The IRS Electronic Filing Identification Number can be suspended or revoked for data security failures, taxpayer data breaches, or pattern-of-noncompliance.
An Electronic Filing Identification Number (EFIN) lets a firm e-file tax returns. The IRS treats EFIN issuance as a privilege contingent on suitability, which includes data security. Failure to safeguard taxpayer data, failing to report a data theft, or repeated security incidents can result in EFIN suspension or revocation. The IRS publishes EFIN security requirements in Publication 3112 (IRS E-file Application and Participation) and supplements them through Publication 4557.
Losing your EFIN means losing the ability to e-file. For most firms that is a business-ending event. The IRS expects firms to report taxpayer data theft within 24 hours via the IRS Stakeholder Liaison and to maintain a WISP. EFIN reviews can be triggered by client complaints, suspicious return patterns, or data breach reports. The EFIN and the WISP requirement are operationally linked.
The 58-Control Register module handles this for your firm, personalized to your software, team size, and state requirements.
See plans and pricingThe IRS requirement that tax professionals attest to having a Written Information Security Plan when renewing their Preparer Tax Identification Number.
A documented set of policies and procedures describing how your firm protects sensitive client data.
The legal requirement to notify affected individuals, regulators, and sometimes law enforcement when personal data is exposed in a security incident.
Buy the WISP yourself if you need the document.
Talk to us if you want the platform.
We use cookies to measure site performance and improve your experience. No data is sold to third parties. Privacy Policy