Tax Pros Beware: EFIN Scams on the Rise, IRS Offers Help!

With tax season in full swing, scammers are out in force, and this year, tax professionals are a prime target. The IRS has issued a warning about a surge in “EFIN scam” emails, where cybercriminals impersonate tax software companies to steal Electronic Filing Identification Numbers (EFINs).

What are EFINs and why are they important?

An EFIN is a unique number assigned to tax professionals who electronically file tax returns. It’s like a digital signature, allowing them to transmit returns securely. But if it falls into the wrong hands, scammers can use it to file fraudulent returns and steal client refunds.

How does the scam work?

Scammers send emails that appear to be from legitimate tax software companies. They often claim there’s a problem with your EFIN, such as missing verification or outdated information. They then pressure you to click on a link or reply with your EFIN details.

Don't fall for it! Here's how to protect yourself:

  • Never share your EFIN in an email or over the phone. The IRS will never ask for it this way.
  • Be suspicious of unsolicited emails, even if they seem legitimate. Check the sender’s email address carefully for typos or inconsistencies.
  • Hover over links before clicking. This will show you the actual URL, which can help you identify suspicious websites.
  • Use strong passwords and enable two-factor authentication for your tax software accounts.
  • Stay informed about the latest scams. The IRS website has a wealth of resources, including a page dedicated to tax professional security.

The IRS is offering help!

To help tax professionals stay safe, the IRS is hosting a series of free webinars on EFIN scams starting today, February 12th. These webinars will cover:

  • How to identify EFIN scam emails
  • Tips for protecting your EFIN and client data
  • What to do if you think you’ve been scammed

Register for the webinars here: CLICK HERE

Remember, vigilance is key! By being aware of the scams and taking steps to protect yourself, you can help keep your EFIN safe and your clients’ information secure.

New Federal Reporting Requirement for Beneficial Ownership Information (BOI)

In an effort to enhance transparency and combat financial crimes, the United States has implemented a significant regulatory change with the introduction of a new federal reporting requirement for Beneficial Ownership Information (BOI). The requirement aims to shed light on the individuals behind legal entities, making it more difficult for illicit actors to hide their identities and engage in money laundering, corruption, or other financial crimes.

Understanding Beneficial Ownership

Beneficial ownership refers to the natural persons who ultimately own or control a legal entity, such as a corporation, limited liability company (LLC), or partnership. These individuals may enjoy the benefits of ownership, such as receiving profits or exercising control, even if their names do not appear on official documents.

Historically, the lack of transparency regarding beneficial ownership has created loopholes that could be exploited by criminals seeking to conceal their involvement in illicit financial activities. The new reporting requirement aims to close these gaps and provide law enforcement agencies with more comprehensive information to trace and prevent financial crimes.

The Corporate Transparency Act

The Corporate Transparency Act (CTA), enacted as part of the National Defense Authorization Act for Fiscal Year 2021, laid the groundwork for this transformative change. The CTA establishes a framework requiring certain corporations and LLCs to report their beneficial ownership information to the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Department of the Treasury.

Who is Affected?

The reporting requirement primarily targets companies that qualify as “reporting companies.” Generally, this includes corporations, LLCs, and other similar entities formed under state law. However, certain entities are exempt from these reporting obligations, such as publicly traded companies, entities already subject to substantial reporting requirements, and those with a physical presence in the United States, like banks and credit unions.

Reporting Obligations

Reporting companies are required to submit a report to FinCEN that includes the names, addresses, dates of birth, and unique identification numbers (such as driver’s license or passport numbers) of the beneficial owners. The reporting company must also provide information about a “reporting person,” an individual responsible for submitting the required information to FinCEN.

Importantly, the information submitted to FinCEN will not be publicly accessible. Instead, it will be maintained in a secure, non-public database accessible only to authorized government agencies for law enforcement and national security purposes.

When Do I Report?

Reports will be accepted starting on January 1, 2024.

If your company was created or registered prior to January 1, 2024, you will have until January 1, 2025, to report BOI.

If your company was created or registered on or after January 1, 2024, and before January 1, 2025, you must report BOI within 90 calendar days after receiving actual or public notice that your company’s creation or registration is effective, whichever is earlier.

If your company was created or registered on or after January 1, 2025, you must file BOI within 30 calendar days after receiving actual or public notice that its creation or registration is effective.

Any updates or corrections to beneficial ownership information that you previously filed with FinCEN must be submitted within 30 days.

Benefits and Challenges

The implementation of this federal reporting requirement brings several benefits to the fight against financial crimes. By creating a comprehensive database of beneficial ownership information, authorities can better trace and prevent money laundering, terrorist financing, and other illicit activities. Increased transparency is expected to serve as a deterrent, making it more challenging for criminals to exploit legal entities for illegal gains.

However, the new requirement also poses challenges for businesses in terms of compliance costs and administrative burdens. Small businesses and startups, in particular, may face difficulties in navigating the complexities of reporting requirements and ensuring timely and accurate submissions to FinCEN.


The introduction of the new federal reporting requirement for Beneficial Ownership Information marks a significant step in the ongoing efforts to enhance transparency and combat financial crimes in the United States. While the reporting obligations may pose challenges for some businesses, the long-term benefits of a more transparent financial system and the prevention of illicit activities are expected to outweigh the initial implementation hurdles. As businesses adapt to these changes, collaboration with legal and financial professionals will be crucial in ensuring compliance with the new regulations.

IRS Delays Form 1099-K Reporting Threshold for Third-Party Platform Payments in 2023

In a recent announcement, the Internal Revenue Service (IRS) has revealed a significant development that will impact businesses and individuals alike. The IRS has decided to delay the implementation of changes to the reporting threshold for Form 1099-K, specifically concerning payments made through third-party platforms. This delay comes as a relief for many taxpayers, providing them with additional time to adapt to the new regulations.

Understanding Form 1099-K:

Form 1099-K is a document used by the IRS to track income generated from payment card transactions and third-party network transactions. It is commonly utilized by businesses and individuals who receive payments through platforms like PayPal, Square, or other similar services. The form helps ensure accurate reporting of income and enables the IRS to monitor financial transactions more effectively.

Initial Changes and Concerns:

Originally, the IRS had planned to lower the reporting threshold for Form 1099-K, requiring platforms to report transactions exceeding $600 annually, down from the previous $20,000 and 200 transactions threshold. This change aimed to enhance tax compliance and increase transparency in reporting income generated through third-party platforms.

However, the abrupt nature of the proposed adjustments raised concerns among businesses, freelancers, and gig workers who rely heavily on these platforms for their income. Many argued that the lower threshold could lead to unnecessary burdens and complexities, particularly for small businesses and those with lower transaction volumes.

What This Means for Taxpayers:

The delay in the implementation of the revised Form 1099-K reporting threshold is good news for taxpayers who may have been grappling with the impending changes. It provides them with an extended period to assess the impact of the new regulations on their reporting obligations and make any necessary adjustments to their record-keeping practices.

Taxpayers should take advantage of this grace period to review their income streams, familiarize themselves with the updated requirements, and ensure that they are well-prepared when the new reporting threshold comes into effect. Additionally, staying informed about any further updates or clarifications from the IRS will be crucial in navigating the evolving tax landscape.


The IRS’s decision to delay the implementation of the revised reporting threshold for Form 1099-K reflects a responsive and considerate approach to the concerns raised by taxpayers. This delay provides a valuable opportunity for businesses and individuals to adapt to the impending changes without feeling rushed or overwhelmed. As the IRS continues to fine-tune tax regulations to enhance compliance and transparency, taxpayers should remain vigilant, stay informed, and proactively address any future adjustments to reporting requirements.

Protect Yourself: Spotting Warning Signs of Misleading Employee Retention Scams

In recent years, employee retention scams have become increasingly prevalent, targeting individuals unaware of the warning signs. These scams can cause financial loss and lead to improper filing of claims. To protect yourself and your hard-earned money, it is crucial to identify these misleading schemes and take simple yet effective steps to avoid falling victim to them. This blog will discuss some common warning signs of employee retention scams and provide practical tips to prevent improperly filing claims.

Unsolicited Communication:

One of the most apparent warning signs of a potential scam is receiving unsolicited communication. Scammers often contact individuals via phone calls, emails, or even social media, claiming to be from a government agency or a company offering employee retention benefits. Be cautious if you receive such messages out of the blue, and always verify the source’s legitimacy before sharing any personal or financial information.

Requests for Personal Information:

Through unsolicited communications, legitimate organizations will never ask for personal or financial information, such as your social security number, bank account details, or credit card information. Scammers, on the other hand, may try to extract this information under the pretense of processing employee retention benefits. Remember, guarding your personal information and only sharing it with trusted sources is essential.

High-Pressure Tactics:

Scammers often use high-pressure tactics to push individuals into making hasty decisions. They might create a sense of urgency by stating that you must act immediately to secure employee retention benefits. Legitimate programs typically provide ample time and resources for individuals to understand and apply for benefits. If you feel rushed or pressured, take a step back and verify the information independently.

Upfront Fees or Payment Requests:

Another red flag to watch out for is any upfront fee or payment request. Legitimate employee retention programs do not require individuals to pay anything in advance to receive benefits. Scammers may ask for processing fees or claim that payment is necessary to expedite your claim. Avoid providing any financial information or making payments unless you are certain of the program’s legitimacy.

Lack of Official Documentation:

When dealing with employee retention benefits, always expect official documentation. Legitimate programs will provide you with written materials, application forms, and clear instructions on proceeding. If the communication you receive lacks proper documentation or seems unprofessional, it’s a sign that something might be amiss. Request official documentation or contact the organization directly to verify the program’s authenticity.

Simple Steps to Avoid Improperly Filing Claims:

  1. Educate Yourself: Stay informed about legitimate employee retention programs and processes. Be aware of the official channels through which you can apply for benefits, and regularly check reliable sources for updates.

  2. Verify the Source: Before engaging with any communication claiming to be related to employee retention benefits, verify the source independently. Look up official contact information for the organization or government agency in question and reach out directly to confirm the legitimacy of the communication.

  3. Be Skeptical of Unsolicited Communication: Treat unsolicited communication with caution. If you receive an unexpected call or email regarding employee retention benefits, do not immediately provide any personal or financial information. Instead, conduct your own research and contact the organization using official channels.

  4. Consult with Experts: If you have doubts or concerns about the legitimacy of an employee retention program, seek advice from professionals or legal experts who specialize in employment law. They can provide guidance and help you navigate through the process correctly.

In conclusion, Protecting yourself from misleading employee retention scams and avoiding improper claims requires vigilance, skepticism, and informed decision-making. By staying aware of the warning signs discussed in this blog and following

Data Security Plan for Your Tax Business

As a tax business owner, you have access to a lot of sensitive financial and personal information. With the increase in cyber attacks, it is essential to have a robust data security plan to protect your clients’ data. A data breach can not only damage your reputation but also lead to legal and financial consequences. In this blog, we will discuss the steps you can take to create a data security plan for your tax business.

Identify Sensitive Data

The first step in creating a data security plan is to identify the types of data that need protection. Tax businesses have access to sensitive financial information, including social security numbers, tax ID numbers, and banking information. Make a list of all the types of data you collect, store, and transmit, and rank them according to their sensitivity level.

Assess Risks

The next step is to identify the potential risks to your data. Cybercriminals can exploit vulnerabilities in your computer systems, employees can accidentally leak data, and natural disasters can damage your physical infrastructure. Conduct a risk assessment to identify all the potential risks and their likelihood of occurring.

Implement Security Measures

Once you have identified the risks, it’s time to implement security measures to protect your data. Some security measures you can implement include:

  • Password policies: Enforce strong password policies, including password length and complexity requirements, and require employees to change passwords regularly.
  • Data encryption: Encrypt sensitive data both in storage and during transmission.
  • Firewall and anti-malware software: Install firewalls and anti-malware software to protect against cyber attacks.
  • Employee training: Train your employees on how to identify and avoid phishing scams, how to create strong passwords, and how to handle sensitive data.
  • Access controls: Restrict access to sensitive data to authorized personnel only.

Monitor and Test Security Measures

Implementing security measures is not enough; you need to monitor and test them regularly to ensure they are effective. Conduct regular security audits and penetration testing to identify any vulnerabilities in your systems. Additionally, monitor your network and systems for any suspicious activity that could indicate a data breach.

Respond to Data Breaches

Despite your best efforts, a data breach can still occur. It’s essential to have a plan in place to respond quickly and effectively to a data breach. Your plan should include steps such as:

  • Containing the breach: Isolate the affected systems to prevent further damage.
  • Notifying affected parties: Inform your clients and any regulatory bodies of the breach.
  • Investigating the breach: Determine the cause of the breach and the extent of the damage.
  • Remediation: Take steps to fix any vulnerabilities and prevent future breaches.

In conclusion, a data security plan is essential for any tax business that handles sensitive financial and personal information. By identifying the types of data you collect, assessing risks, implementing security measures, monitoring and testing, and responding to data breaches, you can protect your clients’ data and your business’s reputation. Remember, data security is an ongoing process, so make sure you review and update your plan regularly to stay ahead of emerging threats.