News from Your Accounting Association

CPAmerica Advantage How to grow a niche: An interview with Lauren Joyce,

March 2017

partner at HPG and head of their Equity Solutions Team

This month we focus on the topic of business develop ment; developing a niche can be an organic way to generate new or additional revenue for your firm. CPAmerica member firms know this – we spoke to Lauren Joyce, partner with

in Raleigh, N.C., who manages HPG’s Equity Solutions Team about the process of building her niche. We asked Joyce about the Equity Solutions Team and how it came about. Her background is as an auditor and she said that she is still in transition when it comes to the team. “I still have my own audit clients and I am also the director of audit services here [at HPG]. It’s been more of just an expansion [of what I already do]. I’ve always sort of liked trying new things; I tend to get involved quickly and want to figure things out and this was an opportunity that really inspired me.” HPG is mainly centered around technology, biopharmaceuticals, and start-ups. Joyce said, “Back in 2006, when FAS 123R came out, stock options were a huge incentive for these companies and it became a real issue for our clients. They are difficult to track, the guidance is not always clear, and many people are using Excel to come up with the cal-

culations and disclosures. It was just cumbersome and prone to errors, so, over the years, we tried to come up with other solutions. We started looking at online databases that help with administration and we found a number of them, vetted them and figured out that we could actually partner with some of these groups to provide software [solutions] to our clients, and by bundling it under HPG and parceling it out to our clients, we could provide this set [very cost-efficiently for our clients].” She added, “To do the work and the administration, it tends to be a year-round process and I really needed a team that had the ability to [quickly respond to our clients]. Out of that we developed a team that has been trained on the software, standards, and awards so that they can help our clients.”

BOD visits Gainesville P. 2 Member News P. 3 From Member Services P. 4

CPAmerica's association services spotlight:

CPAmerica's RISE Inclusion Initiative quarterly sharing call is scheduled for March 9 at 4:00 p.m. ET. Participants will discuss successes and challenges found while utilizing this program and firms interested in enrolling can learn about the benefits of the RISE Inclusion Initiative.

For some time, the team consisted of only Joyce and as the amount of clients using this service increased, For more info, go to: https:// more staff was added. "Forming the tinyurl.com/gwtuoh3 team gave some different opportunities to people who enjoy the more technical aspect of the

Cybersecurity: Is Your Firm Under a Hack Attack?

See Niche, continued on page 2

This is part two of a two-part technology update article written by Randy Johnston CEO of Network Management Group, Inc.

What Are the Elements of a Cyberattack? We need to consider several factors that cyberattackers exploit, as well as understand what has to be protected to improve our cybersecurity. First, we have to protect our endpoints. These are frequently the target of the attack and include individual PCs, servers, networks or cloud providers. The purpose of this type of attack is

to control, corrupt, or disable the endpoint. Attackers are looking for vulnerabilities, or the weakness that permits endpoints to be penetrated. Vulnerabilities include: software flaws, system design weaknesses, insecure configurations, and human errors. Attackers use malware (malicious software); there are many different types of malware and attacks often involve more than one strategy. Finally, the method of execution (MoE) is the means by which attackers get the resources necessary (e.g., access, processing time, data) to execute an attack.

that was e-mailed to the user embedded in a file or accessible via a weblink. The malware program installs itself and then connects to a server run by the perpetrators which gives the ransomware a public key. This key is used to encrypt all Office files, database applications, pictures, etc., on a computer. Once data is encrypted, users are presented with an ultimatum and must pay within 72 hours or the private key (needed to unscramble the files) will be destroyed. A recent IBM study concluded that 70 percent of all businesses that have been infected have paid the ransom. Variants have been infecting Remote Data Services Common types of malware include: ran- (RDS/Terminal Servers) and/or Citrix servers somware, depositors, backdoors, credential in public and private cloud installations. stealers, viruses, worms, and vandalizers. For example, types of ransomware such as Numerous CPA firms, healthcare entities, CryptoLocker, CryptoWall and Locky are businesses and government agencies have designed to hold data hostage and have fallen victim to CryptoLocker. The ransoms been very active from late 2013 to the present. demanded range from $300 to $18,000. Users Typically, a user opens a program on a local PC must pay in bitcoin or by anonymous wire See Cybersecurity, continued on page 2

2017 CPAmerica Board of Directors Meeting The CPAmerica Board of Directors convened and were welcomed by CPAmerica President, Alan Deichler and staff during their opening meeting of 2017. The meeting was held mid-January in the offices of CPAmerica International in Gainesville, Florida. Some of the major points covered during the meeting noted that there will be 18 VIP visits with Immediate Past Chair, Joe Ciccarello; Chair, Brad Steward; and Chair-elect, 39 visitors scheduled throughout 2018. Brian Malthouse Kevin McGrath, CEO, Crowe Horwath International (CHI), was in attendance and went over his organization’s rebranding efforts. He also invited CPAmerica firms to join CHI firms at their annual meeting in 2017, taking place in Chicago in October. The next scheduled meeting of the board takes place on March 20 and will be conducted via teleconference.

In attendance at the 2017 Board of Directors meeting were: (seated, l. to r.) Sharon Thompson (Hughes, Snell & Co., P.A.); Ernie Gelpi (Kushner LaGraize, L.L.C.); Kevin McGrath (Crowe Horwath International); Joe Ciccarello (Gray, Gray & Gray, LLP); Bob McGowen (McGowen, Hurst, Clark & Smith, P.C.); Brad Steward (Pulakos CPAs, PC); CPAmerica President Alan Deichler; (standing, l. to r.) Brian Malthouse (VonLehman & Company, Inc.); Tim Arter (Brickley DeLong, PC); Don Cowan (Cowan, Gunteski & Co., P.A.); and John Lauer (HBL CPAs, P.C.)

Niche, continued from page 1 work and wanted to get more involved … this year we are up to nine individuals from tax and audit backgrounds, so it’s kind of a nice [mix].” Like most of our firms, there is no off season with the work Joyce does; however, she mentioned that one of the reasons that her team members like the work is because it is flexible and can be done online and from just about anywhere with a connection to the internet. Niche development is instrumental to HPG’s growth and Joyce expanded on her firm’s efforts. “We are a single office and … now the second largest firm in North Carolina, but we want to stay independent – that’s part of our long-term vision, to continue to grow as HPG. To do that, we’ve gone through a growth initiative and we decided that … it was going to have to be at a niche level, we have to be niche specialists. About three years ago, we started going through a process of getting firm leaders to take on different niches, industries, and service lines. That’s where this really expanded for me - taking on the equity consulting group as a service line,” she said. HPG sees this as part of their long-term ability to stay autonomous and continue to grow at a steady rate. When asked to describe her personal process of business development, Joyce said, “I have to say I’m not 100% comfortable going out into big networking events. That’s never been my favorite thing to do. For me, my business development has really been on a referral basis where, if I am working with

2

See HPG, continued on page 4

Cybersecurity, continued: transfers. Anti-virus and anti-spam applications do not detect many variants of this threat, but some strategies such as using white listing, geofencing and other techniques have slowed down the rate of infections. However, attackers are getting smarter and choosing new methods for attack. What are some potential tools to prevent a cyberattack? There are a few defenses that have been used for some time including a well-maintained firewall and a backup that runs almost continuously. It’s clear that a properly installed and maintained anti-virus product is the first line of defense. Signature based anti-virus products are not quite as effective as they once were. In fact, anti-virus is dead according to a Wall Street Journal interview with Brian Dye in May of 2014. Mr. Dye, who is Symantec's senior vice president for information security. Symantec’s Norton antivirus suite have been at the forefront of PC security for years and years and the product has evolved to their Endpoint Protection product. But don't let the claim distract: anti-virus isn't being retired, and Dye's words reflect the new reality in anti-virus protection. Dye told the WSJ that he estimates traditional antivirus detects a mere 45 percent of all attacks. Second, a properly configured firewall can help protect your network whether you are running in a public cloud or have created your own private cloud on-premise. We recommend firewalls in all business locations, and prefer business grade firewalls in homes, too. Many states do not have mandated encryption like Massachusetts and Nevada, and even though compliance with the encryption regulation may have been painful for your organization, this protection is a strong third line of defense. Your fourth line of defense should be Identity Management including multi-factor authentication with a product like Duo or AuthAnvil. These products allow your IT team or contractor to enable a mobile phone or other method such as a token to be used to authenticate a user. Remember that single factor authentication is something you know, like a user ID and a password, where multi-factor authentication is something you know and something you have. The broad acceptance of cell phones and the availability of inexpensive tokens plus the availability of multi-factor authentication from providers like Microsoft or Google leads us to recommend multi-factor authentication this year. Finally, and fifth, it may be time to consider Security Information & Event Management (SIEM) tools that can identify unauthorized or destructive behavior on your network. We are not done yet … Why are the “bad guys” attacking our business and homes? The simple answer is to gain money and/or intellectual property. Another result of these attacks includes Identity theft. According to the U.S. Department of Justice, identity theft and identity fraud are terms used to refer to all types of crime in which someone involves frames or deception, typically for economic gain. Essentially, someone exploiting your personal information for their personal gain is the basis of identity theft. There are cyber threats beyond those identified in this short article. Hopefully, you now understand that the threats are real, and that there are reasonable steps you can use to protect yourself, your family and your business.

Member News

San Antonio member firm announces certification, promotion San Antonio, Texasbased member firm,

, recently announced that Santiago M. Coindreau, CPA, SANTIAGO COINDREAU of San Antonio, Texas has received his certification as a Certified Public Accountant. Coindreau joined the firm in 2015 and earned his MBA with an emphasis in accounting from the University of Texas at San Antonio. The firm also posted that Ruth Menchaca, CPA, RUTH MENCHACA of San Antonio, Texas has been promoted to manager.

Thomas Howell Ferguson P.A. CPAs welcomes Bowman to the firm , a professional accounting, assurance, and tax services firm, headquartered in Tallahassee, welcomes Brittany Bowman to the Assurance Services Department as a manager. Bowman, a Tallahassee native, attended the University of Central BRITTANY BOWMAN Florida (UCF) and achieved her bachelor’s in accounting and continued to earn a Master of Taxation from UCF. Bowman has more than eight years of experience in public accounting with two years in private industry. She is a licensed CPA and will serve in the Tallahassee office. Bowman currently serves as a director for the Leon County Community Board for Capital City Bank. She is also a member of the AICPA and the Florida Institute of Certified Public Accountants.

SME celebrate managing partner’s birthday with mustache smiles It's all in good fun at

(SME) in Augusta, Ga., where Rick Evans, the firm's managing partner, was surprised on his birthday by the SME staff. They all "flashed their 'staches" in Evans' honor.

Trendsetter: Rick Evans and the SME crew set the new accounting style

TBC Named #1 CPA Firm in the Capital Region P.C. (TBC), remains on top of the Albany Business Review’s list of largest CPA firms in New York’s Capital Region. The list, which was published in February, ranks CPA firms based on the number of CPAs employed in their Capital Region office. TBC has 91 associates in its sole location in Albany. Of those associates, 53 are CPAs, up from 51 total CPAs in 2016, which then also put TBC as the largest firm among Capital Region accounting businesses. Growth in the number of CPAs employed wasn’t the only increase TBC enjoyed in the last 12 months. In 2016, TBC moved up three slots on the Top 300 Firms List from #233 to #230. The Top 300 Firms List is a national ranking of public accounting firms based on net revenue published by Inside Public Accounting. Other recent accolades demonstrate TBC’s ability to keep employees satisfied, such as the Albany Business Review’s Best Places to Work and the Times Union Top Workplace awards. As a testament to its commitment to giving back locally, TBC just wrapped up celebrating its 45th year in business by completing a 45 Acts of Kindness campaign in which employees volunteered (or the firm itself) donated financial means or goods to nonprofit organizations for 45 consecutive days.

Richmond, Va. accounting firm adds new senior and staff accountant

Eric R. Godfrey, CPA, and Nathanael A. Arbour have joined an expanding team at

a provider of full-service accounting to nonprofit organizations and closely ERIC GODFREY held businesses. Godfrey has more than five years of experience in accounting, having worked in the manufacturing, nonprofit and education sectors. Godfrey received his bachelor's in accounting from The College of William & Mary and is a member of the AICPA, Virginia Society of CPAs and the North Carolina Association of CPAs. Arbour comes to the NATHANAEL ARBOUR firm as a former accountant. He has a bachelor’s in accounting from Liberty University. As a staff accountant, he will primarily be responsible for ledger activities, reconciliations, financial analysis, and reporting.

Local firms team up to raise $120,000 for Make-A-Wish® Illinois

Dave Nissen (above, center, with the owners of Plote and Sanfilippo), managing partner of member firm , was looking to grow what started out as a friendly bowling competition between local companies in order to raise money for Make-A-Wish® Illinois. In 2016 Mueller partnered with Plote Construction Inc., raising $60,000 for Make-A-Wish®. This year, with the addition of John B. Sanfilippo & Son, Inc., a total of $120,000 was raised. The event was organized by volunteers from all three companies. “Seeing how dedicated and engaged everyone was ... for this deserving charity ... illustrates the power of combining forces and resources of all three firms to assist Make-A-Wish®’s mission of fulfilling wishes of children with life-threatening medical conditions,” Nissen said. Thanks to the combined efforts of Mueller, Plote, and Sanfilippo, more than 200 participants and supporters helped to generate $6,000 for each of the 20 granted wishes.

Galle of Baum, Smith, & Clemens earns audit certificate

Member firm , a Lansdale, Pa.-based accounting and business advisory firm, announced that Jessica A. Galle, CPA, has received the Advanced Defined Contribution Plans Audit Certificate. The credential was developed by leading subject matter experts from the AICPA’s Employee Benefit Plans Audit Quality Center. The examination tests the candidate’s ability to plan, direct and report on these types of plan audits in accordance with the latest AICPA standards and Department of Labor and IRS requirements.

Member firm THF congratulates Carver on passing the CPA exam (THF), headquartered in Tallahassee, Fla., congratulates Catherine Carver on passing the CPA exam. Carver received her bachelor's in accounting and in finance (both summa cum laude) from Valdosta State University.

3

From Member Services: "I Love My Job" reads the headline on February’s Journal of Accountancy. Looking at CPAmerica's 2017 agendas, focus on the people in your firms is a prevalent concern. It is not enough to find G RACE HORVAT H V ICE PRESIDENT OF good people. Retaining a nd k e e pi n g t hem S ERVICES happy, challenged and continually prepared for the next stage of their careers, from the time they start as new managers to their successful retirement, is a consuming topic of the profession. The contents developed by our member planning committees for the vastly varied selection of CPAmerica events reflects the acknowledgment of the profession that being technically great is simply not enough to secure the firm of the future. Successful firms need to be places filled with people who love their jobs. This premise is true of most businesses and it is also commonly true that this notion of having a happy workforce (i.e., feeling valued) supported through training and mentoring; doing work that has meaning; and respected for having a life outside the office, has not always been the priority for business leaders. When setting strategies, driving revenue, growth and client satisfaction have reigned. What I heard from partners during our 2017 planning was that these archetypal concerns of firm leadership have little chance of success without a powerfully trained, motivated and appreciated workforce to execute these initiatives. New Leading Partners is our first meeting

of the year where managing partners (in their roles for three years or less), gather to collaborate. Tim Jackson, CEO of Jackson Leadership, will spend a half day leading attendees in an intensely focused workshop on the development of new partners. This emphasis on people resonates through the regional meetings too, with each meeting featuring a variety of sessions covering: staff growth and development; becoming an effective business developer; internship programs; and transition and succession. The Next Generation Conference enters its fourth year and is designed as a platform to teach seniors and managers what makes a public accounting firm successful and the skills they need for personal growth and success at their firms. Track 2 has been entirely refreshed to offer the opportunity for repeat attendees' ongoing professional development. This year’s curriculum includes highly interactive sessions on management and leadership skills, client development strategies, public speaking, and delivering effective proposals. In Austin, global communications specialist Vicki Flier Hudson will join top influencers in the profession such as Sam Allred, Jennifer Wilson, and Art Kuesel. New this year are courses such as: “The 9 Behaviors That Can Derail a Career,” led by Trent Clark who was a strength and conditioning coach in Major League Baseball for 13 years and his partner Lee Eisenstaedt, author of best seller, “Being A Leader With Courage.” Co-chairs Greg Hammonds and Don Cowan headed up strong agenda planning for this year’s Leading Partners Retreat. This year's meeting has the theme: “The Firm of the

Future Starts Here,” and runs concurrently with the Firm Administrators Roundtable in Washington D.C. High profile speakers such as Barry Melancon (President and CEO, AICPA) and Jim Castellano (Chairman of RubinBrown) will share insights on the revolutionary changes that are coming to public accounting that include innovations in both product and people mix.

Not to be diminished are the values of sharing expertise and receiving technical information as seen in the complex agendas for the CPAmerica A&A and Tax Conferences in 2017. Technical proficiency, along with skilled acumen for making comprehensive decisions in areas such as M&A and creating new service lines, will always remain in the top tier of significance for firm leaders. Fostering an environment where people love their jobs may seem obscure compared to concrete goal-driven objectives, but as professional service firms, the core of service is always the people. 2017’s event season is designed around this core. You’ll love it!

HPG, from page 2 a client, I always take the opportunity to ask them, ‘Is there any way I can improve my service?’ and, ‘Is there anyone else you work with that would benefit from this?’ This has actually [been responsible for helping me attain] many of my clients to date. Contract groups have good relations with certain CFOs and technology groups, so word circulates quickly. That’s how I’ve been steadily growing my practice. We’ve had about 20% growth every year for the past four years so it seems to be working so far.” Business development will continue to present its share of challenges. Joyce mentioned, “Sometimes I think it’s just being able to explain the worth of the services that we are providing for our clients. Many times, what we do is seen as just an accommodation and we have to explain that this is really a valuable tool and will provide our clients with a lot of efficiency. That’s sometimes really difficult to get a client to understand. We also have a very balanced team. It took some time to figure out that we needed some people that really liked the technical side, but on the flip-side, we also needed people that wanted to go out and talk to our clients about finding solutions to their needs … It’s worked out very well.” HPG continues to expand and a big part of this is due to the evolution of their Equity Solutions niche and by listening to their clients’ needs.

104 N. Main St. Gainesville, FL 32601 (352) 727-4070 www.cpamerica.org

Send feedback and member advantage@cpamerica.org

OHM

4

follow us on our social media: