All answers
Security & compliance Open question — the Lab is working on this

What framework can be used to decide whether a given AI use case requires 7216 client consent?

37:27From the June 24 call · New IRS and AICPA AI Guidance: 7216, Billing, and Disclosures

One member shared a flowchart approach for thinking through this. Key questions: (1) Where does the data go — a local model appears safer, though still not necessarily fully compliant. (2) What is the tool being used to do? If it's performing substantive tax analysis — applying tax law to a client's specific facts and relying on that determination (e.g., is an amount deductible, is a gain taxable) — that's where 7216 consent should likely be obtained. If it's just doing OCR, organizing, summarizing, or drafting, that may fall under the ministerial/auxiliary services exception and not require consent. (3) Does the data get sent offshore, and is there a confidentiality agreement in place — this ties back to enterprise-tier vendor agreements, most of which include a standard Data Processing Agreement (DPA). The member had emailed Anthropic directly asking whether a DPA needed to be separately signed for Claude; the response indicated it's implicit in the enterprise tier agreement. Zero data retention, however, is a separate arrangement that requires reaching out to Anthropic sales for approval, and the member was told this is generally only available to larger organizations, not smaller firms. Overall, the framework remains unofficial and the group acknowledged there is no explicit IRS or vendor guidance addressing this directly — 'it's clear as mud.'

The full answer is members-only

Membership is free. Apply and get this answer, the recording, and the rest of the library.

Apply to join

Already a member? Sign in