Tax panel wants IRS to improve security
The Electronic Tax Administration Advisory Committee is recommending ways for the Internal Revenue Service to combat tax fraud and identity theft with better cybersecurity.
Members of ETAAC represent various segments of the tax community, including tax practitioners and preparers, consumer advocates, state governments and tax software developers. During its annual public meeting Wednesday, the committee released its annual report to the IRS and Congress, providing a number of recommendations for improving security and curbing identity theft-related tax fraud. This year’s report is the first in which the ETAAC focused on the efforts of the Security Summit, in which the IRS has been partnering since 2015 with state tax authorities, tax software companies and major tax prep chains to fend off identity thieves.
ETAAC said it believes the Security Summit is having a positive impact and should continue to be a “signature initiative” for the IRS. The report also pointed to the additional $290 million in funding that Congress approved in the IRS budget for fiscal year 2016 to improve taxpayer service, strengthen cybersecurity and expand the IRS’s ability to address identity theft. It said the additional funding was vital in allowing the IRS to stay focused on efforts to combat identity theft.
“ETAAC believes Congress invested wisely with the additional appropriation and, given the Security Summit’s progress made to date, supports continued congressional attention in this area,” said the report.
The report included a number of recommendations in the area of educating and protecting taxpayers, such as improving authentication practices, including using innovative pilot programs, and replacing outmoded e-file signature verification processes that rely on prior-year adjusted gross income and personal identification numbers. The report also recommended increasing taxpayer awareness of security by expanding employer outreach, leveraging social media and extending targeted communications to diverse communities. ETAAC also suggested the IRS engage tax professionals by updating IRS publications, increasing awareness and education on security, communicating standards and providing easy-to-use compliance tools.
The report also provided recommendations on how the IRS could strengthen its own cyber defenses. ETAAC said the IRS should continue its efforts at establishing a common cybersecurity standard. The IRS should also expand federal, state and industry participation in the cybersecurity area. It should also create mechanisms to anticipate future identity theft tax refund fraud and cybersecurity trends and threats, and develop proactive responses to them.
To detect fraud and respond quickly, the report recommended the IRS document and improve its “industry leads” information-sharing processes and implement the Security Summit’s Information Sharing & Analysis Center by increasing participation, removing barriers to sharing and providing adequate funding.
In terms of improving participation and partnerships in the Security Summit, the report suggested the IRS increase state and tax industry participation, increase participations by financial Institutions in both the Security Summit and IRS “leads” programs. The IRS should also expand payroll community participation by payroll providers in the Security Summit, according to the report.
"The ETAAC’s report builds on the significant, ongoing work by the IRS, the states and our private sector partners to protect the entire tax system," IRS Commissioner John Koskinen said in a statement. "We greatly appreciate the contributions of the Committee’s members to the production of this detailed report. The IRS will be reviewing the report’s recommendations, which will help us continue to make improvements in our fight against identity theft and refund fraud."