With COVID-19 cases increasing and full deployment of a vaccine not expected until Memorial Day, your firm needs to be ready to serve your clients virtually this tax season.
Virtual Tax Season
For years we have talked with firms about the need to serve their clients and employees with virtual solutions like electronic signatures, secure file sharing, and mobile practice management solutions. While many firms have fully adopted these solutions, most have not. The reasons are usually one or all the following:
- “We have a client portal for this”
- “We email returns with password protected PDF”
- “We aren’t sure electronic signature is legal”
- “We use email to send documents”
- “Our clients come to the office to drop off and pick up”
- “We are planning to do this but haven’t gotten around to it”
As we approach another tax season impacted by the virus, these objections must be resolved in order to serve your clients effectively. The good news is they are all completely solvable and you have time.
We Have a Client Portal
While Client Portals are necessary, they are not sufficient. If you currently have a Client Portal you probably know the client adoption is usually below 20%. The reason is easy to understand, your clients may only have need to access your portal a couple of times per year. Therefore, they either forget how to access it or forget their username/password. What follows is all too familiar, they call the office asking for their username or password, you either provide it or skip the whole thing and have them email the documents over. Sending sensitive client data via email is the worst-case scenario as it highly susceptible to data breach.
This process is time consuming and frustrating for the firm and your clients.
There is a better way. You can provide secure file sharing and electronic signature without forcing your clients to log into your portal. The files will flow into the portal securely for access at any time all within the workflow you and your clients are used to.
We Email Returns with Password Protected PDF’s
Sending your client’s information over regular email as a password protected PDF was the standard 20 years ago! In the world of technology, software becomes outdated about every three years. With that in mind, sending your client’s incredibly sensitive information over email with just a password on it is like driving a go kart on the highway. From a security standpoint, password protected PDFs are only 128-bit encryption. Every leading file sharing software on the market today is utilizing 256-bit encryption. When you send a file, there are two basic fundamentals that need to be satisfied: the file needs to be encrypted in transit, and it needs to be encrypted at the point it is being accessed.
Password protected PDFs only offer protection when the file is being accessed. It is an absolute requirement to encrypt your file while in transit to ensure that your client’s information is safe. From an efficiency standpoint, password protected PDFs are as inconvenient as it gets. Firms add passwords in different ways, but there are multiple steps regardless of your workflow. We’ve heard thousands of firms tell us that their clients don’t read the email that says what their password is, or that they forget it a few weeks later, or just cannot get into the document at all. In the middle of tax season, the last thing you want to do is play tech support for your clients.
We Aren’t Sure Electronic Signature is Legal
This is an understandable concern but the following provisions should address any ambiguity on the use of electronic signatures and their legal standing. The Uniform Electronic Transactions Act (UETA) is the law in all but a few United States jurisdictions, and the Electronic Signatures in Global and National Commerce Act, 15 USCA (ESIGN) is federal law. The net effect of these rules is that every jurisdiction in the United States has substantially the same rules for the use of electronic signatures.
In Canada, the following announcement was made on March 28th 2020:
CRA and COVID-19
Effective immediately, the CRA will recognize electronic signatures as having met the signature requirements of the Income Tax Act. This temporary measure will reduce the necessity for taxpayers and tax preparers to meet in person and will reduce administrative burden during this difficult time.
We Use Email To Send Documents
Simply put, this is dangerous practice for your firm and your clients. Emails don’t simply move from your outbox to the recipient’s inbox; they are transported across multiple mail servers. En route, any sensitive data included in those emails is vulnerable to a data breach.
1n 2019 there was a 54% increase in email breaches and it is not going to slow down. After just one breach of a client’s data, you can cause irreversible damage to your firm’s reputation and face serious fines under data protection regulations.
Professional standards impose obligations on members in public practice to protect confidential client data. For example, the AICPA Code of Professional Conduct (AICPA Code) Rule 1.700.001, Confidential Client Information Rule (the Rule), states that a member in public practice shall not disclose any confidential client information without the client’s specific consent. In the case of an unauthorized data breach, in determining whether there has been a violation of the Rule, consideration might be given to whether the member had processes and procedures in place to ensure that client data were secure and that these processes were kept current, communicated to the firm’s professionals, and enforced.
In addition, certain statutory provisions impose criminal penalties if a tax return preparer discloses information to third parties without the taxpayer’s consent. Sec. 7216 provides the following:
(A) General rule: Any person who is engaged in the business of preparing, or providing services in connection with the preparation of, returns of the tax imposed by chapter 1, or any person who for compensation prepares any such return for any other person, and who knowingly or recklessly— (1) discloses any information furnished to him for, or in connection with, the preparation of any such return, or (2) uses any such information for any purpose other than to prepare, or assist in preparing, any such return, shall be guilty of a misdemeanor, and, upon conviction thereof, shall be fined not more than $1,000, or imprisoned not more than 1 year, or both together with the costs of prosecution.
According to the statute, disclosure without consent does not need to be intentional; the penalties can apply if the disclosure occurs recklessly. This further supports the importance of having adequate safeguards in place to mitigate the risk of leakage.
Our Clients Come to the Office to Drop Off and Pick Up
As of this writing, the virus cases are increasing in all 50 states in the US. Many states are mandating additional lockdowns and a vaccine will not have full distribution for several months. Asking your clients to visit your office in the midst of this challenge is not necessary or recommended.
The good news is there is an easy way to facilitate secure file sharing and electronic signature in a way that will be easy for all of your clients and team members. This will save you and your clients a lot of time and is simply more efficient for all involved.
While some clients will still want to visit the office, more and more prefer the flexibility of providing virtual options. There is no one-size-fits-all solution and it is important for firms to provide the alternative that fits best for all client scenarios.
We Are Planning To Do This But Haven’t Gotten Around To It
We all need a compelling event at times, and given the circumstances of today, there is no more time to delay. Your employees and customers deserve the flexibility to work virtually while providing secure file sharing and electronic signature for all documents.
The good news is, it does not take much time to put these solutions in action. Your firm should be fully implemented and functioning in a matter of hours, the training should be minimal and you should mimic current workflow as much as possible.
…There is a solution!
ImagineShare is a file sharing system created for the ease of company and client alike – security enhanced, customizable and designed to satisfy every type of customer.
No one wakes up and thinks about file sharing. It’s not until the middle of tax season that file sharing bottlenecks are most evident when everything needs to be moving as smoothly as possible. There’s nothing worse than taking a 10-minute phone call to walk your client through the process of opening up a document. If they would just read the email you sent them containing the password then there wouldn’t be any problems, right?
Despite your client’s difficulties, you need to secure their information. It’s a huge responsibility to handle the data involved with an accounting workflow and accountants face this task on a daily basis. The amount of data breaches, hacked emails, and stolen identities has increased 50% or more, every year, for the past four years. Before you think that you’re too small to be targeted, understand that hackers attack weakness, not size. They know that you don’t have the budget or resources to constantly have an entire IT team monitoring your technological security and infrastructure. Even if your server is encrypted, once you send emails externally, they are out in the open and vulnerable just like every other email.
At the end of the day, it’s the law. You have to secure your client’s information when sending to them. Even if they say it’s ok and you get their written permission to send it unsecured, you’re still breaking the law. If you haven’t been securing information in the past and you’ve never had a data breach, then you’ve simply been lucky so far. Even if you’ve never been robbed, you still lock your doors at night. We’re at a point in modern technology where security is not a “nice to have”, it’s not something that you just do for the good of your clients, it’s a necessity for running a lawful and ethical business.
You might already have a client portal that came with your tax software or the company that created your website. If you’re like the majority of accounting firms we talk to, then you’re having difficulty with clients actually adopting the portal. Some clients will love your client portal and will use it all the time, but those are rare. ImagineShare was created to satisfy every type of client, not just the tech-savvy ones.
The Problem with the Status Quo
The secret’s out, clients don’t like to use client portals. Your tax software told you that their client portal will be a great way to send files to your clients, but it turns out that none of them actually use it! A handful of clients will like using a portal, but the majority of them would rather get their files through email, in person, or in their mailbox
and mailing PII (Personally Identifiable Information), needs to be secured by law. Most firms we talk to are password protecting the documents they send out, which gives a minimal amount of security, and clients still have trouble opening the documents.
Does this sound familiar? You send them their password protected file, then send a second email or give them a call to let them know what the password is.
Then they reply to your email or give you a call and tell you that they don’t know what their password is. This happens to every accounting firm, and it’s a result of a system that is built around the accountant, not around the client. Whether you’re sending the file through your client portal or through a password protected PDF, they still have to find out what the password is. That barrier to entry will stop your clients from adopting the technology you purchased and keeps your firm in the dark age.
Firms with paper-based methods (meeting in person, using the mail system) are stuck in the process for two reasons; it’s what you’ve always done, and you haven’t offered anything easy enough for your clients to actually use. Very few firms are actually “paperless”, but most firms are looking to reduce the paper in their office. Making the transition from paper to digital happens gradually and requires effort on your part. Clients need to be reminded and trained with regularity, but you need to offer something that isn’t a pain to use at the same time.
Getting your client to sign their e-file authorization form is every accountant’s favorite pastime. The amount of follow-up calls and follow-up emails required to get documents signed and returned is ludicrous. There are more important things you or your staff can be doing instead. Getting documents signed is difficult because it requires the client to meet up in person, mail things back to you, or have a printer/scanner/fax machine. All of those processes are very easy for your client to put off “until tomorrow.”
Put your name on it, not ours.
ImagineShare’s private label customization feature lets you apply your firm’s name, colors, and logo to the interface, so your clients are interacting with your brand, not ours.
Software that works the way you work.
Save time and streamline your workflow by enabling clients to receive and send secure files to and from your organization without changing the way you operate.
ImagineShare was designed around your workflow AND the client’s workflow. If you have tech-savvy clients who love the idea of a client portal, we provide that for you. If you have clients that have trouble with usernames and passwords, we provide a process that they can actually use. When it comes to clients and technology, one size does not fit all. ImagineShare has a blended approach to file sharing that allows you to cater to different types of clients in a secure way. Getting documents signed through our e-signature platform expedites the entire process, saving you time and money. ImagineShare is a file sharing solution that is easy to use without compromising on security.