Head of Insight AccountingWEB
Share this content

Tax season drives adoption of client portals

4th Mar 2014
Kashflow logo

Collaborative web portals are now becoming an accepted feature of accountancy practice.

Feedback from respondents to AccountingWEB’s tax season survey with Xero added weight to comments and anecdotes from elsewhere in the profession that portals were helping advisers to overcome one of their biggest headaches - extracting data in a timely fashion from business and personal tax clients.

Out of more than 1,100 tax season survey respondents, 13% said they planned to introduce portal - one way of improving client communication and data collection that was highlighted by 42%.

As reported previously on AccountingWEB, the buzz around document-sharing portals has been circulating for a couple of years...

Further survey findings and practical advice about practice processes and online collaboration will be offered in an online webinar on 26 March. Register here.

Please Login or Register to read the full article

The full article is available to registered AccountingWEB.co.uk members only. To read the rest of this article you’ll need to login or register. Registration is FREE and allows you to view all content, ask questions, comment and much more.

Replies (18)

Please login or register to join the discussion.

By ireallyshouldknowthisbut
06th Mar 2014 11:25

Anyone care to expand on..

"practice assurance reviews are still finding firms who are emailing returns to their clients - and that is no longer acceptable,” Salter said"

Would anyone like to expand on this point?  Emailing of documents is fairly standard. What part of that is not "acceptable" and to whom and for what purpose?

I can understand authorisation is an issue, but transmission is surely down to the practice and their client's agreed ways of working.

 

 

Thanks (0)
Replying to Accountant A:
avatar
By ahickie
06th Mar 2014 12:51

Emailing of documents

I think you will find that the issue here is one of Data Protection. Emailing documents such as tax returns or payroll information which contains personal information such as NI numbers, is a potential DPA risk. Emails can be intercepted, and any attachments could potentially be viewed by someone other than the intended recipient.

  pot     pPortals are a way around the problem because the client has a unique log in.  Although the email sent to the client to inform them that their tax return, for example, is in the portal for approval, can still be intercepted, the data itself is protected in the portal. The portal would effectively need to be hacked, or the password guessed, to gain access to the tax return.

Thanks (0)
avatar
By angusnicolson
06th Mar 2014 13:32

Emailing of documents.....

I read somewhere that posting documents to clients might result in the mail being intercepted and the letter read by some Bad Man.  Especially if you use the wrong address or put the wrong attachment in an envelope.

Of course, using a portal could result in the client have the password stolen and you continuing to send private information to a portal that has already been compromised. Or even uploading to the wrong Mr Smith.

Then there's the threat from mind reading aliens...

Or we can put it all in perspective, and that recommend common sense and proportionality kicks in.

Personally if my error rate for 'mis-sending' by any means is 0.1% then I'm happy.

Thanks (4)
Replying to Peter Cane:
Me!
By nigelburge
06th Mar 2014 13:58

You can't be too careful..........

angusnicolson wrote:

Then there's the threat from mind reading aliens...

Or we can put it all in perspective, and that recommend common sense and proportionality kicks in.

Well yes........ you CAN be too careful. You just need to evaluate the risks yourself and not just rely on what someone else believes.

It would seem to me that the risk of the Royal Mail postman delivering a set of accounts and a tax return to the wrong address and it then being opened by the wrong recipient are far, far greater than someone intercepting and opening an email containing the same documents as attachments.

Good post Angus - thanks - the voice of reason speaks!

Thanks (2)
avatar
By sbt
06th Mar 2014 13:40

So has anyone ever checked whether there is more risk emailing paperwork than posting it? Royal Mail seem to loose quite a bit.

Thanks (4)
profile
By [email protected] Small Business
06th Mar 2014 13:45

Encrypt the emails with Office 365

Office 365 now allows you to encypt emails - see the how to guide on the Microsoft website using the link below:

http://tinyurl.com/o9sncok

Thanks (0)
John Stokdyk, AccountingWEB head of insight
By John Stokdyk
06th Mar 2014 13:47

Further comments from the ICAEW

I talked to Paul Booth at the ICAEW IT Faculty after this piece was published. He explained that the view from the practice assurance wing was that there is no legal requirement to encrypt personal information, but that the institute would advise members to carefully consider the risks when sharing confidential, sensitive information.

“Portals are certainly a step in the right direction, but I would say they should not be regarded as a cure-all,” he said. “There is also a need for sound management systems to ensure that other things don’t go wrong.”

 “Portals and cybersecurity might create a false sense of security. Encryption is no use if you send the wrong information to the wrong client.”

Thanks (0)
Replying to Dandan:
RLI
By lionofludesch
06th Mar 2014 14:20

Reduced Risk

John Stokdyk wrote:

 “Portals and cybersecurity might create a false sense of security. Encryption is no use if you send the wrong information to the wrong client.”

Ah - but if you send the wrong information to the client, the risk of interception of sensitive information is exponentially reduced.

Thanks (0)
Replying to Dandan:
Stepurhan
By stepurhan
06th Mar 2014 14:32

Follow-up please

John Stokdyk wrote:
I talked to Paul Booth at the ICAEW IT Faculty after this piece was published. He explained that the view from the practice assurance wing was that there is no legal requirement to encrypt personal information, but that the institute would advise members to carefully consider the risks when sharing confidential, sensitive information.
Please can you go back to them and ask how this statement fits with the unequivocal words of Kevin Salter quoted in the article.

Kevin Salter wrote:
...practice assurance reviews are still finding firms who are emailing returns to their clients - and that is no longer acceptable.

There is a big difference between recommending one approach as best practice, and saying alternatives are unacceptable. It is beholden on the ICAEW to be clear on this point, since they will presumably want to insist on their members not engaging in anything they genuinely find unacceptable.

Thanks (0)
avatar
By Sheepy306
06th Mar 2014 13:50

The increased scare-mongering for the purposes of an article and backed up by companies with a vested interest is actually what is 'not acceptable'.
Are web portals a good thing? Yes of course they are. Is sending information by email to clients unacceptable? Of course it's not.
As has been mentioned already, I would be interested to see in writing the rules by ICAEW which state that practice assurance are effectively banning this.

Thanks (4)
Nigel Harris
By Nigel Harris
06th Mar 2014 13:52

@ireallshouldknowthatbut - agreed. This is not he first time I have heard someone from 2020 Group make this point, and I'm still not clear what the legal/regulatory issue is. Yes, there are common-sense and Data Protection issues, but has ICAEW or someone actually issued a directive on emailing client data?

We have the facility in our tax return software to encrypt an password-protect documents before we email them to clients. We always offer this and to date I can't recall a single client asking us to do this. They seem to perceive it as too much trouble for a very small risk.

But then again, how many clients (and accountants) use US-hosted services such as Hotmail, iCloud and Dropbox, where personal data is therefore being held outside the EU in contravention of DP laws - not to mention being accessible to all US security services!

Thanks (1)
John Stokdyk, AccountingWEB head of insight
By John Stokdyk
06th Mar 2014 13:53

Lindenhouse - 300% growth this tax season

I'm at the 2020 conference in Coventry today, and talked to one of the exhibitors, Lindenhouse, about their experiences this tax season.

Director Gary Stewart said that on 30 January, Lindenhouse's portal had handled 17,500 authorisations. During the month more than a quarter of a million documents were stored and viewed within its portal and he said Lindenhouse had seen 300% year on year growth in this area.

"There was a real ramp up from accountants who wanted to get things set up between September and November so that they could educate their clients and alter their engagement letters to say that they would be sharing documents via a portal," he said.

There is a growing perception within the profession that sending personal data via email isn't a great idea - "2020 have been saying it for years" - Stewart said. "The message finally seems to be getting through."

 

Thanks (0)
Replying to rsergeant:
Me!
By nigelburge
06th Mar 2014 14:02

To quote Mandy Rice-Davies

John Stokdyk wrote:

There is a growing perception within the profession that sending personal data via email isn't a great idea - "2020 have been saying it for years" - Stewart said. "The message finally seems to be getting through."

"Well, he would say that, wouldn't he."

Thanks (2)
avatar
By thacca
06th Mar 2014 15:18

Portal

I am currently looking at using Iris Open Space.

 

The problem I have with email acceptance is that  a significant number of my clients will have difficultly printing, signing,scanning and emailing back just because when it comes to reading letters/emails and following instructions my clients are not the best. By post I write "Sign and Return" on top of every document they have to return - that seems to work well.

 

The alternative is clients emailing back with statements such as "OK", "they're ok", "cheers mate" etc. Is that acceptable approval? especially when I normally send accounts, tax return and letter of representation in one email.

 

I am therefore looking at "portals" because the client doesn't have to print and sign and they are approving that document unequivocally. I'm not worried about data protection. If anyone has any advice on how I could improve on my current approval by email procedures I'd be grateful.

Thanks (0)
avatar
By Arm266
07th Mar 2014 17:45

Is sending tax returns by email unacceptable?

I would question the premise that receiving documents from clients, and sending tax returns for approval by email, is unacceptable.

In fact, HMRC have specifically set up guidelines for doing so.

I nearly always send my clients returns for approval this way, except the one client who doesn't have email and I have to use the more risky, and much slower, Royal Mail.

With personal tax clients, it has taken great effort to get them to use email instead of Royal Mail, so what chance to get them to use a portal!!

Thanks (0)
Replying to rae10000:
avatar
By thacca
08th Mar 2014 15:37

hmrc guidelines
Could you point me too these?

Thanks (0)
Mark Lee 2017
By Mark Lee
08th Mar 2014 12:55

Sounds like scaremongering to me

Much like those promoters of tax schemes who routinely tried to argue that accountants were at risk of negligence claims if they didn't tell clients about the schemes. That was wrong too and unbecoming of qualified professionals who should know better.

Mark

Thanks (2)
Locutus of Borg
By Locutus
10th Mar 2014 01:30

Scaremongering and experience from clients
I also share the view that the risk of sending an unencrypted e-mail is, on balance, no less secure (indeed probably much more secure!) than sending a letter via Royal Mail.

I think those who say sending unencrypted e-mails breaks the Data Protection Act are scaremongerers. Hopefully the Professional Bodies won't feel obliged to jump on this bandwagon.

Saying that, I have experiemented with the Iris OpenSpace portal, which is free. I like it, it's secure and I genuinely prefer my clients to approve documents electronically via the portal.

The problem is that only about 50% of my clients will use it. Many clients just don't want to know, as they have grown used to the ease of e-mails and say "could you just e-mail it".

Thanks (0)