TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

 

 

Detection Has Improved; However, Identity Theft Continues to Result in Billions of Dollars in Potentially Fraudulent Tax Refunds

 

 

 

September 20, 2013

 

Reference Number:† 2013-40-122

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

Redaction Legend:

2 = Risk Circumvention of Agency Regulation or Statute

 

 

Phone Number† /† 202-622-6500

E-mail Address /TIGTACommunications@tigta.treas.gov

Website†††††††††† /http://www.treasury.gov/tigta

 

 

HIGHLIGHTS

DETECTION HAS IMPROVED; HOWEVER, Identity Theft CONTINUES TO RESULT IN BILLIONS OF DOLLARS IN POTENTIALLY FRAUDULENT TAX REFUNDS

Highlights

Final Report issued on September 20, 2013.

Highlights of Reference Number:† 2013-40-122 to the Internal Revenue Service Commissioner for the Wage and Investment Division.

IMPACT ON TAXPAYERS

Identity theft continues to be a serious and growing problem which has a significant impact on tax administration.Undetected tax refund fraud results in significant unintended Federal outlays and erodes taxpayer confidence in the Federal tax system.†

WHY TIGTA DID THE AUDIT

This review is a follow-up to a July 2012 TIGTA audit report, There Are Billions of Dollars in Undetected Tax Refund Fraud Resulting From Identity Theft (Reference No. 2012-42-080).† The overall objective of this review was to determine whether the IRS has improved its programs and procedures to identify and prevent fraudulent tax refunds resulting from identity theft.

WHAT TIGTA FOUND

Our review found that expanded identity theft detection efforts are helping identify fraudulent tax returns.† However, billions of dollars in potentially fraudulent refunds continue to be paid.† Our analysis of Tax Year 2011 tax returns identified approximately 1.1 million undetected tax returns filed using a Social Security Number that have the same characteristics of IRS-confirmed identity theft tax returns.† Potentially fraudulent tax refunds issued total approximately $3.6 billion, which is down by $1.6 billion compared to the $5.2 billion TIGTA reported for Tax Year 2010.

In addition, TIGTA expanded its Tax Year 2011 analysis to include tax returns for which the primary Taxpayer Identification Number on the tax return is an Individual Taxpayer Identification Number (ITIN).† TIGTA identified more than 141,000 Tax Year 2011 tax returns filed with an ITIN that have the same characteristics as IRS-confirmed identity theft tax returns involving an ITIN.† Potentially fraudulent tax refunds issued for these undetected tax returns totaled approximately $385 million.†

Lastly, the IRS has still not taken actions to prevent multiple tax refunds from being deposited to the same bank account.† This continues to provide identity thieves with an easy method to obtain fraudulent tax refunds.

WHAT TIGTA RECOMMENDED

TIGTA recommended that the Commissioner, Wage and Investment Division: †1) deactivate ITINs assigned to individuals prior to January 1, 2013, who no longer have a tax filing requirement in an effort to reduce tax filing fraud and 2) continue to analyze the characteristics of identity theft tax returns, including using the characteristics of questionable ITIN application data to expand identity theft filters.

IRS management agreed with TIGTAís recommendations.† An implementation team is addressing the deactivation process for ITINs issued prior to 2013 and is developing an enterprisewide process to accomplish that objective.† In addition, during the 2012 and 2013 Filing Seasons, the Taxpayer Protection Program identified opportunities for improvement to the filter processes and implemented changes that improved their performance and effectiveness.† The IRS plans to continue to evaluate the feasibility and impact of changes to the Dependent Database filters and ITIN Real-Time System.

 

September 20, 2013

 

 

MEMORANDUM FOR Commissioner, Wage and Investment Division

 

FROM:†††††††††††††††††††††† Michael E. McKenney /s/ Michael E. McKenney

††††††††††††††††††††††††††††††††† Acting Deputy Inspector General for Audit

 

SUBJECT:††††††††††††††††† Final Audit Report Ė Detection Has Improved; However, Identity Theft Continues to Result in Billions of Dollars in Potentially Fraudulent Tax Refunds (Audit # 201240044)

 

This report presents the results of our review to determine whether the Internal Revenue Service (IRS) has improved its programs and procedures to identify and prevent fraudulent tax refunds resulting from identity theft.† This review is a follow-up to our July 2012 audit report, There Are Billions of Dollars in Undetected Tax Refund Fraud Resulting From Identity Theft.[1] †The review is included in our Fiscal Year 2013 Annual Audit Plan and addressed the major management challenge of Fraudulent Claims and Improper Payments.

Managementís complete response to the draft report is included as Appendix VI.

Copies of this report are also being sent to the IRS managers affected by the report recommendations.† Please contact me if you have questions or Russell P. Martin, Acting Assistant Inspector General for Audit (Returns Processing and Account Services).

 

 

Table of Contents

 

Background

Results of Review

Expanded Identity Theft Detection Efforts Are Helping to Identify Fraudulent Tax Returns; However, Billions of Dollars in Potentially Fraudulent Refunds Continue to Be Paid

**********************************2***********************************************2**************************

Individual Taxpayer Identification Numbers Are Sometimes Used to File Potentially Fraudulent Tax Returns

Recommendation 1:

Continued Expansion of Identity Theft Filters Can Increase Detection of Fraudulent Tax Returns

Recommendation 2:

Actions Still Have Not Been Taken to Prevent Multiple Tax Refunds From Being Deposited to the Same Bank Account

Appendices

Appendix I Ė Detailed Objective, Scope, and Methodology

Appendix II Ė Major Contributors to This Report

Appendix III Ė Report Distribution List

Appendix IV Ė Outcome Measures

Appendix V Ė Glossary of Terms

Appendix VI Ė Managementís Response to the Draft Report

 

 

Abbreviations

 

e-file(d)

Electronically file(d)

IRS

Internal Revenue Service

ITIN

Individual Taxpayer Identification Number

PIN

Personal Identification Number

SSN

Social Security Number

TIGTA

Treasury Inspector General for Tax Administration

 

 

Background

 

The Federal Trade Commission has reported identity theft as the number one consumer complaint since Calendar Year 2000.

Identity theft continues to be a serious and growing problem which has a significant impact on tax administration.† Identity theft for the purpose of tax fraud occurs when an individual uses another personís name and Taxpayer Identification Number[2] (generally a Social Security Number (SSN)) to file a fraudulent tax return to obtain a fraudulent tax refund.† Unscrupulous individuals are stealing identities at an alarming rate for this purpose.

Many individuals who are victims of this type of identity theft may be unaware that their identity has been used to file fraudulent tax returns.† The individuals victimized are typically those who are not required to file a tax return.† Figure 1 provides a comparison of the total number of tax returns the Internal Revenue Service (IRS) confirmed to involve identity theft for Processing Years 2011 and 2012 as well as the fraudulent refunds prevented.

Figure 1:† Identity Theft Tax Returns Confirmed
As Fraudulent in Processing Years 2011 and 2012

Processing Year

Number of Confirmed
Identity Theft Tax Returns

Fraudulent Tax Refunds Prevented From Being Issued

2011

1,086,727

$ ††7,972,883,955

2012

1,841,144

$ 12,108,211,555

Source: †The IRSís Refund Fraud and Identity Theft Global Report for Calendar Year 2012.

The impact of identity theft on tax administration is significantly greater than the amount detected and prevented by the IRS

While the number of fraudulent tax refunds the IRS detects and prevents is substantial, it does not know the full scope of the fraud.† A July 2012 Treasury Inspector General for Tax Administration (TIGTA) report on identity theft found that undetected tax refund fraud results in significant unintended Federal outlays.[3]† The issuance of fraudulent tax refunds erodes confidence in the Federal tax system and increases the burden on those taxpayers who comply with the tax laws.

In the 2012 report, TIGTA concluded that, based on an analysis of Tax Year 2010 tax returns processed during the 2011 Filing Season, tax fraud by individuals filing fictitious tax returns with false income and withholding is significantly greater than what the IRS detects and prevents.† Using characteristics of identity theft confirmed by the IRS, we identified approximately 1.5 million undetected tax returns with potentially fraudulent tax refunds totaling in excess of $5.2 billion.†

This review was performed as a follow-up review to the July 2012 TIGTA audit on identity theft, which was performed at the request of Senator Bill Nelson, Chairman of the Senate Finance Subcommittee on Fiscal Responsibility and Economic Growth.† Senator Nelson also requested this follow-up review.† This review was performed at the IRS Wage and Investment Division Accounts Management and Submission Processing functions in Atlanta, Georgia, during the period September 2012 through June 2013.† We conducted this performance audit in accordance with generally accepted government auditing standards.† Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objective.† We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective.† Detailed information on our audit objective, scope, and methodology is presented in Appendix I.† Major contributors to the report are listed in Appendix II.

 

 

Results of Review

 

Expanded Identity Theft Detection Efforts Are Helping to Identify Fraudulent Tax Returns; However, Billions of Dollars in Potentially Fraudulent Refunds Continue to Be Paid

TIGTA analysis of Tax Year 2011 tax returns identified approximately 1.1 million undetected tax returns with approximately $3.6 billion in potentially fraudulent refunds.

In response to our 2012 report, the IRS continues to expand its efforts to identify and prevent fraudulent tax refunds from being issued as a result of identity theft.† Our analysis of Tax Year 2011 tax returns identified approximately 1.1 million undetected tax returns filed using SSNs that have the same characteristics of IRS-confirmed identity theft tax returns.† Potentially fraudulent tax refunds issued total approximately $3.6 billion. †Although these tax returns met the characteristics of IRS-confirmed identity theft cases involving the use of an SSN, some potentially fraudulent tax returns we identified could also be the result of nonreporting of income and withholding by the employer or an individual using his or her own SSN to file a fraudulent tax return.†

The amount of undetected potentially fraudulent refunds is down by $1.6 billion from the $5.2 billion we reported for Tax Year 2010.† Despite the increased efforts, billions of dollars in potentially fraudulent tax refunds continue to be issued without detection.†

In addition, we expanded our Tax Year 2011 analysis to include tax returns for which the primary Taxpayer Identification Number on the return is an Individual Taxpayer Identification Number (ITIN).† We identified more than 141,000 Tax Year 2011 tax returns filed with an ITIN that have the same characteristics as IRS-confirmed identity theft tax returns involving an ITIN.† Potentially fraudulent tax refunds issued for these undetected tax returns totaled approximately $385 million.

**********************************2********************************************************************** *******2*****************************************************************************2************* ****************************************************************2***************************** ************************************************2********************************************** ***********2*********************.

The IRS continues to expand its identity theft detection efforts

The IRS continues to improve its efforts for identity theft detection and prevention of fraudulent tax refund issuance. †These efforts include:†

Expanding identity theft filters.† The IRS first developed identity theft filters for use in Processing Year 2012.† The filters are used to identify potentially fraudulent tax returns and prevent the issuance of refunds at the time tax returns are being processed.† Tax returns identified via the filters are held during processing until the IRS can verify the taxpayerís identity.† If the individualís identity cannot be confirmed, the IRS removes the tax return from processing.† This prevents the issuance of a fraudulent tax refund.† In Processing Year 2012, there were 11 filters[4] that identified approximately 325,000 tax returns and prevented the issuance of approximately $2.2 billion in fraudulent refunds.† In Processing Year 2013, the number of filters increased to more than 80.† As of May 30, 2013, the IRS identified 151,010 tax returns and prevented the issuance of approximately $840 million in fraudulent tax refunds.† This represents a 90 percent increase over the number that the IRS identified for the same period in Processing Year 2012.[5]

Expanding account locks.† The IRS continues to expand the number of tax accounts that it locks by placing an identity theft indicator on the individualsí tax accounts.† Between January 2011 and May 2013, the IRS has locked approximately 10 million taxpayer accounts.† Electronically filed (e-filed) tax returns using the SSN of a locked account will be rejected (the IRS will not accept the tax return for processing).† As of May 31, 2013, the IRS has rejected 152,301 e-filed tax returns.† Paper-filed tax returns will be processed; however, the tax returns will not post to the Master File due to the account lock, and a refund will not be issued.† The IRS has stopped 169,642 paper-filed tax returns and prevented the issuance of approximately $5.6 million[6] in fraudulent tax refunds since the inception of the lock.

Developing a process to cluster tax returns with the same address and/or direct deposit account numbers.† We previously reported that a characteristic of some of the potentially fraudulent tax returns we identified was the use of the same address and/or the same direct deposit account. †In response, the IRS developed a filtering tool that groups tax returns based on address, zip code, and/or bank routing number.† The groupings are then filtered through various business rules to identify potentially fraudulent tax returns.† Tax return clustering was not in place when the Tax Year 2011 tax returns we analyzed were processed.† The filtering tool became operational in Processing Year 2013.† As of May 30, 2013, the IRS indicated it had identified 154,302 tax returns and prevented the issuance of approximately $470 million in tax refunds.

Developing leads from its Identity Theft Clearinghouse.† The Identity Theft Clearinghouse provides IRS Criminal Investigation with a central location to review and process identity theft leads.† The Clearinghouse performs research on each lead to develop it for the field offices and ensure that an open investigation is not already underway.† In addition, the Clearinghouse passes relevant information to the appropriate function to attempt to incorporate newly identified fraud characteristics into identity theft filters.† As of May 31, 2013, the Clearinghouse has received more than 3,400 identity theft leads that have resulted in the development of 478 investigations.

Expanding cooperation with local law enforcement.† In April 2012, with the assistance of various law enforcement agencies, the IRS developed a pilot program to allow the IRS to share tax return information with law enforcement agencies with the consent of a taxpayer.† This partnership, which is known as the Law Enforcement Assistance Program, has since been expanded to include all 50 States, the District of Columbia, Guam, the Northern Marianas Islands, Puerto Rico, and the U.S. Virgin Islands.† This initiative provides a way for taxpayers to release their tax records to law enforcement agencies to attempt to find the identity thief through the review of their tax return.† The law enforcement agency requests that the victim of identity theft fill out a waiver so that the IRS can release the tax return information filed by the identity thief to the law enforcement agency.† As of May 30, 2013, the IRS has processed 2,731 waivers from 244 different law enforcement agencies.

While the above efforts have increased the IRSís detection of fraudulent tax returns and prevented the issuance of billions of dollars in fraudulent tax refunds, the IRS still does not have timely access to third-party income and withholding information needed to make substantial improvements in its detection efforts at the time tax returns are processed.

***************************************2******************************************************************2**********************

Access to third-party income and withholding information is the key to enabling the IRS to prevent the continued issuance of billions of dollars in fraudulent tax refunds.† The following shows one example of how the IRS can identify and prevent tax refund fraud when it has timely access to third-party information.†

In response to a recommendation made in our prior report, the IRS began matching Social Security benefit income and withholding reported on tax returns to information reported to the IRS by the Social Security Administration when tax returns are processed.† Annually, in December, the IRS receives Forms SSA-1099, Social Security Benefit Statement, from the Social Security Administration.† The Form SSA-1099 contains the beneficiaryís name, SSN, Social Security benefits received, and Federal income tax withholding.† For Processing Year 2012, the IRS created a filter that uses the Form SSA-1099 information at the time tax returns are processed to identify potentially fraudulent tax returns.† The IRS decreased the number of undetected tax returns based on fraudulent Social Security benefit income by 86 percent compared to the amount we previously reported.

Figure 2 provides a comparison of the number of undetected potentially fraudulent tax returns involving Social Security income and withholding for Tax Year 2010 to the number we identified for Tax Year 2011.

Figure 2:† Comparison of Undetected Tax Returns
Claiming Social Security Benefits and Withholding
for Tax Years 2010 and 2011

Undetected
Tax Year 2010
Tax Returns/Dollars

Undetected
Tax Year 2011
Tax Returns/Dollars

Number of Tax Returns

93,142

12,993

Total Refund Amounts

$ 231,692,282

$ 62,856,556

Source:† TIGTA analysis of Tax Year 2010 and 2011 tax returns.

The IRS would have been able to identify even more of the tax returns with fraudulent claims for Social Security benefits if it had been able to program this filter for use earlier in the 2012 Filing Season.† Programming put in place at the beginning of the 2013 Filing Season included the entire Social Security record, which should enable the IRS to detect most tax returns reporting false Social Security benefits and withholding during the 2013 Filing Season.† As of May 30, 2013, the IRS indicated it had identified 36,523 tax returns and prevented the issuance of approximately $184 million in tax refunds due to the Social Security filters.

However, most of the third-party income and withholding information is not available until well after tax return filing begins.† Legislation would be needed for changes to the filing deadlines for information returns.† The deadline for filing most information returns with the IRS is March 31, yet taxpayers can begin filing their tax returns as early as mid-January each year.† For the 2013 Filing Season, the IRS received more than 88 million tax returns as of March 30, 2013.†

In April 2011, the IRS Commissioner introduced the IRSís vision of an initiative that would allow matching of data on tax returns with data on third-party information returns at the time tax returns are processed.† It is envisioned that this would reduce the number of erroneous refunds paid because it would allow the IRS to substantiate claims or entries made by the taxpayer on the tax return as they are filed. The IRS found that 91 percent of individual taxpayers receive one of three third-party information return types.[7]† As such, those information returns would likely be the highest priority for any changes to expedite transmittal and access for use in processing tax returns.†

To date, the IRS has conducted stakeholder sessions to discuss the impact, opportunities, and constraints around earlier data matching.† While most stakeholders agree this type of solution is needed, they are concerned that earlier reporting will lead to more errors in the data.† For example, stakeholders raised concerns that several pieces of information on the income documents, such as tax on life insurance premiums, third-party sick pay, and State disability information, may not be available until after December 31.† *********2************ ******************************************2******************************************************** *********************2*****************************************************2*************************.†

**********************************2*************************************************************** **************2*****************************************************************************2******* **********************************************************************2********************************* **********************************2*****************************.†

********************************************2*****************************************************************2**************

Figure 3 provides a summary of our analysis, ******************2***************.

Figure 3:† ****************************2***************
**********************2**************Year 2011 Tax Returns

**********2*******
*****2********

Tax Returns


Refunds Issued

********2***********

802,672

$ 2,354,349,943

*********************2******

12,993

$ 62,856,556

************2**************

204,522

$ 698,118,714

*********2************

66,811

$ 497,081,019

Total

1,086,998

$ 3,612,406,232

Source:† TIGTA analysis of Tax Year 2011 tax returns.

Figure 4 identifies specific characteristics of the 1.1 million taxpayers whose SSNs were used on these tax returns.

Figure 4:† Characteristics of the Individuals Whose
SSNs Were Used on Undetected Tax Returns

Characteristic

Tax Returns

Refunds Issued

Children (under age 14)

1,451

$ 2,036,064

Citizens of U.S. Possessions

22,090

$ 113,799,479

Deceased†

19,102

$ 70,180,690

Elderly (age 70 and over)

28,700

$ 136,320,008

Income Level Does Not Require Tax Return Filing[8]

753,004

$ 2,632,240,181

Prisoner[9]

37,249

$ 133,087,550

Students (ages 16 to 22)

225,402

$ 524,742,260

Total

1,086,998

$ 3,612,406,232

Source:† TIGTA analysis of Tax Year 2011 tax returns.

When taxpayers file their returns after a fraudulent return has been filed, they often experience significant burden and delays

For those individuals who are required to file a tax return, it is not until the legitimate individual files a tax return, resulting in a duplicate filing under the same name and SSN, that many individuals realize they are a victim of identity theft.† When the identity thief files the fraudulent tax return before the legitimate taxpayer, the IRS does not yet know that the victimís identity will be used more than once.† Once the legitimate taxpayer files his or her tax return, this tax return is identified as a duplicate tax return and the refund is held until the IRS can confirm the taxpayerís identity.† For Tax Year 2011, we identified more than 174,000 SSNs that were used multiple times, i.e., one or more potentially fraudulent tax returns were associated with the multiple use of an SSN.[10]† We estimate that approximately $183 million in potentially fraudulent tax refunds were paid to identity thieves who filed tax returns before the legitimate taxpayers filed theirs.[11] †This is in addition to the $4 billion[12] noted previously, which is related to taxpayers who do not appear to have a filing requirement.

Individual Taxpayer Identification Numbers Are Sometimes Used to File Potentially Fraudulent Tax Returns

Our analysis identified 141,062 tax returns filed for Tax Year 2011 by individuals using an ITIN that had characteristics of IRS-confirmed identity theft tax returns.† These returns resulted in the issuance of approximately $385 million in potentially fraudulent tax refunds.† Although these tax returns had the characteristics of IRS-confirmed identity theft cases involving the use of an ITIN, some of the potentially fraudulent tax returns we identified could also be the result of misreporting of income and withholding by the employer or an individual obtaining an ITIN for the sole purpose of using the ITIN to file a fraudulent tax return.

There were 141,287 Taxpayer Identification Numbers used on the Forms W-2, Wage and Tax Statement, associated with the 141,062 tax returns.† *********2*************** ************************************ ***2***********************************************************************2******* ************************************************2***********.

Any person required to file a tax return must include an identifying number, referred to as a Taxpayer Identification Number.† For the majority of filers, this is the individualís SSN.† The IRS created the ITIN to provide a Taxpayer Identification Number to individuals who do not have and are not eligible to obtain an SSN.† IRS guidelines specify that an ITIN is to be used for Federal income tax purposes only and is not valid for work.† As with SSNs, ITINs are specific to individuals and should be issued to and used by only one individual.

*********************************2***************************************** **************************2**************************************.† To identify the potentially fraudulent tax returns, we matched the Taxpayer Identification Number under which the income was reported on the tax return to the Forms W-2 the IRS receives from the Social Security Administration.† *********************2************************************2******************************************** *******************************2************************************************************************* *****2********************************************2***Figure 5 identifies specific characteristics of the Taxpayer Identification Numbers under which the income and withholding were reported on the tax returns we identified.†

Figure 5:† Characteristics of the Taxpayer Identification Numbers
Used to Report Income on the Undetected Tax Returns

Characteristic

Taxpayer Identification Numbers
Used on Forms W-2

Child (under age 14)

††††††††††† 5,760

Citizens of U.S. Possessions

462

Deceased Individual

3,527

Elderly Individual (age 70 and over)

2,494

IRS-Issued Identification Number[13]

101,680

Prisoner

109

Student (ages 16 to 22)

12,615

Individuals Not in Above Categories[14]

14,640

Total

141,287

Source:† TIGTA analysis of Tax Year 2011 tax returns.

In a July 2012, TIGTA reported that the IRS has not established processes to identify and deactivate ITINs.[15]† For example, the IRS regularly receives data from the Social Security Administration[16] identifying the SSNs of deceased individuals to enable the IRS to verify identity, prevent fraud, and comply with the USA PATRIOT Act.[17]† However, the IRS has not established a process to identify ITINs of deceased individuals or individuals who no longer have a valid tax-related purpose so that those ITINs can be deactivated.† The ITIN is intended for tax purposes only and creates no inference regarding an alien individualís right to be legally employed in the United States or that individualís immigration status, i.e., the ITIN does not authorize a foreign individual to work or live in the United States.† An ITIN remains valid indefinitely, even if not used on a tax return or for other tax-related purposes. †

We recommended that the IRS develop a process to identify and deactivate ITINs assigned to individuals who no longer have a tax filing requirement.† In response, the IRS stated that ITINs issued after January 1, 2013, will expire after five years.† Individuals who still need an ITIN after the five-year expiration will have to reapply.† Furthermore, the IRS continues to explore options for deactivating ITINs assigned to individuals prior to January 1, 2013, who no longer have a tax filing requirement.† Based on our analysis, we believe the IRS should not delay in its development of such a process because ****************2**************************** *********2****************************************************************2*********************.† Implementing such a process will assist the IRS in reducing the likelihood that the ITIN can be used to file a fraudulent tax return.

Figure 6 provides a breakdown relating to the assignment year of the ITINs used on the potentially fraudulent tax returns we identified.† It shows those ITINs assigned over five years ago and those assigned within the last five years.

Figure 6:† Analysis of ITIN Assignment Year for ITINs
Used to File Undetected Potentially Fraudulent Tax Returns

ITIN Assignment Tax Year

Tax Returns

Refunds Issued

ITINs More Than 5 Years Old

84,821

$ 216,932,792

ITINs 5 Years Old or Less

56,241

$ 167,605,923

Total

141,062

$ 384,538,715

Source:† TIGTA analysis of Tax Year 2011 tax returns and the IRSís Real-Time System.

Recommendation

Recommendation 1: †To reduce the potential for tax filing fraud, the Commissioner, Wage and Investment Division, should implement a process to deactivate ITINs assigned to individuals prior to January 1, 2013, who no longer have a tax filing requirement.

Managementís Response:† IRS management agreed with this recommendation.† An implementation team is addressing the deactivation process for ITINs issued prior to 2013 and is developing an enterprisewide process to accomplish that objective.

Office of Audit Comment:† IRS management agreed with our recommendation, but did not agree to the related outcome measure. †IRS managementís response assumes that employer noncompliance with reporting requirements may account for a significant portion of the tax returns we identified.† However, as we detail in the report, each of the 141,062 tax returns had the characteristics of IRS-confirmed identity theft cases involving the use of an ITIN.† Furthermore, our analysis of the Employer Identification Numbers on the Forms W-2 associated with the potentially fraudulent tax returns found that over 90 percent belonged to businesses that had submitted Forms W-2 for other individuals.

IRS management indicated they will develop an enterprise-wide process to deactivate ITINs issued prior to January 1, 2013.† Nonetheless, they note that such a process will not be in place until 2017.† As noted in our report, we believe this delay will contribute to the continued loss of potentially $385 million annually until the process is in place.

Continued Expansion of Identity Theft Filters Can Increase Detection of Fraudulent Tax Returns

The IRS uses characteristics of confirmed identity theft cases to build filters to identify other fraudulent tax returns.† The IRSís success at identifying fraudulent tax returns and preventing the issuance of fraudulent tax refunds continues to increase with the expansion of these filters.† The identity theft filters incorporate criteria based on characteristics of confirmed identity theft tax returns, *************************2**** **************************************2*******************.† Below are key characteristics of the 1.2 million undetected potentially fraudulent tax returns we identified.

Tax returns signed by a paid preparer

We identified that 357,235 (33 percent)[18] of the 1.1 million potentially fraudulent tax returns using an SSN were signed by a paid preparer.† These 357,235 tax returns involved 107,161 preparers and had tax refund claims totaling approximately $1.2 billion.† There were 114,669 (81 percent) of the 141,062 potentially fraudulent tax returns using an ITIN that were signed by a paid preparer.† These 114,669 tax returns involved 19,655 preparers and had tax refund claims totaling $308 million.† Figure 7 shows paid preparers that filed multiple potentially fraudulent tax returns.

Figure 7:† Tax Return Preparers Filing Most Undetected Tax Returns

Undetected Tax Returns Filed Using an SSN

 

Paid Preparer

Number of Tax Returns

Refunds Issued

Preparer A[19]

5,506

$ 26,819,367

Preparer B

1,747

$ 12,043,332

Preparer C

1,746

$ 2,260,037

Preparer D

881

$ 1,987,204

Preparer E

819

$ 2,758,326

Undetected Tax Returns Filed Using an ITIN

 

Paid Preparer

Number of Tax Returns

Refunds Issued

Preparer A

1,590

$ 4,044,810

Preparer F

839

$ 2,409,816

Preparer G

766

$ 5,142,053

Preparer H

706

$ 2,129,543

Preparer I

388

$ 930,565

Total

14,988

$ 60,525,053

Source:† TIGTA analysis of Tax Year 2011 tax returns.

Authenticating taxpayers remains a challenge for the IRS

Although the IRS is working toward finding ways to determine which tax returns are legitimate, it could do more to prevent identity thieves from electronically filing (e-filing) tax returns.Of the 1.2 million potentially fraudulent undetected tax returns, more than 1.1 million (93 percent) were e-filed.† Before a tax return can be e-filed, the taxpayer must verify his or her identity with the correct date of birth and either the prior yearís tax return Self‑Select Personal Identification Number (PIN) or Adjusted Gross Income.† However, we have determined that this control can be circumvented.† If the taxpayer does not remember his or her information, he or she can go to IRS.gov, the IRSís public Internet website, to obtain an Electronic Filing PIN.† An Electronic Filing PIN is obtained by providing personal information that the IRS matches against data on the prior yearís tax return filed by the taxpayer.† Alternatively, a taxpayer can call the IRS and follow automated prompts to receive an Electronic Filing PIN.

For the 2013 Filing Season, the IRS has required the taxpayer to provide additional Personally Identifiable Information, including requiring the taxpayerís address.† Nonetheless, it remains a challenge for the IRS to authenticate taxpayers.† For example, the IRS has not adopted industry practices of shared secrets, such as security challenge questions, to authenticate taxpayers, e.g., motherís maiden name or the name of first pet.

TIGTA analysis of more than 900,000[20] undetected e-filed tax returns identified that taxpayers signed their tax return using the Self-Select PIN method for 508,210 (56 percent) of the returns.† This method is required for any taxpayer filing a tax return using an online software package.† An Electronic Filing PIN was provided for authentication for 150,683 (30 percent) of the 508,210 tax returns signed using the Self-Select PIN method.†

The remaining 393,374 e-filed tax returns were prepared by a paid tax practitioner who chose and entered a PIN on behalf of the taxpayer or had the taxpayer create a PIN themselves.† Taxpayers can authorize a practitioner (who is responsible for ensuring that the taxpayer is who they say they are) to sign the return for them by completing Form 8879, IRS e-file Signature, before the return is submitted to the IRS.†

Analysis of addresses used on the undetected tax returns

Our analysis of undetected tax returns continues to identify commonalities in the addresses used on the potentially fraudulent tax return.† As previously mentioned, the IRS developed a filtering tool that will use a clustering method which will include grouping tax returns based on address, zip code, and/or bank routing number to which a tax refund will be issued.† These clusters will then be filtered through various business rules to identify potentially fraudulent tax returns. †However, this filtering tool was not in place when the Tax Year 2011 tax returns we analyzed were processed.† Figures 8, 9, and 10 provide examples of the commonalities we identified.

Figure 8:† Top Five Countries in the Mailing Address
on Undetected Tax Returns
[21]

Country

Number of Tax Returns

Refunds Issued

Bulgaria

701

$ 490,735

Lithuania

676

$ 228,993

Ireland

657

$ 282,926

China

443

$ 240,724

Canada

337

$ 698,166

Source:† TIGTA analysis of Tax Year 2011 tax returns.

Figure 9:† Top Five Cities in the Mailing Address
on Undetected Tax Returns

City

Tax Returns

Refunds Issued

Undetected Tax Returns Filed Using an SSN

Miami, Florida

37,661

$ 147,386,612

Chicago, Illinois

22,872

$ 70,635,832

Detroit, Michigan

19,528

$ 70,367,655

Atlanta, Georgia

18,586

$ 53,372,590

Houston, Texas

16,437

$ 55,497,521

Undetected Tax Returns Filed Using an ITIN

Los Angeles, California

4,513

$ 9,204,059

Las Vegas, Nevada

3,226

$ 10,025,227

Houston, Texas

3,157

$ 7,456,065

Chicago, Illinois

2,991

$ 7,285,481

Phoenix, Arizona

2,315

$ 8,362,458

Total

131,286

$ 439,593,500

Source:† TIGTA analysis of Tax Year 2011 tax returns.

Figure 10:† Top Five Addresses Used on Undetected Tax Returns

 

Address

Tax Returns

Refunds Issued

Undetected Tax Returns Filed Using an SSN

 

Address 1 in Kaunas, Lithuania

655

$ 220,489

 

Address 2 in Orlando, Florida

580

$ 870,253

 

Address 3 in Lakewood, Colorado

355

$ 1,001,707

 

Address 4 in Shanghai, China

343

$ 156,533

 

Address 5 in Orlando, Florida

291

$ 466,409

Undetected Tax Returns Filed Using an ITIN

 

Address 6 in Santa Ana, California

240

$ 576,552

 

Address 7 in Salinas, California

201

$ 785,793

 

Address 8 in Mountlake Terrace, Washington

194

$ 554,866

 

Address 9 in Milwaukee, Wisconsin

159

$ 858,981

 

Address 10 in Sanford, North Carolina

127

$ 787,358

 

Total

3,145

$ 6,278,941

Source:† TIGTA analysis of Tax Year 2011 tax returns.

Addresses used on potentially fraudulent tax returns using an ITIN were also used by more than 5,000 individuals to obtain an ITIN

We performed an additional analysis using the addresses shown on the undetected potentially fraudulent tax returns filed with ITINs that we identified.† TIGTA previously reported that many individuals applying for ITINs using a Form W-7, Application for IRS Individual Taxpayer Identification Number, are using the same addresses to submit questionable ITIN applications.† We matched the top five addresses used on the undetected potentially fraudulent tax returns we identified (addresses listed in Figure 10) to information contained in the IRSís Real-Time System to determine how many ITINs were assigned to individuals using the same address as listed on the potentially fraudulent tax returns.† For example, for Address 8 in Mountlake Terrace, Washington:

       194 individuals filed potentially fraudulent returns with refunds issued totaling $554,866 listing this as their address on the tax return (see Figure 10).

       1,947 ITINs were assigned to individuals who listed this as their address on their ITIN application per information available in the IRSís Real-Time System.†

Figure 11 shows the number of ITINs assigned to individuals using the same addresses we identified as being used on multiple undetected potentially fraudulent tax returns.†

Figure 11:† ITIN Applications Assigned Using the Same Address
As Addresses Used to File Potentially Fraudulent Tax Returns

Address

ITINs Assigned Using These Addresses

Address 6 in Santa Ana, California

0[22]

Address 7 in Salinas, California

39

Address 8 in Mountlake Terrace, Washington

1,947

Address 9 in Milwaukee, Wisconsin

1,841

Address 10 in Sanford, North Carolina

1,287

Total

5,114

Source:† TIGTA analysis of Tax Year 2011 tax returns and the IRSís Real-Time System.

We plan to evaluate the IRSís success in using the clustering tool to group tax returns based on address, zip code, and/or bank routing number to which a tax refund will be issued.† This evaluation will be part of our continued coverage of identity theft in Fiscal Year 2014 and our analysis of Tax Year 2012 tax returns.

Recommendation

Recommendation 2:† The Commissioner, Wage and Investment Division, should continue to analyze characteristics of fraudulent tax returns resulting from identity theft to refine and expand identity theft filters used to detect and prevent the issuance of fraudulent tax refunds resulting from identity theft. †This should include using the characteristics of questionable ITIN application data.

Managementís Response:† IRS management agreed with this recommendation.† During the 2012 and 2013 Filing Seasons, the Taxpayer Protection Program identified opportunities for improvement to the filter processes and implemented changes that improved their performance and effectiveness.† The IRS plans to continue to evaluate the feasibility and impact of changes to the Dependent Database filters and ITIN Real-Time System.† The IRS will prepare a risk assessment that, in addition to determining the scope and costs of programming needed to automate the process, will address mitigating controls that can be implemented in the event the requested programming changes are not funded.

Actions Still Have Not Been Taken to Prevent Multiple Tax Refunds From Being Deposited to the Same Bank Account

The inability of the IRS to ensure the accuracy of direct deposit account information continues to be a factor in the ease with which individuals can receive fraudulent tax refunds.† Our analysis of the 1.2 million undetected Tax Year 2011 tax returns found that 1 million (84 percent) of the tax returns used direct deposit to obtain tax refunds totaling approximately $3.5 billion.† As we previously reported, direct deposit, which now includes debit cards,[23] is often used by identity thieves to obtain fraudulent tax refunds.† ****************2**************************** ***************************************2********************************************************************* ***2*****************************************************************************2*************************** *****************************************2************************.† Each method of obtaining a debit card requires a different level of verification in order to acquire a card.

**************************************2*********************************** **************2*****************.† Individuals who request to have their tax refund deposited onto a debit card enter a bank account number and bank routing number provided by the debit card company on their tax return ***********2************************* *****************2******************.† In addition, each method of obtaining a debit card requires a different level of verification in order to acquire a card. †To open a bank account, an individual generally must present at least one form of identification such as a driverís license or other picture identification.

A prior TIGTA report recommended that the IRS limit the number of tax refunds sent to the same account

The problem we identified in our previous analysis of Tax Year 2010 tax returns is still evident; multiple Tax Year 2011 tax refunds continue to be deposited into the same bank account(s).† Figure 12 shows the top direct deposit accounts used multiple times.

Figure 12:† Analysis of Multiple Deposits to the Same Bank Account

Direct Deposits Per Bank Account
(one bank account per row)

Tax Refunds
Deposited to the Account

 

 

Undetected Tax Returns Filed Using an SSN

446

$ 591,447

 

429

$ 531,204

 

401

$ 499,964

 

275

$ 344,767

 

249

$ 244,112

 

 

Undetected Tax Returns Filed Using an ITIN

184

$ 833,670

 

137

$ 628,672

 

106

†$ 310,532

 

97

$ 243,119

 

93

$ 377,978

 

Source:† TIGTA analysis of Tax Year 2011 tax returns.

Our July 2012 report included four recommendations addressing the need to improve controls over direct deposit refunds.† In its response to our report, the IRS stated that it is working with financial institutions to reject direct deposits of refunds from being made into accounts that belong to individuals who do not have the same name as shown on the tax return.† The IRS has not taken any action to limit the number of refunds as recommended by TIGTA.† Moreover, the IRS still has not developed a means to identify direct deposits of tax refunds to accounts associated with a debit card and still cannot ensure that financial institutions are authenticating the identity of individuals purchasing debit cards.† Figure 13 details recommendations we made in our prior report to ensure the accuracy of direct deposits and actions the IRS has taken to date to address these recommendations.

Figure 13:† Report Recommendations and Corrective Actions
the IRS Has Taken Related to Ensuring the Accuracy of Direct Deposits

Recommendation

Corrective Actions Taken to Date

Coordinate with responsible Federal agencies and banking institutions to develop a process to ensure that tax refunds issued via direct deposit are made only to an account in the taxpayerís name.

o   In January 2013, the IRS implemented a pilot program (Opt-In Program) with the Financial Management Service designed to allow financial institutions to reject direct deposit tax refunds based on mismatches between the account name and the name on the tax return. †Once the refund is identified by the institution, it is sent back to the Financial Management Service to be routed back to the IRS.

o   When the IRS receives the rejected refund, it will send a notice to the taxpayer explaining that the tax refund is being researched by the IRS. †As of June 29, 2013, there have been 18,247 refunds returned from financial institutions totaling approximately $60 million.

o   In July 2013, the program is planned to begin its second phase, in which financial institutions will be able to indicate to the IRS their reason for identifying the return as either identity theft or questionable/fraudulent.†

Limit the number of tax refunds issued via direct deposit to the same bank account or debit card account in an attempt to reduce the potential for fraud.

o   As of June 2013, the IRS is considering TIGTAís recommendation.† The IRS developed additional filters designed to identify and stop tax returns with similar direct deposit characteristics.† These filters are being used in the 2013 Filing Season.

Identify and quantify direct deposits of tax refunds to accounts associated with a debit card as well as develop the ability to associate tax refunds deposited to a debit card to a specific tax account.

o   The IRS stated that financial institutions cannot currently distinguish between direct deposit account numbers for deposit accounts and prepaid debit cards.†

o   As of December 13, 2012, the IRS believes that it is under the same limitations as the financial institutions; thus, no further work has been completed on this recommendation.†

Ensure that financial institutions and debit card administration companies authenticate the identity of individuals purchasing a debit card.

o   The IRS indicated that it does not have the authority to implement any restrictions or requirements on how financial institutions and debit card companies authenticate the identity of debit card holders.†

o   As of December 13, 2012, the IRS has stated that it has initiated discussion on this issue with various groups.†

Source:† TIGTA analysis on status of prior TIGTA report recommendations.

As we previously reported, the IRS Return Integrity and Correspondence Servicesí Integrity and Verification Operation[24] has implemented a program in which the IRS works with financial institutions to obtain information on questionable tax refunds.† The IRS refers to this program as the External Leads Program.† The External Leads Program receives leads regarding questionable tax refunds identified by financial institutions, government and law enforcement agencies, State agencies, etc.† For Processing Year 2013, the IRS is partnering with 201 financial institutions to identify and return questionable tax refunds.† In Calendar Year 2012, the IRS recovered 210,003 fraudulent tax refunds totaling more than $779 million through this program.† This program relies on the banks to provide the IRS with much-needed information to identify potentially fraudulent tax refunds.† We are currently conducting an audit to assess the effectiveness of the External Leads Program in recovering questionable tax refunds.†

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

The overall objective of this review was to determine whether the IRS has improved its programs and procedures to identify and prevent fraudulent tax refunds resulting from identity theft. †This review focused on identity theft related to tax refunds, which generally occurs when an individual uses another personís name and SSN to file a fraudulent tax return in order to obtain a fraudulent tax refund.† To accomplish the objective, we:

I.                 Assessed the adequacy of the IRSís implementation of corrective actions in response to our prior audit report.[25]

A.    Identified approximately 1.1 million potential tax returns filed by identity thieves for Tax Year[26] 2011 based upon criteria used in our previous identity theft review.† In addition, identified more than 141,000 Tax Year 2011 tax returns filed using an ITIN by potential identity thieves.

1.     Performed data analysis on Data Center Warehouse files and Strategic Data Services extracted data to identify potential identity theft tax returns filed for Tax Year 2011.† We identified populations (over age, under age, deceased, etc.) vulnerable to identity theft who have filed for a refund for Tax Year 2011.

2.     Stratified identified populations by applicable fields such as income type, number of ITINs, multiple returns to one address, and multiple direct deposits into one account.

3.     Validated the reasonableness of our criteria by reviewing a judgmental sample of tax returns filed by taxpayers in each segment identified to determine if the tax returns appear to be fraudulent.

B.    Compared the Tax Year 2011 population of potential identity theft tax returns to the population identified during our previous identity theft review.

II.               Identified control breakdowns that continue to result in the issuance of fraudulent tax refunds resulting from identity theft that were identified in Step I.

A.    Using the characteristics of the tax returns identified in Step I, assessed the adequacy of the IRSís implementation of corrective actions and whether inadequate implementation continues to result in fraudulent tax refund issuance, e.g., lack of a process to use third-party information, multiple tax refunds continuing to be sent to same account/address.†

B.    Obtained statistics on the identity theft filters for Processing Year 2012 and verified the accuracy of the statistics.

C.    Determined the number of deceased locks the IRS has placed on taxpayer accounts.†

D.    Determined if we can identify the PIN method used to e‑file the taxpayerís tax return to assess whether the method used to obtain the PIN may be contributing to the ability to file fraudulent e-filed tax returns.

1.     Determined the requirements for requesting a Self-Select PIN via the IRS Internet site (IRS.gov) and by calling the IRS and identified any discrepancies in the type of information required to obtain a PIN.

2.     Evaluated the methods used to file with a Self-Select PIN in our population of identity theft returns in Step I.A.

III.             Assessed the status of the IRSís proactive initiatives to identify and prevent fraudulent tax refunds resulting from identity theft.

A.    Determined the status of the IRSís implementation of identity theft filters used to identify fraudulent tax returns at the time of tax return processing.

B.    Assessed the status of the IRSís initiative to share information with local law enforcement.†

1.     Interviewed IRS management to determine the specifics of the pilot program initiated in Florida to coordinate with law enforcement to assist in the investigation of identity theft.† We obtained pertinent documents, including timelines for implementing the pilot and the IRSís plans to expand the pilot or implement the program.

2.     Obtained key statistics relating to the pilot program, including the number of States participating and the number of related arrests resulting from the pilot.

C.    Reviewed the role of the Identity Theft Clearinghouse.† We determined how the organization identifies characteristics of identity theft cases, uses those characteristics to help prevent identity theft, and coordinates with other functions of the IRS.

D.    Determined the status of IRS efforts to expand the locking of tax accounts, including those of deceased taxpayers and individuals without a tax filing requirement.

Data validation methodology

During this review, we relied on data extracted from the IRSís Individual Returns Transaction File for Processing Year 2012, †the Individual Master File for Tax Year 2011, the National Account Profile database, the Form W-2 File for Tax Year 2011, the Modernized Tax Return Database, and the Real-Time System database located on the TIGTA Data Center Warehouse.† We also relied on data extracts from the IRSís Individual Master File for Tax Year 2011 and an extract from the IRSís Information Returns Master File database for Tax Year 2011 that were provided by the TIGTA Office of Investigationsí Strategic Data Services.† Before relying on our data, we ensured that each file contained the specific data elements we requested.† In addition, we selected random samples of each extract and verified that the data in the extracts were the same as the data captured in the IRSís Integrated Data Retrieval System.† As a result of our testing, we determined that the data used in our review were reliable.†

Internal controls methodology

Internal controls relate to managementís plans, methods, and procedures used to meet their mission, goals, and objectives.† Internal controls include the processes and procedures for planning, organizing, directing, and controlling program operations.† They include the systems for measuring, reporting, and monitoring program performance.† We determined the following internal controls were relevant to our audit objective:† the internal controls prescribed by the IRSís Internal Revenue Manual sections that are used by the IRS Accounts Management and Submission Processing functions to process identity theft tax returns.† We evaluated those internal controls by interviewing management and reviewing policies and procedures.† We also conducted tests of the IRSís procedures to prevent identity theft tax returns from being processed.

Appendix II

 

Major Contributors to This Report

 

Augusta R. Cook, Acting Assistant Inspector General for Audit (Returns Processing and Account Services)

Russell P. Martin, Acting Assistant Inspector General for Audit (Returns Processing and Account Services)

Deann L. Baiza, Director

Sharla J. Robinson, Audit Manager

Jonathan W. Lloyd, Lead Auditor

J. Edmund Carr, Audit Evaluator

Karen C. Fulte, Senior Auditor

 

Appendix III

 

Report Distribution List

 

Acting Commissioner

Office of the Commissioner Ė Attn:† Chief of Staff† C

Office of the Deputy Commissioner for Services and Enforcement† SE

Chief, Criminal Investigation† SE:CI

Deputy Commissioner, Operations, Wage and Investment Division† SE:W

Deputy Commissioner, Support, Wage and Investment Division† SE:W

Deputy Director, Strategy and Finance, Wage and Investment Division† SE:W:S

Director, Customer Account Services, Wage and Investment Division† SE:W:CAS

Director, Refund Crimes† SE:CI:RC

Director, Return Integrity and Correspondence Services, Wage and Investment Division† SE:W:RICS

Director, Technology Operations and Investigative Services† SE:CI:TOIS

Program Manager, Integrity and Verification Operations, Wage and Investment Division† SE:W:RICS

Chief, Program Evaluation and Improvement, Wage and Investment Division† SE:W:S:PEI

Director, Submission Processing, Wage and Investment Division† SE:W:CAS:SP

Chief Counsel† CC

National Taxpayer Advocate† TA

Director, Office of Legislative Affairs† CL:LA

Director, Office of Program Evaluation and Risk Analysis† RAS:O

Office of Internal Control† OS:CFO:CPIC:IC

Audit Liaison:† Chief, Program Evaluation and Improvement, Wage and Investment Division† SE:W:S:PEI

 

Appendix IV

 

Outcome Measures

 

This appendix presents detailed information on the measurable impact that our recommended corrective actions will have on tax administration.† These benefits will be incorporated into our Semiannual Report to Congress.

Type and Value of Outcome Measure:

       Cost Savings, Funds Put to Better Use Ė Potential; $376,648,103[27] ($1,883,240,515 over five years) in potentially fraudulent tax refunds issued from tax returns filed with an ITIN[28] meeting the tax return characteristics of identity theft cases confirmed by the IRS (see page 9).

Methodology Used to Measure the Reported Benefit:

We obtained lists of identity theft cases confirmed by the IRS and reviewed these cases to identify common characteristics.† We determined that most of the confirmed identity theft cases we reviewed did not have *******************2*****************************to support the income claimed on the tax return.† We applied the characteristics of these cases to all Tax Year 2011 tax returns filed and then filtered our analysis for those using an ITIN on the IRSís Individual Return Transaction File[29] that were processed in Processing Year 2012.† These returns were filed with an ITIN instead of an SSN.† We identified the most egregious cases of potential identity theft, which are those that ************2************************ ***************************************2********************************.

Using the previously mentioned characteristics, we identified 141,062 tax returns filed using an ITIN that appear to be the result of identity theft.† Further analysis showed that the IRS had issued $384,538,715 in tax refunds on these questionable tax returns.† Based on the outcome measure reported in another TIGTA audit report (Ref. No. 2013-40-120, Sept. 2013), we reduced the number of tax returns and subsequent refunds issued for 2,812 tax returns that appear in our population of 141,062 tax returns and in the other auditís population.† Therefore, for this outcome measure, we are reporting 138,250 tax returns filed using an ITIN that appear to be the result of identity theft, which resulted in the issuance of $376,648,103 in refunds.†

Unless the IRS takes corrective action, we believe the IRS will continue to issue significant fraudulent tax refunds resulting from identity theft each year.† As such, we estimate that the IRS will issue $1,883,240,515 in potentially fraudulent tax refunds as a result of identity theft over the next five years ($376,648,103 x 5 = $1,883,240,515).

Type and Value of Outcome Measure:

       Taxpayer Privacy and Security Ė Potential; 138,250[30] tax accounts filed with an ITIN were compromised as a result of weaknesses in the IRSís controls to detect and prevent identity theft (see page 9).

Methodology Used to Measure the Reported Benefit:

Our analysis of Tax Year 2011 tax returns processed during Processing Year 2012 described previously identified 141,062 potentially fraudulent tax returns that were improperly posted to an ITIN tax account.† Individuals have an expectation that their accounts with the IRS will be secured and not used for fraudulent purposes.  By processing the fraudulent tax refunds associated with these tax returns, the IRS did not secure the accounts of 141,062 taxpayers.  Many of these individuals may now have to work with the IRS to provide information to prove that their identities were stolen and reestablish the accuracy of their tax accounts.

Based upon the outcome measure reported in another TIGTA audit report,[31] we reduced the number of tax returns and subsequent refunds issued for 2,812 tax returns that appear in our population of 141,062 tax returns and in the other auditís population.† As such, this outcome measure includes the remainder of 138,250 tax returns.

 

Appendix V

 

Glossary of Terms

 

Term

Definition

Calendar Year

The 12-consecutive-month period ending on December 31.

Data Center Warehouse

A collection of IRS databases containing various types of taxpayer account information that is maintained by TIGTA for the purpose of analyzing data for ongoing audits.

Federal Trade Commission

The primary Federal agency responsible for receiving identity theft complaints.

Filing Season

The period from January through mid-April when most individual income tax returns are filed.

Financial Management Service

The Financial Management Service is a bureau of the U.S. Department of the Treasury providing central payment services to Federal Program Agencies, operating the Federal Governmentís collections and deposit systems, providing Governmentwide accounting and reporting services, and managing the collection of delinquent debt owed to the Government.†

Form W-2 File

The Form W-2 File from the Data Center Warehouse is an extract of
Form W‑2, Wage and Tax Statement, information filed by employers from the Information Returns Master File database.

Individual Master File

An IRS database that maintains transactions or records of individual tax accounts.

Individual Returns Transaction File

An IRS database containing transcribed tax returns for individuals that includes most forms and schedules.

Individual Taxpayer Identification Number

The IRS created the ITIN to provide a Taxpayer Identification Number to individuals who do not have and are not eligible to obtain an SSN.

Information Returns Master File

An IRS database that contains third-party information documents for taxpayers, such as Forms W-2 and Forms SSA‑1099, Social Security Benefit Statement.

Integrated Data Retrieval System

IRS computer system capable of retrieving or updating stored information. †It works in conjunction with a taxpayerís account records.

Internal Revenue Manual

Provides procedural guidance for IRS operations.

Internal Revenue Service Number

An Internal Revenue Service Number is a temporarily assigned number used as an internal identifying number until a permanent Taxpayer Identification Number is supplied.†

Master File

The IRS database that stores various types of taxpayer account information.† This database includes individual, business, and employee plans and exempt organizations data.

Modernized Tax Return Database

The Modernized Tax Return Database is the legal repository for original
e-filed returns received by the IRS through the Modernized e-File system.

National Account
Profile Database

A compilation of selected entity data from various Master Files that also includes data from the Social Security Administration.

Processing Year

The calendar year in which the tax return or document is processed by the IRS.

Real-Time System

The Real-Time System is the IRS system that houses ITIN application information.

Tax Year

A 12-month accounting period for keeping records on income and expenses used as the basis for calculating the annual taxes due.† For most individual taxpayers, the tax year is synonymous with the calendar year.

Taxpayer Identification Number

A Taxpayer Identification Number is a nine-digit number assigned to taxpayers for identification purposes.† Depending upon the nature of the taxpayer, it can be an Employer Identification Number, an SSN, or an ITIN.

 

Appendix VI

 

Managementís Response to the Draft Report

 

DEPARTMENT OF THE TREASURY

INTERNAL REVENUE SERVICE

ATLANTA, GA 30308

 

 

COMMISSIONER

WAGE AND INVESTMENT DIVISION

 

 

 

September 6, 2013

 

 

MEMORANDUM FOR MICHAEL E. MCKENNEY

†††††††††† ACTING DEPUTY INSPECTOR GENERAL FOR AUDIT

 

 

FROM: ††††††††††††††† ††††††††††††Peggy Bogadi /s/ Peggy Bogadi

††††††††††† Commissioner, Wage and Investment Division

 

SUBJECT: ††††††††††††††††††††† Draft Audit Report - Detection Has Improved; However, Identity Theft Continues to Result in Billions of Dollars in Potentially Fraudulent Tax Refunds (Audit # 201240044)

 

We appreciate the opportunity to review your draft report on the improvements the IRS has made in detecting and stopping fraudulent claims for refund, specifically, those attributable to identity theft. †The tactics employed by unscrupulous individuals in committing identity theft related refund fraud are constantly evolving, and the practice remains a threat to the tax system. †Leading into and during the 2012 Filing Season, the IRS expanded the use of analytical filters to identify a greater number of characteristics commonly associated with identity theft. †By the Treasury Inspector General for Tax Administration's (TIGTA) own estimates, IRS efforts reduced the value of undetected potentially fraudulent† refunds by more than 30%, or $1.6 billion, compared to the Tax Year 2010 returns in the TIGTA's previous report.1

 

The use of filters was further expanded during the 2013 Filing Season. †We also revised processes to proactively lock accounts at increased risk of identity theft, and have developed more sophisticated data models to detect patterns of fraud as they emerged during the year. †Another notable accomplishment in combating refund fraud by identity theft was launching the pilot program that permitted the sharing of data with State and Local law enforcement agencies. †We believe the expansions and improvements to fraud filters and other processes will cause the projected fraud losses to continue to decrease for Tax Year 2013 and beyond.

 

We disagree with the estimated $385 million in refund fraud attributed to Individual Taxpayer Identification Numbers (ITIN) in the TIGTA's analysis and, consequently, also disagree with the five-year projected Outcome Measure of $1.88 billion. †The TIGTA acknowledges that some potentially fraudulent tax returns identified by the analysis could be the result of non-reporting of income and withholding by employers. †In such cases, the failure of an employer to comply with their reporting requirements does not equate to refund fraud committed by the employee if wages were actually earned and income tax withheld. †We believe additional testing of a statistically valid sample should have been performed to address this possibility when estimating potential refund fraud.

 

We remain committed to addressing potential fraud through the use of ITINs by developing the policy and processes to ensure ITINs expire when no longer needed for tax administration purposes. †Attached are our comments to your recommendations. †If you have any questions, please contact me, or a member of your staff may contact Jodi L. Patterson, Director, Return Integrity and Correspondence Services, Wage and Investment Division, at (404) 338-9042.

 

Attachment

 

1 TIGTA, Ref. No. 2012-42-080, There Are Billions of Dollars in Undetected Tax Refund Fraud Resulting From Identity Theft (Jul. 2012).

 

Attachment

 

Recommendation

 

Recommendation 1

To reduce the potential for tax filing fraud, the Commissioner, Wage and Investment Division, should implement a process to deactivate ITINs assigned to individuals prior to January 1, 2013, who no longer have a tax filing requirement.

 

Corrective Action

An implementation team is addressing the deactivation process for Individual Taxpayer Identification Numbers (ITIN) issued prior to 2013, and is developing an enterprise-wide process to accomplish that objective.

 

Implementation Date

June 15, 2017

 

Responsible Official

Director, Submission Processing, Customer Account Services, Wage and Investment Division

 

Corrective Action Monitoring Plan

We will monitor this corrective action as part of our internal management control system.

 

Recommendation

 

Recommendation 2

The Commissioner, Wage and Investment Division, should continue to analyze characteristics of fraudulent tax returns resulting from identity theft to refine and expand identity theft filters used to detect and prevent the issuance of fraudulent tax refunds resulting from identity theft. †This should include using the characteristics of questionable ITIN application data.

 

Corrective Action

During the 2012 and 2013 Filing Seasons, the Taxpayer Protection Program identified opportunities for improvement to the filter processes and implemented changes that improved their performance and effectiveness. †We will continue to evaluate the feasibility and impact of changes to the Dependent Database filters and ITIN Real-Time System. †We will prepare a risk assessment that, in addition to determining the scope and costs of programming needed to automate the process, will address mitigating controls that can be implemented in the event the requested programming changes are not funded.

 

Implementation Date

October 15, 2014

 

Responsible Official

Director, Submission Processing, Customer Account Services, Wage and Investment Division

 

Corrective Action Monitoring Plan

We will monitor this corrective action as part of our internal management control system.



[1] Ref. No. 2012-42-080.

[2] See Appendix V for a glossary of terms.

[3] TIGTA, Ref. No. 2012-42-080, There Are Billions of Dollars in Undetected Tax Refund Fraud Resulting From Identity Theft (Jul. 2012).†

[4] These were filters that were implemented prior to April 15, 2012.

[5] For the same period in Processing Year 2012, the IRS identified 79,273 tax returns and prevented the issuance of approximately $562 million in fraudulent tax refunds.

[6] The IRS locked the majority of the 10 million accounts in December 2012; therefore, the increased benefit of refunds prevented should be realized during Processing Year 2013.†

[7] **********************************************2**************************************************************2********************************.

[8] This category contains tax returns filed with income claimed for which there is no supporting income documents that would indicate the legitimate taxpayers did not have a tax return filing requirement.

[9] We plan to conduct a separate review to evaluate the IRSís efforts to improve the detection and prevention of prisoner tax fraud later this fiscal year.†

[10] This estimate includes only those tax returns filed on tax accounts that contain an identity theft indicator added on or before December 31, 2012.†

[11] This estimate is based only on the duplicate use of the primary SSN when the tax refund was reversed.

[12] The $4 billion represents $3.6 billion in refunds for tax returns filed using an SSN and $385 million in refunds for tax returns filed using an ITIN.

[13] This category consisted primarily of ITINs, but there were 550 Internal Revenue Service Numbers.

[14] The Taxpayer Identification Numbers in this category did not have identifiable characteristics that would indicate the taxpayer may not have a filing requirement.†

[15] TIGTA, Ref. No. 2012-42-081, Substantial Changes Are Needed to the Individual Taxpayer Identification Number Program to Detect Fraudulent Applications (Jul. 2012).

[16] The Social Security Administration maintains a Death Master File containing records of more than 65 million deaths, giving information on each decedent such as name, SSN, date of birth, and date of death.† The Death Master File is one of the Governmentís most effective tools against financial fraud.

[17] Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001, Pub. L. 107-56, 115 Stat. 272.† Also known as the USA PATRIOT Act.†

[18] Percentage is based on the actual number of 1,086,998 tax returns.

[19] This same preparer also filed 1,590 tax returns using ITINs.

[20] We did not include more than 200,000 of the 1.1 million e-filed tax returns in this analysis because they were filed using a backup processing system, and we did not obtain a data extract of this information.

[21] Tax returns filed using an ITIN are not included in this chart as there were only six of the 141,000 cases that were filed from another country.† The top five countries presented are other than the United States.†

[22] There were no ITINs assigned using this address on the ITIN application.

[23] These include prepaid debit cards as well as reloadable cards.

[24] The IRS Integrity and Verification Operation was formally known as the Accounts Management Taxpayer Assurance Program.† The Integrity and Verification Operation name change was effective January 13, 2013.

[25] TIGTA, Ref. No. 2012-42-080, There Are Billions of Dollars in Undetected Tax Refund Fraud Resulting From Identity Theft (Jul. 2012).

[26] See Appendix V for a glossary of terms. †

[27] The outcome measure was reduced from the $384,538,715 presented in the report to avoid taking an outcome measure on the same taxpayers as those reported in TIGTA, Ref. No. 2013-40-120, Stolen and Falsely Obtained Employer Identification Numbers Are Used to Report False Income and Withholding (Sept. 2013) (see Methodology Used to Measure the Reported Benefit).†

[28] See Appendix V for a glossary of terms.

[29] Analysis performed on the Individual Returns Transaction File used data as of September 26, 2012.

[30] The amount was reduced from the 141,062 presented in the report to avoid reporting an outcome measure on the same taxpayers as those reported in TIGTA, Ref. No. 2013-40-120, Stolen and Falsely Obtained Employer Identification Numbers Are Used to Report False Income and Withholding (Sept. 2013) (see Methodology Used to Measure the Reported Benefit).

[31] TIGTA, Ref. No. 2013-40-120, Stolen and Falsely Obtained Employer Identification Numbers Are Used to Report False Income and Withholding (Sept. 2013).