IRS still coping with identity theft and service problems
The Internal Revenue Service is continuing to face challenges with identity theft and taxpayer service this tax season, although there have been some improvements since last year.
IRS deputy commissioner for services and enforcement John M. Dalrymple told lawmakers during a House oversight hearing last week the filing season has been relatively problem-free so far.
“I am pleased to report that the last several filing seasons have gone smoothly in terms of tax return processing,” he said, according to his prepared testimony. “Thus far the 2017 filing season has been no exception. As of February 24, the IRS received more than 52.3 million individual returns, on the way to a total of about 152 million. We have issued over 41.3 million refunds for more than $127 billion, with the average refund totaling approximately $3,071.”
Dalrymple noted, however, that the IRS was forced to rely on antiquated IT systems, with approximately 60 percent of the agency’s hardware and 28 percent of its software out of date and in need of an upgrade. “Continuing to rely on such outdated systems is costly and poses a risk of outages or failures,” he added.
He said the IRS has been making steady progress in combating identity theft. As a result of the PATH Act of 2015, the IRS is now required to give extra scrutiny to tax returns claiming the Earned Income Tax Credit or the Additional Child Tax Credit, and hold the tax refunds until February 15. “This change and another change accelerating the filing date of Forms W-2 have together helped the IRS improve its ability to spot incorrect or fraudulent returns,” he added.
Another PATH Act provision required Individual Taxpayer Identification Numbers to expire if they had been issued before 2013, or if the ITINs have not been used on a federal tax return for three years in a row. That too helped the IRS detect fraudulent returns, although the changes required significant resources to implement, Dalrymple noted.
He said the IRS has been making progress in deterring identity theft in recent years, thanks to the collaborative efforts of the Security Summit, which involves a partnership between the IRS, state tax authorities, tax software companies, and tax preparation chains. They have added extra authentication procedures, filters and information sharing to block criminals. But identity thieves are still trying to steal tax refunds. One CPA recently called Accounting Today and reported that several of his clients received notices this tax season from the IRS informing them their tax refunds had been claimed by someone else.
Dalrymple acknowledged that identity thieves are still trying to capture the refunds. “Even with this progress, the fraud filters in our processing systems are still catching a large number of false returns, which shows that identity theft continues to be a major threat to tax administration–a threat that receives our sustained vigilance and the continuous strengthening of our defenses against this crime,” he said.
During fiscal year 2016, Dalrymple noted that the IRS’s systems stopped more than $6.5 billion in fraudulent refunds on 969,000 tax returns confirmed to have been filed by identity thieves.
He said the IRS has also been making progress in helping victims of identity theft. Several years ago, it took an average of 300 days to close a case, but more recently the IRS has been meeting its goal of closing a case in an average of 120 days or less. The case inventory for identity theft victims has also declined from about 95,000 at the end of fiscal year 2015 to 28,900 last month.
The IRS has also been improving its telephone service for taxpayers. Last year, it used $178 million of the additional funding it received from Congress to hire an extra 1,000 temporary employees. As a result, the average level of service on the IRS’s toll-free phone lines during the 2016 tax season exceeded 70 percent, compared to a dismal average of 37 percent during the 2015 filing season. However, when the temporary employees went off the rolls at the end of last tax season, the phone level of service dropped again and ended up with an average of 53 percent for fiscal year 2016, but that was still better than 2015. So far, for the 2017 filing season, Dalrymple reported improved phone service, and he predicts the average phone level of service for the filing season as a whole will be about 75 percent.
A report from the Government Accountability Office released on the day of the hearing also found the IRS provided better telephone service to callers during the 2016 filing season compared to 2015. However, the GAO noted that the IRS’s performance during the full fiscal year remained low. The GAO report also acknowledged that the IRS has improved some aspects of its service for identity theft victims, but still found some lingering problems.
“However, inefficiencies contribute to delays, and potentially weak internal controls may lead to the release of fraudulent refunds,” said the GAO. “In turn, this limits [the] IRS’s ability to serve taxpayers and protect federal dollars.”
The GAO recommended the IRS improve its file retrieval and scanning processes to speed up help to victims of identity theft. The GAO also sees problems with the IRS’s internal control processes that could lead to the IRS paying refunds to fraudsters. In discussion groups with the GAO, IRS assistors and managers said some of the assistors may release refunds even if indicators on the account show that the tax return is under review for identity theft, or two returns have been filed for that taxpayer. “Some participants said assistors answering telephone calls can release these holds because they do not understand the codes on the taxpayer's account,” said the report. “IRS officials said that these errors are not widespread and provided data to support their position.”
However, the GAO said it identified weaknesses in the data, which the IRS officials acknowledged. In response to the GAO’s report, IRS officials provided the GAO with another analysis in January of IRS data that they said showed this type of error does occur but may not be as widespread as its own staff and managers suggested. The GAO said it would continue to work with the IRS to determine if the additional data is enough to address its recommendations.
Another problem the GAO found is the IRS does not notify taxpayers when a dependent’s identity appears on a fraudulent return.
“According to IRS officials, the agency does not consider a dependent to be a victim if his or her Social Security number had been used as a dependent on a fraudulent return,” said the report. “However, [the] IRS has previously provided guidance to taxpayers when a dependent was a victim of identity theft. After one data breach in 2015, [the] IRS notified taxpayers and provided information on actions that parents could take to protect a minor's identity when their dependents were also victims. By not notifying taxpayers that their dependents' information may have been used to commit fraud, [the] IRS is limiting taxpayers' ability to take action to protect their dependents' identity.”
Inspector General Findings
Russell P. Martin, assistant inspector general for audit at the Treasury Inspector General for Tax Administration, also presented a report at last Wednesday’s hearing, which found some continuing problems with how the IRS is handling identity theft victims. TIGTA’s previous reviews from 2015 have identified long delays in case resolution and account errors, and that not all identity-theft victims receive Identity Protection Personal Identification Numbers, or IP PINs, he noted. Not all of those problems have been resolved in follow-up reports.
TIGTA is also concerned about the IRS’s increasing reliance on technology-based assistance to make up for cuts in face-to-face service. “The risk of unauthorized access to tax accounts increases as the IRS expands its focus on delivering online tools,” said the report. “The increasing number of data breaches in the private and public sectors means more personal information than ever before is available to unscrupulous individuals. Many of these data are detailed enough to enable circumvention of most authentication processes.”
The IRS isn't the only federal agency struggling to control identity theft. On Wednesday, members of the House Ways and Means Committee introduced two pieces of bipartisan legislation to protect Americans from identity theft. One bill would prevent the Social Security Administration from mailing any document containing a full Social Security number unless it is necessary. The other bill would require the Social Security Administration to issue a new Social Security number to any children under the age of 14 who have had their Social Security card stolen after it was mailed by the SSA.