Claiming a theft loss deduction if your business is the victim of embezzlement

A business may be able to claim a federal income tax deduction for a theft loss. But does embezzlement count as theft? In most cases it does but you’ll have to substantiate the loss. A recent U.S. Tax Court decision illustrates how that’s sometimes difficult to do.

Basic rules for theft losses 

The tax code allows a deduction for losses sustained during the taxable year and not compensated by insurance or other means. The term “theft” is broadly defined to include larceny, embezzlement and robbery. In general, a loss is regarded as arising from theft only if there’s a criminal element to the appropriation of a taxpayer’s property.

In order to claim a theft loss deduction, a taxpayer must prove:

  • The amount of the loss,
  • The date the loss was discovered, and
  • That a theft occurred under the law of the jurisdiction where the alleged loss occurred.

Facts of the recent court case

Years ago, the taxpayer cofounded an S corporation with another shareholder. At the time of the alleged embezzlement, the other original shareholder was no longer a shareholder, and she wasn’t supposed to be compensated by the business. However, according to court records, she continued to manage the S corporation’s books and records.

The taxpayer suffered an illness that prevented him from working for most of the year in question. During this time, the former shareholder paid herself $166,494. Later, the taxpayer filed a civil suit in a California court alleging that the woman had misappropriated funds from the business.

On an amended tax return, the corporation reported a $166,494 theft loss due to the embezzlement. The IRS denied the deduction. After looking at the embezzlement definition under California state law, the Tax Court agreed with the IRS.

The Tax Court stated that the taxpayer didn’t offer evidence that the former shareholder “acted with the intent to defraud,” and the taxpayer didn’t show that the corporation “experienced a theft meeting the elements of embezzlement under California law.”

The IRS and the court also denied the taxpayer’s alternate argument that the corporation should be allowed to claim a compensation deduction for the amount of money the former shareholder paid herself. The court stated that the taxpayer didn’t provide evidence that the woman was entitled to be paid compensation from the corporation and therefore, the corporation wasn’t entitled to a compensation deduction. (TC Memo 2021-66) 

How to proceed if you’re victimized

If your business is victimized by theft, embezzlement or internal fraud, you may be able to claim a tax deduction for the loss. Keep in mind that a deductible loss can only be claimed for the year in which the loss is discovered, and that you must meet other tax-law requirements. Keep records to substantiate the claimed theft loss, including when you discovered the loss. If you receive an insurance payment or other reimbursement for the loss, that amount must be subtracted when computing the deductible loss for tax purposes. Contact us with any questions you may have about theft and casualty loss deductions.

© 2021

The tax rules for deducting the computer software costs of your business

Do you buy or lease computer software to use in your business? Do you develop computer software for use in your business, or for sale or lease to others? Then you should be aware of the complex rules that apply to determine the tax treatment of the expenses of buying, leasing or developing computer software.

Purchased software

Some software costs are deemed to be costs of “purchased” software, meaning software that’s either:

  • Non-customized software available to the general public under a non-exclusive license or
  • Acquired from a contractor who is at economic risk should the software not perform. 

The entire cost of purchased software can be deducted in the year that it’s placed into service. The cases in which the costs are ineligible for this immediate write-off are the few instances in which 100% bonus depreciation or Section 179 small business expensing isn’t allowed or when a taxpayer has elected out of 100% bonus depreciation and hasn’t made the election to apply Sec. 179 expensing. In those cases, the costs are amortized over the three-year period beginning with the month in which the software is placed in service. Note that the bonus depreciation rate will begin to be phased down for property placed in service after calendar year 2022.

If you buy the software as part of a hardware purchase in which the price of the software isn’t separately stated, you must treat the software cost as part of the hardware cost. Therefore, you must depreciate the software under the same method and over the same period of years that you depreciate the hardware. Additionally, if you buy the software as part of your purchase of all or a substantial part of a business, the software must generally be amortized over 15 years.

Leased software

You must deduct amounts you pay to rent leased software in the tax year they’re paid, if you’re a cash-method taxpayer, or the tax year for which the rentals are accrued, if you’re an accrual-method taxpayer. However, deductions aren’t generally permitted before the years to which the rentals are allocable. Also, if a lease involves total rentals of more than $250,000, special rules may apply.

Software developed by your business

Some software is deemed to be “developed” (designed in-house or by a contractor who isn’t at risk if the software doesn’t perform). For tax years beginning before calendar year 2022, bonus depreciation applies to developed software to the extent described above. If bonus depreciation doesn’t apply, the taxpayer can either deduct the development costs in the year paid or incurred or choose one of several alternative amortization periods over which to deduct the costs. For tax years beginning after calendar year 2021, generally the only allowable treatment will be to amortize the costs over the five-year period beginning with the midpoint of the tax year in which the expenditures are paid or incurred.

If following any of the above rules requires you to change your treatment of software costs, it will usually be necessary for you to obtain IRS consent to the change.

Contact us

We can assist you in applying the tax rules for treating computer software costs in the way that is most advantageous for you.

© 2020

Audits Home in on Cybersecurity

In 2018, U.S. organizations that suffered a data breach lost an average of $7.91 million as a result. That’s the highest average organizational cost of all the countries and regions covered in the 2018 Cost of a Data Breach Study by IBM and independent research firm Ponemon Institute. Malicious or criminal attacks were the source of more than half of those breaches, rather than system glitches and human errors.

With so much at stake, it’s no surprise that auditors consider these issues when conducting their audit risk assessments. This audit season, prepare to answer questions about cybersecurity and the effectiveness of your company’s internal controls against cyberthreats.

Inspections of public companies

In recent years, Public Company Accounting Oversight Board (PCAOB) inspectors have interviewed auditors of companies that have experienced a breach into their computer systems to find out how the auditors and their firms responded to the incidents. They report that auditors today are increasingly focused on matters related to cybersecurity.

Audit firms have provided varying levels of guidance, both when assessing risk at the start of an engagement and when uncovering a cybersecurity incident that occurred during audit fieldwork or the period under audit.

“Many of the firms are actually factoring cybersecurity issues into their risk assessment at this point in time, and there is a real focus on developing real understanding about cybersecurity incidents,” reported William Powers, deputy director for technology in the PCAOB’s Division of Registration and Inspections.

Audit inquiries

Possible questions that auditors might ask during fieldwork include:

  • How does management identify and prioritize cyberrisks?
  • What kind of internal controls has management established to safeguard digital assets and sensitive data (such as formal policies and procedures, employee training and the use of security analytics)?
  • How does management monitor internal controls to ensure effective operation?
  • Does management have a detailed breach response plan?
  • If a breach occurred during the accounting period, how did management respond and how much did it cost?
  • Has the company purchased cyber liability and breach response insurance?

The PCAOB hasn’t yet found any material misstatements on a public company’s financial statements as a result of a cybersecurity breach. But there’s a risk that future attacks may affect financial reporting. So, the PCAOB is planning to expand its inspection program to explore what auditors are doing to protect clients’ data and stakeholder data.

Universal risk factor

PCAOB inspectors target audits of public companies. But private companies can also be victims of cyberattacks — and the effects may be even more devastating for companies with fewer resources to absorb the losses and assign dedicated staff to respond to breaches.

The increasing frequency and severity of cyberattacks underscores the need for auditors of entities of all sizes to update their procedures. It’s our job to ask key questions about cyberrisks and the effectiveness of your internal controls. The answers, in turn, can help you formulate more effective governance strategies.

© 2019

Cybersecurity Matters

Investors, lenders and other stakeholders have been vocal in recent years about pushing companies to provide more information in their financial reports about cybersecurity. Could your company do a better job disclosing cyberrisks and recent hacks?

Most public companies could do better, according to recent testimony during congressional hearings by Jay Clayton, Chairman of the Securities and Exchange Commission (SEC). Here are ways his agency is attempting to “refresh” the disclosure guidance.

Updating the guidance

The SEC doesn’t expect to overhaul its Disclosure Guidance: Topic No. 2, Cybersecurity. Rather, it plans to consider whether important information about cybersecurity should be disclosed to stakeholders within the context of the existing rules. For example, companies may need to beef up their management’s discussion and analysis (MD&A) and footnote disclosures to reflect potential cyberrisks and material financial implications of data breaches.

The current guidance on cybersecurity, which was published in 2011, doesn’t include a specific requirement for companies to disclose computer system intrusions. The SEC’s effort to update the guidance comes amid concerns that more public companies have been experiencing attacks to their computer systems, but their disclosures haven’t been timely or informative enough.

Changes in the works

Regulators in the SEC don’t know whether the update will be issued in the form of staff-level guidance or a regulatory release approved by the SEC’s commissioners. But they’ve decided to address two key areas in the update:

  • Financial reporting controls and procedures that identify and disclose cybersecurity threats in a timely manner, and
  • Corporate strategies and policies regarding cybersecurity prevention, detection and breach response.

Many companies welcome additional guidance from the SEC, because it can be difficult to determine the appropriate time to disclose a hack into their systems.

On the one hand, companies feel a responsibility to share relevant information openly and honestly with stakeholders. On the other, they don’t want to prematurely disclose information about a breach before they know the extent of the damage or to release inaccurate information that later needs to be revised. Company insiders may also be working with law enforcement, in which case they don’t want to disclose information that could compromise the investigation.

Team approach

Regardless of whether your business is public or private, it’s important to assemble a team of professional advisors — including legal, insurance and financial experts — to identify risk factors and to handle breach response, measure the impact and mitigate potential losses. We can help you provide transparent and timely information to your stakeholders.

© 2018

What Businesses Need to Know About the Tax Treatment of Bitcoin and Other Virtual Currencies

Over the last several years, virtual currency has become increasingly popular. Bitcoin is the most widely recognized form of virtual currency, also commonly referred to as digital, electronic or crypto currency.

While most smaller businesses aren’t yet accepting bitcoin or other virtual currency payments from their customers, more and more larger businesses are. And the trend may trickle down to smaller businesses. Businesses also can pay employees or independent contractors with virtual currency. But what are the tax consequences of these transactions?

Bitcoin 101

Bitcoin has an equivalent value in real currency and can be digitally traded between users. It also can be purchased with real currencies or exchanged for real currencies. Bitcoin is most commonly obtained through virtual currency ATMs or online exchanges.

Goods or services can be paid for using “bitcoin wallet” software. When a purchase is made, the software digitally posts the transaction to a global public ledger. This prevents the same unit of virtual currency from being used multiple times.

Tax impact

Questions about the tax impact of virtual currency abound. And the IRS has yet to offer much guidance.

The IRS did establish in a 2014 ruling that bitcoin and other convertible virtual currency should be treated as property, not currency, for federal income tax purposes. This means that businesses accepting bitcoin payments for goods and services must report gross income based on the fair market value of the virtual currency when it was received, measured in equivalent U.S. dollars.

When a business uses virtual currency to pay wages, the wages are taxable to the employees to the extent any other wage payment would be. You must, for example, report such wages on your employees’ W-2 forms. And they’re subject to federal income tax withholding and payroll taxes, based on the fair market value of the virtual currency on the date received by the employee.

When a business uses virtual currency to pay independent contractors or other service providers, those payments are also taxable to the recipient. The self-employment tax rules generally apply, based on the fair market value of the virtual currency on the date received. Payers generally must issue 1099-MISC forms to recipients.

Finally, payments made with virtual currency are subject to information reporting to the same extent as any other payment made in property.

Deciding whether to go virtual

Accepting bitcoin can be beneficial because it may avoid transaction fees charged by credit card companies and online payment providers (such as PayPal) and attract customers who want to use virtual currency. But the IRS is targeting virtual currency transactions in an effort to raise tax revenue, and it hasn’t issued much guidance on the tax treatment or reporting requirements. So bitcoin can also be a bit risky from a tax perspective.

To learn more about tax considerations when deciding whether your business should accept bitcoin or other virtual currencies — or use them to pay employees, independent contractors or other service providers — contact us.

© 2018