The Internal Revenue Service is losing billions of dollars to fraudsters every year from stolen Employer Identification Numbers, according to a new government report, even though it has some processes in place to authenticate individuals who apply for an EIN.

The report, released publicly Thursday by the Treasury Inspector General for Tax Administration, found the IRS needs to do more to prevent fraud from the use of stolen EINs.

The IRS issues EINs to identify taxpayers’ business accounts. Individuals who try to commit tax refund fraud oftentimes steal or falsely obtain an EIN to file tax returns that report false income and withholding. TIGTA estimated that such fraud could top $11.4 billion in potentially fraudulent refunds over a five-year period.

The overall objective of TIGTA’s review was to assess the IRS’s processes for issuing EINs and identifying stolen or falsely obtained EINs for reporting income and withholding. TIGTA acknowledged that the IRS has developed processes to both authenticate individuals applying for an EIN and ensure that there is a valid business reason to obtain an EIN.

However, TIGTA identified 767,071 electronically filed individual tax returns in tax year 2011 with refunds based on falsely reported income and withholding. Of the 285,670 EINs used on these tax returns, 277,624 were stolen EINs used to report false income and withholding on 752,656 tax returns with potentially fraudulent refunds issued totaling more than $2.2 billion, while 8,046 were falsely obtained EINs used to report false income and withholding on 14,415 tax returns with potentially fraudulent refunds issued totaling more than $50 million.

The IRS has processes to prevent fraudulent refunds claimed using stolen and falsely obtained EINs, but it does not have the third-party Form W-2 information that it needs to make significant improvements in its detection efforts. Nevertheless, the IRS does maintain data that could increase its ability to detect tax returns with false income and withholding associated with stolen or falsely obtained EINs, TIGTA noted.

“With an estimated tax gap in excess of $450 billion, it is imperative that the IRS use all available data to increase its ability to detect tax returns with false income and withholding associated with stolen or falsely obtained EINs,” said TIGTA Inspector General J. Russell George in a statement.

In response to the report, the IRS said it takes refund fraud and identity theft very seriously. "The IRS continues to increase its efforts against refund fraud, which includes identity theft," the IRS said in a statement. "As a result of these aggressive efforts to combat identity theft since 2011, the IRS has stopped 12.6 million suspicious returns, and protected over $40 billion in fraudulent refunds. The IRS appreciates TIGTA’s recognition of the effective processes we have developed to identify and prevent the fraudulent use of Employer Identification Numbers (EIN). The creation of the Business Master File Identity Theft Team is a substantial step forward in identifying threats associated with the misuse of EINs and developing effective mitigation strategies. We are taking additional steps for the coming filing season, including preparing a new Return Review Program for 2014 that will incorporate EIN validation into our fraud detection process."

TIGTA recommended that the IRS update its fraud filters to identify potentially fraudulent tax returns and develop processes to identify individuals who submit tax returns that report income and withholding using the EIN of a closed business. IRS officials agreed with TIGTA’s recommendations and plan to update the fraud filters.

Peggy Bogadi, commissioner of the IRS’s Wage and Investment Division, pointed to the steps the IRS has already taken to combat identity theft and tax return fraud, including the creation of the Business Master File Identity Theft Team and the Return Review Program. She pointed out, however, that the IRS is facing a number of challenges, including the potential delays in processing tax returns. That is what happened last year when the IRS tightened the identity theft filters and millions of taxpayers were left waiting months for their tax refunds from tax year 2011 (see 7.8 Million Tax Refunds Delayed This Season at IRS).

“Using the business tax return filing and withholding information will be helpful in identifying potentially fraudulent refund claims by individuals using false wage and withholding information; however, there is a risk of delaying the processing of legitimate tax returns filed by individuals whose employers are not compliant with their tax and/or information filing obligations,” Bogadi wrote in response to the report. “Our sample review of the potentially fraudulent tax returns, identified by the Treasury Inspector General for Tax Administration, found situations where the employers had remitted payroll tax deposits but were delinquent in filing employment tax returns. We also noted instances where wage and withholding information from the employer was present for prior and/or subsequent periods that, in our experience, indicate either data anomalies or non-compliance with filing requirements. In these situations, non-compliance by employers does not equate to refund fraud by employees. With filings of individual income tax returns exceeding 140 million annually, we must ensure that corrective actions do not have the unintended result of flagging legitimate returns as being potentially fraudulent.”