Identity Theft Program Template for Low-Risk Entities

The Federal Trade Commission published a compliance template designed to assist financial institutions and creditors “at low risk for identity theft” in developing the Identity Theft Prevention Program required by the FTC’s Identity Theft Red Flags and Address Discrepancies Rule: Complying with the Red Flags Rule: A Do-It-Yourself Prevention Program for Businesses and Organizations at Low Risk for Identity Theft (.pdf)

The Red Flags Rule requires many businesses and organizations to implement a written Identity Theft Prevention Program to detect the “red flags” of identity theft in their operations. By focusing on red flags, you should be better able to spot an imposter using someone else’s identity. The Rule applies to companies that provide products or services and bill customers later. To find out if the Red Flags Rule applies to your business, read Fighting Fraud with the Red Flags Rule: A How-To Guide for Business (.pdf).

The FTC has designed the compliance template to help businesses  at low risk for identity theft design their own Identity Theft Prevention Program. In Part A, you determine whether your business or organization is at low risk. In Part B, if your business is in the low risk category, the template helps you to design your written Identity Theft Prevention Program.

Join Me at the Enterprise 2.0 Conference in Boston

enterprise 2.0 conference

I have been spending less time in the Enterprise 2.0 movement as a result of switching my career from knowledge management to compliance. Steve Wylie thought it would be a nice fit to have me bring my compliance perspective to The Evening in the Cloud program at this year’s Enterprise 2.0 Conference.

Any vendors presenting are forewarned that they had better be ready to answer questions on how their product deals with data privacy, records retention policies, and government regulation.

Bob Schiller’s Course on Financial Markets at Yale

yale-button
Yale University has published the lectures from its Economics 252 course on YouTube. There are 26 lectures from Robert Schiller and some of his guests during the Spring of 2008. (Yes, that Robert Schiller.) This ECON 252 course is one of several courses available from Open Yale. These are selected lectures and other materials from selected Yale College courses that they make available to the public free of charge through the internet.

If you want to be effective at compliance, you need to understand how the financial markets work. These videos provide some great information, background, and theory on the financial markets.  (If only they were podcasts so I could watch and listed during the commute.)

ECON 252 Course Summary: Financial institutions are a pillar of civilized society, supporting people in their productive ventures and managing the economic risks they take on. The workings of these institutions are important to comprehend if we are to predict their actions today and their evolution in the coming information age. The course strives to offer understanding of the theory of finance and its relation to the history, strengths and imperfections of such institutions as banking, insurance, securities, futures, and other derivatives markets, and the future of these institutions over the next century.

Each of the 26 seminars is 75 minutes. Here are the individual seminars.

1. Finance and Insurance as Powerful Forces in Our Economy and Society

2. The Universal Principle of Risk Management: Pooling and the Hedging of Risks

3. Technology and Invention in Finance

4. Portfolio Diversification and Supporting Financial Institutions

5. Insurance: The Archetypal Risk Management Institution

6. Efficient Markets vs. Excess Volatility

7. Behavioral Finance: The Role of Psychology

8. Human Foibles, Fraud, Manipulation, and Regulation

9. Guest Lecture by David Swensen

10. Debt Markets: Term Structure

11. Stocks

12. Real Estate Finance and its Vulnerability to Crisis

13. Banking: Successes and Failures

14. Guest Lecture by Andrew Redleaf

15. Guest Lecture by Carl Icahn

16. The Evolution and Perfection of Monetary Policy

17. Investment Banking and Secondary Markets

18. Professional Money Managers and Their Influence

19. Brokerage, ECNs, etc.

20. Guest Lecture by Stephen Schwarzman

21. Forwards and Futures

22. Stock Index, Oil and Other Futures Markets

23. Options Markets

24. Making It Work for Real People: The Democratization of Finance

25. Learning from and Responding to Financial Crisis I (Lawrence Summers)

26. Learning from and Responding to Financial Crisis II (Lawrence Summers)

You’re a Victim of a Ponzi Scheme, But What About Your State Taxes?

IRS_Logo

You missed the warning signs and got suckered into a Ponzi scheme. The IRS offered some tax relief for long-term Ponzi scheme investors (like some of the Madoff victims) who have paid taxes on gains from the investment. The IRS clarified the federal tax law governing the treatment of losses in Ponzi schemes. They also set out a safe harbor method for computing and reporting the losses.

The revenue ruling (2009-9) addresses the difficulty in determining the amount and timing of losses from Ponzi schemes and the prospect of recovering the lost money. The revenue procedure (2009-20) simplifies compliance for taxpayers by providing a safe-harbor for determining the year in which the loss is deemed to occur and a simplified means of calculating the amount of the loss.

But what about state taxes?

California: On March 25, 2009, the California Franchise Tax Board announced that the federal guidance (Revenue Ruling 2009-9 and Revenue Procedure 2009-20) regarding the treatment of Madoff-related or other Ponzi scheme losses would be generally applicable for California purposes.

Connecticut: On April 9, 2009, the Connecticut Department of Revenue Services released Connecticut Announcement No. 2009(7), which describes the effect for Connecticut income tax purposes of the reporting of Madoff-related or other Ponzi scheme losses under the Revenue Procedure 2009-20 safe harbor and under Revenue Ruling 2009-9. In general, Connecticut does not allow federal itemized deductions for Connecticut income tax purposes. Thus, any theft loss deduction claimed by a taxpayer under the Revenue Procedure 2009-20 safe harbor will not affect a taxpayer’s 2008 Connecticut income tax liability. However, if the amount of a taxpayer’s theft loss deduction allowed under Revenue Ruling 2009-9 or Revenue Procedure 2009-20 creates an NOL, then the taxpayer must file amended Connecticut income tax return(s) for the year(s) to which such NOL may be carried back for federal income tax purposes.

Massachusetts: On March 20, 2009, Massachusetts issued: “Notice—Individual Investors; Investments in Criminally Fraudulent Ponzi-type Schemes and Reporting of Fictitious Investment Income.” Massachusetts did not adopt the Revenue Procedure 2009-20 safe harbor in the case of individual investors since Massachusetts tax law does not recognize the theft loss deduction provided under federal tax law.

New Jersey: On April 2, 2009, the New Jersey Division of Taxation had issued guidance on the treatment of Madoff-related
or other Ponzi scheme losses for New Jersey gross income tax purposes. Under this guidance, taxpayers are allowed a theft
loss deduction for New Jersey gross income tax purposes in an amount equal to the original investment plus the income
reported in prior years minus distributions received in prior years. New Jersey does not allow NOL carrybacks or carry
forwards.

New York: On May 29, 2009, the New York State Department of Taxation and Finance issued guidance TSB-M-09(7)I (.pdf) on the
reporting of Madoff-related or other Ponzi scheme losses. In general, New York State will recognize the Revenue Procedure
2009-20 safe harbor.

For more information, Seyfarth Shaw put together some information: Some States Have “Weighed In” on Tax Treatment of Madoff-Related and Other Ponzi Scheme Losses (.pdf)

The SEC’s Office of Inspector General and Form D

sec-oig

The SEC’s Office of Inspector General has released its Semiannual Report to Congress (.pdf). I started off looking at how the OIG feels about the new Form D for securities sold under the Regulation D exemption: “Based on our review of Form D, we determined that certain revisions should be made to the form to better ensure that potential investors are not misled by information in a form filing and to further clarify the information that is reported on the form.” [Page 32]

What Blogging Brings to Business

This post is republished from my original post on KM Space on June 10, 2008: What Blogging Brings to Business.

Enterprise 2.0 Conference Boston 2008

Blogs are powerful communication platforms that allow you to capture information you find interesting and to share it with an “audience” who can talk back to you. This panel of five business bloggers with a combined blogging lifetime of 19 years has generated business, communicated the concerns of its customers, experimented, and broken new ground through their blogs. Topics we’ll cover include: Blogging as knowledge management, Blogging as a conversation, Blogging for “fame and fortune”, Blogging as a platform for experimentation, and Blogging to reduce internal spam. Come join us to share your experiences and have the chance to speak at length with experienced bloggers.

  • Moderator – Jessica Lipnack, CEO, NetAge
  • Speaker – Bill Ives, Web 2.0 Consultant and Writer, Portals and KM
  • Speaker – Cesar Brea, Partner, Force Five Partners
  • Speaker – Doug Cornelius, Knowledge Management Attorney, Goodwin Procter LLP

My Notes:

I was on this panel, so I have limited notes, but will try to reconstruct some information. You should also checkout some other blog posts about this panel:

  • Enterprise 2.0 Blog post by David Spark
  • I will add any others in the comments. You should feel to also link to your blog posts in the comments.

As Jessica posted [Bloggers at Taste], the panel got together to discuss an agenda. We had a great conversation and thought it would translate well to the audience.

Our audience was very interactive. Maybe too interactive. It was hard to keep pulling the discussion back to the topic. The participants seemed to be looking at two different aspects: What external blogging can bring to business and what internal blogging can bring to business. My take is that internal blogs (at least in the classic sense) are just limiting their audience. But blogs are flexible tools that you can do lots of things with inside the enterprise.

The session started with an introduction by the panel about their blogs:

Then Jessica asked the bloggers in the audience to introduce themselves and their blog. I was not able to grab the whole list, but here are some:

We moved onto why we blog and who we blog for. One common theme among the panel was blogging as a personal knowledge management tool. We all found the blog to be a great way to capture information in a way that is easy to categorize, where it is easy to find the content. As a personal knowledge management tool, I blog for me. These notes are for me to reuse. That you are reading is a by-product.

We spent some time off on a tangent about who should blog, who should be forced to blog and who should not blog. I spent a fair amount of this conversation time in the back-channel on the Enterprise 2.0 Community site for the Conference.

A blog is an excellent way to display expertise, whether the blog is internal or external. It is one thing to paint yourself as an expert. It is much more effective to prove your expertise through your writings and information you push out.

We ran out of time, but here are some other thoughts I wanted to get out:

Internally, the blog can act differently. Scott Niesen, Director of Marketing, Attensa brought this up nicely earlier today in the Enterprise RSS session when he said you should draw a distinction between what “need to respond” and “need to know.” A blog is a communication tool. It is well suited to what you need to know. Email is better for information that has a need to respond. Take a look at you email flow and think about how much of this you need to react to. Most of it is just information you need to know. But by the information being pushed into email, my inbox is acting as my content management system. A blog or a collection of blogs makes a much better content management system. It is easier to search, easier to find content and easier to add content.

Other commentary and notes from the panel:

Principles of Federal Prosecution of Business Organizations

doj

At last week’s Compliance Week Conference, I saw a paradigm shift in thinking about the factors to be included in a compliance program. Most compliance programs have placed a lot of emphasis on the federal sentencing guidelines. After all, those guidelines give credit for having an effective compliance program. So you want to have an effective compliance program.

But by definition, the sentencing guidelines are only useful once the organization has been indicted and convicted with a crime. We are better off preventing the organization from being indicted in the first place. So, perhaps we are better off looking at the Principles of Federal Prosecution of Business Organizations (.pdf) from the Department of Justice.

The Principles are more nuanced than the Sentencing Guidelines. They take into account the issues of prosecutorial discretion. In contrast, the Sentencing Guidelines are a compromise between prosecutors, the defense bar and the judicial bench.

Enterprise 2.0 at Goodwin Procter

goodwinprocter_logo

Can law firms jump on the Enterprise 2.0 bandwagon? Lawyers are generally seen as conservative users of technology, preferring to use a quill and inkwell over a web-based publishing platform. David Hobbie shares some of the successes he has encountered in the adoption of Enterprise 2.0 at Goodwin Procter (.pdf – page 13) in the June 2009 issue of KM Pro Journal (.pdf)

Goodwin Procter was one of the early adopters of collaboration and knowledge sharing tools and has begun adopting the internal use of blogs and wikis as tools. This is a great article, summarizing some of the theory behind Enterprise 2.0, comparing it to knowledge management, and giving practical uses of these tools in a legal environment.

“More knowledge has been captured and stored because communications have been opened up to more authors and have been moved out of email “silo” and into public spaces. More knowledge transfer has occurred because the Enterprise 2.o tools are built to communicate, whether through alerts of new information, easy browseability through user-created structure, or through better search.”

I had the pleasure of working with David at Goodwin Procter during the initial deployment of the tools. I am happy to see that they continue to grow and succeed. You can read more from David at his blog: Caselines.

FCPA Visualization

fcpa-map

The number of Foreign Corrupt Practices Act charges and the size of the penalties have surged recently. The James Mintz Group pinpointed the location of every bribe that has led to an FCPA case in the last 10 years and illustrated them graphically.

The countries that have generated the most FCPA cases in the last decade are:

  • Nigeria with 11 cases
  • China with 10 cases
  • Iraq with 10 cases

You can see the full-sized map and more details in the June issue of Global Fact Gathering from the James Mintz Group.

Wrap Up of Compliance Week Conference

compliance-week-conference

It was a great few days in Washington D.C. at my first Compliance Week Conference.  The conference was packed with great presentations and discussions over its three days. In particular, it was great to spend time with Bruce Carton, Francine McKenna, Scott Cohen, Matty Kelly and Alex Howard.

Below are links to some stories from the conference:

For Compliance Week subscribers:

Fighting a cold during the conference, I was the guy generating the cacophony of coughs.  But I did manage to keep notes during the sessions I attended:

I am looking forward to Compliance Week 2010.

UPDATED with new links