Once, servicing “tax tools” meant math and a pencil sharpener – but these days it means a huge amount of technology that you may use fluently, but not necessarily understand. How can you truly trust it?

“I’ve been trusting the e-file process without issue for years,” said Laura Strombom, an Enrolled Agent at All About Numbers in Stockton, Calif. “I know snail-mail is stolen often, and this is a bigger risk to me than the e-file system being hacked.”

“I absolutely trust technology as much as I trust a mailbox or a mailperson,” said Geni Whitehouse, a CPA at Brotemarkle, Davis & Co. in St. Helena, Calif. “Most systems we humans (and especially we accountants) build are designed to reduce the opportunity for human error. Technology is great at doing this, but we can always find ways to improperly use any tool. You see this often in software implementations: Generally you will hear about bad software which is generally caused by bad humans who sold badly, trained badly or implemented sloppily.”

“I try to use technology to my advantage, but I guess I am still old-fashioned and enjoy meeting my clients in person,” said EA Patrick W. O’Hara in Poughkeepsie, N.Y.

“There is no way around it these days: We live in a digital age and clients expect the convenience of this from us,” said California-based EA Crystal Stranger, author of The Small Business Tax Guide. “But with many tools, either I can find critical flaws in the source code on a quick review, or most of the secure ones I have found are too cumbersome for clients to use. I've found a few simple solutions and written some code of my own to create some work-arounds, but I still think there is a huge area of improvement available here.

“Most consumers don't understand that the code used for writing Web apps and computer programs is not standardized languages but bits and pieces that were developed over time and reference many third-party libraries,” Stranger said. “This leaves many vulnerabilities everywhere one looks and there is no clear way around this. Because of this I don't trust technology regarding sensitive financial information, but I have to in order to get anything done.”


Harsh realities

In a recent report on cybercrime, the American Institute of CPAs acknowledged the “real and serious threat that each year results in hundreds of millions of dollars in measurable and unmeasurable losses to businesses – aggressive invasions by criminals into a business’s virtual environment. “The prevalence of cybercrime, and the escalating fervor and inventiveness of perpetrators, have led to a harsh reality: It is not a matter of if CPAs, their clients or their organizations will become a victim, but when.”

The likely leader among technology concerns: identity theft against taxpayers, which the IRS continues to stress as the next tax season nears. Preparers’ info is also at intensifying risk.

“Phishing [for e-mail addresses and other information] is getting very sophisticated, and with the threat of enormous penalties on preparers who are the source of leaks that lead to identity theft, I’m becoming increasingly skeptical of technology,” Strombom said. “It’s a great tool, but often the thieves understand it much better than I do.”

Maybe keeping calm and trusting your computer is a matter of perspective. “When you watch the morning news and you see the traffic report, how often do they focus 98% of the coverage looking at the smooth-running traffic? Not much,” said EA Juan Macias of the firm Fourlane, in Austin, Texas. “Remember, the coverage is disproportional to the actual numbers. Don’t fear the hacks and breached data: They are few and far between, and these companies, to save reputation and their company, spend millions fixing and trying to predict these issues.”

Macias said that he embraces technology because of efficiency and “push-off liability. If X security gets hacked, the chance of your information being taken is low due to these companies having tons of clients.”

“I trust technology to the extent that it’s someone else’s liability should nefarious behavior result in the compromise of a client’s personal information,” said EA John Dundon of Taxpayer Advocacy Services Inc., who uses an encrypted file transfer site called Secure File Pro to transfer documents with sensitive or personal information. “I also have a cyber-risk policy to protect clients.”

The Institute of Risk Management notes that such professional services policies’ wording needs to evolve and change just as fast as possible breaches in technology – perhaps a nearly impossible task.


Various tools

“Technology is the best thing that happened in the last 20 years. I have embraced technology and use it in every phase of my business,” said Marilyn Heller Ayers CPA, Brick, N.J. “I have a portal that can safely transmit returns and other highly sensitive information [and] I trust the right kind of software.”

Over the past three years, Port St. Lucie, Fla.-based EA Jeffrey Schneider has used digital client portal for exchanging client information. “I have over 50% of my clients using the portal,” he said. “I still send everything via this method, though a lot of my clients still send things using Gmail, Yahoo and so on. Even after I explain the ID-theft possibilities, they do what’s easy for them. It’s surprising, however, that when they scan an item and attach it to an e-mail, it is just as easy to send it via the portal.”

Laurie Ziegler, EA at Sass Accounting, Saukville, Wis., trusts technology “if you use the right technology. Sending an e-mail, even if it’s encrypted or the client says it’s OK, isn’t enough. I use a secure portal that I subscribe to through my tax software; each client has an individual login and password.”

“I don’t fully trust myself, in addition to technology,” said Debra James, an EA at Genesis Accounting & Management Services, in Lorain, Ohio. “I’ve been taught how to send things, but I’m not comfortable with my lack of true expertise. We don't send too much via the Internet. When we do, it’s password-protected and tested before we hit the Send button.” Her firm also tries “to limit what we send to banks who request multiple years of data … and technologically savvy clients who request something [be sent] electronically.”


Common sense

Strombom has trusted the encryption of software providers’ process for e-mailing returns to clients – though she said a colleague suggests that no encryption is safe. “This should not be trusted,” Strombom said. “I’m looking at using portals for this process instead. I also do not trust e-mails with attachments unless I am specifically requesting the information. If a client e-mail address pops up as a received item and I’m not expecting the e-mail, I will contact them first.”

O’Hara’s firm uses secure portals for clients to exchange tax information via the cloud, “but this information is only secure if the client keeps their passwords secure,” he said. “[No] taxpayer’s personally identifiable information should be e-mailed.”

Finding comfort with technology may also now be a matter of admitting the lack of an answer to one question: “What’s the alternative?” Macias said. “As returns become more and more computerized … the premium people pay will go towards service. To perform this service, you need the physical time to service the need. If that time is consumed by activities where competitors have used technology to reduce that time and you haven’t, [you’re] at a serious disadvantage. Quality will not suffer, because of the great amount of time you save embracing technology allows you the time needed to review and provide service to customers.”

Register or login for access to this item and much more

All Accounting Today content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access