tax audit 1040

How CPAs Can Better Protect Clients' Personal Data

Jul 8th 2015
Share this content

In the wake of the increasing incidences of taxpayer identity theft this tax season, leaders from BKR International, a top five global accounting association, say CPAs need to do more than simply safeguard their clients' financial data.

They also need to be prepared to offer their clients strategies to mitigate their risk of identity theft and help them respond to fraudulent activity if their financial information is compromised.

“We as CPAs are in a unique position to help our clients understand how identity theft is committed and how they should best respond to the incident if it occurs,” said Howard Rosen, CPA, JD, AEP, worldwide chairman of BKR International. “BKR members regularly share information on successful strategies and protocols to protect our clients at all times of the year, not just during filing season.”

Cause for Increased Concern
You don't have to be a financial expert to understand that identity theft, in all its forms, is increasing exponentially. Nearly every day, the news is peppered with stories about data breaches, both large and small, that have compromised consumers' personal and financial information.

And taxpayer identity theft is just one more avenue where many individuals' personal information is increasingly being violated, said Maureen Schwartz, executive director of BKR International.

According to Schwartz, taxpayer identity theft has risen every tax season over the last several years. Schwartz said the IRS paid $5.8 billion in fraudulent refunds in 2013, with $24.2 billion in fraudulent returns prevented or recovered. The IRS admits that the full extent of taxpayer fraud is unknown at this time.

During the most recent filing season, BKR members found physicians were once again high-risk targets for fraudulent tax returns; this confirmed national reports that cited the same trend. To complicate matters even more, some physicians who had received an Electronic Filing Personal Identification Number (PIN) from the IRS in prior years for increased security had these same PINs rejected by the IRS for the current year, necessitating a paper filing of their return by mail.

BKR members also confirmed an increase in rejected e-filed returns due to compromised Social Security numbers, as well as incidents of credit card and bank account fraud among their clients.

The CPA's Role
With taxpayer identity theft on the rise, CPAs should be prepared to step up as a valuable ally to help their clients identify potential fraud, respond to fraudulent activity once it occurs, and understand the safeguards and strategies that can help them prevent identity theft in the first place, Schwartz said.

CPAs are uniquely positioned to help their clients identify potential fraud, Schwartz said, because working with a CPA provides a consistent record of taxpayer income, returns, and habits that can help detect fraudulent behavior using a taxpayer's identification or Social Security number.

“CPAs can support taxpayers in detecting if more than one tax return was filed, and also what to do if taxpayers receive a notice of owing additional tax, having a refund offset, or if collection actions are taken against them that don't fit the nature of the return filed,” Schwartz said. “IRS records may also incorrectly report that taxpayers received more wages than they actually earned – another red flag of possible fraud.”

CPAs are also well-positioned to warn clients about potential identity fraud because they receive regular IRS alerts, so they can help their clients monitor their financial activity for fraudulent transactions or respond to an identity theft threat or circumstance.

BKR members, for example, urge their clients to think of them as one of the first people to contact – in addition to law enforcement, the three major credit bureaus, their financial institutions, and the Federal Trade Commission – in the event of taxpayer identity theft to discuss what to do, Schwartz said.

“If clients have concerns about identity protection or believe their identity has been compromised, their CPA is a great first call for help. A trusted CPA can give them guidance on what to do,” Schwartz added.

BKR members also urge their clients to follow IRS guidelines on fraud mitigation, reporting suspicious activity and responding quickly to actual identity theft.

Beyond Taxpayer Identity Theft
With identity theft posing a potential risk to every aspect of their clients' personal and business information, a CPA's role in helping his or her clients prevent and respond to identity theft shouldn't end there.

CPAs should also be prepared to discuss some basic strategies and safeguards to protect their clients' financial information against any potential incidence of identity theft and assist them if their information is compromised, Schwartz said.

“CPAs can support their clients on any number of concerns regarding protection of their personal identity or proprietary business information,” she added. “Protection goes beyond taxpayer identity theft because a single compromise of a business owner's personal information can potentially impact the whole business.”

CPA firms can support business owners with internal-control protocols and procedures, and can help them develop a strategy for data protection, as BKR member firms do, Schwartz said. CPAs can also urge clients and business owners to install firewalls and encryption on laptops and mobile devices to make sure employees and owners are protecting data, and support an internal business strategy to make sure everyone in the company is following data-security protocols.

“Identity theft isn't going to go away. It is a business mandate to find better ways to protect data from cyberthreats,” Schwartz said. “CPAs should be part of a business owner's first line of defense because data protection is critical in the public accounting industry, and we are monitoring it closely for new ways to protect clients.”


Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.