Member Login
Search

CSTC Newsletter

September 2019

In This Issue...

  1. From the President
  2. 2019 Fall Tax and Accounting Forum
  3. September 2019 Chapter Events
  4. Welcome New CSTC Members
  5. Legislative Advocacy
  6. Become a CA Registered Tax Preparer (CRTP)
  7. News from the IRS
  8. Join CSTC!

CSTC Member Benefits

CSTC members have access to benefits such as free payroll processing services for your tax practice, and the opportunity to earn new revenue through their flexible partnership options.

CSTC is pleased to include the VeriFyle ProTM premium secure online document and message sharing service at no cost to CSTC members!

Wolters Kluwer: Discounts on Tax, Accounting & Audit Resources, Software, Information & Services. 

 CSTC members receive the TaxBook WebLibrary at a special price

Other Member Benefits Include:

$ Savings on all Society Educational Events

$ Savings on Contact, Correspondence & Self Study Education

$ Savings with member specialty CSTC Connects (previouslyYellow Pages) list

$ Savings with E & O Insurance, plus specialty coverage relevant to your profession

$ Online CSTC Find-a-Tax Consultant search to help promote your business!

$ CSTC Member Listserv

Office Depot has partnered with us to provide exclusive savings in-store and online, plus fantastic additional benefits. This program is all about providing preferred pricing to our clubs, and the savings extend to almost every item.

Savings include 20% to 55% off item office supply core list, 20% to 55% off retail on cleaning  & break room items, 10% off branded; 20% off private brand  ink & toner core list, Average 10% off  retail on 200 technology core items, Free next-day shipping on orders of $50 or more, and SIGNIFICANT savings on copy & print. Become a CSTC member to sign up for our Office Depot Small Business Savings Program, administered by Excelerate America.


We are a professional full-service tax advisory firm in San Diego. Our goal is to provide a level of service for our clients that will exceed expectations in every possible way. We strive to offer a diverse level of services in order to meet the needs of the diverse community we have been working in for more than 30 years.

TaxMama's® EA Exam Course prepares tax professionals to do so much more than just pass the IRS' Special Enrollment Examination. This is in-depth course teaches tax law from the ground up. It explains how tax returns work, with examples of basic 1040s, Schedule Cs, 1065s, 1120s, and 1120Ss; you learn tax law, tax research, client representation for audits, appeals and collections. 

 

If you are interested in buying or selling a practice, contact us today! ATB is operated by Enrolled Agents ensuring a complete understanding of our profession. Please give us a call at (855) 428-2225 or visit us online at www.ATBCAL.com for more information and to view our current listings.
CA DRE 02002824

 

CSTC Mission

CSTC advances professionalism within the tax industry by:

  • Providing quality education
  • Creating networking opportunities
  • Advocating professional standards

 

From the President

Never Underestimate the Value of Experience

Preparing for a 50 mile MTB race is quite a project. On October 12, 2019, my son Ryan and I will ride in a 50 mile Mountain Bike Race in Bentonville, Arkansas. When we first got the idea to do so, we had to choose between a 15, 30, or 50 mile course. We decided to “go for it” and signed up for 50. If we were going to do, might as well do it big, right? We both ride mountain bikes regularly and figured that this would just be a long day of riding fun. As we stared to examine the course and our average mountain biking speeds, we realized that if we hustled, it could take us 6 or 7 hours to get to the finish line! This is going to be a big deal.

My plan was to ride 3 or 4 days a week about 7 to 10 miles per ride and to push a little harder. My normal rides were lasting about an hour and I love to ride. Several weeks ago I figured I should ride longer so I set out on a 17 mile ride. I was pretty happy about how I felt until I did the calculation - 17 miles is only 1/3 of the 50 miles we signed up for. Tripling that distance would require serious effort and I’d have to figure out how to eat during the race. I have never done a 6 hour race before. But how hard could it be?

Last weekend I stepped it up and went for a 31 mile ride with 3,100 ft elevation change and finished in 3:40. That sounds pretty good until you hear the rest of the story. At mile 10 I was doing fine and went up some pretty steep trails. At miles 15 and 20 more steep hills and it was getting hot. I thought I was doing great until at about mile 25 when my thighs started cramping and I got the chills. What a weird sensation – chills when it’s hot and I’m sweating. I was not sure what was happening so I stopped, rested, and tried to cool down. After I got going again, more chills and it was getting harder to pedal. Once I finally got home, I was able to rest, drink, and cool down. After several hours, I was feeling better.

Some of you will recognize my symptoms as the beginning stages of Heat Exhaustion. When the body can no longer cool itself with sweat, it will start to shiver and cramp and the body’s core temperature will increase. Apparently, this can lead to Heat Stroke which ads a host of other possible symptoms including nausea, headaches, and sometimes passing out. I feel very lucky that it was not worse. 

What went wrong? I know now that my body was dehydrated, low on electrolytes, hungry, and not conditioned for that level of activity. I was not prepared well enough and I underestimated the strain on my body. Had I drank more water and electrolytes and eaten more carbohydrates before and during the ride, things would have been fine. The answer seems so simple, to drink and eat more, but even then, I had not had chills from overheating before and I thought I was doing OK. I was drinking a lot of water, just not enough. I ignored the leg cramps believing that I just needed to push through them, so I did. 

Now I know better and will pay closer attention to hydration, nutrition, and symptoms. A valuable lesson learned that only came through experience.

How does this story relate to personal and professional preparedness? Or does it just relate to experience? I believe both. As professionals we try to learn and prepare for every situation we can think of, but until we have experience, we can’t really think of every situation. Isn’t it frustrating to find that the longer you practice your profession, the more you do not know?  How awesome was it when you were just getting started and thought you knew so much more than you know now? Experience teaches us lessons that we can get in no other way. Just like my 31 mile ride where I thought I was going to be OK with the water and food I had, yet seriously underestimated what I really needed. Will that happen to me again? If it does, I will be much better prepared and I will know what to watch for.  Now I can teach the lesson from hard earned experience.

Professionally, experience makes us better, faster, smarter, more careful, more discerning, more valuable to clients, and teaches us what to look for and what to avoid. Experience makes us better in many ways. When you are quoting a fee for a client or potential client, keep in mind that they are paying for your experience and expertise that comes only through time and effort.

Never underestimate the value of experience.

Gary Quackenbush
CSTC President

Registration is Open for the  Accounting Forum in Sacramento!
September 20-21, 2019
Topic: Non-profits

Courtyard by Marriott Sacramento Cal Expo
1782 Tribute Rd
Sacramento, CA 95815

The California Society of Tax Consultants (CSTC) provides quality tax education for tax professionals, including CTEC-registered preparers, Enrolled Agents, CPAs and attorneys. CSTC's 2019 Fall Forum will be held September 20-21, 2019 at the Courtyard by Marriott Sacramento Cal Expo in Sacramento, CA. It will focus on tax and accounting for non-profit organizations.

SCHEDULE

Friday, September 20

7:00am - 8:00am
Registration & Breakfast

8:00am - 12:00pm
Accounting for Nonprofits 
Linda Dong, EA
4 Hours Accounting  
(Not reported by CSTC) 

Nonprofits have particular requirements regarding restricted funds and functional expenses, and these have been recently updated. Understanding these concepts and recording the transactions correctly provides all the information needed for the tax return. We’ll look at these concepts and how to record them by working through a comprehensive example, starting with the journal entries and ending with a set of financial statements which will be used to prepare Form 990.

12:00pm - 1:00pm
Lunch
Hot Topics from the IRS
Marc Zine, Senior Stakeholder Liaison
1 Federal Tax Law Hour

It is almost impossible to be in the return preparation business and not collect or hold personally identifying information — names and addresses, Social Security numbers, etc., about your clients and employees.  What would you do if cyber thieves stole yours and/or your clients' data?  In this session you will also find out how Stakeholder Liaison can you help you deal with the aftermath of a data breach and actions to take when compromised,  changes in IRS transcript delivery procedures and practice management tips for dealing with the changes.

1:00pm - 3:00pm
California Attorney General's Supervision of Charities and Fundraisers
Elizabeth Kim, Supervising Deputy Attorney General
2 Hours California Tax 

The Attorney General’s Office oversees charities and charitable fundraisers in California, which means all our nonprofit clients have to register with them and file Form RRF-1 annually. Come and hear directly from the Attorney General’s office about their requirements, their enforcement, and what you need to know to be in compliance. Bring your questions too.

3:00pm - 5:00pm
Franchise Tax Board
Audrey Rowe, Program Specialist III 
2 Hours California Tax

Whether you are helping a new client apply for exempt status, working to get status reinstated, or making sure that an exemption is maintained, the key is knowing and understanding the requirements and staying in compliance.  The Franchise Tax Board Exempt Organizations and Nonprofits Unit will help to shed light on the nonprofit process and answer your burning questions about exemption status.

Saturday, September 21

7:00am - 8:00am
Registration & Breakfast

8:00am - 12:00pm
Taxes for Non-profits (Part 1) 
John G. Miller, EA
Ruth Godfrey, EA          
6 Hours Federal Tax Law
2 Hours California Tax 

The Form 990 is not only an information return for the IRS, it is also a way to communicate the purpose and efficiency of the organization. For organizations looking for donors, sponsors, or grants, this is an important tool in their public relations packet.

In this class, we will learn how to utilize the financial information from the organization to accurately complete their Form 990. We will warn how to avoid potential pitfalls, make the numbers balance, and portray the organization so that potential employees, board members, donors, and the IRS are able to discern what the “real” organization looks like.

We will discuss preparation of Form 990, 990-EZ, CA RRF-1, and all the accompanying schedules. We will talk about correct reporting – making sure that the correct 501(c) classification is being reported and that the return being filed conforms to the specific 501(c) classification rules.

We will learn to determine what is Unrelated Business Taxable Income (UBTI) and what is not. We will work with the public support test, in-kind donations, fundraising, board independence, restricted funds and transactions with related or “interested persons” as well as preparing an actual 990 return.  Bring your questions – this class is developed to help us all get answers to our questions.

12:00pm  - 1:00pm
Lunch

1:00pm - 5:00pm
Taxes for Non-profits (Part 2)
John G. Miller, EA
Ruth Godfrey, EA 
6 Hours Federal Tax Law
2 Hours California Tax

September 2019 Chapter Events

September 3, 2019
Topic: Retirement Plans for Self Employment
East County San Diego Chapter Meeting
1 Federal Tax Law Hour

Topic: Update of California Tax Law
East County San Diego Chapter Meeting
2 California Hours

September 4, 2019
Topic: Shannon's "Hall of Tax Curiosities"
Temecula Valley Chapter Meeting
2 Federal Tax Law Hours

Topic: California Tax Update
San Francisco Bay Chapter Meeting
2 California Hours

September 5, 2019
Topic: Preparing S Corporation Returns
San Gabriel Valley Chapter Meeting
2 Federal Tax Law Hours

September 10, 2019
Topic: Round Table
North County San Diego Chapter Meeting
1 Federal Tax Law Hour
1 Federal Update Hour

September 11, 2019
Topic: Audit Representation & Correspondence
Orange County Chapter Meeting
2 Federal Tax Law Hours

September 12, 2019
Topic: Ethics: A Recap of Key Issues and Planning
North County San Diego Chapter Meeting
2 Ethics Hours

September 18, 2019
Topic:After Tax Season Breakfast
Temecula Valley Chapter Meeting
Hours TBA

Topic: Ethics - The Professional Legal Issues
Inland Empire Chapter Meeting
2 Ethics Hours

Topic: Around the World in 120 Minutes
San Jose Chapter Meeting
2 Federal Tax Law Hours

September 19, 2019
Topic: Reporting K1's on Individual Tax Returns
San Diego Chapter Seminar
2 Federal Tax Law Hours

September 20- 21, 2019
2019 Fall Tax and Accounting Forum
Topic: Nonprofits - From Exemption to Efile
Location: Courtyard by Marriott Sacramento Cal Expo
1782 Tribute Rd 
Sacramento, CA 95815

September 23, 2019
Topic: Business Bootcamp
Wine Country Chapter Seminar
3 Federal Tax Law Hours

CSTC Board of Directors Meeting
Virtual Meeting
9:00 AM to 12:00 PM

September 24, 2019
Topic: TBA
Sacramento Chapter Meeting
Hours TBA

September 26, 2019
Topic: Business Bootcamp
Wine Country Chapter Meeting
3 Federal Tax Hours

September 30, 2019
Topic: Business Bootcamp
Wine Country Chapter Meeting
3 Federal Tax Hours

Click here to view the CSTC calendar.

 Welcome New CSTC Members!

Please help us in joining our newest CSTC Members!

Hanspeter Adam
Member at Large Chapter

Roslyn Blackwell
San Jose Chapter

Michael Cicchetti
Orange County Chapter

Mireya Espinoza
San Jose Chapter

Teresa Fernandez
Central Valley Chapter

Christina Hebert
San Diego Chapter

Surbhi Jain
San Jose Chapter

John Kempton
Orange County Chapter

Eric Ma
Orange County Chapter

Fatin Miqbel
Central Valley Chapter

Michele Patterson
Central Valley Chapter

Dawn Reamey
East County San Diego Chapter

Adriana Reyes-Guzman
Central Vallet Chapter

Marie Stockton
East County San Diego Chapter

Karen Vaughan
East County San Diego Chapter

Fernando Vellanoweth
Sacramento Chapter

Nishon Watson
Inland Empire Chapter

Legislative Advocacy

CSTC has been the leading Association in supporting legislation to provide protection for our profession, to support our profession, and to enhance our profession. CSTC continuously leads our industry through legislative advocacy, educational opportunities, and professional inclusion.

CSTC works closely with a Legislative Advocate in Sacramento to keep an eye on important bills that would effect tax payers and small business owners.

Please click here to view the bills that CSTC is currently monitoring.

Become a California Registered Tax Preparer (CRTP) with CSTC!

The California Society of Tax Consultants offers two options for those looking to become a California Registered Tax Preparer (CRTP).

Both courses teach you the fundamentals of federal tax law. And it doesn’t just teach you the law--you also learn how to apply it in your review questions and learning activities by preparing practice tax returns.

ONLINE - All year round we offer an online QE course that you are able to purchase at any time and complete at your own pace. Click here to learn more. 

IN-PERSON - Starting in September, 2019, we will be offering an in-person course for the 60 hour QE Education. The course will start on September 9 and continue every Monday and Thursday until November 21, 2019. Click one of the boxes below to learn more about the class. 

 

 

 
The Qualifying Course is powered by The Income Tax School.

   

August 30, 2019
Here’s what tax professionals should know about creating a data security plan 

Tax pros must create a written security plan to protect their clients’ data. In fact, the law requires them to make this plan. 

Creating a data security plan is one part of the new Taxes-Security-Together Checklist. The IRS and its Security Summit partners created this checklist. It helps tax professionals protect sensitive data in their offices and on their computers.

Many tax preparers may not realize they are required under federal law to have a data security plan. Each plan should be tailored for each specific office. When creating it, the tax professional should take several factors into consideration. This includes things like the company’s size, the nature of its activities, and the sensitivity of its customer information.

Creating a plan
Tax professionals should make sure to do these things when writing and following their data security plans:

  • Include the name of all information security program managers.
  • Identify all risks to customer information.
  • Evaluate risks and current safety measures.
  • Design a program to protect data.
  • Put the data protection program in place.
  • Regularly monitor and test the program.

Selecting a service provider
Companies should have a written contract with their service provider. The provider must:

  • Maintain appropriate safety measures. 
  • Oversee the handling of customer information review. 
  • Revise the security program as needed.

More information:

August 22, 2019
Security Summit warns of new IRS impersonation email scam; reminds taxpayers the IRS does not send unsolicited emails

IR-2019-145

WASHINGTON — The Internal Revenue Service and its Security Summit partners today warned taxpayers and tax professionals about a new IRS impersonation scam campaign spreading nationally on email. Remember: the IRS does not send unsolicited emails and never emails taxpayers about the status of refunds.

The IRS this week detected this new scam as taxpayers began notifying [email protected] about unsolicited emails from IRS imposters. The email subject line may vary, but recent examples use the phrase “Automatic Income Tax Reminder” or “Electronic Tax Return Reminder.”

The emails have links that show an IRS.gov-like website with details pretending to be  about the taxpayer’s refund, electronic return or tax account. The emails contain a "temporary password" or "one-time password" to "access" the files to submit the refund. But when taxpayers try to access these, it  turns out to be a malicious file. 

“The IRS does not send emails about your tax refund or sensitive financial information,” said IRS Commissioner Chuck Rettig. “This latest scheme is yet another reminder that tax scams are a year-round business for thieves. We urge you to be on-guard at all times.”

This new scam uses dozens of compromised websites and web addresses that pose as IRS.gov, making it a challenge to shut down. By infecting computers with malware, these imposters may gain control of the taxpayer’s computer or secretly download software that tracks every keystroke, eventually giving them passwords to sensitive accounts, such as financial accounts.

The IRS, state tax agencies and the tax industry, which work together in the Security Summit effort, have made progress in their efforts to fight stolen identity refund fraud. But people remain vulnerable to scams by IRS imposters sending fake emails or harrassing phone calls.

The IRS doesn't initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.

The IRS also doesn’t call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail a bill to any taxpayer who owes taxes. See Report Phishing and Online Scams for more details.

August 14, 2019
IRS Automatically Waives Estimated Tax Penalty for Eligible 2018 Tax Filers 

IR-2019-144

WASHINGTON — The Internal Revenue Service is automatically waiving the estimated tax penalty for the more than 400,000 eligible taxpayers who already filed their 2018 federal income tax returns but did not claim the waiver.

The IRS will apply this waiver to tax accounts of all eligible taxpayers, so there is no need to contact the IRS to apply for or request the waiver. 

Earlier this year, the IRS lowered the usual 90% penalty threshold to 80% to help taxpayers whose withholding and estimated tax payments fell short of their total 2018 tax liability. The agency also removed the requirement that estimated tax payments be made in four equal installments, as long as they were all made by Jan. 15, 2019. The 90% threshold was initially lowered to 85% on Jan 16 and further lowered to 80% on March 22.

The automatic waiver applies to any individual taxpayer who paid at least 80% of their total tax liability through federal income tax withholding or quarterly estimated tax payments but did not claim the special waiver available to them when they filed their 2018 return earlier this year.

“The IRS is taking this step to help affected taxpayers,” said IRS Commissioner Chuck Rettig. “This waiver is designed to provide relief to any person who filed too early to take advantage of the waiver or was unaware of it when they filed.”

Refunds planned for eligible taxpayers who paid penalty

Over the next few months, the IRS will mail copies of notices CP 21 granting this relief to affected taxpayers. Any eligible taxpayer who already paid the penalty will also receive a refund check about three weeks after their CP21 notice regardless if they requested penalty relief. The agency emphasized that eligible taxpayers who have already filed a 2018 return do not need to request penalty relief, contact the IRS or take any other action to receive this relief.

For those yet to file, the IRS urges every eligible taxpayer to claim the waiver on their return. This includes those with tax-filing extensions due to run out on Oct. 15, 2019. The quickest and easiest way is to file electronically and take advantage of the waiver computation built into their tax software package. Those who choose to file on paper can fill out Form 2210 and attach it to their 2018 return. See the instructions to Form 2210 for details.

Because the U.S. tax system is pay-as-you-go, taxpayers are required by law to pay most of their tax obligation during the year, rather than at the end of the year. This can be done by having tax withheld from paychecks, pension payments or Social Security benefits, making estimated tax payments or a combination of these methods.

Like last year, the IRS urges everyone to do a “Paycheck Checkup” and review their withholding for 2019. This is especially important for anyone who faced an unexpected tax bill or a penalty when they filed this year. It’s also an important step for those who made withholding adjustments in 2018 or had a major life change. Those most at risk of having too little tax withheld include those who itemized in the past but now take the increased standard deduction, as well as two wage earner households, employees with nonwage sources of income and those with complex tax situations.

To get started, check out the new Tax Withholding Estimator, available on IRS.gov. More information about tax withholding and estimated tax can be found on the agency’s Pay As You Go web page, as well as in Publication 505.

August 13, 2019
IRS Tax Transcript Availability Update

The IRS has updated some IRS.gov content to clarify issues regarding changes to the tax transcript distribution methods. As you may recall, in lieu of faxing tax transcripts, we will send certain transcripts into practitioners’ e-Services secure mailbox. However, there is a time limit for those transcripts to be available in your mailbox. To avoid having to repeat your request, print or download the transcript immediately from your mailbox. Our new language on the About the New Tax Transcript page is highlighted below in yellow:

Employer Information for Tax Return Preparation and Electronic Filing

If you are a taxpayer seeking to file a current or prior year tax return or a tax professional preparing a current or prior year return for a client, please remember that all financial entries on all transcript types are fully visible. If you are seeking a missing Form W-2 or Form 1099 information, there is a process for obtaining those current-year documents.

If an unmasked Wage & Income transcript is necessary for tax return preparation and electronic filing, a tax professional may contact the Practitioner Priority Service line. An unmasked Wage and Income Transcript will fully display employers’ names, addresses and Employer Identification Numbers (EINs) needed for tax software preparation and for electronic filing. If the tax professional has proper taxpayer authorization, but it's not on file, they  can  fax the authorization to the IRS assistor and an unmasked Wage and Income transcript will be sent to the practitioner’s Secure Object Repository (SOR), available through e-Services. Tax professionals must have an e-Services account and pass Secure Access authentication to use the SOR option.

PLEASE NOTE: The requested transcript will remain in the SOR for a limited time. The transcript automatically will  be removed from the SOR after three days once you view it or after 30 days if it is not viewed.  Print or save the transcript if you want to keep a copy.

The unmasked Wage and Income Transcript also is available to those tax professionals with e-Services accounts, approved authorization and access to the Transcript Delivery Service. Reminder: Circular 230 practitioners, i.e. attorneys, Certified Public Accountants and Enrolled Agents, can create an e-Services account and obtain TDS access. Unenrolled practitioners must either be responsible parties or delegates users on the E-File application.

Alternatively, taxpayers or other third parties who require an unmasked transcript for tax return preparation or filing may contact the IRS, present proper authentication to prove their identities and an unmasked transcript will be mailed to the taxpayer’s address of record.

August 6, 2019
IRS launches new Tax Withholding Estimator; Redesigned online tool makes it easier to do a paycheck checkup

IR-2019-139

WASHINGTON — The Internal Revenue Service today launched the new Tax Withholding Estimator, an expanded, mobile-friendly online tool designed to make it easier for everyone to have the right amount of tax withheld during the year.

The Tax Withholding Estimator replaces the Withholding Calculator, which offered workers a convenient online method for checking their withholding. The new Tax Withholding Estimator offers workers, as well as retirees, self-employed individuals and other taxpayers, a more user-friendly step-by-step tool for effectively tailoring the amount of income tax they have withheld from wages and pension payments.

“The new estimator takes a new approach and makes it easier for taxpayers to review their withholding,” said IRS Commissioner Chuck Rettig. “This is part of an ongoing effort by the IRS to improve quality services as we continue to pursue modernization and enhancements of our taxpayer relationships.”

The IRS took the feedback and concerns of taxpayers and tax professionals to develop the Tax Withholding Estimator, which offers a variety of new user-friendly features including:

  • Plain language throughout the tool to improve comprehension.
  • The ability to more effectively target at the time of filing either a tax due amount close to zero or a refund amount.
  • A new progress tracker to help users see how much more information they need to input.
  • The ability to move back and forth through the steps, correct previous entries and skip questions that don’t apply.
  • Enhanced tips and links to help the user quickly determine if they qualify for various tax credits and deductions.
  • Self-employment tax for a user who has self-employment income in addition to wages or pensions.
  • Automatic calculation of the taxable portion of any Social Security benefits.
  • A mobile-friendly design.

In addition, the new Tax Withholding Estimator makes it easier to enter wages and withholding for each job held by the taxpayer and their spouse, as well as separately entering pensions and other sources of income. At the end of the process, the tool makes specific withholding recommendations for each job and each spouse and clearly explains what the taxpayer should do next.

The new Tax Withholding Estimator will help anyone doing tax planning for the last few months of 2019. Like last year, the IRS urges everyone to do a Paycheck Checkup and review their withholding for 2019. This is especially important for anyone who faced an unexpected tax bill or a penalty when they filed this year. It’s also an important step for those who made withholding adjustments in 2018 or had a major life change.

Those most at risk of having too little tax withheld include those who itemized in the past but now take the increased standard deduction, as well as two-wage-earner households, employees with nonwage sources of income and those with complex tax situations.

To get started, check out the Tax Withholding Estimator on IRS.gov.

August 1, 2019
Tax Security 2.0 – A ‘Taxes-Security-Together’ Checklist 

IRS, Security Summit partners urge tax professionals to review their practices, enhance safeguards to protect taxpayer data 

IRS YouTube Videos:

• Tax Security 2.0: Taxes-Security-Together Checklist: English

IR-2019-122

WASHINGTON — Leaders from the IRS, state tax agencies and the tax industry today called on tax professionals nationwide to take time this summer to review their current security practices, enhance safeguards where necessary and take steps to protect their businesses from global cybercriminal syndicates prowling the Internet.

Despite major progress by the IRS and the Security Summit partners against identity theft, evolving tactics continue to threaten the tax community and the sensitive data of taxpayers. 

To help combat this, the Security Summit partners created a new “Taxes-Security-Together” Checklist to serve as a starting point for tax professionals. Beginning next week, the IRS and Summit partners will issue a series of five Tax Security 2.0 news releases highlighting “Taxes-Security-Together” Checklist action items.   

“The IRS, the states and the private sector tax industry have taken major steps to protect taxpayers and their data,” said IRS Commissioner Chuck Rettig. “But a major risk remains, regardless of whether you are the sole tax practitioner in your office or part of a multi-partner accounting firm. To help with this, we assembled a security checklist to assist the tax community. We hope tax professionals will use our checklist as a starting point to do everything necessary to protect their client’s data.” 

The Security Summit — a partnership between the IRS, states and the private-sector tax community — started in 2015 to combat identity theft and protect taxpayers. Key IRS data show the Summit continues making major progress against tax-related identity theft. Between 2015 and 2018, key indicators showed:

  • The number of taxpayers who reported to the IRS that they were victims of identity theft fell 71 percent. In 2018, the IRS received 199,000 identity theft affidavits from taxpayers compared to 677,000 in 2015. This was the third consecutive year this number declined.
  • The number of confirmed identity theft returns stopped by the IRS declined by 54 percent, falling from 1.4 million in 2015 to 649,000 in 2018.

As the Summit has increased the tax community’s defenses against identity theft and refund fraud, cybercriminals continue to evolve. Increasingly, they look to data thefts at tax professionals’ offices to obtain large amounts of sensitive taxpayer data. Thieves then use stolen data from tax professionals to create fraudulent returns that are harder to detect.

The ‘Taxes-Security-Together’ Checklist

The Summit partners urge the tax community to review these basic security steps this summer. Some tax pros may routinely overlook these checklist items and others need to regularly revisit them. The steps are not only important for tax practitioners, but for taxpayers as well. Everyone has a responsibility to protect sensitive data.

The Taxes-Security-Together checklist highlights key security features 

   *Deploy the “Security Six” measures:

  • Activate anti-virus software.
  • Use a firewall.
  • Opt for two-factor authentication when it’s offered.
  • Use backup software/services.
  • Use Drive encryption.
  • Create and secure Virtual Private Networks.

   *Create a data security plan:

  • Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data. 
  • The security plan requirement is flexible enough to fit any size of tax preparation firm, from small to large. 
  • Tax professionals are asked to focus on key risk areas such as employee management and training; information systems; and detecting and managing system failures.

   *Educate yourself and be alert to key email scams, a frequent risk area involving:

  • Learn about spear phishing emails.
  • Beware ransomware.

   *Recognize the signs of client data theft:

  • Clients receive IRS letters about suspicious tax returns in their name.
  • More tax returns filed with a practitioner’s Electronic Filing Identification Number than submitted. 
  • Clients receive tax transcripts they did not request.

   *Create a data theft recovery plan including:

  • Contact the local IRS Stakeholder Liaison immediately.
  • Assist the IRS in protecting clients’ accounts.
  • Contract with a cybersecurity expert to help prevent and stop thefts. 

Security Summit partners/tax professionals urge review

“The states and our partners have made progress in the fight against tax-related identity theft, but criminals continue to evolve. We cannot let our guard down in this fight because our common enemy is well-funded, technologically skilled and savvy about state and federal tax processes,” said Sharonne Bonardi, president of the Board of Trustees of the Federation of Tax Administrators and Deputy Comptroller in Maryland. “To make this work, we need help from individual tax professionals across the nation.”

Checklist marks third year of Summit campaigns aimed at tax professional community

This year’s Tax Security 2.0 effort involving the Security Checklist is the third summer campaign in a row involving the Summit partners. The effort follows feedback and recommendations from the Electronic Tax Administration Advisory Committee (ETAAC) that encouraged the Summit partners to expand and intensify outreach efforts to the tax professional community on identity theft and security issues. 

This year’s campaign also coincides with this summer’s IRS Nationwide Tax Forums, which will again feature a major focus on security protection for tax professionals. The sessions will provide continuing education credits for sessions led by experts from inside and outside the IRS. The American Coalition for Taxpayer Rights also will again sponsor special sessions with experts from the Pell Center for International Relations and Public Policy at Salve Regina University in Rhode Island. 

Last year, Summit education effort focused on Protect Your Clients, Protect Yourself: Tax Security 101. In 2017, the campaign highlighted email schemes in Don’t Take the Bait.

Separate Summit initiatives focus on identity theft awareness for individual taxpayers and consumer alerts for developing tax scams and schemes. 

Resources available for tax professionals

Tax professionals also can get help with security recommendations by reviewing IRS Publication 4557, Safeguarding Taxpayer Data, and Small Business Information Security: the Fundamentals by the National Institute of Standards and Technology. 

Publication 5293, Data Security Resource Guide for Tax Professionals, provides a compilation of data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media.

Tax Security 2.0 – A ‘Taxes-Security-Together’ Checklist – Step 1

IRS, states and industry outline ‘Security Six’ protections to help tax professionals and taxpayers be safer online

IRS YouTube Videos:
Tax Security 2.0, The Taxes-Security-Together Checklist – English

IR-2019-127

WASHINGTON — Using a new “Taxes-Security-Together” Checklist, the Internal Revenue Service and the Security Summit partners urged tax professionals to review critical security steps to ensure they are fully protecting their computers and email as well as safeguarding sensitive taxpayer data.

The Security Summit partners – the IRS, states and tax industry – urge tax professionals to take time this summer to give their data safeguards a thorough review. To help the tax community, the Summit created a “Taxes-Security-Together” Checklist as a starting point for analyzing office data security.

In the first of a five-part weekly series, the initial step on the checklist involves the “Security Six” protections. These steps fall into several major security categories. 

“These six steps are simple actions that anyone can take,” said IRS Commissioner Chuck Rettig. “The important thing to remember is that every tax professional, whether a sole practitioner or a partner in a large firm, is a potential target for cybercriminals. No tax business should assume they are too small or too smart to avoid identity thieves.”

Although the Security Summit – a partnership between the IRS, states and the private-sector tax community – is making major progress against tax-related identity theft, cybercriminals continue to evolve, and data thefts at tax professionals’ offices continue. Thieves use stolen data from tax practitioners to create fraudulent returns that are harder to detect.

The Security Summit partnership urges tax professionals across the nation to remember these basic steps to help in the battle against identity theft.

Deploy the ‘Security Six’ steps for basic protections

The following are the basic protections that everyone, especially tax professionals handling sensitive data, should deploy:

1. Anti-virus software

Although details may vary between commercial products, anti-virus software scans computer files or memory for certain patterns that may indicate the presence of malicious software (also called malware). Anti-virus software (sometimes more broadly referred to as anti-malware software) looks for patterns based on the signatures or definitions of known malware from cyber criminals. Anti-virus vendors find new issues and update malware daily, so it is important that people have the latest updates installed on their computer, according to the U.S. Computer Emergency Readiness Team (US-CERT), a division of the Department of Homeland Security.

Once users have installed an anti-virus package, they should scan their entire computer periodically by doing:

  • Automatic scans – Most anti-virus software can be configured to automatically scan specific files or directories in real time and prompt users at set intervals to perform complete scans.
  • Manual scans – If the anti-virus software does not automatically scan new files, users should manually scan files and media received from an outside source before opening them. This manual process includes:

o Saving and scanning email attachments or web downloads rather than opening them directly from the source.

o Scanning portable media, including CDs and DVDs, for malware before opening files.

Sometimes the software will produce a dialog box with an alert that it has found malware and asks whether users want it to “clean” the file (to remove the malware). In other cases, the software may attempt to remove the malware without asking first. 

When selecting an anti-virus package, users should learn about its features, so they know what to expect. Keep security software set to automatically receive the latest updates so that it is always current.

A reminder about spyware, a category of malware intended to steal sensitive data and passwords without the user’s knowledge: Strong security software should protect against spyware. But remember, never click links within pop-up windows, never download “free” software from a pop-up, never follow email links that offer anti-spyware software. The links and pop-ups may be installing the spyware they claim to be eliminating.

A reminder about phishing emails: A strong security package also should contain anti-phishing capabilities. Never open an email from a suspicious source, click on a link in a suspicious email or open an attachment – or else you could be a victim of a phishing attack and you and your clients’ data could be compromised  

2. Firewalls

Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary web traffic and preventing malicious software from accessing your systems. Firewalls can be configured to block data from certain suspicious locations or applications while allowing relevant and necessary data through, according to US-CERT.

Firewalls may be broadly categorized as hardware or software. While both have their advantages and disadvantages, the decision to use a firewall is far more important than deciding which type you use:

  • Hardware – Typically called network firewalls, these external devices are positioned between a computer and the internet (or another network connection). Hardware-based firewalls are particularly useful for protecting multiple computers and control the network activity that attempts to pass through them. 
  • Software – Most operating systems include a built-in firewall feature that should be enabled for added protection even if using an external firewall. Firewall software can also be obtained as separate software from a local computer store, software vendor or ISP. If downloading firewall software from the internet, make sure it is from a reputable source (such as an established software vendor or service provider) and offered via a secure website.

While properly configured firewalls may be effective at blocking some cyber-attacks, don’t be lulled into a false sense of security. Firewalls do not guarantee that a computer will not be attacked. Firewalls primarily help protect against malicious traffic, not against malicious programs (malware), and may not protect the device if the user accidentally installs malware. However, using a firewall in conjunction with other protective measures (such as anti-virus software and safe computing practices) will strengthen resistance to attacks.

The Security Summit reminds tax pros that anti-virus software and firewalls cannot protect data if computer users fall for email phishing scams and divulge sensitive data, such as usernames and passwords. The Summit reminds the tax community that users, not the software, is the first-line of defense in protecting taxpayer data.

3. Two-factor authentication 

Many email providers now offer customers two-factor authentication protections to access email accounts. Tax professionals should always use this option to prevent their accounts from being taken over by cybercriminals and putting their clients and colleagues at risk.

Two-factor authentication helps by adding an extra layer of protection beyond a password. Often two-factor authentication means the returning user must enter credentials (username and password) plus another step, such as entering a security code sent via text to a mobile phone. The idea is a thief may be able to steal the username and password but it’s highly unlikely they also would have a user’s mobile phone to receive a security code and complete the process.

The use of two-factor authentication and even three-factor authentication is on the rise, and tax preparers should always opt for a multi-factor authentication protection when it is offered, whether on an email account or tax software account or any password-protected product. 

IRS Secure Access, which protects IRS.gov tools including e-Services, is an example of two-factor authentication. 

Tax pros can check their email account settings to see if the email provider offers two-factor protections.

4. Backup software/services

Critical files on computers should routinely be backed up to external sources. This means a copy of the file is made and stored either online as part of a cloud storage service or similar product. Or, a copy of the file is made to an external disk, such as an external hard drive that now comes with multiple terabytes of storage capacity. Tax professionals should ensure that taxpayer data that is backed up also is encrypted – for the safety of the taxpayer and the tax pro.  

5. Drive encryption

Given the sensitive client data maintained on tax practitioners’ computers, users should consider drive encryption software for full-disk encryption. Drive encryption, or disk encryption, transforms data on the computer into unreadable files for an unauthorized person accessing the computer to obtain data. Drive encryption may come as a stand-alone security software product. It may also include encryption for removable media, such as a thumb drive and its data.

6. Virtual Private Network

If a tax firm’s employees must occasionally connect to unknown networks or work from home, establish an encrypted Virtual Private Networks (VPN) to allow for a more secure connection. A VPN provides a secure, encrypted tunnel to transmit data between a remote user via the Internet and the company network. Search for “Best VPNs” to find a legitimate vendor; major technology sites often provide lists of top services.

How to get started with the ‘Security Six’ 
All tax professionals also should review their professional insurance policy to ensure the business is protected should a data theft occur. Some insurance companies will provide cybersecurity experts for their clients. 

These experts can help with technology safeguards and offer more advanced recommendations.  

Having the proper insurance coverage is a common recommendation from tax professionals who have experienced data thefts.

Additional resources

Tax professionals also can get help with security recommendations by reviewing the recently revised IRS Publication 4557, Safeguarding Taxpayer Data, and Small Business Information Security: the Fundamentals by the National Institute of Standards and Technology.

Publication 5293, Data Security Resource Guide for Tax Professionals, provides a compilation data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media.

The Taxes-Security-Together Checklist

During this special Security Summit series, the checklist highlights these key areas for tax professionals:

  • Deploy “Security Six” basic safeguards
  • Create data security plan
  • Educate yourself on phishing scams
  • Recognize the signs of client data theft
  • Create a data theft recovery plan, and call the IRS immediately

Tax Security 2.0 – A ‘Taxes-Security-Together’ Checklist – Step 2

IRS, Security Summit partners remind practitioners that all ‘professional tax preparers’ must create a written data security plan to protect clients

IR-2019-131 

WASHINGTON — The IRS, state tax agencies and the nation’s tax industry today reminded all “professional tax preparers” that federal law requires them to create a written information security plan to protect their clients’ data.

The reminder came as the IRS and its Security Summit partners urged tax professionals to take time this summer to review their data security protections. To help them in this complex area, the Summit created a special “Taxes-Security-Together” Checklist as a starting point.

“Protecting taxpayer data is not only a good business practice, it’s the law for professional tax preparers,” said IRS Commissioner Chuck Rettig. “Creating and putting into action a written data security plan is critical to protecting your clients and protecting your business." 

Creating a data security plan is the second item on the “Taxes-Security-Together” Checklist. The first step for tax professionals involved deploying the “Security Six” basic steps to protect computers and email.

Although the Security Summit -- a partnership between the IRS, states and the private-sector tax community -- is making major progress against tax-related identity theft, cybercriminals continue to evolve, and data thefts at tax professionals’ offices remain a major threat. Thieves use stolen data from tax practitioners to create fraudulent returns that can be harder for the IRS and Summit partners to detect.

Create a data security plan under federal law 

The Security Summit partners noted that many in the tax professional community do not realize they are required under federal law to have a data security plan. 

The Financial Services Modernization Act of 1999, also known as the Gramm-Leach-Bliley (GLB) Act, gives the Federal Trade Commission authority to set information safeguard regulations for various entities, including professional tax return preparers. According to the FTC Safeguards Rule, tax return preparers must create and enact security plans to protect client data. Failure to do so may result in an FTC investigation. The IRS also may treat a violation of the FTC Safeguards Rule as a violation of IRS Revenue Procedure 2007-40, which sets the rules for tax professionals participating as an Authorized IRS e-file Provider.

The FTC-required information security plan must be appropriate to the company’s size and complexity, the nature and scope of its activities and the sensitivity of the customer information it handles. According to the FTC, each company, as part of its plan, must:

  • designate one or more employees to coordinate its information security program;
  • identify and assess the risks to customer information in each relevant area of the company’s operation and evaluate the effectiveness of the current safeguards for controlling these risks;
  • design and implement a safeguards program and regularly monitor and test it;
  • select service providers that can maintain appropriate safeguards, make sure the contract requires them to maintain safeguards and oversee their handling of customer information; and
  • evaluate and adjust the program in light of relevant circumstances, including changes in the firm’s business or operations, or the results of security testing and monitoring. 

The FTC says the requirements are designed to be flexible so that companies can implement safeguards appropriate to their own circumstances. The Safeguards Rule requires companies to assess and address the risks to customer information in all areas of their operations.

Please note: The FTC currently is re-evaluating the Safeguards Rule and has proposed new regulations. Be alert to any changes in the Safeguards Rule and its effect on the tax preparation community.

IRS Publication 4557, Safeguarding Taxpayer Data, details critical security measures that all tax professionals should enact. The publication also includes information on how to comply with the FTC Safeguards Rule, including a checklist of items for a prospective data security plan. Tax professionals are asked to focus on key areas such as employee management and training; information systems; and detecting and managing system failures. 

Additional data protection provisions may apply

The IRS and certain Internal Revenue Code (IRC) sections also focus on protection of taxpayer information and requirements of tax professionals. Here are a few examples:

  • IRS Publication 3112 - IRS e-File Application and Participation, states: Safeguarding of IRS e-file from fraud and abuse is the shared responsibility of the IRS and Authorized IRS e-file Providers. Providers must be diligent in recognizing fraud and abuse, reporting it to the IRS, and preventing it when possible. Providers must also cooperate with the IRS’ investigations by making available to the IRS upon request information and documents related to returns with potential fraud or abuse.
  • IRC, Section 7216 - This IRS code provision imposes criminal penalties on any person engaged in the business of preparing or providing services in connection with the preparation of tax returns who knowingly or recklessly makes unauthorized disclosures or uses information furnished to them in connection with the preparation of an income tax return.
  • IRC, Section 6713 - This code provision imposes monetary penalties on the unauthorized disclosures or uses of taxpayer information by any person engaged in the business of preparing or providing services in connection with the preparation of tax returns.
  • IRS Revenue Procedure 2007-40 - This legal guidance requires authorized IRS e-file providers to have security systems in place to prevent unauthorized access to taxpayer accounts and personal information by third parties. It also specifies that violations of the GLB Act and the implementing rules and regulations put into effect by the FTC, as well as violations of non-disclosure rules addressed in IRC sections 6713 and 7216, are considered violations of Revenue Procedure 2007-40. These violations are subject to penalties or sanctions specified in the Revenue Procedure.

Many state laws govern or relate to the privacy and security of financial data, which includes taxpayer data. They extend rights and remedies to consumers by requiring individuals and businesses that offer financial services to safeguard nonpublic personal information. For more information on state laws that businesses must follow, consult state laws and regulations.

Where to report data theft for the IRS, states

To notify the IRS in case of data theft, contact the appropriate local IRS Stakeholder Liaison.

In some states, data thefts must be reported to various authorities. Email the Federation of Tax Administrators at [email protected] to get information on how to report victim information to the states.

Additional resources

Tax professionals also can get help with security recommendations by reviewing the recently revised IRS Publication 4557, Safeguarding Taxpayer Data, and Small Business Information Security: the Fundamentals by the National Institute of Standards and Technology.

Publication 5293, Data Security Resource Guide for Tax Professionals, provides a compilation of data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media

The Taxes-Security-Together Checklist

During this special Security Summit series, the checklist highlights these key areas for tax professionals:

  • Deploy “Security Six” basic safeguards
  • Create data security plan
  • Educate yourself on phishing scams
  • Recognize the signs of client data theft
  • Create a data theft recovery plan, and call the IRS immediately

August 1, 2019
IRS: Truckers should e-file highway use tax return by Sept. 3

IR-2019-138

WASHINGTON — The Internal Revenue Service today issued a reminder for owners of most heavy highway vehicles that the time to file Form 2290, Heavy Highway Vehicle Use Tax Return, began July 1, 2019.

The highway use tax applies to highway motor vehicles with a taxable gross weight of 55,000 pounds or more. This generally includes large trucks, truck tractors and buses. The tax is based on the weight of the vehicle and a variety of special rules apply. These special rules are explained in the instructions to Form 2290.

In 2019, the IRS expects to receive almost 900,000 Heavy Highway Vehicle Use Tax Returns. Though some taxpayers have the option of filing Form 2290 on paper, taxpayers with 25 or more taxed vehicles must e-file Form 2290.

The deadline to file Form 2290 and pay the tax is Sept. 3, 2019, for vehicles used on the road during July. Truckers have the additional time since the normal deadline of Aug. 31 falls on a Saturday this year and Monday, Sept. 2, is a federal holiday.

The IRS encourages all owners to take advantage of the speed and convenience of e-file and paying any tax due. There is no need to visit an IRS office because the form can be filed and any required tax payment can be made online. Filers can use a credit or debit card to pay the Heavy Highway Vehicle Use Tax. Visit IRS.gov for a list of IRS-approved e-file providers and to find an approved provider for Form 2290 on the 2290 e-file partner’s page.

Generally, e-filers receive their IRS-stamped Schedule 1 electronically minutes after filing. They can then print the Schedule 1 and provide it to their state department of motor vehicles, without visiting an IRS office.

For those who want face-to-face service, all IRS Taxpayer Assistance Centers now operate by appointment and taxpayers can call 844-545-5640 to schedule one. See the Taxpayer Assistance Center page on IRS.gov for details.

The IRS will host a webinar, “Understanding Form 2290-Heavy Highway Vehicle Use Tax,” Aug. 15 at 2 p.m. Eastern time. Pre-register for this free 60-minute webinar. Closed captioning is available. Tax professionals can earn one continuing professional education credit for attending.

For more information about the highway use tax, visit the Trucking Tax Center at IRS.gov/trucker. 

Join the California Society of Tax Consultants!

Click here to fill out an online application.

CSTC advances professionalism within the tax industry by:

  • Providing quality education
  • Creating networking opportunities
  • Advocating professional standards

California Society of Tax Consultants | 320 Pine Ave, Suite #1050, Long Beach, CA 90802
Phone (949) 715-4192 | [email protected]