Guardrails, Read This Before You Use AI on Client Work

Every module in this library links back here. AI can save you real hours, but you're a licensed professional handling other people's money and confidential data, and the rules that govern you don't pause because a tool is new. These are the five rules that keep AI use safe, compliant, and defensible. Make the compliant path your default path and you never have to think about it again.

1. Never put client PII into a consumer AI tool

PII = names, SSNs, EINs, account numbers, addresses, and identifiable financial detail.

Consumer chat tools may retain or train on what you type. Before you paste anything, ask: "Would my client be comfortable knowing this is sitting in a chat log?"

Do this instead:

• Anonymize. "The client," "$X," "[STATE]," "Entity A." The AI's help is just as good on a scrubbed fact pattern.

• Or use a firm-approved enterprise/business tier of a tool whose terms contractually exclude your inputs from model training, keep retention low, and keep processing in the U.S. (e.g., Claude/ChatGPT Team/Enterprise plans). If you'll routinely work with real client context, this is the right setup, not the free consumer app.

• ⚠️ Enterprise is not a magic word. Sending tax return information to any third-party tool (even enterprise + zero-retention) is still a disclosure under §7216, it's just a much more defensible one. It's safe without separate client consent mainly for low-level prep support (OCR, summarizing, extracting, classifying, formatting, workpaper cleanup) used only to prepare that client's return. Using it for substantive tax advice, offshore access, or anything the vendor trains on puts you back in "get consent or don't." See Regulatory Foundation for the full tool-tier analysis.

2. Know your data-protection obligations, they apply to AI tools too

Two rules specifically reach AI use:

• IRC §7216, As a tax return preparer, you generally cannot disclose or use a client's tax return information without their consent. Sending that information to a third-party AI service can count as a disclosure. Get the consent, or anonymize so there's nothing to disclose.

• FTC Safeguards Rule (Gramm-Leach-Bliley), Your firm is required to have a Written Information Security Plan (WISP). Any AI tool you adopt should fit inside it: data-protection terms, access controls, and no training on your data. If a tool can't meet that, keep client data out of it.

When in doubt: anonymize, or use a firm-approved tool. That one habit covers most of your exposure.

3. AI is not a source of law, verify every citation

General AI models (Claude, ChatGPT, Gemini) confidently invent Code sections, Treasury Reg cites, case names, rulings, and dollar thresholds that look perfect and don't exist.

• Use general AI to frame the question, structure the analysis, and draft the memo, not as the authority.

• For answers you'll rely on, use citation-grounded tax research tools (CCH AXcess Intelligence, Thomson Reuters CoCounsel, Blue J, TaxGPT, etc.) and confirm every cite against the primary source before it goes in a memo, return, or client answer.

• If you can't verify a citation, treat it as wrong until you can.

4. You are the reviewer of record

AI drafts, organizes, and speeds you up. You review, decide, and sign. Nothing AI produces goes to a client, a taxing authority, or a workpaper file without your competent review. This isn't just good practice, Circular 230 holds you to competence and due diligence, and your state board and the AICPA Code of Professional Conduct hold you to professional judgment that you cannot delegate to a model.

5. Stay inside your professional standards

• Circular 230, competence, due diligence in practice before the IRS.
• AICPA Code of Professional Conduct & Statements on Standards for Tax Services (SSTS), integrity, objectivity, due care, confidentiality.

• SSARS / GAAS, if your work includes compilations, reviews, or audits, the standards (and independence requirements) still apply to AI-assisted work product.

• Your state board of accountancy, you're licensed at the state level; when a rule turns on jurisdiction, check your board.

The one-line version

Anonymize or use a firm-approved tool; verify before you rely; and remember the license, and the signature, are yours, not the AI's.

If anything in a module ever seems to conflict with this page, this page wins.

Want the "why" behind these rules?

See Regulatory Foundation for the cited, fact-checked detail on each obligation, IRC §7216/§6713 consent mechanics, the FTC Safeguards Rule/WISP service-provider duties, the revised SSTS, and the proposed Circular 230 technological-competence amendment, plus a pre-flight checklist and an honest list of what's still an open question.