Online platforms are changing how CPAs work, offering new ways to engage with clients, colleagues, and the world at large. Social media is helping CPAs build stronger business relationships and recruit talent across the planet. This column touches on the benefits and opportunities social media provides to today’s CPAs and the importance of controlling or limiting the use of the new technology. While it is important to recognize the value and impact of social media, CPAs need to protect information and their reputations online.
It has been more than nine years since the launch of Facebook, and it now has a global audience of more than 1 billion people. In February, internet marketer Ignite Visibility released a report predicting that, in 2013, Facebook’s search interest (i.e., its appearance on search engine traffic and keywords) will be more than twice as high as LinkedIn, YouTube, Twitter, and Google. However, all of these sites will grow in 2013, the report said. LinkedIn proclaims that it is the world’s largest professional network, with more than 200 million members in more than 200 countries.
It is hard to imagine a practicing CPA not having a smartphone or tablet these days. These new communication devices provide greater productivity and efficiencies, allowing practitioners to stay connected to their businesses 24/7/365 if they choose. They can keep current on emails while waiting for a flight, respond to client requests from the golf course, take and send pictures, perform technical tax research, or send instant messages to employees in the middle of the night regarding a critical 8 a.m. meeting the following morning.
Like most businesspeople, CPAs leverage social media for business networking, lead generation, corporate and personal branding, and recruiting/job opportunities. According to The SocialCPAs Social Media Survey (released in December 2012) , more than 90% of CPA respondents said they actively used LinkedIn in 2012, followed by Facebook, YouTube, Twitter, Google+, Pinterest, and WordPress. The survey also found that more than 45% of these CPAs spent one to five hours a week on social media—roughly the same time they spent on traditional networking activities.
What does all this have to do with practicing tax and accounting? Considering that tax and accounting touch every business sector on every continent, the e-revolution allows anyone to work from anywhere, and accountants are motivated to build and retain business, the answer is that it has everything to do with tax and accounting.
Most financial services firms use social media to drive traffic to their websites and online traditional content about their services and expertise. They generate inbound opportunities from site users who search the internet or visit their sites directly for information about building their businesses and compliance. Many CPA firms and CPA employers in industry measure website users; request, track, and leverage user information from site downloads; and respond directly to web inquiries to generate leads and c reate new business opportunities. However, many CPAs are missing an opportunity to provide additional high-quality content that generates more traffic—content that can be pushed out through social media to attract new website users.
Social media is also an effective measurement tool for marketing. The Content Marketing Institute lists social media sharing third—behind web traffic and direct sales—as a measure of business-to-business content marketing effectiveness . Although the potential for content marketing has not been realized by CPAs, accountants are using social media for outbound opportunities. They have yet to leverage inbound social media beyond driving people to their websites, however. In contrast, some consumer-based companies have become extremely savvy about monitoring social media and responding to it. CPAs can monitor Facebook, Twitter, and LinkedIn for comments such as “anyone know a good #taxguy?” or “#taxes are killing my business!”
IT and Social Media Policies
More than half of the respondents to the SocialCPAs survey said they have never received social media training from their employers and do not monitor their online reputations. Yet more than 40% of respondents said they are concerned that use of social media could cause an unauthorized release of confidential information, and only one-third of respondents’ companies have written social media policies.
While there are many considerations for CPAs regarding effective management of social media, two professional ethical concerns stand out: (1) Practice and firm leaders must develop and disseminate information technology (IT) and social media policies for all employees, and (2) firms must develop procedures to ensure they follow IRS regulations governing improper disclosure of client information through marketing (i.e., Sec. 7216 requirements) and general aspects of tax practice before the IRS (i.e., the requirements of Circular 230, Regulations Governing Practice Before the Internal Revenue Service (31 C.F.R. Part 10)).
With social media come risks associated with online practices. What a person does online does not necessarily stay online; it usually filters back to the individual’s workplace and can even result in legal risks for the employer or loss of a client or prospective client. There may also be risks for firm employees. Some CPA firms look at the personal Facebook pages of new recruits for additional insight on the recruit’s lifestyle decisions and reputation. For this reason, it is essential for employers to institute an IT policy that encompasses social media. It also is essential for all professionals to monitor their postings to social media outlets with the perspective that nothing posted to these sites is 100% safe from unwanted (and potentially embarrassing) disclosure.
IT policies should cover confidentiality and security in full, with specific sections on privacy, monitoring, and acceptable use of IT, the internet, hardware, and software. Policies need to fully address what is permitted and prohibited, including:
- System and remote access;
- IDs and passwords, especially on emails, smartphones, and tablets;
- Access to client networks;
- Client data security and encrypted exchange methods, including client portals;
- Wireless, mobile, and LAN policies; and
- Personal use of all IT systems and web-based programs (e.g., Facebook, LinkedIn, etc.).
CliftonLarsonAllen’s IT policy is more than 30 pages. Its Risk Management Manual is 16 pages, and its social media policy is four pages—an indication of the detail these documents contain.
Social media policies should include guiding principles and cover protecting the firm’s reputation, using respectful language, refraining from offering advice or knowledge beyond one’s capabilities or on behalf of the firm, limiting access to certain websites, and using disclaimers. For example, a firm’s policy manual may include sections on employees’ demeanor on social media, privacy, legal liabilities, and special considerations for wealth advisers. The firm’s intranet also should offer articles on how to use social media responsibly and effectively and include tips on social media etiquette.
Resources abound for companies and firms to develop comprehensive policies. Smaller firms should consult their vendors and other professionals to develop IT and social media policies.
Tax Practice Social Media Policies
There is little specific guidance concerning social media in Treasury regulations or the AICPA Code of Professional Conduct. Many questions that might arise in applying existing regulatory and ethical provisions have not been fully explored.
The Internal Revenue Code prohibition of disclosure of client information generally has been limited to tax compliance undertakings, but recent revisions to the regulations address the potential disclosure violations that aggressive marketing efforts may create. Sec. 7216 imposes misdemeanor criminal penalties of up to $1,000 or one year in prison or both for improper disclosures of taxpayer information. Taxpayer information subject to the restriction includes the taxpayer’s name, address, and taxpayer identification number.
Violations generally entail disclosure of tax return information without privilege or client permission. Clients can consent to the disclosure of their information to third parties (e.g., outside the United States, banks, etc.), provided the consent is knowing and voluntary, does not condition providing services on receiving the consent, is obtained prior to any disclosure, is effective for only one year (if the duration of the consent is not specified in the consent document), and is evidenced by a written document that, for returns in the Form 1040 series, must be separate from the engagement letter.
CPAs may find themselves subject to these regulations when they engage in electronic marketing through websites, blogs, and social media. The regulations under Sec. 7216 require tax preparers to obtain consent from their tax-only clients to send marketing communications that do not contain tax-related information. CPAs must also obtain client consent prior to disclosing client information to a third party or mail house for distribution of marketing materials. However, no permission is needed to use information to contact clients to inform them of statutory changes, regulatory developments, and other tax law changes that may affect prior- or current-year tax returns. In addition, certain disclosures to professional liability insurance providers are not subject to advance client approval.
The Sec. 7216 regulations generally apply to disclosure of taxpayer information by a tax return preparer to a third party; they do not appear to apply to communications between a preparer and the client regarding preparation of a tax return. Therefore, requesting confirmation of, for example, a dollar amount for a deduction through a social media vehicle probably is outside these rules, but such communications may come under the rules if there is a risk they are not secure or can be accessed by nonclient individuals. Given these uncertainties, it is not advisable to use social media, as opposed to email, to gather tax return information.
IRS Circular 230
Perhaps the greatest concern about social media is the potential for damage to reputation—usually concerning content of a personal nature or inaccurate or fraudulent content of a professional or personal nature disseminated by a third party. Tax practitioners could face an added pitfall: They could lose their reputations, jobs, and the privilege to practice before the IRS. Subpart C of Circular 230 allows the Treasury Department to suspend, censure, disbar, or otherwise impose sanctions on covered practitioners (e.g., CPAs) who are shown to be incompetent or disreputable; who violate Circular 230 regulations; or who, with intent to defraud, willfully and knowingly mislead or threaten someone they are representing or may represent before the IRS (Circular 230, §10.50(a)). All of these issues can go badly with one negative comment or by tweeting sensitive client information into the cloud.
While politicians and celebrities may be able to bounce back after a social media blunder, public relations will not help tax practitioners who have to defend themselves before the IRS Office of Professional Responsibility. Of additional concern is the AICPA’s practice of treating members’ Circular 230 violations as situations that automatically require opening an ethics investigation, with the potential for additional censure by the Institute and referral to state ethics authorities.
Another area of concern is practitioners’ current practice of including disclaimer language at the end of every email. If a posting to a social media outlet is interpreted to be a covered communication under Circular 230, and if proper disclaimer is not made about the efficacy of the communication, the practitioner may be subject to penalties relating to the form and content of tax position disclosures. Since most boilerplate disclosure language is lengthy, it may not be feasible to include it in limited-space social media postings. Thus, one should avoid making statements on social media that might be interpreted as providing tax advice or rendering a tax opinion in any way.
AICPA Code of Conduct
The AICPA Statements on Standards for Tax Services do not directly refer to social media. However, in preparing returns, communicating positions, and communicating with clients regarding current and prior tax returns, CPAs must take care to use more formal and traditional means of communication. For example, while a brief posting might convey the need for the taxpayer to be able to support the technical requirements for deductions, such as travel, there is no paper trail upon which to rely if there is a controversy later about whether such communication was made. Even using email for such communications may not be advisable in most cases.
Given the potential for widespread dissemination of social media postings, CPAs must be aware of the AICPA Code of Professional Conduct requirements to protect the confidentiality of client information. Rule 301 of the code prohibits a CPA from disclosing confidential client information without the client’s specific consent. Again, practitioners should treat any potential posting to social media in the same way as oral and written communications regarding client matters.
Regardless of whether a social media posting violates regulatory or ethical provisions, there is always a risk that providing “too much information” could result in an embarrassing situation for the CPA, the client, or both. For example, a staff person who posts to Facebook that he is “working on a big tax provision review, and there are major problems” might disclose confidential information to his Facebook friends and followers. If one of the persons knows the client, it could result in embarrassment, a violation of one of the provisions stated above, or even a breach of federal securities law (for publicly traded clients). Perhaps the best advice is to train staff to refrain from posting anything on social media that they should not be disclosing in person to someone who is not the client or staff within the firm.
It is fascinating to think about business’s role in innovation and the importance of commerce in the development of technology, as well as the adoption of these innovations in public life. The first transcontinental phone line opened in 1915 and was commemorated in speeches by President Woodrow Wilson from the White House and AT&T’s president from Georgia. Today’s presidency has embraced the newest media sensation, with President Barack Obama and first lady Michelle Obama’s post-election hug reported by Media Bistro’s All Twitter blog as the most retweeted tweet of all time.
Now that social media has grown up, it is even more fascinating to think about how it can be used to build business. When it comes to being social, the benefits for bringing positive awareness to a firm’s expertise are manifold.
However, it is best to proceed with care and caution. More and more rules, it seems, require CPAs to protect client information. Yet, as technology develops, it becomes easier to send information around the globe. That is why CPA firms must get serious about developing policies to prevent information from going to the wrong parties and limit possible negative exposure by employees or partners working at the firm.
Thomas Purcell III is a professor
of accounting at Creighton
University in Omaha, Neb. Steven
Schamberger is a partner in the
national tax operations office at
CliftonLarsonAllen LLP. Prof.
Purcell and Mr. Schamberger are
members of the AICPA Tax Practice
Responsibilities Committee. For more
information about this article,