Moving to the DC/MD/VA (DMV) Area

Mainly for Foreign Service clients:  When being reassigned to the “mother ship” (aka “Main State” for the State Department FSOs), don’t forget to get a local driver license, to reregister your vehicles, and to submit local withholding forms.

Using a Virginia residency as an example, Virginia requires you to obtain a Virginia driver license when you are going to be present in the state for extended “TDY” or “PCS.”  The Virginia DMV website states:  “Within 60 days of moving here, you must obtain a Virginia driver’s license.”  This is not optional and should not be confused with uniformed service member exemptions of the “SCRA.”  We’ve heard of several examples when the “lesser included offenses” of not having taken care of these details exploded a small fine into a large one.

Here are the vehicle-related requirements starting with the 30 day requirement to have it titled in Virginia: Vehicle Titling and Registration.

The District of Columbia and Maryland have similar (but not exactly the same so consult with their sites here – DC and here – MD) provisions so you’ll want to check your understanding.

Don’t forget to submit an updated withholding form for local taxation.  It’s likely you’ll file part year resident in the year of arrival and year of departure though for some the requirement for filing nonresident is triggered by circumstances instead.  Virginia’s form is located here.  You can fill it out and scan/email it to the Charleston pay office.  DC’s form is here while MD’s form is here.

If you prepare your own taxes, make sure to only include state “source income” as your W2 amounts may or may not be correct depending on when the change went into effect.

We have other articles covering some of the details of taxation including residency versus domicile issues.

These comments do not constitute tax advice and are offered for discussion only. Consult with a us or other qualified tax professionals to discuss your specific situation.

@mcfarlandcpa on Facebook

Robo Advisor versus Full Service Live Advisor

I started an experiment a year ago or so to compare a Robo-Advisor  with traditional brokered investment accounts I’ve had for years and an initial verdict is in: The RA beat the traditional approach including a fund we have that only uses Vanguard ETFs. So, even if you “like” the broker you’ve been dealing with, a person who may have a conflict of interest with you (the better things work for him/her, the worse they work out for you in terms of transaction fees, 12(b)1 kickbacks, risk, and the like), you may want to consider transitioning to a RA.

I shopped around between several offering, including Wealthfront, Betterment, Wealthsimple, and others and settled on Wealthfront based on its balance of assets under management (the viability of this niche industry depends on low client acquisition costs and scale) and its ease of account establishment and low costs for initially small accounts.

All of these firms are built on the theory of modern portfolio theory which is only modern if one thinks of the 1950s as being “modern.” In any case, this approach to investing beats 94% of actively managed approaches and it’s not likely that our “normal folk” clients have access to those insider approaches.

An interesting angle for taxable investments is the tax loss harvesting feature that approaches, but doesn’t technically cross,  the legal proscription against wash sale tax deductions. Wealthsimple’s algorithm (and those of several other RAs) places a buy order for a near peer security (in the age of ETFs, this isn’t hard) whenever it looks like there is a loss that isn’t going to recover timely. You’ll get to deduct the loss without actually leaving the market since the sale and buy take place in accordance with Internal Revenue Code provisions. Neat, huh?

Another feature we really liked was the up-front discussion of risk. These discussions take place in a RA environment with little of the hedging of a live investment manager who may be tempted to steer you toward investments that exceed your risk tolerance. The computer doesn’t have a personal stake in your game.

We’ll keep an eye on the phenomenon so you don’t have to. We intend to grow our personal Robo-Advisor holdings at the expense of traditional, actively managed holdings. At this point, it looks like the best aspects of several strategies and tools, combining the buy and hold strategy of MPF and dollar-cost averaging, with portfolio rebalancing to manage risk and tax-loss harvesting only a computer can achieve at the lowest cost.

We aren’t investment advisors and don’t want to be. That said, part of our game is helping clients to invest the money we save them on their taxes through our low fees and tax code expertise and the RA milieu looks like a winner to us.

Obamacare (AKA, the PPACA) and Shared Responsibility Payments

The ever-politicized Patient Protection and Affordable Care Act (PPACA) branded “Obamacare” by those who never liked it was modified under Congressional budget rules in the Tax Cuts and Jobs Act the president signed into law last week. While actually modifying the provisions of the PPACA wasn’t possible in the parliamentary chicanery of the budget law, Congress did provide for changing the penalty calculations as they do have revenue effects. The two ways to calculate the penalty, which remains a “greater of the two” penalty, had their rates changed from 2.5 percent to zero percent of “household income in excess of the return filing threshold,” with a minimum that changed from $695 to $0. A creative approach, no? Leave the penalty in place, but reduce it to $0.

An aspect that may take some by surprise, however, is that the rate reduction does not take place until after 12/31/2018. So, dear clients, please make sure you have some kind of coverage to avoid what will be a painful fine for those without coverage.

Contact us through our contact form if you’d like to discuss options.

Tax Changes

Well, the president signed the tax bill so it is now law starting after December 31, 2017. We’ve gotten a lot of inquiries from clients about what this means so we’ll start unbundling the law as it applies to our client base over the next couple of weeks.

The first point that applies to all of our clients is that the new law doesn’t apply to the year that is about to end (Tax Year 2017). So, you’ll still be able to itemize just like always. That means:

  • getting all those charitable contributions made before the 31st

In addition, since this is the last time that many will be able to itemize (or, frankly, need to do so), take a look at these options:

  • Prepay property taxes due in 2018
  • Re-register personal property like vehicles in advance if there is a tax involved
  • Prepay items like alimony
  • Pile on medical expenses especially if you’ve hit your deductible — probably too late for most of us since our providers are on holiday vacations!
  • Prepay professional memberships like unions, chambers of commerce, the AICPA (in my case!), and the like
  • Make purchases that qualify as unreimbursed employee expenses this year rather than waiting till 2018
  • Pay your January mortgage payment in December (pay for two months in December)

What’s the common thread on all of these? They are items that you can deduct now but not next year and if you pay them in advance, you’ll be able to take the deduction on your tax return that you file before April 17, 2018. Scan your 2016 Schedule A for items you may be able to pay in advance since they won’t be deductible when you file your tax return in 2019 (for tax year 2018).

Note that in the fine print for this provision, the TCJA law’s implementation is going to require property owners to have a tax levy notice in hand in at the time of payment in order to take a deduction for prepayment of property taxes. Check with your county assessor or equivalent before attempting prepayment. Additional details are available at this IRS page but we read this stuff so you don’t have to.

If any of this is confusing, contact us for a one on one follow up.

Year-End Tax Review

As we come to the end of 2017, there’s a final chance to take advantage of remaining 2017 opportunities and to begin positioning for 2018. If the House and Senate agree on and pass a tax code revision this year (and the President signs it), we’ll publish our take on what that means for the various components of our clientele. This article focuses on remaining 2017 opportunities.

Fund Your IRA

Even if you participate in your employer’s 401(k) plan, consider setting up (if you don’t already have one) and funding an IRA this year (or making a contribution if you have one). For many of our clients, your IRA contribution won’t be tax deductible and they won’t qualify for a Roth IRA. But, in 2017, the opportunity to make a non-deductible contribution remains open for everyone and clients have the right to change their minds later on and recharacterize that contribution to a Roth.

We’ve written previously about the wonder of self-directed IRAs for opening up the investment horizon to rental real estate, tax liens, promissory notes, and other options not available through brokerage-administered IRAs. All that remains true and we’re working on an update.

For clients who are hitting their maximum deferred compensation limits of $18,000 for 2017, reducing any unmatched amounts to allow for an IRA contribution makes sense since clients then have more control of their investment options. This is even true for those who have access to the Federal government’s Thrift Savings Program — we recommend that any amounts saved for retirement beyond 5% of pay be contributed to an IRA rather than the TSP (yes, we’ve taken the ultra-low-cost TSP administration fees into account in making the recommendation). The same logic applies to 401(k) plans in general. Clients should plan on making an IRA contribution in 2018 and adjust their payroll withholdings accordingly.

Charitable Contributions

Charitable contributions remain deductible for 2017 so we recommend clients take a few minutes to review their charity list from previous years and to take a look at funding some new ones. Many states have a “double dipping” list of charities and even tax credits that make giving to specific types of charities a dollar-for-dollar reduction up to the taxpayer’s state liability. In Arizona, for example, donations to charities that qualify as “Qualifying Charitable Organizations” that support foster care or the working poor reduce taxpayer liability in the amount of the contribution up to $400. Arizona allows these contributions to made up to the return due date of April 17, 2018.

We hope folks don’t forget local schools contributions as an option either especially if there is a local tax credit available in their states.

Tax-Free Medical Funds

Many clients set aside pre-tax funds in the various options (MSAs, HSAs, FSAs). Review those if yours has a “use-it-or-lose-it” component and get to the dentist or whatever. If an individual or family has met their health plan’s deductible, getting elective procedures or tests done this year will save, especially if meeting the deductible next year isn’t likely. Think about how much to set aside for 2018 and remember that FSAs now have the ability to roll over limited amounts rather than simply losing them.

Tax Loss Harvesting

If clients have had a windfall sale during the year, now’s the time to sell portfolio holdings at a loss, especially if a similar (but not identical) asset (not the same one) is available for immediate purchase with the freed up funds. Clients should avoid triggering the IRS’s wash sale rules by repurchasing the exact same asset just sold.

Prepaying Tuition

This may be the last time this one works. The Hope or Lifetime Learning credits are still available for 2017.

Small Business Deductions

This is the true engine of wealth generation — investing in productive assets. Major asset acquisitions that can still be deferred to 2018 may get a better treatment by doing so. For most filers, though, this won’t make a difference and we recommend taking the deduction in 2017.

Summary List

This list summarizes the article’s points and adds items to consider for your upcoming filing.

  • Penalties for early withdrawal of savings
  • Alimony paid
  • Student loan interest
  • Prescription eyeglasses, contacts, and hearing aids
  • Crutches, canes, and orthopedic shoes
  • Medical transportation costs
  • Cost of alcohol or drug abuse treatments
  • Charitable contributions
  • Local and state income taxes
  • Personal property taxes or real estate taxes
  • Points paid for a mortgage or refinancing a home
  • Unreimbursed employee business expenses
  • Mileage and other expenses associated with volunteer work
  • Casualty and theft losses
  • Tax preparation software and tax-preparation fees

As always, our articles are not intended to be specific advice. We publish them to stimulate discussions with each client so please contact us with your thoughts and questions regarding the points you found interesting or relevant to your situation. We’re awaiting your email or message.

Merrill-Edge Drops Free Trades

Bad news on the investing front: one of the best deals going is coming to an end. Merrill-Edge is ending its 30 free per month transaction deal that was previously qualified by maintaining a deposit balance of $25,000 in Bank of America and Merrill-Lynch accounts. For many of our clients, the imposition of a $6.95 per trade fee will outweigh their returns on their small, learning accounts that we recommend.

Given that change, what other options exist? This chart lays out many of the options and our experience with Fidelity, Schwab, and Vanguard supports recommending to our clients that they contact one of those firms. For our purposes, we will be moving our corporate accounts to Vanguard as their in-house ETFs and funds meet our needs and fit with our philosophy. The fact that we can continue to trade for free in their products clinches the deal. That said, if we want something outside their offerings, their $7.00 per trade fee is a bit more and we’ll likely open additional accounts at either Fidelity or Schwab given their $4.95 per trade fee.  We like how Vanguard just seems honest and open with no $0.95 nonsense in their pricing.

We don’t have any experience with some of the other firms that offer free trades or trades assessed at very low per share rates. For small trades, of course, the small volume of shares will frequently produce transaction fees less than the flat rate $4.95 of Fidelity or Schwab. However, since we don’t advocate day trading as a strategy, given the low frequency of trades and the reputations of the two firms, we are comfortable with our recommendation.

Arizona Small Business Support

This post is the first in the small business category (tag).

While our income tax services for individuals and businesses are available regardless of the filer’s location (with some exceptions), our small business services are pretty much constrained to Arizona. That’s because state and local ordinances largely shape the cost of optimizing a comprehensive package of business support services. Based on the legal requirements, we’ve woven together partners and technologies that allow us to front to you, the microbusiness entrepreneur, the support you’ll need to get your good idea up and running. And, if you’ve been trying to do it all yourself, consider sluffing off some of the business process functions to us so you can dedicate more time to your passion. That’s not to say that we can’t help out-of-state firms (we actually have a presence in several states and even an overseas office), we can but probably not as comprehensively as in Arizona where we know the business climate and legal framework, especially human resources, quite well. Contact us if you think we can help aspects of your out-of-state business.

Our technology partner, CPA Network Solutions, provides everything related to software, computers, phone systems, and the internet, along with some other CPA firm-specific services we use in-house. Have you wanted access to world-class human resources software and advice? That’s available through CPA Network Solutions. The same with a professional, internet-based phone system. Paradise Hills Accounting provides our bookkeeping services (we use them too) including payroll and payroll tax filings (that stuff is really tricky!). Your books are always available online in one of several applications we use including the Quickbooks and Wave families. Those partners leave us free to do what we do best, organizing your tax life as the foundation of integrated financial planning (saving/investing, retirement planning, estate planning, risk management/insurance). Got the idea?

We are also ninjas in getting stuff done like business entity organization at rock bottom prices (you do most of the work, we point you in the right direction). Most legal documents, for example, are available from paralegal services — we use LawDepot, but there are many others. Having familiarity with stock-in-trade items like business filings with the Arizona Corporation Commission leaves us free from excessive legal fees. Bottom line, most divorce documents are just cut-and-paste versions of the last divorce the attorney sold; the divorce is only new to the former couple.

We’ll have a download available soon on how to start your own business in AZ so look for that. It will include how to interact with our partner web, so your business is up and running as soon as possible.

Spring Review


Spring Review

Summary: Spring is an excellent time to review the details of your existing financial plan components. Updates can avoid problems down the road as the specifics of our lives change over time.

Spring is in the Air

Before we get caught up in the hustle of the summer season, late spring is often a good time to “take a knee” (as we used to say in the military) and evaluate where we are. Here are some example questions you should ponder and then contact us for a link to our interview tool if you have questions or would like to discuss your situation. In general terms, you can also join our forums to review the threads there or post your own questions (and we’ll respond within a work-day).  So ask yourself:

  • Do I have the correct beneficiary elections (HSA, life insurance — don’t forget all those little policies at places like credit unions or membership organizations, IRAs, 401(k)/TSP/457(b)/403(b))?
  • Do I have property ownership the way I want it?
  • Do I have bank and other accounts correctly titled?
  • For items in my estate (none of the above are in your estate), is it time to revise my estate plan (will or trust)?
  • Are my investments optimized?
  • What to do with tax withholdings?

A close friend recently passed away. As I was helping his widow close out the estate, we found that he’d never updated the life insurance. The insurance company paid the policy out to his previous spouse, something I’m sure my friend wouldn’t have wanted, but he never got around to changing that beneficiary or lost track of that policy. It’s a lesson in keeping beneficiaries up to date and to not forget all those little policies that are out there, such as those issued by membership organizations and credit unions. We recommend keeping a spreadsheet with all this information. See our article on online security for related information on how to keep this type of personal information secure.

The same logic applies to so-called “real property.” Make sure that you have it titled properly in such a way that ownership passes directly to who you want. This is called, in some states, joint tenancy with right of survivorship, but consult with an expert in your state. Vehicles and anything else that has a written title to it can be treated this way and kept outside either an estate or a trust.

Bank accounts are frequently overlooked. Failure to have them properly titled can result in all the cash in your estate being locked up until a court can act. That makes it critical that at least an operating, or survival cash, account be shared with someone who can care for you if you become unable to care for yourself, or who can care for your loved ones who are unable to care for themselves.

If you have significant collections of art or other collectibles or real property that wasn’t titled as we’ve previously discussed in this article, does your will or trust, i.e., your estate plan, or provide, for the disposition of those things? If not, now is a great time to think through this and develop a plan and mechanisms, in conjunction with your trusted advisor, to address this.

You should be reviewing your investments regularly. This process, though, may give you new insights into your needs. If it does, you’ll need to get in touch with your investments advisor to discuss near-term, mid-term, and retirement needs.

If you received a tax refund, this is also a good time to go to the IRS Withholding Calculator and update your W-4. Your employer’s HR department will know what to do with the IRS Form W-4 that results.  If your take home pay will increase as a result of this, consider seriously opening up a savings account to receive the difference each month, so you never see it.  It is a great way to increase your savings.

Making this an annual ritual (we plan on updating and rerunning this article yearly), will keep the fundamentals of your “financial house” in order, and fits neatly with the urge to spring clean other aspects of life.


Update on the Fiduciary Rule

Summary: The Department of Labor’s April 7 Federal Register update on the Fiduciary Rule (which we covered in February) established June 9 as the Rule’s implementation date with a transition window until January 1, 2018. The Fiduciary Rule will allow investment advisers working with retirement account and plan owners and custodians to continue to receive compensation from product vendors so long as the adviser can demonstrate, “adherence to certain Impartial Conduct Standards: providing advice in retirement investors’ best interest; charging no more than reasonable compensation; and avoiding misleading statements . . . .” The DOL will use the intervening time to report back to the president on any issues it discovers regarding the costs and benefits of implementing this rule. Industry insiders and lobbyists are actively seeking to ensure the rule is never implemented. The intent of the rule is to protect retirement investors from predatory sales practices.

Why You Care About This Issue

Analysts report retirement investors losing billions in retirement account payoffs due to predatory sales practices. While the rule does not proscribe the conflict-of-interest-producing, compensation practices, it does create a very high bar to continuing them. Some industry insiders have indicated that the potential for lawsuits will increase so much as to eliminate the practices in general with a resulting decrease in offerings and services.

Compensation Created Appearance of Conflict of Interest

The core issue in the Department of Labor’s rule, which it began compiling and socializing during the Obama administration, is the exemption granted to “investment advice fiduciaries” that allows them to receive payments that would, in almost any other context, create a presumption of a conflict of interest. In the case of investment advisors, much of their compensation, except for the fee-only component of the industry, comes from the providers of the products they recommend to their retirement clients. In other words, these advisers function as salespersons for the product providers including insurance companies, brokerages that owned or had custody of equities (stocks for example) and debt instruments (such as bonds), and institutional arrangements such as hedge funds, real estate trusts, and the like. The entities write checks to the “advisers” based on their performance, with the retirement investors themselves generally ignorant of these arrangements.

Buyer Beware or Regulation?

Many contacts have expressed seeing little or no problem with the conflict of interest arrangement, with the “caveat emptor” ethos characterizing the main thread. A sharper version occasionally even resorts to the Darwinian or Ayn Rand framework. Rule advocates call for eliminating the conflicts of interest it indirectly addresses. They cite the combined effects of the severe informational and financial power imbalances (insider information), the wholesale transformation of retirement plans from defined benefit to contribution and the resulting reliance on 401(k) type plans and IRAs at the household level: The net impact limits most retirement investor’s ability to recover from poor decision-making.

Third Party Comp Allowed Within New Safe-Harbor

In this case, however, the rule has never sought to eliminate the conflicts of interest, instead establishing a small safe-harbor for receiving compensation from instrument sellers. The safe-harbor was created by providing exemptions to other rules prohibiting the conflict-of-interest-creating compensation. Rather than flatly prohibiting compensation structures that, “could be beneficial in the right circumstances (italics ours; see comment), the exemptions are designed to permit investment advice fiduciaries to receive commissions and other common forms of compensation.” Advisers will need to be able to demonstrate that even though they are taking what amounts to kickbacks and bribes in other industries, that they are still able to act in their clients’ best interests. They will also have to fully disclose the compensation they receive from the third parties to these transactions. This will be a change from the current standard in which a particular recommended investment is just expected to meet “ . . . the objectives and means of an investor.” No disclosure of compensation from the third parties is currently required nor is any generally provided. Advocates of the rule stress that this situation allows brokers to establish relationships that appear to be necessarily in the investor’s best interests while the adviser is actually functioning as a salesperson for the third party.

Delay for Reporting

The President’s memorandum mandating the delay requires the DOL to answer three questions before implementing the rule:

  • Whether the anticipated applicability of the Fiduciary Rule and prohibited transaction exemptions (PTEs) has harmed or is likely to harm investors due to a reduction of Americans’ access to certain retirement savings offerings, retirement product structures, retirement savings information, or related financial advice;
  • Whether the anticipated applicability of the Fiduciary Rule and PTEs has resulted in dislocations or disruptions within the retirement services industry that may adversely affect investors or retirees; and
  • Whether the Fiduciary Rule (and ongoing PTEs) is likely to cause an increase in litigation and an increase in the prices that investors and retirees must pay to gain access to retirement services.

The memorandum states that, “. . . the priority of the Administration ‘to empower Americans to make their own financial decisions, to facilitate their ability to save for retirement and build the individual wealth necessary to afford typical lifetime expenses, such as buying a home and paying for college, and to withstand unexpected financial emergencies,’ then the Department shall publish for notice and comment a proposed rule rescinding or revising the Fiduciary Rule, as appropriate and as consistent with law.”

Comments Period Results

Of the 378,000 comments provided to the DOL on the Rule delay up to April 7, 173,000 favored immediate implementation of the rule. Frequent reasons provided included that the DOL had already analyzed the reporting issues the Administration’s memorandum required and that the harm to investors should end as quickly as possible. For example, the DOL summarized this argument explaining that, “ . . . under the current regulatory structure, investors lose billions of dollars each year as a result of conflicts of interest, and [they] argued that delay would compound these losses.” Opponents challenged the legal authority of the DOL to extend the rule to IRAs and other authoritative challenges and contended that the variety and type of offerings presented to individual investors would decrease.

Comment: We observed, in the months leading up to last February’s delay of the original April 10, 2017, implementation date, a tectonic movement toward an industry-wide transition to a fee-only basis for retirement investment advisers, with several major brokerages eliminating access to traditionally-compensated advisors to all but the most “sophisticated” investors. Of course, this transition is likely to affect the breadth of offerings in the traditional and fee-only marketplaces. We argue that the disappearing products never belonged in the menu for run-of-the-mill retirement investors. Among those are products like high 12(b)1 and similar fee mutual funds and front loaded mutual funds. But, this change clearly conflicts with the Administration’s previously-mentioned goal of “empowering” Americans, in some cases, to impoverish themselves. Ultimately, then, this issue, like many, depends more on one’s underlying values than on the facts at hand. Where the DOL will eventually end up, given the sheer volume of the proponents’ efforts contrasted with the absolute financial clout of the rule’s opponents, is anyone’s guess. We come down in favor of protecting “the little guys” from powerful forces against which they can do little but rail against the gods, given that even the DOL experts presented the instruments likely most affected by the rule as ones that, “could be beneficial in the right circumstances.”  The finely tuned word choice describes investments that generally would be harmful to investors in most cases. The fact that industry insiders and lobbyists are actively seeking to ensure the DOL never implements the rule speaks volumes to the disruption in industry practices the rule threatens. It’s an issue we’ll continue to watch so you don’t have to.


Our Security: What You Need to Know and How to Maintain Your Own Privacy

McFarland-CPA Security

Like the Matrix, but without terrifying computer creatures taking over the world!

The U.S. Congress’s reversal of the Obama Administration’s FCC rule preventing your ISP from selling your internet usage data has dropped electronic security back onto the stage. Mention the adjective Russian now and hacking easily comes to mind. In this age of aggressive hacking, several clients have contacted us about our security measures. We’ll cross-post this text in our FAQs but wanted to get this the widest dissemination, so it’s starting on this blog. As all blog articles end up in our monthly newsletter, it will go out that way too.

As an office-free firm, our security is procedural and network centric. We keep our desktops locked when not in use (actually we disconnect). We store no information on premises and have no physical files. If we encounter paper documents, we scan them and return them immediately or shred them. Unlike in the case of traditional firms, we do not present a target for physical server theft with thieves then selling your information on the dark net.

We Use HTTPS and Cloud Security

Unlike the DNC (and some say the RNC was equally deficient), we have state of the art security. To start with, all of our applications force the use of the HTTPS protocol in line with Electronic Frontier Foundation best practices. Forced HTTPS use causes a uniform resource locator (URL) request sent by unsecured to be re-established in an encrypted session between your browser and our servers.

GoDaddy hosts our web-facing servers. They, in turn, have encrypted tunnels to our accounting data servers that are virtualized deep inside the Amazon cloud. We adopted this architecture to build in an additional layer of security for client’s sensitive financial information.

Unlike a local, storefront operation, or even more sophisticated global scope firms, we do not store any customer information on local computers. We use Chrome OS devices since they are the most secure off-the-shelf computers and tablets.  Then, we only use them as thin clients, granting us access to our web applications through our virtual private network (VPN) and encrypted browser sessions, and to Amazon’s cloud-hosted servers. We also have a few Ubuntu Linux machines online for specific processes that are not convenient on Chrome OS.

Connecting From Unsecured Locations

Some of our clients access our platform from places that are even more unsecured than just the general hacking climate (which is bad enough). Even their internet service providers (ISP) are highly suspect. In those cases, say, if you are expat living and working in Russia or China, we recommend you take additional measures. First, all of your internet traffic should be in a VPN that you run either from your device or your home router. We discuss Wi-Fi below. You should use a Chrome OS device (not to be confused with the browser of the same name) such as a Chromebook or a Chromebox. Neither Windows nor MAC OS can be trusted these days regardless of the measures you take to secure them (unless you use a thin client and reboot after every session).

Wi-Fi Security

There are a lot of myths out there about Wi-Fi security. But first, let’s just get this out there: Wi-Fi doesn’t stand for anything, especially not “wireless fidelity.” It was just a catchy name for the IEEE 802.11 standard.  The most important issue is to ensure you are using at least WPS2-PSK to secure your network. Your password should look like h&5U2v$(q7F4*. If it doesn’t, change it. Do not use the WPS option. Don’t turn off SSID broadcasting, DHCP, or bother locking down IP ranges or limiting access to specific MAC addresses. Those only keep out people who wouldn’t know how to penetrate your network anyway. Anyone who qualifies as a hacker will have the tools to defeat those measures faster than you can set them up and maintain them.

An added measure of security is to use a VPN originating at your device over the Wi-Fi. With this configuration, you will be secure even using open Wi-Fi systems such as at libraries, coffee shops, or airports. VPNs do slow down your internet experience a bit. However, you won’t notice unless you are trying to stream video or use internet video telephony like Google Hangouts (our preferred product) or Skype. In those cases, just turn off the device VPN but make sure to turn it back on when accessing your U.S. bank account from Moscow.

TOR and Other Onion Proxy Systems

Should I use a multi-hop proxy system like TOR for more security? That’s a question we’ve heard more than once. Keep in mind that the purpose of systems like TOR is to hide who you are from those with whom you are interacting or third parties trying to monitor your activities. In the case of banking or accessing our systems, do you really want to hide from us who you are? What you want to do is to ensure that no one in between you and us can read your traffic. That’s an encryption issue, not an identity issue. So, keep systems like TOR for when you are doing something that demands you hide your identity, not protecting content. Of course, you can do both, and if you are a sophisticated user and want to explore that possibility, there are many tutorials available for configuring these measures.

What Level Of Encryption

We use 128-bit encryption which is the same level used by the U.S. financial system. It is a good balance between speed (encrypting and decrypting incurs overhead costs on processors at each end) and security. If the industry increases to 256 bit or higher levels, we’ll be an early to middle term implementer. We won’t blaze the way, we’ll let others bear those costs, but we won’t hesitate either since security is one of our primary values.

Discussion and Advice

We’ll set up a thread on our forum for discussing these issues if you, dear reader, want to follow up on some point we made here.  For CPAs and other small businesses interested in advice, if you are considering any of these technologies, please feel free to contact us or our implementing partner, CPA Network Solutions (they have a link at the bottom of the page). If you contact them directly, we ask that you mention us as the referral source.