Weekly Wright Report – October 25, 2018

Educational Resources

Baltimore Office

7 St. Paul Street, 18th Floor
Baltimore, MD 21202

Tel: 410-659-1300
Fax: 410-659-1350

Towson Office

102 W. Pennsylvania Ave, Suite 406
Towson, MD 21204

Tel: 443-991-5917
Fax: 410-659-1350

Richmond Office

West Shore III Building 301 Concourse Boulevard Suite 120 Glen Allen, Virginia 23059

Tel: 804-362-8293
Fax: 804-441-9250

Bethesda Office

6931 Arlington Road,
Suite 450 Bethesda, Maryland, 20814

Tel: 240-583-0003
Fax: 240-583-0013

Weekly Wright Report – October 25, 2018

In the latest Weekly Wright Report:

  • Solid as Sears? Will Your Company Be The Target of a Preference Action? – read now
  • New Regulatory Structure and Regulations for Veteran Owned Businesses – read now
  • Cybersecurity for the Non-Cyber Company: Part I – read now

Solid as Sears? Will Your Company Be The Target of a Preference Action?

By Doug Seitz

Imagine, if you will, that your best customer went out of business a year or so ago. Your sales took a big hit and your company is just starting to recover from the revenue loss.  Now imagine you open a letter from a Wilmington Delaware attorney demanding you pay back $100,000 that she claims your company received within 90 days of the bankruptcy filed by that customer. This is a preference action and how you deal with it will determine how much, if any, of that $100,000 will you have to repay.

“Preference” is a term used in bankruptcy to describe monies paid to creditors by a soon-to-be bankrupt company “shortly” before it files for bankruptcy.  Preferences were deemed to create unequal treatment between the creditors of the bankrupt business.  The thought was that the bankrupt would pay off certain creditors in order to obtain from those creditors some sort of favorable or preferential treatment after the bankruptcy concluded.

So what can you do to fight this sort of claim?

First, and foremost, you must keep detailed account records.  Any successful defense of a preference claim will require you to prove such things as the amounts of payments you have received from the bankrupt ,- – not just during the 90 days prior to filing of the bankruptcy, but during the entire history of your company’s dealings with the bankrupt.  You will need accurate dates: of when product was delivered; when the bankrupt company was invoiced for those sales; when payments were received on each of those sales; and when those payments deposited into your company’s bank.

What defenses are available to your company?

There are three major defenses available in preference actions, and a few esoteric ones. The big three are, in order of greatest applicability:

      1. The payments were made in the “ordinary course of business” (the payments were ordinary as between the creditor and the bankrupt or they were ordinary according to industry standards);
      2. The payments made as a result of your company providing “New Value” to the bankrupt (generally this occurs when a company provides new services or materials and results in being owed some money from the bankrupt company); and
      3. The payments constituted “Substantially contemporaneous exchanges of equal value” (For the most part, this defense is employed when the customer is on a COD basis and payment for product is made at the same time it is delivered).

Lesser known defenses may also be available.  For example, if the monies are trust funds that were paid to creditor pursuant to a trust arrangement, then they are likely not “property of the estate” and therefore cannot be part of a preference action.  This defense generally works when the monies are paid as part of a construction project that is covered by a Construction Trust Fund Statute.  If your company holds a senior priority security interest against certain assets of the bankrupt, then to the extent of its security interest, the payments it received during the bankruptcy period are offset by the value of the security interest it holds. If the payments your company received from the bankrupt business were less than $6,425.00.

What Can A Company Do To Avoid These Strong Arm Actions By Trustees? 

      • Stellar record keeping that can be easily/reliably accessed is the first step in fighting these claims.
      • Careful monitoring of credit to troubled accounts. If you think a customer might be on the brink, consider agreements where new credit is only extended after payment of an equivalent amount is paid by the customer.
      • Consider obtaining personal guarantees from principals of the business.
      • Consider placing the customer on a COD basis.
      • Investigate the possibility of obtaining a security interest in the goods you are selling to the troubled customer or in other unencumbered property it might own.
      • Investigate the possibility of receiving payment from third parties, such as the end user of the product you are providing.
      • Finally, discuss with a Creditors’ Rights attorney your options should a big customer file or be on the verge of filing a bankruptcy.

New Regulatory Structure and Regulations for Veteran Owned Businesses

By Mike Stover

With so many veterans returning from service in Iraq and Afghanistan there has been increased emphasis placed on veteran owned business preferences in government contracts.  Indeed, the Small Business Administration’s (SBA) goal is have at least 3% of all federal government contracts awarded to veteran owned businesses.  There were two parallel tracks to becoming a certified veteran owned business: (1) the Department of Veterans Affairs – Veteran Owned program “Vets First” (VOSB) and (2) the SBA – Service Disabled Veteran Owned Small Business Concern (SDVOSB).  In some cases, it was possible to be certified in one program, but denied certification in another and the regulations of each program had key differences.  Given the overlap and inconsistencies of the two programs, the NDAA 2017 mandated that the responsibility for issuing regulations regarding ownership and control governing both programs would be with the SBA.

On October 1, 2018, the new SBA regulations for the two veteran owned programs became effective.  The Secretary of the VA will continue to determine whether individuals are veterans or service-disabled veterans and would be responsible for verification of applicant firms under the VA program.  Any challenges to the status of a VOSB or SDVOSB based upon issues of ownership or control will be decided by the administrative judges at the SBA.

Some of the changes made in the new SBA regulations include:

        • In certain circumstances a firm can qualify for the programs when there is a surviving spouse or an employee stock ownership plan (ESOP).
        • Rules of practice for protests and appeals regarding eligibility in the programs and procedures for hearings have been updated.
        • Revised definitions for: Daily Business Operations, Negative Control, Participant, and Unconditional Ownership.
        • New definition of “small business concern” which includes meeting size standards corresponding to the NAICS codes and being a for profit business located and operating in the United States.

One potentially significant change involves the definition for “extraordinary circumstances” under which a service disabled veteran owner would not have full control over a firm’s decision-making process.  The new definition will be used to allow minority equity holders to have negative control over five limited and rare instances without disqualifying the entity from the program.  It is believed that this change will help foster non-veteran minority owner investment in such businesses.

If you are a certified VOSB or SDVOSB or involved with such businesses and want help in obtaining certification, please let us know.

Cybersecurity for the Non-Cyber Company: Part I

Even though October is a month focused on cyber issues, you can’t pick up a magazine, read a newspaper or log onto a newsfeed without being bombarded with stories about cyber threats.   Most of the reported attacks prove that even the most costly systems can fail against this onslaught of threats from increasingly sophisticated hackers worldwide.  As smaller businesses have become favorite targets for hackers precisely because security is typically more lax, the message is clear that no business is safe from attack and all companies must take steps to shore up their vulnerabilities against the loss of data.

Establishing an effective system for identifying and stopping such threats has now become every business’ mantra.  Identified in this first part of a two-part series are a few simple steps which should be taken to protect a company’s assets and insulate it from unnecessary exposure.

Policy Development

A critical element to any cyber defense is making sure that the development of your cyber policy and its enforcement crosses multiple desks of responsibility in an organization.  Developing an effective policy involves IT, human resources, compliance, records management, risk analysis or insurance and legal.  Internal policies need to touch on the need for protection, obtain buy-in and compliance throughout the organization as well as in supply chains, and make sure that audits and tests of the security are regularly conducted and demonstrated.  If possible, effective insurance policies should be in place to address the costs of dealing with a breach.  A few basic areas to be evaluated—

      • Who should be involved?
      • What are the Company’s current data protection policies?
        • Has an effort been made to identify protected data?
        • Is there a confidentiality statement in your general polices for all employees?
        • Does your company handbook restrict use, access and removal of certain data?
      • Is critical data protected in a meaningful fashion?
      • Have all possible entry and exit points been identified for access to data?
      • What, if any, access may be made through personal devices?
      • What backups or redundancy exists for IT systems?
      • What policy is in place to handle a breach once it has been identified?
        • Who is to be notified?
        • Who is responsible for closing any holes?
        • What efforts will be made to preserve evidence of the breach?
        • What notification needs to be made?

Agreements, Awareness, and Training of Employees

Sound data protection efforts and policies are not limited to the IT department or hiring competent vendors and subcontractors.  All businesses must first address the biggest threat to cyber security in the company—their own staff.  Essential to fighting the battle against cyber-attacks are carefully crafted policies and practices required of all employees.  The human element, which may intentionally access a system or negligently leave a door open to unwanted eyes, represents one of the biggest holes in a company’s preventive system.

At a bare minimum, all staff should be aware that the company does not own the data it possesses, be conscious of the privacy rights of the customers it serves and data it owns and be held accountable for ensuring protections are maintained.  These simple traits should be found in employee handbooks, employment agreements and in training provided by employers.  Staff should also be aware of simple protections necessary to protect data such as complex passwords which are changed regularly and across multiple platforms and access points, the hazards of opening certain email or visiting various internet sites, and the dangers posed by disgruntled current and former employees.  Most importantly, there needs to be an understanding by all staff of why access to the company’s network should be limited and why there need to be clear limits to access the company’s systems using external hard drives and other personal devices.

Next week, Part II.

Want more? Visit the Weekly Wright Report page to browse past issues.