Section 7216 – requesting client permissions

By Rickard Jorgensen, FCII, ARM, ACIArb We would recently approached by a policyholder about affirmative consent requirements imposed by IRS regulations under Internal Revenue Code section 7216. Under the code, a tax return preparer is subject to criminal penalties under section 7216 if the preparer “knowingly or recklessly” discloses or uses tax return information. A […]
- Posted by
jorgcpa
- Posted in Accountants' professional liability insurance, Accountants' risk management, Client permission, Data protection, engagement letters, IRS cyber rules, Uncategorized
Mar, 06, 2020
Comments Off
Police Warn of New ‘Line-Trapping Technology’ Being Used to Scam People Over the Phone

A new piece of sophisticated technology is being used by fraudsters to scam unsuspecting people over the phone. Police said a woman in the New York Region received a call earlier this month and was told by the scammers she had been a victim of identity theft. Police said the woman was directed to call […]
- Posted by
jorgcpa
- Posted in Client relations, coverage limitations, criminal behaviour, Cyber Liability, Cyber resources, Cyber risk management, data breach, Data protection, due diligence, email risk management, Fraud, Fraudulent Wire Transfers, Phishing scams, policy coverage, policy wording, social engineering
Jan, 13, 2020
Comments Off
Security Policy for CPA firms – a template

We have received several enquiries from members of the CPAGold™ program for help with a suggested wording for a Cyber Security Policy as required by the IRS rules. As you will be aware, there is a lot of information available about this topic. One of the best white papers is Small Business Information Security: The […]
- Posted by
jorgcpa
- Posted in Accountants' professional liability insurance, Cyber Liability, Cyber resources, Cyber risk management, data breach, Data protection, email risk management, IRS cyber rules, Phishing scams, Privacy, risk management, security, Security policy, social engineering, social media, Uncategorized
Jan, 13, 2020
No Comments.
The future of privacy starts in California

By Rickard Jorgensen, FCII, ARM, ACIArb You may recall the recent blog postings in connection with the CCPA in California: http://cpagold.com/2018/11/consent-armageddon-is-coming/ http://cpagold.com/2018/11/are-new-statutory-claims-covered-by-your-cyber-policy/ http://cpagold.com/2018/11/california-privacy-laws-gdpr-ii/ The California Consumer Privacy Act of 2018 ["CCPA"] is effective Jan. 1, 2019 will give Golden State residents the right to find out what a company knows about them and get it […]
- Posted by
Rickard Jorgensen
- Posted in Accountants' professional liability insurance, Accountants' risk management, CCPA, Client records, Client relations, Cyber Liability, Cyber resources, Cyber risk management, data breach, Data protection, file documentation, GCPR, Privacy, Uncategorized
Nov, 05, 2019
Comments Off
Equifax breach settlement

by Rickard Jorgensen, FCII, ARM, ACIArb. You may recall that in September 2017 we reported on the data breach suffered by the national credit reporting agency. Go here for the article. According to Reuters — Credit reporting company Equifax Inc. will pay up to $700 million to settle U.S. federal and state probes into a […]
- Posted by
jorgcpa
- Posted in Cyber Liability, Cyber resources, Cyber risk management, data breach, Data protection, equifax, Phishing scams, professional liability claims, risk management, security, Uncategorized
Jul, 22, 2019
No Comments.
Data Breach and Insider Trading

CPAs practicing in mergers and acquisitions are familiar with the sensitive nature of their work and the potential for abuse of the information obtained. In addition to the conflict of interest created by trading on that information themselves, they must take extensive precautions to ensure that they do not allow that information to slip to […]
- Posted by
Rickard Jorgensen
- Posted in Accountants' professional liability insurance, Client records, Client relations, Cyber Liability, Cyber resources, Cyber risk management, Data protection, Fraudulent Wire Transfers, policy coverage, risk management, security, Uncategorized
Mar, 11, 2019
No Comments.
How To Protect Your Accounting Firm From a Cyber Attack

By Nick Matarazzo A data breach can wreak havoc on your business and its reputation. Not to mention the fines incurred and countless hours you will spend reviewing your computers and the source of the threat. Research suggests that 90% of cyber attacks stem from a phishing or social engineering attack. Educate your employees about […]
- Posted by
jorgcpa
- Posted in Cyber Liability, Cyber resources, Cyber risk management, Data protection, policy coverage, policy wording, risk management, security, sextortion, social engineering, social media, Uncategorized
Dec, 14, 2018
No Comments.
SOCIAL ENGINEERING/WIRE TRANSFER FRAUD – A NEW TWIST ON AN OLD SCAM.

by Rickard Jorgensen FCII, ARM, ACIArb. As we discussed in prior postings, social engineering is a major problem for CPAs. Go to: here for risk management advice and here for coverage details Social engineering is a deception to manipulate individuals into carrying out a particular act, such as transferring money, handing over confidential information or […]
- Posted by
Rickard Jorgensen
- Posted in Bad policies, Cyber Liability, Cyber resources, email risk management, Phishing scams, risk management, security, social engineering, Uncategorized
Nov, 13, 2018
No Comments.
Cybercrime Uses Social Engineering Techniques to Steal Employee Credentials and Commit Payroll Diversion

By Rickard Jorgensen, FCII, ARM, ACIArb Recent developments clearly shows the urgent need for security awareness training. The FBI warned September 18, 2018 about new criminal campaigns that target the online payroll accounts of employees in a variety of industries. METHODOLOGIES “Cybercriminals target employees through phishing emails designed to capture an employee’s login credentials. Once […]
- Posted by
Rickard Jorgensen
- Posted in Cyber Liability, Cyber resources, Fraud, Phishing scams, social engineering, Uncategorized
Oct, 03, 2018
No Comments.
SEXTORTION – a new aspect to cyber crime and CPAs.

by Rickard Jorgensen, FCII, ARM, ACIArb Sextortion attacks against professional firms, including CPAs, are not uncommon and increasing in frequency. Sextortion is a form of blackmail in which sexual information or images are used to extort sexual favors or cash from the victim. The FBI offers an explantion of this new crime here. However, recently […]
- Posted by
Rickard Jorgensen
- Posted in Cyber Liability, Cyber resources, Fraud, Phishing scams, risk management, security, sextortion, social engineering, Uncategorized
Aug, 12, 2018
No Comments.
Search Posts
Recent Posts
- Pandemic-related challenges likely to impact your firm in the immediate future
- Conservation Easements – the next wave of malpractice claims against accountants and tax preparers?
- Some Broad Guidance for CPAs on the Post-COVID-19 Reopening of Your Office
- Back to Work: Assistance for Employers
- Our first COVID-19 related claim against a CPA Client