This month we welcome a new staff member to the team, Juarita de Bryn. She is a smart lady and has come from corporate life back into practice because she enjoys working with SMEs and clients. She will be working with Simone and Grizelda on retainer clients and monthly clients.

We have done some work on our website and we are very proud of it 😊

Click the link for more information on packages that we provide. 

We also have added a search function on our website so you can search previous blogs and newsletters. 

We also want to remind you that we have a branch in Edinburgh and invite people to check out that website too!

SARS Updates

1. To reduce your personal tax liability before the end of the financial year you can do the following:

• Contribute additional retirement annuity contributions into your fund. This must have been done before the last day of the month, and please remember that the 28th of February is a Sunday. The max tax deduction is 27.5% of your taxable income or remuneration to the maximum of R350 000 per tax year. Any amount over and above will be carried over to the following year and no tax relief will be obtained in the current year.

• You can also donate to your favourite charity but remember to get a Section 18A certificate and it can only be to the maximum of 10% of your taxable income for the year

• Contribute to a tax-free savings account. The Maximum amount you can invest is R36 000 and this does not mean your taxable income decreases by R36 000, it only means that interest earned on the investments in an interest free investment account is tax free. Your bank can provide you with more information on these accounts and they are simple to open and quick. 

2. Please remember that all provisional tax returns must be submitted by the 26th of February 2021 for the companies that have a 28 February tax year end and all individuals registered for provisional tax. There is a handy blog that we did in August all about the 1st provisional tax submissions. We have also emailed our clients with regards to this. Please send us your information if you have not done so already 😊. And please, ask if you have any questions.

3. The February 2021 tax tables and rebates are as follows: Rates of Tax for Individuals (sars.gov.za). This is important to note as the starting point for paying tax increases in 2021 from R198 850 to R205 900. You will also need to know what the tax rates are if you want to calculate the maximum retirement annuity contributions you can make. The interest and dividends exemption amount has not changed in the last couple of years and remains at R23 800 for person’s younger than 65 and R34 500 for people over 65 years of age. Medical aid tax credit amounts have increased.

4. VAT returns will be filed through Xero soon, it’s currently in the beta testing phase. For all clients that are signed up on a retainer with Anlo, this will be included as part of your service offering and you don’t need to do anything. But if you are considering moving over to Xero, this is definitely a benefit.

5. You can check if a company is VAT registered in South Africa here.

Responsibilities of Companies Directors

We would like to remind clients of the duties and responsibilities of company directors in terms of the Companies Act.

The Companies Act of 2008 stipulates the core responsibilities in section 75:

• Disclose any conflict of interest (Section 75)

• Use position and information for company’s benefit

• Disclosure of material information

• Perform Duties:

  • In good faith

  • In the best interest of the company

  • With care, skill and diligence that may be reasonable be expected of a person carrying out such functions and having the same skill and experience of that director – the reasonable man/woman test.

It is also the company’s director’s responsibility to keep accounting and company records. This means that even though the company has a contract with Anlo to prepare the accounting records, the ultimate responsibility is still the company directors’ and should be acknowledged. 

If there is anything we can do to assist you with this responsibility, then please let us know. We are here to help!

CIPC: Duties and responsibilities of Directors, Auditors, Company Secretaries and Business Rescue Practitioners

ICAEW Cyber Security Event

Annja attended the ICAEW Scotland cyber event on the 17th of February and it was very useful. 

The general message was that Cybersecurity does not need to be scary. You can see your comings and goings on the web as having ‘cyber hygiene’ by applying simple steps that can safeguard you.

Jude and Declan from the Scottish Business Resilience Centre (SBRC) delivered the presentation, and it was most helpful. Rather than panic, they focused on maintaining a healthy paranoia 😊

It is important to not ignore the cyber security risk and educate yourself on what it is, and what you and your business needs.

Your company's cyber health should be discussed regularly within your teams along with what must happen if your company is attacked. Cybersecurity is the responsibility of everyone, and while the big hacks and attacks grab the headlines, many attacks succeed simply because of human oversight.

The world we live in is very tech reliant, more so in the last year as we all work from home and communicate only in the digital world. It is impressive what we have achieved since the pandemic started and how far we have come using digital communication, but it can be a weakness if we do not protect ourselves.

Bad guys (read: criminals) love chaos, and that is what has happened since COVID has hit; and where there is chaos it is easier to find ourselves at risk because our focus and attention is not as vigilant.

COVID SCAMS examples:

• Phishing emails. We all get these emails especially emails from tax authorities that look real but are not. So much information was received in a short period in the beginning of 2020 about grants and financial aids available, but this opened people up for scams due to the chaos. Be careful not to click on links and entering private information. Make sure the source of the email or correspondence is real (you can check this in the email header).

• Fake companies have proliferated on the internet including PPE equipment suppliers and fake charities asking for donations to help people in need. Sadly, some of these companies and charities have been identified as scams and play on people’s ability to trust other people.

• Text to elderly people pretending to be from vaccine centers but are only sent to extract personal information.

Online criminals are adapting constantly and out to hit vulnerable people – they don’t care who gets scammed.

Spreading misinformation about the pandemic is creating chaos which the criminals use against people. Try to discern and ignore what is merely propaganda, this is just one way that hackers will target you.

There are 3 types of hackers.

1. State-sponsored - Does not affect the small business or individuals directly, but the state hacking affects us through different way’s/overarching way’s, because if our private information is ‘leaked’ through their websites it indirectly affects us.

2. Organized Crime – an example of how they target people is through Ransomware – becoming more and more prevalent in the news. They use ransom threats to fund their other illegal affairs. They need cash to fund their other affairs. It isn’t personal.

3. Individual Hacker – May have an overarching goal – to highlight an injustice or punish a former employer, or that may simply see scamming and hacking to make money. They are most likely to target the “low hanging fruit”; individuals and small organisations that are easy targets because they lack the knowledge or technology to protect themselves. Small businesses are often targeted.

One of the reasons hackers exist is because the value we place on data and information, and that is not going to change. It is vital therefore that we learn to adapt to a constantly changing environment.

The solution is not to stop using the internet (as if we could!), the solution is to properly protect ourselves.

46% of businesses in Scotland have reported that they have had some sort of breach in the last 12 months. That is a high number. SPRC is there to help businesses and people protect themselves from this kind of online criminal activity.

This leads to a harsh but true Cyber ethos - I do not need to outrun the bear, I just need to outrun you!

How to ensure that you aren’t the low hanging fruit

1. Passwords and Passphrases – The way we need to look at passwords is that it should be more like passphrases. Be careful about emails received that includes your passwords looking for you to correspond and send your information.
   
   There are websites where you can check if your email has been subject to a breach. One example is Have I been Pwned?
   
   The irony of course is that you should be careful to establish that any such website is genuine and not just a phishing expedition!
   
   If you see your email is red, do not stress. Go and read below what websites have been breached and when and if necessary, make sure you change your passwords.

2. Password Managers – for instance; LastPass, Keeper, Dashlane, Bitwarden Keychain or 1Password. These help you to keep all your passwords in one place and use more complex passwords, without having to try and remember them all!
   These are very secure, and you can add layers of security such as two-step authentication. Password managers all tend to use strong encryption to protect your data, the actual algorithms and encryption systems will vary from product to product.

3. Make sure you apply updates regularly. If possible, make sure this is done within two weeks of the updates being issued. Windows updates automatically by default and there is a strong security argument for allowing it to do so.

4. Make back-ups of your data so that if anything happens you can access the data. Remember to regularly test that data can be restored from your backups – a backup that doesn’t work isn’t a backup! Fortunately, affordably cloud storage has made this much easier for all of us these days.

5. Be prepared and aware – check anything that seems odd or out of the ordinary and if in doubt, don’t open it. Never supply personal details unless you are certain of the recipient.

Starting the 22nd of Feb 2021 is CyberScotland Week. There is a lot of information on the website as well as links to events that might be of interest. As far as we know, there is no reason they wouldn’t welcome a few South African visitors!

The Government body responsible for overseeing information security in South Africa is the Information Regulator. If you have questions about data security, that’s probably the place to start!

So, stay safe – in more ways than one these days!!