Monday, April 15, 2019

Tax Dodge - Wall Street’s ‘Dirty Little Secret’:

The Nation’s Fiscal Health: Action Is Needed to Address the Federal Government’s Fiscal Future, GAO-19-314SP: Published: Apr 10, 2019. Publicly Released: Apr 10, 2019. “This report provides an update on the nation’s fiscal health as of the end of FY 2018, and describes its likely fiscal future if policies don’t change

Wall Street Journal:  Startups Discover the Allure of the ‘C Corporation’, by Richard Rubin:
WSJThe corporate structure is gaining new attention among companies after changes in the tax law created the potential for big savings.

GAO Report on Foreign Asset Reporting and Related Issues

GAO Released this report:  Foreign Asset Reporting, Actions Needed to Enhance Compliance Efforts, Eliminate Overlapping Requirements, and Mitigate Burdens on U.S. Persons Abroad (GAO-19-180 April 2019), here
Data quality and management issues have limited the effectiveness of the Internal Revenue Service’s (IRS) efforts to improve taxpayer compliance using foreign financial asset data collected under the Foreign Account Tax Compliance Act (FATCA). Specifically, IRS has had difficulties matching the information reported by foreign financial institutions (FFI) with U.S. taxpayers’ tax filings due to missing or inaccurate Taxpayer Identification Numbers provided by FFIs.  Further, IRS lacks access to consistent and complete data on foreign financial assets and other data reported in tax filings by U.S. persons, in part, because some IRS databases do not store foreign asset data reported from paper filings.  IRS has also stopped pursuing a comprehensive plan to leverage FATCA data to improve taxpayer compliance because, according to IRS officials, IRS moved away from updating broad strategy documents to focus on individual compliance  campaigns. Ensuring access to consistent and complete data collected from U.S. persons—and employing a plan to leverage such data—would help IRS better  leverage such campaigns and increase taxpayer compliance. 

Center for Public Integrity, The Trump Tax Law Has Its Own March Madness:

When March Madness wraps up late Monday night, the attention will be focused on the stars of the night and their exploits on the hardwood in Minneapolis. But when Republicans in Congress sat down to write the 2017 Tax Cuts and Jobs Act, they wrote a provision that focused on a different aspect of college hoops — the sky-high incomes of the game’s most prominent coaches

President Trump earlier this year asked Senator Mitch McConnell, the majority leader, to prioritize a confirmation vote for his nominee to be the chief counsel of the Internal Revenue Service, indicating that it was a higher priority than voting on the nomination of William P. Barr as attorney general, a person familiar with the conversation said.

White House aides insisted for months that the confirmation of the nominee, Michael J. Desmond, a tax lawyer from Santa Barbara, Calif., was a top priority after passage of the tax bill in 2017.

The ETF Tax Dodge Is Wall Street’s ‘Dirty Little Secret’:

One day last September an unidentified trader pumped more than $3 billion into a tech fund run by State Street Corp. Two days later that trader pulled out a similar amount.

Why would someone make such a large bet—five times bigger than any previous transaction in the fund—and then reverse it so quickly? It turns out that transfusions like these are tax dodges, carried out by the world’s largest asset managers with help from investment banks. The beneficiaries are the long-term investors in exchange-traded funds. Such trades, nicknamed “heartbeats,” are rampant across the $4 trillion U.S. ETF market, with more than 500 made in the past year. One ETF manager calls them the industry’s “dirty little secret.”


April 4, 2019

German drugmaker Bayer has contained a cyber attack it believes was hatched in China, the company said, highlighting the risk of data theft and disruption faced by big business. Bayer found the infectious software on its computer networks early last year, covertly monitored and analyzed it until the end of last month and then cleared the threat from its systems, the company said on Thursday. “There is no evidence of data theft,” Bayer said in a statement, though a spokesman added that the overall damage was still being assessed and that German state prosecutors had launched an investigation. “This type of attack points toward the ‘Wicked Panda’ group in China, according to security experts,” the spokesman added, citing DCSO, a cyber security group set up by Bayer in 2015 with German partners Allianz, BASF and Volkswagen. Third-party personal data was also not compromised, the spokesman said. The hackers used malware called WINNTI, which makes it possible to access a system remotely and then pursue further exploits from there, said Andreas Rohr of the DCSO.

CNBC April 4, 2019

The risk of a devastating cyberattack may be the single greatest danger to the U.S. financial system, according to J.P. Morgan Chase CEO Jamie Dimon. J.P. Morgan spends almost $600 million annually to tighten its defenses and ward off a constant stream of attacks, Dimon said Thursday in his annual letter to shareholders. But the interconnected nature of the financial system means the risk never goes away. Indeed, J.P. Morgan was the victim of a large data breach in 2014 tied to hackers. "The threat of cyber security may very well be the biggest threat to the U.S. financial system," Dimon said. The bank spends "a lot of time and effort trying to protect our company in different ways as part of the ordinary course of running the business," Dimon said. "But the financial system is interconnected, and adversaries are smart and relentless — so we must continue to be vigilant."

E&E News April 4, 2019

As employees at nuclear power plants operated by Entergy Corp. showed up for work on a Tuesday morning in February 2018, they got a strange warning: Don't turn on your computers. The electricity giant, which owns and operates eight nuclear sites from New York to Louisiana, was in the throes of a widespread malware infection on its corporate system. The culprit? "Crypto-mining" malware — a tool for hackers to make a quick buck digging for cryptocurrencies like bitcoin by hijacking a company's computing power. The initial chatter around the incident made no mention of cryptocurrency mining, and until now it wasn't known publicly that the year-old incident went beyond Entergy's corporate headquarters to affect computers at the nuclear sites.

Ars Technica April 4, 2019

A wave of DNS hijacking attacks that abuse Google's cloud computing service is causing consumer routers to connect to fraudulent and potentially malicious websites and addresses, a security researcher has warned. By now, most people know that Domain Name System servers translate human-friendly domain names into the numeric IP addresses that computers need to find other computers on the Internet. Over the past four months, a blog post published Thursday said, attackers have been using Google cloud service to scan the Internet for routers that are vulnerable to remote exploits. When they find susceptible routers, the attackers then use the Google platform to send malicious code that configures the routers to use malicious DNS servers. Troy Mursch, the independent security researcher who published Thursday's post, said the first wave hit in late December. The campaign exploited vulnerabilities in four models of D-Link routers.


April 4, 2019

Some of the nation’s top research universities are cutting ties with Chinese tech giant Huawei as the company faces allegations of bank fraud and trade theft. Colleges including the Massachusetts Institute of Technology, Princeton University and the University of California, Berkeley, have said they will accept no new funding from the company, citing the recent federal charges against Huawei along with broader cybersecurity concerns previously raised by the U.S. government. The schools are among at least nine that have received funding from Huawei over the past six years, amounting a combined $10.5 million, according to data provided by the U.S. Education Department. The data, which is reported by schools, does not include gifts of less than $250,000. It’s not uncommon for big companies to provide research dollars to schools in the U.S. and elsewhere. At MIT, which received a $500,000 gift in 2017, officials announced in a memo Wednesday they will not approve any new deals with the company and won’t renew existing ones. The memo ties the decision to recent Justice Department charges against Huawei, adding that the shift will be revisited “as circumstances dictate.” Company officials did not immediately respond to a request for comment.

TechCrunch April 2, 2019

Arizona Beverages, one of the largest beverage suppliers in the U.S., is recovering after a massive ransomware attack last month, TechCrunch has learned. The company, famous for its iced tea beverages, is still rebuilding its network almost two weeks after the attack hit, wiping hundreds of Windows computers and servers and effectively shutting down sales operations for days until incident response was called in, according to a person familiar with the matter. More than 200 servers and networked computers displayed the same message: “Your network was hacked and encrypted.” The company’s name was in the ransom note, indicating a targeted attack. Notices posted around the office told staff to hand in their laptops to IT staff. “Do not power on, copy files, or connect to any network,” read the posters. “Your laptop may be compromised.” It took the company another five days before the company brought in incident responders to handle the outbreak, the source said. Many of the back-end servers were running old and outdated Windows operating systems that are no longer supported. Most hadn’t received security patches in years.

U.S. Supreme Court Justice Clarence Thomas was adamant on March 30 when he told a friendly Pepperdine University School of Law audience that he had no plans to retire from the court.