TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

There Are Billions of Dollars in Undetected Tax Refund Fraud Resulting From Identity Theft

 

 

 

July 19, 2012

 

Reference Number:  2012-42-080

 

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

Redaction Legend:

2(f) = Risk Circumvention of Agency Regulation or Statute

 

 

Phone Number  /  202-622-6500

E-mail Address /  TIGTACommunications@tigta.treas.gov

Website           /  http://www.tigta.gov

 

 

HIGHLIGHTS

THERE ARE BILLIONS OF DOLLARS IN UNDETECTED TAX REFUND FRAUD RESULTING FROM IDENTITY THEFT

Highlights

Final Report issued on July 19, 2012

Highlights of Reference Number:  2012-42-080 to the Internal Revenue Service Commissioner for the Wage and Investment Division.

IMPACT ON TAXPAYERS

Undetected tax refund fraud results in significant unintended Federal outlays and erodes taxpayer confidence in our Nation’s tax system.  Our analysis of tax returns using characteristics of identity theft confirmed by the IRS identified approximately 1.5 million undetected tax returns with potentially fraudulent tax refunds totaling in excess of $5.2 billion.  TIGTA estimates the IRS could issue $21 billion in potentially fraudulent tax refunds resulting from identity theft over the next five years.

WHY TIGTA DID THE AUDIT

This audit was initiated at the request of the Chairman of the Senate Finance Committee, Subcommittee on Fiscal Responsibility and Economic Growth.  The overall objective of this review was to evaluate the effectiveness of the IRS’s efforts to identify and prevent fraudulent tax refunds resulting from identity theft.

WHAT TIGTA FOUND

The impact of identity theft on tax administration is significantly greater than the amount the IRS detects and prevents.  Using the characteristics of confirmed identity theft, TIGTA identified potentially fraudulent tax refunds in excess of $5.2 billion that were issued by the IRS. 

The IRS has expanded its efforts to detect and prevent identity theft.  However, delayed access to third-party income and withholding information makes it difficult for the IRS to detect fraudulent tax refunds at the time tax returns are processed.  Third parties are not required to submit income and withholding documents to

the IRS until March 31, yet taxpayers can begin filing tax returns in mid-January.

While the IRS does not have access to all third‑party information documents at the time tax returns are filed, some third-party information is available.  However, the IRS has not developed processes to obtain and use this third-party information.

Lastly, the use of direct deposits, including debit cards, to claim fraudulent tax refunds also contributes to the increased risk that the IRS will not detect identity theft.  The IRS continues to allow multiple direct deposits to the same bank account and ****************2(f)*********************************************, which makes it difficult for the IRS to identify and recover fraudulent tax refunds issued to debit cards.

WHAT TIGTA RECOMMENDED

TIGTA made seven recommendations for the IRS Commissioner, Wage and Investment Division, to develop or improve processes that will increase the IRS’s ability to detect and prevent the issuance of fraudulent tax refunds resulting from identity theft.  In addition, TIGTA recommended legislation to expand the IRS’s access to and authority to use the National Directory of New Hires database for the purposes of identifying individuals filing fraudulent tax returns.

IRS management agreed with TIGTA’s recommendations and has taken or plans to take corrective actions.  However, in view of its ongoing efforts to improve the detection of identity theft, the IRS did not agree with TIGTA’s estimate of $21 billion in potentially fraudulent refunds as a result of identity theft over the next five years.  TIGTA agrees that the IRS’s ongoing efforts will help reduce fraudulent refunds.  As such, TIGTA’s estimate of $21 billion includes an annual reduction factor to reflect the dollar amount that the IRS estimated it protected by implementing new filters.

 

July 19, 2012

 

 

MEMORANDUM FOR COMMISSIONER, WAGE AND INVESTMENT DIVISION

 

FROM:                       Michael E. McKenney /s/ Michael E. McKenney

                                  Acting Deputy Inspector General for Audit

 

SUBJECT:                  Final Audit Report – There Are Billions of Dollars in Undetected Tax Refund Fraud Resulting From Identity Theft (Audit # 201140044)

 

This report presents the results of our review of the Internal Revenue Service’s efforts to identify and prevent fraudulent tax refunds resulting from identity theft.  This review was performed at the request of the Chairman of the Senate Finance Committee, Subcommittee on Fiscal Responsibility and Economic Growth, and is one of two reviews we conducted to evaluate the IRS’s identity theft program.  This review focuses on identity theft related to tax refunds, which occurs when an individual uses another person’s name and Social Security Number to file a fraudulent tax return in order to obtain a fraudulent tax refund.  The review is included in our Fiscal Year 2012 Annual Audit Plan and addresses the major management challenge of Fraudulent Claims and Improper Payments.

Management’s complete response to the draft report is included as Appendix VI.

Copies of this report are also being sent to the Internal Revenue Service managers affected by the report recommendations.  Please contact me at (202) 622-6510 if you have questions or Augusta R. Cook, Acting Assistant Inspector General for Audit (Returns Processing and Account Services), at (770) 617-6434.

 

 

Table of Contents

 

Background

Results of Review

The Impact of Identity Theft on Tax Administration Is Significantly Greater Than the Amount Detected and Prevented

*******************************2(f)*********************************************************************************

Recommendation 1:

Recommendation 2:

Legislative Recommendation 3:

Processes Need to Be Established to Use Third-Party Information That Is Received Prior to Tax Processing

Recommendation 4:

Direct Deposit, Including Debit Cards, Continues to Be the Method Individuals Use to Obtain Fraudulent Tax Refunds

Recommendation 5:

Recommendations 6 through 8:

Appendices

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Outcome Measures

Appendix V – Glossary of Terms

Appendix VI – Management’s Response to the Draft Report

 

 

Abbreviations

 

CY

Calendar Year

FTC

Federal Trade Commission

IRS

Internal Revenue Service

ITIN

Individual Taxpayer Identification Number

NDNH

National Directory of New Hires

PIN

Personal Identification Number

SSA

Social Security Administration

SSN

Social Security Number

TIGTA

Treasury Inspector General for Tax Administration

TY

Tax Year

 

 

Background

 

This review was performed at the request of the Chairman of the Senate Finance Committee, Subcommittee on Fiscal Responsibility and Economic Growth, and is one of two reviews we conducted to evaluate the Internal Revenue Service’s (IRS) identity theft program.  This review focuses on identity theft related to tax refunds, which occurs when an individual uses another person’s name and Social Security Number (SSN) to file a fraudulent tax return to obtain a fraudulent tax refund.  The other review focused on whether the IRS is effectively providing assistance to victims of identity theft.[1]

Identity theft is a serious and growing problem in the United States.  The Federal Trade Commission (FTC)[2] has reported identity theft as the number one consumer complaint for 12 years in a row.  According to the FTC’s Consumer Sentinel Network Data Book,[3] identity theft was the number one complaint it received during Calendar Year (CY) 2011.  That same year, the IRS identified more than 1.1 million incidents of identity theft that affected the tax system.  This figure includes incidents for which taxpayers contacted the IRS alleging they were a victim of identity theft (110,750 incidents) and incidents of identity theft that the IRS identified itself (1,014,884 incidents).  Figure 1 provides totals for CYs 2009 through 2011.

Figure 1:  Incidents and Affected Taxpayers of Identity Theft
Impacting Tax Administration by Calendar Year

Source

CY 2009

CY 2010

CY 2011

Incidents

Taxpayers

Incidents

Taxpayers

Incidents

Taxpayers

Taxpayer
Self-Identified

90,542

60,048

101,828

69,142

110,750

87,322

IRS Identified

365,911

194,031

338,753

201,376

1,014,884

553,730

Total

456,453

 

440,581

 

1,125,634

 

Source:  The IRS’s Identity Protection Incident Tracking Statistics Reports.

However, many individuals who are victims of identity theft may be unaware that their identity has been stolen to file fraudulent tax returns.  These individuals are typically those who are not required to file a tax return.  It is not until the legitimate individual files a tax return resulting in a duplicate filing under the same name and SSN that many individuals realize they are a victim of identity theft. 

Tampa, Florida, police uncovered a widespread identity theft tax refund scheme

The Tampa Police Department, along with Federal and other local law enforcement officials, have announced the results of a number of investigations of identity theft schemes being investigated over the last year and a half.  For example, on September 2, 2011, the Tampa Police Department announced that a joint task force had uncovered approximately $130 million in tax fraud in the Tampa, Florida, area.  The task force included representatives from the Tampa Police Department, the U.S. Secret Service, the U.S. Postal Inspection Service, the Hillsborough County Sherriff’s Office, the Florida State Attorney’s Office, and the U.S. Attorney’s Office.

A U.S. Postal Inspector in Tampa, Florida, indicated that several tax refund fraud schemes were uncovered, with most involving tax refunds deposited into a debit card account.  According to the Postal Inspector, the successful schemes involved identity thieves using the SSNs of deceased people and individuals who receive public assistance.  The IRS is continuing to work with the Postal Inspector to obtain confiscated tax refund checks and information from the debit cards. 

This review was performed at the IRS Wage and Investment Division Accounts Management and Submission Processing functions in Atlanta, Georgia, during the period June 2011 through April 2012.  We conducted this performance audit in accordance with generally accepted government auditing standards.  Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objective.  We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective.  Detailed information on our audit objective, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

 

 

Results of Review

 

The Impact of Identity Theft on Tax Administration Is Significantly Greater Than the Amount Detected and Prevented

Undetected tax refund fraud results in significant unintended Federal outlays.  The issuance of fraudulent tax refunds erodes the confidence in our Nation’s tax system and increases the burden on those taxpayers who make an honest effort to comply with our Nation’s tax laws.  Unscrupulous individuals are stealing identities at an alarming rate for use in submitting tax returns with false income and withholding documents to the IRS for the sole purpose of receiving a fraudulent tax refund. 

Our analysis of Tax Year 2010 tax returns identified more than $5.2 billion in tax refunds issued to individuals filing tax returns with the characteristics of identity theft cases confirmed by the IRS.

For Processing Year 2011, the IRS reported that it had detected 938,664 tax returns involving identity theft and prevented the issuance of fraudulent tax refunds totaling $6.5 billion.  While the amount of fraudulent tax refunds the IRS detects and prevents is substantial, it does not know how many identity thieves are filing fictitious tax returns and how much revenue is being lost due to the issuance of fraudulent tax refunds.  Our analysis of the Tax Year (TY) 2010 tax returns processed during the 2011 Filing Season identified that tax fraud by individuals filing fictitious tax returns with false income and withholding is significantly larger than what the IRS detects and prevents.

Using characteristics from those tax returns the IRS identified and confirmed as filed by identity thieves, we identified approximately 1.5 million additional undetected tax returns with potentially fraudulent tax refunds totaling in excess of $5.2 billion.  Based on our analysis, we estimate the IRS could issue approximately $21 billion in fraudulent tax refunds resulting from identity theft over the next five years.  The amount of undetected tax refund fraud we identified is conservative.  Our analysis does not include instances for which the IRS determined that a tax refund was fraudulent after the refund was issued.[4]

We reviewed a sample of the approximately 1.5 million tax returns we identified to determine if these tax returns were sent through IRS fraud filters.  Our review of a judgmental sample[5] of 60 tax returns that were sent through the IRS’s fraud filters identified that 49 (82 percent) tax returns did not score high enough to be sent for further review.[6]  In addition, we found that the IRS did not verify the income and withholding on eight of the 11 tax returns that were sent for further review.

The IRS is expanding efforts to improve the detection and prevention of fraudulent tax refunds resulting from identity theft

The IRS is taking a number of additional steps for the 2012 Filing Season to detect identity theft tax refund fraud before it occurs.  These efforts include designing new identity theft screening filters that the IRS indicates will improve its ability to identify false tax returns before the tax return is processed and prior to a fraudulent tax refund being issued.  Tax returns identified via the new identity theft filters are being held during processing until the IRS can verify the taxpayer’s identity.  The IRS attempts to contact the individual who filed the tax return and requests information that will assist the IRS in ensuring the individual filing the tax return is the legitimate taxpayer.  Once a taxpayer’s identity has been confirmed, the tax return is released for processing and the tax refund is issued.  The IRS removes those tax returns from processing for which the individual’s identity could not be confirmed, thus preventing the issuance of a fraudulent tax refund.  As of April 19, 2012, the IRS has stopped the issuance of approximately $1.3 billion in potentially fraudulent tax refunds as a result of the new identity theft filters.

In addition, the IRS is expanding efforts to place identity theft indicators on taxpayer accounts to track and manage identity theft incidents.  For example, at the initiation of the 2012 Filing Season, the IRS and the U.S. Department of Justice announced the results of a massive nationwide sweep cracking down on suspected identity theft perpetrators as part of stepped-up efforts to combat tax refund fraud.  The national effort is part of a comprehensive identity theft strategy by the IRS that is focused on preventing, detecting, and resolving identity theft cases as soon as possible.

Finally, the IRS continues to expand its efforts to prevent the payment of fraudulent tax refunds claimed using deceased individuals’ names and SSNs.  Similar to last filing season, the IRS is placing a unique identity theft indicator on deceased individuals’ tax accounts.  The indicator alerts the IRS when a tax return is filed using the deceased individual’s SSN.  According to the IRS, as of March 31, 2012, the IRS placed a deceased lock on more than 164,000 tax accounts and has prevented approximately $1.8 million in fraudulent tax refunds claimed using deceased individuals’ identities since the lock was established.

IRS processes are designed to prevent the issuance of fraudulent tax refunds for recurring identity theft

Victims of identity theft can be affected in multiple tax years.  Once identity thieves successfully use an identity to obtain a fraudulent tax refund, they often attempt to reuse the identity in subsequent years to continue to file fraudulent tax returns.  To prevent recurring identity theft, the IRS places an identity theft indicator on each tax account for which it has determined an identity theft has occurred.  All tax returns filed using the identity of a confirmed victim of identity theft are flagged during tax return processing and sent for additional screening before any tax refund is issued.  This screening is designed to detect tax returns filed by identity thieves who attempt to reuse a victim’s identity in subsequent years and to prevent the issuance of fraudulent tax refunds.

During the 2011 Filing Season, the IRS began issuing an Identity Protection Personal Identification Number (PIN) to victims of identity theft.  According to the IRS, 53,799 Identity Protection PINs were mailed to victims of identity theft to be used during the 2011 Filing Season.  Victims were instructed to enter the Identity Protection PIN on their TY 2010 tax return.  The Identity Protection PIN tells the IRS that the tax return was filed by the legitimate taxpayer and bypasses the additional identity theft screening, thus reducing delays in issuing the tax refund.  On November 10, 2011, we notified the IRS that TY 2010 tax returns filed with a valid Identity Protection PIN were not always bypassing the identity theft screening, causing delays in the issuance of tax refunds to legitimate taxpayers.  IRS management agreed with our analysis of the Identity Protection PIN and corrected the computer programming.  This correction was made before the start of the 2012 Filing Season.  The IRS issued an Identity Protection PIN to 251,568 individuals for the 2012 Filing Season.

The IRS’s proposed real-time tax system could enable verification of tax return information at the time tax returns are processed

On December 8, 2011, the IRS Commissioner held the first public meeting to discuss the IRS’s long-term initiative to move to a real-time tax system.  The IRS’s vision is to move away from an after-the-fact approach to compliance.  A real-time tax system would allow the IRS to verify many tax return elements at the time a tax return is filed and allow taxpayers to correct potential discrepancies before the IRS completes the processing of their tax return.  Of equal importance is that this type of tax system will allow the IRS to quickly identify fraudulent tax return filings based on false income reporting. 

The IRS’s vision of a real-time tax system is key to stopping the issuance of fraudulent tax refunds.  However, realizing such a tax system will require more than just redesigning the IRS’s computer systems and tax return processes.  The IRS found that 91 percent of individual taxpayers receive one of three third-party information return types.[7]  As such, those information returns would likely be the highest priority for any changes to expedite transmittal and access for use in processing tax returns.  However, legislative changes would be needed for any changes to the filing deadlines for information returns.  The deadline for filing most information returns with the IRS is March 31, yet taxpayers can begin filing their tax returns as early as mid-January each year.

******************************************2(f)******************************** ***********************************2(f)********************

Using the tax return filing characteristics of identity theft cases confirmed by the IRS (including those identified in the publicized Tampa, Florida, identity theft scheme (Tampa scheme)), we identified almost 1.5 million tax returns with potential fraudulent tax refunds totaling in excess of $5.2 billion that were not detected by the IRS.[8]  ***********************2(f)****** *******************************2(f)****************************************************************************2(f)***************************************************************************2(f)***************************************************************************2(f)***************************************************************************2(f)***************************************************************************2(f)***************************************************************************2(f)**********************************************************2(f)*****************.

Figure 2:  TY 2010 Individual Tax Returns Meeting Characteristics
of Confirmed Identity Theft Cases *********2(f)**********[9]

****2(f)******

Volume of
Tax Returns
[10]

Total Amount of
Tax Refunds Issued

**2(f)*****[11]

1,128,531

$3,495,621,793

**********2(f)**********

93,142

$231,692,282

*******2(f)****[12]

154,729

$531,293,018

********2(f)***

115,813

$962,411,091

Total

1,492,215

$5,221,018,184

Source:  Treasury Inspector General for Tax Administration (TIGTA) analysis of TY 2010
tax returns.
[13]

Expanded access to the NDNH along with prior year third-party reporting information the IRS maintains could further improve IRS detection of fraudulent tax returns based on false income documents.

Access to third-party income and withholding information at the time tax returns are processed is the single most important tool that the IRS could have to identify and prevent tax refund fraud.  However, most of the third-party information is not available until well after tax return filing begins.  As we previously reported,[14] expanded access to the National Directory of New Hires (NDNH) is needed to further improve the IRS’s ability to identify tax returns with false income documents at the time tax returns are processed.  Specifically, legislation is needed to expand the IRS’s authority to use the NDNH beyond just those tax returns with a claim for the Earned Income Tax Credit.  The IRS has included a request for expanded access to the NDNH in its past annual budget submissions including those for Fiscal Years 2010, 2011, and 2012.  The request was made as part of the IRS’s efforts to strengthen tax administration.  However, expanded access has not been provided for in the law.  The IRS has again included a request for expanded access to the NDNH as part of its Fiscal Year 2013 budget submission.

The NDNH is a database that contains information on all newly hired employees.  The data include the six basic elements on Form W-4, Employee’s Withholding Certificate, for newly hired employees:  employee’s name, address, and SSN, as well as the employer’s name, address, and Federal Employer Identification Number.  The NDNH also includes quarterly wage information for individual employees provided by State Workforce Agencies and Federal Agencies, and unemployment information for individuals who have received or applied for unemployment benefits. 

If legislation is enacted to grant the IRS the authority to receive extracts from the NDNH, this information, along with third-party income and withholding information that the IRS maintains for the prior year’s tax filings, could allow the IRS to better identify individuals filing fraudulent tax returns.  The IRS could design a process that uses prior year third-party wage and withholding reporting documents and NDNH data to determine if the reported wages and withholding on a tax return appear false.  For example:[15]

***************************2(f)************************************* ***************************2(f)***************************************** ***************************2(f)****************************************** ***************************2(f)**************************************** ***************************2(f)*************************************** ***************************2(f)***************************************** ***************************2(f)*************************************** ***************************2(f)*********************************************************************2(f)**************************************** ***************************2(f)*************************************** ***************************2(f)***************************************** *********************************2(f)*************************.

Using IRS estimates, it would cost approximately $31.8 million to screen and verify the approximately 1.5 million tax returns that we identified as not having third-party information.  ******************************************2(f)********************************* ************2(f)**********, the IRS can maximize the use of its limited resources by using those resources to review tax returns with the highest risk for refund fraud. 

Data from confirmed identity theft cases could be used in an effort to prevent tax refund fraud

As we previously noted, the approximately 1.5 million tax returns we identified resulted from our review of the characteristics of confirmed identity theft cases, in particular those cases involved with the Tampa scheme.  The TIGTA recently reported to the IRS that data from identity theft cases are not being used to prevent tax refund fraud.[16]  The review identified that the IRS uses little of the data from the identity theft cases worked in its Accounts Management function to identify commonalities, trends, etc., that could be used to detect and prevent future tax refund fraud.  This includes, for example:

Our analysis of TY 2010 tax returns with the characteristics of identity theft cases confirmed by the IRS found that the IRS can gather a significant amount of data about the thefts for use in strengthening its detection and prevention controls.  For example, we found that $8.1 million in potentially fraudulent tax refunds involved tax returns filed from one of five addresses.  Figure 3 shows the five most common addresses used on the potentially fraudulent tax returns we identified.  In yet another example, Figure 4 shows the five most common cities from which the tax returns we identified were filed.

Figure 3:  Top Five Addresses Used to File
Potentially Fraudulent Tax Returns

Address

Number of Tax Returns

Refunds Issued

Address 1 in Lansing, Michigan

2,137

$3,316,051

Address 2 in Chicago, Illinois

765

$903,084

Address 3 in Belle Glade, Florida

741

$1,004,897

Address 4 in Orlando, Florida

703

$1,088,691

Address 5 in Tampa, Florida

518

$1,791,770

Total

4,864

$8,104,493

Source:  TIGTA analysis of TY 2010 tax returns.

Figure 4:  Top Five Cities From Which
Potentially Fraudulent Tax Returns Were Filed

City, State

Number of Tax Returns

Refunds Issued

Tampa, Florida

88,724

$468,382,079

Miami, Florida

74,496

$280,509,449

Atlanta, Georgia

29,787

$77,113,392

Detroit, Michigan

23,870

$74,313,933

Houston, Texas

22,754

$72,089,847

Total

239,631

$972,408,700

Source:  TIGTA analysis of TY 2010 tax returns.

Figure 5 shows the number of questionable tax returns we identified by type of individual whose identity appears to have been stolen.  These categories can commonly involve individuals who are not required to file a tax return.

Figure 5:  Analysis of Potentially Fraudulent Tax Refunds for TY 2010

Type of Individual

Number of Tax Returns

Refunds Issued

Deceased 

104,950

$415,047,568

Elderly

76,338

$374,419,730

Citizens of U.S. Possessions

67,789

$387,183,428

Students (ages 16 to 22)

288,252

$695,343,022

Children (under age 14)

2,274

$3,960,327

Income Level Does Not Require Tax Return Filing[17]

952,612

$3,345,064,109

Total

1,492,215

$5,221,018,184

Source:  TIGTA analysis of TY 2010 tax returns.

Subsequent to the completion of our audit testing, the IRS informed us of several initiatives underway since January and February 2012 to enhance the IRS’s use of information related to tax fraud cases, including identity theft.  These initiatives include:

·       Establishing a team whose mission is to provide a formal mechanism for receiving, evaluating, and prioritizing new and emerging refund fraud referral issues, and developing and communicating IRS-wide solutions in real-time to protect revenue.

·       Implementing the Data Mining Inventory Reduction Effort to improve the IRS’s ability to verify potentially fraudulent tax returns.

·       Establishing the Accelerated Screening Group to analyze tax returns to better identify potentially fraudulent tax returns.  This includes better identification of fraud patterns, including those involving Schedule C income and household servant income. 

Recommendations

The Commissioner, Wage and Investment Division, should:

Recommendation 1:  Develop processes that use NDNH data (if access is granted) and prior year third-party income and withholding information to identify potentially fraudulent tax returns with false income documents.  This process should include verification of the accuracy of income reporting.

Management’s Response:  IRS management agreed with this recommendation.  Prior year third-party income and withholding information is being used as a tool to validate questionable current-year information documents and, by extension, the tax returns with which they are submitted.  The IRS is prepared to combine the use of NDNH information with existing data sources to enhance its ability to identify potentially fraudulent tax returns and false income documents.  As the TIGTA recognizes in the report, the IRS must receive legislative authority to use the NDNH data for this purpose.  ************************************2(f)*****************************.  Therefore, the IRS considers this an ongoing action. 

Recommendation 2Develop processes to analyze characteristics of fraudulent tax returns resulting from identity theft and continue to refine and expand the IRS’s tax processing filters used to detect and prevent the issuance of fraudulent tax refunds resulting from identity theft.

Management’s Response:  IRS management agreed with this recommendation.  New processes, including filtering for changes in taxpayer circumstances from year to year and establishing the Identity Theft Clearinghouse, have been implemented.  The Identity Theft Clearinghouse is a specialized unit within Criminal Investigation devoted to the analysis and development of identity theft leads.  IRS processes are subject to continuous review so that it may adapt mitigating strategies to address the constantly changing landscape of identity theft. 

Legislative Recommendation

Recommendation 3:  As put forth in the IRS Fiscal Year 2013 budget proposal, legislation is needed to expand IRS access to NDNH wage information for tax administration purposes.  This access should include IRS electronic receipt of NDNH database files at frequent and regular intervals.

Management’s Response:  IRS management agreed with this recommendation and will continue to work with the Department of the Treasury to elevate the need for authority to expand its use of the NDNH database.

Office of Audit Comment:  The IRS agreed with our recommendations above; however, it did not agree with our estimate of $21 billion in potentially fraudulent refunds as a result of identity theft over the next five years.  The IRS believes its ongoing efforts to improve the detection of identity theft will reduce fraudulent refunds.  We agree that these efforts will help.  As such, our estimate of $21 billion includes an adjustment in years two through five to reduce the estimated amount lost by approximately $1.3 billion each year.  This was based on the dollar amount that the IRS estimated it protected by implementing new filters.  Appendix IV provides a detailed description of the computation of our $21 billion estimate, including discussion of the adjustment for the impact of the IRS’s future efforts.

Processes Need to Be Established to Use Third-Party Information That Is Received Prior to Tax Processing

The IRS receives information from the SSA that can be used to detect false Social Security benefit income and withholding claims at the time tax returns are processed.

Although the IRS does not have access to all third-party income and withholding information at the time tax returns are processed, it does have access to income and withholding information for individuals who receive Social Security benefits.  For example, our review identified that the IRS started receiving Forms SSA-1099, Social Security Benefit Statement, from the Social Security Administration (SSA) in December (received December 22, 2011, for the TY 2011 tax returns).  The Form SSA-1099 information contains the beneficiary’s name, SSN, Social Security benefits received, and Federal income tax withholding.

Our analysis identified almost $232 million in potentially fraudulent tax refunds for which the false income and withholding claimed was for Social Security benefits.  This was a characteristic of some of the tax returns involved with the Tampa scheme.[18]  Matching tax returns (at the time they are processed) to this information could allow the IRS to identify fraudulent tax return filings based on false Social Security benefits income and withholding.  However, the IRS has not established a process to use this information.  In fact, even though the information is received in December, the IRS indicated that the first match to Form SSA-1099 data does not occur until August, approximately four months after most individuals have filed their tax return.[19]

Use of Form SSA-1099 information would enable the IRS to ensure that all Social Security benefits and related withholding reported on tax returns is valid at the time the tax return is filed and before tax refunds are issued.

Subsequent to the completion of our audit testing, IRS management informed us that in January 2012, they began using Form SSA-1099 information during the 2012 Filing Season to identify tax returns with claims for withholding on Social Security benefits when there is no evidence of withholding on the Form SSA-1099.

Recommendation

Recommendation 4:  The Commissioner, Wage and Investment Division, should develop a process to detect false Social Security benefit income and withholding claims at the time tax returns are processed using Form SSA-1099 information received from the SSA.

Management’s Response:  IRS management agreed with the recommendation and implemented changes in their processes earlier this year that made SSA data available for use in January 2012 for the tax filing season.  The IRS will continue to explore options to ensure the SSA data are used fully in detecting potentially fraudulent tax returns. 

Direct Deposit, Including Debit Cards, Continues to Be the Method Individuals Use to Obtain Fraudulent Tax Refunds

Limiting the number of tax refunds that can be deposited to the same tax account can potentially minimize losses associated with fraud.  Direct deposit provides the ability to quickly receive fraudulent tax refunds without the difficulty of having to negotiate a tax refund paper check.  Of the approximately 1.5 million tax returns we identified, 1.2 million (82 percent) used direct deposit to obtain tax refunds totaling approximately $4.5 billion.

Direct deposit, which now includes debit cards,[20] is often used by identity thieves to obtain fraudulent tax refunds.  **********************************2(f)******************** ******************************************2(f)***************************************************************************2(f)***************************************************************************2(f)********************************* ******************************************2(f)***************************************************************************2(f)******************************** ********************************2(f)*********************.  Each method of obtaining a debit card requires a different level of verification in order to acquire a card.  To open a bank account, an individual generally must present at least one form of identification such as a driver’s license or other picture identification. 

Eighty-two percent of the tax returns we identified had approximately $4.5 billion in tax refunds received via direct deposit.  **********************************2(f)**********************************.

*******************************************2(f)************************** *************************************2(f)**************************.  In a September 2008 TIGTA report, we identified that the IRS was not in compliance with direct deposit regulations that require tax refunds to be deposited to an account only in the name of the individual listed on the tax return.[21]  ****************************2(f)***************** ************************************2(f)*******************************.

To improve the IRS’s conformance with direct deposit regulations and to help minimize fraud, we recommended that the IRS limit the number of tax refunds being sent to the same account.  While such a limit does not ensure that all direct deposits are in the name of the filer, it does help limit the potential for fraud.  If a limit was in place, the remaining tax refunds would be converted to a paper refund check and sent to the taxpayers.  While it is possible that a paper tax refund check could be sent to the identity thief, converting the paper check is more difficult than withdrawing a direct deposit.  To cash a check, individuals usually have to provide picture identification matching the name on the tax refund check, in this case the name of the legitimate taxpayer.  This means that the identity thief would need to obtain false identification to cash the fraudulently obtained tax refund check.  This serves as another deterrent to fraud.[22]

The IRS was concerned about limiting the number of direct deposits to a single account because of situations in which an account is in the name of multiple individuals.  Lastly, the IRS acknowledged that tax refunds are subject to payment guidance in the regulations.[23]  However, the IRS places responsibility for compliance with Federal direct deposit regulations on the taxpayer, indicating it is the taxpayers’ responsibility to ensure that their tax refunds are only direct deposited into their accounts.

We analyzed the approximately 1.5 million tax returns we identified to determine the impact of the IRS’s decision to not limit the number of direct deposits to a single bank account.  Figure 6 provides a breakdown of the most egregious examples of multiple tax refunds being deposited to the same bank account.

Figure 6:  Bank Accounts With Volumes Greater Than 300 Direct Deposits

Direct Deposits Per Bank Account
(one bank account at each volume level)

Amount of Tax Refunds Deposited to the Account

320

$535,747

339

$552,825

346

$470,480

366

$594,670

374

$676,468

386

$695,624

414

$707,834

435

$630,691

587

$877,725

590

$909,267

Source:  TIGTA analysis of TY 2010 tax returns.

******************************************2(f)********************

Deposits to debit card accounts are being used by identity thieves committing tax return filing fraud.  For example, investigators working the Tampa scheme identified that most of the fraudulent tax refunds were direct deposited to a debit card account.  As of February 16, 2012, the IRS had provided us with approximately 5,000 debit cards confiscated during the investigation of that scheme.  *********************************2(f)**************** ********************************2(f)***************************. 

****************************************2(f)****************************.  Taxpayers who request to have their tax refund deposited onto a debit card enter a bank account number and bank routing number provided by the debit card company on their tax return.  ********************************************2(f)******************************* ***************************************2(f)********************************* ***************************************2(f)***************************************************************************2(f)************************************ ***************************************2(f)********************************** **************************************2(f)*********************************** ***************************************2(f)***************************************************************************2(f)************************************ ***************************************2(f)********************************** ****************************************2(f)**************************************************************************2(f)************************************ **********************2(f)*****.

The IRS first began receiving confiscated IRS mail from the Tampa scheme in September 2011.  As of February 16, 2012, the IRS had provided us with information relating to 3,457 paper tax refunds checks and approximately 5,000 debit cards confiscated as part of that scheme.  ***************************************2(f)************************************ ***************************************2(f)**********************************.  Further complicating this process is that the confiscated mail was being worked by multiple functions within the IRS.  The IRS informed us that it is in the process of implementing a tracking system for these confiscated tax refunds.  However, a tracking system still had not been implemented as of February 10, 2012. 

The IRS Return Integrity and Correspondence Services’ Accounts Management Taxpayer Assurance Program has a process in which it works with banks to obtain information on questionable tax refunds.  In December 2011, one bank associated with the confiscated debit cards from the Tampa scheme provided the IRS with a list of 60,000 bank accounts, including debit card accounts, it had identified nationwide with questionable tax refunds.  The bank intercepted and prevented questionable refunds totaling $164 million from being deposited into these accounts.  However, this process relies on the banks to provide the IRS with much needed information to identify tax refunds deposited to debit cards. 

Subsequent to the completion of our audit testing, IRS management noted that efforts are underway to establish processes to recover potentially fraudulent tax refunds intercepted by banks, including establishing a specific code that financial institutions can use to reject questionable direct deposits specifically for name mismatches or questionable tax refunds. 

Recommendations

The Commissioner, Wage and Investment Division, should:

Recommendation 5:  As previously recommended, coordinate with responsible Federal agencies and banking institutions to develop a process to ensure that tax refunds issued via direct deposit to either a bank account or a debit card account are made only to an account in the taxpayer’s name.

Management’s Response:  IRS management agreed that limiting the direct deposit of refunds to bank accounts or debit cards held in the taxpayer’s name would be a deterrent to the commission of identity theft.  The IRS will work with the Financial Management Service, which administers the requirements for government-wide direct deposits on behalf of the Department of the Treasury.  The IRS will initiate discussions with the Financial Management Service to revisit this issue and reevaluate the feasibility of imposing such restrictions.  Based on the discussions with the Financial Management Service, the IRS will determine whether such restrictions can be effectively implemented.

Recommendation 6:  As previously recommended, limit the number of tax refunds issued via direct deposit to the same bank account or debit card account in an attempt to reduce the potential for fraud.

Management’s Response:  IRS management agreed that limiting the number of tax refunds issued via direct deposit to the same bank account or debit card would reduce the potential for fraud.  They will initiate discussions with the Financial Management Service to revisit this issue and reevaluate the feasibility of imposing such restrictions.  Based on the discussions with the Financial Management Service, the IRS will determine whether such restrictions can be effectively implemented.

Recommendation 7:  **********************2(f)***************************** *****************************************2(f)********************************** **********************2(f)**************.

Management’s Response:  ****************************2(f)******** **************************************2(f)***************************** **************************************2(f)******************************* **************************************2(f)******************************* ******2(f)*****.

Recommendation 8:  Work with the Department of the Treasury to ensure financial institutions and debit card administration companies authenticate the identity of individuals purchasing a debit card.  Furthermore, prevent the direct deposit of tax refunds to debit cards issued or administered by financial institutions and debit card administration companies that do not take reasonable steps to authenticate individuals’ identities.

Management’s Response:  The IRS will work with the Department of the Treasury Financial Crimes Enforcement Network to develop procedures that can be implemented to ensure authentication of individuals’ identities.  The Department of the Treasury Financial Crimes Enforcement Network establishes the rules governing how financial institutions and debit card administration companies authenticate the identity of individuals purchasing a debit card.  The IRS will initiate the discussion with the Department of the Treasury Financial Crimes Enforcement Network to determine appropriate next steps to improve authentication requirements.

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

The overall objective of this review was to evaluate the effectiveness of the IRS’s efforts to identify and prevent fraudulent tax refunds resulting from identity theft.  This review was performed at the request of the Chairman of the Senate Finance Committee, Subcommittee on Fiscal Responsibility and Economic Growth, and is one of two reviews the TIGTA conducted to evaluate the IRS’s identity theft program.  This review focuses on identity theft related to tax refunds, which occurs when an individual uses another person’s name and SSN to file a fraudulent tax return in order to obtain a fraudulent tax refund.  The review is included in our Fiscal Year[24] 2012 Annual Audit Plan and addresses the major management challenge of Fraudulent Claims and Improper Payments.  To accomplish the objective, we:

I.                 Determined the size and characteristics of IRS-confirmed identity theft as it relates to tax administration.

A.    Quantified the amount of fraudulent tax refunds resulting from identity theft that the IRS prevented from being issued.  We reviewed the FTC’s Consumer Sentinel Network Data Book;[25] the IRS’s Identity Protection Incident Tracking Statistics Report for CYs 2009, 2010, and 2011; and the IRS’s Return Integrity and Correspondence Services’ Weekly Performance Report for CY 2011.

B.    Interviewed the U.S. Postal Inspector, Team Leader, in Tampa, Florida, to obtain information on the tax refund scheme being perpetrated in the Tampa area.  We obtained information on approximately 5,000 debit cards and 3,457 tax refund checks that were confiscated and provided to the IRS by the U.S. Postal Inspector.

C.    Analyzed the tax returns contained in the IRS Operation Mass Mailing databases for Processing Year 2011 and the list of IRS correspondence, including tax refunds, confiscated as part of the Tampa scheme to identify common characteristics of identity theft cases confirmed by the IRS.  In addition, we met with employees in the IRS Accounts Management Taxpayer Assurance Program and Criminal Investigation to discuss the common characteristics of tax refund fraud resulting from identity theft.

D.    Researched various methods identity thieves used to request tax refunds such as direct deposit, debit card, and tax refund check.

E.     Researched the Internal Revenue Manual, the Internal Revenue Code, and Treasury Regulations to determine the timing and requirements for third-party income and withholding documents that are sent to the IRS.

II.               Assessed the accuracy of the IRS’s controls and processes to proactively detect and prevent identity theft. 

A.    Interviewed IRS management regarding its efforts to expand the IRS’s ability to detect and prevent the issuance of fraudulent tax refunds resulting from identity theft. 

B.    Researched the Internal Revenue Manual and local procedures to determine how tax accounts receive an identity theft indicator and how the identity theft indicator affects tax return processing.

C.    Reviewed the Internal Revenue Manual and local procedures to determine the purpose of the Identity Protection PIN and how an individual receives an Identity Protection PIN.  We obtained from the IRS a list of the 53,799 taxpayers who received an Identity Protection PIN for Processing Year 2011.  Using the Individual Returns Transaction File, we analyzed TY 2010 tax returns that contained an Identity Protection PIN to determine if tax returns filed using a valid Identity Protection PIN were processed correctly. 

D.    Evaluated the IRS’s use of the deceased lock indicator to prevent the filing of fraudulent tax returns that incorrectly use the identity of deceased taxpayers.

III.             Assessed the adequacy of the IRS’s controls and processes to detect identity theft and minimize the risk to tax administration.

A.    Identified 1,492,215 tax returns for which the IRS issued more than $5.2 billion in potentially fraudulent tax refunds.  To identify these returns, we analyzed the IRS’s Individual Master File for TY 2010, the Individual Returns Transaction File for Processing Year 2011, the Information Returns Master File for TY 2010, and the National Account Profile database to identify tax returns that contained the characteristics of confirmed identity theft.

B.    Determined if IRS fraud filters in place during Processing Year 2011 would have detected the tax returns we identified in Step III.A..  We obtained Electronic Fraud Detection System information from the IRS for a judgmental sample of 60 tax returns we identified Step III.A.  We used a selected a judgmental sample because no projections were made on the results.

C.    Determined the efforts taken by the IRS to obtain expanded access to the NDNH.

Data validation methodology

During this review, we relied on data extracted from the IRS’s Individual Returns Transaction File for Processing Year 2011, Individual Master File for TY 2010, National Account Profile database, and W-2 File for TY 2010 located on the TIGTA Data Center Warehouse.  We also relied on data extracts from the IRS’s Individual Master File for TY 2010 and an extract of 1099s[26] from the IRS’s Information Returns Processing database for TY 2010 that were provided by the TIGTA Office of Investigations’ Strategic Data Services.  We obtained from the IRS an electronic copy of the Operation Mass Mailing database for Processing Year 2011 and a list of taxpayers who received an Identity Protection PIN for Processing Year 2011.  Before relying on our data, we ensured that each file contained the specific data elements we requested.  In addition, we selected random samples of each extract and verified that the data in the extracts were the same as the data captured in the IRS’s Integrated Data Retrieval System.  As a result of our testing, we determined the data used in our review were reliable. 

Internal controls methodology

Internal controls relate to management’s plans, methods, and procedures used to meet their mission, goals, and objectives.  Internal controls include the processes and procedures for planning, organizing, directing, and controlling program operations.  They include the systems for measuring, reporting, and monitoring program performance.  We determined the following internal controls were relevant to our audit objective:  the internal controls prescribed by the IRS’s Internal Revenue Manuals that are used by the IRS Accounts Management and Submission Processing functions to process identity theft tax returns.  We evaluated those internal controls by interviewing management and reviewing policies and procedures.  We also conducted tests of IRS procedures to ensure identity theft indicators were functioning properly.

 

Appendix II

 

Major Contributors to This Report

 

Michael E. McKenney, Assistant Inspector General for Audit (Returns Processing and Account Services)

Augusta R. Cook, Acting Assistant Inspector General for Audit (Returns Processing and Account Services)

Russell P. Martin, Director

Deann L. Baiza, Acting Director

Sharla Robinson, Acting Audit Manager

Sharon A. Buford, Senior Auditor

Karen C. Fulte, Senior Auditor

Jonathan W. Lloyd, Auditor

Ryan C. Powderly, Auditor

J. Edward Carr, Audit Evaluator

 

Appendix III

 

Report Distribution List

 

Commissioner  C

Office of the Commissioner – Attn:  Chief of Staff  C

Assistant Secretary of the Treasury for Tax Policy

Deputy Commissioner for Services and Enforcement  SE

Deputy Commissioner, Services and Operations, Wage and Investment Division  SE:W

Chief, Criminal Investigation  SE:CI

Director, Customer Account Services, Wage and Investment Division  SE:W:CAS

Director, Return Integrity and Correspondence Services, Wage and Investment Division  SE:W:RICS

Director, Strategy and Finance, Wage and Investment Division  SE:W:S

Executive Director, Investigative and Enforcement Operations, Criminal Investigation  SE:CI:IEO

Program Manager, AMTAP Operations, Wage and Investment Division  SE:W:AMTAP

Chief, Program Evaluation and Improvement, Wage and Investment Division  SE:W:S:PEI

Director, Accounts Management, Wage and Investment Division  SE:W:CAS:AM

Director, Refund Crimes, Criminal Investigation  SE:CI:IEO:RC

Director, Submission Processing, Wage and Investment Division  SE:W:CAS:SP

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Director, Office of Program Evaluation and Risk Analysis  RAS:O

Office of Internal Control  OS:CFO:CPIC:IC

Audit Liaison:  Chief, Program Evaluation and Improvement, Wage and Investment Division  SE:W:S:PEI

 

Appendix IV

 

Outcome Measures

 

This appendix presents detailed information on the measurable impact that our recommended corrective actions will have on tax administration.  These benefits will be incorporated into our Semiannual Report to Congress.

Type and Value of Outcome Measure:

·       Cost Savings, Funds Put To Better Use – Potential; $5,221,018,184 ($20,797,046,368 over five years) in potentially fraudulent tax refunds issued from tax returns meeting the tax return characteristics of identity theft cases confirmed by the IRS (see page 6).

Methodology Used to Measure the Reported Benefit:

We obtained lists of identity theft cases confirmed by the IRS and reviewed these cases to identify common characteristics.  We determined that most of the confirmed identity theft cases we reviewed did not have ********************************2(f)********************* ***************************2(f)********************** to support the income claimed on the tax return.  We further determined that these tax returns claimed four common sources of income.  We applied the characteristics of these cases to all TY[27] 2010 tax returns on the IRS Individual Return Transaction File[28] that were processed in Processing Year 2011.  Below is a summary of the criteria we used to identify questionable tax returns for the four common sources of income:

  1. *****************[29]********************2(f)****************************** ************************************2(f)**********************************************************************2(f)******************************************2(f)********************.
  2. ****************************************2(f)************************************************************2(f)*********************************************************************2(f)*********************************************************************2(f)************************************************2(f)********.
  3. ***************************************2(f)*************************** ***********************************2(f)*********************************************************************2(f)********************************** *************************2(f)****************************.
  4. ***************************************2(f)****************************** *************************************2(f)******************************* *************************************2(f)**************************** *************************************2(f)******************************************************************2(f)****************************.

Using the previously mentioned characteristics, we identified 1,492,215 tax returns that appear to be the result of identity theft.  Further analysis showed that the IRS had issued $5,221,018,184 in tax refunds on these 1.5 million questionable tax returns.  Figure 1 provides the results of our analysis. 

Figure 1:  TY 2010 Individual Tax Returns Meeting Characteristics
of Confirmed Identity Theft Cases *****************2(f)******

***************2(f)**********

Volume of Tax Returns

Total Amount of
Tax Refunds Issued

***2(f)***

1,128,531

$3,495,621,793

***********2(f)*********

93,142

$231,692,282

****2(f)*********

154,729

$531,293,018

****2(f)*******

115,813

$962,411,091

Total

1,492,215

$5,221,018,184

Source:  TIGTA analysis of TY 2010 tax returns.

Despite its ongoing efforts, we believe the IRS will continue to issue significant fraudulent tax refunds resulting from identity theft each year.  As such, we estimate the IRS will issue $20,797,046,368 in potentially fraudulent tax refunds as a result of identity theft over the next five years.  Our estimate takes into consideration the estimated impact of the IRS’s continued efforts to improve its identity theft filters in the 2012 Filing Season.  Our five-year estimate is computed as follows: 

Estimate for year one:

$5,221,018,184 potentially fraudulent tax refunds issued on TY 2010 tax returns based on our analysis described above.

Estimate for years two through five:

$5,221,018,184           Potentially fraudulent tax refunds issued on TY 2010 tax returns

($1,327,011,138)        Revenue protected by the new 2012 identity theft filters 

$3,894,007,046           Estimated cost savings annually as a result of identity theft in years two through five

Five-Year Estimate:

Year One         $5,221,018,184

Year Two        $3,894,007,046

Year Three      $3,894,007,046

Year Four        $3,894,007,046

Year Five        $3,894,007,046

                      $20,797,046,368 Potential cost savings over five years

Type and Value of Outcome Measure:

·       Taxpayer Privacy and Security – Potential; 1,492,215 tax accounts compromised as a result of weaknesses in the IRS’s controls to detect and prevent identity theft (see page 6).

Methodology Used to Measure the Reported Benefit:

Our analysis of TY 2010 tax returns processed during Processing Year 2011 described previously identified 1,492,215 potentially fraudulent tax returns that were incorrectly posted to taxpayers’ tax accounts.  Individuals have an expectation that their accounts with the IRS will be secured and not used for fraudulent purposes.  By processing the fraudulent tax refunds associated with these tax returns, especially in those instances where the IRS had the resources to prevent the tax returns from posting, the IRS did not secure the accounts of 1,492,215 taxpayers.  Many of these individuals will now have to work with the IRS to provide information to prove that their identities were stolen and reestablish the accuracy of their tax accounts. 

 

Appendix V

 

Glossary of Terms

 

Term

Definition

Calendar Year

The 12-consecutive-month period ending on December 31.

Consumer Sentinel Network

A secure online database of consumer complaints received by the FTC as well as other organizations such as the Council of Better Business Bureaus.

Electronic Fraud
Detection System

A compliance system within the Enforcement Division, Compliance Domain, that provides tools needed to perform pre-refund detection of potentially criminal fraudulent tax returns.  This system is used to track refund schemes.

Federal Trade Commission

The primary Federal agency responsible for receiving identity theft complaints.

Filing Season

The period from January through mid-April when most individual income tax returns are filed.

Fiscal Year

A 12-consecutive-month period ending on the last day of any month, except December.  The Federal Government’s fiscal year begins on October 1 and ends on September 30.

Individual Master File

An IRS database that maintains transactions or records of individual tax accounts.

Individual Returns Transaction File

An IRS database containing transcribed tax returns for individuals that includes most forms and schedules. 

Information Returns Master File

An IRS database that contains third-party information documents for taxpayers, such as Forms W-2, Wage and Tax Statement, and Forms SSA‑1099, Social Security Benefit Statement.

Integrated Data
Retrieval System

The IRS computer system capable of retrieving or updating stored information.  It works in conjunction with a taxpayer’s account records.

Internal Revenue Manual

Provides procedural guidance for IRS operations.

National Account
Profile Database

A compilation of selected entity data from various Master Files that also includes data from the SSA.

Operation Mass Mailing Database

The Operation Mass Mailing database is a database of all tax returns identified as Operation Mass Mail by the Accounts Management Taxpayer Assurance Program.  Operation Mass Mail tax returns typically involve the mass submission of fraudulent paper tax returns using the SSNs from residents of Puerto Rico. 

Processing Year

The calendar year in which the tax return or document is processed by the IRS.

Tax Year

A 12-month accounting period for keeping records on income and expenses used as the basis for calculating the annual taxes due.  For most individual taxpayers, the tax year is synonymous with the calendar year.

 

 

 

 


 

 

 

 

X

Appendix VI

 

Management’s Response to the Draft Report

 

 

DEPARTMENT OF THE TREASURY

INTERNAL REVENUE SERVICE

ATLANTA, GA 30308

 

 

COMMISSIONER

WAGE AND INVESTMENT DIVISION

 

June 26, 2012

 

 

MEMORANDUM FOR MICHAEL R. PHILLIPS

                                        DEPUTY INSPECTOR GENERAL FOR AUDIT

 

FROM:                            Peggy Bogadi /s/ Peggy Bogadi

                                        Commissioner, Wage and Investment Division

 

SUBJECT:                       Draft Audit Report- There Are Billions of Dollars in Undetected Tax Refund Fraud Resulting From Identity Theft

                                         (Audit# 201140044)

 

The theft of individuals' Social Security Numbers and other personally identifiable information happens outside the tax system, but is fueling an increase in tax refund fraud.  As your report acknowledges, the IRS tripled the number of identity theft incidents that we detected in a single calendar yearWe are devoting significant resources to combat tax refund fraud using stolen identities and have already taken action with respect to issues identified in the report.  The IRS has a comprehensive identity theft strategy comprised of a two-pronged effort that focuses on fraud prevention and victim assistance.

 

It is important to note that this report generally analyzes the results of the 2011 filing season, and in some cases by using data that was not available to the IRS at the time that tax returns were processedFor the 2012 filing season, the IRS put in place several measures to improve detection of potential fraudThe estimate of undetected fraudulent refunds in the report was based on four potentially fraudulent criteria reflected on 2010 tax returns.  The IRS has already taken steps to address each of these areas.  The IRS put new filters in place during the 2012 filing season, which among other things, address the fraudulent schemes identified in the reportIn addition, the IRS dramatically accelerated the speed at which we make information returns available to our processing functions which allows more timely matching of income.  The IRS also has implemented procedures to analyze case inventory to identify certain returns with fraudulent refundable creditsBecause of these actions, we believe that the report's projection of undetected fraudulent refunds over the next five years is significantly overstated.

 

The IRS has also taken a number actions in additional areas not addressed in the report.  The IRS has enhanced our return processing filters to improve our ability to identify false returns and stop the associated refunds from being issued.  Our improved filters flag returns for additional review if certain changes in taxpayer circumstances are detected.  The IRS is continuously working to strengthen and refine filters, but challenges do exist given the regular changes that many taxpayers experience.

 

Our development and implementation of the Identity Protection Personal Identification Number (PIN) has been a successful effort to both stop fraud and assist victims.  Identified victims of identity theft are provided PINs as a means by which to stop the fraudulent use of the victim's identity in the future, as subsequent tax returns are filed.  The PIN provides the victim with the ability to identify their subsequent returns to the IRS as being the true returns that should be processed.

 

As noted in the report, legislative authority to expand the use the National Directory of New Hires database would significantly help the IRS in our efforts to combat refund fraud.

 

Attached are our comments on your recommendations.  If you have any questions, please contact me, or a member of your staff may contact Jodi L. Patterson, Director, Return Integrity and Correspondence Services, at (202) 283-7673.

 

Attachment

 

Attachment

 

RECOMMENDATIONS

 

The Commissioner, Wage and Investment, should:

 

RECOMMENDATION 1

Develop processes that use NDNH data (if access is granted) and prior year third-party income and withholding information to identify potentially fraudulent tax returns with false income documents.  This process should include verification of the accuracy of income reporting.

 

CORRECTIVE ACTION

We agree with this recommendation.  Prior year third-party income and withholding information is being used as a tool to validate questionable current-year information documents and, by extension, the tax returns with which they are submitted.  We are prepared to combine the use of the National Directory of New Hires (NDNH) information with existing data sources to enhance our ability to identify potentially fraudulent tax returns and false income documents.  As the Treasury Inspector General for Tax Administration recognizes in the report, the IRS must receive legislative authority to use the NDNH data for this purpose.  *****************2(f)******* ******************************2(f)******************.  We therefore consider this an ongoing action.

 

IMPLEMENTATION DATE

Implemented and Ongoing

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATION 2

Develop processes to analyze characteristics of fraudulent tax returns resulting from identity theft and continue to refine and expand the IRS's tax processing filters used to detect and prevent the issuance of fraudulent tax refunds resulting from identity theft.

 

CORRECTIVE ACTION

We agree with this recommendation.  New processes, including filtering for changes in taxpayer circumstances from year to year, and establishment of the Identity Theft Clearinghouse (ITC), have been implemented.  The ITC is a specialized unit within the Criminal Investigation Division devoted to the analysis and development of identity theft leads.  Our processes are subject to continuous review so that we may adapt mitigating strategies to address the constantly changing landscape of identity theft.

 

IMPLEMENTATION DATE

Implemented and Ongoing

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

Director, Criminal Investigation Division, Services and Enforcement

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

LEGISLATIVE RECOMMENDATION

 

RECOMMENDATION 3

As put forth in the IRS Fiscal Year 2013 budget proposal, legislation is needed to expand IRS access to NDNH wage information for tax administration purposes.  This access should include IRS electronic receipt of NDNH database files at frequent and regular intervals.

 

CORRECTIVE ACTION

We support this recommendation and will continue to work with the Department of the Treasury to elevate the need for authority to expand our use of the NDNH database.

 

IMPLEMENTATION DATE

Implemented and Ongoing

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATION

 

RECOMMENDATION 4

The Commissioner, Wage and Investment, should develop a process to detect false Social Security benefit income and withholding claims at the time tax returns are processed using Form SSA-1099 information received from the SSA.

 

CORRECTIVE ACTION

We agree with this recommendation and implemented changes in our processes earlier this year that made Social Security Administration (SSA) data available for use in January 2012 for the tax filing season.  We will continue to explore options to ensure the SSA data is used fully in detecting potentially fraudulent tax returns.

 

IMPLEMENTATION DATE

October 15, 2013

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATIONS

 

The Commissioner, Wage and Investment Division, should:

 

RECOMMENDATION 5

As previously recommended, coordinate with responsible Federal agencies and banking institutions to develop a process to ensure that tax refunds issued via direct deposit to either a bank account or a debit card account are made only to an account in the taxpayer's name.

 

CORRECTIVE ACTION

We agree that limiting the direct deposit of refunds to bank accounts or debit cards held in the taxpayer's name would be a deterrent to the commission of identity theft.  We will work with the Financial Management Service (FMS) who administers the requirements for government-wide direct deposits on behalf of the Department of the TreasuryWe will initiate discussions with FMS to revisit this issue and reevaluate the feasibility of imposing such restrictionsBased on the discussions with FMS, we will determine whether such restrictions can be effectively implemented.

 

IMPLEMENTATION DATE

October 15, 2013

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATION 6

As previously recommended, limit the number of tax refunds issued via direct deposit to the same bank account or debit card account in an attempt to reduce the potential for fraud.

 

CORRECTIVE ACTION

We agree that limiting the number of tax refunds issued via direct deposit to the same bank account or debit card would reduce the potential for fraudWe will initiate discussions with the FMS to revisit this issue and reevaluate the feasibility of imposing such restrictions. Based on discussions with FMS, we will determine whether such restrictions can be effectively implemented.

 

IMPLEMENTATION DATE

October 15, 2013

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATION 7

*****************************************2(f)******************************* *****************************************2(f)******************************** ***************************2(f)****************************.

 

CORRECTIVE ACTION

**********************************************2(f)**************************** *******************************************2(f)**************************** *****************************************2(f)**************************.

 

IMPLEMENTATION DATE

October 15, 2014

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATION 8

Work with the Department of the Treasury to ensure financial institutions and debit card administration companies authenticate the identity of individuals purchasing a debit card.  Furthermore, prevent the direct deposit of tax refunds to debit cards issued or administered by financial institutions and debit card administration companies that do not take reasonable steps to authenticate individuals' identities.

 

CORRECTIVE ACTION

We will work with the Department of Treasury Financial Crimes Enforcement Network (FinCEN) to develop procedures that can be implemented to ensure authentication of individuals' identities.  The FinCEN establishes the rules governing how financial institutions and debit card administration companies authenticate the identity of individuals purchasing a debit card.  We will initiate the discussion with FinCEN to determine appropriate next steps to improve authentication requirements.

 

IMPLEMENTATION DATE

October 15, 2013

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.



[1] Treasury Inspector General for Tax Administration (TIGTA), Ref. No. 2012-40-050, Most Taxpayers Whose Identities Have Been Stolen to Commit Refund Fraud Do Not Receive Quality Customer Service (May 2012).

[2] See Appendix V for a glossary of terms.

[3] FTC, Consumer Sentinel Network Data Book for JanuaryDecember 2011 (Feb. 2012).  The 2011 Consumer Sentinel Network Data Book is based on unverified complaints reported by consumers.  The data are not based on a consumer survey.

[4] Our analysis also does not include tax returns filed with an Individual Taxpayer Identification Number (ITIN).  These individuals frequently use another individual’s SSN to obtain employment, making it difficult to associate ITIN filers with third-party income and withholding documents.

[5] A judgmental sample is a nonstatistical sample, the results of which cannot be used to project to the population.

[6] The IRS sets the tolerance levels to determine the specific score of a tax return that will be sent for further review.  This tolerance is often adjusted throughout the filing season based on resources. 

[7] ********************************************2(f)******************************************** ********************************************2(f)********************************************.

[8] *******************************************************2(f)******************************* ***********************************2(f)************************************************.

[9] ************************************2(f)***********************************************************2(f)********data are as of November 10, 2011, and interest income data are as of December 29, 2011.

[10] Excludes refunds issued on tax returns where the primary tax filer used an ITIN.

[11] In the 2012 Filing Season, the IRS began using a special processing code when Household Employee Income was annotated on a tax return by a taxpayer.  However, prior to the 2012 Filing Season, there was no way to distinguish Household Employee Income from other wages reported on line 7 of a Form 1040.

[12] ***********************************************2(f)****************************************** *****************************************2(f)********************************************* ********************************************2(f)******************************************* ******************************2(f)****************

[13] ****************************************2(f)*****************************************are as of November 10, 2011.  Data for tax returns claiming **2(f)********* are as of December 29, 2011.

[14] TIGTA, Ref. No. 2010-40-129, Expanded Access to Wage and Withholding Information Can Improve Identification of Fraudulent Tax Returns (Sept. 2010).

[15] The example provided is hypothetical. 

[16] TIGTA, Ref. No. 2012-40-050, Most Taxpayers Whose Identities Have Been Stolen to Commit Refund Fraud Do Not Receive Quality Customer Service (May 2012).

[17] This category contains tax returns filed with income claimed for which there is no supporting income documents that would indicate the legitimate taxpayer did not have a tax return filing requirement.

[18] This was a characteristic of fraudulent tax refund claims totaling approximately $1.8 million from this scheme.

[19] The IRS matches third-party income documents to tax returns processed during the current filing season to identify underreported income.

[20] These include prepaid debit cards as well as reloadable cards.

[21] TIGTA, Ref. No. 2008-40-182, Processes Are Not Sufficient to Minimize Fraud and Ensure the Accuracy of Tax Refund Direct Deposits (Sept. 2008).

[22] The requirement to present valid identification is only a deterrent in those instances where there is no collusion among the identity thief and the financial institution or check cashing company negotiating the check.

[23] 31 Code of Federal Regulations Part 210 requires tax refunds to be deposited into an account in the name of the tax return filer.

[24] See Appendix V for a glossary of terms.

[25] FTC, Consumer Sentinel Network Data Book for JanuaryDecember 2011 (Feb. 2012).  The 2011 Consumer Sentinel Network Data Book is based on unverified complaints reported by consumers.  The data are not based on a consumer survey.

[26] **********************************************2(f)*************************************** ***********************************************2(f)************************************** ***********************************************2(f)***************************************** ***************************************2(f)***********************************

[27] See Appendix V for a glossary of terms.

[28] Analysis performed on the Individual Returns Transaction File for ****************2(f)**************** ***2(f)**********used data as of November 10, 2011.  Analysis performed on the Individual Returns Transaction File for interest income used data as of December 29, 2011. 

[29] ********************************2(f)***************************************************.