SaraEA

There are no "bitcoin companies." The blockchain is public, and the buyers/sellers are anonymous, which is one of the major points of the cybercurrency. There are exchanges and people have cyber "wallets" to hold their coins, but those are anonymous as well. IRS tried to get one of the big exchanges to reveal the owners with a John Doe summons. The exchange refused because the summons was too broad (all its clients), so the IRS rewrote with some more restrictive request. Don't know how that's been settled. For now, it seems people will have to self-report. We know how well that's worked out for the self-employed. I have a client who mines bitcoins and we've been reporting his gains for a few years. Last year he came in and enthusiastically showed me some IRS message that said only 830 people reported bitcoin transactions on their returns. He was quite proud that he and I were among the elite group. (Don't know why he included me--I just report his and don't own or even know how to buy one.) I sure hope he cashed in his entire wallet this year. At what, $5-6k each lately, he can certainly retire 20 years early.

I have a client undergoing a line-by-line audit right now. The auditor is not questioning the business miles (good thing--I don't think she has records) but only the total miles driven. The gal had oil changes in January of the year under audit and again in January the following year, so that's what we're submitting. She takes standard mileage, so the only difference the actual miles driven will affect is the percentage of property tax allotted to the Sch C. It's an older car and the taxes aren't much. Talk about nitpicking, when the elephant in the room is standing right there.

I don't want my password to be anywhere on my computer. If the wrong people get into the system, the password is there for their use. For this reason I won't use a password manager either. There is no reason to believe these cloud managers can't be hacked (or that anything can't be hacked for that matter). The way I get around the program timing out is to periodically click on something, anything, so it registers use. When I have lunch or am working on something on paper for an extended time, I leave my email page open and every so often just click on a message. There, you caught me eating lunch at my desk. I do what many experts recommend--keep my user IDs and passwords on index cards. Can't be hacked, and the security system would sound way before a crook found my stash of cards. Note I didn't say I leave passwords on sticky notes on the computer screen. Although my son, who works in IT, just gave me a password to a shared grocery store loyalty card: 1234. Haven't had anyone try to use my "deals" yet, but I'm sure it's coming. I'll blame him for lax security.

I'm no IT expert, but isn't masking what makes it nearly impossible to keep the bad guys out? I read that some of the big recent ransomeware attacks were run in ways that the origin couldn't be traced (with only a little bit of luck in discovering where the bitcoins paid as ransom ended up). The IRS has said that it is almost impossible to trace the origins of fake returns because the IP addresses are masked and often bounce between multiple servers. I guess it's even easier to mask caller IDs on phones. I'm constantly getting calls with the same area code and exchange as mine--only the last four numbers vary--both at home and on my cell. Today I received FIVE calls from "local" numbers, several with the person's name in the caller ID. No one left a message. Suspicious.... Can't the experts figure out a way to make IP addresses and phone numbers indelible? Sure would make your jobs easier, and our phones a lot quieter.

Not sure if this refers to the McGladry article or the court cases, but I want to share what I learned about case law in my master's program (which was a law course, taught by JDs, because the IRC is a law). Case law is like building a brick building, brick by brick, and never gets old unless the law itself changes. Courts routinely rely on previous decisions made by other courts, mainly adding clarity to a similar case or dissecting a nuance. In fact if there is no case law for a particular issue, courts go back to English Common Law--what the English settlers brought with them to America! While in academic writings we seek the "latest" research, in case law 1957 (or 1857) is just as good as 2017. When you're trying to gather substantial authority, don't be afraid to cite "old" court decisions. PS. Edsel is making a wise decision to pass this one on to someone bigger and smarter, with more E&O insurance.

At first I thought inventory too--no capital treatment. But if he is going to operate them for a year or two, that doesn't sound like inventory (unless he's in the business of selling used cell towers).

Catherine, I think some CPE providers stopped reporting to IRS once the courts ruled the agency couldn't require anything of PTIN holders. The professional tax associations still do, but I wonder about some courses run by CPA boards and CPE mills. I renewed my PTIN today without problems. However, when I tried to take our IRS liaison's advice and change my email address to something I will only use for IRS (to avoid every CPE provider sending me offers and crooks pretending to be clients sending me links to their documents to my work email), I discovered I could not change it. I could change everything else, including my name!, but not my email. I will contact the liaison on Monday. I usually renew the PTIN in late Dec. No point paying before I have to. Since there is no charge this year, there was no downside to renewing early. I am wondering, though, if EA renewals will go up in price. When IRS starting charging for PTINs, NAEA went to bat for us saying it was ridiculous for us to have to pay twice for background, CPE, and tax compliance checks. IRS responded by lowering EA renewal fees by A LOT. I just renewed this year so am good for three years. Anyone who has to renew soon please let us know if the fees go way up.

Now that IRS came to its senses and hired Experian to do the identity protection questions (and issued a stop-work order to Equifax), the agency says it will take them a little while longer to get up and running. Hopefully we will have eservices access without jumping through hoops for some time.

Abby, how do you make all those notations if the original document is printed in landscape? Crook your neck? I prefer to write on the paper copies as I work with them and scan when I'm done. Creative Solutions has a feature called "file cabinet." You can send completed returns, 8879s, 9325s, etc to the cabinet as well as docs from word, excel, faxes, emails, etc. There is even a place to put notes on the wall page. As we consider using ATX for more than payroll and 1099s, a fear we have is that if we do not renew Ultratax, will we still have access to our file cabinet? ALL our client data is in there! Letters we wrote for them, hand projections, client contacts, much more than their tax returns and raw data. A few years ago we did not renew CS Accounting. After the license ran out, we could view existing data but could not work with it. We had a few late 1099s to file and even though we had paid good money for the prior year program, we could not produce any tax forms or returns. I don't suppose asking them if we will have use of File Cabinet if we don't renew will yield a good answer. They'll probably say the whole thing will self-destruct if they sense an $18k account leaving.

I'd be wary of disabling auto updates. At least make sure security updates come through. On my machines with Windows 7, I chose only "critical" updates. These are usually security patches. I don't need the ones that "enhance your gaming experience."

You really can't make this stuff up. This disaster wasn't caught by Equifax but by a user of their website. Lucky it was Abrams, who has a 30-year career in IT security and knew exactly what was happening when the malicious software was downloading. He went into "professional mode" and tried again 30 times (and the malware attempted to download all 30), taking screenshots and writing up directions for what users should do when this happened. Equifax's response? "Out of an abundance of caution" we took that webpage down. An abundance of caution? Isn't that what you say when something doesn't appear to be a big or widespread problem but you want to keep your clients happy so are taking action even if the situation doesn't really call for it? After what just happened to them you'd think their IT would be like Fort Knox by now. The malware didn't affect the company, just the people going to their site for their free credit report, so what's the problem? Most decent businesses that have good privacy/security policies in place and actually follow them demand that their vendors have the same or better standards. Any company that still uses Equifax for credit data obviously doesn't follow this creed. I recently shopped my insurance and asked a potential insurer what credit reporting agency they used so I could unlock my frozen report for them. They said Equifax, and I said no dice, I'll try other insurers. One little problem is that the IRS is using Equifax. How do I stop doing business with them?

The Security Summit is working! Today I got two emails from IRS on this scam, one from Accounting Today, and another from NAEA. The partners in the summit are supposed to share info on new scams with each other and their constituents, and I see that they are in fact doing so. I don't think any of us would fall for this scam anyway since we know that legit emails from IRS never contain links but tell us to go to IRS.gov and log into our accounts. Speaking of which, their new website doesn't have the tax pro link. I used e-services the other day and actually had to google it to get there. Is it hidden somewhere I don't see? Yesterday Equifax admitted that almost 11 million driver license numbers were stolen along with everything else. This is what I've been afraid of. We still don't know exactly what data were taken, on whom. Anyone got a letter from Equifax yet telling you that you were a victim? They said they'd be sending them. When? And what good will they do if three months after they discovered the theft they are still learning what data were breached? With all that non-credit info out there, there is no way IRS will be able to tell the thief from the real taxpayer when those zillions of fake returns get filed. The crooks will be able to answer more of the identity verification questions correctly than we will.

Microsoft had a security update last night. Is that the software that was installed and not ATX? With tax policy being in such limbo in Washington, I'd be surprised if any company has an organizer ready until next spring. Remember a few years ago when Congress was in the habit of passing retroactive tax legislation the week after Christmas? IRS did an amazing job getting the most common things up and running for the start of tax season, but there was one year when education credit forms and AMT weren't ready until March. Not helpful for those who needed to fill out FAFSAs.

FDNY, do NOT give your work away! You spent time with the client, talking with the husband, being threatened by the son in law, and on this board trying to figure out what to do. A consultation fee concerning marital filing status is in order. You better believe we are charging a representation fee to our client who was so lucky to be selected for the NPR. She initially tried to handle this herself and had the auditor at her home office for an entire day (where said auditor also used her microwave). That got too intimidating so we were hired to take over. I don't think we'll add the cost of the Keurig cups, but we have spent a lot of time putting things in the order of the three-page list of documentation requested. I also did research contesting some things the auditor doesn't seem to know (like amortizing points on a refinanced mortgage), complete with legal citations. Yes indeed, we will charge. Anyone ever been through one of these audits? They are awful. Every single number is questioned and has to be documented. Our client keeps good records, but there are a lot of things we'll have to concede. She takes standard mileage, for example, which the auditor is not questioning, but is questioning the total mileage driven during the year. Only difference it makes is the ratio of property taxes that go on the A and C. It's not much money, so put it all on the A if you want. Geez.

Be careful with these clients who just give you contribution totals. One of our clients was randomly selected for a line by line audit as part of the National Research Program. She has pretty good records of how much cash she put in the church plate every week, but the auditor won't accept it. We all know the rules about having proof for ALL cash contributions. About $6k deduction down the drain. Interestingly, he did accept the undocumented Goodwill donations of $350. Some auditors have their own entertainment value. This one has been in our office several times, puts his lunch in our frig and warms it in our micro, and dug around to find the Keurig cups. FDNY, CA is a community property state. I don't know where the marriage took place, or if your client owned the rentals before the marriage. This could be something a quickie divorce won't cure. Your client needs an attorney.

I usually wait a week after faxing a 2848, and it's always in the system. I guess you could try in a couple of days and see. And Abby, I remember the uproar from the tax professional community after IRS stopped accepting the form electronically. I think they just said no one used it. The real reason was that they were afraid some of us might be unscrupulous and enter the client data without the signed form. (Did anyone on this board ever get audited and asked to produce the signed doc?) Or worse, maybe there was evidence that the bad guys were using the system but IRS didn't want to raise alarms. Every time it comes to light that criminals are using IRS systems, e.g., recovery of IP PINs, FAFSA uploads, getting a PIN without last year's AGI, the media report it as a "hack" when it is really caused by the crooks having enough info on the taxpayer to impersonate. Like all the identifying info Equifax has on each of us such as where we lived or worked or what ice cream flavor we prefer--we still don't know whether or not that non-credit-related info was taken in the data breach.

I am puzzled by all the recent proposals to encourage companies to create jobs here in the US. The unemployment rate is so low right now that the nation is about at "full employment." It will do no good to encourage companies to make more jobs available if there aren't enough workers to fill them. The movement to repatriate jobs to the US was pretty strong for awhile, for logistical not political reasons, but will have to slow if those jobs can't be filled. How about a credit to create better paying jobs? Maybe that will boost wages that have stagnated for so long.

Write to your federal representative and Senator NOW! Equifax still has not notified those people who were victims and has not said exactly what information was stolen. Sure, "maybe" they got birthdates and SS#s, but did they get the personal data that Equifax has amassed about our personal and financial histories? Until we know exactly what was taken, on whom, the IRS must steer clear.

I read an IRS notice today (sorry, the link is on my work computer so I can't share it now) telling us the changes to expect in eservices later this month. We now have to register through something like "Secure Access." Yes, even those of us who went through the other registration they demanded not long ago. If it wasn't through the secure system we have to do it all over. And yes, the notice stated if our credit report at Equifax is frozen, we will have to unfreeze it. Apparently the questions they ask so we can prove who we are come from Equifax's database (e.g., how much your mortgage is or where you lived 100 years ago). Talk about infuriating! To date Equifax has not notified anyone whose data were stolen. (Website is useless, so take heart NECPA, maybe you weren't all hacked after all.) And there is no word on exactly what info was taken. It "may" have been birthdates and SS#s, but was it also our mortgage payments and where we lived 100 years ago and all the rest of the history Equifax keeps on us? If the hackers have that, they can save us all the trouble of having to swim through the hoops IRS is imposing to access eservices and just do it for us. IT people are still in a state of shock that the company didn't notice 143 million files were transferred from their servers over a month or two. That amount of increased traffic should have raised multiple red flags. Maybe their IT music major guru did notice and just added server capacity.

Maine just takes a flat percentage of the sales price for out of state residents and the taxpayer has to file a ME return to get their money back. The states probably know too well that they will never hear from these nonresidents unless they hold some of their cash.

According to IRS, we don't all need IP PTINs: This from a NAEA newsletter: "Equifax Update Also during Thursday's NPL Practitioner meeting, IRS relayed information about the Equifax data breach affecting roughly 143 million taxpayers. According to IRS, the data breach exposed names, SSNs and mailing addresses; however, this information would likely not be very helpful when attempting to file a successful return since the Security Summit has 37 data point filters and new processes in place that would likely prevent the processing of a return without additional filing information. IRS clarified that at the time of the NPL meeting, affected or compromised taxpayers should only contact IRS through Form 14039, Identity Theft Affidavit, if they KNOW for a fact that someone is attempting to use their data for refund fraud and not if their information was included in the data obtained by the hackers during the breach. IRS will release updates on the breach when more information is available." I still have concerns. We still don't know whose info was hacked and what data were included. We now know that Equifax collects a lot more than credit history, including employer, AGI, dependents, etc. That info may be just what the hackers need to successfully file fake returns. When will we know exactly what was taken and exactly who are victims?

Our IRS liaison suggested we get an email account that will only be used for IRS (e.g., a gmail acct, or if your email provider lets you register more than one set it up). He showed a random page from the freely available IRS data base and I knew about five people on it; their email addresses were all there. The separate account will hopefully keep your real acct free of the urgent emails from potential "clients" who somehow picked you sight unseen and are sending a link to their tax docs, the incessant offers for CE courses, the barrage that comes from PTIN.org, and the phishing attempts that look like they're from irs.gov. I hadn't gotten around to setting up a separate account so I appreciate the IRS reminding us of the opportunity to change our address at PTIN renewal time.

Today I put freezes on the credit histories of both me and my husb. No problems at all--all three major sites worked smoothly and no delays (haven't done Innovis yet--got weary of the process; tomorrow is another day). So for anyone who hasn't done so yet, the overload problems seem to have been corrected. I also contacted our Senator, who has been a dedicated consumer watchdog for decades and seems to have carried on as such in the US Senate. Asked him where he was in all this--it's his bailiwick after all. Also asked him to encourage IRS to issue IP PINs to everyone who requests one because to date Equifax still has not notified those who were victims and tax season is just a few months away. The website that is supposed to tell people if they're among the victims is not functional but gives random answers. Asked him to demand that they notify actual victims because everyone is sitting on pins and needles. Oh, and to see what he can do to put the company out of business. Surely they've broken enough laws to forfeit the right to operate. I delayed instituting the freezes because we were shopping our auto and home insurances. One place I called was highly rated Amica. I asked which credit reporting bureau they used and they said Equifax. I said I wouldn't do business with a company that pays Equifax to not take security of our data seriously. Perhaps this is the only way to take them down--encourage their customers to leave. I read today that hackers are targeting SIM cards in phones. Once they get that they can have emails and two-factor identification notices sent to them, so these supposed extra layers of security can be useless. The internet as we know it has got to change....

Joint ventures are usually for a single purpose--e.g., let's get together and develop a website app vs. let's go into business together developing website apps. Spouses get different treatment. Read the IRS definitions. And talk about shareholders calling themselves partners....we had a partner in a fairly big business who waltzed in the late afternoon of Sept 14 with her records she'd been promising to bring in for months. I told her there was no guarantee it would be done in time and explained the penalties per partner for filing late. She told me she wasn't a partnership but an LLC. The gal has been in business for 20 years and doesn't even know what entity she operates under???? Have to wonder how she's so successful.

Many partnership agreements are verbal, and that is okay with IRS If this one is, get something from the partnership stating that all partners are responsible for their own mileage, cell or whatever. Be careful if this physician also works elsewhere. You'll have to pro-rate expenses like license renewals, malpractice insurance, board memberships, medical journals, etc. I usually do it by income at each work site.