Proposed AICPA tax standards address new concerns.

• Author: Valenti, Stephen P.

The AICPA's Statements on Standards for Tax Services (SSTSs) are enforceable standards that apply to all AICPA members providing tax services. Certain states also incorporate the SSTSs as part of their professional rules of conduct for CPAs.

The SSTSs, based on the AICPA Statements on Responsibilities in Tax Practice (SRTPs) that were originally issued between 1964 and 1977, were first adopted by the AICPA Tax Executive Committee (TEC) in August 2000, and the most recent significant updates to the SSTSs were made Jan. 1, 2010. In October 2018, the TEC approved formation of an SSTS Revision Task Force to update the SSTSs. On Jan. 26, 2022, the TEC voted to expose the standards to the AICPA membership, with comments due Dec. 31, 2022, and an effective date of Jan. 1, 2024.

The task force was composed of AICPA Tax Section members representing diverse interests including small and sole practitioner tax firms, the Private Companies Practice Section (PCPS), medium and large CPA firms, and academia (see the sidebar, "SSTS Revision Tax Force Members"). The task force held numerous meetings to identify and develop both updates to the current SSTSs and entirely new standards. As part of those efforts, the task force:

* Reorganized the SSTSs by type of tax work performed;

* Reviewed and revised the existing SSTSs to reflect the current state of the profession and the emerging needs of today's members; and

* Promulgated three new standards not previously addressed by the SSTSs regarding data protection, reliance on tools, and the representation of tax clients before taxing authorities.

This column briefly summarizes the three new standards and explores how they will apply to all CPAs providing tax services. As chair of the task force, the author encourages all members to carefully consider these new standards and provide their comments, both favorable and unfavorable. Open discussion and consideration of these standards is a vital component of the self-regulation process that will drive the profession forward. Members may view and download from the AICPA website a combined document that includes revisions to the existing standards, the three new standards, and an Invitation to Comment on the subject of quality management in tax.

This column is not an authoritative interpretation of the SSTSs but reflects the opinions of the author. Members should use their professional judgment in applying this discussion to their own particular facts and circumstances.

SSTS 1.3., Data Protection

New standards

Section 1.3.4. A member should make reasonable efforts to safeguard taxpayer data, including data transmitted or stored electronically.

Section 1.3.5. A member should consider applicable privacy laws when collecting and storing taxpayer data.

CPAs involved in tax return preparation have access to significant amounts of confidential financial and personal information. As the role of technology in accessing that confidential data increases, the risk to taxpayer data also increases, as demonstrated by an increase of more than 80% in data breaches reported by CPA firms between 2014 and 2020 (Shinn and Jorgensen, "Cybersecurity: An Urgent Priority for CPA Firms," 51 The Tax Adviser 276 (April 2020)). Therefore, the task force believed it was important to implement a standard that ensures members adopt reasonable safeguards to protect taxpayer data, both electronic and otherwise.

However, the task force also recognized that continuous advances in technology make it challenging to identify any one set of standards with broad applicability across all tax practices. Therefore, instead of defining required elements for a data security plan, the task force drafted a standard requiring members to make "reasonable efforts" to safeguard...