The IRS just released IR-2025-83, calling on tax professionals and firms to take immediate steps to protect client data with stronger digital safeguards.
This includes using multi-factor authentication (MFA), setting up IRS Online Accounts, and activating Identity Protection PINs (IP PINs) for both preparers and taxpayers.
This push is part of the IRS’s broader effort under the Security Summit initiative, a public-private partnership aimed at reducing tax refund fraud and protecting sensitive taxpayer data across the ecosystem.
The announcement serves both as guidance and a warning. The IRS is now strongly encouraging (and may soon require) the following:
The IRS has reported increasing attempts by cybercriminals to impersonate CPAs, steal PTIN credentials, and file false returns. MFA and IP PINs are first-line defenses.
Hackers are no longer just targeting individuals they’re infiltrating tax preparers’ systems, especially smaller firms with weaker infrastructure. If you handle sensitive client data, you’re already a high-value target.
A single breach can trigger IRS investigations, client lawsuits, E&O insurance claims, and reputational damage. Implementing these tools costs far less than recovery.
Multi-Factor Authentication:
IRS Online Account Access:
IP PIN Enrollment:
While the guidance is still framed as a recommendation, regulatory expectations are trending toward eventual enforcement especially for EFIN holders and professional firms filing high volumes of returns.
The IRS’s Security Summit is expected to expand public-private verification efforts heading into 2026, including third-party authentication services and AI-driven fraud detection models.
As tax practitioners, we are stewards of sensitive personal and financial data. In 2025, that duty now includes cybersecurity diligence. Don’t wait for a breach or a regulatory mandate to act.
Need help tracking evolving IRS security requirements or drafting firm-wide procedures?Bizora’s AI assistant can help you research compliance rules, build client education workflows, and ensure your practice stays ahead.