How Finance Professionals Can Keep Data Protected All Year Long

Although finance is often referred to as a profession that deals with numbers, the truth is that the success of tax and accounting professionals depends on the relationships they build, whether with clients or colleagues. Relationships built on trust and mutual respect can ensure easy collaboration, productivity, and success for years to come.

So how should a financial professional start building those effective relationships? The 2021 PwC US Business Trust Survey found that 62% of consumers consider "data protection and cybersecurity" to be a fundamental element of trust. In other words, most people cannot trust professionals or organizations that compromise their sensitive data. In fact, four out of five customers choose who to do business with based on a company's reputation for data security. And the same will change brands after a bad experience.

Despite this knowledge, financial institutions struggle with data protection, and this problem has only worsened during the Covid-19 pandemic. Shred-it's 2021 Data Protection Report shows that 52% of financial firms have experienced a data breach, up 21% from a year ago. And while most financial services companies are aware of the risks of poor data security, only 43% of them conduct regular infrastructure reviews. Even fewer (38%) conduct regular vulnerability testing. By failing to take the right steps to prevent data breaches, financial and professional organizations are not only subject to prosecution but also undermine the credibility of their clients and colleagues.

Tax and finance professionals often have access to their clients' most sensitive information, including social security numbers, financial history, birth certificates (for new parents), and credit card information. To keep this information secure year-round and maintain strong relationships with their clients, tax professionals must follow these five steps:

1. Ensuring the safe storage of information in the process of tax preparation

Financial reports and documents are a minefield of personal information. Professionals must keep confidential paper documents, including invoices, credit card information, and forms containing a Social Security number or federal tax identification number, in a locked drawer until needed. When files are stored electronically, they must be stored on a secure computer (or network) that has cybersecurity measures in place, such as logical access controls, encryption, and monitoring/notification capabilities.

In addition, when accountants collect financial information from their clients electronically, they should avoid doing so via email, as this is an insecure method of data transmission and is difficult to control. Instead, tax professionals should provide clients with a secure portal to upload documents, giving them more control over access and allowing them to easily clean up files after work is completed. Where possible, financial companies should also implement two-factor authentication , as a 2019 Microsoft report found that it significantly reduces the chance of data breaches.

Tax and finance organizations should also follow desktop cleanliness guidelines—keep paper and electronic information secure when employees leave the workplace—to prevent sensitive data from falling into the wrong hands. Desktop cleaning practices are important not only in office buildings, but also in telecommuting environments, as family members or other guests can accidentally pick up or drop documents containing confidential information.

2. Beware of tax fraud and other threats

The IRS continues to encounter scams where dishonest people take advantage of individuals and companies by tricking them into sharing sensitive financial information or doing something illegal. Tax fraud is so common that the IRS compiles an annual list of " dirty dozen " schemes that the public should be aware of.

Fraudsters and other intruders can also attack the tax authorities in an attempt to gain access to their confidential information. The number of cyber attacks on large and small businesses is on the rise. It was only in 2021 that hacker groups gained access to corporate systems and information of large corporations, including T-Mobile , Colonial Pipeline , JBS and others. Many of these hacks started with simple phishing emails or compromised passwords. Organizations that train their employees to recognize fraudulent emails and other common hacking techniques can prevent data breaches and better protect sensitive information.

3. Decide what to leave after filing taxes

Financial professionals do not need to permanently store the tax information of their clients. In fact, storing unnecessary documents can increase vulnerabilities and risks. To conserve physical and digital storage space and reduce the potential for data leakage, tax professionals need to understand which documents should be kept and which should be disposed of.

After filing individual taxes, the IRS recommends that you keep all "evidence" of income or deductions and credits on tax returns, copies of prior years' tax returns, and important data such as birth and death certificates, citizenship, and marriage. license.

The IRS, on the other hand, recommends deleting documents that no longer serve a purpose during tax season or other periods, including purchase receipts, pay stubs, loan repayment documents, and documents that have been converted to digital records. If a document is not directly related to an individual's tax status or is not material to future tax returns, it can and should be safely disposed of.

4. Properly Dispose of Old Tax Returns and Other Unnecessary Documents

Data leakage prevention doesn't end with deciding which documents to delete; It is also important to safely dispose of unnecessary documents. Throwing paper documents containing sensitive information in the trash or wastebasket can increase the risk of someone stealing the information and using it for identity theft or other illegal purposes.

Shredding is one of the best ways to safely dispose of paper documents, and working with a professional document shredding service can help make the shredding process complete, secure, continuous, and in accordance with the law applicable to data protection.

5. Report action

Clear communication and transparency are essential elements of a strong and rewarding relationship between tax and finance professionals and their clients. It may be helpful to discuss the security policy with the client during a meeting or describe it in an email. By actively communicating these efforts, financial professionals and organizations demonstrate that they prioritize the protection of their customers' personal information and lay the foundation for trusted and effective relationships.

The rate of data breaches is higher than ever, especially among tax and financial professionals. Taking these measures to protect sensitive data is not only more effective and less costly than remediating data breaches, but it can also protect the trust between financial professionals and their clients.

This article does not necessarily represent the opinion of the Bureau of National Affairs, Inc., the publishers of Bloomberg Law and Bloomberg Tax, or their owners.

Author Information

Michael Borromeo is Stericycle's vice president of privacy. He has over 23 years of extensive and varied experience in data protection and cybersecurity.

We appreciate your funny and original thought: write to us