Donny Shimamoto, Author at CPA Trendlines

IRS and FTC Cybersecurity Expectations of Tax Practitioners

Your tools for a cybersecurity compliance check-up.

By Donny Shimamoto
Cybersecurity for Accountants

In August 2019, the IRS published its list of “Security Six” steps to protect taxpayer information.[i] These described the six “basic protections” that it expects tax prepares to utilize.

MORE: How Hacker-Proof Is Your Firm? | Unleashing the Power of Technology: Transforming Accountants into Trusted Advisors | Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Exclusively for PRO Members. Log in here or upgrade to PRO today.

These include:

CHECKLIST

Cybersecurity Exemptions for Orgs with Less than 5,000 Clients

You may be off the hook, but not out of the woods.

By Donny Shimamoto

Management consulting company AON described an exemption for some of the FTC requirements for firms that handle the personal identifiable information (PII) of less than 5,000 consumers.[i]

The Safeguards Rule provides an exception from certain requirements if the covered financial institution maintains customer information concerning fewer than 5,000 consumers. A consumer is defined in Section 314.2(b)(1) of the Safeguards Rule as “an individual who obtains or has obtained a financial product or service from the financial institution that is used primarily for personal, family, or household purposes, or that individual’s legal representative.”

MORE: How Hacker-Proof Is Your Firm? | Unleashing the Power of Technology: Transforming Accountants into Trusted Advisors | Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Exclusively for PRO Members. Log in here or upgrade to PRO today.

Essentially if you handle less than 5,000 social security numbers, then it would appear that you can take advantage of this exemption. AON went on to report that if you fall under this exemption, then you do not need to address the following requirements:

CLIENT ACCOUNTING SERVICES

Safe Harbor Compliance Reduces Risk of Fines and Penalties

Protect your clients–and your firm–by being proactive.

By Donny Shimamoto, CPA, CITP, CGMA

In the last few years, we’re starting to see state legislatures and attorney generals recognizing that tax practitioners are trying to protect their clients. They are formalizing this recognition with changes to regulations or laws to include “safe harbor” provisions that limit or eliminate the fines and penalties for tax practitioners who take proactive action to manage their cybersecurity risks.

MORE: How Hacker-Proof Is Your Firm? | Unleashing the Power of Technology: Transforming Accountants into Trusted Advisors | Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Exclusively for PRO Members. Log in here or upgrade to PRO today.

As of December 2022, the following states have some type of safe harbor provision in place:

Connecticut[i]
Ohio[ii]
Utah[iii]

In contrast, states like California and Colorado are taking the opposite approach and penalizing organizations that have data breaches.[iv]

ADVISORY & CONSULTING

Unleashing the Power of Technology: Transforming Accountants into Trusted Advisors

The smartest route to advisory:
Join the survey. Get the roadmap

Imagine the possibilities.

By Donny Shimamoto, CPA, CITP, CGMA
The Center for Accounting Transformation

In today’s rapidly evolving world, technology is revolutionizing the way we work and live. Accountants and CPAs are no exception.

MORE DONNY SHIMAMOTO: How Trusted Advisors Transform Businesses | The Future of Accounting: A Vision of Trust, Clarity, and Hope | Donny Shimamoto: Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Exclusively for PRO Members. Log in here or upgrade to PRO today.

We need to embrace the power of technology to enhance our services and better serve our clients as advisors. By leveraging technology and focusing on the complicated work that bots can’t do, accountants become trusted advisors, building deeper relationships and unlocking their full potential.

ADVISORY & CONSULTING

Overcoming the Five Hurdles to Advisory Services

Face these issues to achieve firm growth.

The smartest route to advisory:
Join the survey. Get the roadmap

By Donny Shimamoto, CPA, CITP, CGMA
The Center for Accounting Transformation

Are you tired of feeling overwhelmed and stuck in the compliance workload, unable to provide valuable insights to your clients? Do you feel that your firm has the potential to grow and create a lasting impact, but capacity issues hinder your progress?

MORE DONNY SHIMAMOTO: How Trusted Advisors Transform Businesses | The Future of Accounting: A Vision of Trust, Clarity, and Hope | Donny Shimamoto: Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Exclusively for PRO Members. Log in here or upgrade to PRO today.

You’re not alone. Many accounting firms are struggling with the same challenges. But what if there was a way to break through these barriers and elevate your firm to new heights? Read on to discover how to overcome the challenges associated with providing advisory services and transform your firm into a thriving, client-centered business.
READ MORE →

FEATURED

How Tax Practitioners Became Cybersecurity Risks

Tax professionals are a hacker’s dream.

By Donny Shimamoto, CPA, CITP, CGMA
On Cybersecurity for Accountants
Center for Accounting Transformation

In 2015 the U.S. Internal Revenue Service (IRS) held its first Security Summit[i]. By creating a public-private partnership via the summit, the IRS is seeking to protect more taxpayers and more tax dollars from tax-related identity theft.

MORE: How Hacker-Proof is Your Firm? | Donny Shimamoto: Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Exclusively for PRO Members. Log in here or upgrade to PRO today.

Partners in the summit included the IRS, state tax agencies and the private sector tax industry—for example, financial institutions, cybersecurity practitioners and tax practitioners.

The summit brought together people from the full value chain of tax compliance. Taxpayers submit information to tax practitioners, who prepare the returns and submit them to the tax authorities.

ADVISORY & CONSULTING

Why Compliance Still Matters. But It’s Not Enough.

Resistance is futile… and silly because it’s necessary for the profession.

The smartest route to advisory:
Join the survey. Get the roadmap

By Donny Shimamoto, CPA, CITP, CGMA
The Center for Accounting Transformation

In the world of accounting, compliance work is often seen as the unglamorous side of the profession. But what if I told you that compliance is the heart and soul of accounting, the unsung hero that makes advisory work possible?

MORE DONNY SHIMAMOTO: How Trusted Advisors Transform Businesses | The Future of Accounting: A Vision of Trust, Clarity, and Hope | Donny Shimamoto: Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Exclusively for PRO Members. Log in here or upgrade to PRO today.

Let’s explore the importance of compliance work in the accounting profession and why it’s time for us to stop minimizing its significance. READ MORE →

ADVISORY & CONSULTING

How Hacker-Proof Is Your Firm?

Thieves always build a better mousetrap, so stay vigilant.

By Donny Shimamoto, CPA, CITP, CGMA
On Cybersecurity for Accountants

In 2018, fraudsters posed as tax authorities and state accounting and tax professional associations. These were simple phishing attacks trying to get tax practitioners’ email usernames and passwords, allowing fraudsters to obtain client contact information and perform email-based password resets for other systems.

MORE: Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Exclusively for PRO Members. Log in here or upgrade to PRO today.

The IRS reported seeing threats specifically targeting preparers in Illinois, Iowa, New Jersey and North Carolina. Additionally, the IRS received reports tied to a Canadian accounting association.[i]

Donny Shimamoto

MORE AT STORE.CPATRENDLINES.COM

Donny C. Shimamoto, CPA.CITP, CGMA, is the founder and managing director of IntrapriseTechKnowlogies LLC, a specialized CPA firm dedicated to helping small businesses and middle market organizations leverage strategic technologies, proactively manage their business and technical risks, and enable balanced organizational growth and development. Donny also works with larger organizations as a trusted business advisor, facilitating organizational strategic planning and execution, IT governance and planning, enterprise architecture, information architecture and assurance, business process improvement, and business intelligence initiatives.

Click here for more by Donny Shimamoto

As the founder of The Center for Accounting Transformation, Shimamoto is leading a movement to change the world for the better by empowering and equipping accountants with the leading-edge tools and techniques.

Donny was the first Certified Information Technology Professional (CPA.CITP) in the State of Hawaii and is one of only four in the state. The CITP credential is a specialty designation of the American Institute of Certified Public Accountants (AICPA), that identifies Certified Public Accountants (CPAs) with the unique ability to bridge between business and technology; meeting the strict requirements for a CPA license as well as additional training and experience in technology strategic planning, IT architecture, business process enablement, system development and acquisition, IT audit and control, and IT governance.

The immediate past chairman of the AICPA’s IMTA Executive Committee, Donny has been both influential and critical in several AICPA initiatives including the development of an IT Competency Model for CPAs, and redesign of the CITP Credential. Donny previously co-chaired the AICPA’s Business Intelligence Working Group, researching and creating practice aids in the area of Evidence-based Management, Application & Data Integration, and Information Assurance. Donny has also been involved in the authoring of guidance published by the AICPA on IT Considerations for Risk-Based Auditing and Enterprise Business Intelligence. As a subject matter expert, Donny is often an invited speaker at national and international webinars and a familiar key-note speaker at national-level conferences.

Donny obtained invaluable knowledge and exposure to a wide range of industries and sectors (retail, hospitality, state government, defense, and higher education) while earning his CPA license as a member of PricewaterhouseCoopers LLP's Business Assurance Services, Operational & Systems Risk Management Services, and Management Consulting Services lines of business. With ITK he has expanded his industry expertise to include not-for-profit (social services, foundations, and membership organizations), professional services, small businesses, technology, and mobile professionals.

Here’s what you’re looking for: Donny Shimamoto

The smartest route to advisory: Join the survey. Get the roadmap

The smartest route to advisory: Join the survey. Get the roadmap

The smartest route to advisory:
Join the survey. Get the roadmap

The smartest route to advisory:
Join the survey. Get the roadmap