As we move into 2026, employee benefit plan sponsors face a complex landscape of new regulatory requirements, evolving compliance standards, and heightened scrutiny from the Department of Labor.  Whether you’re managing a defined contribution plan for 50 employees or 5,000, understanding these changes—and implementing strong operational practices—will help you avoid costly corrections while better serving your plan participants. 

Let’s walk through the 2026 employee benefit plan changes to discover what you need to know and do this year. 

Critical SECURE 2.0 Act Provisions Taking Effect in 2026 

The SECURE 2.0 Act continues to reshape retirement plan administration, with several provisions becoming mandatory this year. 

Mandatory Roth Catch-Up Contributions for High Earners 

Starting January 1, 2026, employees age 50 or older who earned more than $150,000 in FICA wages during the previous year must make their catch-up contributions on a Roth (after-tax) basis. If your plan doesn’t currently offer Roth contributions, these employees won’t be able to make catch-up contributions at all. 

The IRS has provided some flexibility through a “deemed Roth election,” which allows participants to opt out if they choose. While full regulatory compliance isn’t required until 2027, your plan must operate under a reasonable, good-faith interpretation throughout 2026. 

Action steps for plan sponsors: 

• Confirm your plan’s Roth functionality is operational 
• Update payroll systems to track employees approaching the $150,000 threshold 
• Coordinate with your recordkeeper to handle the transition smoothly 
• Prepare clear participant communications explaining the new rules 

Annual Paper Statement Requirements 

Your defined contribution plan must now provide at least one paper benefit statement per year unless participants actively opt for electronic delivery. Defined benefit plans must provide paper statements once every three years under the same opt-out conditions. This requirement applies to plan years beginning after December 31, 2025. 

Plan Amendment Deadline Approaching 

All SECURE 2.0-related amendments must be formally adopted by December 31, 2026 (with later deadlines available for governmental and collectively bargained plans). Even though operational compliance has been required since January 1, 2026, your plan documents need to catch up by year-end. 

2026 Contribution and Income Limits 

The IRS released updated limits for retirement accounts in November 2025. Here are the key figures affecting your plan administration: 

Defined Contribution Plans: 

• Employee deferrals: $24,500 (up from $23,500) 
• Maximum annual additions: $72,000 
• Catch-up contributions (age 50+): $8,000 
• Enhanced catch-up (age 60-63): $11,250 

Key Compensation Thresholds: 

• Annual compensation limit: $360,000 
• Highly compensated employee threshold: $160,000 
• Mandatory Roth catch-up wage threshold: $150,000 
• Social Security taxable wage base: $184,500 

These increases provide an opportunity to review your plan’s contribution structures and communicate the enhanced savings potential to your employees. 

New Self-Correction Options for Plan Sponsors 

In January 2025, the DOL introduced a significant change to the Voluntary Fiduciary Correction Program (VFCP) by adding a self-correction component (SCC). This program allows you to voluntarily correct certain ERISA violations without submitting a full VFCP application—potentially reducing both administrative burden and costs for minor errors. 

What Qualifies for Self-Correction? 

The SCC applies to two main categories of common fiduciary breaches: 

Delinquent Participant Contributions and Loan Repayments 

• Lost earnings from late deposits must not exceed $1,000 
• Funds must be remitted within 180 days of withholding 
• Neither the plan nor plan sponsor can be under an ongoing DOL/IRS investigation 

Eligible Inadvertent Participant Loan Failures 

• Applies to errors such as improper loan amounts, failure to withhold repayments, or loans exceeding plan limits 
• The error must be self-correctable under IRS Employee Plans Compliance Resolution System (EPCRS) rules 

To use the SCC, you’ll submit an electronic notice to the DOL through their online VFCP web tool and complete a penalty of perjury statement. For corrections involving delinquent contributions, you’ll compute lost earnings using the DOL’s online calculator and have your plan sponsor pay any penalties or fees. 

Essential Practices for Employee Benefit Plan Operations in 2026 

Beyond regulatory compliance, implementing strong operational practices will help you meet your fiduciary responsibilities while reducing risk. 

Timely Remittance of Contributions 

The DOL continues to emphasize the importance of prompt remittance of participant withholdings into the plan. While small plans (fewer than 100 participants) have a safe harbor of seven business days, large plans must remit contributions “as soon as administratively feasible”—which the DOL generally interprets as within a few business days. Failure to remit contributions timely may result in a prohibited transaction requiring correction and disclosure in your plan’s financial statements and Form 5500. 

Service Organization Control (SOC) Reports 

If you use a recordkeeper or custodian, they should provide an annual SOC 1 report that evaluates the effectiveness of their internal controls relevant to financial reporting. Your responsibility doesn’t end with receiving this report—you need to: 

• Review the report to confirm relevant financial reporting controls are adequately designed and operating effectively 
• Verify that you’ve implemented required “complementary user entity controls” described in the report 
• Document your review process 

Inadequate employer review of SOC 1 reports is one of the most common audit findings. 

Cybersecurity Controls 

Retirement plans hold over $45 trillion in assets and maintain participants’ personal data, making them attractive targets for cybercriminals. The DOL recommends that your cybersecurity program include: 

• Regular cybersecurity awareness training for staff 
• Clear roles and responsibilities regarding encryption of sensitive data 
• Internal or third-party audits of your cybersecurity systems 
• Business continuity and incident response programs 
• Review of third-party service provider security controls 
• Regular, documented reviews of users with administrative access to key IT systems (recordkeeper/custodian websites, payroll providers, and HRIS systems) 

Investment Benchmarking and Fee Reviews 

Fee reasonableness continues to be a focal point in plan litigation. You should conduct regular benchmarking studies—either internally or through an investment advisor—to assess investment performance and fees over various time frames.  

Fee disclosures from all covered service providers must be provided to plan participants annually. Review these disclosures to determine whether fees incurred by the plan are reasonable, and document these discussions in committee meeting minutes. 

Managing Missing Participants 

When plan participants change jobs, many leave their retirement accounts behind, creating a growing number of participants who can’t be located. The DOL has issued guidance on best practices for locating missing participants, including: 

• Sending certified mail to last known addresses 
• Contacting designated beneficiaries or emergency contacts 
• Using online search engines and public record databases 
• Attempting contact via email, telephone, or social media 

Regardless of which methods you use, document your attempts to locate missing participants as part of your fiduciary responsibility. 

Monitoring Defaulted Loans 

If your plan offers participant loans, you’re responsible for setting up loan repayments within the payroll system and verifying that payments are made timely according to the loan’s amortization schedule. You should regularly review your outstanding loan listing, watching for terminated employees and loans in default or approaching default status. If loan payments stop, notify the participant of the missed payment, cure period deadlines, and tax consequences if the loan goes into default. 

Service Provider and Payroll Provider Changes 

If you’re considering changing recordkeepers, third-party administrators, or payroll providers, maintain complete records of all plan-related information before terminating your current provider. This includes plan documents, adoption agreements, trustee agreements, service provider agreements, annual participant statements, eligibility files, trust statements, payroll records, and census files.  

For payroll changes specifically, verify that the new provider understands your plan’s compensation definition, match formula, and loan repayment processes—and confirm how year-to-date accumulators will transfer if the change occurs mid-year. 

Insurance Considerations 

Three types of insurance can help you mitigate risks associated with offering and operating retirement plans: 

ERISA Bonds Required by the DOL, these bonds protect your retirement plan from theft or embezzlement by people handling plan assets. Coverage must equal 10% of plan assets or $500,000, whichever is less (or $1 million for employee stock ownership plans). 

Fiduciary Liability Insurance Covers plan committee members, company executives, and plan trustees should any liability result from fiduciary acts of operating and monitoring the plan. This protection may help you attract individuals willing to serve on your plan committee. 

Cyber Liability Insurance Helps protect retirement plans from risks associated with data breaches or cyberattacks, which have become a heightened concern as more plan and employee data is maintained and transmitted digitally. 

The Evolving Landscape of Alternative Investments 

While not directly related to immediate compliance requirements, it’s worth noting that alternative investments—including private equity, venture capital, private credit, real estate, and cryptocurrency—are gaining attention in qualified retirement plans. An August 2025 White House executive order specifically cited the “potential growth and diversification opportunities associated with private investments” and directed the DOL to reexamine guidance related to alternative investments under ERISA. 

These investments offer potential for higher returns and enhanced portfolio diversification, but they come with specific challenges including higher fees, illiquidity, limited transparency, and wide dispersion of manager returns. If you’re considering alternative investments for your plan, working with advisors who have substantial experience in this area is particularly valuable. 

Take Action Now to Strengthen Your Plan 

These changes and best practices represent more than a compliance checklist—they’re opportunities to strengthen your retirement plan administration, better serve your participants, and meet your fiduciary responsibilities with confidence. 

Key deadlines to remember for 2026: 

• January 1, 2026: Operational compliance with mandatory Roth catch-up contributions required 
• March 15, 2026: Deadline for correcting failed compliance tests for 2025 calendar-year plans 
• December 31, 2026: Deadline to adopt formal SECURE 2.0 plan amendments 

At BPM, we’ve provided employee benefit plan audit, tax compliance, and consulting services for decades. Our team stays current on evolving legislation and can provide guidance tailored to your organization’s specific needs. Whether you need help implementing SECURE 2.0 provisions, addressing audit findings, evaluating your current service providers, or strengthening your operational procedures, we’re here to help. 

Contact BPM today to discuss how these 2026 changes affect your employee benefit plans and to develop a proactive compliance strategy that protects both your organization and your plan participants. 

Your Head of Technology role at a 60-person company shouldn’t be choosing between strategic planning initiatives and resetting passwords. Yet that’s the reality for many SMB technology leaders.  

Building an internal IT team capable of managing core business functions like cybersecurity, disaster recovery, and daily support requires resources most small and medium-sized businesses simply don’t have. IT outsourcing offers a different path. 

Benefits of IT Outsourcing for SMBs 

Here are the benefits of IT outsourcing services for SMBs.  

1. Predictable, Scalable IT Costs Without the Hiring Overhead 

Traditional in-house IT carries operational costs that multiply fast.  

Systems administrators, cybersecurity specialists, and network engineers each command substantial salaries and benefits packages. Add recruitment fees, ongoing training investments, and inevitable turnover expenses, and the true cost of building an internal IT team quickly escalates beyond initial budget projections.  

Business process outsourcing through managed IT providers replaces this uncertainty with transparent, fixed monthly pricing. Instead of juggling multiple salary negotiations and benefits packages, you pay a predictable rate that covers infrastructure support, security monitoring, and help desk coverage for your entire team. This model eliminates the financial risk of hiring decisions while providing access to specialized knowledge across multiple technology domains. 

The cost efficiency extends beyond direct salary savings. You also reduce capital expenditures for servers, monitoring platforms, and infrastructure hardware that your provider already maintains. When you need additional capacity, you adjust your service agreement rather than initiating lengthy recruitment processes. When business slows, you scale back without the difficult decisions and costs associated with workforce reductions. 

Key Cost Savings Advantages of IT Outsourcing 

• Elimination of salary, benefits, and recruitment expenses for specialized IT staff 
• Reduced capital expenditures for servers, monitoring tools, or infrastructure hardware 
• Predictable monthly costs that scale with actual business needs, improving cost efficiency 
• Access to enterprise-grade tools and certifications without individual investment 

2. Access to Specialized Skills Your Internal Team Doesn’t Have 

Your business needs specialized skills across cloud computing, compliance frameworks, endpoint security, and disaster recovery protocols. Hiring specialists in each area isn’t financially viable when you’re operating on an SMB budget. Nor is it practical according to research. 57% of hiring managers struggle to find qualified IT talent in 2025, even as companies increase their outsourcing investments. 

Managed service providers staff dedicated teams with certified professionals across multiple domains, giving you access to a global talent pool. Imagine your internal IT generalist recognizes a ransomware threat but lacks hands on know-how for comprehensive security auditing or advanced threat detection.  

Instead of spending months recruiting a cybersecurity specialist—if you can even find one—you’d have immediate access to certified analysts who can implement enterprise-grade security controls and ongoing threat monitoring through your outsourced IT services. 

This approach offers many businesses a competitive advantage they couldn’t achieve with in-house teams alone while also providing lower labor costs.  

3. Faster Response Times and Proactive System Monitoring 

When your server crashes on Friday at 7 PM, waiting until Monday morning means lost productivity and potential revenue impact. Traditional break-fix IT operates reactively—problems get addressed after they occur, usually during business hours only. This reactive model fails to reduce costs over time because issues escalate before resolution. 

Outsourced IT services deliver continuous proactive monitoring with automated alerts that catch issues before they escalate. Service providers deploy monitoring tools across your infrastructure, tracking server health, network performance, security threats, and application availability 24/7.  

Think about what happens when your backup system starts failing or your email server develops a critical vulnerability. With proactive monitoring, technicians identify and resolve the backup issue before any data loss occurs. They detect and patch the email vulnerability before it can expose client financial data—threats that reactive support models typically miss until damage is done. 

Proactive monitoring delivers critical advantages: 

• 24/7 infrastructure support with automated alerts for potential issues 
• Early detection of security threats, system failures, and performance degradation 
• Reduced downtime through preventive maintenance and rapid incident response 
• Guaranteed response times (typically 1-4 hours) versus days with reactive support 

4. Enterprise-grade Security Without Enterprise-level Investment 

Cybersecurity risks don’t distinguish between Fortune 500 companies and small businesses. In fact, 43% of cyberattacks target SMBs specifically, with ransomware attacks becoming increasingly sophisticated.  

Building enterprise-grade security internally requires specialized talent that most SMBs can’t afford to hire. Third-party providers deliver comprehensive security programs including multi-factor authentication, intrusion detection systems, endpoint protection, continuous vulnerability scanning, and incident response protocols.  

If you’re operating in healthcare, for example, you need HIPAA-compliant network security, including advanced email filtering, phishing simulation training, endpoint detection tools, encrypted backups, access controls, and regular security assessments—capabilities that would require hiring dedicated security staff. 

Critical security capabilities from managed IT providers: 

• Multi-layered defense strategies, including firewalls, intrusion detection, and endpoint protection 
• Continuous vulnerability scanning and patch management across all systems 
• Security awareness training to reduce human error 
• Compliance support for regulatory requirements, including HIPAA, GDPR, and other industry standards 
• Incident response protocols with 24/7 monitoring and rapid threat neutralization 

Outsourcing providers make network security their core business practice, continuously updating defense strategies as the threat environment evolves. 

5. Built-in Disaster Recovery and Business Continuity Planning 

Downtime costs more than most SMBs realize. Research found that unplanned downtime costs companies an average of $300,000 per hour, with some organizations experiencing losses exceeding $5 million hourly. More sobering: 75% of companies without a disaster recovery plan close their doors within three years of a major incident. 

Outsourcing companies implement comprehensive disaster recovery strategies, including automated backup systems, redundant storage with offsite replication, and rapid recovery protocols.  

Consider what happens if a power surge destroys your primary file server. With automated cloud computing backups running every 15 minutes, you could be operational again within four hours with all critical project files, client communications, and financial records intact. Without that backup infrastructure support, you’d face days or weeks of downtime plus potential permanent data loss. 

6. Seamless Scalability as Your Business Grows or Contracts 

Business growth shouldn’t be constrained by IT infrastructure limitations. When you land a major new client requiring 15 additional employees next month, your technology must scale without weeks of preparation. Seasonal businesses need flexibility to adjust capacity during peak periods and scale back during slower months without fixed operational costs. 

Picture your company experiencing business transformation as you grow from 25 to 80 employees over 18 months with accelerating customer engagement. Your outsourcing partner would seamlessly scale infrastructure support—adding users to help desk systems, expanding cloud services and computing resources, implementing more sophisticated network architecture, and enhancing security controls appropriate for your growing operation.  

Building an internal IT staff to handle that growth would require multiple new hires just to maintain service levels, creating recruitment delays at exactly the wrong time while increasing training costs. 

Scalability advantages of outsourced IT: 

• Add or remove users by updating outsourcing contracts rather than hiring or layoffs 
• Flex capacity up during business growth periods or down during slower seasons 
• Access additional specialized knowledge as business needs evolve 
• IT infrastructure that adapts to mergers, acquisitions, or major project demands 

7. Strategic IT Guidance from Experienced Technology Advisors 

IT decisions have lasting business impact. Choosing the wrong cloud platform through outsourcing software development or overlooking security requirements creates technical debt that’s expensive to remediate later. Yet SMB leadership teams often lack the technical skills to evaluate complex technology decisions confidently.  

Selecting the right managed IT provider requires understanding both technical capabilities and strategic alignment. 

Outsourcing partners function as strategic advisors, not just technical support staff. They bring experience across hundreds of client environments, exposure to diverse technology challenges, and an understanding of industry-specific requirements.  

If you’re planning geographic expansion, consulting your managed services provider before signing office leases would help you design cloud-based infrastructure supporting distributed teams without expensive local servers, identify collaboration tools working seamlessly across time zones, and implement security controls appropriate for remote operations. This strategic input prevents the costly mistakes companies often make when implementing technology reactively after expansion decisions are already finalized. 

Strategic value from experienced IT advisors: 

• Guidance on IT infrastructure investments and long-term technology planning 
• Vendor evaluation and software platform selection based on business needs 
• Risk assessment for security, compliance, and operational continuity 
• Technology budgeting aligned with business priorities and growth objectives 

Partner with BPM for Managed IT Outsourcing that Supports your Growth 

Small and medium-sized businesses need technology infrastructure that enables business growth rather than constraining it. Ready to explore the benefits of outsourcing your IT function? 

Outsourced services can eliminate technology headaches while reducing costs and improving reliability. Contact BPM today to discuss your technology challenges and discover how managed IT can provide the competitive edge your business needs. 

When money goes missing or financial records don’t add up, you need someone to investigate. Forensic accountants step into these situations to uncover the truth behind financial crimes. They combine accounting knowledge with investigative skills to trace funds, identify fraud, and provide evidence that holds up in court. 

This specialized field has become increasingly important as financial crimes grow more sophisticated. Fraudsters use complex schemes and advanced technology to hide their tracks, making it harder for traditional accounting methods to catch them. This article will explore what forensic accounting involves, how these professionals can help your business, and why their services matter when you face financial irregularities or disputes.   

Understanding the Role of a Forensic Accountant 

Forensic accountants do more than crunch numbers. They analyze your financial records to find evidence of criminal activity. Their work involves reviewing bank statements, tax documents, and business records to identify suspicious patterns and trace money trails. 

These professionals investigate various financial crimes that can impact your business. They look into embezzlement cases where employees steal from you. They examine insurance fraud claims to determine if they’re legitimate. They also work on complex cases like vendor fraud and money laundering operations. 

The job requires both technical skills and investigative thinking. Forensic accountants must understand accounting principles, but they also need to think like detectives. They look for inconsistencies in financial data and figure out how criminals covered their tracks. 

Finding the Right Forensic Accountant 

You’ll find forensic accountants in many different settings. Accounting firms offer forensic services to help businesses like yours investigate internal fraud or support legal cases. Insurance companies also hire forensic accountants to examine suspicious claims and quantify losses. 

Law enforcement agencies employ them to investigate financial crimes. The FBI, IRS, and local police departments all use forensic accountants to build cases against criminals. Government agencies like the Securities and Exchange Commission rely on forensic accounting to investigate financial misconduct. 

Many larger corporations bring forensic accountants in-house to monitor their internal controls. Banks and financial institutions use them to detect money laundering and comply with regulations. Law firms contract with forensic accountants when they need financial analysis for court cases. 

Learn more about our Forensic Accounting Services

Why Your Business Needs Forensic Accounting 

Financial crimes cost businesses millions of dollars each year. As a small or medium-sized business owner, you’re particularly vulnerable because you may lack the extensive internal controls that larger companies have. Forensic accountants help minimize these losses by catching fraudulent activity early. The sooner you identify a problem, the less damage it causes to your bottom line. 

These professionals also help you stay compliant with regulations. Depending on your industry, you may face strict requirements. Forensic accountants audit financial records to ensure compliance and uncover potential violations before regulators do. 

When fraud does occur in your organization, forensic accountants can often track down stolen funds. They follow the money trail to figure out where it went. This work sometimes leads to recovering assets that seemed lost forever. 

Their findings also strengthen your internal controls. Forensic accountants don’t just tell you what went wrong. They explain how it happened and recommend ways to prevent similar crimes in the future. This guidance is invaluable as your business grows. 

The Investigation Process 

Forensic accountants start by gathering your financial documents and data. They review everything from bank statements to expense reports. They look for unusual transactions, missing records, or patterns that don’t make sense. 

They use specialized software to analyze large amounts of financial data. This technology helps them spot anomalies that might indicate fraud. They also interview people involved in the case to understand the context behind the numbers. 

Once they’ve completed their analysis, forensic accountants compile their findings into detailed reports. These reports must be clear enough for you and others without accounting backgrounds to understand. They often present their findings in court as witnesses, explaining complex financial matters to judges and juries. 

Common Cases for Forensic Accountants 

Employee theft represents one of the most common reasons you might hire a forensic accountant. Workers might steal cash, manipulate payroll, or create fake vendors to funnel money out of your company. These schemes can go undetected for years if you don’t have strong oversight. 

Business partnership disputes also need forensic accounting. When partners disagree about company valuations or breach contracts, forensic accountants provide objective analysis. They help resolve disputes by presenting clear financial evidence. 

Divorce cases involving business owners frequently require forensic accounting services. When you’re going through a divorce, your spouse might question your business valuation or suspect hidden assets. Forensic accountants provide the documentation needed for fair settlements. 

Insurance claims involving business interruption or professional malpractice often require forensic accounting. These professionals quantify your economic damages and verify the legitimacy of claims you file. 

Vendor fraud is another area where you might need help. Dishonest vendors might overcharge you, deliver substandard goods, or engage in kickback schemes with your employees.   

Work with BPM for Your Forensic Accounting Needs 

Financial crimes threaten your business’s stability and reputation. When you suspect fraud or face a dispute requiring financial analysis, you need professionals who can uncover the truth and provide evidence that stands up to scrutiny.   

BPM offers comprehensive forensic accounting services to help you navigate these challenging situations. Our team investigates financial irregularities, supports litigation matters, and helps strengthen your internal controls. We work closely with your legal counsel and management team to resolve disputes and protect your interests. To discuss how our forensic accounting services can help safeguard your business, contact us.  

Every day, utility operations teams keep the lights on, water flowing, and gas moving through pipelines. At the same time, they must defend against sophisticated cyberattacks that could disrupt these essential services. A single breach doesn’t just affect your company, it impacts entire communities that depend on reliable utilities. 

8 Steps to Strengthen Your Cybersecurity Strategy 

Your operations team needs a cybersecurity strategy that protects critical infrastructure while maintaining the service reliability your customers expect. This article will walk you through practical steps to strengthen your security posture, from building the right team culture to implementing technical safeguards that work. 

1. Start With Your People, Not Your Technology 

Technology alone won’t protect your utility. The strongest cybersecurity strategy begins with people who understand the threats and know how to respond. Your operations team interacts with critical systems every day, making them your first line of defense against attacks. 

Create a security-first culture across your organization. This means moving beyond annual training sessions that employees forget within weeks. Instead, build ongoing awareness into daily operations. When your team reviews system logs, conducts equipment inspections, or troubleshoots issues, they should think about security implications. 

“If OT staff are reluctant to adopt cyber security principles the best way to bring them on board is to demonstrate exploitation of the vulnerabilities operations chooses to expose. Additionally, describe the bigger cyber picture to OT staff so they can envision vulnerabilities chained together across the boundaries of their specific purview. This creates the full path for an attacker to write changes to SCADA systems and will show operations the precarious state of the OT/SCADA network.” – Ryan Ferran  

A joint study from Stanford University Professor Jeff Hancock and security firm Tessian revealed that 88% of data breach incidents are caused by employees’ mistakes. Your operations team needs practical knowledge about phishing emails, social engineering tactics, and suspicious system behavior. Make training relevant to their specific roles. A field technician needs different security knowledge than a control room operator. 

Hold monthly security discussions during team meetings. Share recent incidents from the utility sector to help your team recognize attack patterns. When staff understand how hackers exploit staging targets like third-party vendors, they become more vigilant about vendor access to your systems. 

2. Build Your Cybersecurity Council 

Your utility operations require a dedicated team focused on security. Form a cross-functional cybersecurity council that brings together operations, IT, engineering, and leadership. This council serves as the strategic hub for all security decisions affecting your operational technology. 

The council should meet regularly to assess threats specific to utility operations. Unlike corporate IT systems, operational technology controls physical processes. A breach in your SCADA system or control center communications could disrupt service delivery or create safety hazards.  

“Committees, councils, and general governance comes natural, but if real-world change is the problem create or assign cyber security duties to OT staff directly. Appointing an OT cyber security champion with security responsibilities will drive better security practices. You should expect your champion to liaise with IT, especially for implementation.” – Ryan Ferran 

Your council needs clear responsibilities. They should evaluate emerging threats, prioritize security investments, and ensure operational technology receives the same protection as business systems. Make sure the council includes operations personnel who understand how your systems actually work. Security measures that sound good in theory can interfere with operations if you don’t involve the people who use these systems daily. 

Senior leadership must actively support the council’s work. When executives prioritize cybersecurity, they send a message that security matters as much as uptime and efficiency. This support also ensures the council has resources to implement necessary changes.  

3. Secure Your Supply Chain 

Hackers increasingly target utilities through their vendors. These attacks work because third-party suppliers often have weaker security than the utilities they serve. A vendor with legitimate access to your systems becomes a pathway for attackers to reach your critical infrastructure. 

The North American Electric Reliability Corporation’s CIP-013-1 standard addresses this risk. You need plans that cover software integrity, vendor remote access, procurement controls, and risk management. But compliance alone isn’t enough. 

Start by examining every vendor relationship. Which suppliers have remote access to your operational systems? What security measures do they maintain? Include specific security requirements in all contracts and requests for proposals. Better yet, tie vendor payments to validated security controls. This approach motivates vendors to take your security requirements seriously. 

For hardware and software from overseas manufacturers, require tamper-evident packaging and tracked shipments with certified signatures. Create an audit trail from the vendor’s facility to your site. While this seems demanding, remember that sophisticated attackers target supply chains precisely because they offer easier access than direct attacks on utilities. 

Before granting any vendor access to your network, conduct thorough background checks on their employees. Use only secure, encrypted connections from vendor networks. Review the vendor’s own security policies to understand how well they can protect data and interconnections between systems. Request documentation of attestation for your vendors’ most recent security assessment.  

4. Protect Your Operational Technology 

Your operational technology runs on different principles than traditional IT systems. Control systems prioritize availability and reliability over security updates. Many systems run on legacy platforms that weren’t designed with modern cyber threats in mind. 

Map out all ports, services, and protocols your operational systems use. Only enable the specific ports and services necessary for operations. Disable unused network ports and services on all devices. This reduces the attack surface available to hackers attempting unauthorized access. 

Implement a strict patch management process for operational systems. Track every security update from your vendors. Test patches thoroughly in a controlled environment before deploying them to production systems. Patches can sometimes cause unexpected behavior or downtime, so you need to balance security against operational availability. 

Use network segmentation to isolate critical operational systems from business networks. If attackers compromise your email or financial systems, they shouldn’t be able to pivot to systems controlling physical infrastructure. Deploy firewalls and intrusion detection systems at these boundaries to monitor traffic and block unauthorized access. 

5. Monitor and Detect Threats Continuously 

You can’t defend against threats you don’t see. Modern threat detection uses automation and artificial intelligence to identify suspicious activity across your operational networks. These tools analyze patterns, flag anomalies, and alert your security team to potential breaches.  

Configure your systems to send alerts when specific events occur, such as failed login attempts, unusual data transfers, configuration changes, or system errors. These alerts enable your operations team to respond quickly to potential security incidents. 

Deploy a Security Incident Response Team that operates as part of your cybersecurity council. This team owns the process for detecting, containing, and recovering from security incidents. They should conduct regular training exercises that simulate cyberattacks on your operational systems. 

6. Test Your Defenses Regularly 

Security audits reveal weaknesses before attackers exploit them. Schedule vulnerability assessments and penetration testing at least annually, though quarterly testing provides better protection. These tests should include both your IT and operational technology environments. 

Hire third-party security auditors who specialize in utility infrastructure. They bring fresh perspectives and knowledge of current attack techniques. Internal teams can miss vulnerabilities they’ve grown accustomed to seeing. 

Test your incident response plans through tabletop exercises and live simulations. When an actual attack occurs, your team won’t have time to figure out procedures. Regular testing ensures everyone knows their role and can execute the response plan efficiently. 

7. Strengthen Access Controls 

Strong passwords and proper access management form a fundamental security layer. Operations teams often share credentials to maintain system access during shift changes or emergencies. This practice creates security gaps. 

Implement unique credentials for every user, including operations personnel, administrators, and vendors. Use role-based access controls that grant permissions based on job responsibilities. A field technician shouldn’t have the same system access as a control room supervisor. 

Generate complex passwords longer than 14 characters with mixed letters, numbers, and special characters. Deploy a password manager that securely stores credentials and enables appropriate sharing across operations teams. This approach balances security with operational needs. 

Add two-factor authentication for access to critical systems. This extra layer stops attackers who steal or guess passwords. Even if someone obtains valid credentials, they can’t access systems without the second authentication factor. 

8. Plan for Recovery 

Despite strong defenses, you must prepare for potential breaches. Implement comprehensive data backup systems that create regular copies of critical configuration data, system settings, and operational information. Store backups in secure, offline locations or encrypted cloud storage. 

Develop detailed recovery plans that outline steps for restoring operations after a cyberattack. These plans should address different scenarios, such as ransomware, data theft, control system compromise, or infrastructure damage. Assign specific responsibilities so everyone knows what to do during recovery. 

Test your backup and recovery procedures regularly. A backup system that fails when you need it provides false security. Make sure your operations team can actually restore systems from backups within your target recovery time. 

Learn more about our Cybersecurity Services

Partner with BPM for Stronger Cybersecurity Strategy  

Building and maintaining a comprehensive cybersecurity strategy requires specialized knowledge and ongoing attention. Your operations team focuses on delivering reliable utility services – adding cybersecurity responsibilities can stretch resources thin and leave gaps in your defenses. 

BPM works with utility operations teams to strengthen cybersecurity posture while maintaining operational efficiency. We understand the unique challenges facing utilities, from legacy system constraints to regulatory compliance requirements. Our team helps you build security programs that protect critical infrastructure without interfering with day-to-day operations. To discuss how we can help your operations team defend against evolving threats while maintaining the service reliability your customers depend on, contact us. 

If you’ve made the decision to upgrade from QuickBooks or another legacy accounting system to NetSuite. It’s a smart move, one that promises unified financial management, real-time visibility, and the scalability your growing business needs. The NetSuite license is purchased, your team is motivated, and you’re ready to transform your financial operations. 

Then comes the question: should you implement NetSuite on your own or bring in a consulting partner? 

On the surface, DIY implementation seems like the cost-effective choice. After all, your team knows the business better than anyone. Why pay for outside help when you can handle it internally? 

The reality isn’t as simple as it may appear. 

The True Price of Learning on the Fly 

NetSuite is a comprehensive enterprise resource planning system that touches every corner of your business. The platform’s flexibility is one of its greatest strengths, but it also creates complexity that DIY implementers often underestimate. 

Consider the opportunity cost: if your controller and two senior accountants spend 20 hours per week on implementation tasks for six months, you’re looking at over 1,500 hours of diverted attention. At a fully loaded cost of $75 per hour, that’s more than $112,000 in internal resources. And that’s before accounting for the productivity lost in their regular roles. 

Configuration Mistakes That Compound Over Time 

When you implement NetSuite without experienced guidance, you’re making foundational decisions without understanding their long-term implications. And these aren’t decisions you can easily reverse. Reconfiguring a live NetSuite instance after you’ve been using it for months means data migration, historical adjustments, and potential disruption to your financial close process. 

Common configuration mistakes in DIY implementations include: 

• Overly complex chart of accounts that creates reporting headaches 
• Inadequate subsidiary and department structures that limit financial visibility 
• Missing or incorrect tax configurations that create compliance risks 

Each of these mistakes carries a price tag in time, money, and missed opportunities for strategic financial management. 

The Data Migration Minefield 

Moving your financial data from QuickBooks or another legacy system into NetSuite is where many DIY implementations run into serious trouble. 

Without a structured data migration methodology, you’ll face: 

Data integrity issues: Customer names that don’t match between systems, duplicate vendor records, and inventory items with inconsistent naming conventions all create problems that multiply once they’re in NetSuite. 

Historical reporting gaps: If your data migration doesn’t maintain the integrity of period-over-period comparisons, you lose the ability to analyze trends and make informed decisions based on historical performance. 

Extended timelines: Teams that underestimate data migration complexity often find themselves stuck in implementation limbo, unable to go live with NetSuite but no longer confident in their old system. 

The Change Management Challenge 

Technology implementation succeeds or fails based on user adoption. Without a structured change management approach, you’ll face resistance, workarounds, and ultimately a system that isn’t delivering the value you expected. 

Professional implementation partners bring proven change management methodologies that include: 

• Role-based training programs that focus on how each user will work in NetSuite 
• Progressive rollout strategies that build confidence before expanding functionality 
• Executive communication that reinforces the strategic importance of the change 
• Ongoing support during the critical first months after go-live 

DIY implementations often shortchange change management because internal teams are too focused on technical configuration. The result? Finance staff who are unsure of your new system, operations teams that resist using the new inventory module, and executives who don’t yet trust the reports NetSuite generates. 

Learn more about how to Switch and Upgrade to NetSuite

Best Practices You Don’t Know You’re Missing 

NetSuite has evolved over two decades, and the platform includes hundreds of features and configuration options. Implementation partners who work with NetSuite daily across multiple industries bring accumulated wisdom about what works, what doesn’t, and what to avoid. 

They’ve seen the mistakes other companies have made and learned how to prevent them. They know which features solve specific business problems and which ones add complexity without commensurate value. They understand how growing businesses evolve and can configure your system to accommodate future needs without overcomplicating your initial implementation. 

This institutional knowledge isn’t available in NetSuite’s documentation or community forums. It’s derived from experience. 

The Timeline Reality Check 

Most businesses underestimate how long DIY NetSuite implementation takes. What starts as a “90-day project” stretches to six months, then nine, then a year. During this extended timeline, you’re operating in a state of uncertainty—not fully confident in your old system but not yet able to rely on NetSuite. 

This implementation limbo creates its own hidden costs: 

• Delayed strategic initiatives that depend on better financial visibility 
• Deferred hiring or expansion plans because you’re waiting for the new system 
• Mounting frustration among team members who see the project dragging on 
• Opportunity costs from competitors who moved faster with their digital transformation 

Professional implementation partners work with defined methodologies and realistic timelines. A phased approach to NetSuite deployment can have your core financial management live in six weeks, with additional functionality rolling out in subsequent phases. This gets you to value faster while minimizing disruption to ongoing operations. 

Calculating the Real Cost Difference 

Let’s be honest about the numbers.  

Professional NetSuite implementation requires investment. But when you calculate the total cost of ownership, the equation changes dramatically. DIY implementations carry hidden costs in diverted internal labor, extended timelines that delay business benefits, configuration mistakes requiring expensive rework, data integrity issues, integration gaps, change management failures, and ongoing support challenges. Partner-led implementations involve transparent professional services fees but deliver accelerated timelines, proven best practices, clean data migration, reliable integrations, structured change management, and continuous optimization. When you account for all the hidden costs, DIY implementation often costs as much or more than working with an experienced partner. 

A Smarter Path Forward 

The decision to implement NetSuite represents a strategic investment in your company’s financial infrastructure. You’re not just buying software; you’re transforming how your business manages operations, makes decisions, and scales for growth. 

You technically can implement NetSuite yourself. With enough time and perseverance, many companies eventually get a basic system running. But the real question is whether that’s the best use of your resources and whether the result will truly support your business objectives. 

Ready to Make Your NetSuite Implementation a Success? 

At BPM, our certified NetSuite professionals have helped dozens of growing businesses successfully transition from legacy accounting systems to fully optimized ERP environments. Our NetSuite Accelerator Program provides a structured, phased approach that minimizes risk while accelerating your time to value. 

We’ll work with you to understand your specific business processes and requirements, then deliver a NetSuite implementation configured to your needs. 

Contact BPM today to discuss how our NetSuite implementation services can help you avoid the hidden costs of DIY and get to value faster. 

Your company just closed its best quarter yet. Revenue is climbing, you’re adding headcount, and new opportunities keep coming.  

But behind the scenes, you’re finances are either falling behind or barely keeping pace.  

You know you need help, but you’re not sure what kind. Should you hire a bookkeeper? Bring on an accountant? Start looking for a CFO? The terminology alone is confusing, and making the wrong choice could cost you months of momentum and thousands of dollars in missteps. 

Here’s what we’ll clarify today: 

• The fundamental differences between bookkeepers, accountants, and CFOs 
• How to assess which financial functions your business actually needs right now 
• Why outsourced accounting solutions often provide better results for companies in growth mode 

What Bookkeepers, Accountants, and CFOs Actually Do 

The easiest way to understand these three roles is to think about them as different levels of financial engagement. Each builds on the previous one, moving from recording transactions to analyzing them to using that analysis for strategic decisions. 

Bookkeeping  

Bookkeepers handle the foundational work.  

They record daily transactions, reconcile bank statements, manage accounts payable and receivable, and process payroll. Think of bookkeeping as maintaining an accurate, up-to-date record of all money moving in and out of your business. It’s essential work, but it’s primarily backward-looking and transactional. 

Accounting 

Accountants take the data from the bookkeeping work and make sense of it.  

They prepare financial statements, help to ensure compliance with accounting standards, manage tax preparation, and provide analysis of your financial position.  

Accountants don’t just record what happened—they interpret it, identify patterns, and help you understand what your numbers mean for your business’s health.  

CFO 

CFOs operate at the strategic level.  

They use financial insights to drive business decisions, create forecasts and budgets, develop growth strategies, manage relationships with investors or lenders, and guide executive leadership on financial risk and opportunity. A CFO doesn’t just tell you what your numbers say—they tell you what to do about it. 

The challenge for growing businesses is that you rarely need all three functions at full capacity simultaneously. A $5 million company doesn’t need the same financial infrastructure as a $50 million company, but it needs more sophistication than a startup. Understanding where your business falls on this spectrum is the first step toward building the right financial team. 

How to Know Which Financial Capabilities Your Business Needs Right Now 

The question isn’t really “do I need a bookkeeper or an accountant?”—it’s “what financial capabilities does my business require to operate effectively and grow strategically?” Job titles matter less than functions. 

Start by assessing where your current financial operations are breaking down.  

Are invoices getting paid late because nobody’s tracking accounts receivable? That’s a bookkeeping gap. Are you making pricing decisions without understanding your actual unit economics? That’s an accounting gap. Are you turning down growth opportunities because you can’t articulate your financial capacity to investors or lenders? That’s a strategic finance gap. 

Bookkeeping vs Accounting 

Here are the clearest signs you’ve outgrown basic bookkeeping and need accounting-level support: 

• You can’t produce accurate financial statements within two weeks of month-end 
• You’re making major business decisions without understanding their financial implications 
• Tax season creates chaos because your books aren’t organized for tax preparation 
• You’re spending more time fixing data errors than analyzing business performance 
• You need financial reporting for investors, lenders, or board members but can’t generate it reliably 

Accounting vs CFO 

The move from accounting to CFO-level strategy is equally distinct. You know you need strategic financial leadership when you’re facing questions like:  

Should we raise capital or bootstrap? Which product lines actually drive profitability? How do we price for a new market? What does our cash runway look like if we accelerate hiring?  

These aren’t accounting questions—they’re business strategy questions that require financial skills to answer. 

When to Hire an Outsourced Accountant vs Building an In-house Team 

Let’s address the assumption most business leaders make: that hiring an in-house accountant is the default solution. It’s not, and for rapidly scaling mid-market companies, it’s often the wrong move. 

That single hire gives you one person’s experience, one person’s availability, and one person’s capacity. When they’re on vacation, sick, or leave for another opportunity, your financial operations stop or scramble. When you encounter a complex tax situation or need experience in revenue recognition standards, you hope that person has the right background. 

Outsourced accounting services provide a fundamentally different model. You get a team with diverse skillsets, scalable capacity, and proven processes. You’re not paying for downtime, training, or benefits—you’re paying for outcomes. 

The case for outsourcing becomes even stronger during rapid growth. When your business is scaling quickly, your financial operations need to scale with you. Hiring takes months. Training takes more months. Building processes from scratch takes even longer. Outsourced accounting teams bring established systems, technology infrastructure, and immediate capacity that grows with your business needs. 

This doesn’t mean in-house finance roles never make sense. Companies with highly specialized industry requirements or complex international operations benefit from dedicated internal finance leadership.  

But for most mid-market businesses in growth mode, outsourced accounting provides faster implementation, lower risk, and better results than building from scratch. 

Get the Financial Clarity Your Growing Business Deserves 

Scaling a mid-market business is challenging enough without worrying whether your financial operations can keep pace.  

BPM’s outsourced accounting services provide the comprehensive financial capabilities you need—from accurate bookkeeping to strategic insights—without the cost and complexity of building an entire finance department. 

Ready to build a financial function that scales with your ambitions?  

Contact BPM to explore how outsourced accounting can give your business the clarity and confidence to grow. 

The Wine and Agriculture sector stands at a pivotal juncture as producers confront unprecedented challenges and evolving market dynamics. After three decades of sustained growth, the wine industry faces its first prolonged period of demand contraction, driven by fundamental demographic shifts, trade disruptions, and intensifying climate pressures. Organizations that embrace innovation, optimize operations, and adapt their business models will emerge stronger in this transformative period. 

Five Wine and Agriculture Trends Shaping the Industry in the Coming Year 

1. Generational Shift Reshapes Consumption Patterns 

The wine industry is experiencing a fundamental demographic transition as Baby Boomers age out of their peak consumption years while younger generations demonstrate markedly different drinking behaviors. The number of wine drinkers in key global markets has fallen by 5 million people between 2021 and 2024, with over-55s now accounting for almost 50% of wine drinkers in many mature markets. However, Millennials and Generation Z consumers are willing to pay more per bottle for perceived quality and authenticity, challenging the traditional low-priced “starter wine” model. 

This evolution demands a recalibration of marketing strategies and product positioning. Wine producers must move beyond volume-based approaches to cultivate meaningful connections with younger consumers who value transparency, sustainability credentials, and experiential engagement over traditional brand loyalty. 

2. Tariff Turbulence Creates Operational Uncertainty 

Trade policy volatility has created divergent trajectories for domestic wine producers and importers, forcing strategic recalculations across the three-tier distribution system. Tariffs ranging from 10 to 30 percent on imported wines, depending on country of origin, have fundamentally altered competitive positioning and margin structures throughout the supply chain. 

For domestic wineries, these tariffs present a double-edged opportunity. While imported wines—which represent approximately 30% of U.S. wine volume—face price disadvantages that could drive consumers toward domestic alternatives, many U.S. producers rely heavily on export markets where retaliatory tariffs and diplomatic tensions threaten access to critical international revenue streams. California wine exports alone exceeded $1.5 billion annually in recent years, making trade relationships material to producer profitability. Complicating matters further, approximately 80% of the world’s cork supply originates from Portugal and Spain, while many premium wineries import French oak barrels and Italian bottles now subject to tariff exposure—compressing margins from multiple directions simultaneously. 

Importers and distributors face particularly acute challenges as tariff uncertainty forces reassessment of inventory strategies and portfolio composition, with many pausing shipments pending tariff clarity and creating cash flow disruptions throughout the distribution network. Successfully managing this environment requires scenario planning that accounts for multiple trade policy outcomes, strategic evaluation of export market dependencies versus domestic focus, and careful monitoring of how competitors adjust their international positioning in response to shifting trade winds. 

3. Climate Change Threatens Vineyard Viability and Typicity 

Climate change has moved from abstract concern to existential threat, with extreme weather events including wildfires, unprecedented frost damage, prolonged droughts, and heat waves fundamentally altering growing conditions. Research indicates that 70% of the world’s winemaking regions could become unsuitable for growing wine grapes if global temperatures exceed 2°C above preindustrial averages. 

Beyond production losses, rising temperatures are impacting ripening patterns, acidity levels, and phenolic maturity, threatening the “typicity” that defines region-specific wines and underpins traditional classification systems. 

Producers must invest in adaptation strategies including irrigation infrastructure, frost protection systems, vineyard relocation to higher elevations, and exploration of climate-resilient grape varieties while balancing these changes against established regional identities and appellations. 

4. Premiumization and Sustainability Drive Product Innovation 

Despite volume declines, consumers increasingly demonstrate willingness to spend more on wines with compelling provenance stories, focusing on natural, organic, low-intervention, and artisanal characteristics. The organic wine market is projected to grow at a compound annual growth rate of 10.3% between 2024 and 2030, while low-alcohol still wines grew at a 22% compound annual growth rate between 2018 and 2023. 

This premiumization trend reflects broader consumer priorities around health consciousness, environmental stewardship, and authenticity. Wineries that successfully communicate their sustainability practices—from regenerative agriculture to carbon footprint reduction—while maintaining quality standards will capture greater share of wallet from discerning younger consumers. 

5. Direct-to-Consumer Models Face Tasting Room Headwinds 

• Diversify Revenue Streams: Develop multiple channels for customer acquisition and retention, balancing traditional distribution with direct-to-consumer and digital commerce models 
• Strengthen Financial Resilience: Model multiple tariff and climate scenarios to stress-test cash flow projections and identify vulnerabilities in supply chains and pricing structures 
• Invest in Climate Adaptation: Implement vineyard management practices that build resilience against extreme weather, including water conservation infrastructure and heat mitigation strategies 
• Refine Marketing to Younger Demographics: Create occasion-based campaigns and authentic storytelling that resonates with Millennial and Generation Z values around sustainability, transparency, and experiential engagement 
• Optimize Cost Structures: Scrutinize operating expenses and identify efficiency opportunities as margin pressures intensify from both input cost inflation and competitive dynamics

Learn more about our Wine and Agribusiness Tax Advisory Consulting Services

How BPM Can Help 

BPM provides comprehensive accounting, tax, audit, and advisory services designed specifically for the wine and agriculture sectors. Our professionals understand the unique challenges facing wineries and agricultural producers, from inventory accounting and compliance requirements to estate planning and succession strategies.   

Whether you’re managing complex direct-to-consumer sales tax obligations, optimizing entity structures, navigating tariff implications, or developing long-term financial plans to weather industry volatility, BPM delivers practical solutions grounded in deep sector knowledge. Contact us today to discuss how we can support your organization through this period of transformation and position you for sustainable success. 

If you’re planning to retire at 65, you’re approaching what’s traditionally been considered “full” retirement age—the milestone when Social Security, Medicare, and all the systems you’ve been paying into for decades finally align to support your retirement lifestyle. 

At 65, your retirement planning landscape expands to include new opportunities and systems that weren’t available before. You’re asking both “How do I continue building wealth strategically?” and “How do I make this wealth work most effectively to accomplish everything I want to do with it?” 

Your financial planning focus naturally centers on managing portfolio distributions efficiently, coordinating multiple benefit systems, and implementing sophisticated wealth transfer strategies while you’re still healthy and able to make these decisions. 

How much do you need in your portfolio to retire at 65? 

Retiring at 65 allows for more traditional withdrawal rates since you have immediate Medicare cost savings and full Social Security benefits.  

However, high earners have some unique considerations, including Medicare premium surcharges and the opportunity to optimize substantial Required Minimum Distributions in just a few years. 

Here’s what you may need based on different spending levels, assuming a 4% withdrawal rate.  

Annual Expenses	Portfolio Needed (No Bridge Income)	Portfolio with $100K Bridge Income
$100,000	$2.5 million	$1.0 million
$150,000	$3.8 million	$2.3 million
$200,000	$5.0 million	$3.5 million
$300,000	$7.5 million	$6.0 million
$500,000	$12.5 million	$10.0 million

The 15-20x expense rule becomes much more accurate at 65 when you factor in Medicare cost advantages. Someone spending $200,000 annually might need $4 million+ when accounting for Social Security supplementation and the significant savings from Medicare versus private insurance. 

Keep in mind that, depending on your date of birth, large Required Minimum Distributions may begin at age 73, creating opportunities for strategic tax planning. If you have portfolios exceeding approximately $2.6 million in tax-deferred accounts, you’ll be managing RMDs exceeding $100,000 annually, which creates both tax planning considerations and opportunities for continued wealth optimization. 

New financial roadblocks to plan for when retiring at 65 

At 65, retirement planning evolves to include strategic optimization and purposeful distribution alongside continued growth opportunities. 

IRMAA 

Medicare eligibility eliminates the uncertainty of healthcare coverage, but it introduces some new considerations you’ll want to understand.  

Medicare includes income-related premium surcharges, called IRMAA (Income-Related Monthly Adjustment Amount), which can significantly impact your healthcare costs. These surcharges apply to individuals with 2023 income above $106,000 or married couples above $212,000. 

For 2025, Part B surcharges range from $74 to $443.90 monthly, while Part D surcharges range from $13.70 to $85.80 monthly. This means high-earning retirees could pay an additional $530 per month ($6,360 annually) on top of standard Medicare premiums. 

What makes IRMAA particularly challenging for retirement planning is the two-year lag time. Your 2025 Medicare premiums are based on your 2023 income, which creates timing complications for strategies like Roth conversions and large withdrawals.  

Additionally, you’ll need to make decisions about Medicare supplement insurance (Medigap) versus Medicare Advantage plans that will affect your coverage for years to come. Supplement premiums provide predictable costs and broader provider networks, while Advantage plans offer lower premiums but typically have more restricted networks. 

You’ll want to coordinate your choices with HSA usage strategies. HSAs become particularly powerful accounts after 65, allowing tax-free withdrawals for qualified medical expenses or taxable withdrawals for any purpose without penalties. 

Required Minimum Distributions  

Substantial retirement account balances create RMD requirements beginning at age 73. Portfolios exceeding $1 million in tax-deferred accounts will generate RMDs exceeding $40,000 annually, increasing each year based on life expectancy tables. 

The key is planning now, while you still have eight years to implement strategies that can optimize the tax impact of these distributions. This creates opportunities for continued wealth optimization rather than just tax minimization. Large RMDs can also trigger or increase IRMAA surcharges, making coordination between RMD planning and Medicare premium management essential. 

Qualified longevity annuity contracts (QLACs) offer one strategic approach worth considering. QLACs allow up to $200,000 of retirement account assets to be invested in deferred annuities that begin payments at age 85. This creates opportunities for managing Required Minimum Distribution calculations while providing a source of income later in life.  

Qualified charitable distribution planning becomes available at age 70½, allowing up to $105,000 annually to be donated directly from IRAs to qualified charities without generating taxable income. This satisfies RMD requirements while avoiding tax consequences—a powerful strategy for charitably inclined retirees. 

Tips to keep optimizing your wealth  

At 65, your financial strategies focus on optimizing wealth growth, managing tax-efficient distributions, and implementing sophisticated planning techniques while you have the health and time to maximize these opportunities. 

Keep making retirement contributions 

If you’re still working, you have valuable opportunities to maximize your tax-advantaged savings: 

• 401(k) contributions: $23,500 plus $7,500 catch-up in 2025 
• IRA contributions: $7,000 plus $1,000 catch-up 
• HSA maximization: $4,300 individual or $8,550 family coverage 

These provide opportunities for continued tax-advantaged wealth building while potentially reducing your current-year income for IRMAA calculation purposes—a valuable double benefit that becomes particularly strategic at this stage. 

Refresh your investment approach 

Asset allocation becomes particularly strategic at 65. You’ll want to maintain growth potential for long-term wealth building while having adequate liquidity for distributions.  

Consider a glide path approach that maintains meaningful equity exposure that gradually adjusts your asset allocation over time. Many retirees keep 60-70% of their portfolio in equities to combat inflation and have potential market growth.  

Tax-loss harvesting in taxable accounts can provide ongoing benefits, generating losses to offset gains while maintaining your desired asset allocation. 

Claim Social Security at the right time 

At 65, your Social Security claiming options depend on when you were born. 

If you were born before 1960, you may have already reached or passed full retirement age (which ranges from 65 to 66 years and 10 months). If you were born in 1960 or later, your full retirement age is 67, meaning at 65, you’re still two years away from receiving your full benefit amount. 

You can claim Social Security as early as 62, but benefits are permanently reduced by approximately 25-30% compared to full retirement age benefits. If you’re 65 and born in 1960 or later, claiming now would still be considered “early” with reduced benefits. 

For every year you delay claiming past full retirement age, your benefits increase by approximately 8% annually. This can result in benefits that are 24-32% higher than your full retirement age amount, depending on your birth year—a significant boost that lasts for life. 

If you’re married, coordinating claiming strategies between spouses becomes particularly valuable when you consider different birth years and full retirement ages. Spousal benefits and survivor benefits are based on the higher earner’s benefit amount and can last for decades. 

The key is understanding where you stand relative to your specific full retirement age and viewing Social Security as one component of your overall retirement income strategy, coordinating it with portfolio withdrawals, RMD planning, and IRMAA management. 

Look into legacy planning opportunities 

At 65, you have valuable opportunities to implement wealth transfer strategies that may have been in the planning stages for years. Whether it’s grandchildren’s education funding, family business succession, or charitable legacy planning, you can coordinate active wealth transfer while continuing to build wealth for your own goals. 

Many families at this stage find themselves balancing immediate family support with long-term wealth transfer objectives. Generation-skipping transfer tax exemptions allow substantial wealth transfers to grandchildren, while charitable giving strategies like donor-advised funds provide immediate tax deductions with flexible distribution timing.  

The key is coordinating these strategies with your other retirement income sources and upcoming Required Minimum Distributions to optimize the timing and tax benefits. 

Create your comprehensive wealth plan 

Your retirement at 65 represents an exciting new chapter where decades of planning and saving create opportunities for both enjoying your wealth and continuing to build it strategically. It’s about optimizing all the systems and benefits you’ve earned while creating a legacy that reflects your values and supports the people and causes you care about. 

If you’re ready to explore how to optimize your wealth strategies and distribution approaches at this important milestone, contact BPM’s wealth management team to develop comprehensive strategies that coordinate Medicare benefits, tax optimization, RMD planning, and legacy implementation tailored to your specific situation. 

This material is for informational purposes only and is not intended to provide specific advice or recommendations for any individual. This information is not intended for use as tax advice. The examples given are hypothetical and are for illustrative purposes only. Actual results may vary from those illustrated. Guarantees are based on the claims-paying ability of the issuing company. 

Securities offered through Valmark Securities, Inc. Member FINRA, SIPC | Investment Advisory services offered through BPM Wealth Advisors, LLC and/or Valmark Advisers, Inc. each an SEC Registered Investment Advisor | BPM LLP and BPM Wealth Advisors, LLC are entities separate from Valmark Securities, Inc. and Valmark Advisers, Inc.  

The Nevada Employee Savings Trust (NEST) Program officially launched on July 1, 2025, marking a pivotal moment for Nevada employers and their workforce. For business owners in the Silver State, this new requirement could significantly impact operations and employee benefits strategy. 

Understanding the challenges of running a business while caring for employees’ future, this guide aims to help navigate the transition smoothly. Here’s what business owners need to know about NEST and how it might affect their operations. 

What is the Nevada Employee Savings Trust Program? 

The NEST Program represents Nevada’s commitment to addressing the retirement savings gap that affects an estimated 500,000 Nevadans who currently lack access to employer-sponsored retirement plans. This state-facilitated program allows employees to save post-tax dollars directly from their paychecks through state-administered individual retirement accounts (IRAs). 

Here’s how it works: If a business has six or more employees, has operated for at least 36 months, and doesn’t currently offer a tax-favored workplace retirement plan, it’s required to either enroll workers in NEST or provide an alternative retirement savings option through a chamber of commerce or trade association. 

The program features automatic enrollment for eligible employees at a default contribution rate of 5%, though workers can opt out if they choose or elect their own contribution rate. Employees maintain control over their accounts and can withdraw contributions at any time to meet financial emergencies, consistent with federal law. 

Understanding obligations as a Nevada employer 

Who must comply with NEST? 

A business falls under the NEST mandate if it meets these criteria: 

• Employs six or more workers 
• Has been in business for at least 36 months 
• Doesn’t currently offer a tax-favored workplace retirement plan 
• Operates within Nevada 

Which employees are covered? 

The program covers employees who: 

• Have been employed for 120 days or more 
• Are at least 18 years of age 
• Receive wages or other compensation 

Employee exemptions 

Certain employees are not covered by NEST, including those who: 

• Work for federal, state, or other government entities (counties, municipal corporations) 
• Make contributions to a Taft-Hartley multiemployer pension trust fund 
• Are covered under the federal Railway Labor Act 

Compliance options 

Employers have two primary paths to meet the NEST requirement: 

Option 1: Participate in NEST Automatically enroll eligible employees in the state-run program, which handles investment management and account administration. 

Option 2: Offer an alternative Implement a tax-favored workplace retirement plan or join a program offered through a trade association or chamber of commerce. 

Frequently asked questions about NEST 

What are employers’ responsibilities? 

Covered employers must automatically enroll eligible employees and share program information with their workforce. They can choose to use payroll providers or manage contributions directly through the NEST employer portal via ACH transfer or Excel file uploads. 

What is the default contribution rate? 

The NEST Program sets a default contribution rate of 5% of employee compensation, though employees can choose different rates or opt out entirely. 

What investment options are available? 

Employees can choose from several investment options based on their risk preferences, though specific details about the number and types of investments are determined by the Board of Trustees. 

Are employee records confidential? 

Yes, participant information is deemed confidential and not subject to public records requests. 

How is the program governed? 

A six-member Board of Trustees serves as fiduciary to the Trust, including the State Treasurer (Chair), Lieutenant Governor, and appointees representing employers, investment experience, retirees, and small business. The Nevada State Treasurer’s Office provides administrative support. 

Do employers need payroll providers? 

No, while many companies use payroll providers for NEST contributions, it’s not required. Employers can manage contributions directly through the NEST employer portal or by uploading Excel files. 

Why consider an employer-sponsored plan instead 

While NEST provides a valuable service for employees without retirement benefits, establishing an employer-sponsored plan offers several compelling advantages: 

Greater control and customization 

With their own plan, employers can tailor the program to match company culture and employee needs. This includes selecting investment options, setting contribution parameters, and designing features that align with business goals. 

Higher contribution limits 

Employer-sponsored 401(k) plans allow significantly higher contribution limits than IRA-based programs. For 2025, employees can contribute up to $23,500 to a 401(k), with additional catch-up contributions for those 50 and older. For 2026, employees can contribute up to $24,500 to a 401(k), with an additional $8,000 catch-up contribution available for those aged 50 and older. 

Enhanced employee benefits 

Employers can offer matching contributions, profit-sharing arrangements, and other features that boost employee engagement and retention. These benefits often serve as powerful recruitment and retention tools. 

Tax advantages for businesses 

Employer contributions to qualified retirement plans are typically tax-deductible business expenses, providing immediate tax benefits for companies. 

Pre-tax contribution options 

Unlike NEST’s post-tax contribution structure, employer-sponsored plans typically offer pre-tax contribution options, which can provide immediate tax benefits for employees. 

Making the right choice for businesses 

Deciding between NEST participation and implementing a retirement plan requires careful consideration of several factors: 

• Budget for employee benefits 
• Complexity willing to manage 
• Long-term business and workforce goals 
• The competitive landscape in the industry 

Some businesses find NEST’s simplicity appealing, especially if they’re not ready for the administrative responsibilities of their own plan. Others view a comprehensive retirement benefit as a strategic investment in their workforce. 

Implementation considerations and next steps 

Regardless of which path employers choose, taking action now is crucial. Here are key steps to consider: 

Assess current situation 

Review employee count, business tenure, and existing benefits to determine compliance status under the six-employee threshold. 

Evaluate options 

Consider the costs, benefits, and administrative requirements of both NEST participation and alternative retirement plans. 

Plan timeline 

Factor in the 120-day employee tenure requirement, implementation time, employee communication needs, and any payroll system changes required. 

Communicate with employees 

Workers deserve to understand how these changes will affect them. Clear, timely communication helps build trust and participation, especially regarding the automatic enrollment feature and 5% default contribution rate. 

How BPM can support retirement benefits strategy 

Navigating Nevada’s new retirement savings landscape doesn’t have to be overwhelming. BPM helps businesses understand the NEST requirements and evaluate all available options. 

Whether employers are leaning toward NEST participation or considering an employer-sponsored plan, BPM’s team can guide them through the decision-making process. The firm helps businesses understand the financial implications, administrative requirements, and strategic considerations for each option. 

If businesses decide to implement their own retirement plan, BPM provides comprehensive support from initial design through ongoing administration. The goal is to maximize the value of the investment while minimizing the administrative burden on teams. 

Employees’ financial security matters, and the decisions made today will impact their retirement readiness for decades to come. The complexity of compliance shouldn’t prevent businesses from making the best choice for their company and their team. 

Ready to explore options? Contact BPM today to discuss how the firm can help navigate Nevada’s retirement savings requirements and create a benefits strategy that works. BPM can help turn this mandate into an opportunity for companies and their employees. 

The Life Sciences sector continues to confront a dynamic landscape marked by technological innovation, evolving regulatory frameworks, and shifting capital dynamics. While venture funding has moderated from peak levels, strategic M&A activity and selective public market transactions signal continued confidence in high-quality assets.  

As biotech, medtech, diagnostics, and pharmaceutical companies position themselves for sustainable growth, several critical trends are reshaping how these organizations operate, compete, and create value. 

Six Areas Influencing the Industry Next Year 

1. Precision and Personalized Medicine Takes Center Stage

The expansion of precision and personalized medicine represents one of the most significant shifts in therapeutic development and patient care. Advances in genomics, companion diagnostics, and targeted therapies are enabling treatments tailored to individual patient profiles, moving away from the traditional one-size-fits-all approach. 

This trend is accelerating commercial opportunities but also raising operational complexity. Companies must invest in robust data infrastructure to capture and analyze patient-level information, while simultaneously building partnerships with diagnostic providers and genetic testing laboratories. The convergence of therapeutic development with diagnostic capabilities is no longer optional; it’s becoming a competitive necessity for organizations seeking to differentiate their pipelines and demonstrate clinical value. 

2. Digital and Decentralized Clinical Trials Alter Development Timelines 

Clinical trial design is undergoing fundamental transformation through digitalization and decentralization. Decentralized Clinical Trials (DCTs) leverage telemedicine, wearable devices, and home-based monitoring to expand patient access, improve retention, and accelerate enrollment timelines. 

The shift toward digital trials creates new operational and regulatory considerations. Organizations must: 

• Establish technology partnerships 
• Implement secure data collection systems 
• Ensure compliance with evolving guidance on remote monitoring and patient privacy 

While DCTs offer significant advantages in speed and reach, they require upfront investment in digital infrastructure and careful change management to ensure sites, investigators, and patients can effectively participate in these new models. 

3. Biomanufacturing Scaling and Supply Chain Resilience Are Priorities 

The proliferation of novel modalities (including cell and gene therapies, RNA-based treatments, and complex biologics) is placing unprecedented demands on manufacturing capabilities. These advanced therapies require specialized facilities, sophisticated quality systems, and highly trained personnel that are in limited supply. 

Companies are responding by: 

• Securing flexible manufacturing partnerships 
• Diversifying their contract manufacturing organization (CMO) relationships 
• In some cases, making strategic investments in internal capacity 

Supply chain resilience has moved from a back-office concern to a board-level priority, particularly as regulatory scrutiny and geopolitical trade dynamics introduce additional uncertainty into global manufacturing strategies. Organizations that can demonstrate agile, redundant, and compliant manufacturing capabilities will be better positioned to commercialize their pipelines successfully. 

4. Value-Based Contracting Pressure Intensifies Across Markets 

Payers worldwide are demanding greater evidence of real-world outcomes before committing to premium pricing for new therapies and devices. Value-based contracting (where reimbursement is tied to demonstrated patient outcomes rather than volume) is becoming the norm rather than the exception. 

This shift requires Life Sciences companies to rethink their commercial models, pricing strategies, and post-market evidence generation. Organizations must develop sophisticated outcomes-tracking systems, build capabilities in health economics and outcomes research (HEOR), and create flexible contracting structures that align with diverse payer requirements across geographies. The ability to demonstrate and capture value in real-world settings is increasingly determining market access and commercial success. 

5. Federal Research Funding Constraints Reshape Innovation Landscape 

Throughout 2025, the Trump administration has implemented significant changes to federal science funding that are fundamentally altering the research ecosystem for life sciences companies. The National Institutes of Health scaled back new grant awards by approximately $2.3 billion in the first nine months of the year—a roughly 28% contraction—with the biggest shortfalls hitting infectious disease research, cardiovascular and pulmonary studies, and basic biological research.  

Beyond direct funding cuts, the administration introduced a 15% cap on indirect costs for NIH grants, a dramatic reduction from the negotiated rates of 30-45% that research institutions typically receive to cover facilities, administration, and infrastructure expenses. While federal courts have temporarily blocked some aspects of these policies, the volatile funding climate has created widespread uncertainty across academic institutions and their commercial partners. 

The ripple effects extend directly into the biotech sector’s innovation pipeline. Venture investors warn that cutting federal support for basic science threatens the foundation of drug development, as early academic discoveries typically provide the basis for startup formation. Enrollments in PhD programs for life and biomedical sciences have flatlined, and early-career grant awards fell to their lowest levels since 2016—a trend that will constrain the scientific workforce for years to come.  

Biotech companies are responding to investor skittishness by reducing development programs and staff, with some industry leaders warning that these cuts could hand global biotech leadership to China. The administration’s stated goal of achieving better “geographic balance” in research funding adds another layer of uncertainty for established life sciences hubs. 

Life sciences companies should reassess their R&D strategies to account for diminished federal research partnerships. Organizations historically reliant on academic collaborations and NIH-funded talent pipelines may need to diversify their discovery engines through expanded industry partnerships, international research alliances, or increased internal basic research capabilities.  

Companies with strong cash positions should evaluate opportunities to acquire promising technologies from academic institutions facing funding pressure. Additionally, businesses should monitor how funding redistribution affects regional talent availability and consider how shifts in the academic research landscape might create new competitive advantages—or vulnerabilities—in specific therapeutic areas or technology platforms. 

6. Regulatory Focus on AI and Algorithms in Medical Devices Sharpens 

As artificial intelligence and machine learning become embedded in medical devices and diagnostic tools, regulatory agencies are developing more sophisticated frameworks to evaluate these technologies. The FDA and international counterparts are issuing guidance on algorithm validation, post-market surveillance of AI systems, and transparency requirements for machine learning models. 

Device manufacturers must prepare for heightened regulatory expectations around algorithm performance, bias testing, and ongoing monitoring of AI-enabled products. This includes investing in regulatory affairs talent with digital health fluency, establishing robust quality management systems for software-as-a-medical-device (SaMD), and building relationships with regulatory bodies early in the development process. Companies that proactively address these regulatory requirements will avoid costly delays and demonstrate commitment to patient safety. 

Learn more about our Life Science Industry

Strategic Imperatives for Life Sciences Leaders 

To capitalize on these trends and navigate industry headwinds, Life Sciences executives should consider the following actions: 

• Invest in Digital Therapeutics and Data Platforms – Build or acquire capabilities that enable patient-level data capture, analysis, and therapeutic personalization 
• Secure Flexible Manufacturing Partnerships – Diversify CMO relationships and ensure supply chain resilience for novel modalities with specialized production requirements 
• Adapt Pricing Models to Outcomes – Develop contracting frameworks that tie reimbursement to real-world performance and build HEOR capabilities to support value demonstrations 
• Prioritize Regulatory and Quality Talent – Hire professionals with digital health, AI/ML, and advanced therapy regulatory experience to navigate evolving compliance landscapes 
• Accelerate Genomics and Companion Diagnostics Programs – Integrate diagnostic capabilities into therapeutic development strategies to enable precision medicine approaches

How BPM Can Support Your Strategic Objectives 

BPM works alongside Life Sciences organizations to address the financial, operational, and strategic challenges created by these industry trends. Our integrated teams provide accounting, tax planning, audit assurance, and advisory services tailored to the unique needs of biotech, medtech, diagnostics, and pharmaceutical companies at every stage of growth.  

Whether you’re navigating complex M&A transactions, implementing value-based contracting models, scaling manufacturing operations, or preparing for regulatory milestones, BPM delivers practical guidance to help you achieve your objectives. Contact us to learn how we can support your organization’s success in this dynamic environment.