2025 | Prince Hansen Group, PLLC

How to Account for Additional Paid-in-Capital (APIC)

According to the May 2019 Financial Stability Report from the Board of Governors of the Federal Reserve System, there was more than $15 billion in outstanding commercial credit. While there are many ways companies can obtain funding, additional paid-in-capital (APIC) is one way to accomplish this goal.

Defining APIC

This term refers to the gap between a share’s par value and the distribution price. If an investor pays more than what the company sets for its IPO price offer, that is what determines APIC.

Defining Par Value

Par value is the initial offer price a publicly traded company decides to offer shares to investors during its initial public offering (IPO) on exchanges. Depending on the actual initial price for an IPO, it can be done for publicity reasons, to reduce litigation risks and to aid in improving shareholder return on investment.

Market Value

Based on how well a publicly traded company performs, this is the prevailing price that investors assign to the share price, which varies dynamically.

Determining APIC

Calculating APIC is done as follows:

APIC = (Issue Price – Par Value) x Number of Shares Acquired by Investors

If a company establishes a stock price of $2 per share, investors can decide to bid up each share price to $3 or $7 or $20 via their purchases. If there are 2 million shares outstanding selling for a total of $44 million, the excess of $40 million (beyond the $4 million in par value) is the APIC.

Based on these circumstances, a company’s balance sheet should have the following entries:

– $4 million (paid-in-capital)

– $40 million (additional paid-in-capital)

When accounting for these stock purchases in this scenario, APIC is recorded on the balance sheet under the shareholder equity (SE) section. This can be seen as increasing a company’s bottom line because it results in them receiving additional cash from stockholders.

When it comes to recording the journal entry, the total cash generated by the IPO is recorded as an asset (debit) on the balance sheet, while the common stock and APIC are recorded as equity (credits).

Utility

The utility metric can yield a considerable amount of a business’ share capital, prior to retained earnings starting to accumulate. It helps provide a financial cushion for the company if retained earnings demonstrate a shortfall.

Companies that issue shares permit the business to not increase its fixed costs. Since this method is chosen instead of issuing bonds, there are no interest payments due to buyers of the bonds. Investors are not due any payments, including no dividend obligations. Business assets are also not subject to investor claims. Once shares are issued to investors, the generated funds are non-restricted, so the company can direct the funds as necessary.

APIC lets businesses produce money without any required assets backing the transaction. Depending on the company’s future performance, buying stock at the IPO can generate massive returns.

Further considerations

When there are additional share offerings post IPO, either common or preferred shares, the APIC levels may grow, necessitating them to be documented on the business’s financial statements. If share repurchases are made, levels can be decreased.

While each business has many options to raise money, if a company uses this method, it’s important to ensure that they are accounted for properly. As always, contact a professional to ensure the best personalized advice.

Partial Government Funding, Promoting Transparency and Protecting Against Foreign Terrorism

Epstein Files Transparency Act (HR 4405) – The purpose of this bill is to require the Department of Justice to release all documents and records in its possession of investigations and court cases related to Jeffrey Epstein. Epstein was previously convicted of soliciting prostitution from an underage girl, and also faced new sex trafficking charges prior to his 2019 death in custody. The files are expected to reveal the names of other people involved in the sex trafficking scheme. The act was initially introduced by Rep. Ro Khanna (D-CA) on July 15. It was updated and passed in the House on Nov. 18, in the Senate the next day, with only one opposing vote between the two chambers. The bill was signed into law by the president on Nov. 19. The DOJ has up to 30 days to release the documents, which may be lightly redacted to protect against unwarranted invasion of privacy, such as victim names and medical data.

Continuing Appropriations, Agriculture, Legislative Branch, Military Construction and Veterans Affairs, and Extensions Act, 2026 (HR 5371) – This is the bill that ended the federal government shutdown. It includes funding for the remainder of the fiscal year for the food assistance program SNAP, the Department of Agriculture, the FDA, the military, Veterans Affairs, and Congress through Sept. 30, 2026. However, it stops short of funding approval beyond Jan. 30, 2026, for Commerce, Justice and Science (CJS); Defense, Energy and Water; Financial Services and General Government (FSGG); Homeland Security; Interior, Environment, and Related Agencies; Labor, Health and Human Services, and Education (LHHS); State, Foreign Operations and Related Programs; Transportation; and Housing and Urban Development. The continuing resolution did contain a few ancillary provisions, including mandatory backpay and rehiring of all federal employees furloughed or laid off during the shutdown. The original version of the bill was introduced on Sept. 16 by Rep. Tom Cole (R-OK). It passed in the House on Sept. 19 and failed in the Senate 14 times before a revised bill was passed on Nov. 10. The final bill, with changes, passed in the House on Nov. 12 and was signed into law on the same day.

District of Columbia Cash Bail Reform Act of 2025 (HR 5214) – This bill was introduced on Sept. 8 by Rep. Elise Stefanik (R-NY). It represents Republicans’ ongoing battle over who has jurisdiction over Washington, D.C.’s law enforcement and justice system. The bill would return to a cash bail system and require automatic detention of those charged under a wider set of offenses. The new confinement rule counters D.C.’s long-standing system of judge discretion regarding detention or supervised release. The bill passed in the House on Nov. 19 and currently lies in the Senate.

Strengthening Cyber Resilience Against State-Sponsored Threats Act (HR 2659) – This bipartisan legislation represents a federal strategy to strengthen U.S. cyber defenses to counter China’s attempts to actively target American infrastructure. Unfortunately, the bill does not apply to other hostile state-sponsored cyber actors such as Russia, Iran, or North Korea. Introduced by Rep. Andrew Ogles (R-TN) on April 7, the bill passed in the House on Nov. 17 and currently rests with the Senate.

Department of Homeland Security Vehicular Terrorism Prevention and Mitigation Act of 2025 (HR 1608) – This bipartisan bill seeks to address the rising threat of vehicle-based attacks, including the possible misuse of autonomous vehicles, rideshare platforms, and connected vehicle technologies. The legislation was introduced by Rep. Carlos Gimenez (R-FL) on Feb. 26 and passed in the House on Nov. 17. It currently awaits consideration by the Senate.

The New Face of Phishing: Techniques, Targets and Prevention

Phishing is a major threat that keeps evolving and has now become a sophisticated and costly cyber risk facing businesses of all sizes. Previously linked to malicious links in an email, phishing is now powered by AI, automation, and social engineering. The attacks have become harder to detect; they are faster to execute; and they can be very damaging if successful. With many business processes happening online – such as payments, approvals, and customer engagement – the attack surface has expanded, and so has the creativity of cybercriminals.

The Changing Landscape of Phishing

Modern phishing is unlike the previous suspicious and poorly written emails, and today cybercriminals are using AI tools to do many things, including:

Generate perfectly written and personalized messages – attackers can now easily analyze company websites, social media profiles, public reports, and employee profiles to clone the tone, style, and communication patterns. Messages appear legitimate when they reference recent projects or internal updates.
Generate deepfake audio and video – with readily available AI voice-cloning tools, a scammer can easily impersonate CEOs or CFOs and request urgent wire transfers or credential access.
Bypass MFA using real-time phishing kits – these kits mirror login screens of popular business tools such as Microsoft 365 or Google Workspace. An employee enters credentials and authentication codes into the fake page, giving attackers instant access.
Launch automated hyper-targeted attacks – with automation, criminals can target specific departments using tailored messages relevant to their daily tasks.

High-Value Targets Inside Organizations

Phishing attacks are no longer random but very strategic:

C-Suite executives – executives are prime targets due to their authority and access levels. If an executive is compromised, their inbox can be used to authorize payments or request sensitive data.
Financial teams – the accounts department faces fake invoice scams, fraudulent banking instructions, and impersonated vendor messages.
HR departments – attackers send fake resumes loaded with malware. They might also pose as job applicants to access employee data.
Remote and hybrid workers – these workers use shared Wi-Fi, personal devices, and unsupervised collaboration tools. This creates a wider entry point for attackers.
Customers and partners – attackers impersonate brands and trick customers into submitting payments or sensitive information through fake lookalike pages.
IT admins and system engineers are also valuable as they have privileged access.

Modern Phishing Techniques

Emails remain the dominant delivery method, but attackers have diversified to:

Quishing (QR Code Phishing)
QR codes are everywhere: on flyers, delivery packages, restaurant menus, conference badge,s and more. However, QR codes can lead to malicious sites or credential harvesting pages.
Search Engine Phishing or Malvertising
Fake ads appear above legitimate brands on search results that a user can click on –thinking it’s a legitimate link.
Browser-in-the-Browser Attacks
These are fake login pop-ups that replicate trusted login screens. An employee will enter their credentials, thinking it’s a legitimate site, and this goes straight to attackers.
OAuth Application Scams
Here, attackers don’t steal passwords. Instead, they trick users into granting access to a malicious app. Once the access is granted, the attacker has total access.
Deepfake Calls and Video Messages
These may come as high-pressure video calls or messages from an executive requesting urgent action, emergency payment, or private documents.
Fake Travel and Expense Scams
Taking advantage of corporate travel, attackers clone legit travel sites in order to steal credit card and employee information.

Prevention Strategies Every Business Must Adopt

Phishing is a problem that can’t be eliminated but can only be significantly reduced through a combination of technical measures and human risk management.

Prevention requires a combination of technology, processes, and people.

Build a Security-Aware Culture
Training must be continuous, engaging, and realistic. It should be conducted via simulation and scenario-based learning.
Strengthen Email Authentication
Implement modern AI-based email filtering tools to help detect anomalies that human eyes miss. Include identity verification protocols like DMARC, SPF, and DKIM to reduce spoofing attacks.
Adopt Zero Trust Security
Implement the “never trust, always verify” approach. Access should be limited, monitored, and timed out automatically. High-risk actions should trigger additional verification.
Secure Remote Work
Implement VPNs, approved devices, endpoint protection, encrypted storage, and clear policies.
Implement Multistep Verification for Financial Transactions
Require verbal confirmation or dual approvals for high-value transfers.
Monitor Vendors and Partners
Keep in mind, there is a sharp rise in supply-chain attacks. Regularly verify domains, emails, and communication from suppliers and partners.
Have an Incident Response Plan
Be ready with a response plan in case of a breach. Acting quickly will reduce potential losses.

Conclusion

Phishing has transitioned into a sophisticated threat targeting the core operations of a business. New phishing variants reveal how attackers continually evolve their techniques. With the right awareness, technology, and processes, organizations can significantly reduce exposure.

5 Rules for Giving to Charity

Giving to charity is good for a couple of reasons. First, giving to organizations you believe in is intrinsically good – for them and for you. When we give, the “love hormone” oxytocin is released. Second, giving can reduce your taxable income, which also might make you feel pretty good. But here are a few things to know before you start doling out your cash.

Make sure you give to an IRS-recognized charity. More specifically, it must be a tax-exempt organization that is defined by section 501(c)(3) of the Internal Revenue Code, which includes entities like religious organizations, the Red Cross, nonprofit educational agencies, museums, volunteer fire companies, and organizations that maintain public parks. Most importantly, you must not have received anything in return for your gift. So before you give, make sure you verify your organization with this handy IRS tool. It’s super important to do this before you donate, and be sure to ask how much of your contribution will be tax-deductible. This is key.

Gifts to family and friends don’t count. As much as you’d like to gift perhaps a worthy nephew, these amounts are not tax-deductible. In fact, if they exceed a certain amount, they could be subject to a gift tax.

Deductions have a cap. Generally, you can deduct up to 60 percent of your adjusted gross income via charitable donations (for cash donations). That said, you may be limited to 20 percent, 30 percent or 50 percent, depending on the type of contribution and the organization. Examples of limited contributions include non-cash gifts, private-foundation gifts, etc. This deduction limit applies to all the donations you make during the year, no matter how many organizations you give to.

Exceeding your limit. If you go over the 60 percent limit of your adjusted gross income, the amount can be deducted from your tax returns over the next five years, or when the money’s gone. This process is known as a carryover. Good news for those who are generous.

Deductions for non-itemizers & itemizers. Specifically, for the 2025 tax year (taxes that are due by April 15, 2026), you’ll have to pivot and itemize to deduct your charitable contributions and get the tax break.

But for the 2026 tax year (taxes due April 15, 2027), the rules change for both types:

If you don’t itemize on your tax return, you can deduct up to $1,000 (single) or $2,000 (married filing jointly) in charitable contributions. This means you can take an above-the-line deduction for the 2026 tax year on the tax return that you’ll file in 2027.
If you do itemize on your tax return, you must donate an aggregate total of at least 0.5 percent of your adjusted gross income to charity to claim the deduction. Only the portion of your total charitable donations that exceeds 0.5 percent is deductible.

Making sure you follow these guidelines will ensure that you can realize your well-deserved deductions and tax breaks. If you have other questions about charitable giving, consult your tax professional. They’ll know all the ins and outs of charitable giving and keep you secure moving forward.

Sources

Tax-Deductible Donations: 2025-2026 Rules for Giving to Charity – NerdWallet

Long Term Care Insurance Options

In 2024, the median household income in the United States was $83,730. However, the national average annual cost of 24-hour paid long-term care (LTC) for a retiree age 65 and older was more than $125,000, according to the Department of Health and Human Services. Moreover, one in five seniors will require care for more than five years.

Obviously, the math varies by household, but the reality is that the majority of older Americans who rely on paid caregiving will use much of their retirement savings and investments to pay for it. When considering insurance, there are presently two options: Long Term Care Insurance (LTCi) and Hybrid Life Insurance with an LTC component. Be aware that each policy offers a throng of variations and exclusions, so it is important to dig into the details of individual policies before making a decision.

Long Term Care Insurance

Purchasing a long-term care insurance policy can help offset the cost of caregiving for either in-home care (in some cases, even payouts for family caregivers) or care outside the home (e.g., adult daycare services, assisted living, memory care, nursing home). However, it’s important to understand the following about LTCi.

It can be quite expensive.

Premiums can range from $2,000 a year for a man in his 50s to more than $12,000 a year for a woman in her 70s. Furthermore, premiums increase annually until benefits begin (premiums cease while benefits are paid).

It may not cover the full cost of care.

Unless care is needed for only a few hours a day, long-term care policies generally do not cover the full cost of paid caregiving. For example, let’s say a policy pays $150 a day, but the owner needs care for eight hours a day. His in-home caregiver charges $30 an hour. That means his cost is $240 a day, so he’ll have to pay the additional $90 a day out of his own pocket. That’s

up to $2,790 a month or $32,850 a year. So, while LTCi can help defray the cost, someone who needs extensive care must have other assets to cover the rest of the cost. For an elderly person who needs 24-hour home care, the cost can be exponential.

Many new policies cover only a handful of years.

When you purchase an LTCi policy, you choose from various options that increase or decrease your premium. For example, coverage periods may range from two years to five years to life. You may also select a waiting period before coverage begins after purchase, which could range from 30 days to 365 days. The longer the wait period, the lower the premium. If you have an immediate need for coverage, you might be denied coverage altogether. That is why it’s best to purchase coverage when you are younger (50s) and presumably healthy.

You don’t get to choose when to start benefits.

LTCi coverage doesn’t kick in until you qualify, which generally means you are no longer able to independently conduct some or all of the prescribed daily living activities. The five primary qualifiers are bathing, going to the toilet, dressing yourself, feeding yourself, and the ability to move from bed to chair/wheelchair. Qualification to begin taking LTCi benefits usually requires physician verification.

The downside of a standalone LTCi policy is that it is a “use-it-or-lose-it” type of contract, much like auto or homeowner’s insurance. In other words, you may pay for it for decades but never actually use it, so all the premiums paid are lost.

Hybrid Life/Long Term Care Insurance

On the other hand, a hybrid insurance policy will pay out some portion of unused proceeds to beneficiaries upon the death of the policyowner. A hybrid policy is basically a life insurance policy with an LTCi rider or an accelerated benefit clause, which, either way, means it will cost more.

First and foremost, it works just like life insurance – once the owner passes away, the beneficiary receives a payout. However, if the owner needs money to pay for long-term care while he is still alive, he can tap the rider or life insurance payout to pay for the care. Then, when he passes away, his heirs receive any amount of the unused proceeds. With this type of policy, the owner doesn’t pay for LTCi coverage he does not need, but it’s available if he does need it.

Premiums for a hybrid policy, like any life insurance, depend on the age, gender, health, and amount of insurance proceeds desired, as well as any additional charge for the LTCi rider. Some policies include LTC benefits as a standard feature.

Employer-Sponsored Benefit

If your employer offers long-term care insurance as a voluntary benefit, it’s worth considering because group rates are generally cheaper than on the individual market. However, while employer-sponsored LTCi policies are usually portable – meaning you can keep paying for it after you leave your employer – your premiums may increase when no longer part of the group policy.

As always, reach out to a professional when it comes to planning for you and your family’s future care.

How to Account for Accretion

Whether it’s an individual investor or a business owner looking to increase their earning power, understanding how accretion works is essential for individual and business investors to make the correct decisions going forward.

How Accretion Works for Bonds

Accretion is the gradual increase of a bond’s value over time. As a bond moves toward its maturity date, it increases in value until it reaches its face or par value – or what’s paid to the bondholder upon maturity.

If a bond has a face value of $2,000, yet it’s discounted at $1,900 when it’s offered for sale, the present value of the bond is $1,900, leaving the difference of $100 as the discount. Between the time of purchase and when it matures, the value of the bond will appreciate, up to its par value of $2,000. As the bond increases in value, this is referred to as an accretion discount.

When it comes to accounting for bond accretion, there are two common methods.

Straight-Line Method

This approach documents the bond’s appreciated monetary gain and is laid out equally over the bond’s time frame until maturity. For a bond with a term of 10 years and a business that publishes its earnings once a quarter, there are 40 earnings releases.

If there’s a $100 discount, spread across 40 quarters, that is $2.50 every three months. The $2.50 is the quarterly accretion until the bond matures.

Constant Yield Method

This method is different from the straight-line method in that the bond’s value appreciation increases in value closer to the bond’s maturity date.

Acquisitions and Accretion

Companies can also benefit from accretion. Through the concept of synergy, where there’s more output from combining multiple entities than the sum of them if still separate, an acquiring company adds the earnings before interest, taxes, depreciation, and amortization (EBITDA), for example, to add to its existing shareholders’ value.

Illustrating How it Works

If Company X wants to increase its earnings per share for its shareholders, an acquisition is one way to do so. Assume Company X earned $1 million in net income the preceding year and has 3 million shares. And then there is Company Z, which had $500,000 in net income over the same time frame, with 1 million shares issued to raise cash. The following is a way to calculate the acquisition accretion value of the new combined company.

Earnings Per Share of Company X: 1,000,000 / 3,000,000 = 0.33

Earnings Per Share of the new company post-acquisition: ($1,000,000 + $500,000) / (3,000,000 + 1,000,000) = $1,500,000 / 4,000,000 = 0.375

Based on the calculation, the earnings per share of the post-acquisition company are $0.375. Compared to the EPS for the original, pre-acquisition Company X, the post-acquisition company is $0.045, resulting in a positive acquisition accretion.

Whether an individual investor is looking to see how bond accretion works or a company is looking at whether an acquisition makes business sense, understanding how accretion works is essential to ensure it’s accounted for properly.

Seven Tax Moves to Make Before 2025 Ends – Year-End Tax Planning

Tax planning feels like homework nobody wants to do, but here’s the reality: real money is sitting on the table. The One Big Beautiful Bill Act changed the rules this year, and most people are still figuring out what matters for their wallets.

Max Out Everything While You Can

Here’s something many people miss. Every Dec. 31, workplace retirement accounts basically close their books for the year. That’s it, opportunity gone. The limit is $23,500 this year, or $31,000 for those over 50. Also, anyone between 60 and 63 can throw in an extra $11,250 with the new super catch-up provision. That’s serious money that could be working harder instead of going to taxes.

HSAs remain the best-kept secret in tax planning. Most people ignore them until someone explains the magic; it’s literally the only account where taxes never apply. Not when money goes in, not while it grows, and not when it comes out for medical expenses. Singles can contribute $4,300 and families $8,550, with up until the April 2026 tax deadline to make it happen. Starting in 2026, there’s a bonus feature: $150 a month can go toward concierge doctor memberships tax-free.

IRAs deserve attention, too. The contribution limit is $7,000 (or $8,000 for the 50-plus crowd) with that same April deadline. The catch? Income limits and existing workplace plans can complicate things, so checking the rules is important.

Transform Losing Stocks into Tax Wins

Everyone has those regrettable investments. Maybe it was that “sure thing” tech stock or the cryptocurrency experiment that went south. Here’s the good news, selling losers before year-end can offset winners for tax purposes. Even better, losses can erase up to $3,000 of regular income. Whatever doesn’t get used rolls forward indefinitely, like store credit that never expires.

Play the Charity Deduction Game Smart

The standard deduction has increased yet again, standing at $15,000 for singles and $30,000 for married couples. Most people won’t beat that with itemized deductions, but there’s a clever workaround. By bunching several years of charitable giving into 2025, taxpayers can itemize this year and claim the standard deduction in future years. It’s like buying in bulk for tax benefits.

Timing matters because 2026 brings stingier charity rules. Only donations exceeding 0.5 percent of income will count, and high earners face a 35 percent cap. Anyone feeling generous should probably act this year.

Control the Income Timeline

Freelancers and business owners hold the cards on payment timing. That December invoice could easily become January income with a quick conversation. Even employees sometimes have flexibility with bonuses through understanding employers or HR departments. The trick is knowing whether next year’s tax situation will be better or worse.

The Roth Conversion Opportunity

With permanently lower tax rates now locked in, converting traditional retirement funds into Roth accounts makes increasing sense. Yes, taxes are due on the conversion amount today, but then everything grows tax-free forever. Smart planners often execute these moves during lower-income years, like between jobs or early in retirement.

Navigate Required Withdrawals Carefully

Anyone who’s 73 or older must withdraw from retirement accounts by Dec. 31. No exceptions, no excuses. The penalties for forgetting are harsh. First-timers get a choice, either take it now or wait until April. But waiting means two withdrawals hit in 2026, potentially pushing income into higher tax brackets. It’s worth doing the math.

The Charity Strategy Nobody Mentions

After age 70½, a powerful option opens up. You can send up to $108,000 directly from an IRA to charity. This qualified charitable distribution satisfies required withdrawals without adding to taxable income. Married couples can each do this, potentially moving $216,000 to charity while avoiding taxes entirely. For those already charitably inclined, missing this opportunity is literally giving money to the IRS instead of chosen causes.

Take Action Before Time Runs Out

Smart taxpayers are running projections comparing 2025 and 2026 tax scenarios right now. They’re scanning investment accounts for tax-loss harvesting opportunities. They’re accelerating charitable plans into 2025 before the rules tighten. They’re smoothing income across tax years where possible.

Nobody gets excited about tax planning, but a few hours of attention before year-end could save thousands of dollars. Good tax professionals pay for themselves many times over, especially in years with rule changes like this one.

Financing Via Off-Balance Sheet Options

When it comes to business needs, securing financing is a top priority, particularly when starting out or for ongoing needs such as making payroll or paying for inventory. This financing could include a loan or securing an ongoing credit line, and businesses can do that through Off-Balance Sheet Financing (OBSF).

Defining OBSF

Off-Balance Sheet Financing is an accounting practice whereby businesses document liabilities or assets on their books but do not reflect them on their balance sheet. It’s important to note that while they’re not reflected on the business’ balance sheet, if their disclosure meets generally accepted accounting principles (GAAP), it’s legal. If select transactions aren’t on the company’s balance sheet, these transactions are generally found in a company’s financial statements via notes. If, however, company employees conceal material information from investors, then it becomes illegal. As the Federal Deposit Insurance Corporation (FDIC) and the U.S. Securities and Exchange Commission (SEC) lay out, financial statements also may contain references to lease expenses, rentals, or partnerships.

Why Companies Use OBSF

Businesses use this type of accounting to manage their debt usage. Along with reducing interest rates for commercial loans, businesses can lower their leverage and debt-to-equity ratios, reducing the chances of default and encouraging outside investment. This is even more advantageous to help companies obtain financing if they have debt covenants.

In reaction to the Financial Accounting Standards Board’s (FASB) discovery of operating leases regarding OBSF of more than $1.25 trillion for lease accounting, it changed the requirement for OBSF in February 2016 to mandate U.S. public companies to record “right-of-use assets and liabilities from leases on balance sheets” per 2016-02 ASC 842, coming into force in 2019. Based on the publication “Accounting Standards Update No 2016-02 Leases (Topic 842) p. 1,” footnotes were mandated for greater transparency.

How OBSF Works

OBSF moves select assets, liabilities, or transactions away from their balance sheets. It’s done to attract investors or when a company has a ton of debt yet needs to borrow additional capital to fund operations. This can provide companies with more favorable lending rates. Such transactions are either moved to subsidiaries or via special purpose vehicles. The questionable assets are still there but are simply listed on related monetary documentation.

Depending on how the company proceeds, it can include entities that the parent company has a minority ownership stake in. This may include special purpose vehicles (SPV) that take on assets and liabilities, along with other entities such as joint ventures and research and development (R&D) partnerships.

Conclusion

When it comes to R&D partnerships, since R&D is capital-intensive and requires a long time for completion, OBSF is financially advantageous. It permits a company to reduce its liability over the research time since there are no substantive assets to help even out the liability. Industries such as healthcare can see benefits.

Another advantage of OBSF is that when an operating lease is used, it can create liquidity since capital is not tied up in purchasing equipment, and rental expenses are the only financial outflows.

When done according to GAAP guidelines and state and federal laws, companies that use OBSF can maximize their financial landscape.

Controversial Defense Funding Bill, Shoring Up ESOP Plans, and Leave Benefits for Public Health Personnel

National Defense Authorization Act for Fiscal Year 2026 (S 2296) – Introduced by Sen. Roger Wicker (R-MS) on July 15, the Senate passed this legislation on Oct. 9. The bill is a carve-out of the 2026 budget bill intended to fund military appropriations for the 2025-2026 fiscal year. The bill was largely supported by Republicans but less so by Democrats, who are in favor of keeping the government closed until all of their budget concerns are addressed. In addition to establishing funding and policies for military and defense-related activities, the bill includes a roadmap for bomber modernization, a real-time database for contractor compliance oversight, and authorizing programs for nuclear weapons facilities. The legislation would authorize $32.1 billion over the President’s budget request, and the White House opposes provisions in the bill that thwart the President’s ability to control immigration and conduct foreign affairs, including submitting plans to Congress ahead of actions, dictating the terms of intelligence support to Ukraine, and enabling the Defense Department to bypass the Administration’s tariffs. The bill currently rests with the House, which asserts it will not return to regular session until the Senate passes the current controversial CR budget bill.

Employee Ownership Representation Act of 2025 (S 1728) – This bipartisan bill seeks to expand the membership of the Advisory Council on Employee Welfare and Pension Benefit Plans to include two representatives of employee ownership organizations. While the council presently includes 15 members from business, labor, and the public, the council has no expertise specific to Employee Stock Ownership Plans (ESOPs). The legislation was introduced by Sen. Bill Cassidy (R-LA) on May 13 and passed in the Senate on Oct. 9. It currently awaits consideration by the House.

Retire Through Ownership Act (S 2403) – The main purpose of this bill is to provide a clear definition for certain closely held stock that aligns valuations with IRS standards in an effort to mitigate valuation risk for ESOPs. It would also provide “safe harbor” for trustees relying on these guidelines. The Act was introduced by Sen. Roger Marshall (R-KS) on July 23. It passed in the Senate on Oct. 9 and currently lies with the House.

Uniformed Services Leave Parity Act (S 1440) – Introduced by Sen. Tammy Duckworth (D-IL) on April 10, this legislation would authorize leave benefits (parental leave, emergency leave) to Public Health Service (PHS) officers. The bill sponsors assert that the current lack of these important benefits is a challenge to recruiting and retaining PHS personnel, who should be on par with the same benefits offered to uniformed service members. The bill passed in the Senate on Oct. 9 and is up for review in the House.

Internal Revenue Service Math and Taxpayer Help Act (HR 998) – This bill was introduced on Feb. 5 by Rep. Randy Feenstra (R-IA). Among other provisions, it instructs the IRS to provide taxpayers with details of notices that relate to a math or clerical error. The bill passed in the House on March 31 and in the Senate on Oct. 20. It currently awaits the President’s signature to become law.

Why Authorization Sprawl Is the Next Big Security Blind Spot and How to Fix It

Despite major investments in cybersecurity, organizations continue to face breaches. Most security mechanisms implemented guard against threats such as password theft. However, there is a growing concern with the unchecked expansion of user access, permissions, and tokens across apps, clouds, and systems.

This growing challenge is known as authorization sprawl, and it is becoming one of the most dangerous and least visible threats in modern enterprise security.

SANS keynote at the RSAC 2025 Conference, attackers are increasingly exploiting this sprawl to gain legitimate, persistent access that bypasses multifactor authentication (MFA), security information and event management (SIEM) alerts, and endpoint detection and response (EDR) visibility altogether.

What is Authorization Sprawl?

Authorization sprawl occurs when access permissions multiply uncontrollably across systems, users, and applications. Every time a team or department adds a new SaaS integration, service account, or API key, another layer of permission is introduced.

In an attempt to make access to multiple applications easy, users also have single sign-on (SSO), designed to help log in once and access multiple applications securely. Here, users are granted access to several connected systems through SSO, adding to the authorization sprawl problem.

Over time, all these factors create a complex ecosystem that even security teams have a hard time tracing who can access what.

Unlike authentication, which verifies who someone is, authorization determines what one can do. When permissions expand without review, attackers take advantage of forgotten tokens, dormant accounts, or outdated roles to move freely inside systems.

Why Traditional Defenses Miss It

Most defenses focus on identity verification, such as MFA, conditional access, and endpoint protection. But once a user is authenticated, there is no monitoring. This is the blind spot that attackers exploit. Instead of breaking in, they log in using legitimate session tokens, application programming interface (API) keys, or open authorization (OAuth) grants.

The misuse of valid credentials or access tokens enables cloud-related breaches. These attacks bypass traditional detection tools because they appear to be normal activity by authorized users.

A recent incident involving Salesloft’s Drift application highlights how damaging authorization sprawl can be. Drift, an AI chatbot often integrated with Salesforce, was exploited after attackers gained access to Salesloft’s GitHub account and later its AWS environment. From there, they stole OAuth tokens and authentication credentials, exposing Salesforce data from potentially hundreds of organizations. This incident is an example of how interconnected SaaS systems and unchecked authorization links can create a cascading breach effect, where one weak point leads to multiple breaches across services.

The Business Impact of Authorization Sprawl

Aside from increasing technical risk, authorization sprawl erodes compliance, governance, and trust.

Regulatory Exposure – Frameworks like GDPR, SOC 2, and HIPAA require strict access control and auditability. Untracked permissions make demonstrating compliance nearly impossible.
Operational Risk – An overprivileged account can unintentionally leak data, delete configurations, or expose APIs.
False Sense of Security – Zero Trust frameworks often stop at identity verification. Failing to continuously validate authorization is equivalent to protecting the front door while leaving internal doors wide open.

How to Fix Authorization Sprawl

Luckily, solving this problem does not require removing existing security controls but rather extending visibility and discipline into authorization.

Conduct Regular Access Audits – Map users, roles, and permissions across your environment. Be sure to look for redundant privileges, dormant accounts, and orphaned API keys. Use tools that help visualize hidden paths and privilege escalation routes.
Implement Structured Access Control – Use frameworks like role-based access control (RBAC) or attribute-based access control (ABAC). Standardizing roles ensures fewer exceptions and easier auditing.
Automate Reviews and Revocations – Integrate identity and access management (IAM) with HR systems so access automatically changes when employees leave or change roles. This helps eliminate the temporary access that never gets removed.
Shorten Token Lifetimes and Rotate Credentials – Session tokens and personal access tokens (PATs) should have an expiration period, such as 30 to 90 days. Using automated key rotation policies will help prevent long-lived access tokens from becoming backdoors.
Enforce the Principle of Least Privilege – Grant users and systems only the minimum access needed.
Extend Zero Trust to Authorization – Verification shouldn’t end with login. Apply continuous authorization checks.

Conclusion

As cloud ecosystems, APIs, and integrations continue to multiply, authorization complexity will grow exponentially. Businesses that invest in mapping and controlling authorization sprawl will stay ahead of both attackers and regulators. In cybersecurity, visibility equals control, and this begins with knowing exactly who can do what.

Year: 2025

How to Account for Additional Paid-in-Capital (APIC)

Partial Government Funding, Promoting Transparency and Protecting Against Foreign Terrorism

The New Face of Phishing: Techniques, Targets and Prevention

5 Rules for Giving to Charity

Long Term Care Insurance Options

How to Account for Accretion

Seven Tax Moves to Make Before 2025 Ends – Year-End Tax Planning

Financing Via Off-Balance Sheet Options

Controversial Defense Funding Bill, Shoring Up ESOP Plans, and Leave Benefits for Public Health Personnel

Why Authorization Sprawl Is the Next Big Security Blind Spot and How to Fix It

Contact Info

Working hours

Sitemap

Calendar