Crossing Borders in the Dis-United States

It’s daunting to think that there are 50 sets of rules to follow in business. Each state in our country has its own set of rules, and believe me, they can be very different from each other. You already know that any time you do business in a particular state, there are requirements that need to be met. After all, each state has a vested interest in tracking and taxing the businesses within their jurisdiction. That means anytime you do business outside of Florida, you should be aware that there may be some red tape.

First, what does it mean to “do business” in another state? Does it mean selling a product or service to someone in another state? Does it mean having an office located in another state? How about hiring an employee that lives in another state – or a sales rep or an independent contractor? What if you provide training to people in another state? Advertising in another state? Driving through another state? Storing inventory in another state? All good questions and the answer to all of them is “it depends.”

It depends on how much, what it is and what particular state we’re talking about. Each state has its own rules that govern businesses within its jurisdiction. We do not have the “United” States of Business here. So, let’s look at the general rules to illustrate some of the pitfalls of doing business in multiple states.

Chances are, if you’re reading this, you’re a Florida business owner. If your Florida business sells products online and customers from all over the US buy them, that alone will not require you to register in each and every state. If your business engages in “interstate” commerce, which means that you do business across state lines in a regular and systematic way, then you are not likely to be subject to each state’s jurisdiction (see below for some exceptions).

However, if your business has regular and systematic activities in a particular state, then you are likely to be subject to that state’s business requirements. How regular and systematic does it have to be? Unfortunately, the situation depends on each state’s rules, so it’s not an easy answer. The more extensive and continuous your activities in a state, the higher the likelihood that you will need to comply with their requirements.

If a part of your business is conducted in another state, you need to run it by an experienced business attorney who can help you navigate through the rules. If you do need to comply with a state’s rules, you should expect to register with the state government (sometimes in several departments). For example, you will probably need to register as a “foreign entity” to do business within the state (and by the way, if you do business in Florida but your entity was formed in another state, you must register in Florida as a “foreign entity”). You will probably also be required to register with the state’s tax collection agency, their employment or reemployment agency, their licensing agency and several others particular to your business.

You will need to have the required licenses in that state, pay the applicable taxes in that state and comply with that state’s regulations and statutes. Not least of all, if you sell products in that state, you will need to register to collect and pay sales taxes. In today’s marketplace, collecting and remitting sales tax can be unbelievably complicated. That’s why it is important to have a good accountant on your advisory team who can help you keep out of sales tax trouble. You may be required to register for sales tax even if you don’t have to register to do business in the state. Tricky!

Bottom line = Talk to your business attorney and your accountant about all of your business activities outside the state of Florida. We can help spot some of the issues before they become big problems. There are tons of examples of businesses out there who didn’t follow the requirements and got in trouble. Some consequences came with a hefty price tag. Avoid those pitfalls.

About Elevate Business Law

We are a Florida based business law firm that helps professionals and specialized service providers with their business plans and opportunities. Our goal is to make it simple, reduce risk and allow our clients to focus on their business success.

THE CASE OF DISAPPEARING SHIELDS

A quick check on Sunbiz.org will show you that small business owners are allowing their limited liability shields to disappear.  Are you one of them?

Do you file your annual reports on time and correctly? Do you have annual minutes for each year of business? Do you take the other steps necessary to keep your entity’s liability shield in place?

If you aren’t, why did you go to all the trouble of creating a business entity in the first place if you aren’t going to keep it legally healthy?

Maybe you did not realize you had to or maybe you have it on your list but never get to it.  Either way, we need to have this conversation.  Whether you are a business that is one year old, or you’ve been around for decades, this is important!

It all boils down to whether you treat your business entity as “separate” from you personally.  I often tell my clients to think of the business entity as another person that is sitting in a chair at the table with you.  You each have your own chair and separate space.  You cannot “sit on the lap” of the business entity because the law will not see the business entity underneath you. You must allow the business entity to stand (or sit) on its own beside you.

How do you do that?  Here are some of the requirements that you must keep up with and why they should be important to you:

Annual Reports – Every year a business entity must file an annual report with the State of Florida.  If you do not, your business will be administratively dissolved and you will become personally responsible for the debts, obligations and liability of the business.  It always surprises me how many small businesses are administratively dissolved every year.

Updating Information – You are responsible for keeping the information with the State current.  If officers, directors, managers or members change, you must update that information.  Your contact information must also be current.  If you mislead anyone with incorrect or outdated information, you could be held responsible for the outcome.

Internal Documents – Certain internal documents are required for corporations and LLC’s.  Periodic meetings (at least annually) should be held to document the major actions of the entity and their approval.  Without these records, internal inconsistencies and disagreements are bound to arise. We’ve seen many cases where the ownership of the business was in dispute because there were no internal documents showing who owned the company! (Not to mention all the tax problems that are involved with that.)

Taking these actions isn’t hard.  But it is time consuming and unfamiliar.  That is why many small business owners ignore them, only to find out later why they are so important.  Unfortunately, sometimes they find out too late to fix it and personal liability becomes a real issue for them.

We’ve also seen business opportunities disappear because potential partners, investors and/or lenders are not interested in taking a chance on a messy business that doesn’t have a strong liability shield. It can be very embarrassing for small business owners to admit that they do not have these basic requirements in place.

There are many other problems we’ve seen that are created by the failure to keep up with these basic requirements. The way to avoid all the hassle is to take care of these tasks each year.

Be honest and realistic with yourself.  Are you going to take responsibility for making sure these tasks get done?  If you are, that’s great.  If you don’t want to do it yourself, get help from your small business attorney.  Many of us offer programs to handle these matters on an ongoing basis.  The most important thing is that they all get done – each and every year that you’re in business.  Just do it!

 

About Elevate: Small Business + Technology Law

Small business owners are busy and they have a million things going on all at once.  Our job at Elevate is to make difficult issues (the law) as simple as possible.  We love to see our small business clients grow and “elevate” themselves in the marketplace.

This blog post is offered for informational purposes only and is specific to Florida law.  For specific advice, please contact a business attorney and discuss your particular needs.

 

Does your business use independent contractors?

If your business hires independent contractors, you should be aware of recent actions taken by the federal government and state governments.  The problem occurs when a business classifies someone as an independent contractor instead of as an employee.

For some business owners, it can be very appealing to pay someone as an independent contractor instead of paying them as an employee.  For instance, a business owner usually does not have to withhold employment taxes for an independent contractor (the independent contractor pays the taxes directly).  Paying someone as an independent contractor is very simple – you pay them a certain amount and that’s it.  You don’t have to worry about unemployment, insurance, benefits, taxes and all of the other issues you have with employees.

But in reality, it’s not that simple.  Not everyone is an independent contractor.  Some people must be classified as employees.  And if you fail to classify them as employees, there can be serious consequences.  The IRS is looking into these classifications, as well as the US Department of Labor and certain state agencies.  Besides all of the taxes that aren’t being collected on people who should be classified as employees, there are issues of whether a person qualifies for unemployment, whether he or she is protected under the Fair Labor Standards Act, and whether he or she is “counted” under the Affordable Care Act.

Each of the agencies involved in monitoring these classifications has their own “checklist” of criteria for a correct classification as an independent contractor.  Most of the criteria involves the level of control over how, when and where the work is performed.  The following are links to see each checklist:

IRS – http://www.irs.gov/Businesses/Small-Businesses-&-Self-Employed/Independent-Contractor-Self-Employed-or-Employee

US Department of Labor – http://www.dol.gov/whd/regs/compliance/whdfs13.pdf

Florida Department of Revenue – http://dor.myflorida.com/dor/taxes/rt_employee.html

Business owners need to be careful of how they use independent contractors.  The US Department of Labor signed a memorandum of understanding with the Florida Department of Revenue on January 13, 2015.  This agreement allows the agencies to share information they have collected on businesses in order to enforce the rules regarding independent contractors.  You can read the release here:  http://www.dol.gov/opa/media/press/whd/WHD20150034.htm

It is possible for business owners to correctly classify someone as an independent contractor.  Effort should be placed on documenting the relationship in a good contract and evaluating how the work and communication will be conducted.  In the right situation, using independent contractors can be practical and profitable.  Business owners just need to be aware that not every worker can be classified as an independent contractor.

PROTECT THE DATA! More Regulations on Businesses

The Florida legislature has decided to take a more aggressive approach to identity theft.  A new law that went into effect on July 1, 2014, the Florida Information Protection Act of 2014 (“FIPA”), places more stringent notification obligations on most businesses and increases the fines and penalties for non-compliance.

FIPA is at the same time broader and simpler than the Health Information Portability and Protection Act (“HIPAA”).  While HIPAA applies to businesses that deal with protected healthcare information, FIPA applies to virtually all businesses that have access to or store certain personal information of individuals in Florida.

What is that “personal information”?  There are two categories:

Category A    A person’s last name and first name or first initial PLUS one of the following:

  • Social security number
  • Driver’s license number
  • Identification card number
  • Passport number
  • Military identification number
  • Other identification number on a government document
  • Financial account number AND security code, access code or password
  • Credit or debit card number AND security code, access code or password
  • Information regarding medical history
  • Information regarding mental or physical condition
  • Information regarding medical treatment or diagnosis by a health care professional
  • Health insurance policy number/ identification number/ or other identifier

Category B     A person’s user name OR email address PLUS a password OR a security question answer that would allow access to an online account.

Because the definition of personal information is so broad, most businesses will find that FIPA applies to them.  For example, a business that takes credit card payments will have a person’s credit card number, the expiration date and the access code on the back of the card.  In addition, all businesses that have employees will have the employee’s name, social security number and identification number(s), because that information is required on Form I-9.

PROTECTING THE DATA

FIPA requires a business to protect the “personal information” stored in electronic form by taking “reasonable measures.”  FIPA does not define “reasonable measures” but businesses should implement certain common sense policies and procedures.

In addition, FIPA has requirements for the disposal of records once the data is no longer needed.  A business must shred, erase, or otherwise modify the personal information in the records so that it is unreadable or undecipherable through any means.

REPORTING A BREACH OF SECURITY

While FIPA does not give much guidance on how to protect personal information, it is very detailed when it comes to a breach of security.  Once a breach or suspected breach occurs, certain notification requirements are triggered.

Required notices may include personal notices to affected individuals, notice to the Department of Legal Affairs, notice to law enforcement, and notice to credit reporting agencies.  In some circumstances, detailed reports must be submitted in the notice.  In any event, a breach or suspected breach of security will cost a business a significant amount of resources.

If your business suffers a breach or suspects a breach of security, it is prudent to address the situation immediately.  There are strict time limits for reporting and issuing notices.  Failure to comply with the requirements in FIPA can result in fines and penalties up to $500,000.00.

While FIPA does not authorize a private cause of action for an individual to sue, lawsuits could potentially be filed against a business for breach of security on the basis of other causes of action, including without limitation, negligence, breach of contract, and breach of fiduciary duty.  Therefore, the advice of a qualified attorney is recommended.

RESPONSIBILITY FOR YOUR VENDORS AND SERVICE PROVIDERS

If you hire a vendor or service provider to maintain, store or process “personal information” on your behalf, you are still responsible for its protection.   As far as FIPA is concerned, your vendor or service provider has an obligation to notify you of any breach.  Then it is your responsibility to make the required notifications mentioned above.  The fines and penalties would apply to you if you fail to meet FIPA’s requirements.

Therefore, it is very important that you choose your vendors and service providers carefully and make sure that you have a written contract that obligates the vendors and service providers to protect the personal information.  Ideally, the contract should set out specific actions that the vendor or service provider is required to take, including meeting the notification deadlines in FIPA.

IMPORTANT TO REMEMBER

It is important to remember that the size of a business does not matter.  FIPA applies to every business that collects, accesses or stores “personal information.”  It does not matter whether the business is based in Florida or has a presence in Florida or has any connection to Florida.  What matters is whether the business has personal information of an individual who is in Florida.

While FIPA may seem short and sweet at a glance (see Section 501.171 of the Florida Statutes), its reach is broad and its penalties for non-compliance are steep.  In time, we are sure to see how FIPA is implemented, enforced and eventually challenged or interpreted by the courts.  For now, businesses need to be aware of the requirements and implement the necessary policies and procedures to comply.