“When it comes to taxes, there are two types of people. There are those that get it done early, also known as psychopaths, and then the rest of us!” (thanks, Jimmy Kimmel)
Fun tax fact (if there is such a thing?): This year in 2020, the IRS expects to receive around 155 million individual income tax returns (15.3 million filed via paper and 139.8 million electronically filed, aka e-filed). As of February 28, 2020, the IRS received approximately 59.3 million tax returns, of which more than 56.7 million (95.7%) were e-filed.
Not-so-fun tax fact: As of February 29, 2020, the IRS reported that it identified 30,038 tax returns with approximately $135.6 million claimed in fraudulent refunds and prevented the issuance of $133.5 million (98.5%) of those refunds. This represents a 751% increase over the number of fraudulent tax returns identified during the same period last filing season.
Could e-Signing – or digitally signing – your tax return with a secure, trusted and vetted digital identity have reduced those fraudulent returns? Possibly... Let’s explore.
Way Back in 1998
According to the IRS, section 2003(a) of the Internal Revenue Service Restructuring and Reform Act of 1998 (RRA 98) amended an earlier rule to direct the Secretary of the Treasury to “develop procedures for acceptance of signatures in electronic form.” It further states that in the interim, “the Secretary may waive the requirement of a signature on an electronically filed tax return or provide for alternative methods of signing.”
Its purpose? “Implementing general standards and guidelines for electronic signatures will encourage the use of electronic signatures in the tax industry.” Has it worked? Yes…and no.
Electronic and digital signatures (remember the difference?) have the same legal status as handwritten signatures throughout the United States, thanks to the ESIGN Act and the Uniform Electronic Transactions Act (UETA). Our friends at Adobe Sign and DocuSign have extensive information regarding their own compliance with UETA.
Today, you can sign your tax return electronically by using a Self-Select PIN, which serves as your digital signature when using tax preparation software, or a Practitioner PIN when using an Electronic Return Originator (ERO). The IRS says:
“Remember to use the Self-Select PIN method when you're using tax preparation software. The Self-Select PIN allows you to electronically sign your individual income tax return by selecting a five-digit personal identification number (PIN). The PIN can be any five numbers (except all zeros) that you choose to enter as your electronic signature PIN.
If you're filing a joint return, each spouse uses his or her own PIN. As part of the authentication process, each taxpayer also enters his or her date of birth and either his or her original prior year adjusted gross income (AGI) or Prior year PIN as proof of identification.
There’s also the Practitioner PIN method that paid preparers (accountants, tax services, etc.) use and doesn't require a prior AGI amount or prior year PIN. When using an ERO, you must always complete and sign an authorization form such as the Form 8879, IRS e-file Signature Authorization. Under this method, you authorize your tax practitioner to enter or generate your PIN.”
ERO’s use third-party software services like Adobe Sign and DocuSign, combined with third-party Trusted Signature solution providers like GlobalSign, to digitally sign your tax forms in a much more secure manner than standard eSignatures. In fact, these platforms for digital signatures can be used for a wide range of online documents apart from IRS forms, including contracts, invoices, work orders, project estimates, school forms, permission slips, leases, rental agreements, NDAs, and bank documents.
Here’s a Real-World ERO Success Story
Named by the Telegraph as “one of the UK’s most prolific business software providers,” IRIS develops unique digital solutions designed to help organize and manage critical tasks like accounting, tax filing, HR, and payroll.
With IRIS, the customer uses the software to generate their clients’ tax returns and other financial documents. Clients are notified via email when they have a document awaiting approval. From there they are directed to a secure portal where they can approve the document, after which the accountant would be notified that the process has been completed. Then along came GDPR!
To keep end user information secure, following the terms set forth in the General Data Protection Regulation (GDPR), IRIS needed the involvement of a publicly trusted certificate authority that could administer compliant digital signatures, right from within the OpenSpace platform. IRIS ultimately decided that GlobalSign’s Digital Signing Solution would seamlessly integrate within the OpenSpace platform while ensuring user data was fully protected in accordance with GDPR guidelines.
GlobalSign’s digital signing service is cloud-based which made it simple to integrate into the OpenSpace platform with a single REST API. The public key infrastructure (PKI)-based signatures offer the highest level of security, assuring that signers are who they say they are.
IRIS developers worked directly with GlobalSign’s team of technical experts to implement and deploy the digital signing service over the course of one month to all of the software company’s accountancy users. The results thus far include:
Improved platform performance during busy times of the year, including tax season
3,000 active accountancy practices using the product, with half a million end users
Approximately 150,000 signatures per month for upwards of 1 million signatures over the course of the year
Possibility to expand the solution into other customer groups, including HR and payroll
Rules of 3 – Let Them Be
Here are 3 rules that the IRS has laid out as a guideline for eSignature security that signature platform providers and EROs must abide by. That PDF is lengthy (IRS guide writers must get paid by the word) but here’s a summary of the good stuff:
1) Identify the taxpayer who signed the document
The e-signature/digital signature solution must record each signer’s personal information, including their date of birth, name, social security number, and address. It also verifies the taxpayer’s identity by checking if the information they provide is consistent with the data received from record checks with credit bureaus or similar databases.
With remote signing, the e-signature solution must use knowledge-based authentication (KBA) to verify the taxpayer’s identity. This process typically involves asking the signer a series of detailed questions generated using information found in public databases. This information typically cannot be known by anyone other than the signer.
In keeping with the requirements put forth by the National Institute of Standards and Technology, the e-signature solution must keep a record of the signer successfully passing this authentication test. However, if a signer doesn’t clear the questions within 3 tries, he or she must authorize the documents with a handwritten signature.
2) Ensure eSignature validity while keeping the document tamper-proof
In order to maintain the integrity of these electronic records, the e-signature solution must ensure that the e-signature provided by the taxpayer is valid. This verification is completed by linking the e-signature to its associated electronic record.
It should also be impossible to remove, copy, or transfer the e-signature to falsify a digital record. In other words, the e-signature solution must employ techniques that prevent the document from being modified in any manner.
3) Provide a digital paper trail
In order to comply with IRS requirements, the eSignature solution must record a digital image of the signed form. It must also include other details such as the date and time at which the document was signed, the taxpayer’s IP address, his or her username (login details), and the KBA results following the completed identity verification process.
It is also critical to ensure that your chosen eSignature solution offers a digital audit trail confirming that the signer completed the entire process. This way, the Electronic Return Originator (ERO) will be able to provide proof for the IRS if needed.
Can all taxpayers use the eSignature option? Nope. The eSignature option is only available to taxpayers e-filing their tax returns through an ERO, who uses software that provides identity verification and e-signature (like Adobe Sign or DocuSign, partnered with a Trusted Digital Certificate provider like GlobalSign). To meet e-signature requirements, the ERO must be able to record the taxpayer’s name, social security number, address and date of birth electronically for identity verification purposes.
A Bit More About ERO’s and Frequently Asked Questions.
A thorough yet short read from the IRS is their official IRS Guideline of Frequently Asked Question about eSigning, covering questions about ERO’s, as well as what e-signature methods are available and how the software should perform identity verification.
OK, had enough? Good. So, go ahead all of you honest taxpayers—apply your new digital signature to those IRS forms. Minimize printing, signing, and mailing. Rest assured, these advanced digital signatures are compliant with the U.S. Electronic Signatures in Global and National Commerce Act (ESIGN) and are legally binding and fully enforceable. Digital signatures provide stronger levels of authentication, have an audit trail attached to all documents, and are maintained by a trusted third party, like GlobalSign. Good luck!