Skip to Main Content

insightsarticles

Higher education and blockchain 101: It's not just for bitcoin anymore

01.04.19

As a new year is upon us, many people think about “out with the old and in with the new”. For those of us who think about technology, and in particular, blockchain technology, the new year brings with it the realization that blockchain is here to stay (at least in some form). Therefore, higher education leaders need to familiarize themselves with some of the technology’s possible uses, even if they don’t need to grasp the day-to-day operational requirements. Here’s a high-level perspective of blockchain to help you answer some basic questions.

Are blockchain and bitcoin interchangeable terms?

No they aren’t. Bitcoin is an electronic currency that uses blockchain technology, (first developed circa 2008 to record bitcoin transactions). Since 2008, many companies and organizations utilize blockchain technology for a multitude of purposes.

What is a blockchain?

In its simplest terms, a blockchain is a decentralized, digital list (“chain”) of timestamped records (“blocks”) that are connected, secured by cryptography, and updated by participant consensus.

What is cryptography?

Cryptography refers to converting unencrypted information into encrypted information—and vice versa—to both protect data and authenticate users.

What are the pros of using blockchain?

Because blockchain technology is inherently decentralized, you can reduce the need for “middleman” entities (e.g., financial institutions or student clearinghouses). This, in turn, can lower transactional costs and other expenses, and cybersecurity risks—as hackers often like to target large, info-rich, centralized databases.

Decentralization removes central points of failure. In addition, blockchain transactions are generally more secure than other types of transactions, irreversible, and verifiable by the participants. These transaction qualities help prevent fraud, malware attacks, and other risks and issues prevalent today.

What are the cons of using blockchain technology?

Each blockchain transaction requires signature verification and processing, which can be resource-intensive. Furthermore, blockchain technology currently faces strong opposition from certain financial institutions for a variety of reasons. Finally, although blockchains offer a secure platform, they are not impervious to cyberattacks. Blockchain does not guarantee a hacker-proof environment.

How can blockchain benefit higher education institutions?

Blockchain technology can provide higher education institutions with a more secure way of making and recording financial transactions. You can use blockchains to verify and transfer academic credits and certifications, protect student personal identifiable information (PII) while simultaneously allowing students to access and transport their PII, decentralize academic content, and customize learning experiences. At its core, blockchain provides a fresh alternative to traditional methods of identity verification, an ongoing challenge for higher education administration.

As blockchain becomes less of a buzzword and begins to expand beyond the realm of digital currency, colleges and universities need to consider it for common challenges such as identity management, application processing, and student credentialing. If you’d like to discuss the potential benefits blockchain technology provides, please contact me.

Related Industries

This spring, I published a blog about the importance of data governance in higher education institutions. In the summer, a second blog covered implementing baseline principles for data governance. With fall upon us, it is time to transition to discussing three critical steps to create a data governance culture. 

1.    Understand the people side of change.

The culture of any organization begins and ends with its people. As you know, people are notoriously finicky when it comes to change (especially change like data governance initiatives that may alter the way we have to understand or interact with institutional data). I recommend that any higher education institution apply a change management methodology (e.g., Prosci®, Lewin’s Change Management Model) in order to gauge the awareness of, the desire for, and the practical realities of this change. If you apply your chosen methodology in an effective and consistent manner, change management will help you increase buy-in and break down resistance. 

2.    Identify and empower the right people for the right roles.

Higher education institutions often focus on data governance processes and technologies. While this is necessary, you can’t overlook the people part of data governance. In fact, you can argue it is the most important part, because without people, there will be no one to follow the processes you create or use the technologies you implement. 

To find the right people, you need to identify and establish three specific roles for your institution: data trustees, data stewards, and data managers. Once you have organized these roles and responsibilities, data governance becomes easier to manage. Some definitions:

Data trustees (the sponsors) – senior leadership (or designees) who oversee data policy, planning, and management. Their responsibilities include: 

  • Promoting data governance 
  • Approving and updating data policies​​
  • Assigning and overseeing data stewards
  • Being responsible for data governance

Data stewards (the owners) – directors, managers, associate deans, or associate vice presidents who manage one or more data types. Their responsibilities include:

  • Applying and overseeing data governance policies in their functional areas
  • Following legal requirements pertaining to data in their functional areas
  • Classifying data and identifying data safeguards
  • Being accountable for data governance

Data managers (the caretakers) – data system managers, senior data analysts, or functional users (registrar, financial aid, human resources, etc.) who perform day-to-day data collection and management operations. Their responsibilities include:

  • Implementing data governance policies in their functional areas
  • Resolving data issues in their functional areas 
  • Provide training and appropriate documentation to data users
  • Being informed and consulted about data governance

3.    Be consistent and hold people accountable.

Ultimately, your data governance team needs accountability in order to thrive. Therefore, it is up to data trustees, data stewards, and data managers to hold regular meetings, take and distribute meeting notes, and identify and follow up on meeting action items. Without this follow through, data governance initiatives will likely stall or stop altogether. 

More information on data governance 

Are you still curious about additional guiding principles of data governance in higher education? Please contact the team
 

Article
People Power: Enacting Sustainable Data Governance

Read this if you are an Institutional Research (IR) Director, a Registrar, or are in the C-Suite.

In my last blog, I defined the what and the why of data governance, and outlined the value of data governance in higher education environments. I also asserted data isn’t the problem―the real culprit is our handling of the data (or rather, our deferral of data responsibility to others).

While I remain convinced that data isn’t the problem, recent experiences in the field have confirmed the fact that data governance is problematic. So much, in fact, that I believe data governance defies a “solid,” point-in-time solution. Discouraged? Don’t be. Just recalibrate your expectations, and pursue an adaptive strategy.

This starts with developing data governance guiding principles, with three initial points to consider: 

  1. Key stakeholders should develop your institution’s guiding principles. The team should include representatives from areas such as the office of the Registrar, Human Resources, Institutional Research, and other significant producers and consumers of institutional data. 
  2. The focus of your guiding principles must be on the strategic outcomes your institution is trying to achieve, and the information needed for data-driven decision-making.
  3. Specific guiding principles will vary from institution to institution; effective data governance requires both structure and flexibility.

Here are some baseline principles your institution may want to adopt and modify to suit your particular needs.

  • Data governance entails iterative processes, attention to measures and metrics, and ongoing effort. The institution’s governance framework should be transparent, practical, and agile. This ensures that governance is seen as beneficial to data management and not an impediment.
  • Governance is an enabler. The institution’s work should help accomplish objectives and solve problems aligned with strategic priorities.
  • Work with the big picture in mind. Start from the vantage point that data is an institutional asset. Without an institutional asset mentality it’s difficult to break down the silos that make data valuable to the organization.
  • The institution should identify data trustees and stewards that will lead the data governance efforts at your institution
    • Data trustees should have responsibility over data, and have the highest level of responsibility for custodianship of data.
    • Data stewards should act on behalf of data trustees, and be accountable for managing and maintaining data.
  • Data quality needs to be baked into the governance process. The institution should build data quality into every step of capture and entry. This will increase user confidence that there is data integrity. The institution should develop working agreements for sharing and accessing data across organizational lines. The institution should strive for processes and documentation that is consistent, manageable, and effective. This helps projects run smoothly, with consistent results every time.
  • The institution should pay attention to building security into the data usage cycle. An institution’s security measures and practices need to be inherent in the day-to-day management of data, and balanced with the working agreements mentioned above. This keeps data secure and protected for the entire organization.
  •  Agreed upon rules and guidelines should be developed to support a data governance structure and decision-making. The institution should define and use pragmatic approaches and practical plans that reward sustainability and collaboration, building a successful roadmap for the future. 

Next Steps

Are you curious about additional guiding principles? Contact me. In the meantime, keep your eyes peeled for a future blog that digs deeper into the roles of data trustees and stewards.
 

Article
Governance: It's good for your data

“The world is one big data problem,” says MIT scientist and visionary Andrew McAfee.

That’s a daunting (though hardly surprising) quote for many in data-rich sectors, including higher education. Yet blaming data is like blaming air for a malfunctioning wind turbine. Data is a valuable asset that can make your institution move.

To many of us, however, data remains a four-letter word. The real culprit behind the perceived data problem is our handling and perception of data and the role it can play in our success—that is, the relegating of data to a select, responsible few, who are usually separated into hardened silos. For example, a common assumption in higher education is that the IT team can handle it. Not so. Data needs to be viewed as an institutional asset, consumed by many and used by the institution for the strategic purposes of student success, scholarship, and more.

The first step in addressing your “big” data problem? Data governance.

What is data governance?

There are various definitions, but the one we use with our clients is “the ongoing and evolutionary process driven by leaders to establish principles, policies, business rules, and metrics for data sharing.”

Please note that the phrase “IT” does not appear anywhere in this definition.

Why is data governance necessary? For many reasons, including:

  1. Data governance enables analytics. Without data governance, it’s difficult to gain value from analytics initiatives which will produce inconsistent results. A critical first step in any data analytics initiative is to make sure that definitions are widely accepted and standards have been established. This step allows decision makers to have confidence in the data being analyzed to describe, predict, and improve operations.
     
  2. Data governance strengthens privacy, security, and compliance. Compliance requirements for both public and private institutions constantly evolve. The more data-reliant your world becomes, the more protected your data needs to be. If an organization does not implement security practices as part of its data governance framework, it becomes easier to fall out of compliance. 
     
  3. Data governance supports agility. How many times have reports for basic information (part-time faculty or student FTEs per semester, for example) been requested, reviewed, and returned for further clarification or correction? And that’s just within your department! Now add multiple requests from the perspective of different departments, and you’re surely going through multiple iterations to create that report. That takes time and effort. By strengthening your data governance framework, you can streamline reporting processes by increasing the level of trust you have in the information you are seeking. Understanding the value of data governance is the easy part/ The real trick is implementing a sustainable data governance framework that recognizes that data is an institutional asset and not just a four-letter word.

Stay tuned for part two of this blog series: The how of data governance in higher education. In the meantime, reach out to me if you would like to discuss additional data governance benefits for your institution.

Article
Data is a four-letter word. Governance is not.

The late science fiction writer (and college professor) Isaac Asimov once said: “I do not fear computers. I fear the lack of them.” Had Asimov worked in higher ed IT management, he might have added: “but above all else, I fear the lack of computer staff.”

Indeed, it can be a challenge for higher education institutions to recruit and retain IT professionals. Private companies often pay more in a good economy, and in certain areas of the nation, open IT positions at colleges and universities outnumber available, qualified IT workers. According to one study from 2016, almost half of higher education IT workers are at risk of leaving the institutions they serve, largely for better opportunities and more supportive workplaces. Understandably, IT leadership fears an uncertain future of vacant roles—yet there are simple tactics that can help you improve the chances of filling open positions.

Emphasize the whole package

You need to leverage your institution’s strengths when recruiting IT talent. A focus on innovation, project leadership, and responsibility for supporting the mission of the institution are important attributes to promote when recruiting. Your institution should sell quality of life, which can be much more attractive than corporate culture. Many candidates are attracted to the energy and activity of college campuses, in addition to the numerous social and recreational outlets colleges provide.

Benefit packages are another strong asset for recruiting top talent. Schools need to ensure potential candidates know the amount of paid leave, retirement, and educational assistance for employees and employee family members. These added perks will pique the interest of many candidates who might otherwise have only looked at salary during the process.

Use the right job title

Some current school vacancies have very specific job titles, such as “Portal Administrator” or “Learning Multimedia Developer.” However, this specificity can limit visibility on popular job posting sites, reducing the number of qualified applicants. Job titles, such as “Web Developer” and “Java Developer,” can yield better search results. Furthermore, some current vacancies include a number or level after the job title (e.g., “System Administrator 2”), which also limits visibility on these sites. By removing these indicators, you can significantly increase the applicant pool.

Focus on service, not just technology

Each year, institutions deploy an increasing number of Software as a Service (SaaS) and hosted applications. As higher education institutions invest more in these applications, they need fewer personnel for day-to-day technology maintenance support. In turn, this allows IT organizations to focus limited resources on services that identify and analyze technology solutions, provide guidance to optimize technology investments, and manage vendor relationships. IT staff with soft skills will become even more valuable to your institution as they engage in more people- and process-centric efforts.

Fill in the future

It may seem like science fiction, but by revising your recruiting and retention tactics, your higher education institution can improve its chances of filling IT positions in a competitive job market. In a future blog, I’ll provide ideas for cultivating staff from your institution via student workers and upcoming graduates. If you’d like to discuss additional staffing tactics, send me an email.

Article
No science fiction: Tactics for recruiting and retaining higher education IT positions

We humans have a complex attitude toward change. In one sense, we like finding it. For instance: “Now I can buy something from the vending machine!” In reality, we try to avoid change as much as possible. Why? Because it’s frightening. Consider this quote from Mary Shelley’s Frankenstein: “Nothing is so painful to the human mind as a great and sudden change.”

The key word in that quote is “sudden.” Because the more we prepare for change, the less painful it becomes. One crucial way to prepare for change is to assess how ready we are for something new.

Which brings us to you. The fact you are reading a blog post with the words “Readiness for Enterprise Systems” in its title suggests that you have considered, or are considering, changing your institution’s Enterprise Resource Planning (ERP) system or other enterprise software, such as LMS, SIS, CRM, etc. This change is no minor adjustment.

Enterprise systems are complex, impacting institutional activities at many levels, from managing student records, finances, and human resources, to enabling student enrollment and registration. Is your institution prepared for transformation across the organization? To find out, assess your institution’s readiness for change. To help illustrate what an assessment might entail, I’ll outline BerryDunn’s method.

Step #1: Understanding Key Indicators for Readiness
When assisting a client to determine readiness, BerryDunn begins engaging stakeholders from across the institution (e.g., staff, faculty, and students) to understand the current environment. This allows us to address seven key indicators for change readiness:

  1. Stakeholder Buy-In. The key to success in changing an ERP platform is for users to understand the value that the change will bring. “Do stakeholders know how the new system will benefit them? Or, from their perspective, ‘What’s in it for me (aka, WIIFM)?’”
  2. Executive Sponsorship. In order to obtain stakeholder buy-in, leaders have to communicate effectively with various parties about change. They will be required to display strong and consistent leadership when stakeholders are faced with challenges with vendors, timing, scope creep, or other issues. “Are leaders prepared to lead the charge? Are they committed to change?”
     
  3. Vendor Ability. Each institution has specific operational needs and programmatic objectives. ERP vendors will highlight their strengths and may de-emphasize weaknesses that may exist in their products. “Are vendors actually able to meet the institution’s functional needs and align their software with strategic objectives?”
     
  4. Business Process Redesign. As mentioned above, it can be a struggle to align operational needs and programmatic objectives with vendor software. It’s even harder to achieve this while ensuring that, in implementing a new ERP system, an institution won’t lose valuable functionality that had been provided by the previous ERP. “Does the client fully understand the impact of a new ERP system on their processes?”
     
  5. Project Management. Proactive project management is critical when changing an ERP system. Project managers need to engage institutional stakeholders, project sponsors, and vendors to keep them apprised of progress. “Are project managers empowered to maintain strong communication with all stakeholders?”
     
  6. Data Governance. Another key indicator of ERP readiness is how well-defined data management is before implementation. ERP replacement projects are jeopardized when institutions don’t understand their data assets, or don’t know what level of data migration is necessary. “Is the institution prepared for data migration?”
     
  7. Software Change Management. As ERP vendors move their products to the cloud, the software they sell will become less customizable, but more configurable. In other words, customers won’t necessarily be able to modify the base software code, but they will have more options in regards to defined fields, workflow, and user interface. Although this sounds limiting, it is actually an opportunity to streamline operations, add discipline to software update timelines, and require organizations to consider how to best complete their administrative functions. It is critical that an institution adapt its software change management practices to meet this reality. “Do the institution’s software change management practices reflect how software is delivered by vendors today?”

Step #2: Establish Agreed-Upon Metrics
Based on our analysis from Step #1, we then score these indicators of readiness based on a maturity scale from 0 – 5, using the following parameters:

0  Non-existent
1  Aware, but not ready to change
2  Aware and open to change, but lack understanding of path forward
3  Accept that change is needed, but clear action plan is not in place
4  Accept that change is imminent and is being planned for
5  Readiness for change has broad understanding, is accepted, and is being executed 

Step #3: Score the Readiness of Your Organization
When you work with a consulting firm to assess your institution’s readiness for change, you should expect tangible takeaways that will inform stakeholders and provide a baseline metric. For example, we prepare a brief report that outlines a score for each of the seven maturity indicators of ERP readiness and provides supporting information for the basis of each score.

Here is an example of a Software Change Management section from a hypothetical ERP Readiness Report:

READINESS INDICATORS

BASIS FOR SCORE

SCORE (0 – 5)

Software Change Management

The University does have an effective software change management methodology, and a standard process for prioritizing requests to its current ERP system. This model may change significantly if a cloud system is chosen, and will require a new approach to configuration and asset management.

3


Finally, based on the weighted aggregate score of the report, BerryDunn determines the institution’s readiness for change, and provides recommendations on how to remediate low scores, and sustain higher scores.

Now for the good news. By setting a baseline early in your readiness planning, the scoring can be revisited over time to measure progress and provide project leadership with a simple, but effective, approach to tracking change management within the organization.

Next Steps
As you can see, implementing a new ERP doesn’t have to be a monstrous experience. You simply need to determine your ERP readiness, and follow a common-sense plan for change management. If you’d like to talk more about this process, send me an email: dhoule@berrydunn.com. I look forward to learning about the great changes your institution has planned.

Article
Assessing organizational readiness for enterprise systems

Read this if you paid wages for qualified sick and family leave in 2021.

The IRS has issued guidance to employers on year-end reporting for sick and family leave wages that were paid in 2021 to eligible employees under recent federal legislation.

IRS Notice 2021-53, issued on September 7, 2021, provides that employers must report “qualified leave wages” either on a 2021 Form W-2 or on a separate statement, including:

  • Qualified leave wages paid from January 1, 2021 through March 31, 2021 (Q1) under the Families First Coronavirus Response Act (FFCRA), as amended by the Consolidated Appropriations Act, 2021 (CAA).
  • Qualified leave wages paid from April 1, 2021 through September 30, 2021 (Q2 and Q3) under the American Rescue Plan Act of 2021 (ARPA).

The notice also explains how employees who are also self-employed should report such paid leave. This guidance builds on IRS Notice 2020-54, issued in July 2020, which explained the reporting requirements for 2020 qualified leave wages.

Employers should work with their IT department and/or payroll service provider as soon as possible to review the payroll system, earnings codes configuration and W-2 mapping to ensure that these paid leave wages are captured timely and accurately for year-end W-2 reporting.

FFCRA and ARPA tax credits background

In March 2020, the FFCRA imposed a federal mandate requiring eligible employers to provide paid sick and family leave from April 1, 2020 to December 31, 2020, up to specified limits, to employees unable to work due to certain COVID-related circumstances. The FFCRA provided fully refundable tax credits to cover the cost of the mandatory leave.

In December 2020, the CAA extended the FFCRA tax credits through March 31, 2021, for paid leave that would have met the FFCRA requirements (except that the leave was optional, not mandatory). The ARPA further extended the credits for paid leave through September 30, 2021, if the leave would have met the FFCRA requirements.

In addition to employer tax credits, under the CAA, a self-employed individual may claim refundable qualified sick and family leave equivalent credits if the individual was unable to work during Q1 due to certain COVID-related circumstances. The ARPA extended the availability of the credits for self-employed individuals through September 30, 2021. However, an eligible self-employed individual may have to reduce the qualified leave equivalent credits by some (or all) of the qualified leave wages the individual received as an employee from an employer.

Reporting requirements to claim the refundable tax credits

Eligible employers who claim the refundable tax credits under the FFCRA or ARPA must separately report qualified sick and family leave wages to their employees. Employers who forgo claiming such credits are not subject to the reporting requirements.

Qualified leave wages paid in 2021 under the FFCRA and ARPA must be reported in Box 1 of the employee’s 2021 Form W-2. Qualified leave wages that are Social Security wages or Medicare wages must be included in boxes 3 and 5, respectively. To the extent the qualified leave wages are compensation subject to the Railroad Retirement Tax Act (RRTA), they must also be included in box 14 under the appropriate RRTA reporting labels.

In addition, employers must report to the employee the following types and amounts of wages that were paid, with each amount separately reported either in box 14 of the 2021 Form W-2 or on a separate statement:

  • The total amount of qualified sick leave wages paid for reasons described in paragraphs (1), (2), or (3) of Section 5102(a) of the Emergency Paid Sick Leave Act (EPSLA)1  with respect to leave provided to employees during the period beginning on January 1, 2021, through March 31, 2021. The following, or similar language, must be used to label this amount: “Sick leave wages subject to the $511 per day limit paid for leave taken after December 31, 2020, and before April 1, 2021.”
  • The total amount of qualified sick leave wages paid for reasons described in paragraphs (4), (5), or (6) of Section 5102(a) of the EPSLA with respect to leave provided to employees during the period beginning on January 1, 2021, through March 31, 2021. The following, or similar language, must be used to label this amount: “Sick leave wages subject to the $200 per day limit paid for leave taken after December 31, 2020, and before April 1, 2021.”
  • The total amount of qualified family leave wages paid to the employee under the Emergency Family and Medical Leave Expansion Act (EFMLEA) with respect to leave provided to employees during the period beginning on January 1, 2021, through March 31, 2021. The following, or similar language, must be used to label this amount: “Emergency family leave wages paid for leave taken after December 31, 2020, and before April 1, 2021.”
  • The total amount of qualified sick leave wages paid for reasons described in paragraphs (1), (2), or (3) of Section 5102(a) of the EPSLA with respect to leave provided to employees during the period beginning on April 1, 2021, through September 30, 2021. The following, or similar language, must be used to label this amount: “Sick leave wages subject to the $511 per day limit paid for leave taken after March 31, 2021, and before October 1, 2021.”
  • The total amount of qualified sick leave wages paid for reasons described in paragraphs (4), (5), and (6) of Section 5102(a) of the EPSLA with respect to leave provided to employees during the period beginning on April 1, 2021, through September 30, 2021. The following, or similar language, must be used to label this amount: “Sick leave wages subject to the $200 per day limit paid for leave taken after March 31, 2021, and before October 1, 2021.”
  • The total amount of qualified family leave wages paid to the employee under the EFMLEA with respect to leave provided to employees during the period beginning on April 1, 2021, through September 30, 2021. The following, or similar language, must be used to label this amount: Emergency family leave wages paid for leave taken after March 31, 2021, and before October 1, 2021.”

If an employer chooses to provide a separate statement and the employee receives a paper 2021 Form W-2, then the statement must be included with the Form W-2 sent to the employee. If the employee receives an electronic 2021 Form W-2, then the statement must be provided in the same manner and at the same time as the Form W-2.

In addition to the above required information, the notice also suggests that employers provide additional information about qualified sick and family leave wages that explains that these wages may limit the amount of the qualified sick leave equivalent or qualified family leave equivalent credits to which the employee may be entitled with respect to any self-employment income.

For more information

If you have more questions, or have a specific question about your particular situation, please call us. We’re here to help.

 1Employees are eligible for qualified sick leave under EPSLA if the employee:

  • Was subject to a federal, state or local quarantine or isolation order related to COVID-19;
  • Had been advised by a health-care provider to self-quarantine due to concerns related to COVID-19;
  • Experienced symptoms of COVID-19 and was seeking a medical diagnosis;
  • Was caring for an individual who was subject to a quarantine order related to COVID-19, or had been advised by a health-care provider to self-quarantine due to concerns related to COVID-19;
  • Was caring for a son or daughter of such employee, if the school or place of care of the son or daughter had been closed, or the child-care provider of such son or daughter was unavailable, due to COVID-19; or
  • Was experiencing any other substantially similar condition specified by the Secretary of Health and Human Services.

Article
IRS guidance to employers: Year-end reporting requirements for qualified sick and family leave wages

Read this if you are a plan sponsor of employee benefit plans.

This article is the ninth in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. You can read the previous articles here

Employee benefit plan loan basics 

If your plan’s adoption agreement is set up to allow loans, participants can borrow against their account balance. Some participants may find this an attractive option as the interest they pay on the loan is returned to their retirement account as opposed to other loans where the interest is paid to the lender. 

Additionally, while interest is charged at the market rate, it may be lower than other options available to the participant, such as a credit card or other unsecured debt. Unlike hardship distributions, there are no restrictions on the circumstances under which a participant may take a loan. A potential downside is that if the borrower defaults on the loan or ends their employment and cannot repay the loan in full, it converts from a loan to a deemed distribution, potentially incurring taxes and penalties.

If a participant decides that an employee benefit plan loan is their best option, they will apply for the loan through your plan administrator. Loans are limited in both size and quantity. Participants may take loans up to 50% of their vested account balance with a maximum loan of $50,000. The provisions of a plan determine how many loans an employee may have at once; however, the combined loan balances cannot exceed 50% of the employee’s vested balance or $50,000. Furthermore, the $50,000 loan maximum must also consider payments made on loans within the previous 12 months.

Repayment of employee benefit plan loans

Repayment of employee benefit plan loans may be done through after tax payroll contributions, making it a relatively easy process for the participant. If a plan sponsor elects to provide this repayment option, they must ensure that repayments are remitted to the plan in a timely manner, just as they must with other employee funded contributions. The term of the loan is typically limited to five years and must be repaid in at least quarterly installments. However, a loan can be extended to as long as thirty years if specified within the plan’s loan policy. If the loan term is for longer than five years, the loan proceeds must be used to purchase a primary residence.

Like any source of debt, there are pros and cons to taking out an employee benefit plan loan, and it remains an important option for participants to understand. The benefits include the ease of applying for such a loan and loan interest that is then added to the participant’s retirement account balance. Potential pitfalls include lost earnings during the loan period and the risk of the loan becoming a deemed distribution if the participant is unable to repay within the allotted time. 

If you would like more information, or have specific questions about your specific situation, please contact our Employee Benefits Audit team.

Article
Retirement plan loans: A brief review

Read this if you have a blended workforce with both in-office employees and remote workers.

It is hard to believe it has been nearly a year and a half since we started our remote work journey. At the time, many thought the move to working remotely would be short term. Then, a couple of weeks turned into a month, a month into another month, another month into a year and, some employers are now finally considering re-opening their offices.

Back in April 2020, we provided some internal control challenges, and potential solutions, faced by working in a remote environment. These challenges included exercising appropriate tone at the top, maintaining appropriate segregation of duties, and ensuring timely review, amongst others. Although these challenges still exist, there are new considerations to address as we transition into (hopefully) a post-pandemic world.

Blended workforces

As we mentioned in that article, since people have now been forced to work in a remote environment, they will be more apt to continue to do so. For some employees, the perks of ditching that long commute outweighs the free coffee they receive in the office. Employers have a decision to make—do we allow our employees the option to continue to work from home or, do we require employees to work from the office, as was standard pre-pandemic? Now that employees have exhibited the ability to work from home efficiently and effectively, it may be difficult to move all employees back into the office. Requiring all employees to return to the office could result in employees seeking employment elsewhere, and the option to work remotely is a selling point for many recruiters. Furthermore, disallowing remote work could cause employees to feel distrusted or undervalued, possibly leading to less efficient and effective work.

However, remote work comes with many challenges. Although video chat has been instrumental in navigating the remote work environment, it still has limitations. Nothing can beat in-person conversations and the relationships they help build. Nearly every video chat has a purpose, and unfortunately, you can’t just “run” into somebody in a video chat as you can in the office. Building camaraderie and instilling your company’s culture is difficult in a remote environment. And, if your workforce is blended, with some working in the office while others work remotely, building culture may be even more difficult than if your entire workforce was remote. Employees in the office may be less apt to communicate with remote colleagues. If you have a task you wish to delegate, you may think of giving the assignment to someone in the office prior to thinking of your remote co-workers that may be just as able and willing to complete the assignment. It will be important to ensure all employees are provided with equal opportunities, no matter of where they work.

Remote work policy

Regardless of your company’s decision to allow employees to work remotely or not, we recommend developing a remote work policy addressing expected behaviors. When developing such a policy, consider:

  •  Will the policy’s provisions apply to the entire company or will there be different provisions by department? If the latter, consider what the implications may be on employee morale.
  • Will there be a minimum amount of days per week that must be spent in the office?
  • If employees are allowed to work remotely, do they need to work a set schedule or can the frequency, and which days they work remotely, change from week to week?
  • Who should the employee communicate their decision to? How will this information then be shared company-wide?
  • How do remote employees address document destruction? If they are handling sensitive and confidential documents, how should they dispose of these documents?
  • Similarly, what are the expectations for protecting sensitive and confidential information at home?
  • Are employees allowed to hook up company-provided equipment to personal devices, such as personal printers?
  • If an employee is customer/client facing, what are the expectations for dress code and backgrounds for video chat meetings?
  • What will staff development look like for individuals working remotely? Alternatively, what will their involvement look like in onboarding/developing new employees?
  • What are the expectations for meetings? Will all meetings be set up in a manner that accommodates in-person and remote attendees? Are there meetings where in-person attendance is mandatory?

The importance of these considerations will likely differ from company to company. Some of these considerations may be addressed in other, already existing policies.

Are your internal controls “blended workforce” ready?

If your company plans to allow employees to work remotely, you will need to assess if your internal controls make sense for both in-office and remote employees. Typically, internal controls are written in a manner irrespective of where the employee resides. However, there may be situations that require an internal control be re-worked to accommodate in-office and remote employees. For instance, do you have an internal control that references a specific report that can only be run in-office? If the control owner plans to transition to a hybrid work schedule, does the frequency of the internal control need to change to reflect the employee’s new schedule? Alternatively, does it make sense to transition this internal control to someone else that will be in the office more frequently?

Internal control accommodations

The transition to a remote environment was expeditious and many thought the remote environment would be over quickly. As a result, there may have been modifications to internal controls that were made out of necessity, although they were not ideal from an internal control standpoint. The rationale for these accommodations may have been the expectation that the remote environment would be short-lived. Although these accommodations may have made sense for a short amount of time, and posed little to no additional risk to your company, the longer these accommodations remained in effect, the greater the chance for unintended consequences. 

We recommend reviewing your internal controls and creating a log of any internal control accommodations that were made due to the pandemic. Some of these modifications may continue to make sense and, after operating under the new internal control for an extended period of time, may even be preferable to the previous internal control. However, for those modifications that do appear to have increased control risk, control owners should assess if the length of the pandemic could have resulted in inadequately designed internal controls. And, if so, what could the consequences of these poorly designed internal controls have been to the company?

Internal control vs. process

While reviewing your company’s internal controls, it will also be a good time to ensure your internal control descriptions actually describe an internal control rather than simply a process. Although having well-documented processes for your company’s various transaction cycles is important, a good internal control description should already incorporate the process within it. Think of your internal control descriptions as writing a story—the “process” provides background information on the characters and setting, while the “internal control” is the story’s plot.

For example: The Accounting Manager downloads the market values from the investment portfolio accounting system and enters the market values into the general ledger on a monthly basis. Once the journal entry is entered, the Accounting Manager provides the market value report and a copy of the journal entry to the Controller.

Although a savvy reader may be able to identify where the internal control points are within this process, it could easily be modified to explicitly include discussion of the actual internal controls. The text in bold below represents modifications to the original:

The Accounting Manager downloads the market values from the investment portfolio accounting system and enters the market values into the general ledger on a monthly basis. Once the journal entry is entered, the Accounting Manager provides the market value report and a copy of the journal entry to the Controller via email. This email serves as documentation of preparation of the journal entry by the Accounting Manager. The Controller then reviews the market value report against the journal entry for accuracy. Once approved, the Controller posts the journal entry and replies to the email to indicate their review and approval. The Accounting Manager saves the email chain as auditable evidence.

The text additions in bold font help provide a complete story. A new employee could easily read this description and understand what they need to do, and how to appropriately document it. Most importantly, the internal control is both in-office and remote environment friendly.

Transitioning back to the office has resulted in a mixture of excitement and anxiety. Routine office norms, such as shaking hands and having a spontaneous meeting over a cup of coffee need to be relearned. Likewise, policies and internal controls need to be revisited to address the changing landscape. The more proactive your company can be, the better positioned it will be to accommodate its employees’ demands, while also maximizing the effectiveness of its internal controls. Please contact David Stone or Dan Vogt if any questions arise.

Article
May the "blended workforce be with you": Policy and internal control considerations for a new era

Read this if you are a plan sponsor of employee benefit plans.

This article is the eighth in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. You can read the previous articles here

The Department of Labor regulations regarding service provider fee disclosures clarify that plan fiduciaries are responsible for assessing the reasonableness of fees charged to plans in relation to services performed. 

Before a plan fiduciary is able to assess the reasonableness of plan fees, the fiduciary has to receive required fee disclosures from their covered service provider. A covered service provider is considered a party that enters into an agreement with a covered plan to provide certain services. The range of services provided generally include recordkeeping services, investment adviser services, accounting services, auditing services, actuarial services, appraisals, banking, consulting, legal services, third party administration services, or valuation services provided to the plan.

In general, the covered service providers are required to provide the plan fiduciary a disclosure of the following information:

  • All expected services and fees, and
  • All direct and indirect compensation
    • Direct compensation are fees paid to the service providers from the plan
    • Indirect compensation are fees paid to the service providers from sources other than the plan, the plan sponsor, the covered service provider, or an affiliate 

Once the service provider fee disclosures are received, the responsible plan fiduciary must assess the reasonableness of the fees in relation to the services provided. There are numerous ways a plan fiduciary can determine if the fees are reasonable. The following are some of the most common ways to determine if the plan expenses are reasonable:

  • Complete a Request for Proposal (RFP) or Request for Information (RFI) process that compares at least two vendors.
  • Complete a plan “benchmarking” project. The responsible plan fiduciary can have an independent organization compare the fees charged to the plan to plans of similar size and characteristics. Failure to determine the reasonableness of the fees charged can result in a prohibited transaction. The responsible plan fiduciary should determine and document whether the fees are reasonable. Documentation should also include the steps taken to make this determination.

It is important to remember that failure to assess the reasonableness of the service provider fees can result in a prohibited transaction. Documentation of the assessment process, including steps taken to make a determination on fee reasonableness, is the best way to avoid having a prohibited transaction.

If you have any questions while assessing your service providers’ fees, please contact our Employee Benefits Audit team.
 

Article
Service provider fee disclosures: Understanding the process