Four R&D Tax Credits Facts That Will Scare the Living Daylights Out of You

‘Tis the season to be spooky and in keeping with the spirit of Halloween we’ve put together a list of five facts about R&D tax relief that will make your blood curdle….

1. UNDERCLAIMING - Nooooo! 

It’s easy to under claim by missing out important costs you might not know were eligible. Whilst erring on the side of caution can go a long way to avoiding the terrifying pitfalls of putting together an R&D tax relief claim, being too cautious can mean losing out on substantial sums of money.

2. UNCLEAR ELIGIBILITY - Agghhhhhh! 

You risk an enquiry if you are not clear about the eligibility of your projects. You know you are doing R&D, however HMRC need it explained in a way that shows the complexity of your project, but in simple terms. If they do not understand your supporting report they will question your eligibility.

3. GRANT IMPLICATIONS - Eeeeeeek! 

That tiny grant you took can have a big impact on your claim. If even a penny of state aid touches the costs of an R&D project, the whole project suddenly ends up in the large company scheme. Which means that if you have £100,000 of eligible expenditure, that £1000 you accepted to help out on a project has dropped your potential tax credits from £25,000 to just £6000.

4. SUBCONTRACTING COSTS - Shrieeeeeeek! 

If you don’t have clear contracts in place HMRC might not accept your subcontracting costs. Consider that company you subcontracted to help with your R&D - do you have a contract that shows they were employed to carry out your R&D? No? Well you might be in trouble, HMRC currently do not ask specifically for contracts but if an enquiry arises they’ll want to see how every penny was spent on R&D.

If you get it wrong and over claim HMRC can open an enquiry and ask for their money back any time (and we mean years) after you’ve submitted the claim. So to avoid a potential horror story, make sure you get it right first time. 

For nightmare-free and successful R&D tax relief, call Mark Lear on 01782 717777 or 07967 462704 or email him at mark.lear@jumpstartuk.co.uk

Author - Laeticia Guichard 

Chemistry in Your Coffee Cup

Reports abound about the health effects of coffee, depicting it as everything from a dangerous drug to an elixir of life, and a recent study adds further uncertainty to the mix. Scientists at the University of Glasgow have recently quantified what coffee aficionados have always insisted: not every espresso is created equal.

The researchers visited 20 shops in Glasgow’s west end, ordering a single espresso in each. They opted for take-away and brought their coffees back to the lab for analysis by high performance liquid chromatography, a technique for separating the individual components of a chemical mixture. With this approach, they measured levels of chlorogenic acids, a set of antioxidant compounds whose effects on us remain unclear, and caffeine.

The results showed huge variation in the chemical content of the coffees, with some containing up to six times more caffeine than others. Even taking into account differences in serving size, some still had three times more caffeine per unit volume. Notably, every single coffee analysed contained more than the 50mg of caffeine often cited as standard for a single espresso shot.

Why the variability? Multiple factors affect coffee’s chemical content, such as whether the beans come from arabica or robusta plants (arabica beans have less caffeine) and the extent of roasting, which breaks down caffeine. The grind’s fineness and the pressure and temperature settings on the espresso machine also affect the final result.

This variability means you could unwitting swallow more caffeine than you intend. Variations in sensitivity from one person to the next mean there is no daily allowance suitable for everyone, but the Glasgow researchers suggest that customers would benefit from information about the contents of their beverages.

On a practical note, supposing you find yourself thirsting for coffee in Glasgow, Beanscene and Starbucks will soothe you with just under 2mg of caffeine per millilitre of espresso (coming out to just 51mg for the smaller Starbucks shot and 77mg for Beanscene’s larger one). Costa Coffee and Heart Buchanan pack the biggest punches, each with more than 6mg of caffeine per millilitre.

Author - Catie Lichten

Update - Mark Lear - 2014

This study was recently published in the Royal Society of Chemistry's journal Food and Function in 2011

Ghostly Goings On…..

 

I love Halloween. I mean I really love Halloween. Anyone who knows me will tell you that I start planning my costume around about April (ghost cowgirl, complete with gory bullet wound if you’re wondering) and my excitement reaches ridiculous levels come September….and, now, finally, the time is upon us!

Shops are full of pumpkins, fake blood and witches hats and my home is covered in gory, gruesome and generally awesome decorations (I could lie and tell you it is for the benefit of my 5 year old daughter, but it’s not, it’s for me. Not that she objects, she has had a love of Halloween ingrained in her since she was born, I had her dressed as a pumpkin at 3 months old).

Now don’t get me wrong, I like my gruesome gore in a very pantomime fashion, I’m not a fan of genuinely scary films (seriously, have you seen The Ring, I honestly didn’t sleep for a week after I saw it) and the thought of coming face to face with a real ghost scares the utter hell out of me….yes I know, ghosts aren’t real.

The scientist in me absolutely knows this and knows that all strange and weird happenings have a perfectly reasonable and logical explanation (usually involving the brain playing tricks, old pipework or practical jokes)….but….but this tiny little part of me thinks there just might be some stuff that can’t be explained logically (this is the very non scientific part of my brain, the part that knows that at 38 I am too old to dye my hair pink, but wants to anyway), and of all the places in the world that you might come across a real live (well dead) ghost, Edinburgh has to be top of the list.

There is even some suspicion that there is a ghost in the Jumpstart offices…a report of a hole punch that was sitting in the middle of a desk suddenly landing on the floor and a floorboard creaking as though someone was walking on it when no one was there (heard by at me and at least one other person on separate occasions, I might add….and it was the same room as the hole punch incident)…..spooky stuff huh? OK, OK, or an old building and a hole punch that was a little closer to the edge of the desk than originally thought….but hey, its Halloween so indulge me and in the words of Michael Jackson, let's get inside this killer, thriller tonight.

Author - Charlie Burgess

Advising Directors and SME Planning Event in Manchester

As a partner and sponsor of the 2020 Group, Hulton Associates partner for R&D Tax Credits, Jumpstart has been invited to take part in their Advising Directors and SME Planning Event, to demonstrate how companies not usually associated with research and development, can benefit from the Government's R&D tax credits scheme. 

It is hoped that this knowledge share will encourage accountancy firms and finance professionals to look closely at their own client base and investigate further where opportunities may lie within the scheme as a secure way of funding for companies in their portfolio.

The event takes place at the Airport Inn, Altrincham Road, Wilmslow, SK9 4LR on 29th October 2014 and runs from 14.00 to 17.00

Key Topics Covered include: -

• Why you must talk to your clients about their FUTURE and not just the past.
• How to market your planning services to existing AND potential clients.
• Generating fees from Director and Company planning.
• Delivering the service in a systematic and value adding way.
• The latest forward looking software and products available.
• Tax strategies, research and development tax planning.

 Speakers - Ian Fletcher, Gordon Gilchrist and Guests

Most clients want to talk to you about their future and not their past!  Our research indicates they are specifically interested in tax minimisation, profit improvement, asset protection and exit or retirement planning.

This half day seminar will provide you with the knowledge and confidence to offer forward thinking advice to your SME clients and their directors. We will cover Strategic and Exit planning, profit improvement, company valuations and funding opportunities, tax planning for Directors and the company.

Author - Mark Lear

R&D Tax Credits – The Merging of Science with Finance

The R&D tax credit scheme is unique for a number of reasons. Unlike grants, it pays out after R&D is conducted, and unlike business ventures, credits are paid out even if the research fails. Also, unlike traditional tax claim procedures, HMRC requires companies to involve staff with an understanding of science in making successful applications.

It is easy to see why companies often find it difficult to make successful claims. Internal financial controllers often have expertise in the taxation system but not in the science that makes the company tick. On the other hand, the company’s technical experts may understand the science behind their company’s products but often have limited exposure to the financial side of the business. Unfortunately, however, any lack of interaction and cooperation between the two groups can have disastrous consequences when it comes to making and defending an R&D tax credit claim.

Jumpstart facilitates the interaction of these two business disciplines in order to make robust, accurate and successful claims. By collecting technical information on the company’s projects and using this as the focus of the cost collection, in all cases we aim to satisfy HMRC that the claim has been compiled with the input of both financial and technical staff. More details on this approach, and its results, can be found at http://www.hultonassociates.com/

Author - Laeticia Guillard

The New POODLE Vulnerability; Here We Go Again

On October 14th, Google released details on a new concern concerning the SSL protocol, just a short time ago, after the Heartbleed incident brought attention to “SSL” and its possible weaknesses which included allowing the plain text of secure connections to be determined by a network hacker. This latest vulnerability is referred to as “POODLE” (Padding Oracle on Downgraded Legacy Encryption) and believe me; there’s nothing “Poodle like” about it.

POODLE

This newly discovered vulnerability affects an old version of the SSL protocol, presenting a new threat to an increased range of web servers due to the fact that they are comprised of legacy support for out of date technology. This latest vulnerability affects the 3.0 versions of SSL that was released in 1996, which over the years has been replaced by numerous newer versions of TLS, its successor protocol. Even with the newer versions, the vulnerability is still a concern because SSL 3.0 is still supported by nearly all web browsers and large numbers of web servers as well. The problem is that the backwards compatibility with older SSL versions has the potential of getting you into real trouble thanks to POODLE.

About SSL 
When you enter high profile websites like Google, Twitter and your banking websites, you usually access them using https:// or a feature referred to as SSL which stands for “secure sockets layer”. The bad news is that the POODLE security defect has the potential of breaking that open. SSL as well as TLS, which stands for “Transport Layer Security” features encryption that is supposed to protect your information from being spied on, intercepted or modified by attackers between you and any applicable service provider.

More About SSL
SSL is a common technology that’s function is to prevent people who frequent the same wireless hotspot with you from seeing your transactions while you access your online banking accounts, etc., ensuring that your usernames and passwords don’t get in the hands of the wrong people whose only goals are to hijack your bank accounts and personal information. In other words, SSL is a primary component of privacy, security and trust online. Even with these security measures, numerous sites still fail to comply with the best practices and a large number neglect to put these security features into practice at all, leaving important information open to interception. In fact, even those who try to do the right thing can experience significant setbacks as a result of implementation security vulnerabilities. That is exactly what can happen thanks to the POODLE vulnerability.

Who is Affected by this Vulnerability?
POODLE has the potential of affecting any software that can be forced into communicating via SSLv3; meaning that all software that makes use of a fallback process that incorporates SSLv3 support is susceptible and can be exploited. Just a few of the most common software options that have the potential of being affected by POODLE include web servers, mail servers, VPN servers and web browsers.

How Does It Work ?
Under the right conditions POODLE allows the attacker to gain access to important information that makes it easy for them to take control of your account. For it to work the attacker just needs to be on the same path of communication and/or wireless network and they need to be running Javascript like a web browser. In this case, the attack isn’t quite as serious as the Heartbleed vulnerabilities were but POODLE is still extremely serious when you consider how many people are wireless these days. As a matter of fact, it’s so serious that Twitter has announced that they’ve completely disabled SSLv3.

Can I Protect Myself ?
To project yourself, it’s important that measures are taken to ensure that you’re not vulnerable in your roles as both a user and a server. Considering the fact that encryption is typically negotiated between the two, avoiding the effects of POODLE involves both parties. Steps will need to be taken to completely disable SSLv3 support; it’s important to keep in mind that a lot of applications use more effective encryption by default, however often still employ SSLv3 support as a fallback alternative. SSLv3 should definitely be disabled because if it isn’t a malicious user will have the ability to force SSLv3 communication if both participants permit it as an acceptable support method.

Because of the wide ranging support for SSLv3, even when more powerful encryption is permitted, this new vulnerability is far reaching and dangerous. These problems can be addressed if you take the appropriate measures to protect yourself as both a provider and consumer of any resources that make use of SSL encryption.


Author - Peter Bassill

Advanced Engineering UK 2014 Event

Hulton Associates partner for R&D Tax Credits, Jumpstart are speakers and exhibitors at Advanced Engineering UK 2014 Exhibition that runs from on the 11th  and 12th November 2014 at the NEC in Birmingham.

The Advanced Engineering UK group of events is one of the UK's fastest growing industry meetings and unites multiple interrelated high value engineering communities into a unique integrated technology transfer and supply chain business development environment.

From our location at stand H101 Jumpstart will be explaining to visitors why even though engineering companies have already been extremely successful with tax relief claims to HMRC, the sector is still failing to secure a potential financial windfall from the millions that go unclaimed each year. 

Come and speak with Mark Lear at the Jumpstart Stand - No. H101 and we can talk about what you're doing and perhaps, how we can get your company back 000's of pounds from HMRC !

For more details or to register, the Advanced Engineering UK website

Author - Mark Lear

New R&D Tax Credit Brochure Available

We can’t say this enough. R&D Tax Relief is a GREAT way to encourage innovation and business competitiveness by allowing companies to reclaim money invested in qualifying R&D, and we encourage EVERYONE to look into the scheme to find out if they are eligible.

Claiming what’s yours really is a no-brainer. Or is it?

HMRC provides plenty of guidance and advice – it runs to several hundred pages in fact. (It starts here.) If 100 pages of detailed instructions make you break out in a cold sweat, don’t panic !

You can get a copy of Jumpstart's new brochure: “Your essential guide to R&D Tax Relief”, which will give you all the key facts and figures about R&D tax relief, in a gloriously condensed 12 pages…

To take your first steps towards unlocking lots of lovely extra cash for your business contact Mark Lear on 07967 462704 or mark.lear@hultonassociates.com to get your copy.

(Hulton Associates are an authorised and accredited partner for R&D Tax Credits in associations with Jumpstart)
Author - Mark Lear

R&D Tax Relief Surgeries - Innovation Birmingham

Hulton Associates partner for R&D Tax Credits, Jumpstart is pleased to announce that it is working in partnership with Innovation Birmingham to deliver R&D Tax Relief surgeries for clients of the Birmingham based incubator facility.

Birmingham Innovation, part of the Cisco British Innovation Gateway (a network of thirteen new business incubators across the UK sponsored and supported by Cisco) provides support for over 100 SMEs, predominantly technology spinouts from five universities in the West Midlands.

The R&D tax relief surgeries are a new approach for Jumpstart; combining a short awareness session and then one-to-one consultations with individual companies.

Current plans are to run three such surgeries over the next 6 months, each for ten companies.

If this model is successful in delivering real benefits for participants Jumpstart hopes to repeat this model with other incubator facilities throughout the UK

For more details, visit the Innovation Birmingham website 

Author - Mark Lear

How to deal with big data and still comply with data protection laws

Big data analytics are increasingly used in public and private contexts, including management, marketing, scientific research and national security. It’s a common belief that benefiting from big data makes it impossible to comply with data protection laws.

The Information Commissioner’s Office (ICO) has published a report on big data and data protection, suggesting how businesses can deal with this data, while still complying with the Data Protection Act 1998.

The ICO encourages businesses to be open about what they do with personal data. This can help businesses meet the requirements of data protection principles, e.g. using data fairly and only for specific and limited purposes. It’ll also help businesses build trust with customers, as these businesses will be seen as responsible data controllers.

The guide can be found on the ICO website.

Author - Peter Bassill

I Love Creepy Crawlies... I Really Do ! ! !

You may have gathered from some of my previous posts that I love creepy crawlies. What can I say? I’m a Zoologist! Its pretty near impossible to freak me out with any kind of crawly, slimy, scuttle, leggy creature – like, you know when you’re a kid and the boys always liked to freak out the girls with worms and bugs, well, instead of running away screaming (which I believe was the reaction that was expected of me), I would be all like “oh, its so cute, let me see”.

That’s all creepy crawlies, except one….I am completely freaked out by centipedes. The biggest spider in the world could be in the bath and I would happily remove it, my only worry being that I don’t hurt it. But I have come across the teeniest centipede in the bath, and (to my shame) I had to get my husband to move it for me.

Thing is, for all they freak me out, I am fascinated by them (I think it’s like a horror movie, I want to look away, I just can’t); some are gigantic (the size of a forearm, eek) and can hang from the roof of a cave to catch bats, some bigger ones have venom strong enough to knock a person out and I've been informed that tourists in Hawaii are told not to poke any big centipedes they find because they will actually chase you (I have to admit, I’d be tempted, but I’d bet I could take on Usain Bolt running away afterwards…..).

This fascination with the horror of centipedes meant that I was super excited (I am not helping in convincing you that scientists aren't all geeks am I?) by a recent scientific paper about a young snake that made the mistake of eating a centipede that was almost the same size as it (the snake was 20 cm long and the centipede 15 cm and was actually heavier than the snake!). That is never going to end well, and it really didn't. The centipede first destroyed all of its predators’ insides and then fought it’s way out of the snake’s lower belly. Sounds like a B movie doesn't it but, seriously, it happened, published in a journal and everything! The thing is, this discovery will have little to no impact on the world of science, but, blimey, is it amazing, and just goes to show the beauty and brutality of nature. And it’s just another good reason for a science geek like me to get excited !

Author - Charlie Burgess

Honesty is the Best Policy When it Comes to Security

It has never been harder for businesses to build and preserve a relationship of trust with their customers. The rise of increasingly sophisticated, and targeted, cyber-attacks means there are more threats to watch out for than ever before. But letting just one slip through the net could spell disaster and damage even the strongest of partnerships, beyond repair. Just ask any major organization that has lost confidential customer data through a security breach.

When online retailer eBay reported that its network had been compromised earlier this year, it’s no wonder that its message to customers was “the trust and security of eBay members is our top priority”. The need to maintain trust in the face of a successful hack is critical.

Organisations that suffer cyber-attacks usually see not only a drop in their share price, but also in customer numbers. After all, in such an ultra-competitive business landscape, customers have many options for where to take their business.

The associated loss of trust has a damaging effect that can take months or even years to repair. Similarly, a government agency that is unable to protect citizens’ data could lose public confidence to the extent that is becomes politically very damaging.

Loss of trust, though, goes far beyond the cost of lost orders and public confidence; many studies have shown that businesses that suffer a significant data breach also experience record drops in innovation and staff numbers as a result. It is difficult to measure the exact costs but, according to the 2014 Cost of Data Breach Study from the Ponemon Institute, the cost per lost or stolen record increased for the seventh consecutive year.

Based on the experience of the forty organizations participating in the study, the average per capita cost increased from $146 to $162 and, with typical compromises impacting between 2,300 and 99,000 records, that is a huge hit to the bottom line !

However, with the odds stacking against you, we know that it is no longer a question of if you get attacked, but when. So given this sense of inevitability, that you will be compromised, what can you do to secure your company’s future ?

First of all, it is critical that security teams recognize and acknowledge the “new normal”. Rather than burying their heads in the sand and hoping against hope that it never happens, they need to be honest with themselves and accept that it is highly likely to happen and then act accordingly. By assuming you will be compromised, and putting yourselves in the role of the attacker and what they see, you can start to review your security in a different light and plan accordingly.

With a deeper understanding of the methodical approach that attackers use to execute their missions, you can identify ways to strengthen defenses and be able to respond quickly to limit the damage when it does happen.

Defenders must use the very same capabilities as the attackers, to better protect against attacks, including:

1. Visibility

Attackers will gain full visibility of your IT environment, so you must too. To more effectively protect your organization, you need a baseline of information across your extended network (which includes endpoints, mobile devices and virtual environments) with visibility into all assets, operating systems, applications, services, protocols, users, network behavior as well, as potential threats and vulnerabilities. Seek out technologies that not only provide visibility but, also offer contextual awareness by correlating extensive amounts of data related to your specific environment to enable more informed security decisions.

2. Automation

You need to work smarter, not harder. Hackers are using automated methods to simplify and expedite attacks. Using manual processes to defend against such attacks are inadequate. You need to take advantage of technologies that combine contextual awareness with automation, to optimize defenses and resolve security events more quickly. Policy and rules updates, enforcement, and tuning, are just a few examples of processes that can be intelligently automated to deliver real-time protection in dynamic threat and IT environments.

3. Intelligence

In an age when hackers are conducting extensive investigation before launching attacks, security intelligence is critical to defeat attacks. Technologies that tap into the power of the cloud, and big data analytics, deliver the security intelligence you need, continuously tracking and storing information about unknown and suspicious files across a widespread community and applying big data analytics to identify, understand, and stop the latest threats. Not only can you apply this intelligence to retrospectively secure your environment, mitigating damage from threats that evade initial detection, but you can also update protections for more effective security.

When maintaining the trust of customers, it is critical to not only make it harder for attackers to succeed, but also to have the visibility across your network so that you see when something unusual or unexpected happens.

After all, research shows that cyber criminals often remain undetected for months or even years once they successfully get in.

Finding them quickly and seeing what they have been doing and what applications and databases they have been compromising is the secret to preventing lasting damage. Then you can begin the process of being truthful with your customers, by letting them know you have a problem, but that it is under control and access to sensitive data is limited. It is in this way that you can rebuild trust and ensure a prosperous future.

Author - Peter Bassill