← Back to the Library
Library · Guide

Lesson 1: The Big Picture

← Study Guide home · Lesson 1 of 12

Why this matters and what's at stake

Learning Objectives

After completing this lesson, you will be able to:

What Changed

It is easy to think of AI as just another software category, like adding a new cloud backup tool or switching to a new research platform. That framing is wrong, and it is worth understanding why before diving into the regulations.

When you use a traditional tax software package (Drake, UltraTax, Lacerte), the software runs on hardware you control or on servers your vendor has contractually committed to securing under terms designed specifically for tax data. The vendor's business is tax software. The regulatory relationship is well-understood.

When you use a general-purpose AI tool, even a good one, the situation is fundamentally different:

  1. The tool was not designed for tax data. General-purpose large language models (LLMs) like the consumer versions of ChatGPT, Claude, and Gemini are designed for general use. They have not made regulatory commitments to you about how they handle tax return information, and they may not even have reviewed what §7216 requires.

  2. The data moves to a third-party server. When you paste a W-2, a K-1 narrative, a client's email about deductions, or a Schedule C into a prompt, that information travels to a server operated by a company that is almost certainly not your client's tax preparer and has not been specifically authorized to receive that information.

  3. The volume and scope is new. Tax professionals have always used third-party services, copiers, off-site storage, outsourced scanning. But AI dramatically increases the volume and intimacy of the data that moves outside the firm's four walls. A practitioner who uses AI routinely throughout a tax season may be sending hundreds of client files worth of sensitive data to third-party servers without realizing it.

  4. The regulatory framework already exists. No new law was needed. The rules that govern this situation were already in place, §7216 since 1971, updated in 2009 and 2012; the FTC Safeguards Rule since 2003, updated in 2023; the AICPA confidentiality rules for years. Those rules apply regardless of whether the technology was envisioned when they were written.

Here is the core issue in one sentence:

Sending client tax data to a third-party AI server is almost certainly a "disclosure" under IRC §7216, unless an exception applies or you have written consent.

That sentence contains three important qualifications: almost certainly, unless an exception applies, and written consent. The rest of this guide unpacks each of them. But the starting point must be honest: the default position under §7216 is that sending client data to any outside system is a disclosure, and disclosure without authorization is a federal crime.

The Three Questions Every Practitioner Must Answer

Before you use any AI tool with client data, answer these questions in order:

Question 1: Does using this tool with client data constitute a "disclosure" under §7216?

For cloud-based AI tools, the answer is almost certainly yes. The Treasury Regulation defines "disclosure" as "making tax return information known to any person in any manner whatever." An API call, a paste-in-prompt, a file upload, all of these make information known to the AI vendor's server. (We will analyze local AI separately in Lesson 10.)

Question 2: If it is a disclosure, does an exception under §301.7216-2 apply?

There are roughly 18 exceptions. The most relevant one for cloud AI tools is the "auxiliary service provider" exception under §301.7216-2(d). That exception has requirements that many cloud AI vendors do not meet. Lesson 3 covers the exceptions in detail.

Question 3: If no exception applies, do you have valid written consent from the client?

If the answer to Question 2 is no, you need valid written consent under §301.7216-3 before you can use the tool with that client's data. "Valid" has specific legal requirements. Lesson 4 covers them.

The Full Regulatory Stack: Plain-English Overview

There are five regulatory layers that govern AI use in a tax practice. Think of them as overlapping circles, not a single rule:

Layer 1: IRC §7216 (The Criminal Statute) This is the foundation. A federal criminal statute, up to a year in prison per violation, that prohibits tax return preparers from disclosing or using client tax return information for purposes other than return preparation, unless an exception applies or consent is obtained. The companion civil penalty is §6713 ($250 per disclosure, $10,000 per year cap).

Layer 2: FTC Safeguards Rule (The Security Mandate) Under the Gramm-Leach-Bliley Act (GLBA), tax preparers are classified as "financial institutions." This means you must have a Written Information Security Plan (WISP) and meet specific security requirements under the FTC's Safeguards Rule (16 CFR Part 314). Adding AI tools to your practice implicates several of these requirements, particularly the service-provider oversight obligations.

Layer 3: AICPA Code of Professional Conduct (The Ethics Layer) The AICPA's Confidential Client Information Rule (ET §1.700.001) creates a duty of confidentiality that applies to all confidential client information, a broader category than just tax return information under §7216. The third-party service provider interpretation (Interpretation 1.700.040) requires specific safeguards before you use any outside service that will see client data. Meeting §7216 does not automatically satisfy this rule.

Layer 4: Circular 230 (The Practice-Before-the-IRS Rules) Treasury's rules governing CPAs, EAs, attorneys, and other practitioners who practice before the IRS. Three provisions are most relevant to AI: §10.22 (due diligence, you are responsible for the correctness of AI-generated work product), §10.35 (competence, do you understand your AI tools well enough to use them competently?), and §10.36 (supervisory responsibilities, what procedures does your firm have for AI use?).

Layer 5: State Law (The Variable Layer) Your state may impose additional obligations. Georgia CPAs have specific confidentiality duties under Rule 20-12-.11 and incorporate AICPA standards through Rule 20-12-.19. If you have clients in California, New York, or Massachusetts, those states' laws may also apply to your handling of their data. Lesson 9 covers the key state-specific rules.

"Disclosure" as the Organizing Principle

The concept of disclosure is the thread that connects most of this regulatory framework. Understanding it at the start will help everything else make sense.

Under §7216, "disclosure" means making tax return information known to "any person in any manner whatever" (Treas. Reg. §301.7216-1(b)(5)). This is a very broad definition. It does not require:

The disclosure occurs the moment the information leaves your control and is communicated to another person (or, as we will explore, potentially a system that qualifies as a "person").

This is why the question of whether an AI vendor is the right kind of entity to receive the disclosure, and whether you have the right kind of authorization for the disclosure, matters so much.

Self-Assessment: Where Are You Now?

Before you proceed to Lesson 2, take 5 minutes to answer these questions honestly:

  1. Do you currently use any AI tools in your tax practice (including general tools like ChatGPT, Claude, or Copilot)?
  2. Have you ever pasted client data, a name, a number, a document excerpt, into an AI prompt?
  3. Have you reviewed whether your current AI tool use constitutes a "disclosure" under §7216?
  4. Do you have a WISP? Does it mention AI?
  5. Have you obtained any client consent for AI tool use?
  6. Do you know whether your AI vendors have data processing agreements, US-only data residency, and no-training clauses?

If you answered yes to questions 1–2 and no to questions 3–6, you have compliance gaps that this guide will help you identify and close.

Key Takeaways

Quick Review

Q1: Is it a §7216 disclosure if you paste a client's W-2 into ChatGPT and immediately delete the conversation?

Answer: Almost certainly yes. The disclosure occurs when the information is made known to ChatGPT's servers, not when you retain a copy. Subsequent deletion by you does not undo the disclosure. Treas. Reg. §301.7216-1(b)(5) defines disclosure as making information known "in any manner whatever", there is no exception for temporary or deleted disclosures.

Q2: If you use Microsoft 365 Copilot (which has a signed data processing agreement and enterprise-level privacy protections), do you still need to analyze §7216?

Answer: Yes. Having a DPA is evidence relevant to the analysis, but it does not automatically mean you are within the auxiliary service exception or that consent is not required. You still need to analyze whether the vendor qualifies under §301.7216-2(d) and whether the services involve "substantive determinations." Lesson 3 covers this in detail.

Q3: The FTC Safeguards Rule applies to "financial institutions." Does that include a solo CPA who only does tax returns?

Answer: Yes. Under the Gramm-Leach-Bliley Act and the FTC's implementing regulations, tax return preparers are classified as "financial institutions" regardless of size. A solo practitioner with one client is covered.

Study Guide home · Lesson 2: IRC §7216: The Foundation →

The AI Lab for Accountants · An educational resource, not legal or tax advice.