The Committee of Sponsoring Organizations of the Treadway Commission published a framework for imposing internal controls over robotic process automation.

COSO is jointly sponsored by the American Accounting Association, the American Institute of CPAs, Financial Executives International, the Institute of Management Accountants and the Institute of Internal Auditors.

The publication, Achieving Effective Internal Control Over Robotic Process Automation, was commissioned by COSO and co-authored by Marc Eulerich, a professor of internal auditing at the Mercator School of Management at the University Duisburg-Essen in Germany; Jan Gruene, a leader for Digital Internal Audit at Deloitte Germany’s Risk Advisory Practice; and David A. Wood, an accounting professor at Brigham Young University in Utah. It describes an RPA governance framework designed to help organizations maximize RPA benefits while mitigating risks through an effective internal control framework. COSO already provides widely used frameworks for internal controls and enterprise risk management and earlier this year began working with the National Association of Corporate Directors on developing a corporate governance framework.

Robotic process automation relies on computers to perform repetitive, rules-based tasks that have traditionally been performed by humans. However, the COSO paper notes that RPA technology comes with significant governance and control challenges that should be addressed to maximize RPA’s benefits while mitigating the associated risks. 

The white paper provides a guide for integrating RPA governance requirements with the COSO Internal Control Integrated Framework. COSO’s RPA governance framework identifies several governance areas and control requirements to address common challenges associated with RPA, including security vulnerabilities, process knowledge loss and uncontrolled bot proliferation. RPA offers significant advantages, but also introduces risks such as inconsistent bot deployment, increased potential for security breaches, and difficulties in scaling automation efforts. 

“The integration of RPA governance principles with the COSO-ICIF framework is an important step for organizations looking to not only leverage the benefits of automation but also maintain a robust system of internal controls,” said COSO executive director and chair Lucia Wind in a statement Thursday. “This publication provides practical strategies and best practices for ensuring that RPA implementations align with established governance principles, thus protecting organizations from emerging risks and enabling long-term success.”

COSO acknowledged that RPA offers organizations significant efficiency, cost savings and accuracy improvements, but warned that it also introduces some unique governance and internal control challenges. RPA provides ease of use, low cost, and scalability but that can lead to ad-hoc implementations that bypass traditional IT governance frameworks, creating potential security risks and operational inefficiencies. The paper discusses how organizations can align RPA governance with the five key components of the COSO-ICIF framework: control environment, risk assessment, control activities, information and communication, and monitoring activities.

“By addressing each component of the COSO framework in relation to RPA, organizations can develop a holistic approach to governance that supports both innovation and control,” Wind stated.

By mitigating the various risks through a structured internal control framework, organizations can make sure their RPA initiatives contribute to overall operational effectiveness while maintaining a high standard of governance and risk management.

Dutch treat; for the record; last Resort; and other highlights of recent tax cases.

New York: Frank Butselaar, a native of Naarden, Netherlands, has pleaded guilty to one count of aiding or assisting in the filing of a false or fraudulent return.

Butselaar advised the creation of offshore structures for ultra-high-net-worth individuals and did so while a shareholder in the Amsterdam office of a major U.S.-based international law firm. When the clients were becoming or had become U.S. tax residents, Butselaar and his co-conspirators, who were partners at the firm, sought to conceal the clients’ offshore income through nominee owners, generally a family member who lived outside the U.S. The clients, with the knowledge of Butselaar and his co-conspirators, unknowingly continued to operate their offshore entities as their own and believed they had access to and could direct the money they were accumulating offshore.

The amount of unreported income for two of the client taxpayers exceeded $70 million. Butselaar was also repeatedly warned that the income being collected offshore for his clients was reportable.

He faces up to three years in prison. Sentencing is Feb. 13.

St. Louis: Tax preparer Robert Droege, 59, has been sentenced to 46 months in prison for filing false returns that caused an estimated tax loss of $2.5 million.

Droege pleaded guilty in June to four counts of aiding in the preparation of a fraudulent return, admitting to preparing at least 34 false returns in his home office, Bob’s Tax Service.

He prepared returns that contained false or fraudulent information including medical expenses, charitable contributions, personal property rental expenses, non-business bad debt and other deductions.

White Plains, Maryland: Part-time tax preparer Anthony Judd has pleaded guilty to preparing and filing a false return for a client.

Since at least 2013, Judd, who was also a full-time special police officer at the National Archives and Records Administration, prepared and filed more than 40 false returns for individual clients that reduced the clients’ taxes and inflated refunds. These returns reported losses for businesses that the clients did not have and deductions for expenses, such as transportation and job-related expenses, that the clients did not actually incur.

Judd prepared and filed each return as a ghost preparer and caused a tax loss to the IRS of some $484,525.

Sentencing is April 16. He faces a maximum of three years in prison as well as a period of supervised release, restitution and monetary penalties.

Naples, Florida: Tax preparer Heidi Torres-Moncaleano, 45, has been sentenced to a year and a day in prison for aiding in the preparation of false and fraudulent income tax returns.

From 2018 through 2021, Torres-Moncaleano, through her business Torres Tax Services, submitted fraudulent returns and Schedules C to the IRS, inflating clients’ losses to generate larger refunds. The federal tax loss exceeded $847,000.

Torres-Moncaleano, who pleaded guilty in April, was also sentenced to a year of supervised release with the condition that she pay $429,888 in restitution to the IRS.

New York: Ilya Kahn, a national of the U.S., Israel and Russia, has pleaded guilty to conspiracy to violate the Export Control Reform Act for his role in a scheme to secure and illegally export dual-use semiconductors and other sensitive technology to Joint Stock Company Research and Development Center Elvees and other entities in Russia. Kahn also pleaded guilty to attempted tax evasion for failing to pay taxes on his income from the scheme.

Kahn owns Senesys Incorporated and Sensor Design Association, which operated in California and Brooklyn, New York. Kahn operated these businesses as fronts for a years-long conspiracy to acquire and export sensitive and sophisticated dual-use electronics from the U.S. to Elvees, one of the leading Russian developers of microchips and which was sanctioned by the U.S. in 2022.

Many of these items required an export license for national security and anti-terrorism reasons, which Kahn did not obtain. He also arranged for Elvees to continue to fabricate and import semiconductors after Russia’s February 2022 invasion of Ukraine, using a network of front companies and bank accounts.

Kahn’s export activity for the benefit of Elvees dates to at least 2012, and accounts under his control received more than $50 million from Elvees and related entities between 2012 and 2022. Of that money, Kahn channeled nearly $5 million for his personal use, which he did not report to the IRS and on which he did not pay income taxes.

Kahn agreed to forfeit $4,923,548.94 and to pay an additional $1,892,816.00 in restitution to the IRS. He also faces up to 20 years in prison.

Newark, New Jersey: Insurance broker Joseph Schwartz of Suffern, New York, has admitted his role in a $38 million employment tax fraud scheme involving nursing homes.

He pleaded guilty to two counts of an indictment charging him with willfully failing to pay over employment taxes withheld from employees of his company and willfully failing to file a Form 5500 for a 401(k).

Schwartz, operator of Skyline Management Group, with headquarters in New Jersey, failed to pay employment taxes relating to health care and rehabilitation facilities that Skyline operated in 11 states. From October 2017 through May 2018, Schwartz caused taxes to be withheld from employees’ pay but failed to then pay over more than $38 million in employment taxes to the IRS. He also failed to file the 5500.

The employment tax fraud count carries up to five years in prison and a $250,000 fine, or twice the gross gain or loss from the offense, whichever is greater. The failure to file a Form 5500 carries a maximum of 10 years in prison and a $250,000 fine, or twice the gross gain or loss from the offense. Sentencing is April 10.

Cape Coral, Florida: William Skaggs Jr. and Billie Adkison have pleaded guilty to conspiracy to commit tax fraud.

Skaggs owned and operated Nastar Roofing; Adkison was the main office administrator for Nastar, and her duties included managing the company’s payroll. Between 2013 and 2023, Nastar paid its employees predominantly in cash to avoid paying taxes the pair knew were owed to the federal government. Typically, one or more Nastar employees, including Skaggs and Adkison, withdrew significant amounts of cash on Thursdays and Fridays to make Nastar’s payroll at the end of the work week.

Between 2013 and 2023, Nastar employees withdrew more than $21 million from the company’s bank accounts to pay employees in cash. The company did not withhold taxes from the cash payments, nor did it pay its own share of FICA taxes.

Skaggs and Adkison have agreed to make full restitution to the United States for the employment taxes, including an upfront partial restitution payment of $1 million before their sentencing. Each faces up to five years in prison.

Ocala, Florida: Tax preparer Steven Cabrera has been sentenced to three years in prison for assisting in preparing false tax documents, submitting false tax documents and willfully failing to file returns.

From 2017 to 2019, Cabrera, who pleaded guilty in August, engaged in widespread tax fraud, adding unauthorized and fraudulent deductions and credits to clients’ returns without their knowledge and then embezzling the additional tax return money.

He also defrauded clients directly by telling them to make out checks to “IRS” and pledging that he would send the funds to the IRS himself. Instead, he deposited those checks into an account he controlled for a fictitious business, “International Resort Services.”

Cabrera caused total losses of nearly $1 million.

A group of Republican lawmakers have sent a letter to the incoming administration asking that it end the IRS Direct File service, ideally via a day one executive order. 

The IRS piloted the program—developed as part of the Inflation Reduction Act of 2021—this past tax season, available in 12 states: Arizona, California, Florida, Massachusetts, Nevada, New Hampshire, New York, South Dakota, Tennessee, Texas, Washington and Wyoming. Around 140,000 taxpayers used the service, and the response, according to surveys of users, was very positive, with over 90% rating their experience either “excellent” or “above average.” The IRS said it aims to double the reach of the program next filing season. 

Republicans have long been critical of the program, saying it was not officially authorized and that its overall implementation has been highly wasteful. The letter divides the total amount budgeted by the total number of taxpayers who took part and concluded that the cost was $814 per return. Beyond procedural issues and cost, Republicans have also raised concerns about the fact that Direct File makes the IRS a tax assessor, collector, preparer, and enforcer in one, which they believe represents a clear conflict of interest as well as an invitation for government overreach. The letter sent to the income administration went over these points again, saying the government can find better use of its resources. 

“This is not an efficient use of government resources, especially when the private sector offers better tax preparation services at no cost to the federal government and taxpayers already have the option to file their taxes for free using the pre-existing public-private partnership between the IRS and many tax preparation and filing software companies—Free File. The IRS can, and should, spend a fraction of the resources it spent on creating a government run program on promoting existing free options. The results of such efforts would be better for all taxpayers,” said the letter. 

In contrast, Democratic lawmakers in October urged the IRS to make the Direct File program more accessible, specifically by relaxing some of the identification requirements. The service, said the Democrats, operates at a significant disadvantage compared to commercial tax prep services due to its stringent identity verification requirements in the form of the ID.me service, which is used by both the federal government and several state governments. ID.me credentials are assessed against the National Institute of Standards and Technology’s Identity Assurance Level 2 standard. The letter noted that private tax preparation companies are not assessed against IAL standards but basically operate at a Level 1 basis, as users simply assert their identity.

“Requiring them to use ID.me is creating yet another needless barrier to exactly these taxpayers who need Direct File most to claim tax benefits, as it has been with other government benefits,” said the Democrats’ letter.