Executive Summary

Objective and Scope

Background

Results

Conclusion

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Outcome Measures

Appendix V – Management’s Response to the Draft Report

Executive Summary

The Internal Revenue Service (IRS) collects billions of dollars in tax revenue each year at its processing centers, district offices, and banks under IRS contract. During 1998, audits conducted by the General Accounting Office and the IRS’ Internal Audit function reported that a weak control environment exposed these payments to theft.

In response to these audits, the IRS convened a task force to identify significant characteristics of payment theft cases, including the location where the thefts occurred and whether the IRS ensured taxpayers were not harmed. While the IRS has not issued a final report, a February 1999 briefing document showed that some taxpayers were subjected to collection actions due to the thefts.

The Treasury Inspector General for Tax Administration (TIGTA) Office of Investigations is responsible for investigating thefts of tax payments. It may receive allegations of a stolen payment from the IRS or from other sources. Such sources include local police departments, Postal Inspectors, and the TIGTA toll-free 800 number that is available to the general public. If TIGTA’s investigation determines that the taxpayer’s payment was stolen, TIGTA should notify the IRS by memorandum. The IRS should then ensure that the taxpayer is appropriately compensated.

We conducted this audit in response to a question from the United States Senate Finance Committee on how well the IRS makes taxpayers "whole" after the theft of their payment. To answer this question, we assessed how effectively the IRS identifies, controls, and resolves instances of payment thefts.

Identification of payment theft cases is the first step towards ensuring that taxpayers are made "whole" after their tax payments are stolen. Once potential thefts are identified, they should be properly controlled and resolved to ensure that taxpayers are accurately compensated.

During our audit period, 54 instances of potential payment thefts were identified. While this is a relatively small number, the IRS did not have an effective process for identifying and controlling potential payment theft cases it received as direct referrals from taxpayers. Process improvements are also needed to ensure the IRS consistently:

• Suspends collection activity while cases are under investigation.
• Resolves cases timely and accurately.

The IRS task force identified similar weaknesses and offered recommendations to correct them. However, these recommendations have not been adopted, and we were unable to identify actions taken to address them.

The IRS did not adequately train its employees to identify thefts of payments

Training provided to employees in the two functional areas most likely to identify potential payment thefts did not address this topic. As a result, the IRS cannot ensure that all instances of payment thefts have been identified and referred for investigation.

After the IRS identifies a potential payment theft, it should refer the case to TIGTA and assign the case to an employee’s work inventory. This employee should monitor the taxpayer’s account to prevent collection action from occurring while the case is under investigation. However, the IRS does not provide employees with clear and consistent instructions regarding when cases should be assigned to an employee’s work inventory and what follow-up actions should be taken.

IRS procedures required suspending collection action for a maximum of 105 days. However, procedures did not ensure that the suspension actually occurred and did not require that a suspension be extended if the case was not resolved within this time period.

We identified instances where collection action occurred while cases were being investigated. The IRS task force also identified taxpayers whose accounts were placed in collection status.

Good customer service requires the IRS to quickly reimburse taxpayers after it determines an IRS employee stole a payment. The IRS task force identified 5 payment theft cases where the reimbursement took longer than 30 days.

The IRS’ instructions did not specify procedures to follow to ensure taxpayers incurred no interest and penalty charges due to the thefts.

If the IRS determines a taxpayer should receive a reimbursement, his/her account should be credited as if the theft had not occurred. If not, he/she may incur late payment interest and penalty charges. The IRS task force and our audit identified instances of taxpayers being assessed penalty and interest charges.

The IRS should improve its procedures to ensure that all thefts of payments are properly resolved. Additional emphasis should be placed on training employees in the identification and control of payment theft cases. Procedures should also be changed to prevent taxpayers from receiving collection notices and interest or penalty charges due to the theft.

To ensure taxpayers are not harmed, the IRS should research missing payment complaints to identify potential payment theft cases not previously identified and forwarded to the TIGTA Office of Investigations. The IRS should also establish a consistent process in its instruction manual(s) for identifying and controlling payment theft cases.

Management’s Response: The IRS agreed with most of our recommendations and concurred with our outcome measures, as listed in Appendix IV of this report. The IRS believes that its current payment tracer process satisfies our recommendation to research missing payment complaints, and therefore, it does not plan any additional corrective actions. The IRS will develop a training module to identify, process, refer to TIGTA, control, and monitor thefts. It will update the Internal Revenue Manual to reflect more concise and in-depth procedures for identifying, researching, forwarding, and controlling missing payment complaints. The IRS established the position of "Remittance Security Coordinator" to serve as the "point of contact" and be responsible for ensuring taxpayers accounts are properly credited. Management’s complete response to the draft report is included as Appendix V.

Office of Audit Comment: The IRS needs the information from the cashed check or money order to make a payment tracer. However, if the taxpayer is unable to obtain a copy of the cashed money order, this case may not be referred for investigation. We did not review the IRS’ payment tracer process to determine whether employees identified and referred all instances of potentially stolen remittances. However, we will include this topic in future audit coverage. Also, the "Remittance Security Coordinator" position was established subsequent to our review.

Objective and Scope

The United States (U.S.) Senate Finance Committee raised a question to the Treasury Inspector General for Tax Administration (TIGTA) regarding how well the Internal Revenue Service (IRS) makes taxpayers "whole" after the theft of their payment. We conducted this review to assess the effectiveness of the IRS’ process for ensuring thefts of payments are identified, controlled, and properly resolved.

To accomplish our objective, we:

• Researched and evaluated the IRS’ instructions pertaining to potential payment theft cases.
• Interviewed IRS managers and employees regarding their knowledge and responsibilities for handling payment theft cases and reviewed their training material on the subject.
• Analyzed the results of an IRS task force that focused on identifying significant characteristics of payment theft cases.
• Analyzed 54 potential theft cases closed by the TIGTA Office of Investigations between September 30, 1998, and September 28, 1999. (These cases were not included in the IRS’ task force on payment theft cases.) In 12 of these cases (involving 16 taxpayers), the TIGTA Office of Investigations determined the payment had been stolen.

We conducted our review from October through December 1999. This audit was performed in accordance with Government Auditing Standards.

Details of our audit objective, scope, and methodology are presented in Appendix I. Major contributors to this report are listed in Appendix II.

Background

The IRS collects billions of dollars in tax revenue each year at its processing centers, district offices, and banks under IRS contract. Two General Accounting Office (GAO) reports were issued on security of payments. The audits reported that, "IRS’ controls over receipts and taxpayer data do not adequately reduce the vulnerability of the federal government and taxpayers to loss from theft."

The IRS’ Internal Audit function reached a similar conclusion. This report concluded that taxpayer payments received at processing centers are at risk of theft, loss, or embezzlement.

In response to these reports, the IRS convened a task force that focused on identifying significant characteristics of payment theft cases, including the location where the theft occurred and whether the IRS ensured that taxpayers were not harmed. According to task force information, it reviewed a total of 157 payment theft cases that were investigated from 1991 through 1996. While the IRS has not issued a final report, a February 1999 briefing document showed indications that some taxpayers were subjected to collection actions due to the thefts.

The TIGTA Office of Investigations is responsible for investigating potential thefts of taxpayer payments. It may receive allegations of stolen payments from the IRS or from other sources. Such sources include local police departments, Postal Inspectors, and the TIGTA toll-free 800 number that is available to the general public. If TIGTA’s investigation determines that the taxpayer’s payment was stolen, TIGTA should notify the IRS by memorandum. The IRS should then ensure that the taxpayer is appropriately compensated.

Results

Identification of payment theft cases is the first step towards ensuring that taxpayers are made "whole" after their tax payments are stolen. Once potential thefts are identified, they should be properly controlled and resolved to ensure that taxpayers are accurately compensated.

During our audit period, 54 instances of potential payment thefts were identified. While this is a relatively small number, the IRS did not have an effective process for identifying and controlling potential payment theft cases it received as direct referrals from taxpayers. Process improvements are also needed to ensure the IRS always:

• Suspends collection activity while cases are under investigation.
• Resolves cases timely and accurately.

The IRS task force identified similar weaknesses and offered recommendations to correct them. However, these recommendations have not been adopted, and we were unable to identify any subsequent actions taken to address them.

Identification and Control

The two IRS functions that receive a significant number of telephone calls and letters from taxpayers (referred to as Customer Service and the National Taxpayer Advocate Office) should receive the proper training to identify potential payment theft cases.

For example, a taxpayer may contact the IRS and state that a money order sent to the IRS was not applied to his/her account. The IRS will inform the taxpayer to provide a copy of the cashed money order to help locate where the payment was applied. The IRS may suspend collection action (notices) for several weeks to give the taxpayer time to obtain the copy. If the taxpayer is unable to obtain a copy of the cashed money order or does not contact the IRS again, this case may not be referred for investigation.

Discussions with the IRS’ national training coordinators and an analysis of training material showed that neither function provided employees with training needed to identify payment theft cases. As a result, the IRS cannot ensure that all instances of payment thefts have been identified and referred for investigation.

After the IRS identifies a potential payment theft (e.g., discussion with taxpayer or identified by taxpayer), the IRS should refer the case to the TIGTA Office of Investigations. The IRS should also assign the case to an employee’s work inventory on an IRS computer system. This employee should monitor the taxpayer’s account to ensure that only appropriate collection action occurs while the case is under investigation.

The IRS did not have uniform procedures for controlling payment theft cases. Instead, they were controlled in one of the following three different ways, depending on which functional set of instructions employees used:

• The case was assigned to an employee’s work inventory and the taxpayer’s account monitored to ensure no collection actions occurred.
• The case was assigned to an employee’s work inventory, but closed after the case was referred to the TIGTA Office of Investigations. No further follow-up actions were taken.
• The case was never assigned to an employee’s work inventory and no follow-up actions were taken.

In our sample of 16 taxpayers, we identified 5 taxpayers whose accounts were not controlled on an IRS computer system. If cases are not properly controlled, taxpayers may not be informed of actions being taken by the IRS to resolve the theft, and collection notices may be issued.

To ensure the IRS identifies and controls all payment theft cases, it should:

1. Research missing payment complaints to identify potential payment theft cases not previously identified and forwarded to the TIGTA Office of Investigations.

Management’s Response: The IRS responded that, "We agree that identification of payment theft cases is important. We believe that our current payment tracer process satisfies your recommendation to research missing payment complaints. Therefore, we do not plan any additional corrective actions."

Office of Audit Comment: The IRS needs the information from the cashed check or money order to make a payment tracer. However, as mentioned in the report, if the taxpayer is unable to obtain a copy of the cashed money order, this case may not be referred for investigation. We did not review the IRS’ payment tracer process to determine whether employees identified and referred all instances of potentially stolen remittances. However, we will include this topic in future audit coverage.

2. Place additional emphasis on training IRS employees to identify payment theft cases. Training should address the characteristics of payment thefts and the process for referring them to the TIGTA Office of Investigations.

Management’s Response: The IRS responded that, "We will develop a module to identify, process, refer to TIGTA, control, and monitor thefts. We will incorporate the module into the existing Payment Tracing course material for course 2454, Resolving Payment Tracer Cases. Training will be designed so that Customer Service, TAO [Taxpayer Advocate Office] and Collection can fit it into other training courses. We will include the training material in Courses 3561 (IMF [Individual Masterfile] Adjustments), 3560 (BMF [Business Masterfile] Adjustments) and 3517 (Collection), used by Customer Service and the TAO.

"The current IRM [Internal Revenue Manual] contains processing procedures for theft cases. However, we will update the IRM to reflect more concise and in-depth procedures for identifying, researching, forwarding, and controlling. This update will ensure no incorrect notices are issued, no inappropriate collection activity occurs and any penalties and interest are abated as directed by the ‘Remittance Security Coordinator’ located in each Submission Processing Center."

3. Establish a consistent process for controlling payment theft cases and ensure the IRS instructions are specific for how to identify and control potential payment theft cases.

Management’s Response: The IRS responded that, "As stated previously, we have already established the position of ‘Remittance Security Coordinator.’ We have proposed to TIGTA that the Coordinator serve as the ‘point of contact’ for cases identified by them. To ensure rapid correction of the injured taxpayer’s accounts, we have requested that the TIGTA Office of Investigations provide the appropriate Coordinator with the memorandum identifying injured taxpayers (from an actual theft)."

Office of Audit Comment: The "Remittance Security Coordinator" was established during May 2000, subsequent to our review.

Suspension of Collection Actions

IRS procedures required suspending collection action for a maximum of 105 days. However, the procedures did not ensure that:

• The suspending action was actually taken.
• The suspension was extended if the case was not resolved within this time period.

If the case is not suspended or goes beyond the 105-day suspension period, collection action may occur. In our sample of 16 taxpayers, we identified 2 taxpayers’ accounts where collection action occurred while the cases were under investigation (collection notices).

The IRS task force also identified cases that may have resulted in collection actions while the payment theft cases were under investigation.

• In 20 instances, taxpayers received 4 collection notices.
• In two instances, IRS records indicated levy action was started on the taxpayers’ bank accounts or wages. (A levy is a collection of money by legal authority.)

Management’s Response: The IRS responded that, "Protecting taxpayers from adverse action due to an employee theft must be a joint venture between IRS and the TIGTA Office of Investigations. Procedures will be revised to centralize the control and monitoring of potential theft cases until the taxpayer’s account has been properly credited. The ‘Remittance Security Coordinator’ will manage these cases, including preventing incorrect notices and ensuring proper and rapid credit to the taxpayer account."

Timely and Accurate Resolution

Good customer service requires the IRS to quickly reimburse taxpayers after it determines an IRS employee stole a payment.

If an IRS employee steals a payment, the IRS is responsible for reimbursing the taxpayer for the theft of his/her payment. (The IRS is not responsible for payment thefts occurring outside of the IRS or its agents. If a non-IRS employee steals the payment, the taxpayer’s bank may be responsible for reimbursing the taxpayer.)

The IRS task force study identified 5 payment theft cases where the reimbursements took longer than 30 days.

The IRS’ instructions did not specify procedures to follow to ensure taxpayers incurred no interest and penalty charges due to the thefts.

If the IRS determines a taxpayer should receive a reimbursement, his/her account should be credited as if the theft had not occurred. If not, he/she may incur late payment interest and penalty charges.

In our sample, we identified one taxpayer where the IRS used an incorrect date when posting the reimbursement to the taxpayer’s account. As a result, the taxpayer received penalty and interest charges. The IRS task force also identified two cases with penalty and interest charges.

5. To ensure taxpayers are accurately and timely reimbursed, the IRS should revise its procedures. These revisions should include timeliness standards for compensating taxpayers for stolen payments and for posting payments so taxpayers do not incur interest and penalty charges.

Management’s Response: The IRS responded that, "The Remittance Security Coordinator position, already established, will be responsible for ensuring taxpayers accounts are properly credited. The Coordinator will date stamp memoranda and correspondence concerning these cases so we can monitor timeliness. We will hand carry documents crediting the taxpayer’s account to expedite processing."

Conclusion

The IRS’ internal controls did not ensure that all embezzled payments were identified and controlled, suspended from collection actions while under investigation, and timely and accurately resolved.

An IRS task force identified similar internal control weaknesses and offered recommendations to correct them. However, we could not identify corrective actions taken by the IRS. This leaves taxpayers vulnerable to incorrect collection activity and interest and penalty charges.

Detailed Objective, Scope, and Methodology

Our overall objective was to assess the effectiveness of the Internal Revenue Service’s (IRS) internal controls for ensuring that thefts of taxpayer payments are identified, controlled, and properly resolved. Audit fieldwork was conducted from October through December 1999.

We used case information from the Treasury Inspector General for Tax Administration (TIGTA) Investigations Management Information System on cases opened after September 30, 1998, and closed as of September 28, 1999. A total of 54 potential theft closed investigation cases met our audit scope criteria. Within the 54 cases, we identified 12 cases (involving 16 taxpayers) where a theft of a payment had occurred. We used this limited time period because we wanted to review cases processed after the IRS’ task force published its initial results. We reviewed closed cases only because we wanted to evaluate the entire process the IRS employs for identifying, controlling, and resolving payment theft cases.

I. To determine the effectiveness of the IRS’ process for identifying and controlling potential stolen payment cases and forwarding those complaints to the TIGTA Office of Investigations, we:

1. Researched the IRS instructions and procedures for identifying and controlling taxpayer complaints as they relate to missing or stolen payments.
2. Interviewed the TIGTA Office of Investigations employees regarding how and when potential missing or stolen payment complaints are referred to them.
3. Interviewed the National Taxpayer Advocate for any actions or responsibilities required on missing or stolen payment cases.
4. Analyzed any studies or audits previously performed related to potential theft of payments.
5. Determined the status of the corrective actions recommended in the previously mentioned studies or audits, along with the corrective actions taken.
6. Interviewed the national training coordinators for Customer Service and the Office of the Taxpayer Advocate, and reviewed their training material to determine the extent to which the training and training materials cover how stolen payments should be identified and processed.

1. Timely and proper control by IRS personnel during the time the cases are with the TIGTA Office of Investigations.
2. Suspension of collection actions during the investigations.
3. Impact to the taxpayers if suspension actions are not taken.

1. Analyzed the closed cases in our sample for:
0. The time frame of the case closure date to the reimbursement date.
1. The use of the correct transaction date to credit the taxpayer’s account with the reimbursement payment.
2. The assessment of incorrect interest and penalties associated with the stolen payment.

Major Contributors to This Report

Walter E. Arrison, Associate Inspector General for Audit (Wage and Investment Income Programs)

M. Susan Boehmer, Director

Richard J. Calderon, Audit Manager

Carola A. Gaylord, Senior Auditor

John D. Phillips, Senior Auditor

Steven E. Vandigriff, Senior Auditor

Jennie G. Choo, Auditor

Glory Jampetero, Auditor

Bill H. Richards, Auditor

Steven Stephens, Auditor

Larry J. Wyrick, Auditor

Report Distribution List

Deputy Commissioner Modernization C:DM

Deputy Commissioner Operations C:DO

National Taxpayer Advocate C:TA

Chief Financial Officer M:CFO

Chief Operations Officer OP

Office of the Chief Counsel CC

Office of Management Controls CFO:A:M

Director, Office of Program Evaluation and Risk Analysis M:O

Assistant Commissioner (Customer Service) OP:C

Executive Officer for Service Center Operations OP:SC

Director, Legislative Affairs CL:LA

Audit Liaisons:

Assistant Commissioner (Customer Service) OP:C

National Taxpayer Advocate C:TA

Outcome Measures

This appendix presents detailed information on the measurable impact that our recommended corrective actions will have on tax administration. These benefits will be incorporated into our Semiannual Report to the Congress.

Finding and recommendation:

Taxpayers were not afforded due process granted to taxpayers by procedures. The Internal Revenue Service (IRS) does not effectively control and resolve cases where taxpayer payments have been stolen. A total of 7 of the 16 taxpayers in our sample were identified as being adversely affected by the IRS. The IRS needs to institute policies and procedures to timely and efficiently identify, control and resolve cases of stolen taxpayer payments.

Type of Outcome Measure:

• Reliability of Information - potential
• Taxpayer Burden - actual

Value of the Benefit:

Taxpayers will not receive incorrect bills and notices from the IRS. They will not be charged interest and penalties due to theft. They will not have to contact the IRS for months trying to get their tax account corrected. The IRS should restore the funds to the taxpayer more timely when an IRS employee steals a taxpayer’s payment.

Methodology Used to Measure the Reported Benefit:

The IRS cannot ensure all instances of payment thefts have been identified and referred for investigation. We analyzed 16 stolen taxpayer payments and identified 5 not controlled on the IRS’ computer system. Collection action was not suspended for two taxpayers. The IRS posted the taxpayer’s repayment using the wrong date in one instance that resulted in penalty and interest charges. (NOTE: An individual taxpayer could be included in more than a single category, i.e., did not have his/her case controlled, may have received a collection notice, and/or been assessed penalty and interest charges.)

Management’s Response to the Draft Report

The response was removed due to its size. To see the complete response, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.