Protecting Your Practice: The IRS’s New Written Information Security Plan (WISP) for Tax Professionals

In today’s digital age, safeguarding sensitive data is more crucial than ever, especially for tax professionals who handle vast amounts of personal and financial information. Recognizing the ongoing threat of identity theft and data breaches, the IRS, in partnership with the Security Summit, has released an updated Written Information Security Plan (WISP) to help tax pros protect their clients and businesses.

What Is the WISP?

The WISP is a comprehensive, 28-page template designed to assist tax and accounting practices—particularly smaller firms—in creating a robust data security plan. This plan is not just a recommendation but a requirement under federal law, specifically the Gramm-Leach-Bliley Act (GLBA), which mandates that financial institutions, including tax professionals, protect customer data.

The newly updated WISP, detailed in Publication 5708, is the product of a year-long collaboration among tax and industry professionals. The aim? To make data security planning more accessible and effective, ensuring that every tax professional, regardless of the size of their practice, can develop a security plan that meets legal obligations and protects sensitive client information.

Key Updates and Best Practices

  • Multi-Factor Authentication: The WISP now emphasizes the importance of implementing multi-factor authentication (MFA) for anyone accessing information systems. This adds an essential layer of security by requiring more than just a password to gain access.

  • Incident Reporting: In the event of a security breach affecting 500 or more people, tax professionals are now required to report the incident to the Federal Trade Commission (FTC) as soon as possible, but no later than 30 days from the discovery date. Additionally, these incidents must also be reported to an IRS Stakeholder Liaison and state tax authorities.

  • Tailored Security Plans: The WISP template is designed to be adaptable, recognizing that there is no one-size-fits-all approach. Each security plan should be appropriate to the size, scope, and complexity of the practice, as well as the sensitivity of the data handled.

Why It Matters

Tax professionals are often the first line of defense in protecting taxpayer data. With identity thieves constantly evolving their tactics, having a well-crafted and up-to-date WISP is vital. The IRS Commissioner, Danny Werfel, highlighted the importance of this initiative, noting that the WISP provides a “helpful road map” for tax professionals to protect their clients and themselves from the ever-present threat of data breaches.

Legal Obligations and Professional Responsibility

Under the GLBA, tax professionals are legally required to implement and maintain a WISP. This includes:

  • Designating a Security Coordinator: Appointing one or more employees to manage the information security program.
  • Risk Assessment: Identifying and assessing risks to customer information and evaluating the effectiveness of current safeguards.
  • Program Development: Designing and implementing a comprehensive safeguards program, with ongoing monitoring and testing.
  • Service Provider Oversight: Ensuring that service providers are capable of maintaining appropriate safeguards and are contractually obligated to do so.
  • Continuous Evaluation: Regularly reviewing and adjusting the security program in response to business changes, operational shifts, or results from security testing.

Looking Ahead

The IRS’s updated WISP is part of a broader educational effort that includes the annual Nationwide Tax Forum events. These forums offer tax professionals an opportunity to learn from experts and stay updated on the latest security trends and best practices.

As the threats to data security continue to evolve, so must the strategies to combat them. The IRS and Security Summit partners are urging tax professionals to stay proactive in protecting their practices and client data. The newly updated WISP is a critical tool in this ongoing effort, providing a practical, easy-to-understand framework for developing a strong data security plan.

Tax professionals who haven’t yet reviewed or updated their WISP are encouraged to do so promptly. By staying vigilant and informed, they can help safeguard the integrity of their business and the trust of their clients.

Don’t Miss the June 17 Deadline for Estimated Tax Payments

As the second quarter comes to an end, it’s important to keep an eye on a key date: June 17, the IRS deadline for the second quarter estimated tax payment. If your income isn’t subject to withholding, such as earnings from self-employment or investments, you must pay on time. Otherwise, you could face penalties and a significant tax bill when you file your return.

Who Needs to Make Estimated Tax Payments?

If your income isn’t automatically taxed, you need to make estimated tax payments. This requirement applies to self-employed individuals, retirees, investors, and business owners. Specifically, if you expect to owe $1,000 or more when filing your return, you must make these payments.

Similarly, corporations must also pay estimated taxes. If a corporation expects to owe $500 or more, it must make payments.

To help determine if you need to pay, the IRS offers tools like the IRS Interactive Tax Assistant. Additionally, you can use the worksheet in Form 1040-ES, Estimated Tax for Individuals for further guidance.

The Importance of Estimated Tax Payments

The U.S. tax system operates on a pay-as-you-go basis. Therefore, you should pay taxes as you earn income, rather than waiting until the end of the year. If your income comes from self-employment, investments, or a side job, you need to make quarterly estimated tax payments. This approach helps you avoid penalties and interest charges.

For those who have a regular job but do not have enough tax withheld, submitting Form W-4 to adjust your withholding is another option.

Understanding Disaster Tax Relief

If you live in an area affected by a disaster, you might qualify for disaster tax relief. This relief can include postponed filing and payment deadlines. To stay informed, the IRS regularly updates its website with information on disaster relief. Therefore, check to see if your area qualifies for any extensions or special rules.

How to Make Estimated Tax Payments

Fortunately, making your estimated tax payments is straightforward with several available options:

Electronic Payment Options

The IRS offers fast, secure methods like IRS Direct Pay, the Electronic Federal Tax Payment System (EFTPS), and the IRS2Go app. You can pay directly from your checking or savings account. Moreover, credit and debit cards are also accepted, though fees may apply.

Paying by Check or Money Order

Alternatively, you can send payments by check or money order, payable to the “United States Treasury,” along with a payment voucher.

Corporations, on the other hand, must make all federal tax deposits, including estimated tax payments, electronically through EFTPS.

How to Avoid Underpayment Penalties

To avoid the IRS underpayment penalty, it’s crucial to pay most of your taxes during the year. Aim to owe less than $1,000 when filing your return. For 2024, this means paying at least 90% of the tax you’ll owe or 100% of the tax shown on your 2023 return.

However, some taxpayers, like farmers, fishermen, disaster victims, and recent retirees, qualify for exceptions and special rules.

Stay Informed with IRS Resources

Managing your tax obligations can be challenging. However, the IRS offers several tools to help. For example, the Tax Withholding Estimator ensures that you’re withholding the right amount of tax from your paychecks or other income. This precaution helps you avoid underpayment penalties.

By staying on top of your estimated tax payments, you can avoid penalties and ensure that you meet your tax obligations. With the June 17 deadline approaching, it’s time to take action and stay compliant.

Conclusion

In conclusion, paying your estimated taxes on time is essential to avoid penalties. Whether you’re self-employed, a business owner, or earning income from investments, staying informed and making timely payments is key. Therefore, use IRS resources to navigate your tax obligations and stay compliant.

For more information, visit the IRS website or consult a tax professional. Don’t let the June 17 deadline catch you off guard. Instead, plan ahead and stay on top of your estimated tax payments to avoid stress and penalties.

Tax Pros Beware: EFIN Scams on the Rise, IRS Offers Help!

With tax season in full swing, scammers are out in force, and this year, tax professionals are a prime target. The IRS has issued a warning about a surge in “EFIN scam” emails, where cybercriminals impersonate tax software companies to steal Electronic Filing Identification Numbers (EFINs).

What are EFINs and why are they important?

An EFIN is a unique number assigned to tax professionals who electronically file tax returns. It’s like a digital signature, allowing them to transmit returns securely. But if it falls into the wrong hands, scammers can use it to file fraudulent returns and steal client refunds.

How does the scam work?

Scammers send emails that appear to be from legitimate tax software companies. They often claim there’s a problem with your EFIN, such as missing verification or outdated information. They then pressure you to click on a link or reply with your EFIN details.

Don't fall for it! Here's how to protect yourself:

  • Never share your EFIN in an email or over the phone. The IRS will never ask for it this way.
  • Be suspicious of unsolicited emails, even if they seem legitimate. Check the sender’s email address carefully for typos or inconsistencies.
  • Hover over links before clicking. This will show you the actual URL, which can help you identify suspicious websites.
  • Use strong passwords and enable two-factor authentication for your tax software accounts.
  • Stay informed about the latest scams. The IRS website has a wealth of resources, including a page dedicated to tax professional security.

The IRS is offering help!

To help tax professionals stay safe, the IRS is hosting a series of free webinars on EFIN scams starting today, February 12th. These webinars will cover:

  • How to identify EFIN scam emails
  • Tips for protecting your EFIN and client data
  • What to do if you think you’ve been scammed

Register for the webinars here: CLICK HERE

Remember, vigilance is key! By being aware of the scams and taking steps to protect yourself, you can help keep your EFIN safe and your clients’ information secure.

New Federal Reporting Requirement for Beneficial Ownership Information (BOI)

In an effort to enhance transparency and combat financial crimes, the United States has implemented a significant regulatory change with the introduction of a new federal reporting requirement for Beneficial Ownership Information (BOI). The requirement aims to shed light on the individuals behind legal entities, making it more difficult for illicit actors to hide their identities and engage in money laundering, corruption, or other financial crimes.

Understanding Beneficial Ownership

Beneficial ownership refers to the natural persons who ultimately own or control a legal entity, such as a corporation, limited liability company (LLC), or partnership. These individuals may enjoy the benefits of ownership, such as receiving profits or exercising control, even if their names do not appear on official documents.

Historically, the lack of transparency regarding beneficial ownership has created loopholes that could be exploited by criminals seeking to conceal their involvement in illicit financial activities. The new reporting requirement aims to close these gaps and provide law enforcement agencies with more comprehensive information to trace and prevent financial crimes.

The Corporate Transparency Act

The Corporate Transparency Act (CTA), enacted as part of the National Defense Authorization Act for Fiscal Year 2021, laid the groundwork for this transformative change. The CTA establishes a framework requiring certain corporations and LLCs to report their beneficial ownership information to the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Department of the Treasury.

Who is Affected?

The reporting requirement primarily targets companies that qualify as “reporting companies.” Generally, this includes corporations, LLCs, and other similar entities formed under state law. However, certain entities are exempt from these reporting obligations, such as publicly traded companies, entities already subject to substantial reporting requirements, and those with a physical presence in the United States, like banks and credit unions.

Reporting Obligations

Reporting companies are required to submit a report to FinCEN that includes the names, addresses, dates of birth, and unique identification numbers (such as driver’s license or passport numbers) of the beneficial owners. The reporting company must also provide information about a “reporting person,” an individual responsible for submitting the required information to FinCEN.

Importantly, the information submitted to FinCEN will not be publicly accessible. Instead, it will be maintained in a secure, non-public database accessible only to authorized government agencies for law enforcement and national security purposes.

When Do I Report?

Reports will be accepted starting on January 1, 2024.

If your company was created or registered prior to January 1, 2024, you will have until January 1, 2025, to report BOI.

If your company was created or registered on or after January 1, 2024, and before January 1, 2025, you must report BOI within 90 calendar days after receiving actual or public notice that your company’s creation or registration is effective, whichever is earlier.

If your company was created or registered on or after January 1, 2025, you must file BOI within 30 calendar days after receiving actual or public notice that its creation or registration is effective.

Any updates or corrections to beneficial ownership information that you previously filed with FinCEN must be submitted within 30 days.

Benefits and Challenges

The implementation of this federal reporting requirement brings several benefits to the fight against financial crimes. By creating a comprehensive database of beneficial ownership information, authorities can better trace and prevent money laundering, terrorist financing, and other illicit activities. Increased transparency is expected to serve as a deterrent, making it more challenging for criminals to exploit legal entities for illegal gains.

However, the new requirement also poses challenges for businesses in terms of compliance costs and administrative burdens. Small businesses and startups, in particular, may face difficulties in navigating the complexities of reporting requirements and ensuring timely and accurate submissions to FinCEN.

Conclusion

The introduction of the new federal reporting requirement for Beneficial Ownership Information marks a significant step in the ongoing efforts to enhance transparency and combat financial crimes in the United States. While the reporting obligations may pose challenges for some businesses, the long-term benefits of a more transparent financial system and the prevention of illicit activities are expected to outweigh the initial implementation hurdles. As businesses adapt to these changes, collaboration with legal and financial professionals will be crucial in ensuring compliance with the new regulations.

IRS Delays Form 1099-K Reporting Threshold for Third-Party Platform Payments in 2023

In a recent announcement, the Internal Revenue Service (IRS) has revealed a significant development that will impact businesses and individuals alike. The IRS has decided to delay the implementation of changes to the reporting threshold for Form 1099-K, specifically concerning payments made through third-party platforms. This delay comes as a relief for many taxpayers, providing them with additional time to adapt to the new regulations.

Understanding Form 1099-K:

Form 1099-K is a document used by the IRS to track income generated from payment card transactions and third-party network transactions. It is commonly utilized by businesses and individuals who receive payments through platforms like PayPal, Square, or other similar services. The form helps ensure accurate reporting of income and enables the IRS to monitor financial transactions more effectively.

Initial Changes and Concerns:

Originally, the IRS had planned to lower the reporting threshold for Form 1099-K, requiring platforms to report transactions exceeding $600 annually, down from the previous $20,000 and 200 transactions threshold. This change aimed to enhance tax compliance and increase transparency in reporting income generated through third-party platforms.

However, the abrupt nature of the proposed adjustments raised concerns among businesses, freelancers, and gig workers who rely heavily on these platforms for their income. Many argued that the lower threshold could lead to unnecessary burdens and complexities, particularly for small businesses and those with lower transaction volumes.

What This Means for Taxpayers:

The delay in the implementation of the revised Form 1099-K reporting threshold is good news for taxpayers who may have been grappling with the impending changes. It provides them with an extended period to assess the impact of the new regulations on their reporting obligations and make any necessary adjustments to their record-keeping practices.

Taxpayers should take advantage of this grace period to review their income streams, familiarize themselves with the updated requirements, and ensure that they are well-prepared when the new reporting threshold comes into effect. Additionally, staying informed about any further updates or clarifications from the IRS will be crucial in navigating the evolving tax landscape.

Conclusion:

The IRS’s decision to delay the implementation of the revised reporting threshold for Form 1099-K reflects a responsive and considerate approach to the concerns raised by taxpayers. This delay provides a valuable opportunity for businesses and individuals to adapt to the impending changes without feeling rushed or overwhelmed. As the IRS continues to fine-tune tax regulations to enhance compliance and transparency, taxpayers should remain vigilant, stay informed, and proactively address any future adjustments to reporting requirements.