Acuity Blog

Businesses must face the reality of cyberattacks and continue fighting back

With each passing year, as networked technology becomes more and more integral to how companies do business, a simple yet grim reality comes further into focus: The cyberattacks will continue.

In fact, many experts are now urging business owners and their leadership teams to view malicious cyberactivity as more of a certainty than a possibility. Why? Because it seems to be happening to just about every company in one way or another.

A 2023 study by U.K.-based software and hardware company Sophos found that, of 3,000 business leaders surveyed across 14 countries (including 500 in the United States), a whopping 94% reported experiencing a cyberattack within the preceding year.

Creating a comprehensive strategy

What can your small-to-midsize business do to protect itself? First and foremost, you need a comprehensive cybersecurity strategy that accounts for not only your technology, but also your people, processes and as many known external threats as possible. Some of the primary elements of a comprehensive cybersecurity strategy are:

  • Clearly written and widely distributed cybersecurity policies,
  • A cybersecurity program framework that lays out how your company: 1) identifies risks, 2) implements safeguards, 3) monitors its systems to detect incidents, 4) responds to incidents, and 5) recovers data and restores operations after incidents,
  • Employee training, upskilling, testing and regular reminders about cybersecurity,
  • Cyberinsurance suited to your company’s size, operations and risk level, and
  • A business continuity plan that addresses what you’ll do if you’re hit by a major cyberattack.

That last point should include deciding, in consultation with an attorney, how you’ll communicate with customers and vendors about incidents.

Getting help

All of that may sound a bit overwhelming if you’re starting from scratch or working off a largely improvised set of cybersecurity practices developed over time. The good news is there’s plenty of help available.

For businesses looking for cost-effective starting points, cybersecurity policy templates are available from organizations such as the SANS Institute. Meanwhile, there are established, widely accessible cybersecurity program frameworks such as the:

  • National Institute of Standards and Technology’s Cybersecurity Framework,
  • Center for Internet Security’s Critical Security Controls, and
  • Information Systems Audit and Control Association’s Control Objectives for Information and Related Technologies.

Plug any of those terms into your favorite search engine and you should be able to get started.

Of course, free help will only get you so far. For customized assistance, businesses always have the option of engaging a cybersecurity consultant for an assessment and help implementing any elements of a comprehensive cybersecurity strategy. Naturally, you’ll need to vet providers carefully, set a feasible budget, and be prepared to dedicate the time and resources to get the most out of the relationship.

Investing in safety

If your business decides to invest further in cybersecurity, you won’t be alone. Tech researcher Gartner has projected global spending on cybersecurity and risk management to reach $210 billion this year, a 13% increase from last year. It may be a competitive necessity to allocate more dollars to keeping your company safe. For help organizing, analyzing and budgeting for all your technology costs, including for cybersecurity, contact us.

© 2024

Stay up to date! Subscribe to our future blog posts!


8 key features of a customer dispute resolution process for businesses

No matter how carefully and congenially you run your business, customer disputes will likely happen from time to time.

Some of the complaints may be people looking to negotiate a discount, “game the system” or even outright defraud you. But others could be legitimate complaints arising from mistakes on your company’s part, technological glitches or, perhaps worst of all, fraudulent actions by a third party.

Whatever the case may be, you can protect your business’s reputation and even strengthen its brand by creating and maintaining an effective customer dispute resolution process that includes eight key features:

1. Easily accessible channels of communication. Post easy-to-find and clearly written directions on your website, social media accounts and other channels detailing how customers can report problems, suspected errors and fraud on their accounts. The directions should include up-to-date contact info for your company and identify any forms or documentation required. Also provide a succinct description of your dispute resolution process, so customers know what to expect.

2. An efficient timeline. Naturally, it’s imperative to respond as quickly as possible to customer concerns or complaints. Today’s technology allows businesses to immediately send automated replies confirming receipt of the customer’s message and assuring the sender that you’re investigating. If the matter appears legitimate, you can follow up with a resolution timeline stating the next steps in the process.

3. Empathy and understanding. Train employees to listen patiently and acknowledge to customers the inconvenience of potential errors or fraud on their accounts. Remind customer-facing staff to keep open minds and not automatically assume any customer is making a false report.

4. Rigorous investigatory techniques. Thoroughly investigate disputes to ascertain root causes. Precisely how you should do so will depend on the nature of your industry and operations, as well as the specifics of the complaint.

To ensure consistency and build a robust document trail, however, require employees performing investigations to first gather all available account information and transaction records. Investigators should also carefully preserve emails and other electronic messages, as well as record or transcribe phone conversations with complaining customers and, if applicable, other involved parties.

5. Strong data protection. Your business should already have up-to-date cybersecurity safeguards in place to prevent data breaches and identity theft. But your customer dispute resolution process should include additional layers of protection. For example, apply “the principle of least privilege,” which means, in this case, only authorized employees directly involved in investigations have access to pertinent data.

6. Transparency and proactive follow-ups. Keep customers informed throughout the entire process. Don’t “leave them hanging” and wait for them to follow up with you. Provide them with regular updates on investigations and inform them of outcomes as soon as they’re available.

7. Timely resolution. If a dispute is found to be in the customer’s favor, quickly make the necessary corrections — such as refunds or account adjustments. Also consider providing a temporary discount, free replacement items or complementary services. Many companies also issue an apology, though you may want to consult your attorney on the language.

If you deny a claim, provide a detailed explanation of the evidence and your reasoning. Consider allowing some customers to appeal decisions not in their favor by submitting supplemental information.

8. Documentation and analysis with an eye on continuous improvement. Last, be sure to continually learn from incidents. Retain records of all customer disputes and fraud claims to identify patterns and trends. Use this data to improve your internal controls and investigatory processes, make decisions on technology upgrades, and train customer-facing teams. By doing so, you may be able to prevent disputes in the future or at least lessen their frequency.

© 2024

Stay up to date! Subscribe to our future blog posts!


B2B businesses need a cohesive strategy for collections

If your company operates in the business-to-business (B2B) marketplace, you’ve probably experienced some collections challenges.

Every company, whether buyer or seller, is trying to manage cash flow. That means customers will often push off payments as long as possible to retain those dollars. Meanwhile, your business, as the seller, needs the money to meet its revenue and cash flow goals.

There’s no easy solution, of course. But you can “grease the wheels,” so to speak, by strategically devising and continuously improving a methodical collections process.

Payment terms

Getting paid promptly depends, at least in part, on the terms you set forth and customers agree to. Be sure payment terms for your company’s products or services are written in unambiguous language that includes specific due dates, payment methods and late-payment penalties. To the extent feasible, use contracts or signed payment agreements to ensure both parties understand their obligations.

If your business operates on a project basis, try to negotiate installment payments for completion of specific stages of the work. This approach may not be necessary for shorter jobs but, for longer ones, it helps assure you’ll at least receive some revenue if the customer runs into financial trouble or a dispute arises before completion.

Effective invoicing 

Invoice promptly and accurately. This may seem obvious, but invoicing procedures can break down gradually over time, or even suddenly, when a company gets very busy or goes through staffing changes. Monitor relevant metrics such as days sales outstanding, revenue leakage and average days delinquent. Act immediately when collections fall below acceptable levels.

Also, don’t let the essential details of invoicing fall by the wayside. Ensure that you’re sending invoices to the right people at the right addresses. If a customer requires a purchase order number to issue payment, be sure that this requirement is built into your invoicing process.

In today’s world of high-tech money transfers, offering multiple payment options on invoices is critical as well. Customers may pay more quickly when they can use their optimal method.

Reminders and follow-ups

Once you’ve sent an invoice, your company should have a step-by-step process for reminders and follow-ups. A simple “Thank you for your business!” email sent before payment is due can reiterate the due date with customers. From there, automated reminders sent via accounts receivable (AR) or customer relationship management (CRM) software can be helpful.

If you notice that a payment is late, contact the customer right away. Again, you can now automate this to begin with texts or emails or even prerecorded phone calls. Should the problem persist, the next logical step would be a call from someone on your staff. If that person is unable to get a satisfactory response, elevate the matter to a manager.

These steps should all occur according to an established timeline. What’s more, each step should be documented in your AR or CRM software so you can measure and improve your company’s late-payment collections efforts.

Typically, the absolute last step is to send an outstanding invoice to a collection agency or a law firm that handles debt collection. However, doing so will usually lower the amount you’re able to collect and typically ends the business relationship. So, it’s best viewed as a last resort.

What works for you

If your B2B company has been operational for a while, you no doubt know that collections aren’t always as simple as “send invoice, receive payment.” It often involves interpersonal relationships with customers and being able to exercise flexibility at times and assertiveness at others. For help analyzing your collections process, identifying key metrics and measuring all the costs involved, contact us.

© 2024

Stay up to date! Subscribe to our future blog posts!


When businesses may want to take a contrary approach with income and deductions

Businesses usually want to delay recognition of taxable income into future years and accelerate deductions into the current year. But when is it wise to do the opposite? And why would you want to?

One reason might be tax law changes that raise tax rates. The Biden administration has proposed raising the corporate federal income tax rate from its current flat 21% to 28%. Another reason may be because you expect your noncorporate pass-through entity business to pay taxes at higher rates in the future and the pass-through income will be taxed on your personal return. There have also been discussions in Washington about raising individual federal income tax rates.

If you believe your business income could be subject to tax rate increases, you might want to accelerate income recognition into the current tax year to benefit from the current lower tax rates. At the same time, you may want to postpone deductions into a later tax year, when rates are higher and the deductions will be more beneficial.

To fast-track income

Consider these options if you want to accelerate revenue recognition into the current tax year:

  • Sell appreciated assets that have capital gains in the current year, rather than waiting until a later year.
  • Review the company’s list of depreciable assets to determine if any fully depreciated assets are in need of replacement. If fully depreciated assets are sold, taxable gains will be triggered in the year of sale.
  • For installment sales of appreciated assets, elect out of installment sale treatment to recognize gain in the year of sale.
  • Instead of using a tax-deferred like-kind Section 1031 exchange, sell real property in a taxable transaction.
  • Consider converting your S corporation into a partnership or LLC treated as a partnership for tax purposes. That will trigger gains from the company’s appreciated assets because the conversion is treated as a taxable liquidation of the S corp. The partnership will have an increased tax basis in the assets.
  • For construction companies with long-term construction contracts previously exempt from the percentage-of-completion method of accounting for long-term contracts: Consider using the percentage-of-completion method to recognize income sooner as compared to the completed contract method, which defers recognition of income until the long-term construction is completed.

To postpone deductions

Consider the following actions to postpone deductions into a higher-rate tax year, which will maximize their value:

  • Delay purchasing capital equipment and fixed assets, which would give rise to depreciation deductions.
  • Forego claiming big first-year Section 179 deductions or bonus depreciation deductions on new depreciable assets and instead depreciate the assets over a number of years.
  • Determine whether professional fees and employee salaries associated with a long-term project could be capitalized, which would spread out the costs over time.
  • Buy bonds at a discount this year to increase interest income in future years.
  • If allowed, put off inventory shrinkage or other write-downs until a year with a higher tax rate.
  • Delay charitable contributions into a year with a higher tax rate.
  • If allowed, delay accounts receivable charge-offs to a year with a higher tax rate.
  • Delay payment of liabilities where the related deduction is based on when the amount is paid.

Contact us to discuss the best tax planning actions in the light of your business’s unique tax situation.

© 2024

Stay up to date! Subscribe to our future blog posts!


Don’t have a tax-favored retirement plan? Set one up now

If your business doesn’t already have a retirement plan, it might be a good time to take the plunge. Current retirement plan rules allow for significant tax-deductible contributions.

For example, if you’re self-employed and set up a SEP-IRA, you can contribute up to 20% of your self-employment earnings, with a maximum contribution of $69,000 for 2024 (up from $66,000 for 2023). If you’re employed by your own corporation, up to 25% of your salary can be contributed to your account, with a maximum contribution of $69,000. If you’re in the 32% federal income tax bracket, making a maximum contribution could cut what you owe Uncle Sam for 2024 by a whopping $22,080 (32% × $69,000).

Other possibilities

There are more small business retirement plan options, including:

  • 401(k) plans, which can even be set up for just one person (also called solo 401(k)s),
  • Defined benefit pension plans, and

Depending on your situation, these plans may allow bigger or smaller deductible contributions than a SEP-IRA. For example, for 2024, a participant can contribute $23,000 to a 401(k) plan, plus a $7,500 “catch-up” contribution for those age 50 or older.

Watch the calendar

Thanks to a change made by the 2019 SECURE Act, tax-favored qualified employee retirement plans, except for SIMPLE-IRA plans, can now be adopted by the due date (including any extension) of the employer’s federal income tax return for the adoption year. The plan can then receive deductible employer contributions that are made by the due date (including any extension), and the employer can deduct those contributions on the return for the adoption year.

Important: This provision didn’t change the deadline to establish a SIMPLE-IRA plan. It remains October 1 of the year for which the plan is to take effect. Also, the SECURE Act change doesn’t override rules that require certain plan provisions to be in effect during the plan year, such as the provisions that cover employee elective deferral contributions (salary-reduction contributions) under a 401(k) plan. The plan must be in existence before such employee elective deferral contributions can be made.

For example, the deadline for the 2023 tax year for setting up a SEP-IRA for a sole proprietorship business that uses the calendar year for tax purposes is October 15, 2024, if you extend your 2023 tax return. The deadline for making a contribution for the 2023 tax year is also October 15, 2024. For the 2024 tax year, the deadline for setting up a SEP and making a contribution is October 15, 2025, if you extend your 2024 tax return. However, to make a SIMPLE-IRA contribution for the 2023 tax year, you must have set up the plan by October 1, 2023. So, it’s too late to set up a plan for last year.

While you can delay until next year establishing a tax-favored retirement plan for this year (except for a SIMPLE-IRA plan), why wait? Get it done this year as part of your tax planning and start saving for retirement. We can provide more information on small business retirement plan options. Be aware that, if your business has employees, you may have to make contributions for them, too.

© 2024

Stay up to date! Subscribe to our future blog posts!