The Rage Surrounding Client Portals

Why today’s CPA firms are turning to portals to make financially sensitive information available to their clients.

July 10, 2008
by James Bourke, CPA/CITP

“Portals” may not have jumped out at you when reviewing the AICPA’s 2008 Top Technology Initiatives, list, but if you checked out the “Honorable Mention” category you would have noticed Client Portals in the Number 15 slot!

With security and privacy concerns prevalent in today’s marketplace, many CPA firms are turning to client portals as a way to make financially sensitive information available to their clients.

Type “CPA Client Portal” into your favorite Web search engine and literally hundreds of references will appear. The portal is quickly becoming the avenue of choice for CPA firms transferring financially sensitive information to their clients.

So Why the Portal?

A good portal today:

  • Creates a secure pipeline between the CPA Firm and the client,
  • Allows the CPA Firm to store documents and files easily,
  • Allows the client to access documents and files easily and
  • Allows the client to upload documents and files for access by the CPA Firm.

With the influx of more and more documents in digital format (tax returns, financial statements, bank statements, brokerage statements, loan agreements, proposals, etc.), it only makes sense to create a conduit to move these documents easily between all parties involved. Many CPA firms have decided that conduit should be the “portal.”

Another driving factor on the migration to client portals has been the huge amount of attention given to security concerns. Again, you have to look no further than the AICPA’s 2008 Top Technology Initiatives to find “Information Security Management” clinging to the Number One slot for six years running.

If set up properly, the portal will:

  • Be more secure than sending the file as an e-mail attachment,
  • Have the ability to control file access,
  • Have the ability to control file versions,
  • Be Easier to manage than encrypted e-mails and
  • Create an environment in which only one file will exist (as opposed to e-mails, where a copy will end up in a sent box, another copy in an Inbox and countless other copies stored on local and network storage devices).

Breach of Security

When it comes to security, many firms are also quickly becoming more aware of the litigious environment in which we do business. Today, about 40 states have security breach legislation or laws in place. Many of these states impose stiff penalties as a painful consequence of violating their laws. The penalties for breaching these laws in Michigan max out at about $750,000. California led the states in the area of security breach legislation, passing the early form of their legislation in July 2003.

There are many ways to disseminate confidential and financially sensitive information to a firm’s client base. Firms that have not yet implemented a content management system (CMS) generally opt to go with applications that either encrypt the e-mail message or the attachments to that e-mail. E-mail encryption applications can sometimes be tricky to use and cause frustrations on the part of the client when they attempt to un-encrypt the message and/or the attachment.

Many firms jumped on the content management bandwagon three to five years ago. Today, a good CMS acts as the central repository for documents and other files shared with a firm’s client base.

Many CMSes offer client portal modules or add-ins that are very easy to implement. Some of the best systems allow CPA firms to flag specific documents for access by their clients, while at the same time not allowing access or even the ability to view, certain other files stored in the CMS.

How Does the Client Access the Portal?

Whether housed on servers physically located within your firm or on remote servers stored at an Application Service Provider (ASP), a good portal, will have the same look and feel as CPA firm’s Web site that clients have become accustomed to visiting. To access a portal, clients are generally given a unique login name and assigned a password that they have the ability to change upon their initial login. Once securely in your site, your client is generally presented with their own window into your firm’s CMS. That window allows clients to view and access files that have been pre-selected for them to view and access by your firm’s staff.

For those firms with an existing CMS, implementation of a portal is generally quick and easy. Within my own firm, we implemented our portal in February 2006. Even with the start of tax season well underway, the transition to the portal, as a primary means of information dissemination to our clients, was a seamless process.


Many CPA firms have selected their portal as the preferred method of delivering all the tax returns they prepare to their client base. Under this scenario, your firm will see an immediate reduction in costs associated with processing time, paper and printer supplies, postage, etc., not to mention the significant inroads your firm will make in protecting the confidentiality of your client data.

Whether your firm is involved in audit, tax, consulting, litigation support or all of these services, you all have some form of deliverable to put into the hands of your clients. Take a look at one or more of the portal solutions that are out there.

Rate this article 5 (excellent) to 1 (poor).
Send your responses here.

James C. Bourke is a Partner at WithumSmith and Brown where he is Director of Firm Technology. He is a past president of the New Jersey Society of CPAs and currently serves on AICPA Council and the AICPA CITP Credential Committee.