Security Summit Reminds Tax Pros to Protect EFINs, PTINs
Income tax professionals from preparers to CPAs and EAs are being reminded to maintain and monitor their various identification numbers that enable them to e-file.
The reminder comes from the Security Summit, the joint effort between the IRS, state taxing agencies and tax industry partners that’s been tasked with helping to find winning strategies against identity theft and income tax refund fraud.
Electronic Filing Identification Numbers (EFINs) and Preparer Tax Identification Numbers (PTINs) are issued to practitioners who prepare tax returns or claims for refund and are paid for their service. Centralized Authorization Files (CAFs) should also be monitored, since they are issued when tax pros – or their firms – request third-party access to client files.
Keeping Tabs on Important Information
Tax professionals should update their EFIN application within 30 days of any change in circumstance – including any change in office personnel. New telephone numbers, addresses or email addresses should also warrant an updated EFIN.
EFINs can only be obtained from the IRS and do not transfer if a tax prep business is sold. Also, new offices of existing tax preparation operations may need their own EFIN as well if the new location files tax returns.
How to keep up with your EFIN during tax season? Make a weekly check on your e-Services account to see how many returns were filed under your EFIN. Select “EFIN Status” from the app inside e-Services. If the resulting number is more than what you expected, contact the IRS e-Help Desk at 1-866-255-0654.
Attorneys, CPAs, enrolled agents or participants in the Annual Filing Season Program who file more than 50 returns can also check the number of returns filed that use their PTIN. Go to the online PTIN account pave and select “View Returns Filed per PTIN.”
Either one of these checks can help to identify unusual activity quickly and easily.
An Ounce of Prevention
The easiest way to head off EFIN or PTIN theft is to learn to avoid phishing emails. Most identity theft attacks start with a phishing email to victims. To learn more about how to recognize a phishing attempt, check out the Security Summit’s Don’t Take the Bait campaign. Share the information with all staff members.
The IRS is also seeing illegal activity using stolen Centralized Authorization File numbers, unique nine-digit numbers that are assigned the first time a legitimate recognized representative files a power of attorney or third-party authorization with the IRS. Practitioners then use their assigned CAF number on future authorizations.
Tax pros can make an annual check to find outstanding CAFs for people who are no longer clients. Look over the instructions for Form 2848, Power of Attorney and Declaration of Representative, or Form 8821, Tax Information Authorization for additional information on how to withdraw representation.
Stiffer Measures for Phone Support
Because scammers have no problem posing as legitimate tax professionals – not even when speaking to the IRS – the IRS telephone operators now request additional proof of identity from tax pros who call.
In instances when the verification information isn’t convenient – when the client is present in the practitioner’s office during the call, for example, the IRS says either ask the client to step outside the office or put them on the phone to make an oral authorization to the IRS operator.