Author Archives: Jim Loeffler

  • 0

Tax Certainty Restored to Wealth Transfers Involving Family-Controlled Entities

Just in time for Halloween, Treasury decided to vanquish the "Phantom Value" that would have adversely affected the tax impact of transfers of family-controlled interests.

Phantom Value

Valuation practitioners, wealth advisors, estate tax attorneys and their clients can breathe a sigh of relief.  Onerous proposed changes to the treatment of the transfer of interests in family-controlled entities will not be enacted.  On October 2, the Treasury issued its final decision not to adopt the proposed changes to IRC Section 2704.


IRC Section 2704 addresses certain tax-related valuation issues in the transfer of interests in family-controlled entities.  Since its enactment in 1990, the goal (and effect) of Section 2704 has been to limit the applicability of certain valuation discounts – mainly lack of control and marketability – that decrease the fair market value of such transfers.  Specifically, it treats the lapse of voting and liquidation rights as deemed transfers if the family controls the entity both before and after such transfers.  For example, if a decedent owned all of the limited partnership interests and a small general partnership interest in a limited partnership, their ability to liquidate the partnership technically ended upon their death.  However, Section 2704 recognized that the ability to liquidate simply passed to the decedent’s family heirs.  Therefore, there would be no discount for the lack of control.

Proposed Changes

Proposed changes to Section 2704 would have expanded the restrictions on the use of discounts for lack of control and marketability, which would have had far-reaching, negative tax consequences for transferees.  Specifically:

  • State law default restrictions would no longer be considered.  In short, any restrictions imposed by state law on the ability of a partner or shareholder to dissolve the entity (that can be made more restrictive by family members via by-laws) would be disregarded.  Eliminating restrictions eliminates the discount for lack of control, and hence increases the fair market value of the interest for tax purposes.


  • A new group of disregarded restrictions would be created.  Generally speaking, the holder of an interest has a put option on that interest that allows them to sell it back to the entity for an amount at least equal to their pro-rata share of the net value of the entity in exchange for cash or property.  The reality is that such liquidity within a family-controlled entity does not typically exist.  This provision would have resulted in a “phantom” value, which would have increased the fair market value of the interest for tax purposes.


  • Deaths within three years would have expanded the requirement to disregard certain transfer restrictions.  This would have essentially expanded the original provision of Section 2704, from “upon the death of the decedent” to “within three years of the death of the decedent”.  The phantom value of the ability to liquidate the entity would have been added back to the value of the decedent’s estate.  In addition to the higher taxable value, consider the practical difficulty in estate administration and the residual risk to the estate and heirs.


  • Covered entities would have been defined more broadly.  Limited liability companies, regardless of whether they were disregarded entities for tax purposes, would have been included (corporations and partnerships were included as part of the original provisions).


  • The ability of nonfamily members to restrict the transferability of interests would no longer be considered, unless certain, very stringent conditions exist.

An Alternate Reality

Equally important, while the proposed changes outlined the effect of new regulations, they fell far short with respect to their practical implementation.  Ultimately, this is what doomed their enactment.  We valuation practitioners would have faced too much uncertainty with respect to the phantom value created by a reality that does not exist.  Lack of control and marketability in family interests indeed result in very real economic restrictions – restrictions that must be reflected in the applicable fair market value interest.

Related:  Treasury’s Decision to Withdraw Proposed Regulations Entirely

  • 0

What You Can Do to Reduce the Cost of a Data Breach

As we note in our Cyber Security services, according to the 2017 Poneman Institute Study, the average cost of a data breach in the U.S. was $7.3M, or $225.00 per compromised record in 2016.  The chart below, cited as Figure 7 in the Ponemon Study, illustrates the impact of 20 factors on the per capita cost of a data breach.


Ponemon U.S. Data Breach Cost Factors

Clearly, there are many steps organizations can take to reduce the average cost of a data breach.  For example, creating an incident response team could reduce the per capita cost from $225 to $199.  The extensive use of encryption, employee training, and business continuity management involvement also significantly reduce breach costs.  With respect to insurance protection, it will be interesting to see how the current cost reduction of $9.90 per compromised record will change as the cyber insurance market continues to evolve.  According to A.M. Best, the cyber insurance market topped $1 billion in 2016, with more insurers moving to standalone policies.  By separating cyber risk from commercial, business interruption, and D&O coverage, carriers will be able to better target and implement exclusionary language.  We believe that this will increase insureds’ demand for forensic accounting services to clearly categorize, quantify and validate cyber losses that meet coverage criteria.

On the other end of the spectrum, third-party involvement (customers, suppliers, and other stakeholders in the value chain) represent the highest increase.  This is a perennial problem, as organizations struggle with how to most effectively deal with the inherent risk posed by smaller and less sophisticated partners.  The Target breach is a good example of this issue.  There is only so much organizations can do to inoculate themselves from risks posed by smaller members of their value chain.  While they can issue directives and impose stricter security requirements on smaller partners, organizations are not in the business of being cyber security consultants.  On the vendor side, supplier diversity programs – as they apply to small business – may take a back seat to security considerations – even at the expense of moving to larger vendors who charge more for their products and services.

Compliance failures, too, continue to be a major thorn in the side of organizations, and data breach costs are just one more manifestation.  Compliance systems only work when we humans obey the rules of engagement with those systems.  Did you know that six months before its mega breach, Target installed a $1.6 million malware detection system that worked exactly as planned when intruders began stealing PII?   However, the company’s security staff ignored the automatic warnings from the system (Fraud Magazine, November/December 2015).

  • 0

To Fraudsters, Your LinkedIn Profile IS a Consumer Report

An inter­est­ing post in Cor­po­rate describes a dis­missed law­suit plain­tiffs brought against LinkedIn.  Plain­tiffs claimed LinkedIn’s search func­tion allowed poten­tial employ­ers to see past jobs and ref­er­ences, and in plain­tiffs’ case, dis­cover infor­ma­tion that reflected neg­a­tively on them.  The suit was thrown out, as the judge ruled that LinkedIn serves only as an infor­ma­tion gath­er­ing ser­vice, and not akin to a con­sumer report under the Fair Credit Report­ing Act, as claimed by the plaintiffs.

I’ll leave it to the attor­neys to com­ment on this rul­ing, one way or the other.  What inter­ests me is that while the courts (at least so far), don’t deem LinkedIn to be a “con­sumer report”, iden­tity thieves cer­tainly do, and will con­tinue to do so, as long as LinkedIn mem­bers con­tinue to post cer­tain per­sonal infor­ma­tion.  Birth­days, for exam­ple pro­vide fraud­sters with one more piece of per­sonally identifiable (PII) infor­ma­tion that, in com­bi­na­tion with oth­ers, can be used to steal one’s iden­tity.  Post­ing a birth­date — even if only the month and the day — might seem innocu­ous enough.  After all, it does pro­vide your net­work to engage you in another way.  But if your pro­file lists your dates of employ­ment (if not when you grad­u­ated), iden­tity thieves will do the math and find the year you were born.

Fraud­sters have sev­eral options once they have all of the infor­ma­tion they need:  They could sell your infor­ma­tion to other iden­tity thieves; open credit cards in your name or access your bank accounts; or socially engi­neer their way into your com­pany or orga­ni­za­tion for a mother lode of sen­si­tive cor­po­rate and con­sumer infor­ma­tion (e.g. IP, trade secrets, cus­tomer account infor­ma­tion, etc.).

So far, we’re only talk­ing about per­sonal infor­ma­tion on LinkedIn, one of the most pro­fes­sional social net­work­ing sites out there.  What infor­ma­tion are you divulging on Face­book?  Insta­gram?  Twit­ter?  Snapchat?  We all have infor­ma­tion out there on the web.  My hope is that this will pro­vide an impe­tus to review your LinkedIn pro­file and your other social net­work accounts to help reduce your risk of iden­tity theft.

  • 0

A Successful Response to FCPA Violations

This is an excel­lent exam­ple of how the com­bi­na­tion of an anony­mous tip line and proac­tive man­age­ment min­i­mized the finan­cial impact of FCPA vio­la­tions. How­ever, one has to won­der whether these FCPA violations could have been uncov­ered dur­ing due dili­gence pro­ce­dures, even if these subs were merely part of a larger tar­get that was acquired. Iden­ti­fy­ing and test­ing accounts with inher­ent FCPA risk (freight and other high-volume accounts and pro­mo­tional prod­uct and other sales and mar­ket­ing accounts) might have caught this sooner.

LinkedIn Auto Publish Powered By :