Why Accountants Should Never Email Tax Returns

Most accountants and bookkeepers don’t think of themselves as risky with client data. And for good reason — you’re careful, professional, and deeply aware of confidentiality.

But there’s one habit almost every firm still relies on that quietly undermines all of that care:

Emailing tax returns and financial documents.

It feels normal. It’s fast. Clients expect it. And for years, it worked “well enough.”
The problem is that email hasn’t changed — but the risk around it has.

Email Turns Sensitive Financial Data Into Permanent Records

When you email a tax return, you’re not just sending information — you’re creating long-term storage you don’t control.

That single attachment now exists in multiple places:

• Your Sent folder

• Your email server backups

• Your client’s inbox

• Your client’s device

• Their backups, too

None of those copies expire. None of them clean themselves up. And years later, they’re still sitting there — even though the engagement ended long ago.

For accountants, that means:

• Prior-year tax returns

• SIN/SSN equivalents

• Business financials

• Owner compensation details

All quietly accumulating in inboxes never designed to be secure archives.

The Real Risk Isn’t This Year — It’s Three Years From Now

Most breaches don’t happen the same week a document is sent. They happen later.

An old laptop gets compromised.
A reused password leaks.
A phishing email finally works.

When that happens, attackers don’t have to search for valuable data. They already know exactly where to look — the Sent folder is a perfectly organized history of every sensitive file you’ve ever shared.

This is why breaches feel catastrophic: they expose everything at once, not just current work.

“We Use a Portal” (Until We Don’t)

Many firms try to solve this with secure client portals. On paper, that’s the right idea.

In practice:

• Clients forget passwords

• Login links expire

• Uploads fail

• Busy season pressure kicks in

So what happens?

“Just email it this once.”

That single exception puts the file right back into inboxes, Sent folders, and permanent storage — undoing the very control the portal was meant to provide.

Security tools that clients won’t use eventually get bypassed.

A Better Default for Accountants: Temporary Access

Tax documents don’t need to live forever in email systems. They only need to be accessible long enough to be reviewed, filed, or approved.

That’s the model behind secure link-based sharing.

Instead of attaching a return, you send a secure, encrypted link. The client views the document in a protected browser window, without downloading it, and once it’s been accessed, the file can automatically expire or delete itself.

No attachment.
No permanent inbox copy.
No long-term liability.

At that point, you’ve delivered the information — without turning email into a filing cabinet.

A Quick Reality Check for Your Own Firm

If you’re unsure where your current process stands, it’s worth doing a calm review of how sensitive files actually move through your practice — not how they’re supposed to move.

I’ve put together an Authoritative Security Checklist specifically for small accounting and bookkeeping firms without IT departments. It highlights common blind spots (including email retention) and helps you decide what’s worth fixing first.

You can find it here if it’s useful:
https://filewalla.ca/blog.php

Professionalism Is About Process Design

Clients don’t judge professionalism by your encryption settings. They judge it by confidence, clarity, and how safely their information seems to be handled.

When sensitive financial data sits indefinitely in inboxes, that confidence is built on assumptions — not design.

The most responsible approach isn’t adding more rules or more tools. It’s changing the default so sensitive files don’t linger where they don’t belong.

For accountants, that shift alone removes one of the largest, quietest risks in the practice — without adding friction for you or your clients.