Summing It Up

Keeping you ahead of the curve with timely news & updates.

Software as a Service Sales Tax: Wayfair’s Impact on SaaS and Digital Goods


If you are a CFO at a business that provides SaaS to clients in multiple states, new state sales tax rules will have an impact on your tax reporting and compliance obligations

A recent Supreme Court case and related law changes in many states have resulted in significant new state sales tax obligations on many SaaS providers. It’s important to understand that these changes could result in new tax collection responsibilities on your business even in states where you have operated without them in the past.

Saas StatesExecutives need to act quickly to make sure that their existing operations are in compliance with the new rules and that their systems can adapt as sales growth and law changes trigger additional obligations.  

Two Sales Tax Changes That SaaS Providers Need to Consider

Historically, most states have not imposed their sales tax on payments for services. As a result, SaaS providers were not required to collect and remit sales taxes on transactions in those states.  In the 16 states that did impose sales tax requirements on cloud-based services, many SaaS providers were still exempt from the obligations because they did not have a physical connection to the jurisdiction, like an office or a server farm. “Physical presence” was the standard used by the Supreme Court to determine if a business established “nexus” in a state. (Nexus is the level of presence that allows a state to tax an out-of-state entity without violating the Constitution’s Commerce Clause.)

These circumstances started to change on June 21, 2018 when the Supreme Court ruled in South Dakota v. Wayfair, Inc. (Wayfair) that economic activity within a state could also establish nexus.

The ruling determined that a sales tax obligation could be established in some circumstances solely through virtual contacts with a state. Most states have since established some variation of an economic nexus standard.  The most common variation requires a company to collect and remit sales tax if it has more than $100,000 in sales to the state, or 200 or more transactions delivered into the state during the preceding or current calendar year.

What Wayfair Means for SaaS Providers Now

New call-to-actionThese changes mean that SaaS providers may now be required to collect and remit sales taxes in states where they have operated for years without any obligation.

If your business crosses the economic nexus threshold in a state that imposes sales tax on services, you will need to bill your clients for those amounts and remit them to the state. In fact, you’ll need to start tracking your transactions in the state from the outset in order to know when you cross a threshold that triggers a sales tax obligation. Subscriptions models increase the likelihood that you could become liable, as a monthly billing cycle would generate twelve transactions per year for each client.

What SaaS Providers Can Expect In the Near Future

We noted above that several states already tax the sale of digital products delivered electronically to their residents. As states evaluate their sales tax laws considering this latest change, it seems likely that many more states will introduce legislation extending their laws into the digital goods sector.

For example, sales of digital products were exempt from sales tax in Iowa until January 1, 2019.  Now Iowa taxes electronically transferred digital products such as digital books and audio-visual works. Also, the District of Columbia has recently passed emergency legislation to amend the sales and use tax treatment of digital goods sold or used in the District. Effective January 1, 2019, the definition of “retail sale” in the D.C. Code has been expanded to include charges for or the sale of digital goods, such as digital audio-visual works, digital audio works, digital books, digital codes, digital applications and games, and other taxable tangible personal property delivered electronically.

In addition to digital goods, more states are likely to start taxing SaaS and similar cloud-computing services. For example, effective October 1, 2018, Rhode Island made the sale, storage, and use of vendor-hosted prewritten computer software subject to sales tax, and as of January 1, 2019, SaaS is subject to sales tax in Iowa, but an exemption applies for the sales price of SaaS provided to a business for its exclusive use. 

Sales Tax Compliance Strategy for SaaS Providers

Given the Supreme Court’s expansion of nexus to include economic activity, any of the states that expand their sales tax rules to include digital goods and SaaS will easily be able to apply the new requirements to out-of-state businesses. SaaS providers need a sales tax compliance strategy that analyzes where they currently have collection obligations as well as where they are likely to incur them as business grows and laws change.

SaaS and digital goods providers should be working closely with knowledgeable state and local tax advisors to track the obligations created by electronic sales and law changes and ensure proper sales tax collection and compliance.

Tax Situation ReviewTo learn more about how the SALT experts at Freed Maxick can help your SaaS business manage sales tax obligations across multiple states during this period of significant change, please contact connect with us by clicking on the button or call us at 716-847-2651 to discuss how we can help guide your business through the aftermaths of the Wayfair sales tax case decision. 

View full article

What is Business Impact Analysis?

Natural Disaster CROP

Is Your Company Ready for the Business Impact of the Next Natural Disaster?

Throughout 2018, we witnessed numerous natural disasters. From Hurricanes Michael and Florence to the California wildfires, these disasters amounted to billions of dollars of damage. Despite the hurricanes and wildfires that lay siege through the Florida panhandle, Northern California, and the Carolinas, many companies fail to acknowledge the risks of these types of disasters and the detrimental effects they can have on business operations. Sadly, these devastating disasters cannot be prevented, but you can take the necessary steps to protect your business from suffering interruptions to critical systems and processes.

What is a Business Impact Analysis and Why is it Important?

A Business Impact Analysis (BIA) is an evaluation of the possible impact to various processes or systems should an interruption or stoppage occur due to an accident, emergency, or disaster. Simply put, the analysis is a way to predict the negative outcomes of disruption to a business or its processes and develop strategies to help the business recover in the event of an emergency. A BIA can provide a clear picture of the critical or essential systems or processes of your business that must be in place to continue to allow the business to run. By determining which processes or systems are critical, your business is able to address the areas which need to be quickly recovered and the amount of time necessary or allowable to recover them.

An Overview of the Business Impact Analysis Process:

Business Impact Analysis Phase 1: Getting buy-in and the green light from senior management for the BIA project. This will also be the phase where the objectives, goals and scope are defined to provide clarity to the overall project. A project manager, along with a project team, will need to be established, or this can be outsourced to a third party.

Business Impact Analysis Phase 2: Obtaining information and data is the next important phase of the BIA analysis. During this phase, the BIA project team will conduct interviews or provide users with a BIA questionnaire in order to obtain the necessary information. A BIA questionnaire is typically a detailed survey which requests knowledgeable users’ questions about their processes, timing and the maximum allowable time of disruption, any operational, financial, regulatory, and legal or compliance impacts that may arise given a disruption.

Business Impact Analysis Phase 3: Now that key information on the business processes has been collected, the information needs to be analyzed and reviewed. This is done in order to accomplish the following:

  • To determine a prioritized listing of business processes or functions, with high criticality at the top of the list.
  • To determine which individuals and technology resources are needed to maintain an ideal level of operations.
  • To determine the recovery time frame, which is the length of time required to recover a business process of function and bring operations back to normal.

Business Impact Analysis Phase 4: The BIA report and a listing of any findings is now able to be documented. The BIA report is typically presented to senior management and should include the following: an executive summary, the objectives and scope of the analysis, any methodologies used to obtain data and information, a detailed listing of the findings and supporting documentation, and recommendations to be implemented for recovery.

Business Impact Analysis Phase 5: The final BIA report should be presented to senior management in order for them to implement any recommendations or make any adjustments to their strategy planning or goals for the company’s disaster recovery or business continuity plan.

Additionally, a best practice is to complete the BIA every two years, depending on how much the business processes or functions have changed. For some businesses it may be shorter and other businesses it may be longer depending on how much has changed since the last BIA was completed.

Connect with Business Impact Analysis Consultants

At Freed Maxick, our Business Impact Analysis team works with you and your company to understand your process from requirements through deployment to understand the complete picture, not just one area.

For more information about business impact analyses, disaster recovery and business continuity plans or other related risk consulting programs and services, please contact Heather.Jankowski@freedmaxick.com or call 716.847.2651.

View full article

HIPAA Security Risk Assessment: Going Beyond Regulatory Compliance


If your organization transmits, receives, maintains, or stores protected health information, whether hard copy (PHI) or electronic (ePHI), your organization must comply with the Health Insurance Portability and Accountability Act (HIPAA). Traditionally, HIPAA applies to “covered entities” - healthcare providers, clearinghouses, and health plans, but can also apply to a covered entity’s business associates. A HIPAA business associate is any individual or entity that perform services on behalf of the HIPAA covered entity utilizing protected health information. If your organization is either a covered entity or a business associate, HIPAA’s security rule requires your organization to perform a HIPAA risk assessment. Beyond simply satisfying regulatory compliance requirements, a HIPAA security risk assessment can also provide perspective of the affect (ePHI) on business functions and any shortcomings, that can help add value to overall operations:

HIPAA regulatory compliance

A key objective of conducting a HIPAA risk assessment is to demonstrate compliance with the requirements of the HIPAA regulation for both covered entities and business associates. Failure to perform a thorough risk assessment will lead to non-compliance with Section 164.308 of the HIPAA Security Rule, which in turn can lead to investigations by the Office of Civil Rights (OCR) and subsequent fines. Fines levied by OCR can vary by degree of negligence: from the entity not knowing the violation occurred and could not have reasonably known of the violation, to intentional willful neglect at the most severe end of the spectrum. In aggregate, fines can be in excess of ten million dollars based on the severity of the violations.

Understanding of the flow of protected health information in transit and at-rest

During the HIPAA risk assessment, the flow of PHI (electronic and hard copy) through the entity will be evaluated. By identifying the modes of transmittal, receiving, maintenance, and storage of PHI inside and outside the perimeters of the entity, an entity can better understand their exposure and current practices related to PHI. With this knowledge, an entity can take a proactive approach to security and compliance, and apply corrective actions before it is too late.

Understanding of HIPAA high-risk areas and respective counter-measures

In performing a HIPAA Risk Assessment, your organization will identify high risk areas related to the security, integrity and availability of PHI, and evaluate the current security controls in place to mitigate the likelihood and/or severity of each risk event. From this evaluation, an entity can gain an understanding of the design effectiveness of their current controls, and any corrective actions needed to address gaps in control design. These assessments can also be critical in determining the potential impact of a breach of PHI on your organization.

Aid in business continuity and disaster recovery planning and availability baselines related to protected health information

A HIPAA risk assessment, requires the examination of information availability controls relative to PHI. Through this examination, an organization will gain a baseline understanding of the current efforts used to ensure the availability of protected health information. With this information, an organization can address any weaknesses relative to the availability of protected health information and adjust business continuity and disaster recovery plans accordingly. An often overlooked component of the business continuity and disaster recovery planning process is the safeguarding of PHI during a disaster event. Performing a quality HIPAA risk assessment forces an organization to consider the mechanisms in place to safeguard PHI during a disaster event.  With an availability baseline control overview, an entity can bolster their business continuity and disaster recovery plans to include appropriate handling of PHI in the case of a disaster event.

Integrity of PHI during processing lifecycle

Throughout the PHI processing lifecycle, PHI is received, maintained, transmitted, and stored. During each component of the processing lifecycle, there are many opportunities for errors to corrupt the integrity of the data. As part of a HIPAA risk assessment, an organization must identify the current mechanisms utilized to maintain processing integrity of PHI. This evaluation also identifies any unmitigated risks or gaps in control design relative to processing integrity of PHI.

Identify privacy shortcomings from internal operations

An often overlooked risk related to HIPAA privacy and security is internal operations. When an entity develops control procedures around the privacy of PHI, many entities do not have adequate safeguards in place restricting internal employees from inappropriate access. This can allow for employees who do not have a business need for the information to obtain and inappropriately remove the PHI from the entity, causing a breach, and opening the entity to possible HIPAA violations. Through Freed Maxick’s procedures, internal privacy shortcomings will be identified corrective actions will be recommended. From these recommendations, an entity proactively address any internal privacy gaps and correct them before a breach occurs.

Why Freed Maxick for a HIPAA security risk assessment?

Our team of HIPAA experts will work with you and your organization to review your entity’s needs and find the right HIPAA service for you. Freed Maxick can act as independent examiner and issue an opinion (AT-C 601) on your current HIPAA compliance, or as a consultant to help identify and address any current gaps with HIPAA compliance. By conducting a thorough risk assessment of your organization’s HIPAA compliance program, we can help you identify weak areas in your current processes, and advise you on the most effective and efficient ways to achieve and maintain compliance.

For more information regarding how Freed Maxick can complete a HIPAA risk assessment or any other HIPAA service offering questions, please contact me at joseph.loecher@freedmaxick.com.

View full article

Opportunity Zones FAQ: Proposed Regulations Answer Many Questions


The 2017 Tax Cuts and Jobs Act (TCJA) created the federal “Opportunity Zones” (“OZ”) program, a new tax incentive program for investments in low-income communities. In order to utilize the benefits of this new program, the law requires that taxpayers invest capital gains into a new type of investment vehicle known as a “Qualified Opportunity Fund” (“QOF”).

For additional observations, insights and discussion, read this blog post: "How Does Opportunity Zone Business Investment Work?"

To maintain QOF status, a fund must invest at least 90 percent of its assets in Qualified Opportunity Zone (“QOZ”) property. The statute identifies three types of assets that are QOZ property:

  1. Original issue stock in a corporation that is (or will be) a QOZ business, acquired after Dec. 31, 2017;
  2. A capital or profits interest in a domestic partnership interest that is (or will be) a QOZ business, acquired after Dec. 31, 2017; and
  3. QOZ business property.

Proposed Opportunity Zone Regulations

On October 29, 2018, the IRS and Treasury Department published the first set of proposed regulations (74 pages) which provided guidance regarding gains eligible for deferral, the types of taxpayers eligible to elect gain deferral, investments in a QOF, 180-day rule for deferring gain by investing in a QOF, attributes of included income when gain deferral ends, and special rules.

On May 1, 2019, the IRS and Treasury Department published a second set of proposed regulations (169 pages) which provided guidance regarding Qualified Opportunity Zone (“QOZ”) business property, the treatment of leased tangible property, QOZ business, special rules for section 1231 gains, relief from the 90 percent asset test, the amount of an investment for purposes of making a deferral election, events that cause inclusion of deferred gain, and consolidated return provisions.

These proposed regulations provide potential fund sponsors and administrators with additional insight into OZ program operational rules.

In addition, the IRS updated their “Opportunity Zones Frequently Asked Questions.”

Answers to a few key questions regarding the OZ program are provided below.

What does “Substantially All” mean for Opportunity Zones?

The term “substantially all” appears in several parts of the statute. The proposed regulations define this term as follows:

  • For use of QOZ business property, at least 70 percent of the property must be used in a QOZ.
  • For the holding period of QOZ business property, tangible property must be QOZ business property for at least 90 percent of the QOFs or QOZ business’s holding period.
  • A corporation or partnership must be a QOZ business for at least 90 percent of the QOFs holding period.

What does “Six month Exception” mean for Opportunity Zones?

The proposed regulations allow a QOF to apply the 90 percent asset test without taking into account any investments received in the preceding 6 months when such amounts are held in cash, cash equivalents, or debt instruments with terms of eighteen months or less.

What does “One Year to Re-Invest” mean for Opportunity Zones?

The proposed regulations provide a QOF with a “reasonable period of time” to reinvest the return of capital from qualified investments by allowing one year from the distribution, sale, or disposition of QOZ stock, partnership interest or business property to re-invest the proceeds into new qualified property.  During this time, the amounts must be held in cash, cash equivalents, or debt instruments with terms of eighteen months or less.  

What does “At Least 50 Percent of Gross Income” mean for Opportunity Zones?

The statute requires that at least 50 percent of the gross income of a QOZ business must be derived from the OZ in order for it to be a QOZ business. The proposed regulations provide 3 safe harbors and a facts and circumstances test for determining whether sufficient income is derived from a trade or business in a QOZ for purposes of this test. Businesses only need to meet one of these safe harbors to satisfy this test. 

  1. At least 50 percent of the services performed (based on hours) for such business by its employees and independent contractors (and employees of independent contractors) are performed within the QOZ;
  2. At least 50 percent of services performed (based on amounts paid) for such business by its employees and independent contractors (and employees of independent contractors) are performed within the QOZ; and
  3. The tangible property and the management or operational functions performed for the business in a QOZ are each necessary to generate 50 percent of the gross income of the trade or business.

Connect with the Opportunity Zones Program Specialists at Freed Maxick

Tax Situation ReviewThe proposed opportunity zone investment regulations answer many questions that were holding back QOF investments by taxpayers, especially in connection with the QOF exit rules. Taxpayers and fund sponsors should connect with opportunity zone advisors who are well versed on the proposed regulations and the remaining unanswered questions as they contemplate making a QOZ investment, becoming a fund sponsor, or creating their own self-managed fund.  

If you’re considering a QOF investment, becoming a fund sponsor, or establishing your own self-managed fund, schedule a no cost or obligation discussion with our opportunity zone consultants by clicking on the button or contact Don Warrant, CPA, Tax Director at Don.Warrant@freedmaxick.com to discuss further.  

View full article

Secure Password Guidelines and Their Importance for Corporate and Personal Use

secure password

National Institute of Standards and Technology (NIST) Secure Password Guidelines

The National Institute of Standards and Technology, otherwise known as NIST, is a physical sciences laboratory and non-regulatory agency of the United States Department of Commerce. NIST was created to promote innovation and industrial competitiveness in certain industries such as information technology, nanoscale science and technology, and engineering. NIST has been named to lead the development of appropriate technical standards for reliable, robust, trustworthy, secure, portable, and interoperable AI systems by the American AI Initiative. In June of 2017, NIST published guidelines for ideal requirements for protecting one’s digital identity.

Characteristics of Secure and Strong Passwords

According to NIST’s secure password guidelines, there are certain password factors that are recommended for better security. Some of these guidelines are:

  • Minimum eight characters with a suggested maximum of 64 characters
  • Ability to use special characters (e.g.?&!@)
  • Restriction of repetitive or sequential characters (e.g. abcde or 1111)
  • Restriction of context specific phrases (e.g. email or username)
  • Restriction of commonly used passwords or passwords obtained from previous breach corpuses

The restriction of various password phrases is important since predictable passwords are likely to be guessed by hackers. Such passwords and phrases are compared against a black list of unacceptable passwords and denied if they match up to those predefined conditions. A black list usually consists of simple dictionary words, previous passwords, and specific words and phrases that tie to the organization or service.

Random Characters Do Not Equal Strong Passwords

NIST suggests strong passwords are something unique that one will remember but someone else cannot guess. Contrary to past popular belief, passwords with mixed upper and lower case letters, number and special characters are not suggested anymore but rather having complex, memorable phrases such as “house kangaroo 28 card ticket” where the phrase itself does not make sense as a sentence but can be pictured in your mind.

In addition to strong passwords, controls surrounding passwords are equally important. Even though the new guidelines rely less on length and complexity, lockout after repeated failed attempts should be set in order to prevent numerous efforts that could be signs of a hacking attempt. Another control should be password history restriction that do not let personnel use the same password as any of their previous passwords because those passwords may have been compromised.

For more information about secure password guidelines, check out the NIST website focused on information technology publications. To learn more about our risk consulting services, contact Katelyn.Crowley@freedmaxick.com, connect with me here, or call 716.362.6281.

View full article

How Does Opportunity Zone Business Investment Work?

Opp zone Basics

A discussion of Qualified Opportunity Fund (QOF) benefits, eligibility requirements, and action steps

The Tax Cuts and Jobs Act of 2017 (TCJA) created a new tax incentive program for taxpayers to defer capital gains tax by investing in certain economically distressed areas known as “Opportunity Zones.”

Listen to "Opportunities in Opportunity Zones"Tax Director Don Warrant Speaks Out on Opportunity Zone Opportunities. Listen here.


Qualified Opportunity Zones (QOZ) are areas nominated by the governors of U.S. states and territories based on Census data that identify low-income communities. A map of the communities can be found on the U.S. Treasury’s CDFI Fund web page.

At this point, the maximum number of eligible zones has been nominated by each state and the current law does not allow for additional or revised designations, even if future census data might suggest that the boundaries have shifted. In other words, the universe of Opportunity Zones has been determined and is expected to remain stable unless the law changes.

Opportunity Zone Investment Program Tax Incentives

The Opportunity Zones program tax incentives include deferral of capital gains tax from the sale or exchange of assets with unrelated persons and capital gains tax exclusion. To access the tax incentives, taxpayers (including corporations, partnerships, individuals, estates and trusts), have a 180 day period in which to reinvest capital gain proceeds in a Qualified Opportunity Fund (QOF).  The beginning of the 180 day period varies based on the type of taxpayer and the classification of the gain as capital or section 1231.

The Opportunity Zone tax incentives are as follows:

  1. The capital gain that would have been recognized in the year of the sale is deferred until the QOF investment is sold or exchanged, or until Dec. 31, 2026, whichever is earlier;
  2. 10 percent of the deferred capital gain is permanently excluded from federal taxable income after holding the QOF investment for 5 years;
  3. An additional 5 percent of the deferred capital gain is permanently excluded from federal taxable income after holding the QOF investment for 7 years; and
  4. Any appreciation in the QOF investment is permanently excluded from federal taxable income after holding the QOF investment for 10 years.

How to Make a QOF Investment

To make a QOF investment, taxpayers must first generate a gain from the sale or exchange of assets that will be treated as a capital gain for federal income tax purposes. The federal income tax treatment of a net section 1231 gain is not determined until the last day of the tax year. Capital gains must be invested in a QOF within the required 180 day period.

The tax incentives apply to the portion of capital gains that are timely invested in a QOF. Any investment of non-capital gains are treated as a separate investment by the QOF since they don’t qualify for the tax incentives. 

A QOF is an entity organized as a corporation or partnership for the purpose of investing in QOZ property (other than another QOF). The QOF does not need to be located in an Opportunity Zone. However, at least 90 percent of the QOF’s assets must be QOZ property for substantially all of the QOF’s holding period of such assets. QOZ property includes QOZ stock, QOZ partnership interest, and QOZ business property.

The QOZ stock or partnership interest must be acquired by the QOF after Dec. 31, 2017 for cash provided the entity is a QOZ business, or is being organized as a QOZ business. Alternatively, the QOF may acquire QOZ business property.

Taxpayers who are considering a real estate development project located in a QOZ or considering the operation of a business located in a QOZ can establish their own QOF. Alternatively, taxpayers seeking the tax incentives provided by the Opportunity Zones program can invest capital gain proceeds in a QOF that is professionally managed by others.  In that case, taxpayers should perform the appropriate amount of due diligence before making the investment to assure the investment will operate as required in accordance with the program rules. 

When to Make an Opportunity Zone Investment

The tax incentives provided by the Opportunity Zones program are based in part, on satisfying a 5 year, 7 year, and 10 year holding period.  Under the rules, any QOF investments made after Dec. 31, 2019 are not eligible for the additional 5 percent capital gain exclusion since the investment will not be held for 7 years by Dec. 31, 2026.

Likewise, any QOF investments made after Dec. 31, 2021 are not eligible for the 10 percent capital gain exclusion since the investment will not be held for 5 years by Dec. 31, 2026.

Otherwise, taxpayers can obtain capital gains tax deferral by making a QOF investment at any time before Dec. 31, 2026.  On Dec. 31, 2026, the lesser of the fair market value of the QOF investment or the deferred capital gain, reduced by the tax basis in the QOF investment, is recognized. Taxpayers will need to plan accordingly for this tax payment. 

Taxpayers can continue to hold their QOF investment after Dec. 31, 2026 (and through Dec. 31, 2047). Under the rules, gain on the sale of the QOF investment after 10 years is excluded from federal taxable income and potentially state taxable income.

Freed Maxick Provides Opportunity Zone Consulting

Tax Situation ReviewIf you own appreciated assets that would result in a capital gain upon sale or exchange with an unrelated person, then you may be a candidate for a QOF investment. The Opportunity Zones program experts at Freed Maxick can assist in comparing a fully taxed investment to a QOF investment.

In addition, a proposed Opportunity Zone business or real estate development project should consider the other Federal, State and Local tax credit and incentive programs that are available. Consultation with professional tax advisors knowledgeable in these programs could significantly increase the return on investment.

Freed Maxick provides advisory, tax planning ad reporting services for both investors and fund sponsors considering involvement in the Opportunity Zone program, Click on the image to schedule a complementary Tax Situation Review, or contact Don Warrant, CPA at 716-332-2647 for consultation regarding the Opportunity Zones program.   

View full article

New York State Sales Tax Relief for Marketplace Sellers

Marketplace sellers

Under a new provision that was recently added to the New York State Tax Law, a marketplace seller is relieved from liability for the collection of New York State sales tax when it receives Form ST-150, Marketplace Provider Certificate of Collection, from a marketplace provider. This new form certifies that the marketplace provider is registered with New York State and will collect New York State sales tax on sales it facilitates for marketplace sellers.

A marketplace seller is also relieved from liability when the marketplace provider has a publicly available agreement which includes the following (or similar) statement:

[Marketplace provider name] is a registered New York State sales tax vendor and will collect sales tax on all taxable sales of tangible personal property that it facilitates for delivery to a New York State address.

New York State Economic Nexus Laws

Following the 2018 Supreme Court decision in South Dakota v. Wayfair, Inc., states have enacted new economic nexus laws or have begun enforcing their existing laws. For example, New York State’s pre-existing economic nexus law is now being enforced.

Many states followed South Dakota’s law by enacting a $100,000 sales or 200 transaction threshold. States are now changing to a sales-only economic nexus threshold.

A remote seller with no physical presence in New York State must register and collect New York State sales tax when they have more than $300,000 in sales of tangible personal property delivered in New York, and makes more than 100 sales of tangible personal property delivered in New York during the previous four sales tax quarters. The sales tax quarters in New York are:  March 1 through May 31, June 1 through August 31, September 1 through November 30, and December 1 through February 28/29.

Additional information on the economic nexus provisions is available on the Department of Taxation and Finance’s website.

New York State Marketplace Facilitator Laws

To facilitate the collection of sales tax from out-of-state sellers with no in-state physical presence, states are enacting “marketplace facilitator” laws. A marketplace facilitator is a company such as Amazon, which provides a “marketplace,” such as a web site, catalog, shop, store, etc., where goods are offered for sale, and the marketplace facilitator collects payment from customers. It is easier for states to enforce their sales tax laws on a few marketplace facilitators like Amazon than from the customers they serve.  

Marketplace facilitators may be required to register themselves and their customers with the state. For example, Kentucky requires marketplace providers to register their customers. As a result, remote sellers may be contacted by the state once they have been identified. States often issue nexus questionnaires to determine exposure to state income, franchise, and sales tax for prior years. 

New York State’s Marketplace Provider Law

New York State’s marketplace provider law is effective for sales of tangible personal property made on or after June 1, 2019. Under this law, a marketplace provider is required to collect and remit New York State sales tax on all taxable sales of tangible personal property that it facilitates for its customers when the marketplace provider agrees to collect payment from in-state customers.

Highlights of New York State’s marketplace provider law are as follows:

  • A marketplace provider must issue Form ST-150 to its marketplace sellers for sales of tangible personal property it facilitates for such sellers. Alternatively, this form is not required when the marketplace provider has a publicly-available agreement that includes the statement discussed above.
  • A marketplace provider is relieved of liability for failure to collect the correct amount of tax to the extent the marketplace provider can show that the error was due to incorrect or insufficient information given to the marketplace provider by the marketplace seller.
  • A marketplace provider is not required to collect and remit New York State sales tax on services, restaurant food, hotel occupancy, or admissions to a place of amusement. The marketplace seller is responsible to collect and remit sales tax.

In addition, a marketplace seller is relieved from liability for sales tax collection on sales of tangible personal property and should not include such receipts in taxable receipts. However, a marketplace seller is not relieved of liability for sales of services and sales not made through a marketplace provider.

New York State Technical Memorandum TSB-M-19(2)S (May 31, 2019) provides further information regarding New York State sales tax collection requirements for marketplace providers.

State Sales Tax Nexus Reviews More Important Than Ever

New call-to-actionMarketplace sellers should continue to assess their sales tax nexus footprint in each state through state sales tax nexus reviews. Sales made through marketplace providers are generally included in determining whether in-state sales exceed economic nexus thresholds, which may require sellers to register with the state. The seller is then responsible for sales tax collection for sales of services and tangible personal property not made through marketplace providers, or to collect exemption forms from customers for exempt sales. Nexus reviews are equally important for income, franchise and other state and local tax purposes. 

For more information on New York State and other states marketplace seller laws, or to talk with a member of our state and local tax team about a nexus study, please contact Freed Maxick.

View full article

Siemer Milling Company v. Commissioner: Siemer Down! It Wasn’t All Bad for the R&D Tax Credit

Siemer Down-1

New call-to-actionApril 15 is usually a happy day for tax practitioners and taxpayers alike. April 15, 2019 was not a happy day for Siemer Milling Company and their tax advisors after Siemer Milling Company v. Commissioner (TC Memo 2019-37) was decided. This case focused on seven projects the company claimed the R&D tax credit on in 2011 and 2012. 

Here’s a summary of Freed Maxick’s R&D Tax Credit Team’s perspective on this case and its consequences for the credit:

R&D Tax Credit documentation is KEY.

As you can see from the chart below, ALL seven projects reviewed were denied as Siemer Milling Company was not able to prove they engaged in a process of experimentation (and in some instances other parts) of the 4-part test.


The big takeaway from this case is that it reinforces the fact that documentation is vital to the successful claim for R&D tax credit. IRS stated that “the record is devoid of evidence that petitioner formulated or tested hypotheses, or engaged in modeling, simulation, or systematic trial and error…” Unfortunately for the taxpayer, the Tax Court agreed and denied each project!

Based on the results of the case, three of the seven projects would appear to have qualified for credit (#’s 1, 4 and 7 in the chart above) if there was sufficient documentation to a process of experimentation. 

Key takeaway…document, document and document!      

Siemer down, it wasn’t all bad for other taxpayers!

The IRS took draconian positions in a few areas that the Tax Court summarily shut down!

  • Uncertainties - IRS asserted that Siemer could not face the same uncertainty for more than one year. The tax court responded that this argument was unpersuasive and that Siemer “could have faced the same uncertainties for several years in a row and not all uncertainties are neatly resolved within the confines of a single taxable year.”
  • Education - IRS asserted that Siemer could not have engaged in R&D activities as they did not employ anyone with the title of engineer or anyone with an engineering degree. The tax court responded that this argument was unpersuasive and that nothing requires a taxpayer to employ or contract with someone with a specialized degree to prove that research relied upon physical or biological sciences, engineering, or computer science.
  • Multiple tax periods - IRS asserted that Siemer could not have “new” projects for more than one year. The tax court responded that this argument was unpersuasive and that “the development or improvement of a business component can span more than one tax year.”

Uncertainties and projects themselves spanning multiple tax periods is VERY common.  Not only could projects that start very late in a year continue into the subsequent year, some projects are very complicated and time consuming, which could result in the project spanning more than two tax periods.  We agree with the courts argument that this is unpersuasive and doesn’t have any standing in the legal statute or case law.

While education may be very important for a taxpayer’s employees to perform their function, there is no statute or legal requirement that a skilled tradesmen (or anyone else for that matter) without a formal education isn’t performing R&D for a taxpayer. You have to look at the ACTIVITY not the EDUCATION of the individuals engaging in R&D. 

Key takeaway…it is the activity that matters, not when or how it is done!

Connect with Our R&D Tax Credit Experts for More Information

New call-to-actionThe Research and Development Tax Credit experts at Freed Maxick are standing by to help review your situation and provide guidance on both your eligibility for the credit, and the scope and processes necessary for its capture and claim.

To schedule a complimentary review, call me at 716-847-2651, reach me via email at joe.burwick@freedmaxick.com, or simply click on the button to complete and submit a meeting request.

For more insight, observations and guidance on the R&D tax credit, click here.

View full article

State Tax Changes for 2018 and 2019: What Businesses and Individuals Need to Know

SALT update CROP

As is typical throughout the tax year, some states change their tax rates and their apportionment ratios and methods. Calendar and fiscal taxpayers alike are affected by the changes. And based on where your particular entity may be in its processes, you could be extending your returns, preparing or finalizing your returns, completing year end or quarterly tax provisions, or already into your quarterly estimates for 2019. The following is a summary of the majority of changes.

State corporate tax rate changes:

2018 state corporate tax rate changes

  • The District of Columbia dropped its tax rate from 9% in 2017 to 8.25% for 2018 and beyond.
  • Idaho dropped its tax rate from 7.4%, plus $10 in 2017 to 6.925%, plus $10 for 2018 and beyond.
  • Indiana has been gradually lowering its rate. The tax rate changed from 6.0% for July 1, 2017 through June 30, 2018, to 5.75% for July 1, 2018 through June 30, 2019, to 5.5% for July 1, 2019 through June 30, 2020. It will continue to drop to 5.25% for the same period ending June 30, 2021, and to 4.9% for after June 30, 2021. Taxpayers need to use a days per period calculation for years that begin in one period and end in another.
  • Kentucky changed its tax rate for 2018. Rather than the graduated income tax rate system it had, for 2018 and beyond, it is a straight 5% tax for all corporate taxpayers. The LLET has not changed.
  • In September 2018, Maine significantly lowered its tax rates when it changed its graduated income tax system by increasing the amount of taxable income allowed at each of its lowest tax brackets. For tax years beginning in 2018, the new amounts are: $0-$350,000: 3.5%; $350,001-$1,050,000: $12,250 plus 7.93%; $1,050,001-$3,500,000: $67,760 plus 8.33%; $3,500,001 or more: $271,845 plus 8.93%
  • Mississippi has begun to reduce its corporate tax burden by phasing out tax on the first $5,000 of taxable income gradually through the year 2022. For 2018, the first $1,000 of taxable income is taxed at 0%, while $1,000 - $5,000 is taxed at 3%. For 2019, the first $2,000 is taxed at 0%. At the same time, the franchise tax, which is based on the corporation's capital, is being phased out over the next 10 years. Each year the tax rate will drop by $0.25 per $1,000 until it is completely gone as of January 1, 2028.
  • For 2018 and 2019, New Jersey added a 2.5% surtax on corporations with allocated taxable income over $1 million. This surtax will decrease to 1.5% for 2020 and 2021.
  • New York's capital base tax rate has been decreasing. It drops to 0.075% (0.056% for qualified manufacturers) for tax years beginning in 2018 and to 0.05% (0.038% for qualified manufacturers) for 2019. For 2020, it drops to 0.025% (0.019% for qualified manufacturers) and is eliminated for tax years beginning in 2021 and after.
  • Utah slightly decreased its tax rate from 5% in 2017 to 4.95% for 2018 and beyond.

2019 (and beyond) state corporate tax rate changes

  • For 2019, Georgia has dropped its rate from 6% to 5.75%.
  • For tax periods ending in 2019, New Hampshire has decreased its tax rate on taxable business profits from 8.2% to 7.9% for gross income over $50,000. The enterprise business value tax rate has also been decreased from 0.72% to 0.675%.  Additionally, for tax periods ending in 2020 and 2021, the rates will drop to 7.7% and 0.6%, respectively, and then decrease further to 7.5% and 0.5%, respectively for periods ending in 2022 and beyond.
  • New Jersey also is changing their minimum tax for each member of a combined return to $2,000 each for tax years ending on or after July 31, 2019.
  • For tax years beginning in 2019, North Carolina has decreased the income tax rate from 3% to 2.5%.
  • For 2020, Missouri's tax rate will decrease from 6.25% to 4%.

Pass-through state tax rate changes:

  • Effective for tax years beginning on or after January 1, 2018, Connecticut has imposed a pass-through entity tax on S corporations at a rate of 6.99% of their taxable base.
  • Idaho reduced its withholding tax rate from 7.4% for 2017 to 6.925% for 2018.
  • North Carolina reduced its withholding tax rate from 5.499% for 2018 to 5.25% for 2019 and beyond.

State apportionment changes:

  • North Carolina is on a single sales factor formula as of 2018.
  • Delaware, Maryland, and Utah are phasing in single sales factor apportionment over the next few years. Refer to the specific state for exact dates and formulas for each year during the phase in period.
  • For years beginning on or after January 1, 2020, Missouri will require the use of a single sales factor apportionment formula.
  • Kentucky, Montana and Oregon switched to market-based sourcing for tax years after 2017.
  • Colorado, Indiana and New Jersey have switched to market based sourcing for tax years after 2018.
  • Missouri and New Mexico require market based sourcing for tax years after 2019.

Connect With Us

Tax Situation ReviewIf you would like to discuss how Federal and State changes to tax codes affect your situation, please call the State and Local Tax team at 716.847.2651 to schedule a complimentary Tax Situation Review. Or, click on the button, give us your contact information, and a member of our staff will connect with you to schedule a discussion.

View full article

Getting Started with IT Asset Management Services


If your organization is looking to reduce its costs with IT assets, you should consider implementing an IT asset management (ITAM) system. Tracking your organization's IT assets is an effective way to reduce unnecessary spending on software licenses and IT infrastructure. This can eliminate the purchase of assets your organization already owns, utilize your organization's current assets more efficiently, and be better prepared for the replacement of old devices or expiration of software licenses.

Building your organization's IT asset management goals

Before implementing an ITAM system within your organization, you should first determine your organization's goals. It is critical to identify specific objectives and desired outcomes to assist you in developing a system of measurement to align with these objectives. Take a moment to list what you would like to achieve with your ITAM system and rate these achievements to determine what is most critical to your organization.

Determining your system of IT asset measurement

Once you have established your desired IT asset management goals, it is important to choose key performance indicators (KPIs) that measure the progress toward achieving your goals. This will help your organization evaluate the adequacy of its ITAM system. For instance, if your organization would like to emphasize software license compliance, your organization could track licenses by expiration date or the ratio of used purchased licenses to unused purchased licenses.

Using an effective measurement system not only assists in tracking assets but also provides beneficial information for future decision-making. As you strategize your ITAM system, be mindful of choosing logical metrics that correlate with your goals. Consider the following ways an ITAM system could provide value to your organization and the potential metrics that could be used for:

  • Defining an IT budget by tracking asset costs
  • Reducing discrepancies to the IT environment by identifying assets that cause service failures
  • Optimally employing existing resources by identifying users with multiple workstations.

Establishing an IT asset repository

If there is uncertainty with where to begin in implementing your ITAM system, start by establishing a full IT asset repository. No matter the size of your organization, it is best practice to track your organization's IT assets to reduce the risk of not discovering lost or stolen assets. When deciding how your organization will maintain a repository, acknowledge who will be responsible for updating the listing, as well as how the process can be integrated into your existing IT service support management and change management systems. Be sure your organization's repository incorporates all relevant IT assets, including:

  • Hardware and software
  • Network and communication infrastructure, servers, and applications
  • Mobile devices
  • Cloud assets

For each item in the repository, be sure to include the following relevant information as well as any additional critical metrics you identified previously to measure the progress toward achieving your organization's goals.

User details


Asset type

Model and serial numbers

Purchase/Leasing costs

Termination/replacement date

Maintenance, repair, change, and upgrade information

If your organization must comply with industry regulatory requirements such as HIPAA and PCI, it may be useful to record where critical or sensitive data is stored to increase the efficiency of audits.

ITAM throughout the IT Asset Life Cycle

ITAM is more than just maintaining a listing of assets; it extends to processes in each step of an asset's life cycle. The IT asset life cycle is a series of stages that an asset goes through during an organization's ownership, from requisition to retirement/disposal. In order to establish and maintain a robust ITAM system, your organization should consider the processes and controls in place surrounding each stage in the cycle.

  1. IT Asset Requisition

During the asset requisition stage, controls should focus on the proper authorization of asset purchases. The authorizing person or group should reference the asset repository to check if a requested item is actually available to avoid unnecessary purchases and confirm that the requested item is compatible with company policies.

  1. IT Asset Procurement and Receipt

In the procurement and receipt stage, orders should be placed only to approved vendors, and vendor lists should be reviewed periodically to avoid purchases from unauthorized vendors. The IT asset manager should anticipate delivery times and verify that new assets are logged either upon delivery or before releasing to the user.

The receiving department’s manager is responsible for reconciling received assets with original requests to ensure that delivered equipment that is faulty or that does not match the purchase order is returned to the supplier and not added to the asset repository. The receiver should also assign a unique identifier for the asset as communicated by the asset manager. At this point, the asset should be recorded in the asset repository with relevant information covered in the previous section. The IT technician then schedules installation, as needed.

  1. IT Asset Deployment

The deployment stage puts the asset to use. The asset repository should be correct prior to the deployment of equipment to users. The IT technician is responsible for installing IT equipment for the user and making sure it is configured and ready for use. The user should receive training on how to use the asset, with additional training available, if needed. Employees should sign an acceptance form for the equipment once it is delivered. This form should be recorded or kept in the user's personal HR record so that equipment can be retrieved if the individual leaves the organization. If an asset was previously deployed to a different user, a process should be in place to wipe information from that asset before cascading to the new user.

  1. IT Asset Maintenance

Asset management is a continual process. As such, ensure that your organization consistently follows its ITAM policy as your assets go through maintenance, repairs, and changes. A clear policy should be documented to cover what changes are acceptable, who is responsible for authorizing changes, and what action will be taken if the organization's procedures are not followed. Significant maintenance, repairs, or changes surrounding IT assets should be recorded in the asset repository prior to releasing equipment.

Your organization should have regular audits of its databases and workstations, as well as regular reviews of systems and procedures with recommendations for improvements, where necessary. Consider the legal and regulatory requirements in terms of software licenses and contractual issues, such as maintenance contracts, insurance contracts, and lease contracts.

  1. IT Asset Retirement/Disposal

Eventually, it will be time to dispose of or retire your assets. Ideally, the replacement of assets is planned and not as a consequence of an item suddenly ceasing to function. Any addition to your asset repository leads old equipment out. A process should be in place to wipe company information from an asset prior to disposal using a professional third-party. 

When equipment is re-issued to a user, old equipment should be removed at the time of issuing new equipment. A return form should be completed, with a copy sent to HR for the employee's record. The employee's manager is typically responsible for the return of equipment.

ITAM can seem like a daunting process. It is important to initiate the process with a plan based on the needs of your organization. Avoid getting bogged down by too many details by only tracking information that will be most useful to decision-making in your organization.

Connect with a Freed Maxick IT Asset Management Consultant

If you are interested in establishing an ITAM system for your organization, or improving your organization’s controls surrounding the IT asset life cycle, our Risk Advisory Services team can work with you. Our internal control consultants will conduct an examination of your organization's ITAM system to identify weak areas. We can recommend the appropriate level of control for your organization and develop systems to monitor, assess and update those controls.

For more information regarding how Freed Maxick can help, please call 716.847.2651 or contact us here.

View full article