Lesson 11: Putting It All Together

← Study Guide home · Lesson 11 of 12

The integrated compliance framework

Learning Objectives

After completing this lesson, you will be able to:

• Apply the AI compliance decision tree before using any AI tool with client data
• Classify AI tools into a three-tier system
• Identify the documents every firm needs for AI compliance
• Describe the daily/weekly/monthly/annual compliance rhythm
• Apply the "last mile" principle to AI-assisted work product

The Decision Tree: Before You Use Any AI Tool With Client Data

Answer these questions in order before using any AI tool with client data:

STEP 1: Is this tool deployed locally (no data leaves your network)?
│
├── YES → §7216 disclosure not triggered (under local-model analysis).
│         Still need: WISP controls, §10.22 review, SSTS compliance.
│         → Proceed to STEP 5.
│
└── NO (Cloud AI) → STEP 2.

STEP 2: Does an exception under §301.7216-2 apply?
│
├── YES (most likely: auxiliary service provider §301.7216-2(d)) →
│   Confirm: US-based? Non-substantive use? Contractual confidentiality?
│   All three: → Exception applies. Still need: WISP, AICPA, Circular 230.
│   One fails: → No exception. → STEP 3.
│
└── NO → STEP 3.

STEP 3: Do you have valid written §7216 consent?
│
├── YES (signed, specific, before the disclosure, with mandatory language) →
│   Consent path. Still need: WISP, AICPA, Circular 230.
│   → Proceed to STEP 5.
│
└── NO → STOP. Do not use this tool with client data until
         consent is obtained or an exception is established.

STEP 4: Is AICPA ET §1.700.001 satisfied?
│
├── YES (contractual DPA with confidentiality commitment OR client consent) →
│   AICPA path satisfied.
│
└── NO → Obtain vendor DPA or client consent before proceeding.

STEP 5: Is your WISP current and does it cover this tool?
│
├── YES → Update vendor inventory; document due diligence.
│
└── NO → Update WISP before using tool with client data.

STEP 6: Is your AI output being reviewed with professional judgment?
│
├── YES → Document your review in workpapers.
│
└── NO → Do not sign the return or issue the advice until review is complete.

The Three-Tier AI Classification System

Classify every AI tool your firm uses into one of three tiers:

Tier 1: Public/General Tasks Only

• No client-specific data used
• Examples: ChatGPT Free for drafting general CPE presentations; Claude consumer tier for writing firm newsletter articles
• §7216 risk: Minimal, provided no client-specific information enters the prompt
• Required documentation: None specific to §7216; standard WISP security practices apply

Tier 2: Contracted Cloud Vendor With Proper Safeguards

• Client data may be used
• Requirements: Enterprise-tier or equivalent; US data residency confirmed; signed DPA with confidentiality and no-training clauses; WISP coverage; §7216 consent obtained OR auxiliary exception confirmed for non-substantive use
• Examples: Microsoft 365 Copilot (enterprise); ChatGPT Enterprise; Claude Enterprise; Thomson Reuters CoCounsel; Intuit Tax Assist
• Required documentation: Vendor DPA on file; §7216 consent on file (or exception analysis documented); WISP AI annex covering this vendor

Tier 3: Genuinely Local

• Client data may be used without §7216 disclosure concern
• Requirements: Confirmed no telemetry of prompt data; no cloud fallback; no hosted RAG; runs on firm-controlled hardware
• Examples: Ollama + Llama 3.3 (verified local), LM Studio + Mistral (verified no telemetry)
• Required documentation: WISP AI annex; network monitoring confirmation of no data exfiltration; same §10.22/SSTS review obligations as other tiers

The Documents Every Firm Needs

1. Written Information Security Plan (WISP): with AI Annex Must include: AI vendor inventory, approved tool classification, access controls for AI use, AI-specific incident response, annual AI review checkpoint.

2. §7216 Consent Forms Needed for each Tier 2 vendor used with individual (1040) clients. Must be standalone documents with mandatory Rev. Proc. 2013-14 language, specific vendor named, signed before use.

3. Engagement Letter Disclosures While engagement letters are not sufficient standalone §7216 consents for 1040 clients, they should notify clients that AI tools may be used in their engagement and direct clients to the separate consent form. For business clients (1120/1065/1120-S), the AI consent can be included in the engagement letter.

4. Vendor Due Diligence File For each Tier 2 vendor: a file documenting when you evaluated the vendor, what you found (security certifications, data processing practices, contract terms), and your conclusion about compliance. Include the signed DPA or master subscription agreement with data processing addendum.

5. Workpaper Documentation of AI Use For each return or engagement where AI was used: a note in the workpapers identifying the tool used, what it was used for, and how you reviewed the output.

The Daily/Weekly/Monthly/Annual Compliance Rhythm

How to Talk to Clients About Your AI Use

A suggested client communication framework:

In the engagement letter: "We use technology tools, including AI-assisted tools, in preparing your tax returns and providing related services. Where required by federal law, we will obtain your separate written consent before using your tax return information with any third-party AI service. Our use of technology is governed by our Written Information Security Plan, available upon request."

When presenting the consent form: "Federal law requires that we ask your permission before sharing your tax return information with certain technology vendors. We use [specific vendor] to assist with [specific task], which helps us serve you more efficiently. The attached form explains your rights. This consent is voluntary, your return will be prepared accurately whether or not you consent. If you have questions, please ask."

If a client asks whether AI "prepares the return": Be direct: "AI tools assist me with parts of the work, drafting, organizing, research. I review everything AI generates, verify all positions, and I am the preparer of record. My professional judgment and my signature are what make this your return."

How to Talk to Your E&O Carrier

Before deploying AI tools with client data, contact your E&O carrier and address:

1. Does your current policy cover claims arising from AI-assisted work product?
2. Does it cover claims arising from an AI vendor data breach?
3. What documentation does the carrier expect if a claim arises involving AI use?
4. Do your current AI tools satisfy the carrier's risk standards?
5. Does your WISP's AI section satisfy any underwriting requirements?

Some E&O carriers have begun adding AI-specific questionnaires to renewal applications. Proactive disclosure of your AI compliance framework (WISP, consent procedures, vendor DPAs) strengthens your underwriting position.

Common Mistakes and How to Avoid Them

Top 10 AI Compliance Mistakes

1. Using consumer-tier AI with client data without analysis. Fix: Apply the decision tree to every tool. Tier 1 only for client-specific data unless Tier 2/3 protocols are in place.

2. Thinking "I deleted the conversation" is a safeguard. Fix: The disclosure occurred when data was transmitted. Deletion does not undo it.

3. Using one §7216 consent to cover "all AI tools." Fix: Each vendor must be named specifically. One blanket consent is invalid.

4. Embedding the §7216 consent in the engagement letter for 1040 clients. Fix: Use a standalone document for Form 1040 clients.

5. Not renewing consents after one year. Fix: Track consent expiration dates; add to your annual engagement calendar.

6. Having a WISP but never updating it. Fix: Annual review is required; add AI tool changes as a triggering event for interim review.

7. Assuming a DPA means no consent is needed. Fix: A DPA satisfies AICPA and WISP requirements; it does not substitute for §7216 consent for disclosures that don't fit the auxiliary exception.

8. Not knowing what your AI vendor does with your data. Fix: Review the vendor's data processing agreement and privacy policy before using it with client data. Ask specifically about training data practices.

9. Trusting AI-generated legal citations without verification. Fix: Verify every regulatory citation, statute reference, and case citation AI generates before including it in advice or workpapers.

10. Not documenting that you reviewed AI outputs. Fix: A brief workpaper note is all that's needed. "AI used to draft [X]; I reviewed and [corrected/confirmed]. Positions reflect my professional judgment." Document it.

The "Last Mile" Principle

The final and most important principle of AI compliance:

AI drafts. Practitioner verifies and signs.

AI tools can make you more efficient. They can draft faster, extract data more quickly, and suggest analysis that prompts your thinking. But the last mile, the professional judgment, the verification of positions, the application of the law to this specific client's facts, belongs to you. Your signature on a return is not the AI's signature. It is yours. The professional responsibility that comes with it is yours too.

The "last mile" principle does not limit how you use AI. It clarifies what the AI cannot do for you: it cannot replace your professional judgment, it cannot sign your name, and it cannot absorb the professional consequences if something goes wrong.

Key Takeaways

• The decision tree provides a step-by-step analysis for any AI tool before use with client data: local or cloud, exception or consent, AICPA satisfied, WISP current, output reviewed.
• The three-tier classification system (Tier 1: general tasks; Tier 2: contracted cloud with safeguards; Tier 3: genuinely local) gives your firm a practical framework for managing AI tools.
• Every firm needs: a current WISP with AI annex, §7216 consent forms, engagement letter disclosure language, vendor due diligence documentation, and workpaper notation of AI use.
• The top 10 compliance mistakes are primarily documentation and consent failures, most are easily fixable with the right systems in place.
• The "last mile" principle: AI drafts, practitioner verifies and signs.

← Lesson 10: Local AI Models: The Compliance Shortcut and Its Limits · Study Guide home · Lesson 12: Quick Reference Card →