TIGTA Seal graphic

Treasury Inspector General for Tax Administration

Press Release


September 17, 2012
TIGTA - TIGTA - 2012-44
Contact: David Barnes
(202) 622-3062
David.barnes@tigta.treas.gov
TIGTACommunications@tigta.treas.gov

TIGTA: Improvements Needed to E-Services Security Controls

WASHINGTON - Taxpayer information may be at risk of unauthorized disclosure and misuse when tax professionals electronically submit power of attorney forms (Forms 2848), according to a report publicly released today by the Treasury Inspector General for Tax Administration (TIGTA).

The Internal Revenue Service (IRS) allows certain tax professionals to obtain tax transcripts for clients via the Internet using e-Services Online Tools. By law, the IRS can generally disclose taxpayers’ tax information only to the taxpayer or the taxpayer’s designee or representative.

TIGTA initiated its audit after TIGTA’s Office of Investigations identified a potential e-Services control weakness over electronically submitted powers of attorney.

TIGTA found that tax professionals are using e-Services to circumvent standard IRS procedures and controls by submitting Form 2848 for the sole purpose of ordering and providing transcripts for taxpayers. This allows them to obtain a tax account transcript for taxpayers within minutes. A tax account transcript provides basic information, including marital status, type of return filed Adjusted Gross Income, taxable income and later adjustments, if any.

TIGTA recommended that the IRS: conduct periodic data analysis to identify tax professionals using e-Services inappropriately; verify that tax professionals are obtaining and retaining a signed power of attorney before submitting one through e-Services; periodically review its policies for giving tax professionals e-Services access; and, ensure that unauthorized IRS employees do not have access to e-Services and monitor transactions of employees who have authorized access.

IRS officials agreed with the intent of all but one of TIGTA’s recommendations and planned to improve internal controls for accessing and using e-Services. They did not agree that tax professionals are misusing e-Services, noting that the instructions on the Forum 2848 state that authorization of an eligible representative will allow the individual to receive and inspect confidential tax return data.

“I am troubled that the IRS allows tax professionals to electronically obtain powers of attorney without obtaining proper authorization,” said J. Russell George, Treasury Inspector General for Tax Administration. “The IRS risks unauthorized disclosures of taxpayer information when tax professionals obtain access to taxpayer data without a signed Form 2848. When tax professionals use Form 2848 for other than its intended purposes, they are circumventing IRS controls designed to protect taxpayer information.”

Read the report.

###

Note: The difference between the date TIGTA issues an audit report to the Internal Revenue Service and the date TIGTA publicly releases the report is due to TIGTA's internal review process to ensure that public release is in compliance with Federal confidentiality laws.

A special plugin is required to view PDF documents. To obtain the free PDF reader, please visit the Adobe web site.