Ask The California Employment Tax And Payroll Tax Attorney ‐ IRS Warning: Cyber Threats Are On The Rise For Tax Professionals ‐ What You Can Do To Protect Your Practice And Your Clients ‐ Part 1

By Robert S. Schriebman

2018

Introduction

Cyber endangerment has become so pervasive that the IRS has issued a series of Information Releases entitled, “Protect Your Clients; Protect Yourself: Tax Security 101.” The IRS will be issuing a series of warnings and instructions over the next several weeks. As I receive these publications, I will inform you. These IRS Information Releases are directed primarily at tax representatives and tax return preparers, but they are also directed at members of the accounting profession whose job it is to collect and preserve the massive client data and other information vital to the record keeping and reporting processes. The IRS will be publishing basic information you need to better protect client-taxpayer data and to help prevent of filing fraudulent tax returns.

The IRS has put together a Security Summit composed of government and private sector partners not only to protect the public, but to protect the Treasury from paying out millions of dollars in fraudulent refund returns. I’m afraid this is going to be a never ending battle, because as much as the Security Summit has accomplished, identity theft and data theft at tax professional work sites, i.e. your offices, are on the rise. These thieves take stolen taxpayer data for all types of evil purposes including fraudulent tax returns that are becoming ever harder to detect. In IR-2018-147 (July 11, 2018), the IRS makes it known that these thieves are very sophisticated and they are “…well-funded by tax-savvy criminal syndicates based here and abroad.”

IR-2018-147

Tax professionals have a lot at risk for cyber intrusions. Not only do you have the risk of losing your client base, but also the risk of malpractice and related civil lawsuits. The Financial Services Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act, requires tax professionals as well as tax return preparers to create and maintain an updated and consistently monitored security plan to protect client data.

Tax professionals are advised to download and read two key IRS publications, Publication 4557, Safeguarding Taxpayer Data, and Publication 5293, Data Security Resource Guide for Tax Professionals outlines basic security steps you should take to protect your clients.

This year a sophisticated gang of cyber crooks breached numerous practitioners offices by gaining remote control access to computers and stealing client tax information used in the preparation of 2016 tax returns. These thieves used this information to file 2017 tax returns. They had everything – including information for bank direct deposits. If you thought this was bad enough, these crooks then called taxpayers trying to trick them into returning fraudulent refunds. The theft was so pervasive that the thieves could access client bank information online and steal the fraudulent refunds. So the thieves got paid twice!

This thievery was so professional that most of the tax professionals who were victimized did not know the data was stolen.

In Part 2 of this series we will examine the list of Security Summit recommendations concerning anti-virus software, firewalls, two-factor authentication, drive encryption and date security plans.

I recently attended a tax controversy institute in Los Angeles. The audience listened to two experts from the IRS on the subject of security protection. These two experts polled the audience concerning several basic protections that should be in place. There were approximately 200 attendees. There were very few hands raised for those who had in-place security measures. And this was a very sophisticated audience of tax professionals. The IRS speakers told us that it was not a question of “if” our security will be breached, but “when” the breach will occur. It seems we all have to live in fear of these cyber crooks.

***

Robert Schriebman has a successful practice in the Rolling Hills Estates area of Los Angeles County serving clients throughout California and the United States. He has successfully dedicated more than 40 years to helping individual taxpayers, business owners, CPAs, Enrolled Agents, and tax attorneys navigate the complicated tax systems of the federal and state governments. Mr. Schriebman is in private practice. He is not affiliated in any way with the EDD and he is not employed by the EDD or any other agency of the State of California.

Robert Schriebman has written the only 2 books ever published dealing with how California Employment Development Department (EDD) operates. See “California Tax Collection Practice and Procedures” and “California Taxation Practice and Procedure,” both published by Commerce Clearing House.

Robert Schriebman has written over 20 books including the major manual used nationally by practitioners and the IRS, “IRS Tax Collection Procedures – A Manual for Practitioners” published by Commerce Clearing House.

Robert Schriebman has written over 20 books including the major manual used nationally by practitioners and the IRS, “IRS Tax Collection Procedures – A Manual for Practitioners” published by Commerce Clearing House in addition to the only 2 books ever published dealing with how California Employment Development Department (EDD) operates. See “California Tax Collection Practice and Procedures” and “California Taxation Practice and Procedure,” both published by Commerce Clearing House.

Web Site Article 341