  Is one structure better than the other?  Or is this just a case of someone putting a stake in the ground to put their own signature on the company?

Quite honestly, there is no clear cut answer about what is best for a business.  Whether to centralize or decentralize needs to be evaluated on a case-by-case basis by considering the goals of the company and how interactions, both internally and externally, will get the business to those goals.  What happens more often than not is a hybrid situation.  Sales is decentralized but marketing is centralized.  HR is centralized but operations is decentralized.  However, there are two areas of a company where I think at least some centralization needs to be strongly considered — finance & accounting and IT.

Many of the arguments for centralizing these two functions are similar:

  • There are economies of scale to be gained from managing bulk transactions or company-wide systems with a dedicated group of employees.
  • Consistency and best practices can be filtered throughout the organization.
  • Maintaining controls and ensuring prescribed procedures are followed is easier.

In today’s economy, and with the multitude of legislative requirements especially surrounding the finance & accounting field like SARBOX, these thoughts should be at the top of the list when considering the centralization question.  Centralization of functional areas like A/P, A/R, cash management and payroll is important to consider since these are prime gateways to fraud and embezzlement.  And the recent stories coming out of Koss, Avaya and Bank of America should certainly make us sit up and take notice.  This is not to say centralization would completely protect a company but it’s easier to ensure the controls to prevent it are followed.

Even though it may seem I’m a huge proponent of centralization for finance & accounting, you will notice I said some centralization needs to be strongly considered.  One of the downfalls of having all of finance & accounting run from a central perspective is often the creation of an “us vs. them” mentality.  Finance is viewed as being prohibitive, not working with the business and being more concerned with following the rules regardless of the impact on operations.

There is a way to avoid this — ensure there is good communication between finance and the business units.  One of the best ways to accomplish this is to have a dedicated accountant or analyst working with each group that is actually part of their team.  The accountant can act as a champion for the unit to see their needs are addressed but are still balanced with the requirements from the center.  They also gain a better understanding of the unit and can provide the insight needed when doing variance analysis or business evaluations as part of the reporting process.  This is how I structured my department and each of my accountants became a valued team member whose opinion was sought in day-to-day decision making.

Ultimately, each company must weigh their requirements and their culture to structure the finance & accounting function so it provides the support and value needed by the business.  Just remember, it doesn’t have to be an all-or-nothing proposition when it comes to centralization or decentralization.

It’s OK to Let Go: Sunk Costs

I’m sure you’ve heard at some point in time someone say “but we’ve invested all this money so we have to keep going”.  For the folks that say this, the need to continue on a path is directly correlated to how much money has already been spent.  For them I have two words — sunk costs.

It is essential for everyone in business to understand the concept of sunk costs.  Sunk costs are costs that have already been incurred and cannot be recovered regards of what happens in the future.  In other words, what’s spent is spent.  Now I’m well aware of the fact that sometimes this spend is quite large and someone may have expended a lot of time and energy on a project.  But if continuing to put more money in a project is not going to result in positive returns, by all means stop!  What’s spent is spent and spending more is not the road to redemption.

I remember when I worked for a food manufacturer; they decided to start manufacturing a new candy.  A formula was created and a few test runs were made which seemed to go well.  The concept was presented to the sales group to see if there would be an interest in the market for it.  There was instant enthusiasm and work on a marketing campaign was started.  Then they started full-scale manufacturing.  What happened next was anything but good.  The equipment they were utilizing was really not up to the task of a different formulation causing the scrap rates to be 50%+ and getting a good quality product was very difficult.  They tweaked and played but the reality was they needed to buy new equipment to make this candy.  And new equipment wasn’t an option because the return wasn’t large enough to warrant its purchase.  So guess what they did?  Because so much money had already been spent on R&D and the marketing campaign, they plowed forward.  Eventually, they realized it wasn’t going to work and scrapped the project.  But if they had considered what they had already spent as being a sunk cost and stopped earlier, they wouldn’t have had good money chasing bad.

Most businesses are guilty of doing exactly this at some point in time.  A project that creates a sense of enthusiasm and rallies people to it can produce this blindness because everyone wants it to succeed at all costs.  However, businesses need to be disciplined and have ways of preventing the groundswell of enthusiasm from drowning good decision making.  And they need to ensure they have communicated to their employees that if something fails, it’s OK to let go.

Pay it Right

I’m currently reading “Discovery-Driven Growth” by Rita McGrath & Ian McMillan and came across this quote which I thought was so appropriate for today’s post:  “Whenever you see someone doing something really stupid in business, there’s a good chance that he thinks he’s being rewarded for it.”  We all know this scenario and it doesn’t usually turn out well for businesses.  We want people to go left but they go right.  And sometimes it’s because we set the cheese at the end of the maze on the right, not the left.  Our fault.  How do we fix the problem?  We need to look at the way our pay and incentive programs are set so we encourage the behavior necessary to make the business successful.

Incentive programs at many companies are still tied to the static budget.  You may recall in one of my earlier posts I said the budget represents a best guess about where the business will be, given the set of assumptions made at the time the budget was created.  Tying the budget and bonuses together makes the budget even more suspect as to its value.  This is because it inevitably leads to the back-and-forth negotiating that is such a frustrating exercise during the budgeting process.  Because employee bonuses are tied to achieving a static number, employees are motivated to get the number as low as possible to make the task involved in getting the bonus easy.  Management, on the other hand, has business growth in mind and wants to set the target as high as possible to gain the most.  What we end up with is a compromise of something in between that doesn’t reflect employee capabilities, company capabilities or economic conditions.

What if, instead, we structured the incentive program so it was based on the attainment of short-term goals actually related to the strategic plan of the business or on relative measures of growth year-over-year?  This type of setup keeps employees focused on the things that are important to the company and would eliminate the frustration employees often feel when they know getting to the static budget number is not possible.  For example, if the company wants to grow sales year-over-year, the bonus program could be set so for every 2% in sales growth achieved, the employee receives 5% of their salary as a bonus.  What if we also said there was no cap to the potential bonus a person could achieve?  Do you think the employee would be more motivated to do the things needed to grow the business if they know they will benefit from their efforts?

Now, I know there are pundits out there who will say money isn’t a good motivator and things like promotional opportunities and a good working environment are equally, if not more important, in keeping a work force happy.  I will not disagree these are important.  But for those of you familiar with Maslow’s Hierarchy of Needs, you know getting to the higher levels of the pyramid (love, belonging, self-esteem & self-actualization)  is not possible until you take care of the base needs like food and shelter.  The only way this happens is if you have money to pay for those base needs so they are no longer a concern.

One note about structuring an incentive program around relative measures like year-over-year growth — it is essential the business evaluate the current economic conditions to determine if an adjustment to the base figure is necessary.  This is especially true in situations of large economic downturns or upswings.  If you don’t adjust the base you are working from, you can create the same situation for employees as if they were measured against a static budget.  The number may just be unattainable and the same frustration levels and lack of motivation will return.