The Internal Revenue Service and the Social Security Administration were urged during a congressional hearing Tuesday to take further steps to curb identity theft-related tax fraud.
Like what you see? Click here to sign up for Accounting Today's daily newsletter to get the latest news and behind the scenes commentary you won't find anywhere else.
“To date, little has been done to ensure that tax refunds are directly deposited only into the taxpayer’s account,” said Treasury Inspector General for Tax Administration J. Russell George. “Some bank accounts are obviously being used for the refunds of many different taxpayers. For example, we found that 4,157 of the potentially fraudulent tax refunds we identified totaling $6.7 million were deposited into one of 10 bank accounts. Each of these 10 bank accounts had direct deposits of more than 300 tax refunds.”
IRS deputy commissioner of services and enforcement Steven T. Miller acknowledged the problem, but responded that in some cases tax preparers might have bank accounts that receive multiple tax refunds. Families and Indian tribes might also have such accounts.
National Taxpayer Advocate Nina Olson noted that taxpayers might need to wait months longer to get their tax refunds if the IRS were to put in place the proper identity theft safeguards. In some cases, that led to tax refund delays this tax season because of the identity theft filters used by the IRS (see Taxpayer Advocates Cope with IRS Tax Refund Delays and Identity Theft).
“At a fundamental level, we need to make some choices about what we want most from our tax system,” said Olson. “If our goal is to process tax returns and deliver tax refunds as quickly as possible, the IRS can continue to operate as it currently does—but that means some identity thieves will get away with refund fraud and some honest taxpayers will suffer harm. If we place a greater value on protecting taxpayers against identity theft and the Treasury against fraudulent refund claims, we may need to make a substantial shift in the way the IRS does business. Specifically, we may need to ask all taxpayers to wait longer to receive their tax refunds, or we may need to increase IRS staffing significantly. Under current circumstances, it is simply not possible for the IRS both to process legitimate returns rapidly and to combat identity theft effectively.”
Olson said she is concerned about the IRS’s ability to develop procedures to promptly assist taxpayers who are victimized by identity theft, in part because of how the IRS has handled a related issue involving fraud by tax return preparers. “The IRS has struggled to unwind the harm done to victims—even when it had plenty of time to develop procedures,” she said. “More specifically, [the Taxpayer Advocate Service] has received a significant number of cases involving preparer refund fraud. These preparers alter taxpayers’ returns by inflating income, deductions, credits or withholding without their clients’ knowledge or consent, and pocket the difference between the revised refund amount and the amount expected by the taxpayer. The IRS ultimately discovers that the taxpayer’s return is incorrect and attempts to recover the excess refund from the taxpayer through levies, liens and other enforcement actions. In one egregious instance involving several returns prepared by the same tax return preparer—and despite the IRS’s concurrence that the returns it processed were not the returns signed by the taxpayers—our Local Taxpayer Advocate could not persuade the IRS Accounts Management function to adjust the taxpayers’ accounts to remove the fabricated income or credits.”
TIGTA released a report Tuesday that also found problems with IRS customer service to victims of identity theft (see IRS Customer Service Problematic for Identity Theft Victims).
Rep. Erik Paulsen, R-Minn., said he and several other members of the Ways and Means Committee are introducing bipartisan legislation to double the penalties against tax preparers who defraud clients and the IRS by altering tax returns for their personal benefit (see Congress Introduces Bill to Increase Tax Preparer Penalties).
Debit Cards and Identity Theft
Both Olson and George pointed to the growing use of debit cards by identity thieves. “The use of debit cards to receive tax refunds further increases the risk of tax fraud,” said George. “Identity thieves are using debit cards to fraudulently obtain direct deposits of fraudulent tax refunds. For example, authorities confiscated over 5,000 debit cards during the investigation of a Tampa, Florida identity theft scheme. Individuals can obtain a debit card online or from a bank, a third-party provider, or a local retailer. This complicates the IRS’s efforts to identify the holder of the debit card as well as the bank account and the tax account associated with the debit card. In addition, the debit card issuer is the only entity that can ensure the individual requesting the debit card and receiving the tax refund is the taxpayer.”
IRS deputy commissioner Miller said the IRS was improving its identity theft protection efforts, and said the IRS has begun working with local law enforcement in Tampa on the debit card problem.
“Fighting identity theft will be an ongoing battle for the IRS and one where we cannot afford to let up,” he said. “The identity theft landscape is constantly changing, as identity thieves continue to create new ways of stealing personal information and using it for their gain. We at the IRS must continually review our processes and policies to ensure that we are doing everything possible to minimize the incidence of identity theft and to help those who find themselves victimized by it.”
Miller noted that overall the IRS has identified and prevented the issuance of over $14 billion in fraudulent refunds in 2011.
“Identity theft is a subset of this overall refund fraud,” he added. “From 2008 through March 2012, the IRS identified more than 490,000 taxpayers who have been affected by identity theft. These are taxpayers who have filing requirements and who are or may be impacted by the theft. With respect to these taxpayers, in calendar year 2011, the IRS protected $1.4 billion in refunds from being erroneously sent to identity thieves. This does not include identity theft of those without a filing requirement (though that value is included in the above $14 billion).”
Restricting Access to Death Master File
Miller said the IRS would be helped by restricting access to the Death Master File issued by the Social Security Administration, which is used by identity thieves to gain access to Social Security numbers of the deceased. However, Congress would need to make a legislative change to limit access to the file.
Social Security Administration general counsel David F. Black said there would be problems with restricting access to the Death Master File, however. He noted that his agency had created the file in response to requests from banks, hospitals, universities, insurance companies and genealogical services, including Freedom of Information Act requests. He anticipated lawsuits if Congress changed the law to restrict access to the file.
“Our practice involving the Death Master File remains legally sound, based on FOIA, case law, the Department of Justice FOIA guidance, and OMB’s Privacy Act guidance,” said Black. “Any attempt to limit disclosure of death information under current law would undoubtedly spawn additional litigation. More importantly, we see no new judicial interpretation of FOIA or the Privacy Act that would allow us to withhold data on deceased individuals from the general public. Accordingly, the Administration is seeking congressional action to exempt this information from the FOIA to protect countless Americans from the threat of identity theft through abuse of the Death Master File.”
Social Security Administration Inspector General Patrick O’Carroll Jr. acknowledged that restricting access to the Death Master File could help with combating identity theft. “My office has long taken the position that to the extent possible, SSA should limit public access to the DMF to that required by law, and take all possible steps to ensure its accuracy,” he said. “We have made several recommendations to this effect.”
He noted that because of a consent judgment in a 1978 Freedom of Information Act lawsuit—Perholtz vs.Ross—the SSA was required as of 1980 to provide death records that included the SSN, the last name, and the date of death of deceased number holders. The result was the creation of the DMF. The SSA later expanded the DMF to include individuals’ first and middle names, date of birth, residential state and zip code. However, last November, the SSA made changes to the DMF. It stopped providing the decedent’s residential state and zip code. In addition, the SSA removed about 4.2 million state records from the DMF, based on a provision in the Social Security Act prohibiting the SSA from disclosing death records the agency receives through its contacts with the states, except in limited circumstances.