Fraudsters file false quarterly returns to steal tax refunds

The Internal Revenue Service didn't do enough to verify the identity of callers to its Practitioner Priority Service and Business Specialty Tax telephone lines, allowing the unauthorized disclosure of tax information, the fraudulent filing of Forms 941, and the issuance of fraudulent tax refund checks, according to a new report.

The report, released Friday by the Treasury Inspector General for Tax Administration, came in response to a referral from TIGTA's Office of Investigations about a scheme involving the filing of false Forms 941, the tax return that's filed on a quarterly basis by businesses. TIGTA assessed the policies and procedures that the IRS has implemented to stop fraudsters from using this scheme to file fraudulent Forms 941 claiming a tax refund and found that authenticating callers' identity on business and Practitioner Priority Service phone lines needs to be strengthened to combat fraud.

"If the IRS does not properly authenticate individuals before providing tax account information, there is a continued risk of unscrupulous individuals taking advantage of the tax system," said the report. "The federal government is also at risk of losing funds."

Last October, TIGTA alerted the IRS to a scheme involving more than $93 million in fraudulent refunds issued to 20 different businesses. Most of the payments were stopped, but at least $2.7 million was paid to the criminals. Upon doing further analysis, TIGTA found 150 unique Employer Identification Numbers that were issued $55.6 million in refund checks between January 2023 and July 2024.

IRS employees alerted officials about the risk of erroneous refunds being issued based on the fraudulent Form 941 filings, but management at the agency didn't take action to prevent the scheme. IRS representatives in the Customer Account Services function raised the issue in June and August 2024.

TIGTA found the IRS has guidance in place to ensure IRS representatives are aware of possible fraudulent activity on a  tax account, including a tool that alerts them when identity theft is suspected or documented. If identity theft is an issue on a tax account, IRS employees are required to do additional research, including reviewing history notes on the account, TIGTA noted. 

"Our review of the history notes showed that IRS employees had documented fraudsters' initial requests for tax information," said the report. "If subsequent IRS employees had reviewed those notes, they may not have provided the information needed to further the fraud scheme."

Last October, TIGTA reported an impersonation scheme that involved fraudsters calling the Practitioner Priority Service telephone line, which is used by tax professionals. Some of the report is redacted when discussing exactly what the fraudsters did, but as a result of TIGTA's review, IRS management implemented additional authentication controls. IRS representatives answering calls on the Practitioner Priority Service telephone line received access to the Secure Access Digital Identity dashboard to help them verify the identity of the person on the telephone before any tax return transcripts are released.

TIGTA recommended the IRS should educate representatives about the fraud scheme and require them to properly authenticate callers before providing tax account information, including tax deposit and tax transcript information. IRS management agreed with TIGTA's recommendation and took corrective action.

"The protection of taxpayer information and prevention of fraudulent refunds are top priorities at the IRS," wrote Kenneth Corbin, chief of the Taxpayer Services division at the IRS, in response to the report. "We regularly review our electronic filing systems and recognize the critical need for accuracy and efficiency during form processing and record retrieval, while maintaining database integrity."