Here we are… literally days away from the IRS opening up e-filing of tax returns for another season—and definitely a little later than what most of us who operate firms with a significant tax practice are used to. Not that having a little extra time to prepare for the upcoming onslaught of filing deadlines is something I am complaining about.
In fact, to me, it’s the perfect opportunity to make sure you are ready to hit the ground running. Given the routine nature of tax season for many of us, it’s easy to be complacent which can lead to things being overlooked—such as the IRS requirement to have a Written Security Plan in place. That’s right…once you renew your PTIN, you are required by the IRS to have that plan in place.
There’s still time for your firm to meet the IRS requirements for a written security plan this tax season. Personally, I didn’t have a specific written plan that met the criteria that the IRS is looking for. I had many of the fundamentals covered in my own Business Continuity Plan, but the IRS is looking for a current Information Security Plan based on a Risk Assessment as per the GLBA Safeguards Rule.
This rule states that your firm is required to conduct a thorough and accurate Risk Assessment, providing the basis for a detailed Information Security Program (ISP). The ISP needs to be clearly documented in writing in order to comply. Failure to do so can result in some hefty penalties including: imprisonment for up to five years, steep fine (up to $100,000 for each violation; with officers and directors potentially being fined up to $10,000 for each violation)—or both. This is nothing to mess around with!
The good news, as I discovered, is that establishing a plan to cover your bases on the requirements is relatively easy, especially if you utilize a third-party service that will handle the details for you. After doing some research, I found Securex. Securex is a company that specializes in providing accounting firms with exactly what they need, in the right format, to satisfy the IRS guidelines for a written security plan.
Reduce the risk for your firm and your clients this tax season by getting your Written Security Plan in place this week! Having a Written Security Plan in place is not only smart practice for your firm, but it also will limit your risk of exposure to IRS fines and penalties (not a good look for any tax practitioner especially during tax season!), but doing so provides a critical layer of trust and peace of mind for your clients. As our clients’ trusted tax professional, it is our fiduciary duty to protect their sensitive personal and financial data to the fullest extent possible. At its core, this is what the IRS Written Security Plan requirement is all about.
Take advantage of this window of opportunity that the late start to the tax filing season is offering your firm to get on top of all of the responsibilities and requirements that come with our professional credentials. Take two hours in the next few days and get your Written Security Plan completed and filed with your PTIN documentation. You’ll have peace of mind and a higher level of security, and your clients and their data will be better protected, too.