New IRS Reg 7216 Worries, Confuses CPAs. But Help Is on the Way

Under new IRS Reg 7216, CPAs are obligated to get written consent when they “send out” work on tax returns.

But there’s precious little concrete guidance available yet, the deadline is approaching and many tax practitioners are confused and worried.

So what to do? I’ve been asking around. And, while there’s no cut-and-paste template available yet, a clearer picture is emerging.

I contacted Benson Goldstein, a technical manager at the AICPA Washington, D.C., office, for some clues to the riddle. He confirms that there is much to be worked out and the AICPA is working hard with leading firms to get example letters and disclosures out to the membership.

Meanwhile, the most important thing to know is that the new regulation doesn’t prevent CPAs from doing anything they might have done in the past, like outsource a tax return. And disclosure and consent have always been a part of the professional’s responsibilities. But, with the new reg, disclosure and consent is required in writing.

Roger Mongeon, sales and marketing VP at Doc-it.net, the document management people, says:

I believe that as part of the preliminary letter of engagement with every client the accounting practice MAY use outsourcing terminology. It could also be part of annual re engagement letters. Partners should review this during other routine meetings. Cover questions to determine if there is a sensitivity to outsourcing. Offer the option should clients choose to have the work done domestically but position it as an added service. If it’s done for competitive reasons of lower price or quicker delivery that message must be shared with the client and discussed as a benefit. Should a client opt out those jobs would justify an added services fee.

The accountant’s job is to manage client expectations. There are times during routine client meetings for the firm to discuss the topic of outsourcing and share the firm’s outsourcing options. Should educated clients choose to opt out be prepared to share the financial and time line consequences immediately during your preliminary meeting. If using outscoring is a means to hold your client’s annual costs share that message up front. Perhaps 50% higher fee for that work segment or delaying availability by weeks.

As to language, it should be descriptive by stating type of jobs and location done. Should the client choose to opt out the firm should offer the service to have it done domestically. (Once again the need for more sophisticated scheduling tools shows it’s head.)

Meanwhile I also put the key questions to Wolters Kluewer, CCH product manager Mike Gamble has put together one of the most succinct formulations I’ve yet seen:

1… What does the CPA need to know if they’re “outsourcing” the return? Are the rules different if the return goes to India or Iowa, for instance?

If the return is being processed offshore, there are unique disclosure and other requirements that must be followed. This includes obtaining a written disclosure consent that meets certain format, content and taxpayer signature requirements. This same disclosure would not require written consent if made to the same type of service provider located within the U.S. (provided that no other consent requirement is triggered, such as the third-party services including a substantive determination or advice affecting reported tax liability as provided under the regulations). If the tax return information to be disclosed to an offshore provider includes Social Security numbers, then certain requirements also apply regarding adequate data protection safeguards. If both the disclosing and recipient parties do not meet applicable requirements, or the taxpayer does not consent to disclosure of the social security number (but does consent to disclosure of other tax return information), then the social security numbers must be fully masked or redacted. If the return is being processed onshore, then disclosure requirements follow current 2008 guidelines (AICPA third party guidelines).

2… The Reg covers the client’s name, mailing address, email, etc. So does that affect a firm’s marketing and business development activities, like direct mail?

According to Treas. Reg. Section 301.7216-2(n), a tax return preparer may compile and maintain a separate list containing solely the names, addresses, e-mail addresses, and phone numbers of taxpayers whose tax returns the tax return preparer has prepared or processed. This list may be used by the compiler solely to contact the taxpayers on the list for the purpose of offering tax information or additional tax return preparation services to such taxpayers.

3… When sending a return “out” for outsourcing, do most tax prep applications do that automatically?

For our ProSystem fx Outsource service we automatically mask the SSN in the tax data file within ProSystem fx Tax. We also offer a desktop masking tool that firms can use to scan and mask SSN with PDF files. At this time we are unaware of any other tax applications that offer any masking features like ours, however, they may have a basic feature that will mask the SSN within their application.

Also, with regard to all three questions — As a standard practice we are always informing clients that they need to seek their own legal advice regarding these regulations.

For the record, ThomsonReuters reports “Ultratax CS does provide the option to mask (only) SSN’s.”

AICPA Insider contributor Annette Nellen, who wrote about the reg’s history and intent here, believes there may be no easy cookie-cutter solution for CPAs.

“A sample form might not be appropriate,” she says, “given the possible variations in what is needed based on the particular disclosure and its reason.”

Nellen’s article has a ton of useful links.