header
header
header

Summing It Up

Keeping you ahead of the curve with timely news & updates.


Wayfair Sales Tax Case: New York State Responds

NY State Wayfair Crop

Vendors with no physical presence in the state may be required to collect and remit New York State and local sales tax…are you?

After almost seven months of silence following the Supreme Court’s decision in South Dakota v. Wayfair Inc., taxpayers were finally given an answer to the question of how the state of New York would respond.  On January 15, 2019, the New York State Department of Taxation and Finance announced that effective immediately, vendors with no physical presence in the state are required to collect and remit New York State and local sales tax if the specified economic thresholds are met.

How Does New York State Define a Vendor?

For New York State sales tax purposes, a vendor is defined as a person who regularly or systematically solicits business in the state, and as a result, makes taxable sales of tangible personal property or services into New York.  One is deemed to be regularly or systematically soliciting business in New York if, for the four most recent sales tax quarters, gross receipts from the sale of property delivered into the state exceed $300,000 and more than 100 sales of tangible personal property were made into the state. 

Therefore, a business with no physical presence in New York is now required to register with the state for sales tax purposes if they are making taxable sales into the state and meet both the sales and transaction thresholds. 

New York State’s Economic Nexus Thresholds

Each state has its own rules on what sales are included, as well as what look-back period should be used when tracking your in-state sales and transactions for their economic nexus thresholds.  For New York, all sales of tangible personal property delivered in the state, including both taxable and non-taxable sales, are counted towards the $300,000 and 100 transaction thresholds.  For the look-back period, New York will be using the preceding four sales tax quarters.  The New York sales tax quarters are March 1st through May 31st, June 1st through August 31st, September 1st through November 30th, and December 1st through February 28th or 29th. This means that for the purpose of tracking sales and transactions to see if the economic nexus thresholds are met, businesses will need to reevaluate their sales tax nexus in New York State on a quarterly basis. Once the thresholds are met, the business is required to register with the state as a vendor and begin collecting and remitting sales tax.

An important distinction regarding New York’s economic nexus thresholds is the fact that both thresholds must be met in order for a remote seller to be deemed to have sales tax nexus in the state. This differs from the majority of other states, who generally consider an out of state seller to have sales tax nexus if just one of their economic nexus thresholds are met. There is also the issue of what is or is not taxable when looking at local sales tax in New York State. 

For example, New York State offers an exemption from sales tax on the sale of clothing or footwear sold for less than $110 per item. This exemption, however, is optional at the locality level, with only ten localities following the state and exempting these items. The remaining localities require the collection of sales tax on these items, each at its own specified tax rate. 

If a business only sells clothing that falls under this exemption, they could potentially have no taxable sales into New York State, and therefore, not be required to collect and remit New York State sales tax. 

But what if those sales are into localities that do not provide the exemption? Does the business still have an obligation to collect and remit to those localities? Are they exempt from collecting and remitting sales tax to the localities if they do not have a New York State collection and remittance requirement? New York is yet to address complexities such as this, leaving some businesses unsure of their sales tax obligations in the state for the time being. 

Assistance for the Daunting Task of Multi-State Sales Tax Compliance

Tax Situation ReviewFollowing New York’s announcement, there are now only eight states that have not enacted economic nexus thresholds in light of the Wayfair decision. Under these economic nexus rules, remote sellers of tangible personal property and taxable services now have the potential to be subject to sales tax collection and reporting requirements in dozens of states that they were previously exempt from due to a lack of physical presence. 

Understanding the rules and requirements of each state without professional guidance can be a daunting task for a business, however, the importance of compliance cannot be overlooked as there can be harsh penalties for noncompliance. 

Connect with us by clicking on the button or call the SALT team at Freed Maxick CPAs, P.C. at 716-847-2651 to discuss how we can help guide your business through all these sales tax changes following the Wayfair sales tax case decision. 

New call-to-action

View full article

Tax Reform’s Impact on the Federal Historic Tax Credit

HTC blogNew call-to-actionReal property owners and developers often consider the federal Historic Tax Credit (HTC) when evaluating whether to acquire and substantially rehabilitate historic buildings. Unfortunately, the Tax Cuts and Jobs Act (TCJA) repealed the 10% federal HTC and modified the 20% federal HTC. These changes, which are effective for taxable years beginning after 2017, will likely impact the acquisition and rehabilitation of historic buildings.

Repeal of the 10% HTC

Before the TCJA, taxpayers could claim a 10% federal HTC for expenditures paid or incurred to substantially rehabilitate non-certified pre-1936 buildings. Unfortunately, the TCJA repealed this provision.

Modified 20% HTC

Before the TCJA, taxpayers could claim a 20% federal HTC for expenditures paid or incurred to substantially rehabilitate a certified historic building. The 20% federal HTC continues, but the timing for claiming the federal HTC has changed.

Before the TCJA, the federal HTC was claimed for the taxable year in which the certified historic building was placed in service after substantial rehabilitation. A “certified historic building” means a building which is listed in the National Register of historic places, or is located in a registered historic district and certified to the Secretary of the Treasury by the Secretary of the Interior as being of historic significance to the district.

The TCJA modified the timing for claiming the 20% federal HTC. Under the new rules, the federal HTC is claimed ratably over a 5-year period beginning with the taxable year in which the certified historic building is placed in service after substantial rehabilitation. This change impacts the overall return on investment for the rehabilitation of certified historic buildings.

In addition, excess federal HTCs generated for the taxable year in which the certified historic building is placed in service after substantial rehabilitation will diminish. Excess federal HTC’s means HTC’s exceeding federal income tax liability for the taxable year in which claimed.  Such excess HTC’s may be carried back to the immediately preceding taxable year by filing a carry back claim resulting in a refund of federal income taxes paid in the preceding tax year. However, under the new rules, the ability to generate excess HTCs will diminish.       

Listen to a podcast from Freed Maxick Tax Director Don Warrant on how the Historic Tax Credit can generate 40% cash reimbursement for property owners.

Transition Rule

The TCJA provides a transition rule whereby the changes made by the TCJA do not apply to expenditures paid or incurred by the end of the taxable year in which the 24-month period, or 60-month period, ends when the following two conditions are met:

  1. The building was owned or leased during the entirety of the period after December 31, 2017, and
  1. The date of the beginning of the 24-month or 60-month period is no later than June 20, 2018.

The 24-month period and the 60-month period are in reference to the period over which the certified historic building must be substantially rehabilitated.

Under this transition rule, all expenditures should be paid or incurred by the end of the taxable year in which the 24-month or 60-month periods end.  

Tax Basis Reduction Rules

The TCJA did not affect the rule that requires the tax basis of the certified historic building to be reduced by the amount of the HTC claimed. Generally, tax basis reduction rules don’t apply when federal tax credits are claimed over multiple tax years. Fortunately, a bipartisan group of House and Senate lawmakers introduced legislation that would eliminate the rule that requires the tax basis of the certified historic building to be reduced by the amount of the HTC claimed. However, no further action has been taken on this legislation as of the time of this writing.  

State Impact

States that follow the federal HTC rules may adopt the changes made by the TCJA or decouple from those changes. 

For example, New York State provides a refundable HTC equal to the amount of the federal HTC. However, New York State has decoupled from the changes made by the TCJA. Therefore, taxpayers can continue to claim the 20% New York State HTC for the taxable year in which the certified historic building is placed in service after substantial rehabilitation.

For Further Clarification and a Discussion of Your Situation

The Freed Maxick Tax Team has significant experience when it comes to helping real property owners and developers qualify for and claim historic tax credits as well as other Federal and state tax credits. With an ever-changing tax landscape, our team is prepared to assist real property owners and developers to minimize their income tax liabilities using the various tax credit and incentive programs, and other tax minimization strategies.

New call-to-actionFor more information on how the changes made by the TCJA might impact your historic rehabilitation project, or to discuss other changes made by the TCJA, please call us at 716.847.2651 or contact us here.

View full article

23 NYCRR Part 500 Cybersecurity Regulation: Summary and Update

Cybersecurity Regulation Blog

Continuing Care Retirement Communities (CCRC) Must Submit a Certification of Compliance with New York State Department of Financial Services Cybersecurity Regulations

New call-to-action

Regulation 23 NYCRR Part 500 (cybersecurity regulation) was issued by the New York State Department of Financial Services (DFS) in March of 2017. DFS stated in writing on February 28, 2018 that Continuing Care Retirement Communities (CCRC) are covered by the requirement. An effort in the Senate, proposed to amend the insurance law, in relation to authorizing CCRCs to adopt a written cybersecurity policy rather than complete the required full attestation.

The purpose of the bill was to permit CCRCs to attest to the DFS that the CCRC’s cybersecurity policies are not inconsistent with cybersecurity regulations promulgated by the superintendent. The bill was approved, unanimously, by the Insurance Committee and the Rule Committee. On December 7, 2018 the Governor vetoed the bill.

DFS’s position regarding compliance has remained constant:

All CCRCs that failed to submit the Certification but are in compliance with the regulation should do so via the DFS cybersecurity portal as soon as possible. “…The DFS Certification of Compliance is a critical governance pillar for the cybersecurity program of DFS regulated entities, and DFS takes compliance with the regulation seriously. The Department will consider a failure to submit a Certification of Compliance as an indicator that the cybersecurity program of the Covered Entity has a substantive deficiency.”

We interpret this to mean that any entity that has not complied with the regulation should take the necessary steps to become compliant as soon as possible.

23 NYCRR 500 Compliance: What Does the Regulation Require?

The regulation stipulates that covered entities meet the following requirements:

  • Assess whether the risk assessment program adequately addresses cybersecurity risks and that the outputs from such assessments are used in the cybersecurity program
  • Assess the cybersecurity policy to determine whether it adequately addresses the regulation’s
  • Assess whether the cybersecurity program, based on a risk assessment, sufficiently addresses the regulation’s requirements related confidentiality, integrity and availability
  • Assess the approach to addressing the regulation’s requirement for a Chief Information Security
  • Assess the current business continuity and recovery plan and its ability to maintain security audit trails to determine compliance with the regulation’s
  • Assess the user access provisioning and access maintenance policies, procedures and
  • Assess the software acquisition, development and change management policies, procedures and controls to determine whether cybersecurity requirements are adequately
  • Assess whether the organization utilizes qualified and competent personnel to develop, implement, maintain and enforce its cybersecurity program and
  • Assess the third-party risk management program to determine whether it adequately addresses cybersecurity
  • Determine whether the organization adequately addresses the multifactor authentication
  • Assess the data retention and disposal policy, procedures and
  • Assess the approach to cybersecurity training and
  • Assess the approach to encrypting non-public
  • Assess the quality of the incident response

When Do I Need to Comply with 23 NYCRR Part 500?

The recent actions by the Governor do not change the fact that covered entities are required to comply with the timeline as originally prescribed in the regulation. DFS has stated that attestations should be submitted “as soon as possible”.  It should also be noted that the two-year transition period ends on March 1, 2019 so all elements of Regulation 23 NYCRR part 500 will be required to be complied with under the regulation as currently written by that date. In our opinion non-compliant organizations should take these regulations seriously and ensure compliance as quickly as is reasonably possible.

What are the 23 NYCRR 500 Penalties for Non-Compliance?

The regulation does not specifically detail penalties for non-compliance. The regulation states “This regulation will be enforced by the superintendent pursuant to, and is not intended to limit, the superintendent’s authority under any applicable laws”. Absent any specific guidance it is reasonable to assume that enforcement actions could arise pursuant to the general authority of DFS under the NY Banking law, which allows the superintendent of DFS to require a regulated entity to pay a penalty “for any violation of any regulation promulgated. NY Banking law authorizes up to (1) $2,500 per day during which a violation continues (b) $15,000 per day in the event of any reckless or unsound practice or pattern of miscount, or (c) $75,000 per day in the event of a knowing and willful violation.

How Can Freed Maxick Help with 23 NYCRR 500 Compliance?

At Freed Maxick we understand that some CCRCs may be challenged to implement the full complement of security policies and procedures required by the regulation.

A Cybersecurity Assessment completed by our certified security analysts can provide an evaluation of which areas of the DFS regulations an organization currently complies with, and which areas it could improve upon and doesn’t meet. This assessment can examine the organization’s current security posture in alignment with the NIST Cybersecurity Framework (CSF), as well as the controls examined in the DFS 23 NYCRR Part 500 document.

For more information about our cybersecurity assessments and other related programs and services, please contact Sam DeLucia at 585.360.1405.

View full article

Remote Seller Sales Tax: 8 Critical Questions to Ask About 2019 Sales Tax Obligations

Wayfair 8 Questions Blog

After Wayfair, the Rules for Collecting Out of State Sales Tax are Changing

New call-to-actionBy now, you have probably heard about South Dakota v. Wayfair (2018) - the U.S. Supreme Court decision to overturn the physical presence standard set by Quill v. North Dakota (1992) earlier this year.

In a short period of time, there have been numerous state reactions that will undoubtedly affect your sales tax liability in an adverse way. Many state provisions became effective in the last few months of 2018, many more become effective in early 2019, meaning that remote sellers are running out of time to begin compliance. Depending on the jurisdiction, substantial noncompliance penalties can be imposed, and if you have not made it a priority to address these issues, revenue-hungry states will be sure to pursue these tax dollars. Every remote seller should consider the following questions with respect to the new era of sales tax nexus and how they might impact your business.

New call-to-actionRemote Seller Sales Tax Question #1: Are we currently collecting and remitting sales tax in all applicable states?

The new economic nexus standards are not retroactive – but that is not to say that a business is exempt from their sales tax remittance obligation in states where a filing was previously required. If you have physical presence in a state in which you have not filed in the past, it is advisable to begin doing so.

Many states offer voluntary disclosure programs that can be advantageous in avoiding costly penalties for prior noncompliance.

Remote Seller Sales Tax Question #2: Are we currently collecting exemption certificates from customers?

While not every business is required to pay sales tax, they are required to support an exempt status. If you don’t collect sales tax from a buyer without a proper exemption certificate, odds are you will be held liable. You don’t need an exemption certificate every time you do business with the same buyer, and many states accept a uniform certificate.  

It’s important to communicate with your customers that tax will be collected without proper documentation of exemption so that you don’t find yourself paying their tax.

Remote Seller Sales Tax Question #3: Do we know how each state treats our products or services?

Keep in mind that most states have varying definitions of taxable sales. A business product or service can be exempt from sales tax in one jurisdiction and taxable in another. For example, in some states clothing is a taxable item, in others only clothing items over a certain dollar amount are subject to sales tax, and some exempt clothing altogether from sales tax. 

Further complicating this matter is that states may define clothing differently. Thorough analysis should be done for every state that you are doing business in.

Remote Seller Sales Tax Question #4: Are we required to register and file in new states and if so, will that create an income tax filing requirement?

In order to collect and remit sales tax in a state, a business needs to be registered with the state’s Department of Revenue. Remote businesses should consider that as they register in new states, this action will likely draw attention from the state revenue departments with respect to income and franchise taxes. 

A determination will need to be made if being registered for sales tax purposes constitutes “doing business” in each state and what additional filings may be required.

Remote Seller Sales Tax Question #5: Are changes needed in the people/processes/systems/software to comply?

Even if you have established where you should file, are you equipped with the resources to do so? It can be time-consuming and burdensome, especially for businesses with a large economic footprint to comply with numerous filings considering most states impose a quarterly or monthly remittance. Sales tax software is useful, however you will want to ensure that you select the right package that fits your business to avoid incurring unnecessary charges. Additionally, you’ll need properly trained personnel to implement and use the software. 

Remote Seller Sales Tax Question #6: Are changes needed to our billing procedures?

Consider new states you will be filing in. Are you making both taxable and non-taxable sales to the same customer? Itemizing invoices is vital so that you are only collecting sales tax on taxable items and services. Keep this is mind as you are shopping for software – some might be able to streamline this process.

Remote Seller Sales Tax Question #7: Are changes needed in our marketing materials or customer contracts?

Your customers may be surprised to see an increase on their bills due to sales tax if it was not previously collected. It is imperative that these changes are clearly communicated with new and existing customers. With larger vendor contracts, the dollar impact on the customer can be substantial, and contracts should be amended to reflect that sales tax will be applied if necessary.

Remote Seller Sales Tax Question #8: Are we tracking changes in state sales tax laws as they occur?

Keeping up with various state tax law changes in every state is an onerous task. Sales tax rates can change from year to year, sales tax holidays are introduced periodically, and even the taxability of an item can change. 

If your business is active in many states, it may be necessary to outsource this task or employee someone that is dedicated to sales tax compliance year-round.  

Talk to a Freed Maxick Expert about Your Remote Sales Tax Obligations

With nearly all fifty states pursuing increasingly aggressive sales tax collection practices and Congress yet to fully weigh-in on the matter, we understand it can be difficult to monitor these ongoing changes internally.

It can be just as difficult a task to address these eight points without professional guidance.

Contact Freed MaxickConnect with our state and local tax services team by clicking on the button or call Freed Maxick CPAs, P.C. at 716-847-2651 to discuss how we can help guide your business through all these sales tax changes.

We also encourage you to review our other Wayfair resources, including:

View full article

New Jersey Tax Amnesty Program Ends January 15, 2019

tax amnesty blog

Almost all qualify for amnesty, but failure to file means significant additional penalties.

New Jersey is administering a tax amnesty program that runs through January 15, 2019. Highlights:

  • Taxpayers who come forward voluntarily during this program will pay all taxes and one-half of the interest that is due as of November 1, 2018.
  • The state will waive the other half of the interest, late payment, late filing, and delinquency penalties, cost of collection and recovery fees.
  • The taxpayer will be required to pay any civil fraud or criminal penalties that may arise out of an obligation imposed under any state law.

2019 New Jersey Tax Amnesty Program Eligibility

If you have delinquent taxes due and payable on or after February 1, 2009 and prior to September 1, 2017 that are unreported or under reported you are eligible for tax amnesty.

The qualifying taxes are any taxes administered and collected by the New Jersey Division of Taxation, which may be either personal or business taxes including personal income, fiduciary, composite, inheritance and estate taxes, sales, use, tobacco products, and tourism taxes. It does not apply to local property taxes, fees assessed by the Division of Revenue, and payroll taxes owed to the New Jersey Department of Labor.

Almost all taxpayers qualify for amnesty.  However, taxpayers who have filed an administrative or judicial appeal related to a tax assessment may only participate in amnesty if they withdraw their appeal, waive all rights to a future appeal, and receive written approval from the Director of the Division.  Taxpayers are also not eligible if they are under criminal investigation or charge for a State tax matter by a county prosecutor or New Jersey’s attorney general.

To encourage participation in the Amnesty Program, the Division of Taxation recently mailed a letter to all taxpayers who are known to have amnesty-eligible deficient and/or delinquent accounts.  Additionally, the state has undertaken an extensive outreach program to reach as many taxpayers as possible.

Looking Ahead: 2019 New Jersey Tax Amnesty Program

Any taxpayer that does not take advantage of this Amnesty program before January 15, 2019 will incur a five percent penalty if found to be liable for these taxes at a later date.  The five percent penalty cannot be waived or abated.  The penalty will be in addition to all other penalties, interest and other costs authorized by law.

Need Assistance with the New Jersey Tax Amnesty Program?

If you have any tax obligations in New Jersey that you have been reluctant to report, now is the time to do so. Our state and local tax professionals can assist you with any issues you would like to discuss and help you navigate through the New Jersey Tax Amnesty Program to become compliant with New Jersey taxes.

Contact us here, or call us at 716.847.2651.

View full article

Tax Reform Impact: Seven Ways That Reform Will Affect Your Year-end Financial Statements

Tax Reform Blog CROP

Brief Overview of Tax Cuts and Jobs Act of 2017 Impacts on Tax Provisions

New call-to-actionThe Tax Cuts and Jobs Act of 2017 (TCJA) changed a variety of tax law sections that have a flow-through impact on the tax provision in the financial statements. Some of the most significant changes, include:

  • Staff Accounting Bulletin 118 (SAB118). SEC SAB 118 and related FASB ASU 2018-05 allowed companies to finalize and fully record the impact of TCJA on their 2017 financials, develop reasonable estimates of the impact, or record income tax accounting based on tax law in effect before the December 22, 2017 effective date. The rules required that those who used either of the last two options finalize and record the actual impact within one year of the effective date.
  • Naked credit and valuation allowance considerations. Companies may need to reassess the amount of valuation allowance needed if a “naked credit” deferred tax liability (DTL) exists.
  • GILTI and FDII. Year-end calculations of these amounts will require taxpayers to calculate the value of U.S. and foreign depreciable assets using the Alternative Depreciation System (ADS).
  • ASC Topic 740-30-25 (Formerly: APB 23). The TCJA’s provisions related to deemed repatriation of earnings accumulated in overseas subsidiary has necessitated a revisiting of certain assertions that are the basis of financial statement presentation of accumulated overseas earnings.
  • Return to Provision (RTP) Adjustments. This calculation was affected by the TCJA’s reduction in corporate tax rates. Because of the rate reduction from 35 percent to 21 percent effective January 1, 2018, a calendar year-end corporation’s tax rate will be affected by any RTP temporary adjustments.
  • Fiscal-Year Filers. Fiscal-year filers who extended their returns have a variety of provisions to consider when preparing their tax returns. This includes a blended rate to reflect the months when the 35 percent rate applied and those covered by the 21 percent rate.
  • Rate Reconciliation. Several provisions in the TCJA will affect the rate reconciliation in this year-end that have not had an effect in the past.

For a more detailed discussion, we recommend that you download our recent whitepaper, “2018 ASC 740 Year-End Considerations” here.

Tax Situation ReviewThe complexities of these tax reform changes and their impact on your situation should be discussed with your tax advisor as soon as possible. Call us at 716. 847.2651 or connect with us by clicking here.

View full article

Accounting Rule Changes: Six Ways That Recent Rule Changes May Affect Your Year-end Financial Statements

FASb blog

New call-to-actionIt has been a busy year for the Financial Accounting Standards Board (FASB). A number of accounting rule changes have been promulgated that will have a flow-through impact on the tax provision in the financial statements. These include:

  • ASC 606 Revenue Recognition. New rules are in effect that require companies to use a 5-step process to determine when revenue should be recognized. Once the GAAP treatment is determined, the effect of the changes must also be reflected in the tax provision.
  • ASU 2016-09 Stock Compensation. All excess tax benefits or deficiencies must be treated as tax expense in the income statement without regard to any reduction in current-period taxes payable caused by the benefits.
  • ASU 2018-2 Reclassification of disproportionate tax effects on OCI. Effective for years beginning after December 15, 2018, companies can elect to reclassify “trapped” taxes from accumulated other comprehensive income (OCI) to retained earnings.
  • ASU 2018-11 Leasing Standard. This guidance provided updates to ASC 842, Accounting for Leases. It focused on two main areas: transitioning to the new standard and separating the components of a contract.

For a more detailed discussion, we recommend that you download our recent whitepaper, “2018 ASC 740 Year-End Considerations” here.

Tax Situation ReviewThe complexities of these accounting rule changes and their impact on your situation should be discussed with your tax advisor as soon as possible. Call us at 716. 847.2651 or connect with us here.

View full article

Cybersecurity Risk Assessment is More Than a Scan

cyber blog post

How to approach your company’s cybersecurity posture more holistically

The topic of cybersecurity will be top of mind for many executives in 2019 as they will have a keen interest in understanding their organization’s cybersecurity posture.  One of the first steps for securing this understanding should involve engaging in a conversation with an outside vendor who will offer an engagement to measure the organization with the intention of identifying and preventing any outside (or inside) influences from launching an attack. 

Usually, this conversation involves a discussion around the fantastic tools and team the third party has on hand, complemented by a “show and tell” presentation of scanning tools, reporting processes and deliverables, dire threats faced by the company, and for good measure, an update on “must know” buzz words that are necessary for making a sound purchase decision. Often, the reputation, name, or relationship with the third-party weighs in as well. 

If all this cybersecurity exploitation makes you confused and numb, then we suggest stepping back and approaching your organization’s cybersecurity posture more holistically.

A Cybersecurity Risk Assessment is More Than Scanning and Making Fixes

Cybersecurity involves much more than conducting scans and fixing some configurations on a network and servers.  It is the intersection of People, Processes and Technology that enables an organization to design, deploy, monitor and maintain a sound cybersecurity program.

people process technology

We believe that the interaction between People, Processes and Technology within your company’s IT environment is  key to the development and overall success of a mature cybersecurity program. 

Cybersecurity Assessment: People

People represent one of the most vulnerable areas of your cybersecurity program. A well-balanced assessment should include examination of areas such as organizational structure, policy, procedures, security training and awareness, communication, tone at the top and culture.  People represent one of the most vulnerable areas of your cybersecurity program, and any complete Cybersecurity Assessment should include assessing an organization’s people and culture.

Cybersecurity Assessment: Process

The processes your organization implements to operate daily should include basic security measures and practices such as: asset management, access management, third–party IT management, patching & system maintenance, backup & restore processes, disaster recovery, physical protection of infrastructure, “acceptable use” practices, incident response, business continuity and disaster recovery plans. All of these play significant roles in a strong cybersecurity program. During the cybersecurity assessment, specific measurements should be obtained regarding the maturity of your processes, including any recommendations for process improvement.

Cybersecurity Assessment: Technology

For most cybersecurity practitioners, technology generates the most excitement.  It’s what most third party firms will offer as the mainstay of their Cybersecurity Assessment, and  usually involves a only a vulnerability assessment scan with a report listing findings..  To a seasoned cybersecurity team, this is only one small necessary area of an overall assessment, as a comprehensive analysis should also include access and network controls, wireless network controls, endpoint management, penetration testing, and web application assessments and other technical areas.

Connect with Cybersecurity Risk Assessment Experts

Too often, organizations seek out third parties to assess cybersecurity and receive a scan and a report that showcases the vendor’s lack of understanding of the organization and its business.  Most approaches don’t include information gathering, interviews, analysis, specific prioritized recommendations that are actionable for your organization’s resources.

Be wary of cybersecurity firms that lack the ability to assess your complete cybersecurity posture.

At Freed Maxick, our cybersecurity team works closely with your team to learn what you do, how you do it, understanding the entire picture, not just one area.  This is the experience that comes with 60 years of working with organizations.

For more information about our cybersecurity assessments and other related programs and services, please contact Sam DeLucia at 585.360.1405.

View full article

After the Wayfair Sales Tax Case: Getting a Handle on Your Sales Tax Obligations

9 Steps Blog Post

9 steps to figuring out what you have to collect and who you have to pay

The Supreme Court’s decision in South Dakota v. Wayfair (Wayfair) expanded the ability of states to require out-of-state retailers to collect and remit sales taxes on transactions in jurisdictions where the seller has no physical presence. In short, the court held that a state law requiring out-of-state sellers to collect and remit taxes based on an “economic nexus” with the state did not automatically violate the U.S. Constitution’s Commerce Clause.

The opinion remanded the case for further action without specifically ruling on the constitutionality of the South Dakota law. However, the justices highlighted several features of the law that they felt would keep it from imposing an undue burden on interstate commerce, including:

  • A safe harbor threshold that limited the application of the law to sellers with more than just “limited business” in the state. In South Dakota’s case, the law does not require the seller to collect and remit taxes if it has less than $100,000 or 200 transactions in the state during the previous or current calendar year.
  • A prohibition against retroactive enforcement.
  • One state-level administration of all sales taxes within the state, and
  • Access to sales tax administration software provided by the state.

Many states already had economic nexus statutes on the books before the Wayfair decision, and a host of others have worked to enact similar laws since the Supreme Court’s ruling. The terms of these laws can vary significantly from South Dakota’s. Because the factors listed by the court are only guidelines on what the justices believe would pass Constitutional muster, there is still considerable uncertainty over what requirements might be found unconstitutional if challenged.

A Nine Step Action Plan for Remote Sellers

read-our-other-postsWith so many details still up in the air on this topic, many businesses are struggling to figure out how to comply with current requirements and adapt quickly to new rules as they are enacted. The following nine steps can help any business that sells products or services into multiple states meet current state tax obligations and manage changes effectively.

  • Determine where, what, and to whom you sell.
    • The reason for the “where” determination is fairly obvious, but keep in mind you should be tracking not just the destination state, but also local jurisdictions that may have additional sales tax requirements.
    • Your system needs to know “what” you are selling in each jurisdiction because sales tax rates can vary from product to product, or may not be subject to tax at all.
    • You need to track your customer information in order to know if a buyer qualifies for a sales tax exemption.
  • Determine your activities that create physical and economic nexus. Remember, the Wayfair decision didn’t do away with previous sales tax laws based on physical nexus. Your system needs to allow for the possibility that either standard could trigger a collection requirement in a jurisdiction.
  • Review the most recent 12-month period and prior year sales in each state. The first item in this list is designed to give you a current snapshot of your activities that may trigger economic nexus. A look back at recent periods is also required to make sure that you haven’t missed an obligation based on previous transactions.
  • Determine the taxability of your products and services in each state. Once you know what you sell and where you sell it, you need to understand how each jurisdiction taxes your product.
  • Monitor economic nexus. You need some type of system in place to track both the dollar volume of sales and number of transactions in each state where you sell. Even though sales tax collection obligations may not attach until you cross a threshold, you need to monitor the data from the start in order to know when your activity triggers economic nexus.
  • Monitor changes in state sales and use tax laws. Many states are scrambling to enact or modify laws to align themselves with South Dakota’s requirements. Work closely with your tax advisor and any sales tax software provider to make sure you are aware of any changes in requirements that affect your obligations.
  • Determine whether reporting requirements apply. Penalties for failure to comply with sales tax collection requirements can be significant. You need to know what rules apply before you bill your customer because the state will look to collect the amount from you even if you failed to collect it from the buyer.
  • Review your marketing, selling, billing, and tax collection and payment practices. You need to look at the whole process from soup to nuts in order to confirm that you’re giving your buyers the correct information about what taxes apply and that you’re collecting and remitting them to the proper authorities.
  • Evaluate your sales tax exemption certification process. Your business may not have paid close attention to exemptions in the past when you had no physical nexus in a jurisdiction. With more states looking to collect taxes based on economic nexus, you will need to be more vigilant in monitoring customers that claim an exemption. That includes tracking when exemption certificates you have on file may expire.

Talk to the Freed Maxick SALT Team

It may seem like a daunting challenge at the start, but careful planning and implementation of a Wayfair-compliant sales tax system can give your business the ability to monitor and adapt to changes more effectively for years to come.

Our state and local tax services team can help you with a review of your situation and a discussion of how best to comply with each state’s requirements. Call us at 716.847.2651 to discuss your situation or request a situation review here.

After the Wayfair Sales Tax Case: 

View full article

What Remote Sellers Need to Know About Use Tax Notice and Reporting Requirements

sales report crop

New call-to-actionSince the U.S. Supreme Court ruling on June 21, 2018 that overturned the physical presence standard, most states have rushed to impose an economic nexus standard for remote sellers who meet a dollar or transaction threshold for sales made in the state. 

This means a seller who has not had a physical presence in a state may have to start registering, collecting and remitting sales tax if it meets the threshold in that state. 

However, about a quarter of the states have established notice and reporting requirements that remote sellers may be subject to if they are not required to collect and remit sales tax in those states.  Colorado was the first state to enforce use tax notice and reporting requirements for non-collecting retailers on July 1, 2017, in an effort to work around physical nexus standards and ensure buyers pay use tax when a seller does not collect sales tax.  Now that states are adopting economic nexus standards, more states are likely to impose use tax reporting requirements on sellers who do not collect sales tax in their state.

What is “Notice and Report” for Sales Tax and Who Does it Affect?

In general, a State notice and reporting law requires remote retailers that do not collect sales tax to complete an onerous reporting requirement, which many states believe will lead these retailers to elect to remit sales tax instead.

The report requires the retailer to:

  • Put a notice on the retailer’s website that use tax may be due on purchases
  • With each sale made, to give the buyer a notice that use tax on their purchase might be due
  • Deliver annual notices to customers exceeding the state’s threshold that reminds them that they may owe taxes, and
  • Deliver an annual notice to the state with information about their customers’ purchases including name, address, date and amount of purchase.

States that Have Sales Tax Notice and Reporting Requirements

States that have notice and reporting requirements include Alabama, Colorado, Connecticut, Georgia, Iowa, Kentucky, Louisiana, Oklahoma, Pennsylvania, Rhode Island, South Dakota, Tennessee, Vermont, and Washington.   

States with Alternative Use Tax Notice and Reporting Requirements Under Economic Nexus Provisions

Pennsylvania, Rhode Island, and Washington, as examples, have adopted detailed notice and reporting requirements with the alternative option of electing to register and collect sales tax under economic nexus provisions.  In other words, remote sellers who meet the states thresholds must elect to either register, collect, and remit sales tax, or comply with notice and reporting requirements. 

There are also penalties for failure to comply with the requirements in some states.  In Pennsylvania, for example, each failure to comply may result in a penalty of $20,000 per violation, per year, or 20 percent of total Pennsylvania sales during the previous 12 months, whichever is less.

Connect with a Freed Maxick SALT Expert 

These remote seller use tax notice and reporting requirements are very detailed and require extensive record keeping by the retailer, which may be a strategy to encourage remote sellers to elect to collect and remit sales tax instead. 

Tax Situation ReviewRemotes sellers will have to decide whether it is worth the time, cost, and effort to keep up with notice and reporting requirements, or if it is easier to register, collect, and remit sales tax in a state.

Our state and local tax services team can help you with a review of your situation and a discussion of which route is best for your business considering each state’s requirements, and the costs and benefit or reporting versus remitting. Call us at 716.847.2651 to discuss your situation. or request a situation review by clicking on the button.

After the Wayfair Sales Tax Case:  

New call-to-action

View full article