Printable Form 2026

IRS Publication 5593 – FAQs For LB&I Audits – TDS SFS-SM

IRS Publication 5593 – In today’s digital age, the Internal Revenue Service (IRS) continues to modernize its processes to enhance security and efficiency for taxpayers, especially those under Large Business and International (LB&I) audits. IRS Publication 5593, titled “FAQs for LB&I Audits – TDC SFS-SM,” serves as a vital resource for understanding the Taxpayer Digital Communication Secure File Sharing – Secure Messaging (TDC SFS-SM) system. This publication addresses common questions about participating in secure digital exchanges during LB&I audits, ensuring compliance while protecting sensitive information.

Whether you’re a corporate taxpayer, certified public accountant (CPA), or power of attorney (POA) representative, this guide breaks down the essentials of Publication 5593. We’ll cover key terms, participation requirements, security measures, and more to help you navigate LB&I audits seamlessly.

What is IRS Publication 5593 and TDC SFS-SM?

IRS Publication 5593 provides detailed frequently asked questions (FAQs) and answers for users involved in LB&I audits using the TDC SFS-SM platform. TDC SFS-SM is a web-based messaging system designed for the secure exchange of sensitive information between the IRS and taxpayers or their representatives. It’s not just a temporary solution born out of the COVID-19 era—it’s a permanent tool to facilitate digital communication in audits.

Key acronyms and terms from the publication include:

  • LB&I: Large Business & International division of the IRS.
  • TDC SFS-SM: Taxpayer Digital Communication Secure File Sharing – Secure Messaging.
  • POA: Power of Attorney.
  • SADI: Secure Access Digital Identity (an IRS online services account, though not directly used for TDC SFS-SM).
  • SEMS: Secure Email Messaging System (an alternative secure communication method).

This system allows users to correspond with LB&I representatives conveniently through a web browser, submit documents securely, and receive information without compromising data integrity.

How to Participate in TDC SFS-SM for LB&I Audits?

Participation in TDC SFS-SM is straightforward but requires specific steps to ensure compliance and security.

Eligibility and Requirements

  • Who Can Participate? Any taxpayer or their POA with a return under an LB&I audit.
  • Criteria: You must be invited by your LB&I agent, submit a signed consent form, undergo authentication, and be added to the system.
  • Consent Form: Signed by someone who can legally bind the entity (e.g., for businesses) or by either spouse for joint returns. A valid Form 2848 POA can sign on behalf of the taxpayer, but Form 8821 does not grant this authority. Submit via in-person, email, e-fax, or mail.

Foreign attorneys and CPAs who are not U.S. citizens can represent users, provided they meet IRS practice standards per Publication 947.

Authentication Process

Authentication is a critical step to verify identity. If the LB&I agent hasn’t met you face-to-face, a one-time in-person or video meeting (using platforms like Cisco WebEx, ZoomGov, or Microsoft Teams) is required. Identity is validated with government-issued ID or a company badge.

Security Features of TDC SFS-SM

Security is paramount in TDC SFS-SM, aligning with federal standards to protect taxpayer data.

  • Protocols: The system is hosted on Amazon Web Services GovCloud, which has FedRAMP authorization. It adheres to NIST, OMB, and FIPS standards. Annual security assessments by IRS Cybersecurity ensure ongoing compliance. Data is encrypted both in transit and at rest.
  • Vulnerability Assessments: While external assessments aren’t permitted on federal systems, the IRS confirms rigorous internal evaluations.
  • Retention Policy: All data is maintained indefinitely at this time.
  • Additional Resources: For more on secure communication, visit the IRS page on Communicate Securely with the IRS Online.

Accessing and Using the TDC SFS-SM System

Once authenticated, accessing the system is user-friendly.

  • Setup: After submitting the consent form, your account is created within 24-48 hours. You’ll receive an email with a login link to set up your account. Access via irs.gov LB&I Secure Messaging.
  • Password Management: Reset links expire after 30 minutes; change passwords every 60 days. Accounts auto-unlock after 120 minutes if locked due to failed attempts.
  • Inactivity Timeout: 15 minutes, with a 90-second warning pop-up.
  • Messaging: Only IRS agents can initiate messages; users reply within the portal.
  • Troubleshooting: Clear browser history/cookies, reboot, and retry if login issues arise. Contact your LB&I agent for problems.

Attachments and File Handling

  • Limits: Agents are capped at 25MB per attachment; users at 1GB (split large files or use ZIP if needed).
  • Blocked Extensions: Executable files like .EXE, .BAT, and certain macros (.DOCM, .XLSM) are prohibited to prevent security risks.

Comparing TDC SFS-SM with Other IRS Systems

SADI Integration

SADI is an IRS account for various tax tools, but it’s separate from TDC SFS-SM. You can use both simultaneously, but email addresses can’t overlap. Use a business email for TDC SFS-SM and a personal one for SADI. To change your SADI email, log into your IRS account and update your profile.

Differences from SEMS

TDC SFS-SM doesn’t replace SEMS; you can use both. Key differences:

  • TDC SFS-SM is fully web-based with all activities in one portal, unlimited file sizes (up to 1GB for users), and no need for digital certificates.
  • SEMS relies on email clients, requires ongoing certificate licenses, and has file size limits.
  • A separate consent form is needed for TDC SFS-SM, even if you have a SEMS MOU.

Full List of FAQs from IRS Publication 5593

For a complete reference, here are the FAQs extracted from Publication 5593:

  1. What is the TDC SFS-SM system? A web-based platform for secure information exchange.
  2. Is TDC SFS-SM permanent? Yes, beyond COVID-19.
  3. Requirements to participate? Invitation, consent form, authentication, and addition to the system.
  4. Criteria? Under LB&I audit with signed consent.
  5. Eligible users? Those with returns under LB&I audit.
  6. More information? Visit irs.gov LB&I Secure Messaging.
  7. Access problems? Contact your LB&I agent.
  8. Retention? Indefinite.
  9. Security protocols? FedRAMP, NIST-compliant, annual assessments.
  10. Data encryption? Yes, fully.
  11. Authentication? In-person or video with ID verification.
  12. Foreign representatives? Yes, per Publication 947.
  13. Access method? Email link post-consent; login via IRS site.
  14. New notification? Reset password.
  15. Reset time? 30 minutes.
  16. Password changes? Every 60 days.
  17. Locked account? Auto-unlocks after 120 minutes.
  18. Inactivity timeout? 15 minutes.
  19. Who initiates messages? IRS agents only.
  20. What is SADI? IRS online account (not for TDC SFS-SM).
  21. Using both? Yes, with separate emails.
  22. Change SADI email? Via IRS account profile.
  23. Replacing SEMS? No.
  24. Differences from SEMS? Web-based, larger files, no certificates.
  25. New consent for SEMS users? Yes.
  26. Who signs consent? Authorized representatives.
  27. Submit consent? In-person, email, etc.
  28. Attachments? Yes, with size limits.
  29. Blocked files? Executables and macros.

Why TDC SFS-SM Matters for LB&I Compliance?

Adopting TDC SFS-SM streamlines LB&I audits, reducing paperwork and enhancing security. For large businesses, this means faster resolutions and better protection of financial data. Always consult the official IRS resources for the latest updates, as directives and campaigns evolve.

If you’re under an LB&I audit, discuss TDC SFS-SM with your agent to get started. For more on LB&I directives and campaigns, explore the IRS Large Business & International section.