-
Posts
1,773 -
Joined
-
Last visited
-
Days Won
83
Everything posted by Medlin Software, Dennis
-
Careful what you sign
Medlin Software, Dennis replied to Medlin Software, Dennis's topic in General Chat
"Probably a lot more to this story." The temp officer (at least in action) employee was naive (at best). Their testimony was 100% incriminating, tough to believe they even had representation. Oddly, I often get flamed when I point out how anyone who is part of the payroll process needs protection from this very issue. Even those who have no signatory power/responsibility. A payroll keypuncher who could have seen no withheld items were ever paid, those who login only to make deposits, etc., can all be named in a suit, and at best will have to pay to defend. I carry insurance for frivolous suits, even though I am not liable at all, defense is expensive. I bet all here do the same. -
Client under 59 1/2 yo cashed-out his Roth IRA
Medlin Software, Dennis replied to TAG's topic in General Chat
A fair chance there was insignificant taxable profit, which is the only part which may be taxable. Remember, the contributions are not double taxed, they were taxed when earned, so they can be withdrawn at any time. -
Unless we change our legal system, it is what it has to be. Defending against even the most frivolous of suit can put a business out of business (with no risk to the plaintiff other than expenses, especially if they find contingency representation, since there is zero penalty for losing). Much worse are those who use "review" sites to try to intimidate or to use as a protection racket. I get nastygrams almost daily from those complaining saying they expect me to keep them from harming themselves (in some manner, such as sending their data online for safety without consent, hacking into their computer to keep them from doing something or fixing what they did, etc.). Maybe the worst is from those who pay the license, then expect me to handhold them through every payroll, teaching them payroll processing along the way. Such is life, being reachable to consumers I suppose, but said life has to be worth living, so one must do what can be done to insulate.
-
Although e-record access is common and usually fast, I would try to find an attorney with an office in the same city as the county/parish/district seat where the real property is or where the probate will be filed. They will be familiar with local rules and will be able to get things done without issues, and likely have someone visiting the records counter daily.
-
Careful what you sign
Medlin Software, Dennis replied to Medlin Software, Dennis's topic in General Chat
Thanks for the direct link. What I had was something from a newsletter where I can only post a snip. In my naiver days, I would sign reports for others (friends I was doing payroll checks, reports, and creating the checks. I stopped once I wised up. I won't even do payroll for friends, but I will teach them how. Anyone about my age or olde will likely "catch" the name of Mertz. The court definitely said "Nertz to Mertz". -
I used the state bar to get a list of locals who were probate specialists. Also reviewed their discipline records.
-
Even with the FTC requirement, one can still self-manage. MFA is not required, there are other options. But, when the data is not in your direct control (online), things like MFA become reasonable if the software creating said data does not "do" something else, such as self-managed encryption. The other issues. Computers and software are now appliances. They are expected to do all for you with a button push. Learning how to use computers and software is not something people expect to have to do. Thus, a huge part of programming is preventing human actions from causing issues - rather than the user having any responsibility. So a company which stores your data online is not going to want to let you self-manage since they will not want to deal with customers who have forgotten their security code, login, etc. This is where MFA makes it easier for the vendor (with only a tiny fraction of security) since all you need is access to a device or email account (which even a new scammer can get/spoof easier than the public believes). Then, we deal with those we elect who want to "do" something to prove their worth, such as the myriads of local "protection" laws, which do not even make sense (such as requiring data to be kept in the control of the owner, within the local jurisdiction, so no online storage/backup is practical). Here is another wasteful aspect of MFA. I am using a very popular process to share access with a trusted person, to manage our company web site. It has an MFA aspect, which is a mobile app, and I can see the mobile app creates a MFA code even when not asked for. Not sure if it is constant, or only when I open the new password app on my phone, but maybe once every month I need the MFA code, but it generates and times out what appears to be constantly. How secure it that? How wasteful in resources? One may also want to look at the laws for access. IIRC, face lock does not require a warrant, but a pin type code needs to be compelled by warrant. I use both, but my ultimate protection is a boot/IOS code, which is complicated, cannot be brute forced, and no known (to me) hacks when coupled with BootLocker. MFA has and continues to be less worthy.
-
While not likely an issue among this group, it is a topic I deal with daily. Who signs what and the ramifications. For me, the usual issue is when an employer hires out payroll, but they use a gray processor (the processor is a calculator/print service and signs nothing). I remind the employer even if they hire out to someone who overtly takes on liability, the employer cannot buy out of the liability chain, and the gray provider has likely insulated themself from any liability. Thus, all employers and signatory persons need to get and maintain payroll knowledge. Personally, I remind those I speak with to not sign or be a signatory on company accounts unless they also control the reporting of items they are signatory for, as signatory power means they will get named and may be held liable for failures. This ruling may be a case that makes responsibility not temporary. What employee keeps insurance for this? I have company liability for my errors (as an owner), but I wonder if the above case, the employee is out of pocket for defense and loss.
-
Maryland Foreign Estate Tax? I see something a law firm posted about how to avoid, but nothing about whether the bite can be mitigated after the fact (deducted or basis change). I did not look hard.
-
any smart GAAP people on here?
Medlin Software, Dennis replied to schirallicpa's topic in General Chat
"Once you have that CPA after your name, you are supposed to know everything." WAY too much expectation. If you know how to get the current answer and have sense enough to see if it makes sense, you have earned your letters. I ponder taking the only somewhat recognized payroll pro cert, but I have seen the sample questions, and while a good gatekeeping tool for those who want such a thing, it does not mean - to me - a holder can handle a payroll on their own. I actually signed up this year, but because I am my own employer, I have to do something (step/steps unknown at present) so I can say I have the experience needed (I am effectively challenging, I want to do it with no actual study). But their process somehow failed to send me the requirements to certify myself, and even a direct email did not get it going, so I am not liking their process (which devalues it in my mind). I am considered an "expert" in their online group board, I guess whoever monitors that has determined I give reasonable help/suggestions... Back to the OP, I would assume to start the NCUA knows their stuff, and they have dealt with this before and have many other members already doing what they suggest/require. If it is possible to see public books of another member (maybe your own CU if you are a member of a CU) that may help with real world view. The NCUA is a likely powerful governing body, so taking them on likely will be expensive, if not detrimental, to the CU. -
Definitely true to have some sort of app level protection if there is an online aspect. If all data is local, then requiring extra auth (beyond license check to see if you are paid) is overkill - assuming you self-protect for compliance. Meaning if the data is in your control, but the vendor required some secondary process to access their "software", then that secondary process adds nothing and does not ensure compliance. The data sitting on your computer is not protected unless it is scrambled and secured by the app, or you have done whole computer protection.
-
For compliance, you do not need to protect each set of data individually. The things I suggest on my web site are compliant and can be self-managed. They are also good enough for all to use, going beyond the requirements (because of not using sleep mode). A username and password for an app is NOT compliant as it is only one part. If you use the methods I suggest, you will be compliant, and not need to have a password per app (unless you want to). be aware, if your app stored non encrypted data online, you may want/need to take additional steps.
-
I would spend the time to make internal note outlining the situation, what you did on termination, and what possible complications (and if known, solutions) for the future. All while fresh, in case something comes back a couple years later.
-
Yuck. This is an issue with opinion-based services (with little chance of bad or dark gray opinions getting caught). Same with a tax preparer helping get withholding to the liability amount, say to make their net meet expenses every month, and then getting fired for not getting a "fat" refund. I have been fired so many times I have lost count! I still, to this day, get into it with CPA types who do incorrectly tell my customers something. The most common examples are owner/shareholder who are also employees. CPA or other "expert" says to pay themselves wages once a quarter/year (the expert later cleans up all the "draws"), or report >2% S Corp health insurance once a year. The former do get caught "tax shifting" from time to time, the latter never get caught because it is a tax wash, but still improper. I remember doing the math for ERC to present it, and some would look at me sideways when I pointed out the ERC $ was not what the net would be. Funny, I am still ticked at the after the fact claw back of the last ERC quarter to help fund the recovery act money. Catch-22, some of the money went to rehab two race tracks I like to watch, those tracks are not going to give me a discount to cover the ERC I lost to help pay for their "gift". I thought I would personally get at least some via recovery act credits for solar and electrical upgrades, but CA has made solar a non-starter for me, given my age, roof size, and ability to shift loads to off peak.
-
Business owner fails to pay $2.4 million in payroll taxes
Medlin Software, Dennis replied to Lee B's topic in General Chat
I always wonder about these. How did it take so long to stop? I can see 12-18 months until an employee files their own return, and failing to match up with an employer depositing, but four tax years? And hopefully for the person or persons who had and access to the bank account(s), they did not get caught up in the fraud, or maybe they took a deal themselves. We used to have 941M for those caught not doing things properly, now we don't. We used to have to report W4 forms which did not seem right, now we don't. Remember, WH deposits are not on a time basis, WH on Dec 31 paycheck is like having a baby or getting a spouse on Dec 31, it is "good" for the entire year, so some avail of this strategy. -
Here is what I came up with. https://medlin.com/misc/security/ Notice the FTC rules have three points, any 2 can be used to meet their requirements. None of the three require any sort of third-party authentication, all can be self-managed. There is no requirement to individually protect a set of data, protecting all of your data at once, such as BitLocker, suffices. What I suggest (using all three FTC 'points') also meets common sense, as it means you can let someone access your device, knowing they are not getting in with any reasonable means (and still no known BitLocker hacks have been made public). The KEY is to power off or hibernate your computer, NEVER use sleep mode. It had been a few years since we stayed in a hotel, so when we recently did, I researched and found out hotel in room safes are not (safe), so I went with locking the device to a large piece of furniture and powering it off. With my device now hibernating when my phone is not within short range, even a straight up snatch/grab does not worry me. I a sl use a very short time out, short enough a thief will not likely try it before it hibernates. If you have your data online/cloud, then you may need to do more, such as some sort of trusted security method from the storage provider. This assumes your locale and other subject rules even allow you to not have data in your personal control within the jurisdiction you have nexus in. (At least one local jurisdiction required payroll and accounting data - IIRC - to be kept under the responsible party's control, within their jurisdiction. This is a local attempt by local politicians to prove to their constituents they are doing something about data theft.)
-
I doubt the pay-to-play services take on or get the ability to file the forms directly. At "best", and I use that term loosely, they provide a form or figures for the employer to use.
-
Need Help with Mailing - I am about to go postal!
Medlin Software, Dennis replied to BulldogTom's topic in General Chat
I had to mail something to dmv today. No electronic option. Took me 15 minutes to find the stamps. Had not used them in at least a year. -
The end has arrived (JK!)
Medlin Software, Dennis replied to Medlin Software, Dennis's topic in General Chat
A customer who tells me I am "not helpful at all" is usually correct. Why? The Paul Harvey "Rest of the Story". The customer has given me bupkis to work with! This afternoon it is a customer who says they do the same thing every month, but this time it did not work as expected. They did not share any details at all, so I had to fall back on asking for details, and being candid about the software not having changed since last month (actually, the aspect in question has not changed in at least a decade) so the issue is 99.999999% likely to be a case of not doing exactly what they have done before. I even pointed out what I think the cause was. But no, instead of any sort of useful reply, I get the "not helpful at all". RTFM and GIGO "live on". We will never, whether you call it automation or AI, ever remove human action from causing error, and the same human causing the error wanting desperately to shift responsibility. Now, back to planning a cruise for our 40th anniversary! -
NYS LLC created with my name and address on it
Medlin Software, Dennis replied to schirallicpa's topic in General Chat
Not shocked at all. I got dunned by NYS because I submitted test (garbage, such as First M Lastname) to a special office for form printing approval, and somehow, they created a NYS employer account for me, using the garbage data, and used the address on the envelope (the forms had a made-up address). -
After decades of ignoring the fraud and extortion of online review "services", I have tired of the ramifications of not fighting back. Thus, I will be offering links to customers to "review" sites and asking them to post their reviews. Rather than paying for fake reviews or wasting time trying to get fraudulent and extortion reviews removed, I am hoping real reviews will outnumber the fakes taking the power away from the fraudsters. The tipping point was a longtime customer telling me they were leaving because of a review they noticed (which was an extortion attempt - the "I posted a bad review, pay me and I will remove it" type).
-
GV was my solution for many years. I now use two cell carriers, one phone, with the phone selecting the better connection no matter which number I use. It is more for connectivity and backup these days since we no longer use the business line for customer support. While I rarely use it, my phone is connected to my computer for security (walk away locking), and I can make and receive calls on the computer. I do allow wifi calling and sms.
-
Need Help with Mailing - I am about to go postal!
Medlin Software, Dennis replied to BulldogTom's topic in General Chat
Try that for USPS express. USPS knows how to get it to a zip+4 "location". The problem will be there is no way to get a signature, if that is what you are after too. Priority is fine for a reasonable way to get status, but priority is barely better than stick a stamp and drop in a receptacle for actual delivery. I might even go to a USPS office and have them print the label, so you can be even more sure the address is in their system. The IRS has funky addresses too, where the address they publish is not in the USPS database (how I print postage and labels directly). The only other thing I can think of is to see if a phone call or fax to FTB will get some sort of more direct mailing address you can try. Many state employees can get mail to their building if one knows the address, floor, room, or whatever gets it out of the receiving room. Patience is tough. If the proper amount has been paid, then I would mail it several ways, and await (without worry) their next response) if any ever comes). Recently, the IRS posted a 941 to a prior (and properly reported) quarter. This resulted in a bill for underpayment for the now coupled up quarter, and a refund for the quarter the form was actually for. I called, got someone who could actually see what happened, and did "something" on their end, and asked me to send amended returns. I eventually paid a tiny amount of something (interest/penalty/stop bothering me fee) and can confirm the amounts were properly applied. I could have contested the fee, but it was not worth the time. I have copies of the original, so I am certain I did not make the human mistake, but things happen since they still accept paper files and use likely antique scan and human review to process. Maybe there was fuzz on the paper of scanner and the tick for the Q was read wrong. --- Same type of stuff every year with WC insurance. I pay a flat fee (as I do not reach their min fee), then pay again for true up for the "other" costs, then I get a refund back as it is sort of a mutual fund type deal (those in CA know what company I mean). Annoying to the perfectionists and helped me get to a "some goes out, some comes back" way of balancing WC figures. -
Need Help with Mailing - I am about to go postal!
Medlin Software, Dennis replied to BulldogTom's topic in General Chat
-
Insurance Rider for Instacart driver
Medlin Software, Dennis replied to Patrick Michael's topic in General Chat
I looked at IC during the pandemic. Not for me, but I was going to drive our daughter around a few hours a day for grins. There was absolutely no way to make money when looking at the real costs. Break even, maybe, maybe have a little something left for repair fund, but no real profit (business use insurance was an issue). To me, they are the same as all the driving services, preying on those who do not get accounting, with the exception being the commercial (black car and up) drivers who rent a car, are properly licensed and insured, and who work hard for the higher rate. Per mile is a loser.