Through many of my conversations with CFOs, controllers and owners of mid-market and smaller companies, I’ve noticed a running theme that more emphasis should be placed on the tremendous opportunities afforded by the Hiring Incentives to Restore Employment (HIRE) Act (see this March 2010 MFA Perspectives for more detail on the HIRE Act). While most are vaguely aware that the Act was signed into law back in March of this year, there is less understanding of the tangible tax benefits this Act offers for private sector employers – for profit and nonprofit organizations – as well as state colleges and universities.

As companies once again look to expand their workforce, the HIRE Act tax incentives provide a boost of urgency for businesses to hire new workers. The payroll tax exemption puts money into a company’s cash flow immediately, since the tax is simply not collected in the first place. Also worth mentioning is that the threshold to qualify for the full new hire retention tax credit is relatively low – $16,129 in wages will be required to earn the full $1,000 credit ($16,129 x 6.2 percent = $1,000).

Below is an outline of the new hiring and retention incentives, including important qualification criteria and details on how to claim the tax benefits. Execution, or a company’s ability to quickly recruit and hire, will be key to taking maximum advantage of these incentives. Hiring qualifying workers sooner rather than later will draw the most out of the Act, as the tax credits diminish over time and disappear completely by January 1, 2011.

Details of the New Tax Benefits

Payroll Tax Exemption

Gives a qualified employer an exemption from paying the employer share of Social Security employment taxes (6.2 percent of the first $106,800 of wages) for wages paid in 2010. (more…)

Although there is some evidence that the credit market is loosening, it is clear that the harsh lending environment of the past two years has taken a toll on a wide range of businesses.  There are, however, tools that provide temporary help, including the government’s current policy on “loss carrybacks.”

As part of the original stimulus bill, the loss carryback provision gave qualifying companies that registered a loss on their current income tax return the opportunity to extend that loss into previous, profitable years.  Under the adjusted regulations, the field of qualifiers has been expanded to include most companies, and a loss booked for the 2008 or 2009 calendar year (but not both) can be carried back up to five years through amended returns.

A CNN article on loss carrybacks points out that the provision has resulted in “some giant refunds for big businesses — troubled homebuilder Lennar recently booked a $353 million tax gain from the provision — and a much bigger hit to the nation’s coffers. The Joint Committee on Taxation estimates the carryback change will cost the government $33.2 billion this year, though the 10-year cost of the break is smaller, because companies won’t be carrying 2009 losses forward to reduce their future tax bills. The committee’s estimate of the 10-year cost is $10.4 billion.”

The move isn’t unprecedented.  According to an article in CFO Magazine, the Bush Administration provided a similar opportunity following 9/11, and in 2009 the original amendment was available only to businesses with less than $15 million in revenue.  This time it applies to businesses of all sizes and includes pass-through entities as well as C-corporations.

Anecdotal evidence suggests that companies are finding real benefit - albeit short term - in the carryback provision.  Is it a measure you think will aid small to midsized companies through to a recovery?

One of the most significant tasks introduced in 2009 was presented by new guidelines under the Massachusetts Privacy Law, which requires a slew of changes to administrative and security processes.  Compliance calls for a significant overhaul for many companies, and the deadline is just around the corner: March 1, 2010.  The marketplace has demonstrated an urgent need for a new standard of  information protection, so we do not expect a great deal of leniency for those that fall behind.  Companies need to take the new law seriously, gear up, and put appropriate defenses in place around the personal information of their employees and customers.

This is without question a daunting call to action, however the need for the law remains unquestioned.  In fact, a report published by the Office of Consumer Affairs and Business Regulation [PDF] notes that since 2007, over 1 million Massachusetts residents have been impacted by security breaches.  The report states that 495 incidents were criminal in nature, while 312 “generally demonstrated poor employee handling of residents’ personal information, including transporting sensitive data, either in disregard of company policies, or in an environment without sufficient policies in place to secure such information.”

A few additional findings from the report include:

- The OCABR received 807 notifications of security breaches

- Most breaches (76 percent) were electronic in nature

- It may have been expected that financial services breaches impacted the highest number of individuals (707,305), but it is perhaps a bit surprising to find that the second greatest impact was felt from incidents involving the education sector (130,161)

The law takes aim at improving defenses against the criminal element while shoring up process to reduce risk of negligent handling of data.  And most importantly, it applies to — by the letter of the law — all persons that “own or license” personal information from a resident of the Commonwealth, specifically any individual or company that “Receives, stores, maintains, processes, or otherwise is permitted access to personal information through its provision of goods or services directly to a person that is subject to this regulation.”

That means pretty much everyone.

The most important step to compliance might be the WISP - a Written Information Security Program (WISP) that ensures the security and confidentiality of personal information in both physical and electronic format. The actual scope and complexity of a WISP will vary depending on an organization’s size and scope of business, availability of resources, nature and quantity of data stored, and the need for security and confidentiality of both consumer and employee information.

There is of course much more to understand before diving in. We encourage you to take a look at this 2009 Perspectives article for more detail, including specific action items and consequences for failing to comply.