TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

Procedures Need to Be Developed for Collection Issues Associated With Individual Taxpayer Identification Numbers

 

 

 

March 29, 2010

 

Reference Number:  2010-40-040

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

Redaction Legend:

1 = Tax Return/Return Information

2(e) = Law Enforcement Procedure(s)

2(f) = Risk Circumvention of Agency Regulation or Statute (whichever is applicable)

 

Phone Number   |  202-622-6500

Email Address   |  inquiries@tigta.treas.gov

Web Site           |  http://www.tigta.gov

 

March 29, 2010

 

 

MEMORANDUM FOR DEPUTY COMMISSIONER FOR OPERATIONS SUPPORT

COMMISSIONER, SMALL BUSINESS/SELF-EMPLOYED DIVISION

                                         COMMISSIONER, WAGE AND INVESTMENT DIVISION

 

FROM:                            Michael R. Phillips /s/ Michael R. Phillips

                                         Deputy Inspector General for Audit

 

SUBJECT:                    Final Audit Report – Procedures Need to Be Developed for Collection Issues Associated With Individual Taxpayer Identification Numbers (Audit # 200940042)

 

This report presents the results of our review to determine whether the Internal Revenue Service (IRS) has procedures to effectively handle collection issues related to Individual Taxpayer Identification Numbers (ITIN).[1]  This audit is included in the Treasury Inspector General for Tax Administration’s (TIGTA) Fiscal Year 2010 Annual Audit Plan and was conducted due to concerns raised by an IRS employee.  This audit addresses the major management challenges of Taxpayer Privacy and Protection, Leveraging Data to Improve Program Effectiveness and Reduce Costs, and Providing Quality Taxpayer Service Operations.

Impact on the Taxpayer

Many tax returns are filed by individuals who have used another person’s Social Security Number or another person’s name and Social Security Number to work, but file Federal tax returns using their own names and assigned ITINs.  When collection actions are taken on the account of the legitimate holder of the Social Security Number, tax complications can occur for both the legitimate holder of the Social Security Number used by other(s) to work and the individual who used another person’s Social Security Number to work.  Without collection procedures in place, taxpayers cannot be assured that the correct actions are being taken to address their issues.

Synopsis

An IRS employee contacted the TIGTA with concerns about the lack of guidance available to resolve levy[2] issues associated with ITINs and individuals who work using another person’s identity.  Individuals using another person’s Social Security Number to work were having their wages attached by levies associated with the account of the legitimate holder of the Social Security Number.

The following actions are not required and were not taken to ensure:

  • The wages earned by the ITIN taxpayer were reported on a tax return using an ITIN.
  • The account of the legitimate holder of the Social Security Number was referred to the IRS’ Identity Theft function and an indicator placed on the taxpayer’s account.
  • The wages were removed from the account of the legitimate holder of the Social Security Number.

Guidelines should be updated to handle collection issues associated with ITINs.  There are no internal guidelines that address what an IRS employee should do when an individual who used another person’s Social Security Number to work contacts the IRS to have a wage levy released.

Taxpayer Assistance Center[3] guidelines state that taxpayers will generally visit a Taxpayer Assistance Center once they learn that a Notice of Levy has been attached and will request a release.  Employees above a certain pay grade level may release a levy under certain circumstances using IRS Collection function guidelines.  These guidelines do not provide instructions for notifying the taxpayer whose Social Security Number is being used of potential identity theft related to levies attached to the wages of the individual using his or her Social Security Number to work.  This also holds true for assistors who answer the toll‑free telephone lines.

Although this situation deals with the issue of a wage levy, other collection issues related to ITIN taxpayers could be presented to IRS employees.  The IRS has not updated its internal guidelines to include collection issues related to identity theft and ITINs. 

Further, the IRS has no procedures for employees to initiate a process for notifying the taxpayer whose Social Security Number has been stolen.  Income matching and collection issues associated with ITINs also present many challenges to tax administration.  The IRS associates taxpayers with tax records using a Taxpayer Identification Number, be it an ITIN, Social Security Number, or Employer Identification Number.[4]  Using the Taxpayer Identification Number, the IRS matches income and wages from reporting documents to taxpayers’ tax returns.  Problems occur when there are mismatches, such as the name does not match the assigned Social Security Number, the taxpayer used a Social Security Number to work but filed a tax return using an ITIN, or the taxpayer used an ITIN to work and report wages and income. 

From a statistical sample of 96 records from a population of 551,108 Tax Year 2007 returns:

·        4 records (4 percent) showed the taxpayer filed a tax return using an ITIN but used another person’s name and Social Security Number to work (possible instances of identity theft).

·        73 records (76 percent) showed the taxpayer used his or her name but another person’s Social Security Number to work. 

·        19 (20 percent) records that included Wage and Tax Statements (Form W-2) could not be matched to any employers’ records.

The IRS stated there were almost 3 million Tax Year 2007 ITIN tax returns.  Our analysis showed that about 1.2 million Tax Year 2007 ITIN tax returns reported wages earned by ITIN taxpayers using another person’s Social Security Number. 

In addition, the IRS cannot currently identify cases created by ITIN taxpayers who used another person’s name and Social Security Number to work.  This prevents the IRS from notifying the legitimate holder of the Social Security Number who may be the victim of identity theft.

Recommendations

We recommended that the Commissioners, Small Business/Self-Employed and Wage and Investment Divisions, update internal procedures and guidelines to ensure all collection issues are considered and all required actions are taken to resolve the issues and establish a process to notify a taxpayer when there is evidence that the taxpayer’s identity (name and Social Security Number) has been compromised.  In addition, the Deputy Commissioner for Operations Support should develop a cross-referencing process to match ITIN tax returns to the related reporting returns and develop a process to capture data to determine potential identity theft victims.

Response

The IRS generally agreed with our recommendations.  The IRS has begun taking steps to update its internal guidelines and has a process to mark accounts of taxpayers who report they are victims of identity theft.  The IRS disagreed with the assertion that it does not have procedures to notify taxpayers when there is clear evidence of identity theft.  It states the Social Security Administration has a program in place to request information from individuals when there is a mismatch of Forms W‑2. 

The IRS will explore the feasibility of expanding the use of identity theft indicators and notification processes where it has the capability and legal authority to do so and where doing so would be beneficial to taxpayers.  The IRS stated it has already begun developing a process to match ITIN returns to their related reporting returns and has procedures through the Electronic Fraud Detection System[5] to identify potential identity theft victims.  The IRS agreed to explore the feasibility of a process to more broadly capture data to determine potential identity theft victims.  Management’s complete response to the draft report is included as Appendix V.

Office of Audit Comments

In its response to Recommendation 1, the IRS stated that all IRS functions have procedures in place to mark accounts when taxpayers report they are victims of identity theft and provide standard documentation.  The IRS also stated it has a process in place to resolve account issues for taxpayers who have been victims of identity theft.  However, as we reported, internal guidelines for Taxpayer Assistance Center employees instruct them not to put an identity theft indicator on the taxpayer account since the ITIN taxpayer (borrower) who came into the Taxpayer Assistance Center is not the identity theft victim.  Employees are also not instructed to forward the case to the Identity Theft function so that it can place an identity theft indicator on the account.  Therefore, there is no procedure in place to resolve the identity theft victim’s account when it is not the identity theft victim who reported the problem. 

In its response to Recommendation 2, the IRS stated that it currently marks the accounts of taxpayers when it identifies, either through systemic processes or through manual account review, that the taxpayer is a victim of identity theft.  It places an identity theft marker on these accounts to streamline assistance for taxpayers and to help mitigate future account problems.  When it marks these accounts, it also generates a notice to these victims informing them that their information appears to have been compromised and of the steps they can take to protect their identities.  However, as stated in the report, the IRS has no procedures for employees to initiate a process for notifying taxpayers who may be unaware that their Social Security Numbers have been stolen, as evidenced by the situation we presented in the report.  Functional employees are not instructed to put an identity theft indicator on the account of the victim or forward the case to the Identity Theft function when it is other than the victim who has reported the identity theft. 

Copies of this report are also being sent to the IRS managers affected by the report recommendations.  Please contact me at (202) 622-6510 if you have questions or Michael E. McKenney, Assistant Inspector General for Audit (Returns Processing and Account Services), at (202) 622-5916.

 

 

Table of Contents

 

Background

Results of Review

Internal Guidelines Should Be Updated to Handle Collection Issues Associated With Individual Taxpayer Identification Numbers

Recommendation 1:

Recommendation 2:

Income Matching Associated With Individual Taxpayer Identification Numbers Present Many Challenges to Tax Administration

Recommendations 3 and 4:

Appendices

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Outcome Measure

Appendix V – Management’s Response to the Draft Report

 

 

Abbreviations

 

IRS

Internal Revenue Service

ITIN

Individual Taxpayer Identification Number

TIGTA

Treasury Inspector General for Tax Administration

U.S.

United States

 

 

Background

 

An Internal Revenue Service (IRS) employee contacted the Treasury Inspector General for Tax Administration (TIGTA) with concerns about the lack of guidance available to resolve levy issues associated with Individual Taxpayer Identification Numbers (ITIN)[6] and individuals who work using another person’s identity.  Individuals using another person’s Social Security Number to work were having their wages attached by levies[7] associated with the account of the legitimate holder of the Social Security Number.  The employee was concerned that there were no procedures on how to resolve the levy issue.

However, this situation presents additional challenges to tax administration.  For example:

  • Were the wages reported on a tax return using an ITIN?
  • Was the account of the legitimate holder of the Social Security Number referred to the IRS’ Identity Theft function?
  • Were the wages removed from the account of the legitimate holder of the Social Security Number, the apparent victim of identity theft?

Identity theft affects tax administration when an individual intentionally uses the identity of another person to file a false tax return or fraudulently obtain employment.

In February 2009, the Federal Trade Commission reported that for the ninth year in a row identity theft was the number one consumer complaint nationwide.  Identity theft occurs when someone uses Personally Identifiable Information, such as an individual’s name, Social Security Number, credit card numbers, or other account information, to commit fraud and other crimes.  Identity theft affects tax administration when an individual intentionally uses the identity of another person to file a false tax return or fraudulently obtain employment.

The IRS issues ITINs to help individuals comply with Federal tax laws and provide a means to efficiently process and account for tax returns.  Only an individual who has a valid filing requirement or is filing a tax return to claim a refund of over‑withheld tax is eligible to receive an ITIN.  An ITIN is issued regardless of an individual’s immigration status. 

The issuance of an ITIN does not:

  • Change an individual’s immigration status.
  • Entitle the individual to Social Security benefits.
  • Entitle the individual to work in the United States (U.S.).
  • Entitle the individual to the Earned Income Tax Credit.

In general, the Social Security Administration limits its assignment of Social Security Numbers to individuals who are U.S. citizens and alien individuals legally admitted to the U.S. for permanent residence or under other immigration categories authorizing U.S. employment.  Consequently, individuals who do not meet these criteria cannot obtain Social Security Numbers.

The ITIN does not confer the right to employment, and the ITIN cannot be used to gain employment.

The ITIN does not confer the right to employment of an otherwise ineligible individual, and the ITIN cannot legally be used to gain employment.  However, many tax returns are filed by taxpayers who use another individual’s name and/or Social Security Number to work, but file tax returns using their own names and assigned ITINs. 

Consequences of using another person’s name and Social Security Number to work and report income include the following: 

·        Wages earned by an individual who works using another person’s Social Security Number will be reported by the employer to the Social Security Administration as being earned by the individual assigned that Social Security Number. 

·        Wages earned by an individual using another person’s Social Security Number will be reported to the IRS by the Social Security Administration as income to the individual assigned the Social Security Number.

·        The individual assigned the Social Security Number will not report the wages on his or her tax return, if a tax return was required and/or filed. 

Other complications occur when individuals use their own names but other persons’ Social Security Numbers to work or use an ITIN to work and report wages and other income (such as interest income). 

This review was performed at the Wage and Investment Division Program office in AtlantaGeorgia; the Taxpayer Assistance Centers in Gainesville, Georgia, and GreenvilleSouth Carolina; and the Small Business/Self-Employed Division in New Carrollton, Maryland; and the Field Collection offices in Decatur and Smyrna, Georgia, during the period September through December 2009.  We conducted this performance audit in accordance with generally accepted government auditing standards.  Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objective.  We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective.  Detailed information on our audit objective, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

 

 

Results of Review

 

Internal Guidelines Should Be Updated to Handle Collection Issues Associated With Individual Taxpayer Identification Numbers

There are no internal guidelines that address what an IRS employee should do when an individual who has used another person’s Social Security Number to work contacts the IRS to have a wage levy released.  How the IRS responds depends on whether the individual using another person’s Social Security Number to work has an ITIN and/or has filed a tax return. 

·           Tax complications can occur for the legitimate holder of the Social Security Number used by other(s) to work. 

A levy is a legal seizure of property to satisfy a tax debt.  Levies are different from liens.  A lien is a claim used as security for the tax debt, while a levy actually takes the property to satisfy the tax debt.

 

If taxes owed are not paid, the IRS may seize and sell any type of real or personal property that the taxpayer owns or has an interest in.  For instance, it could:

·         Seize and sell property that the taxpayer holds (such as a car, boat, or house).

·         Levy property that is the taxpayer’s but is held by someone else (such as wages, retirement accounts, dividends, and bank accounts).

 

The IRS usually levies only after three requirements are met:

·         The taxpayer was assessed the tax and sent a notice for demand for payment.

·         The taxpayer neglected or refused to pay the tax.

·         The taxpayer was sent a final notice at least 30 days before the levy

 

·           These complications can occur when the IRS matches income to tax returns and identifies income that is not reported on the tax return of the legitimate holder of the Social Security Number.  The income could result in additional taxes owed.  The legitimate holder of the Social Security Number must prove that this income is not his or hers. 

·        Tax complications can occur for the individual who used another’s Social Security Number to work when collection actions are taken on the account of the legitimate holder of the Social Security Number.  When a taxpayer owes additional taxes, the IRS may levy property.  The individual who has stolen the identity of a taxpayer to work can have his or her wages levied.  He or she must then provide sufficient support to the IRS to release the levy.

Internal guidelines address what employees should do when taxpayers claim that income reported with their Social Security Numbers is not theirs

The following scenario provides an example of a tax complication created when an individual uses another person’s identity to work. 

A taxpayer received a Notice of Underreported Income (CP 2000) from the IRS stating that he did not report all his income on his Tax Year 2008 return.  He did not report $3,500 in wages from XYZ Company.  The taxpayer claims he never worked for XYZ Company but worked the entire year for ABC Company.  He believes he may be a victim of identity theft.

When the above scenario is encountered, internal guidelines instruct IRS employees to advise taxpayers who call the toll-free telephone lines or visit a Taxpayer Assistance Center to do the following:

1.      Contact the Federal Trade Commission at (877-438-4338) to complete an Identity Theft Affidavit.

2.      Make a report to their local police and the three major credit bureaus.

3.      Respond to the IRS notice and include the following documentation:  A copy of the taxpayer’s valid U.S. Federal or State government-issued form of identification including, for example, driver’s license, State identification card, Social Security card, or passport and a signed IRS Identity Theft Affidavit (Form 14039).

IRS employees subsequently work the taxpayer’s case and if the proper documents are provided, employees close the case by removing the income from the taxpayer’s account and sending him or her notification that the issue has been resolved.  Using the previous example, the IRS employee would remove the income from XYZ Company from the taxpayer’s account and send a letter advising him or her that the income has been removed and the issue has been resolved.

Internal guidelines do not address how to release a wage levy when the IRS has levied the wages of an individual who used another individual’s Social Security Number to work

The following scenario provides a second example of a tax complication created when an individual uses another person’s identity to work.

An individual visits an IRS walk-in office, called a Taxpayer Assistance Center, to ask the IRS to release a levy on his wages at ABC Company for taxes owed for Tax Year 2004.  He brings in a copy of a levy from the IRS that was sent to his employer, the ABC Company, to attach wages for Taxpayer A (the lawful holder of the SSN).  He provides two picture identifications—an employee identification card with the name of Taxpayer A and his current driver’s license with the name of Taxpayer B (his actual name).

There are specific instructions addressing the situation where a taxpayer who used another person’s Social Security Number to work (called the “borrower”) comes into a Taxpayer Assistance Center and admits working under a “borrowed” Social Security Number.  The borrower “wants to get right with the system.”

Once the borrower proves the use of the Social Security Number via pay stubs or any other substantiating document, the Taxpayer Assistance Center employee is instructed to generate a printout of income documents available in IRS computer systems and provide those to the borrower.  The employee is to advise him or her to complete a tax return and submit it with an application for an ITIN.  The employee is also instructed not to put an identity theft indicator on the account of the identity theft victim since the borrower is not the taxpayer.

There are no guidelines for Taxpayer Assistance Center employees to determine if a levy should be released and what steps should be taken to release the levy when the borrower’s wages are subject to a levy.  Taxpayer Assistance Center guidelines state that taxpayers will generally visit a Taxpayer Assistance Center once they learn that a Notice of Levy has been attached and will request a release.  Employees above a certain pay grade level may release a levy under certain circumstances and are referred to IRS Collection function guidelines.  These guidelines do not provide instructions relating to the previous scenario.  This also holds true for assistors who answer the toll‑free telephone lines.

Taxpayer Assistance Center assistors who have encountered the previous scenario have released the levy when the taxpayer proved to the assistor that the wages were his or hers but that he or she was not the taxpayer with the balance due account (the legitimate holder of the Social Security Number).  However, the following actions are not required and were not taken to ensure:

  • The wages were reported on a tax return using an ITIN.
  • The account of the legitimate holder of the Social Security Number was referred to the IRS’ Identity Theft function for resolution and an indicator placed on the taxpayer’s account.
  • The wages were removed from the account of the legitimate holder of the Social Security Number.

It is also unclear if the wages reported on the account of the legitimate holder of the Social Security Number were a direct cause of or contributed to him or her owing additional taxes.

This situation was reported as occurring at only two Taxpayer Assistance Centers and we did not identify any other employees experiencing issues with levies associated with ITIN taxpayers.  However, there are no data to determine the prevalence of the problem. 

The IRS stated that it has a working group that addresses unique situations, such as the situation above and it addressed this situation in part.  However, it is waiting for a response from IRS Counsel before it proceeds.  

Also, although the scenario deals with the issue of a wage levy, other collection issues related to ITIN taxpayers could be presented to IRS employees.  The IRS has not updated its internal guidelines to include collection issues related to identity theft and ITINs.  Guidelines need to be developed to cover issues related to identity theft and the use of ITINs to work.  Without collection procedures in place, taxpayers cannot be assured that the correct actions are being taken to address their issues. 

There are no procedures for the IRS to contact taxpayers who unknowingly may be victims of identity theft

The IRS has no procedures for employees to initiate a process for notifying taxpayers who may be unaware that their Social Security Numbers have been stolen.  When banks or credit card companies suspect that a customer’s identity has been stolen or his or her account has been compromised, the customer is notified immediately so that the bank can assist the customer with the issue.  However, the IRS does not notify the taxpayer when there is evidence that the taxpayer’s identity has been stolen.  Currently, the procedures require that the taxpayer first contact the IRS before the account can be flagged with an identity theft indicator.  Without a process in place to notify taxpayers when there is evidence of identity theft, the taxpayer may be burdened and the taxpayer may expend extensive resources to resolve identity theft issues.

During the IRS Commissioner’s testimony on April 16, 2008, the Chairman of the Senate Finance Committee expressed a concern that the IRS was not notifying the rightful owner of a Social Security Number when it was being used by someone else.  In response to the concern, the IRS Commissioner stated that “…we’re [IRS] working on doing that now in our outgoing communication to taxpayers so they’ll know if someone else is using their Social Security Number.”

Recommendations

The Commissioners, Small Business/Self-Employed and Wage and Investment Divisions, should:

Recommendation 1:  Update internal procedures and guidelines to ensure all collection issues are considered and all required actions are taken to resolve the issues.  For example, guidance should include:  1) what documents are required to prove an individual’s identity, 2) what documents are required to prove who earned the wages and who is responsible for any taxes owed, and 3) how to ensure all filing requirements for reporting the wages have been met.  In addition, if identity theft has been identified, the guidelines should include all actions that need to be taken to resolve any account issues for the victim of the identity theft and to place an indicator on his or her tax account. 

Management’s Response:  The IRS agreed with this recommendation and has already begun taking steps to update its procedures.  Several updates are currently in the approval process. 

All IRS functions have procedures in place to mark accounts when taxpayers report they are victims of identity theft and provide standard documentation.  The IRS also has a process in place to resolve account issues for taxpayers who have been victims of identity theft.  The Identity Protection Specialized Unit receives a monthly list of accounts with an identity theft indicator.  A review is conducted on every account to ensure all identity theft issues are addressed and resolved. 

Office of Audit Comment:  Internal guidelines for Taxpayer Assistance Center employees instruct them not to put an identity theft indicator on the taxpayer account since the ITIN taxpayer (borrower) who came into the Taxpayer Assistance Center is not the identity theft victim.  Employees are not instructed to forward the case to the Identity Theft function so that it can place an identity theft indicator on the account.  Therefore, there is no procedure in place to resolve the identity theft victim’s account when it is not the identity theft victim who reported the problem.

Recommendation 2:  Establish a process to notify a taxpayer when there is evidence that the taxpayer’s identity (name and Social Security Number) has been compromised. 

Management’s Response:  The IRS disagreed with the assertion that it does not have procedures to notify taxpayers when there is clear evidence of identity theft.  The Social Security Administration has a program in place called the Employee No-Match Letter that requests correct information from individuals.  IRS involvement would possibly be a duplication of the Social Security Administration’s efforts.

The IRS currently marks the accounts of taxpayers when they identify, either through systemic processes or through manual account review, that the taxpayer is a victim of identity theft.  It places an identity theft marker on the accounts to streamline assistance for taxpayers and to help mitigate future account problems.  When it marks these accounts, it also generates notices to the victims informing them their information appears to have been compromised and of the steps they can take to protect their identity.  The IRS will explore the feasibility of expanding the use of identity theft indicators and notification processes where it has the capability and legal authority to do so and where doing so would be beneficial to taxpayers.   

Office Audit Comment:  As stated in the report, the IRS has no procedures for employees to initiate a process for notifying taxpayers who may be unaware that their Social Security Numbers have been stolen, as evidenced by the situation we presented in the report.  Functional employees are not instructed to put an identity theft indicator on the account of the victim or forward the case to the Identity Theft function when it is other than the victim who has reported the identity theft. 

Income Matching Associated With Individual Taxpayer Identification Numbers Present Many Challenges to Tax Administration

Tax administration becomes more complex when individuals:  

  • Use an ITIN both to work and report wages and income.
  • Switch between using a Social Security Number and an ITIN to work and report wages and income.
  • Use an ITIN to report income and file a tax return but use another individual’s identity to work.
  • Use an ITIN to report income and file taxes, use their own name to work but use another individual’s Social Security Number to work.

The IRS associates taxpayers with tax records using a Taxpayer Identification Number, be it an ITIN, Social Security Number, or Employer Identification Number.[8]  Using the Taxpayer Identification Number, the IRS matches income and wages from reporting documents to taxpayers’ tax returns.  Problems occur when there are mismatches, such as the name does not match the assigned Social Security Number, the taxpayer used a Social Security Number to work but filed using an ITIN, or the taxpayer used an ITIN to work and report wages and income. 

From a statistical sample of 96 records from a population of 551,108 Tax Year 2007 electronically filed tax returns:

·        4 records (4 percent) showed that the taxpayer filed a tax return using an ITIN but used another person’s name and Social Security Number to work (possible instances of identity theft).  The name on the Wage and Tax Statement (Form W-2) matched the name of the holder of the Social Security Number but did not match the name on the ITIN tax return.  There is a potential that 22,962[9] taxpayers for Tax Year 2007 had their names and Social Security Numbers used by ITIN tax filers to work; 114,812 taxpayers projected over 5 years.

The IRS will be unable to match the income earned to the associated taxpayer, but will match it to the taxpayer who is legally assigned the Social Security Number as part of the Automated Underreporter Program.[10]  Further, there were no identity theft indicators on any of the accounts of the taxpayers whose Social Security Numbers had been used by ITIN taxpayers to work.

·        73 records (76 percent) showed the taxpayer used his or her name but another person’s Social Security Number to work.  Twenty-seven records showed the Social Security Numbers used to work and report wages belong to individuals under the age of 18, ****1****  In addition, 6 Social Security Numbers belonged to taxpayers who are now deceased and 5 Social Security Numbers belong to individuals who are over age 100.

In these instances, the IRS and the Social Security Administration do not associate the income and benefits with the lawful taxpayer.  ****2(e)****

The number of Forms W-2 with Social Security Number/name mismatches is substantial.  The Social Security Administration maintains an Earnings Suspense File for wage information reported on the Forms W-2 where the Social Security Number and name do not match.  This file contained approximately 296 million mismatched Forms W-2 related to $835.7 billion in wages at the end of Calendar Year 2007.  In some cases, the Social Security Administration has tried to correct these mismatches by notifying employers of the errors on the Forms W-2 through a “no match” letter.  Employers that receive these letters are requested to take steps to correct the mismatch issue for each Social Security Number that failed verification with Social Security Administration records.  If the employer does not make an effort to correct the Forms W-2, the IRS can assess a penalty.

Both the TIGTA and the Government Accountability Office have issued reports that address the tax problems related to Social Security Number/name mismatches.[11]

·        19 (20 percent) records that included Forms W-2 could not be matched to any employers’ records and a determination could not be made whether the ITIN taxpayer was using another person’s Social Security Number.  We attempted to verify the information by matching the Employer Identification Number, wages, and/or withholding on the employee’s Form W‑2 to the employer’s returns.  However, for these 19 records, the combination of Employer Identification Number, wages, and withholding could not be matched to employer records maintained in the IRS computer systems.

Approximately 1.2 million Tax Year 2007 tax returns reported wages earned by ITIN taxpayers using another’s Social Security Number.

The IRS stated there were almost 3 million ITIN tax returns filed for Tax Year 2007.  TIGTA analysis shows that about 1.2 million Tax Year 2007 ITIN tax returns reported wages earned by ITIN taxpayers using another person’s Social Security Number.  ****2(f)****

In addition, the IRS cannot currently identify identity theft cases created by ITIN taxpayers who used another person’s name and Social Security Number to work.  This would allow the IRS to notify the legitimate owner of the Social Security Number that he or she may be the victim of identity theft and take steps to address employment-related identity theft issues.

In Fiscal Year 2008, we reported that no action is taken to stop someone from continuing to commit employment-related identity theft using another person’s Social Security Number and name.[13]  The IRS does not actively try to identify or stop the individuals from committing identity theft.  Moreover, the IRS does not notify the employer of the problem of their employee using someone else’s identity.  Because the IRS and the Social Security Administration will assume the information on the Form W-2 is accurate, the earnings resulting from the identity theft will be attributed to the lawful taxpayers for determining both Social Security benefits and tax liabilities.  The IRS generally does not pursue the taxes that may be due on income earned using a stolen identity.

IRS management stated that the IRS is unable to do more to stop continued use of someone’s identity in employment-related identity theft cases because notifying employers that their employee is using another person’s identity is not permissible because it would be an unlawful disclosure of tax information.  In addition, the IRS does not have sufficient enforcement resources to address most of these cases and it would not be worthwhile to pursue employment-related identity theft cases for unreported tax liabilities because, according to IRS officials, the taxes owed on most of these cases are not significant.  However, without an effective process of identifying these taxpayers, the IRS and the taxpayer will continue to expend additional resources in resolving these identity theft issues.

The IRS is developing a 5-year strategy for the Office of Privacy, Information Protection and Data Security function, and will continue to improve strategies focused on tax fraud identity theft.  The Criminal Investigation Division is increasing the recommendations for prosecutions of identity theft cases under traditional statutes within the IRS’ jurisdiction as directed by the Department of Justice Tax Division.

Recommendations

The Deputy Commissioner for Operations Support, should:

Recommendation 3:  Develop a cross-referencing process to match ITIN tax returns to the related reporting returns.

Management’s Response:  The IRS has already begun developing a process to match ITIN tax returns to their related reporting returns.  Once this process is established, it will determine how the data may be used to refine procedures related to collection activity and victim assistance. 

Recommendation 4:  Develop a process to capture data to determine potential identity theft victims.

Management’s Response:  The IRS has procedures to identify theft victims through the Electronic Fraud Detection System.[14]  Where appropriate, taxpayer’s accounts are marked with an identity theft indicator.  In addition, its duplicate filing process procedures compare certain data elements of duplicate tax returns to determine potential identity theft victims.

The IRS agreed to explore the feasibility of a process to more broadly capture data to determine potential identity theft victims.

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

Our overall objective was to determine whether the IRS has procedures to effectively handle collection issues related to ITINs.  To accomplish our objective, we:

I.                    Determined if procedures and guidelines exist for Taxpayer Assistance Center[15] employees to follow when meeting with ITIN taxpayers with collection issues.

A.     Reviewed internal Taxpayer Assistance Center guidelines and procedures related to ITIN collection issues.

B.     Interviewed Taxpayer Assistance Center employees who may have encountered ITIN collection issues.

C.     Discussed with appropriate IRS management the procedures, policies, guidelines, and regulations for ITIN collection issues.

II.                 Determined if the Collection function has procedures for revenue officers to follow when contacting ITIN taxpayers.

A.     Reviewed Collection function procedures and guidelines for ITIN collection issues for revenue officers.

B.     Interviewed revenue officers who have encountered ITIN taxpayers for their experiences with collection issues. 

C.     Discussed with appropriate IRS management the procedures, policies, guidelines, and regulations for ITIN collection issues.

III.               Determined the number of taxpayers who file a tax return using an ITIN while using another individual’s Social Security Number to work.

A.     From the Returns Transaction File,[16] identified the Tax Year 2007 ITIN tax returns processed during Calendar Year 2008 that did not have a corresponding ITIN Wage and Tax Statement (Form W-2) issued by an employer.  We assessed the reliability of the Returns Transaction File by performing run-to-run balancing and verifying a sample of all fields against the IRS Integrated Data Retrieval System.[17]

B.     Selected a statistically valid sample of 96 ITIN records from a population of 551,108 Tax Year 2007 tax returns that were identified on the Return Transaction File.  We used a 95 percent confidence level, a 50 percent error rate, and a 10 percent precision level.  For each of the 96 records, we used the Integrated Data Retrieval System Command Code TRDBV to determine the name(s) used on the tax returns, the filing statuses, and the number of Forms W-2 attached.  From each Form W-2, we obtained the payee Taxpayer Identification Number, ITIN or Social Security Number, the payer Employer Identification Number,[18] the wage amounts, and the Federal tax withheld amounts.

IV.              Contacted the IRS Office of Privacy, Information Protection and Data Security, Operations Support organization to identify any actions it may be taking to address ITIN collection issues.

Internal controls methodology

Internal controls relate to management’s plans, methods, and procedures used to meet their mission, goals, and objectives.  Internal controls include the processes and procedures for planning, organizing, directing, and controlling program operations.  They include the systems for measuring, reporting, and monitoring program performance.  We determined the following internal controls were relevant to our audit objective:  the Office of Privacy, Collection and Field Assistance functions’ policies, procedures, and practices for processing levies related to ITINs and identifying identity theft.  We evaluated controls by interviewing management and reviewing policies and procedures.  

 

Appendix II

 

Major Contributors to This Report

 

Michael E. McKenney, Assistant Inspector General for Audit (Returns Processing and Account Services)

Augusta R. Cook, Director

Lena Dietles, Audit Manager

Tracy K. Harper, Lead Auditor

Jerome Antoine, Auditor

 

Appendix III

 

Report Distribution List

 

Commissioner  C

Office of the Commissioner – Attn:  Chief of Staff  C

Deputy Commissioner for Services and Enforcement  SE

Chief Technology Officer  OS:CTO

Deputy Commissioner, Small Business/Self-Employed Division  SE:S

Deputy Commissioner, Wage and Investment Division  SE:W

Director, Collection, Small Business/Self-Employed Division  SE:S:C

Director, Compliance, Wage and Investment Division  SE:W:CP          

Director, Customer Account Services, Wage and Investment Division  SE:W:CAS

Director, Strategy and Finance, Wage and Investment Division  SE:W:S

Director, Office of Privacy, Information Protection and Data Security  OS:P

Senior Operations Advisor, Wage and Investment Division  SE:W:S

Chief, Program Evaluation and Improvement, Wage and Investment Division  SE:W:S:PRA:PEI

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Director, Office of Program Evaluation and Risk Analysis  RAS:O

Office of Internal Controls  OS:CFO:CPIC:IC

Audit Liaison:  Chief, Program Evaluation and Improvement, Wage and Investment Division  SE:W:S:PRA:PEI

 

Appendix IV

 

Outcome Measure

 

This appendix presents detailed information on the measurable impact that our recommended corrective actions will have on tax administration.  This benefit will be incorporated into our Semiannual Report to Congress.

Type and Value of Outcome Measure:

·        Taxpayer Privacy and Security – Potential, 22,962 taxpayers for Tax Year 2007 that had their names and Social Security Numbers used by ITIN tax filers for work; 114,812 taxpayers projected over 5 years (see page 9).

Methodology Used to Measure the Reported Benefit:

A statistically valid sample of 96 ITIN records was selected from a population of 551,108 Tax Year 2007 tax returns that were identified on the Return Transaction File.[19]  For each of the 96 records, the Integrated Data Retrieval System[20] Command Code[21] TRDBV was used to determine the name(s) used on the tax returns, the filing statuses, and the number of Wage and Tax Statements (Form W-2) attached.  From each Form W-2, the payee Taxpayer Identification Number, either the ITIN or Social Security Number, the payer Employer Identification Number,[22] the wage amounts, and the Federal tax withheld amounts were obtained and matched to employer wage reporting documents.  We used a 95 percent confidence level, an expected error rate of 50 percent, and a precision level of 10 percent.

Based on the sample results, it was determined that 4 (4 percent) of 96 cases from the population of 551,108 Tax Year 2007 tax returns had their names and Social Security Numbers used for work by ITIN tax filers.  This projected out is 22,962 taxpayers for Tax Year 2007 and 114,812 taxpayers projected over 5 years.[23]  The number of affected taxpayers is between 6,338 and 51,253 (the margin of error is ± 4.08 percent).

 

Appendix V

 

Management’s Response to the Draft Report

 

DEPARTMENT OF THE TREASURY

INTERNAL REVENUE SERVICE

ATLANTA, GA 30308

 

                 COMMISSIONER

WAGE AND INVESTMENT DIVISION

 

MAR 17 2010

 

MEMORANDUM FOR MICHAEL R. PHILLIPS

    DEPUTY INSPECTOR GENERAL FOR AUDIT

 

FROM:                           Richard Byrd. Jr. /s/Richard Byrd

                                       Commissioner, Wage and Investment Division

 

SUBJECT:                        Draft Audit Report - Procedures Need to Be Developed for Collection Issues Associated With Individual Taxpayer Identification Numbers (Audit #200940042)

I appreciate your efforts to review and recommend improvements related to collection issues involving Individual Taxpayer Identification Numbers (ITIN).

As your report notes, there are a variety of complex scenarios encountered when working collection issues involving ITIN taxpayers, particularly where the information on the tax return does not match the information on the W-2. These issues often involve multiple operating divisions of the IRS, so to ensure that our efforts are coordinated, and that we have the right people working these issues, we established an internal Technical Working Group in 2008.

In general, we agree with the recommendations contained in your report. However, we are concerned that the report makes overly broad statements that imply that the IRS has no procedures to contact individuals where we have clear indications of identity theft. This is not the case. The IRS has significantly ramped up our identity theft detection, monitoring, and notification capabilities over the last several years. In 2008, we created a central identity theft unit to ensure that the IRS is doing everything it can to help make sure that when someone has their identity stolen, they can quickly resolve any issues that arise with the IRS.

Because the IRS processes approximately 140 million individual tax returns and over one billion information returns, we are constantly making decisions about how to handle data anomalies, such as the ones that you describe in your report. With respect to ITIN issues, the IRS must assess the evidence of potential economic harm to the taxpayer, against the limitations of the extent of information that the law allows us to provide to the taxpayer. We try to reach the right balance, but constantly reassess that balance, and will certainly incorporate the findings of your audit as we determine whether additional improvements are needed.

Attached are our specific comments to your recommendations. If you have any questions, please contact me, or a member of your staff may contact Denice Vaughan, Director, Filing and Payment Compliance, Wage and Investment Division at (404) 338-9116.

Attachment

Attachment

 

The Commissioners, Small Business/Self-Employed and Wage and Investment Divisions, should:

Recommendation 1

Update internal procedures and guidelines to ensure all collection issues are considered and all required actions are taken to resolve the issues. For example, guidance should include: 1) what documents are required to prove an individual's identity, 2) what documents are required to prove who earned the wages and who is responsible for any taxes owed, and 3) how to ensure all filing requirements for reporting the wages have been met. In addition, if identity theft has been identified, the guidelines should include all actions that need to be taken to resolve any account issues for the victim of the identity theft and to place an indicator on his or her tax account.

Corrective Action

We agree with this recommendation and already have begun taking steps to update procedures. Several Internal Revenue Manual (IRM) updates are currently in the approval process. The affected IRM sections are: IRM 5.1.12, Cases Requiring Special Handling, 5.1.15 Abatements, Reconsiderations and Adjustments, and IRM 5.12.2, Lien Filing Requirements.

All IRS functions have procedures in place to mark accounts when taxpayers report they are victims of identity theft and provide standard documentation. The IRS also has a process in place to resolve account issues for taxpayers who have been victims of identity theft. The Identity Protection Specialized Unit receives a monthly listing of accounts with an identity theft indicator. A review is conducted on every account to ensure all identity theft issues are addressed and resolved.

Implementation Date

January 15, 2011

Responsible Officials

Director, Filing and Payment Compliance, Wage and Investment Division

Director, Collection Policy, Small Business/Self Employed Division

 

Corrective Action Monitoring Plan

We will monitor this corrective action as part of our internal management control process.

Recommendation 2

Establish a process to notify a taxpayer when there is evidence that the taxpayer's identity (name and SSN) has been compromised.

Corrective Action

As noted above, we disagree with the assertion that the IRS does not have procedures to notify taxpayers when there is clear evidence of identity theft. The Social Security Administration (SSA) has a program in place called the Employee No-Match Letter that requests correct information from individuals. Our involvement would possibly be a duplication of the SSA efforts.

The IRS currently marks the accounts of taxpayers when we identify, either through systemic processes or through manual account review, that the taxpayer is a victim of identity theft. We place an identity theft marker on these accounts to streamline assistance for taxpayers and to help mitigate future account problems. When we mark these accounts, we also generate a notice to these victims informing them that their information appears to have been compromised, and of steps they can take to protect their identities. This notice includes a toll-free number to our Identity Protection Specialized Unit which will assist them with questions about their account. We started this process in October 2008, and have seen its use increase from 16,838 taxpayer accounts marked in 2008, to 20,847 marked in 2009. We will explore the feasibility of expanding the use of our account indicators and notification processes where we have the capability and legal authority to do so; and where doing so would be beneficial to taxpayers.

Implementation Date

Completed October 2008

Responsible Official

Director, Privacy, Information Protection & Data Security

Corrective Action Monitoring Plan

N/A

The Deputy Commissioner for Operations Support, should:

Recommendation 3

Develop a cross-referencing process to match ITIN tax returns to the related reporting returns.

Corrective Action

We have already begun developing a process to match Individual Taxpayer Identification Number (ITIN) tax returns to their related reporting returns. Once this process is established, we will determine how the data may be used to refine procedures related to collection activity and victim assistance.

Implementation Date

August 31, 2011

Responsible Official

Director, Privacy, Information Protection & Data Security

Corrective Action Monitoring Plan

We will monitor this corrective action as part of our internal management control process.

Recommendation 4

Develop a process to capture data to determine potential identity theft victims.

Corrective Action

The IRS has procedures to identify potential identity theft victims through the Electronic Fraud Detection System. Where appropriate, taxpayers' accounts are marked with an identity theft indicator. Additionally, our duplicate filing process procedures compare certain data elements of duplicate tax returns to determine potential identity theft victims.

We agree to explore the feasibility of a process to more broadly capture data to determine potential identity theft victims.

Implementation Date

August 31, 2011

Responsible Official

Director, Privacy, Information Protection & Data Security

Corrective Action Monitoring Plan

We will monitor this corrective action as part of our internal management control process.



[1] The ITIN was created to provide individuals who are not eligible to obtain a Social Security Number with an identification number for tax purposes.  An ITIN does not change the recipient’s immigration status or confer the right of employment in the United States.

[2] A levy is a legal seizure of property to satisfy a tax debt.  

[3] A local IRS office with employees who answer questions, provide assistance, and resolve account-related issues for taxpayers face to face.

[4] An Employer Identification Number is a Federal Tax Identification Number used to identify a business entity, including estates and trusts.

[5] A compliance system that provides tools needed to perform detection of potentially criminal fraudulent tax returns.

[6] The ITIN was created to provide individuals who are not eligible to obtain a Social Security Number with an identification number for tax purposes.  An ITIN is a nine-digit number that always begins with the number 9 and has a 7 or 8 in the fourth digit, for example 9XX-7X-XXXX.

[7] A levy is a legal seizure of property to satisfy a tax debt. 

[8] An Employer Identification Number is a Federal Tax Identification Number used to identify a business entity, including estates and trusts.

[9] 4.1666 percent multiplied by 551,108 equals 22,962, and 22,962 multiplied by 5 years (projection) equals 114,812.  Due to rounding, numbers may not balance.

[10] The Underreporter Program works underreporter cases resulting when computer analysis detects a discrepancy between the income reported on tax returns and the income reported by third parties, such as employers and financial institutions.

[11] Mismatched Names and Identification Numbers on Information Documents Could Undermine Strategies for Reducing the Tax Gap (Reference Number 2007-30-159, dated August 31, 2007) and Tax Administration:  IRS Needs to Consider Options for Revising Regulations to Increase the Accuracy of Social Security Numbers on Wage Statements (GAO-04-712, dated August 2004).

[12] ****2(f)****

[13] Outreach Has Improved, but More Action Is Needed to Effectively Address Employment-Related and Tax Fraud Identity Theft (Reference Number 2008-40-086, dated March 25, 2008).

[14] A compliance system that provides tools needed to perform detection of potentially criminal fraudulent tax returns.

[15] A local IRS office with employees who answer questions, provide assistance, and resolve account-related issues for taxpayers face to face.

[16] The Returns Transaction File contains all edited, transcribed, and error-corrected data from the U.S. Individual Income Tax Returns (Form 1040 series) and related forms for the current processing year and 2 prior years.

[17] IRS computer system capable of retrieving or updating stored information; it works in conjunction with a taxpayer’s account records.

[18] An Employer Identification Number is a Federal Tax Identification Number used to identify a business entity, including estates and trusts.

[19] The Returns Transaction File contains all edited, transcribed, and error-corrected data from the U.S. Individual Income Tax Returns (Form 1040 series) and related forms for the current processing year and 2 prior years.

[20] The Integrated Data Retrieval System is the IRS computer system capable of retrieving or updating stored information; it works in conjunction with a taxpayer’s account records.

[21] Command codes are online interactive real-time programs in the IRS computer systems.

[22] An Employer Identification Number is a Federal Tax Identification Number used to identify a business entity, including estates and trusts.

[23] 4.1666 percent multiplied by 551,108 equals 22,962, and 22,962 multiplied by 5 years (projection) equals 114,812.  Due to rounding, numbers may not balance.