TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

The Taxpayer Protection Program Improves Identity Theft Detection;
However, Case Processing Controls Need to Be Improved

 

 

 

June 21, 2013

 

Reference Number:  2013-40-062

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

Redaction Legend:

2 = Risk Circumvention of Agency Regulation or Statute

 

 

Phone Number  /  202-622-6500

E-mail Address /  TIGTACommunications@tigta.treas.gov

Website           /  http://www.treasury.gov/tigta

 

 

HIGHLIGHTS

The Taxpayer Protection Program Improves Identity Theft Detection; However, Case Processing Controls Need to Be Improved

Highlights

Final Report issued on June 21, 2013

Highlights of Reference Number:  2013-40-062 to the Internal Revenue Service Commissioner for the Wage and Investment Division.

IMPACT ON TAXPAYERS

As part of the IRS’s strategy to reduce identity theft, it implemented the Taxpayer Protection Program.  This program reviews tax returns that are proactively identified by the IRS as potential identity theft and stops fraudulent refunds before they are issued.  TIGTA found that the IRS’s Taxpayer Protection Program improves identity theft detection.  However, case processing controls need to be strengthened to reduce the burden on taxpayers victimized by identity theft. 

WHY TIGTA DID THE AUDIT

This audit was initiated to evaluate whether the Taxpayer Protection Program helped the IRS effectively assist taxpayers and resolve identity theft cases.  The Taxpayer Protection Program is crucial to the IRS’s efforts to combat tax refund fraud and help victims of identity theft receive their refunds.  This review addresses the IRS’s major management challenge of Tax Compliance Initiatives.

WHAT TIGTA FOUND

The Taxpayer Protection Program improves identity theft detection.  In Calendar Year 2012, the program identified 324,670 tax returns that involved identity theft and prevented the issuance of fraudulent tax refunds totaling $2.2 billion.  These tax returns were identified before processing was completed to protect tax refunds from being issued.

However, controls over identity theft tax returns worked in the Taxpayer Protection Program need to be strengthened.  Tests of identity theft cases showed that the controls relating to the Taxpayer Protection Program data, cases worked, and training were insufficient.  For example:

·       Identity theft indicators are not always input on taxpayer accounts.

·       Account Management Services system cases are not clearly documented or closed accurately.

·       Timeliness measures to accurately track the time frame to resolve cases have not been established.

·        Documentation of employee training is not sufficient.

WHAT TIGTA RECOMMENDED

TIGTA recommended that the IRS develop processes to ensure that required identity theft indicators are placed on taxpayer accounts and employees properly update the Account Management Services system with actions they take when working identity theft cases.  In addition, timeliness measures need to be developed to accurately track the time frame to resolve Taxpayer Protection Program cases.  Employees should complete required training, and documentation should be maintained in the Enterprise Learning Management System.

The IRS agreed with all the recommendations.  The IRS plans to refine existing procedures to ensure that appropriate identity theft indicators are placed on taxpayer accounts, develop a process for managers to review employee updates on cases, form a cross-functional group to establish tracking methodologies for measuring cases from initial contact through case closure, and ensure that employee training is updated on the Enterprise Learning Management System.

 

June 21, 2013

 

 

 

 

MEMORANDUM FOR Commissioner, Wage and Investment Division

 

FROM:                       Michael E. McKenney /s/ Michael E. McKenney

Acting Deputy Inspector General for Audit

 

SUBJECT:                  Final Audit Report – The Taxpayer Protection Program Improves Identity Theft Detection; However, Case Processing Controls Need to Be Improved (Audit # 201240038)

 

This report presents the results of our review to evaluate whether the Internal Revenue Service’s (IRS) Taxpayer Protection Program helped the IRS effectively assist taxpayers and resolve identity theft cases.  This audit is included in the Treasury Inspector General for Tax Administration’s Fiscal Year 2013 Annual Audit Plan and addresses the major management challenge of Tax Compliance Initiatives.

Management’s complete response to the draft report is included as Appendix V.

Copies of this report are also being sent to the IRS managers affected by the report recommendations.  Please contact me if you have questions or Russell P. Martin, Acting Assistant Inspector General for Audit (Returns Processing and Account Services).

 

 

Table of Contents

 

Background

Results of Review

The Taxpayer Protection Program Improves Identity Theft Detection

Case Processing Controls Need to Be Strengthened

Recommendations 1 through 4:

Appendices

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Outcome Measure

Appendix V – Management’s Response to the Draft Report

 

 

Abbreviations

 

AMS

IMF

Account Management Services

Individual Master File

IRS

Internal Revenue Service

RICS

Return Integrity and Correspondence Services

TIGTA

Treasury Inspector General for Tax Administration

 

 

Background

 

Identity theft was the number one consumer complaint for Calendar Year 2011.  Government documents/benefits fraud was the most common form of reported identity theft.

The Federal Trade Commission reported that identity theft was the number one complaint in Calendar Year 2011.  Government documents/benefits fraud was the most common form of reported identity theft.  Complaints about Government documents/benefits fraud have increased 11 percent since Calendar Year 2009.  Florida has the highest per capita rate of reported identity theft complaints, followed by California and Georgia.[1]

Identity theft affects tax administration in two ways:  fraudulently filed tax returns (refund fraud) and misreported income (employment-related fraud).  Both can potentially harm taxpayers who are victims of identity theft.  Figure 1 provides an illustrative description of both refund fraud and employment-related fraud.

Figure 1:  Description of Refund and Employment-Related Fraud

·        The identify thief steals a taxpayer’s Personally Identifiable Information.  Personally Identifiable Information includes an individual’s:

·        Name and Address

·        Telephone Number

·        Social Security Number

·        Bank Account Number

·        Date of Birth

·        Biometrics (eye color, height, etc.)

·        The identify thief uses the information to file a fraudulent tax return, reporting fictitious wages and withholdings, and obtains a tax refund.

·        The taxpayer attempts to file his or her return, but the IRS rejects it because it is a duplicate filing with the same Social Security Number.

·        The taxpayer’s refund is held while the IRS determines the true owner of the Social Security Number.

·        The identify thief uses the information to obtain employment.  The income is reported to the IRS.

·        The IRS completes it income matching for the tax year.

·        If the income is not reported by the person who earned it using the stolen Social Security Number, the IRS sends the taxpayer an underreporter notice stating that the income and payment information does not match what the taxpayer reported on his or her tax return.

Identify Theft

Refund Fraud

Employment- Related Fraud

Source:  Treasury Inspector General for Tax Administration (TIGTA) analysis
of the identity theft process as it affects the IRS and taxpayers.

Employment-related identity theft can affect taxpayers when the IRS attempts to take enforcement actions against the taxpayer for allegedly unreported income.  Refund fraud affects the ability of innocent taxpayers to file their tax returns and receive their tax refunds in a timely manner, which can create significant financial and emotional hardship on the victims.

In July 2005, TIGTA reported (and the IRS agreed) that the IRS needed a corporate strategy to address the growing challenge of identity theft.[2]  The IRS stated that it had developed an Enterprise Identity Theft Strategy.  However, in March 2008, TIGTA reported that the IRS had not placed sufficient emphasis on employment-related and tax fraud identity theft strategies.[3]  The IRS lacked the comprehensive data needed to determine the impact of identity theft on tax administration.  TIGTA recommended that the IRS develop and implement a strategy to address employment-related and tax fraud identity theft that includes coordinating with other Federal agencies, such as the Federal Trade Commission and the Social Security Administration, to evaluate and investigate identity theft allegations relating to tax administration.  Another recommendation focused on improvements in the use of identity theft closing codes in the IRS compliance functions.

Taxpayer Protection Program[4]

As part of the IRS’s strategy to reduce identity theft, the Wage and Investment Division’s Return Integrity and Correspondence Services (RICS) organization implemented the Taxpayer Protection Program.  This program reviews tax returns that are proactively identified by the IRS as potential identity theft.  For the 2012 Filing Season,[5] identity theft filters were programmed into the IRS’ Dependent Database[6] system.  ***************2*************** ***********************************2****************************************** ********************************2*******************************.  Once tax returns are identified as potential identity theft, they are worked by the Taxpayer Protection Program.  The tax returns are held during processing until the IRS can verify the taxpayer’s identity.  If the individual’s identity cannot be confirmed, the IRS removes the tax return from processing.  This prevents the issuance of a fraudulent tax refund.  Figure 2 shows the disposition of cases in the program’s inventory from January 1, 2012, through January 10, 2013.

Figure 2:  Disposition of Taxpayer Protection Program Cases 

(January 1, 2012, Through January 10, 2013)

 

Status

Number

Percentage

Non–Identity Theft Cases[7]

4,229

1%

Open Cases

6,210

2%

Taxpayer Contacted the IRS by Letter

7,392

2%

Taxpayer Contacted the IRS by Telephone

32,957

9%

IRS Letters to Taxpayer Returned Undeliverable

130,173

35%

No Response From Taxpayer

187,822

51%

Total

368,783

100%

Source:  IRS Identity Theft Case Tracking Database.

The Taxpayer Protection Program uses two databases and one system to track and maintain taxpayer account activity. 

·       The IMF is the IRS database that maintains transactions or records of individual taxpayer accounts and is accessed by employees throughout the IRS with a need to view taxpayers’ accounts.  When taxpayers call the IRS and report identity theft, employees input an identity theft indicator directly on the taxpayer’s account on the IMF. 

This review focused solely on the Taxpayer Protection Program case processing controls.  It did not include an evaluation of the effectiveness of IRS filters in identifying tax refunds related to identity theft.  We are conducting a separate review to determine whether the IRS has improved its programs and procedures to identify and prevent fraudulent tax refunds resulting from identity theft.  This review was performed at the Wage and Investment Division’s Return Integrity and Correspondence Services function at the Austin Submission Processing Site in Austin, Texas, during the period May 2012 through January 2013.  We conducted this performance audit in accordance with generally accepted government auditing standards.  Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objective.  We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective.  Detailed information on our audit objective, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

 

 

Results of Review

 

The Taxpayer Protection Program Improves Identity Theft Detection

During Calendar Year 2012, the Taxpayer Protection Program prevented $2.2 billion in fraudulent tax refunds.

The Taxpayer Protection Program improves identity theft detection.  In Calendar Year 2012, the program identified 324,670 tax returns which involved identity theft and prevented the issuance of fraudulent tax refunds totaling $2.2 billion.  These tax returns are identified before processing is completed to protect tax refunds from being issued.  The program stood up in three phases:

Phase One 

In November 2011, the Taxpayer Protection Program was piloted in the RICS organization with 10 employees temporarily detailed to answer the Taxpayer Protection Program toll-free telephone line and another 17 employees to work referral lists.  Various IRS offices, mainly from IRS’s Criminal Investigation, provided the Taxpayer Protection Program with lists of taxpayer accounts that were compiled from seizures of checks, tax returns, or debit cards at the time arrests were made or with lists found in perpetrators’ notebooks.  Identity theft indicators were proactively placed on the accounts of taxpayers who were found on these lists.  The IRS took this step to try to prevent tax-related identity theft before it occurred.

Phase Two 

In January 2012, the RICS organization detailed an additional 10 employees to work identity theft cases identified by new IRS filters developed****************2******* ******************2*********************.  These filters identify tax returns during processing that meet *********************2***********************************.  Once identified, letters are generated to taxpayers requesting that they contact the Taxpayer Protection Program to confirm their identities before their tax returns are processed and refunds are issued.

Phase Three 

In January 2013, the RICS organization separated the Taxpayer Protection Program’s responsibilities into two functions:  the Integrity and Verification Operations and the Business Performance Lab functions.  The Integrity and Verification Operations function detects, evaluates, and prevents improper refunds while ensuring that actions taken are appropriate and fair.  The Business Performance Lab function develops and tests solutions to prerefund revenue protection.

The Taxpayer Protection Program mailed 375,742 letters in Calendar Year 2012 requesting information from individuals

Once a tax return is identified as questionable, a letter is mailed to the individual at the address on the tax return.  The individual is asked to verify within 30 days that he or she filed the tax return.  The individual can respond by telephone, mail, or fax.  If the individual contacts the IRS within the 30 days and the IRS determines that the tax return was filed by the true owner of the Social Security Number, the tax return is processed and the tax refund is issued.  If an individual contacts the IRS after the 30 days, the tax return is retrieved and a determination is made. 

If the letter is returned undeliverable, there is no response, or the tax return is determined to be identity theft, the IRS does not process the tax return.  In these instances, the IRS places an identity theft indicator on the taxpayer’s account. 

During Calendar Year 2012, the IRS mailed 375,742 letters to individuals requesting identity verification and received no response to 335,393 (89 percent) of those letters.  Of the 40,349 (11 percent) letters to which individuals responded:

The IRS significantly increased resources assigned to answer the Taxpayer Protection Program’s toll-free telephone line

During the 2012 Filing Season, as many as 10 employees were tasked with answering the Taxpayer Protection Program’s toll-free telephone line.  The number of employees was insufficient, and the IRS was not prepared to handle the volume of identity theft telephone calls it received.  Only 24 percent of the calls to the Taxpayer Protection Program in the 2012 Filing Season reached an employee.  To improve service to taxpayers victimized by identity theft, the IRS transferred the responsibility for the Taxpayer Protection Program’s toll-free telephone line to the Wage and Investment Division’s Accounts Management function, where more than 200 employees answered the Taxpayer Protection Program’s toll-free telephone line during the 2013 Filing Season.

Guidelines were developed for handling potential identity theft cases

The IRS updated its procedures and developed a processing guide to assist Taxpayer Protection Program employees in working potential identity theft cases.  These tools are updated periodically as procedures change and employees make suggestions.  Based on interviews with program employees, the processing guide provides clear and current information that allows them to effectively work cases. 

In addition, the nine employees we interviewed provided positive comments about the Taxpayer Protection Program.  The employees believe that management is receptive to their concerns and suggestions and that the work they do makes a difference to taxpayers.  All employees interviewed are detailed to the Taxpayer Protection Program and some stated that, if given the opportunity, they would want to be permanently assigned.

Case Processing Controls Need to Be Strengthened

Controls over identity theft tax returns worked in the Taxpayer Protection Program need to be improved.  Tests of identity theft cases showed that the controls relating to the Taxpayer Protection Program data, cases worked, and training were insufficient.  For example:

·       Identity theft indicators are not always input on taxpayer accounts. 

·       AMS system cases are not clearly documented or closed accurately.

·       Timeliness measures to accurately track the time frame to resolve cases have not been established.

·       Documentation of employee training is not sufficient.

Identity theft indicators are not always being input on taxpayer accounts

Identity theft indicators are not always placed on taxpayers’ accounts in the IMF as required.  Our review of a statistical sample of 199 accounts from the 254,437 taxpayer accounts that the Taxpayer Protection Program identified during the period January 13 through October 18, 2012, identified that:

Required indicators were not placed on the IMF taxpayer accounts because Taxpayer Protection Program employees did not consistently follow procedures to input these indicators.  We also found that the electronic update process used by the program to place required identity theft indicators on taxpayer’s IMF accounts was not always updating the accounts with the indicators.  For example, program employees enter information into the Identity Theft Case Tracking Database, which is periodically used to electronically update the IMF.  These updates should add the required indicators to taxpayer accounts.  However, we determined that accounts are not always being updated because some cases have a Taxpayer Identification Number[10] in the Identity Theft Case Tracking Database in a different format than the format on the IMF.  The following example describes this weakness: (hypothetical example)

The IRS creates a temporary Taxpayer Identification Number for a potential identity theft victim in order to remove the questionable tax return transactions from the taxpayer’s account.  These temporary Taxpayer Identification Numbers include an asterisk at the end of the number (i.e., XXX-XX-XXXX*).  However, when a Taxpayer Protection Program employee adds this case to the Identity Theft Case Tracking Database, the employee does not include the asterisk in the Taxpayer Identification Number.  When the program performs its electronic update process to update the IMF accounts with the data in its Identity Theft Case Tracking Database, the identity theft indicator is not posted to the taxpayer’s IMF account because the Taxpayer Identification Number in the IMF has the asterisk and the one in the Identity Theft Case Tracking Database does not, which results in a mismatch.

AMS system cases are not clearly documented or closed accurately

Employees in the Taxpayer Protection Program are not properly updating the AMS system with the actions taken to work identity theft cases.  Our review of 12 cases in the AMS system that were shown as closed on the program’s Identity Theft Case Tracking Database found that in each case, the notes and actions taken by employees were not adequately recorded in the AMS system.  For the 12 cases we reviewed, we were not able to determine by reviewing the AMS system whether the IRS took the appropriate actions when working the case.  In addition, employees did not update three (25 percent) of the 12 cases in the AMS system to indicate that the cases were closed.  These cases were still shown as open in the AMS system.

Employees in the Taxpayer Protection Program are required to update the AMS system with the history of actions they took to work the taxpayer case.  These updates should reflect each access to the taxpayer’s account.  This is not only crucial for the employees in the program but also for IRS employees in other functions who may use the AMS system to answer taxpayer questions.  Accurately updating the AMS system is critical because managers use the system to identify the inventory of open and closed cases and to review case work. 

When taxpayers contact the IRS regarding their accounts and/or the status of their refunds, the AMS system must clearly and accurately reflect the actions the IRS has taken on the cases to enable the employees to effectively assist the taxpayers.  If the AMS system is not current or complete, the taxpayers may be burdened by being asked for repetitive information.  Taxpayers may also be given incorrect information on the status of their case.  Inaccurate information in the AMS system can also result in IRS resources being needlessly expended when employees have to repeat actions that have already been taken by another employee. 

Timeliness measures to accurately track the time frame to resolve cases have not been established

The IRS has not established timeliness measures to accurately track the time frame for Taxpayer Protection Program employees to resolve identity theft cases.  The IRS stated that the average time to resolve these cases is 15 minutes, which the IRS starts tracking with a taxpayer telephone contact and ends with the case resolution.  However, this measure does not accurately account for the timeliness of casework in instances where the taxpayer corresponds by mail.  For example, some taxpayers contact the program by mail months prior to their first telephone contact.  In June 2012, we identified taxpayer response letters (i.e., taxpayer responses to the IRS initial letter alerting the individual of the need to confirm his or her identity) that the IRS received three months earlier, on March 6, 2012.  As of June 2012, these response letters had not been assigned to an employee.  The timeliness resolution measure the IRS uses would not account for the three-month or longer delay to work these cases.

IRS procedures require programs to establish performance measures and to track performance against these measures.  For the Taxpayer Protection Program, the IRS should establish timeliness measures for resolving and closing identity theft cases.  This measure should begin from the IRS’s first contact with the taxpayer, either by letter or telephone.  Without an appropriate timeliness measure, the IRS cannot establish goals and evaluate the quality of service provided to taxpayers by the Taxpayer Protection Program.

Documentation of employee training is not sufficient

The IRS could not provide support confirming that the 230 Taxpayer Protection Program employees received required identity theft training to perform their assigned duties.  This training should instruct employees on how to perform their duties, such as inputting identity theft indicators on taxpayers’ accounts and updating the AMS system with the actions taken on a case.

Although the IRS provided us with a list of employees who completed identity theft training, no official training records were maintained that we could review to verify the type of training received or to confirm that these employees in fact completed the training.  In addition, we determined that Taxpayer Protection Program management does not require employees to document their training in the Enterprise Learning Management System, which is the IRS’s centralized storage location for employee training records.  IRS managers are required to use the Enterprise Learning Management System to document employee training.  Without adequate documentation, the IRS cannot be assured that Taxpayer Protection Program employees have received training needed to work identity theft cases.

Recommendations

The Commissioner, Wage and Investment Division, should: 

Recommendation 1:  Develop a process to ensure that required identity theft indicators are placed on taxpayer accounts in the IMF by employees and the electronic update process. 

Management’s Response:  IRS management agreed with the recommendation and will refine procedures to ensure that appropriate indicators are recorded on taxpayer accounts to document both the openings and closures of identity theft investigations.

Recommendation 2:  Develop a process to ensure that employees are properly updating the AMS system with actions they take when working identity theft cases, including closing the case.

Management’s Response:  IRS management agreed with the recommendation and will develop a process for managers to review employee AMS updates on Taxpayer Protection Program cases.  Updates will be made to Internal Revenue Manual 1.4.10, Resource Guide for Managers – Integrity & Verification Operations Managers Guide, to address this new process.

Recommendation 3:  Develop a timeliness measure to accurately track the time frame to resolve Taxpayer Protection Program cases.  This measurement should start from the first taxpayer contact until the case is ultimately closed.

Management’s Response:  IRS management agreed with the recommendation and will develop a timeliness measure for Taxpayer Protection Program case resolution.  A cross-functional group will be formed to establish tracking methodologies for measuring Taxpayer Protection Program cases from initial contact through case closure.

Recommendation 4:  Ensure that employees complete required training to work identity theft cases and that training records are maintained in the Enterprise Learning Management System.

Management’s Response:  IRS management agreed with the recommendation and is reconciling employee records in the Enterprise Learning Management System with those in the eWorkforce Management application, where the Taxpayer Protection Program training records were initially stored.  Future training will be added to the Enterprise Learning Management System prior to delivery to ensure that employee records are updated as training is received.

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

Our overall objective was to evaluate whether the IRS’s Taxpayer Protection Program helped the IRS effectively assist taxpayers and resolve identity theft cases.  To accomplish our objective, we:

I.                 Identified the procedures and processes that the Taxpayer Protection Program has in place to work identity theft cases.

II.               Assessed the Taxpayer Protection Program’s process for working identity theft cases to ensure that all case actions are appropriate.

III.             Identified any deficiencies in the quality and completeness of training provided based on auditor analysis of the Taxpayer Protection Program processes and the case review results. 

IV.            Determined and assessed the Taxpayer Protection Program’s performance measures. 

From the Identity Theft Case Tracking Database for the period January 13 through October 18, 2012, we obtained a statistical sample of 150 taxpayer accounts from a population 255,745 identity theft cases related to 254,437 taxpayer accounts.  Some taxpayers had no records on the IMF, so we oversampled by selecting a sample of 250 taxpayer accounts to ensure that we reached the sample of 150. 

All accounts were researched and we concluded that 199 of the 250 taxpayer accounts required a beginning case processing identity theft indicator and 186 taxpayer accounts required a case closing identity theft indicator.  From the statistical sample of 199 accounts, we determined whether the appropriate identity theft indicators were input to the taxpayer accounts.  We used a statistical sample based on a 5 percent error rate, a ± 5 percent precision, and a 99.5 percent confidence interval for each sample. 

V.              Obtained data from the AMS system and compared it to the Identity Theft Case Tracking Database to determine the number of cases closed by Taxpayer Protection Program employees and whether the Taxpayer Protection Program’s data are reliable.  We selected a judgmental sample[11] of 12 cases from the population of 309,836 open and closed cases to research on the AMS system.  We selected a judgmental sample because the Taxpayer Protection Program cases could not be identified in the AMS system and because we did not plan to project our results.

VI.            Determined actions being taken to improve the volume of calls answered during filing seasons.

VII.          Determined the validity, completeness, and accuracy of IRS data used during the audit.  We selected an independent sample of the data extract to validate.  We assessed the reliability of data extracted from the Identity Theft Case Tracking Database by:  1) interviewing agency employees knowledgeable about the data and 2) selecting a judgmental sample of 10 cases and verifying that the data elements extracted matched the taxpayer account information on the Integrated Data Retrieval System.[12]  We determined that the data were reliable for the purposes of this report.

Internal controls methodology

Internal controls relate to management’s plans, methods, and procedures used to meet their mission, goals, and objectives.  Internal controls include the processes and procedures for planning, organizing, directing, and controlling program operations.  They include the systems for measuring, reporting, and monitoring program performance.  We determined the following internal controls were relevant to our audit objective:  the IRS’s internal guidelines used by Taxpayer Protection Program employees to work identity theft cases and the management information systems used to control identity theft cases.  These systems include the Identity Theft Case Tracking Database, the IMF, and the AMS system.  We evaluated these controls by reviewing cases, interviewing management, and reviewing policies and procedures.

 

Appendix II

 

Major Contributors to This Report

 

Russell P. Martin, Acting Assistant Inspector General for Audit (Returns Processing and Account Services)

Allen Gray, Director, Customer Service

Lena Dietles, Audit Manager

Tanya Adams, Lead Auditor

Jackie Forbus, Senior Auditor

Patricia Jackson, Senior Auditor

Kathy Coote, Auditor

Nelva Usher, Auditor

Brian Hattery, Information Technology Specialist

 

Appendix III

 

Report Distribution List

 

Principal Deputy Commissioner

Office of the Commissioner – Attn:  Chief of Staff  C

Deputy Commissioner for Operations Support  OS

The Office of Deputy Commissioner for Services and Enforcement  SE

Deputy Commissioner of Services and Operations, Wage and Investment Division  SE:W

Director, Privacy, Governmental Liaison and Disclosure  OS:P

Director, Customer Account Services, Wage and Investment Division  SE:W:CAS

Director, Return Integrity and Correspondence Services, Wage and Investment Division  SE:W:RICS

Director, Strategy and Finance, Wage and Investment Division  SE:W:S

Director, Customer Account Services, Accounts Management, Wage and Investment Division  SE:W:CAS:AM

Director, Submission Processing  OS:CTO:AD:SP

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Director, Office of Program Evaluation and Risk Analysis  RAS:O

Office of Internal Control  OS:CFO:CPIC:IC

Audit Liaison:  Chief, Program Evaluation and Improvement, Wage and Investment Division  SE:W:S:PEI

 

Appendix IV

 

Outcome Measure

 

This appendix presents detailed information on the measurable impact that our recommended corrective actions will have on tax administration.  This benefit will be incorporated into our Semiannual Report to Congress.

Type and Value of Outcome Measure:

·       Reliability of Information – Potential; 37,882 taxpayer accounts with no applicable identity theft indicator (see page 7).  

Our review of a statistical sample of 199 accounts from 254,437 taxpayer accounts that the Taxpayer Protection Program identified during the period January 13 through October 18, 2012, determined that:

 

Appendix V

 

Management’s Response to the Draft Report

 

DEPARTMENT OF THE TREASURY

INTERNAL REVENUE SERVICE

ATLANTA, GA 30308

 

COMMISSIONER

WAGE AND INVESTMENT DIVISION

 

 

June 4, 2013

 

 

MEMORANDUM FOR MICHAEL E. MCKENNEY

           ACTING DEPUTY INSPECTOR GENERAL FOR AUDIT

 

FROM:                            Peggy Bogadi /s/ Peggy Bogadi

                                         Commissioner, Wage and Investment Division

 

SUBJECT:                       Draft Audit Report - The Taxpayer Protection Program Improves Identity Theft Detection; However, Case Processing Controls Need to Be Improved (Audit # 201240038)

 

Thank you for the opportunity to review the subject draft report.  We appreciate the report's acknowledgement of our improvements in early detection of potentially fraudulent tax returns with indications of identity theft.  The Taxpayer Protection Program (TPP) is one of the first lines of defense in stopping the victimization of innocent taxpayers whose identities may have been compromised and used by unscrupulous individuals to claim fraudulent refunds.  As noted in the report, the TPP emerged from a pilot program in November 2011, which eventually stopped 324,670 fraudulent refund claims totaling $2.2 billion during the 2012 Filing Season.

 

As the TPP stood up as a fully functioning program, we identified areas of improvement.  We have taken, or are in the process of taking, action to make those improvements to the operations.  To ensure appropriate staffing was available for the toll-free telephone line, approximately 600 Accounts Management employees were trained so that a minimum complement of at least 200 employees were available to assist taxpayers during the 2013 Filing Season.  New training was developed and delivered to ensure the additional employees were prepared for the beginning of the filing season.  Although the training modules were not incorporated into the Enterprise Learning Management System, the employee records are being manually updated to reflect course completion.  We will ensure future training sessions are cataloged prior to delivery to ensure employee records are updated as training is received.

 

Attached are our comments on your recommendations.  If you have any questions, please contact me, or a member of your staff may contact Jodi L. Patterson, Director, Return Integrity and Correspondence Services, Wage and Investment Division, at (404) 338-9042.

 

Attachment

 

Attachment

 

RECOMMENDATIONS

 

The Commissioner, Wage and Investment Division, should:

 

RECOMMENDATION 1

Develop a process to ensure that required identity theft indicators are placed on taxpayer accounts in the IMF by employees and the electronic update process.

 

CORRECTIVE ACTION

We will refine procedures to ensure appropriate indicators are recorded on taxpayer accounts to document both the openings and closures of identity theft investigations.

 

IMPLEMENTATION DATE

October 15, 2013

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATION 2

Develop a process to ensure that employees are properly updating the AMS system with actions they take when working identity theft cases, including closing the case.

 

CORRECTIVE ACTION

We agree with the recommendation and will develop a process for managers to review employee Accounts Management Services updates on Taxpayer Protection Program (TPP) cases.  Updates will be made to Internal Revenue Manual 1.4.10, resource Guide for Managers – Integrity & Verification Operations Managers Guide, to address this new process.

 

IMPLEMENTATION DATE

February 15, 2014

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATION 3

Develop a timeliness measure to accurately track the time frame to resolve Taxpayer Protection Program cases.  This measurement should start from the first taxpayer contact until the case is ultimately closed.

 

CORRECTIVE ACTION

We agree to develop a timeliness measure for TPP case resolution.  A cross-functional group will be formed to establish tracking methodologies for measuring TPP cases from initial contact through case closure.

 

IMPLEMENTATION DATE

January 15, 2014

 

RESPONSIBLE OFFICIAL

Director, Return Integrity and Correspondence Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.

 

RECOMMENDATION 4

Ensure that employees complete required training to work identity theft cases and that training records are maintained in the Enterprise Learning Management System.

 

CORRECTIVE ACTION

We agree with the recommendation and are reconciling employee records in the Enterprise Learning Management System (ELMS) with those in the eWorkforce Management application, where the TPP training records were initially stored.  Future training will be added to ELMS prior to delivery to ensure employee records are updated as training is received.

 

IMPLEMENTATION DATE

March 15, 2014

 

RESPONSIBLE OFFICIAL

Director, Accounts Management, Customer Account Services, Wage and Investment Division

 

CORRECTIVE ACTION MONITORING PLAN

We will monitor this corrective action as part of our internal management control system.



[1] Federal Trade Commission, Consumer Sentinel Network Data Book, p. 3 (Feb. 2012).

[2] TIGTA, Ref. No. 2005-40-106, A Corporate Strategy Is Key to Addressing the Growing Challenge of Identity Theft (Jul. 2005).

[3] TIGTA, Ref. No. 2008-40-086, Outreach Has Improved, but More Action Is Needed to Effectively Address Employment-Related and Tax Fraud Identity Theft (Mar. 2008). 

[4] Formerly known as the Taxpayer Protection Unit.

[5] The period from January through mid-April when most individual income tax returns are filed.

[6] The Dependent Database is a ‘rules-based’ system that incorporates a scoring model and ***************2***** **********2************ that examines tax returns in a prerefund environment.

[7] The IRS matched these cases against information returns that it maintains and determined the cases were not identity theft cases.  The IRS subsequently released the refund.

[8] Batch processing is used to update the IMF.

[9] Of the 199 cases we sampled, case processing was complete for 186. 

[10] The IRS assigns temporary Taxpayer Identification Numbers to some taxpayers involved with a duplicate tax return situation. 

[11] A judgmental sample is a nonstatistical sample, the results of which cannot be used to project to the population.

[12] IRS computer system capable of retrieving or updating stored information.  It works in conjunction with a taxpayer’s account records.

[13] We projected our error rate over the population of taxpayer accounts by dividing the 20 accounts by 199 (our sample) to get an error rate of 10.05 percent.  We multiplied 10.05 percent by the 254,437 accounts in the population to get 25,571 accounts that were not properly updated.  Numbers do not match due to rounding.

[14] We projected our error rate over the population of taxpayer accounts by dividing the nine accounts that were not updated by 186 (our sample) to get an error rate of 4.8387 percent.  We multiplied this error rate by the 254,437 accounts in the population to get 12,311 accounts that are not updated with an identity theft indicator.