The IRS and its Security Summit partners have made multi-factor authentication (MFA) mandatory for tax professionals to protect clients' sensitive information.
The requirement, part of the Federal Trade Commission’s safeguards rule, aims to strengthen account security by adding an extra layer of authentication beyond a username and password.
Implementing MFA is a cost-effective way to enhance security and reduce the risks of fraud and data breaches. The public is already familiar with MFA, as many smartphone users and online banking customers regularly use it.
The IRS urges tax professionals to implement MFA across all services and data access points, regularly evaluate their current methods, and offer a variety of authentication factors.
Failure to use MFA constitutes a violation of FTC safeguards rules. In the event of data theft, tax professionals should report the incident promptly and follow the recommended steps to mitigate the impact. Read more.