November 18, 2015

© 2015 Rehmann

Moderator: Lisa VanDeWeert, CPA

Principal • Rehmann’s Not-for-Profit Group

Leader • Responsible for supervising and

reviewing audit and internal audit fieldwork, financial statement preparation and presentations to clients.

• Experience includes planning, performing and supervising audit and internal audit engagements in a variety of industries including higher education, not-for-profit, manufacturing and insurance organizations.

lisa.vandeweert@rehmann.com 616.975.2852

© 2015 Rehmann

Presented by: Kerry Nelson, CPA

© 2015 Rehmann

Kerry Nelson, CPA

Principal • Director of Rehmann’s not-for-

profit tax practice and 1040 committee leader

• Experience in the areas of tax planning, tax compliance, 1040 and 990 preparation and payroll reporting

• Provides services to not-for-profits, family owned and closely held businesses, their shareholders and officers

kerry.nelson@rehmann.com 231.946.8927

© 2015 Rehmann

Learning objectives

• Understand what charitable solicitation means

• Recognize if an organization is required to register in a particular state

• How to find information needed for compliance

• Social Media and what it means to your organization

© 2015 Rehmann

Raising contributions is vital for nonprofits

© 2015 Rehmann

Solicitation defined

• Solicitation – any direct or indirect request for a contribution, whether express or implied, through any medium.

– Oral requests

– Written requests

– Sale or attempt to sell goods or services

– Announcement requesting the public to attend a gathering, event, or entertainment

© 2015 Rehmann

State’s authority to regulate

• Physical presence – Have an office

– Own real estate

– Conduct program activities

• Raising funds in the state – Mailings

– Telephone calls

– Conducting a webpage

© 2015 Rehmann

Internet solicitation

• National Association of State Charity Officials (NASCO) adopted “Charleston Principles” in 2001

• Encourages

– States to develop common policies

– States to impose limits on expected compliance from out-of-state charities

© 2015 Rehmann

Internet solicitation - continued

• General guidelines to registration:

– A nonprofit should register in the state in which it is domiciled

– A nonprofit specifically targets a person in a particular state

– A nonprofit engages in passive solicitation

© 2015 Rehmann

Current status of regulation

• 40 states (plus DC) have registration requirements

• 10 states do not

– Delaware, Idaho, Indiana, Iowa, Montana, Nebraska, South Dakota, Texas, Vermont, Wyoming

© 2015 Rehmann

Exemptions available

• Most Common: – Religious Organizations – Educational Institutions – Libraries – Museums – Health Care Institutions – Solicitation of Members Only – Veterans’ Organizations – Solicitation for Specified Individuals – Organizations raising small amounts (e.g., $25k)

© 2015 Rehmann

Determining state registration

• Does the organization have a physical presence in a particular state?

• Is an organization soliciting in a particular state?

• Are “substantial” or “repeated and ongoing” contributions coming from a particular state?

© 2015 Rehmann

State registration process

• Unified Registration Statement (URS) – Can be found at http://multistatefiling.org/

– An effort to consolidate the information and data requirements of all states

– A work in progress

– About 37 states currently accept • States requiring registration that do not accept URS

– Florida

– Oklahoma

– Colorado

© 2015 Rehmann

State registration process - continued

• Common documents required with registrations – Articles of Incorporation

– Bylaws

– IRS Exemption Determination Letter

– IRS Form 990

– Compiled, Reviewed, or Audited Financial Statements (depending on amount of gross revenue)

© 2015 Rehmann

What should you do …

• Register in your home state

• Register where your supporters reside

• Register where your organization is very active

• Check directly with Attorney General or whichever government unit that has oversight in that state for accurate compliance

© 2015 Rehmann

Polling Question #1

How many states require registration?

A. All states

B. 32 states

C. 40 states

D. 10 states

© 2015 Rehmann

Impact on Nonprofits

© 2015 Rehmann

Social media – what is it?

• Types – Twitter

– Facebook

– YouTube

– Usually tied into a crowd based funding platform

• Benefits – Create your own fundraising page

– Leverage power of your personal networks

© 2015 Rehmann

Social media - continued

• Costs

– Charity receives donations net of fees

– Individuals do the work setting up the sites

– Individuals send the “asks” out to their “donor lists”

© 2015 Rehmann

Social media - continued

• Risks

– Charity may or may not end up with donor info

– Need to make sure social media site is set up correctly

– Donor gets the full charitable contribution amount

– Charity receives donation net of platform fees

– Charity needs to react quickly when the “social storm” hits to capitalize on the opportunity

© 2015 Rehmann

Crowd Based Funding

• What is it? – Website that facilitates the exchange of money – If you are not a public charity, it’s a gift – Charities adding a “Start Fundraising Now” button – Peer to Peer fundraising

• What is it NOT?

– A bank – A charity – REGULATED!!!

• Examples: Giveforward.com; Gofundme.com; Fundly.com

© 2015 Rehmann

Crowd Based Funding - continued

• Risks

– Anyone can set up a site and say they are you

– Need to be on lookout to make sure no one is posing as your charity

– Gift taxes can apply to personal gifts

– Watch for online fundraisers that turn into online raffles

© 2015 Rehmann

Polling Question #2

Crowd based fundraising is:

A. Free

B. Regulated

C. Very low-risk to your organization

D. Fee-based depending on the provider

© 2015 Rehmann

Social media tips for small organizations

• Make sure your website is “Mobile Friendly”

• Make sure your online, off-line and in-person messaging is consistent

• Organize to make online involvement & giving a core competency

• Craft messages to appeal to all ages – crisp, simple and uncluttered

• Be sociable with followers

© 2015 Rehmann

Thank you!

© 2015 Rehmann

© 2015 Rehmann

Presented by: Jessica Dore, CISA

Jessica Dore, CISA

Senior Manager

• Technology Risk Management

• Specializes in technology consulting & security

• Experience in leading teams and performing IT security assessments for clients

jessica.dore@rehmann.com 989.797.8391

© 2015 Rehmann

The pace of change is picking up

© 2015 Rehmann

Data is exploding

Source: spotfire.tibco.com

© 2015 Rehmann

Communication is changing …

Source: www.bates-communications.com

© 2015 Rehmann

The way we interact is changing …

Source: pafamilylaw.foxrothschild.com

© 2015 Rehmann

Processes are changing …

Source: siliconangle.com

© 2015 Rehmann

We are connected 24 x 365 x 7

Source: www.innovata-llc.com

© 2015 Rehmann

With all this connectivity comes

Source: news.hitb.org

© 2015 Rehmann

Fraud, cyber crime & the bottom line

$400 billion lost annually to fraud and misappropriation

by US organizations

6% of annual revenue lost to fraud and abuse by the

average organization

$5.4 million to resolve the average data breach, not including liability issues

© 2015 Rehmann

Source: progressbangladesh.com

Cyber crime is here to stay

• Cyber warrior ‘mercenaries’ for hire worldwide

• Cyber crime is a multi-billion dollar underground economy

• Cyber crime is an industry of suppliers, distributors and manufacturers

• Information is the commodity

© 2015 Rehmann

Polling question #3

Has your organization been a victim of cyber crime?

A. Yes

B. No

C. No, but I know of an organization that has been

© 2015 Rehmann

60% of organizations FAIL within 6 months

of being hacked

• Loss of cash from bank accounts

• Cost of breach repair and recovery

• Cost of notification

• Cost of compliance

• Cost of lost clients

• Cost of reputation loss

Source: www.greenskyproductions.co.uk

© 2015 Rehmann

Small organizations - a big target

• Don’t believe they will be attacked

• Cybersecurity not a priority

• Weak cybersecurity/ outdated tools

• Poor employee training

• Poor or no data breach response plan

• Lead to bigger fish

Source: ameriscope.com

© 2015 Rehmann

Major cyber attacks

• 80 million identities – Anthem

• 47,000 SSNs + threats – Sony

• 76 million bank records – JP Morgan

• 56 million credit cards – Home Depot

• 100 million credit/debit cards – Target

• 145 million or more emails – eBay

© 2015 Rehmann

Cost of average cyber breach

• Average cost of a breach $5.4 million

• Each lost record costs $188 average

• ($188 x 10,000 records = $1,880,000)

• Disruption alone costs $937,000 per breach

• Plus: liability issues for identity theft, etc.

© 2015 Rehmann

The cyber crime toolkit

Spyware Malware

Phishing/

Pharming

Skimming

Trojans/

Viruses

Watering Hole

Keylogging

Ransomware

Social

Engineering

Dumpster

Diving

Bot Bot

DDOS

© 2015 Rehmann

Social engineering scams

• Email from you

• Email from your internal staff

• Message from friend overseas and in trouble

• Nigerian email scam

• “Your tax refund is already taken care of”

© 2015 Rehmann

Social engineering

© 2015 Rehmann

Ransomware

• Your data taken “hostage”

• Ransom email

• Today $300

• Tomorrow more

• If you don’t pay, they destroy your data

© 2015 Rehmann

What do they do with the information?

• Cyber criminals sell personal identifying information or use it to:

– Open false bank accounts

– File false IRS returns

– Open false credit cards

– Steal from bank accounts

– Hack into other accounts/businesses

© 2015 Rehmann

Employees are the weakest link

• Negligent insiders are the top cause of data breaches

• Clicking on links in emails

• Sending work email to personal accounts

• Using data on insecure lines

• Not following corporate policies

• Not securing mobile devices

© 2015 Rehmann

Vulnerability: weak IT security

• Poor access controls

• Poor patch management

• Improper device configuration

• Lack of security audits

• Weak enforcement of remote login policies

© 2015 Rehmann

Where should you focus?

• Data

• Perimeter

• Access

• Governance

• Vendor

• Mobile

• Human

Source: www.lifehack.org

© 2015 Rehmann

Data management

• Data – What is it and where is it?

• Risks - What is it worth?

• Access Paths – How can you get to the data and what are the control points?

• Access - Who can get to your data?

www.intelymind.com

© 2015 Rehmann

Perimeter management

• Do you have a firewall?

• Do you have a DMZ?

Source: www.linklogger.com

© 2015 Rehmann

Segregate the network

• Is the Network Virtualized?

• Do you leverage VLANs to segregate the Network?

www.automation.comwww.automation.com

© 2015 Rehmann

IDS/IPS - alerts

• Do you have an Intrusion Detection System?

• Do you have an Intrusion Prevention System?

• Are alerts turned on?

• Are they monitored?

infosecprimer.wordpress.com

© 2015 Rehmann

Monitor

• Conduct:

– External Vulnerability Test

– Internal Vulnerability Test

– Social Engineering Test

dstudio.ubc.ca

© 2015 Rehmann

Access management

Source: blog.lookout.com

• Access Control

• Restrict Administrative Access

• Perform Access Reviews

• Leverage Least Privilege

© 2015 Rehmann

Software patching

• How often do you patch?

• Best Practice = 30 Days

Source: www.gfi.com

© 2015 Rehmann

Backups

• Daily Backups

• Rotated Offsite

• Testing

www.itservicesalbuquerquenm.com

© 2015 Rehmann

Vendor management

• Selection Due Diligence

• Contract Reviews

• Annual Due Diligence

www.questproductsinc.com

© 2015 Rehmann

Cloud

www.data-hive.com

How do you know you are making a the right decision?

© 2015 Rehmann

Security

uspsafe.net

Who is responsible?

© 2015 Rehmann

Storage

mr2solutions.com

Where is the data stored?

© 2015 Rehmann

Mobile

Source: mobileappbuilders.co

• Mobile Device Strategy

• Acceptable Use Agreements

• Authentication & Encryption

• Secure Transmission

• Device Management

• Employee Training

© 2015 Rehmann

Training

• Train users on:

– Information Security Program

– Incident Response Plans

– Business Continuity Plans

– Security Threats

afgenvac.org

© 2015 Rehmann

Close the loopholes

Create & Enforce security policies

Educate employees

Update security software

Backup & encrypt data

Secure wireless devices

Purchase cyber insurance

Have an IT Security Assessment Performed

© 2015 Rehmann

Source: blog.zopim.com

In the end…

© 2015 Rehmann

Thank you!

© 2015 Rehmann

Presented by: Roger Webster

© 2015 Rehmann

Roger Webster

Principal • Expertise in determining client

employee administration needs and delivers technology-based solutions, ranging from full HRIS solutions to unbundled systems – Including assisting clients

throughout the entire employment process, including pre-employment, active employment and post-employment phases.

roger.webster@rehmann.com 248.579.1130

© 2015 Rehmann

Attracting Talent

• Plan to succeed!

– Recruit from within

– Create an employee referral program

– Embrace social media

– Don’t neglect tried and true recruiting techniques

Attracting Talent

• Social Media

– 50% of employers use Facebook to post jobs

– 74% of employers have found a hire through Linkedin

– 94% are using LinkedIn as a recruiting tool

© 2015 Rehmann

Attracting Talent

• The Employment Package

– Clearly defined offering

– Competitive with other companies / region

– Creativity helps

– Career advancement opportunities outlined

© 2015 Rehmann

Hire Slow … Fire Fast

Finding The Right People

© 2015 Rehmann

Hire Slow … Fire Fast Finding the Right People

• The resume illusion that misleads unsuspecting managers.

• Shiny suit, great car, says all the right things.

Hire the right employee that fits your culture and is “coachable”.

© 2015 Rehmann

Hire Slow … Fire Fast Finding the Right People

• Comprehensive screening process

• Speed dating, “contenders versus pretenders”

• Ask for more than just the references

• When possible, hire to complete a project first

• Extended probationary period*

* Check all legal standards in your state. Labor laws vary by state.

© 2015 Rehmann

Polling Question #4

Do you use multiple systems or manual processes that require a significant amount of time to help you manage you employee administration?

A. Yes

B. No

© 2015 Rehmann © 2015 Rehmann

Understanding the Impact of

Turnover

© 2015 Rehmann

Understanding the Impact of Turnover

• What is your turnover rate?

• What is your retention rate?

• Voluntary versus involuntary turnover?

• Average tenure of current employees?

© 2015 Rehmann

Understanding the Impact of Turnover

Traditional Calculations of Turnover Costs

• Hiring & Firing

• Recruiting

• Interviewing

• Orientating, Training New Employees

True Cost Lies in the Hidden Costs

• Loss of Productivity

• Loss of Reduction in Business

• Expertise Loss

• Administrative Costs

© 2015 Rehmann

© 2015 Rehmann

Avoiding First Year Turnover

• Are the First Year Top Performers leaving?

• What did that cost?

• What is the opportunity cost from lost revenue?

• Was this churn in “key value- creator roles” and are we still going to make this year’s business plan?

© 2015 Rehmann

Avoiding First Year Turnover

• The majority of ALL turnover – 52% occurs in the first year.

• It actually peaks right at the 12 month mark at 27%.

• When a new employee starts work on their first day, they represent pure cost and a lot of potential.

© 2015 Rehmann

Avoiding First Year Turnover

• Retention strategies must start DAY 1

• Employee engagement

• Flexible schedules

• Positive work environment

• Fair compensation

• Competitive benefits

© 2015 Rehmann

Avoiding First Year Turnover

• Develop realistic expectations.

• Provide the proper tools and effective processes.

• Create challenges and career opportunities.

• Clarity to the scope of the job

© 2015 Rehmann

Avoiding First Year Turnover

• Identify strengths and weaknesses in your onboarding activities;

• Identify inconsistencies between the Talent Acquisition team and hiring managers;

• Are you overselling and/or not delivering value proposition

© 2015 Rehmann

The First 90 Days of A New Hire

© 2015 Rehmann

The First 90 Days of A New Hire

• Retention starts day 1

• Prepare for first day

• Create a plan for first 90 days

• Orientation

• Training

• Communication / Feedback

• Evaluate

© 2015 Rehmann

The First 90 Days of A New Hire

• Build confidence

• Show enthusiasm

• Bring out passion in new hires

• Manage across generations

• Guide employees to their full potential

© 2015 Rehmann

The First 90 Days of A New Hire

Case study: 450 employees / 4 locations / Technology Company

• Executive positions are all asked to complete a 90 day plan with input

• DiSC assessment must be completed

• Based on results, share strengths and blind spots new hires may have in their personality

• Work on “what needs to be accomplished in 90 days

© 2015 Rehmann

© 2015 Rehmann

The Importance Of Employee Engagement

• Only 29% of the U.S. workforce is actively engaged, 55% is not engaged and 16% is actively engaged

• That means 71% of the workforce is NOT engaged every day

• Annual cost in the United States is $350 Billion Dollars annually

© 2015 Rehmann

The Importance Of Employee Engagement

• Presenters – in the chair but not really there

• Engagement requires the Right People, Passion, & Persistence and not every company is up for that challenge

• How big of problem do you have with employee engagement?

© 2015 Rehmann

The Importance Of Employee Engagement

• 84% of how employees feel is driven by their immediate supervisor

• 60% of employees who have confidence in their leader are fully engaged

© 2015 Rehmann

The Importance Of Employee Engagement

• Generate Enthusiasm

• Inspire employees to achieve

• Build confidence

• Empower employees

• Show employees that they are valued

© 2015 Rehmann

Overview of Engagement Drivers

**These work together, not in isolation

Source: AONHewitt

© 2015 Rehmann

© 2015 Rehmann

Employee Retention Strategies

• Train supervisors to follow the strategy set forth

• Clearly communicate with all employees

• Train new employees – be creative

• Establish career development path

• Listen to new employees – they will like to know that they are accepted as part of the team

© 2015 Rehmann

Employee Retention Strategies

• Create opportunities and recognize achievement.

• Rewards – financial or otherwise

• Awards

• Simple acknowledgements

• Provide measurement & feedback

© 2015 Rehmann

Employee Retention Strategies

© 2015 Rehmann

Traditional Approach

Select Hire Advance and Promote

Evaluate Results

Develop

Retain Recruit

Transfer Knowledge

Manage Performance

Train

Compensate

Classify

jobs

© 2015 Rehmann

Integrated Approach

Program Evaluation

© 2015 Rehmann

Employee Motivators

© 2015 Rehmann

Employee Motivators

• Clearly defined short term goals

• Clearly defined long term opportunities

• Benefit package

• Flexibility

• Recognition

© 2015 Rehmann

New Hire Retention Summary

• Have a plan and measure the results on a regular basis.

• Be consistent, execute the plan on time.

• Talk and listen to New Hires, don’t assume that they are “getting it”.

• Evaluate what is working and eliminate what is not.

© 2015 Rehmann

© 2015 Rehmann

“In the Cloud” Efficiencies

• Who can benefit?

– Manual or multiple system users.

– Companies with multiple locations/multiple states/remote workforce

– Need data analytics to make real time decisions

– Those who need a scalable solution

– Desire to streamline, gain efficiencies and save time & money

© 2015 Rehmann

“In the Cloud” Efficiencies

• Features and Benefits

– Better manage your workforce while saving both time and money

– Real time data to run your business – make informed decisions

– Engage employees-provide information / communication

© 2015 Rehmann

“In the Cloud” Efficiencies

• Features and Benefits

– Reduction of paper processing by as much as 50%

– Become strategic versus reactive

– Measure labor costs by job and / or grant

– Track custom fields

– Point to point reporting in real time

© 2015 Rehmann

“In the Cloud” Efficiencies

• Features and Benefits

– Lower total cost of ownership over client-installed software - affordable

– Applications require fewer technical resources to support

– Greater data accessibility and security

– Single source accountability

© 2015 Rehmann

“In the Cloud” Efficiencies

• Must haves:

– Single sign on / single data base solution

– True SaaS technology – cloud computing

– Full suite of services – optional services

– Ability to send and receive data electronically to third party applications

– Support – dedicated?

– Implementation partner

© 2015 Rehmann

“In the Cloud” Efficiencies

• Expected outcomes:

– Robust real time reporting – compliance and decision making information

– Measurable efficiencies gained

– Cost reduction – hard dollar / soft dollar

– Better communication and organization

– Meet today’s and tomorrow’s challenges

© 2015 Rehmann

ACA Compliance

Group Benefits

© 2015 Rehmann

Uncertainty for Certain

• ACA Compliance

– Complex law – complex reporting

– Drain on resources and time

– The compliance challenge

– Pay or play?

– Moving target-what’s next?

© 2015 Rehmann

Uncertainty for Certain

• Current Group Benefit Plan Challenges

– Unstable renewal premiums

– Loss of control-Limited plans & options

– Lack of transparency

– Community rated –good supporting bad

– Cost shifting

– Remain competitive and relevant

© 2015 Rehmann

Bend the Trend

© 2015 Rehmann

Bend the Trend

• Group Benefit Plan Solutions

– Educate employees

– Engage employees – get “buy in”

– Consider “bolt on tools”

– Consider hybrid self funded plans

– Utilize ACA compliance tools

© 2015 Rehmann

Thank you!

© 2015 Rehmann

Q&A Session

© 2015 Rehmann

Thank you!

Kerry Nelson

Phone: 231.946.8927

Email: kerry.nelson@rehmann.com

Jessica Dore

Phone: 989.797. 8391

Email: jessica.dore@rehmann.com

Lisa VanDeWeert

Phone: 616.975.2852

Email: lisa.vandeweert@rehmann.com

Roger Webster

Phone: 248.579.1130

Email: roger.webster@rehmann.com

© 2015 Rehmann