TIGTA sees IRS’s Security Summit partnership as key to fight against identity theft
The Internal Revenue Service’s partnership with state and industry leaders is a key focus in further reducing tax-related identity theft, according to a new report.
The report, from the Treasury Inspector General for Tax Administration, evaluated the impact of the IRS’s Security Summit partnership with state tax authorities, tax preparation chains, and tax prep software companies to combat identity theft. It cited the IRS’s most recent Identity Theft Taxonomy report for processing year 2016. The IRS estimated it prevented the issuance of between $10.56 billion and $10.61 billion in fraudulent tax refunds, but the IRS also reported that identity thieves were successful in receiving an estimated $1.68 billion to $2.31 billion in fraudulent tax refunds.
However, the IRS is continuing to expand its efforts to detect and prevent identity theft. For 2018, the IRS is using 200 identity theft filters to identify potentially fraudulent tax returns at the time the tax returns are filed and before tax refunds are issued. As of Dec. 31, 2017, the IRS had identified 652,119 fraudulent returns and prevented more than $7.2 billion in fraudulent tax refunds thanks to those filters.
The IRS is continuing to work with the Security Summit to explore other types of programs and processes that can help improve the extent of sharing identity theft information and enhance detection and prevention of tax‑related identity theft through the Identity Theft Tax Refund Fraud Information Sharing and Analysis Center, also known as ISAC. The IRS and its Security Summit partners launched ISAC as a pilot in January 2017.
According to the April 2018 Identity Theft Tax Refund Fraud ISAC Annual Report, participation in ISAC has increased from 18 participating organizations in 2017 to 60 participating organizations and more than 400 registered users this year. The report also found that alert and data contributions by participating organizations have increased more than six-fold since January 2017.
On top of that, the IRS has developed more filters in response to TIGTA recommendations to improve the detection of fraudulent tax returns that use Schedule C, Profit or Loss From Business (Sole Proprietorship), income and foreign addresses. But because of programming errors and the use of a dollar tolerance, 28,092 potentially fraudulent tax returns with refunds totaling more than $4.4 million weren’t identified by the filters.
The IRS also began a Form W-2 [Wage and Tax Statement] Verification Code initiative in processing year 2016 as a pilot program. IRS management told TIGTA that would be the last year it would operate as a pilot program, but TIGTA said the passage of legislation as well as significant payroll provider data breaches warrant ensuring there is continued business value before the IRS expands the Verification Code initiative. The IRS initially partnered with four large payroll providers to test the use of a 16-digit verification code, and for the 2018 filing season, the IRS expanded the initiative to partner with 10 payroll providers, who placed a verification code on approximately 61 million Forms W-2 for tax year 2017, representing 885,000 employers. However, after the IRS began pilot-testing the initiative, Congress enacted the Protecting Americans from Tax Hikes Act, or PATH Act, which changed the filing date by which employers have to file Forms W-2 with the Social Security Administration to January 31, making them available for use by the IRS at the time tax returns are filed. Before the 2017 filing season, the due date for a paper FormW-2 was February 28, and for an electronically filed Form W-2, the due date was March 31. TIGTA also pointed out that attempts by unscrupulous individuals to obtain Form W-2 information from employers, payroll providers, and tax professionals significantly increase the risk that the verification code is compromised, thereby reducing its usefulness.
TIGTA recommended the IRS revise its identity theft detection filters to eliminate specific dollar tolerances and ensure that the reduction in the risk of tax-related identity theft warrants full implementation of the Form W-2 Verification Code Program. The IRS disagreed with one of the two recommendations. The IRS said it doesn’t believe eliminating the dollar tolerances from filters would be a wise use of its resources.
“We agree that exclusionary criteria based on threshold tolerance levels does not capture and suspend questionable returns with very low refund amounts,” wrote Kenneth C. Corbin, commissioner of the IRS’s Wage and Investment Division, in response to the report. “We disagree, however, with the conclusion that the threshold tolerance criteria should be removed from the filters.”
TIGTA, for its part, argued that, at a minimum, the IRS should consider reducing the dollar tolerance to reduce the known risk in this area.