A copier lease should be used as a means to finance a large amount of money, not to hide actual costs from buyers. Unfortunately, because leasing can be confusing, many companies end up paying more than they should for their copiers. Your organization is likely printing less than ever, especially while people have shifted to working from home, but will this last?
Since regulations are loosening up and we can get together in groups again, companies are faced with deciding how and when to bring people back to the office. Perhaps over this last year, many of your paper-based processes have become digital out of pure necessity, and your print volume will never be the same because of it. Other processes simply had to be put on hold because they required in-person interactions. Telling the difference between the two can be difficult.
It is common practice for the copier industry to try to get companies to upgrade their copiers before their lease ends. You may get approached by your sales rep as far out as two years before your lease ends. Sometimes there are good intentions behind this: your copier is breaking down often, or there is software available on a newer copier that can significantly improve a process workflow. Unfortunately, most times, it is simply to keep you locked into your current vendor. There is no way to get out of paying the full amount for a copier lease. When you get “upgraded early,” all that happens is the remaining payments for your current lease are added to the principal for the new equipment lease. So in effect, you pay double the finance charges for whatever that amount is.
Example: Your monthly lease payment is $400 a month and you have 12 months remaining on the lease. Your copier vendor contacts you and says that you should consider upgrading early because you’ll get a great deal, and they’ll be able to lower your payment by $20 a month.
What happens behind the scenes: They add the amount you have remaining on your lease (in this example, $4,800) to the cost of the new equipment. Then, most likely, one of the following occurs:
The new equipment costs less to own than your current equipment, even with adding the $4,800 to the price. Thus your monthly payment will be less. But if you wait until the end of your lease, your monthly payment will be even lower because you won’t be adding the $4,800 to that.
The new equipment cost is comparable to your old equipment, but you save money on the monthly payment even with adding the $4,800 because the terms of the lease are different. For instance, they can give you a longer lease, or your maintenance costs were higher on your previous lease due to automatic price escalations. In either case, your monthly payment would be even lower if you wait until the end of the lease.
Because you are printing less, you will likely not need the same caliber of machine you have had in the past. Over the years, we have seen many times when companies had the copier equivalent of a school bus transporting only one person every day!
Before you upgrade early, I suggest you analyze your invoices over the past few years for how your volume has changed. Most salespeople are used to proposing the latest upgrade to whatever model you have that can print faster, but it may be more than what you need for the future. Do you anticipate more people returning to the office and are unsure how that will affect your volume? Depending on the costs, it may make sense to continue on a month-to-month agreement beyond your lease so you can have a good understanding of where your volume will be before committing to new devices.
As we emerged from 2020 into 2021, there were high hopes that we were returning to some level of normalcy. COVID vaccines were, restrictions were loosening up, and employees were starting to go back to work. It seemed we had weathered the storm. Fast forward eight months later and COVID is still the 800-pound gorilla sitting in the room. While COVID deaths are down, the delta variant has brought a resurgence to the pandemic and has created a whole new level of concerns and regulations that will continue to shape the landscape for the balance of 2021 and beyond.
The pandemic has dramatically changed the way business is done, and while it has created a significant level of hardship for everyone, it has had a particularly significant impact on the nonprofit sector, with agencies either in a state of feast or famine. Certain health and welfare organizations are experiencing significant levels of demand, while schools and arts and cultural organization are experiencing significant declines in services and revenue. Add to that staffing shortages, continued concerns with in-person fundraising events, and an everchanging regulatory environment, and it’s no wonder that many nonprofit leaders are finding themselves in crisis management mode.
So what does the future hold for the sector and what do organizations need to do?
RETURN TO STRATEGIC THINKING:
Over the last year and a half, the sector has been focused on dealing with the COVID crisis. That still needs to be a significant focus as agencies grapple with vaccination policies (employees and fundraising events), the HERO Act, and the complications of the various CARES Act funding options and how they interplay with government funding (see webinar). Nonprofit leaders also need to focus on where their organizations are going, how their operations and missions may have changed, new service models, changing policies, and more. The sector is dramatically changing, and organizations need to adjust to these changes. For many that may mean some level of merger or other affiliation, changes to delivery models, increased reliance on technology, increased diversity, and more. It might be time to dust off your organization’s strategic plan and set a new path for your organization.
HEAVIER RELIANCE ON TECHNOLOGY:
If there is a faint silver lining to the pandemic, it may be that the nonprofit sector advanced technologically by more than a decade over the last year, closing the gap between them and their for-profit brethren. This move to increased dependence on technology is going to need to continue to streamline operations, improve systems and controls, enhance security features, etc. Those organizations that get on-board will be able to enhance communications with donors, measure impact more effectively, monitor key operational indicators more closely, develop more flexible work environments, establish better checks and balances, and provide more meaningful and directed services. For instance, an organization working with the developmentally-disabled population is incorporating technology into consumer goals and experiences to maximize the level of service delivery and keep them connected during these difficult times. This connectivity will continue long after the pandemic is a chapter in the history books. Even so, organizations need to remember that increased technology means increased cybersecurity threats; something that is unfortunately on the rise. Nonprofits will need to continue to focus more energy on ensuring they are protecting information (HIPAA, donor, staff, etc.).
Flexible work arrangements will need to be the new norm. Study after study has shown that employees do not want to ever return to the pre-pandemic work environment. Nonprofits will need to find ways to create more flexible working arrangements for their staff, where possible. For many nonprofits that are involved in direct service delivery, this may not be easy, but to retain staff, it is going to be essential for agencies to be more creative in their staffing decisions. This is even more prevalent given the overall lack of quality staff in the marketplace.
The country has become very polarized across many demographics – race, religion, economic status, political party, vaccination choices, etc. As nonprofits, it is very important for organizations to be representative of the individuals they serve. This puts an increased emphasis on ensuring diversity is in place within your organization at all levels – the board, staff, committees, volunteers, vendors, etc. Those organizations that are able to achieve greater diversity will be in a better position to develop appropriate programming, reach underserved populations, and attract fundraising dollars.
CHANGING SERVICE DELIVERY:
We have been extremely isolated during the pandemic and have been called upon to find innovative and creative ways to deliver impactful service. It is essential that this trend continues. People need more services than ever before and they are looking for those services in different ways, different times, different places, etc. Organizations need to be more communicative and adaptive, really taking the time to understand the dynamic needs of their constituents and developing innovative ways to meet those needs. Regular communication and follow-up on how service delivery is effective/ineffective and how your agency can differentiate itself from other similar organizations can go a long way to ensure organizational longevity, especially given the regulatory environment we are in and the likelihood of increased consolidation.
Organizations need to look for ways to strategically collaborate with other agencies, governmental programs, and for-profit entities. It is important for agencies to develop joint programs, shared services, and linkage agreements with other nonprofits. Strong advocacy and open dialogue with funders are necessary to ensure that programmatic needs are being considered and appropriately funded. Nonprofits also need to approach the business community and donors differently. The days of “one size fits all” sponsorships are shrinking. Donors want more open communication, and they want to understand how their donations will be utilized to drive impact. Finally, it is important for agencies to understand that consolidation is going to happen. Government funders and regulators are calling for it. The question will be “what side of the equation will you be on, buyer or seller?”
We’ve lived through in-person fundraising prior to the pandemic and virtual fundraising during the pandemic. As we continue to emerge from the pandemic, fundraising will need to become a hybrid of the two, incorporating the flexibility and accessibility of a virtual event and the social aspects of a live event. This can happen through a single event (simulcasting) or through multiple events throughout the year (some in-person and some virtual).
The pandemic has brought about change, and nonprofits will need to pivot to remain relevant to everyone they interface with. While the sector has and will continue to undergo change due to the dynamic world we live in, a constant remains: nonprofits need to ensure that their voices and messages are heard. We may be communicating differently, but it is important that this communication continues to take place.
Ken is the Managing Partner of Cerini & Associates, LLP and is the executive responsible for the administration of our not-for-profit and educational provider practice groups. In addition to his extensive audit experience, Ken has been directly involved in providing consulting services for nonprofits and educational facilities of all sizes throughout New York State in such areas as cost reporting, financial analysis, Medicaid compliance, government audit representation, rate maximization, board training, budgeting and forecasting, and more.
Every nonprofit organization has a board of directors. Every nonprofit organization also has key management personnel. The board of directors govern the organization and its management to ensure that the mission of the nonprofit is being met and it is management’s responsibility to maintain the daily operations that meet that mission and report back to the board. Unfortunately, it is way too often that the line is blurred between board responsibilities and management responsibilities, resulting in inefficiencies within organizational operations and governance. It is crucial that these roles and responsibilities remain separate and that the board remains the governing body, not management.
Who is evaluating the executive director and how often does this occur? What kind of experience do board members bring to the table and is the board of the organization well-rounded? Are board members rotated out regularly? Who determines when a new board member should be brought on and what does the on-boarding process look like? Do proper committees exist to help meet the organizations mission and are those committees regularly communicating with management? Is the organizations reporting produced by management in a timely manner and is reporting consistent with expectations? Is the Board properly assessing risk and monitoring management effectiveness?
In today’s nonprofit, having that proper balance between the Board and management, with proper checks and balances, is going to yield the best results. Remember the Board sets policy, management implements the policy, and the Board monitors the effectiveness of such policy.
There should be regular evaluations of the executive director’s performance by the Board and it is the boards responsibility to establish the ED’s compensation. Is the ED performing effectively? The organization’s mission should be consistently reviewed with respect to all organizational decisions, and operations should be regularly evaluated to determine if they are aligned with the organization’s mission. Since funding is so important for nonprofit organizations, the board should be well-versed in finances. This includes reading and understanding financial statements, understanding organizational funding, and ensuring budgets are followed. Those budgets should be received and reviewed prior to the start of the new fiscal year.
Is the budget reasonable and can it realistically be met? What happens if there are declines in revenue … have contingency budgets been created and approved by the Board so the organization can react quickly?
Budget-to-actual reports should be reviewed regularly throughout the year to ensure the organization is on track and staying within budget, with significant fluctuations explained by management so the Board can appropriately understand and modify financial goals accordingly. At the end of the year, there should be a series of financial reporting created by management and provided to the board for final approval. How did the operations look at the conclusion of the year in comparison to the forecasted budget at the beginning of the year? The board should be investigating any expectations that are not met and making adjustments as necessary to ensure it doesn’t happen again.
The board is responsible for bringing on new board members. What does the on-boarding process look like? Boards should be taking a look at the experience of each member or potential member to ensure they have knowledge of finances, regulations, and standards of the specific industry for which they are governing. These areas should be addressed at all board meetings. Board members should be rotated out every few years to ensure the board doesn’t get stale. It is refreshing to bring in new members and obtain a new perspective. Be sure that terms are staggered so that the majority of the board isn’t all changed at once. Consider a mentoring program so that more senior board members of an organization mentor newer members coming onboard.
How does the Board communicate? Is there a Board portal for free flow of information and access to key documents? Do Board members understand their responsibilities? Are they outlined in a Board agreement?
Does the board have a proper committee structure? Common board committees should include a finance committee, an executive committee, a fundraising/development committee, an audit committee, and a governance/nominating committee. Management responsibility should go hand-in-hand with the committee structure of the board so that the committees, management, and the organization can effectively meet their goals. Establishing a proper committee structure can create efficiencies at Board meetings, can allow for additional expertise within an organization (non-voting community members), and provide for deeper review into issues.
Risk management should be reviewed by the executive director or designated individual regularly and should be reported to the board committees at every meeting. Assessing, understanding, and evaluating risk are key components of risk.
At the end of the day, having a Board and management that are in tune with each other, where management provides appropriate information in a timely basis to the Board and the board asks appropriate questions and brings to the table appropriate insight, will yield the best results for the organization they manage. This requires strong communication and open dialogue and it also requires everyone to know their roles.
Crystal is a member of Cerini & Associates’ audit staff where she focuses on serving organizations across a wide spectrum of industries, including nonprofit, technology, and contractor clients. She has experience performing assurance work and outsourced accounting work, as well as preparing tax returns. Crystal has extensive knowledge surrounding the operations, controls, and environment of the sectors she focuses on. She brings her expertise, diversified background, and helpful approach to all of her engagements.
The accounting world is never dull, despite what outward appearances and unfair stereotypes may lead one to believe. The Financial Accounting Standards Board (FASB) continually strives to improve the transparency, usefulness, and understandability of financial reporting formed by accounting principles Generally Accepted in the United States of America (GAAP). The unfortunate byproducts of this constant push towards improvement are chaotic periods of standards updates, transitions, and restatements. Just as sweeping new revenue recognition standards are being adopted and implemented, accountants now have to contend with more monsters that have been lurking beneath their beds – a slew of revised lease accounting rules (which we’ll call Accounting Standards Codification, or ASC, 842). ASC 842 will become effective for any financial years starting after December 15, 2021. So, for calendar year entities, that means you will need to implement the new accounting rules in 2022 (unless you have public bond offerings, in which case you should be adopting for the year ended 12/31/20). With these new rules come many new challenges. What we’ve outlined below is a general overview of the new lease standards (the nitty gritty of them is too expansive to fit into this abridged newsletter), the practical impacts for the companies and nonprofit organizations that are forced to adopt them, and our recommendations to best respond to these changes.
It’s hard to sufficiently boil down all of the major provisions of ASC 842, but just know that prior guidance required that capital leases be recorded as assets and related liabilities, with payments reducing the liability balance and creating interest expenses, while operating lease payments were charged directly to expenses, with no assets or liabilities created or affected. ASC 842 still mostly maintains the distinction between capital (now called financing) and operating leases, but all leases (including operating ones) will need to be recorded as right-of-use (ROU) assets and related liabilities. Certainly, there are intricacies to exactly how these assets and liabilities are valued, and how later payments are applied and recorded. Presentation on statements of cash flows and required disclosures are also different as a result of ASC 842 and depending on whether leases are financing or operating. For more detailed help on accounting of leases under ASC 842, consult our recent 2021 NFP Update. There are certain practical expedients available to nonprofits as well, and leases whose terms are shorter than one year may be exempt from the ASC 842 treatments.
The financial statement impact of adding these ROU assets and related liabilities can be significant. Organizations need to be prudent in foreseeing and anticipating these impacts so that candid conversations with key stakeholders can be held. The most obvious of these stakeholders are banks and other potential lenders who frequently attach covenants to lines of credit and other debt arrangements. These covenants typically factor in required interest payments (along with others) as some proportion of related debt. Do lease liabilities qualify as debt? Do the “interest” payments ascribed to these former-operating leases get carved out of these calculations? Debt arrangements tend to be conservative in nature, so it’s probably safe to assume that the most conservative interpretation likely applies. This means that your organization may be in compliance with certain debt coverage covenants in the pre-ASC 842 world but in violation in the post-ASC 842 world. Of course, it seems unfair and arbitrary, but it presents a problem nonetheless. Working capital ratios will be adversely affected as well, as the addition of ROU assets to the statement of financial position (balance sheet for for-profit entities) will principally be to the long-term section, where as a short-term portion of the related lease liability will be presented. So, if you have a current ratio or working capital covenant in place, be forewarned.
By now you realize how intimidating these new lease standards are, and how complicated and potentially-damaging their inevitable implementation will be for you and your organization. Proper planning is essential to best tackle these new standards. Start by identifying all lease arrangements and contracts that are impacted by the new standards. Begin to develop lists of their terms and analyze whether or not you think you can manage this implementation manually or if the volume and complexity is such that off-the-shelf software would be needed to assist. The more leases your organization enters, the more time and financial impact ASC 842 will have on your organization. From there you should determine whether or not you plan on restating prior years of financial statements or applying ASC 842 from the effective date-forward. It’s probably best to not restate though, unless you have a unique and compelling reason to do so. Speak with your auditors and look for their help and guidance to ensure that your proposed accounting treatment at the implementation date and forward seems accurate. Finally, and perhaps most importantly, you absolutely need to open dialogue with any major stakeholders who rely on your organization’s financial statements, be they banks, donors, government funding sources, the Board, or anyone else. They must be informed of the potential negative impact on your financial position, covenants, etc. so that you can proactively move forward and possibly modify current or future loan terms and/or seek covenant violation waivers.
It’s hard to not be cynical about ASC 842, or any major accounting standards updates for that matter. Does the supposed benefit truly outweigh the havoc created in transitioning? Debating the merits of these changes is a fruitless effort though. Look forward, not backward. ASC 842 is here to stay, so it’s best to preemptively understand its full impact on your organization and address any negative ramifications sooner rather than later. The clock is ticking. As always, we’re here to help.
Matt specializes in providing Cerini and Associates’ diverse array of midsized business clientele and nonprofit organizations with valuable consulting and assurance services. He prides himself on value-added, responsive, and innovative service to his clients; with a focus on forward-thinking and creative solutions. Matt has more than seventeen years of experience with many types of complex accounting, auditing, compliance, and general business matters that impact entrepreneurial, established, and nonprofit businesses.
NEW PRIVACY REGULATIONS ARE MAKING CYBERSECURITY A LEGAL REQUIREMENT
Let’s start with the good news. Many states within the USA are implementing privacy regulations to protect our individual data. As individuals this is good for us. Finally, companies will face serious consequences in the form of substantial fines for collecting more information than they disclosed, for sharing our information without our explicit consent, or for failing to take reasonable measures to protect our information. Keep that word, “reasonable,” in mind. We’ll be coming back to it.
GDPR GOT THE DATA PRIVACY BALL ROLLING
This started with the European Union implementing the General Data Protection Regulation (GDPR) back in May 2018. California was next, with the California Consumer Protection Act (CCPA). New York has joined the party with its (awkward acronym award winner) Stop Hacks and Improve Electronic Data Security Act (SHIELD) in March 2020. Of course, something else was going on in March 2020? No wonder we weren’t paying such close attention to new data privacy laws… There are many, many more laws to come, and federal legislation is in the works as well. You may think that in this highly partisan political environment it’s unlikely federal legislation will pass, but this issue has significant bi-partisan support.
LET’S BE REASONABLE
For purposes of this article, we are only focusing on one aspect of these new laws, something they all have in common. The requirement of “reasonable” measures to protect information. So, what do “reasonable” measures look like?
Note that the word “reasonable” has a specific legal definition with a long history within the legal system (cool fact, one of the people most responsible for the “reasonableness” standard was, no joke, named “Learned Hand”). For purposes of “reasonable” cybersecurity measures, the Federal Trade Commission provides this language:
“Employing reasonable safeguards to protect the confidentiality, integrity, or availability of data given the type, amount, and sensitivity of that data in relation to the size, sophistication, and capability of the organization.”
IF YOU COLLECT IT, PROTECT IT
But SHIELD provides more specific details, which is quite helpful for those looking to achieve compliance. SHIELD suggests that a “reasonable” cybersecurity program should include, at a minimum:
Designation and training of employees to coordinate cybersecurity compliance;
The use of third-party service providers capable of maintaining appropriate cybersecurity practices, with safeguards required by contract;
Risk assessment of the company’s cybersecurity program, including both the network and software design and the information processing, transmission, and storage;
Processes and physical safeguards to detect, prevent, and respond to attacks or system failures;
Monitoring and testing of the effectiveness of the cybersecurity program;
Processes to safely, securely, and permanently dispose of data within a reasonable amount of time after it is no longer needed for business purposes; and
Updates to the program periodically to address changes in the business or circumstances that would require the program to be changed.
IF YOU FAIL ME, TELL ME
But SHIELD provides more specific details, which is quite helpful for those looking to achieve compliance. SHIELD suggests that
Also note that these regulations have requirements for data breach notification. In plain English, if you expose my data to an unauthorized party, you have to tell me about it within a reasonable timeframe. That timeframe ranges from law to law, but typically is between 72 hours at the minimum and 30 days at the maximum.
One aspect of the NYS SHIELD law that is ground-breaking is in how it defines what constitutes a breach. Under the law, a breach refers not only to unauthorized acquisition of protected information, but any unauthorized access to protected information.
For example, access would apply to a situation where an employee of an organization is the victim of a phishing attack, his or her credentials are compromised, providing a cybercriminal with access to personal information that the organization is storing. The cybercriminal does not have to obtain or copy information for it to be considered a breach by SHIELD standards.
If you want to get your cybersecurity program in shape (or start a cybersecurity program from scratch), then prepare for a shameless plug:
RoundTable’s Cybersecurity Program provides the very definition of “reasonable measures” for cybersecurity. To learn more about RoundTable’s Cybersecurity Program, book a brief discovery call with one of their experts or give them a call at 866-784-3543.