Were they simply concerned that it could be done, or did they have suspicions that it HAD been done?

There's a difference.

They can no more protect your PTIN than they could protect your SS# before PTIN's were instituted.

Someone could simply transpose numbers and would end up using your PTIN instead of their own.
I would think that there should be some form of checking if the name and PTIN don't match.

But I guess we shall see.

Linda, EA

I think the primary purpose of the PTIN is to protect our SS numbers. The PTIN isn't attached to our credit cards, our bank accounts, our personal financial records, our credit reports........................

The IRS has transformed the PTIN into a means of identifying those of us that are authorized to prepare tax returns.

Eventually, PTIN's will just be replaced by IRS employee numbers.
That seems to be the direction we're headed. ( minus the pay & benefits)

Use of incorrect PTIN

I'll just make a few observations on this.

As oceanlovin' ea pointed out, the use of an incorrect PTIN could potentially occur as a result of a clerical error or an honest mistake.

I think intentional, fraudulent use of a PTIN by a person other than the true tax pro is and will always be rare. If it hasn't been implemented yet, the IRS will, sooner or later, develop a way to easily match the PTIN with the name, and the return will reject if they don't match. So a criminal would then have to use both your PTIN and your name.

As I have noted in earlier posts--

If the IRS asserts that you prepared and electronically filed a return that you did not actually prepare or electronically file, a proper investigation of the matter should produce plenty of evidence to exonerate you.

How long would such an investigation take? I have no idea. Is it possible that in the early stages, you might have to deal with a mental midget at the IRS who just doesn't get it? Yes, that's possible. Would you need to retain counsel? Probably not. Would you need to get into a formal proceeding or disciplinary process where you might need to use a subpoena to obtain evidence to show that you did not file the return? Maybe. But it probably wouldn't be that complicated.

I just don't see this as a major issue.

Suppose a criminal launched a really sophisticated scheme, in which they were using not only your PTIN, but also your EFIN and your firm's EIN. They file a bunch of fraudulent EIC returns, with bogus W-2 data, and route the refunds to prepaid debit cards. This goes on for four to six weeks, during which they collect $35,000 in fraudulent tax refunds. Then they quietly disappear.

They still had to pay for electronic filing somehow.

Any return that is e-filed by a tax pro is easily traceable through the transmitter. For most of us, the transmitter is the same company that is the software vendor, or an entity that is closely related to the software vendor.

If the person using your PTIN is using the same software that you are, then the transmitter is going to see two different e-file accounts with the same PTIN. That by itself is a red flag, which should prompt an inquiry to you from the transmitter. Even if they ignore it, the existence of two accounts proves that someone was impersonating you. Plus, the fraudulent e-filing account with have a different payment source than your legitimate account.

If the person using your PTIN is using different software, that might make it more difficult to catch early in the game. But in a comprehensive investigation after the fact, there would be still be a fabulous electronic trail that would show, beyond any doubt, that the bad returns were not filed from your office. If a tax pro asserts that certain e-filed returns that contain his PTIN were not actually filed by him, the fact that they were filed through a different vendor is enough evidence to support a full-blown investigation.

I realize that some tax pros actually switch vendors mid-season. And a microscopic number of us actually use two different vendors throughout the season, for testing or evaluation purposes. And a few guys might work at two different firms. But that's the exception, not the rule.

If the IRS asks you about a return that you didn't file, and you say you didn't file it, the first thing they should be looking at is the vendor and transmitter, and the originating IP address. The next thing to look at would be the e-file account data maintained by the vendor, i.e., payment source and billing address.

E-filing is very traceable.

If you're a real nut case, you might be able to go out of town on vacation, visit a public library, use a public computer to create a new Yahoo! or Gmail account with a fictitious identity, and then send some really threatening, potentially criminal communications to someone you don't like. And they might never be able to identify who sent those messages.

Bu you can't do that kind of thing with professional tax software. There is a solid, secure electronic trail that can't be easily spoofed or erased.

Our PTINs are not "safe." But I don't think they are in danger, either.

They are no more vulnerable than Wal-Mart's EIN.


BMK