Treasury Inspector General for Tax Administration

Office of Audit

The Taxpayer Protection Program Improves Identity Theft Detection; However, Case Processing Controls Need to Be Improved

Issued on June 21, 2013


Highlights of Report Number:† 2013-40-062 to the Internal Revenue Service Commissioner for the Wage and Investment Division.


As part of the IRSís strategy to reduce identity theft, it implemented the Taxpayer Protection Program.† This program reviews tax returns that are proactively identified by the IRS as potential identity theft and stops fraudulent refunds before they are issued.† TIGTA found that the IRSís Taxpayer Protection Program improves identity theft detection.† However, case processing controls need to be strengthened to reduce the burden on taxpayers victimized by identity theft.


This audit was initiated to evaluate whether the Taxpayer Protection Program helped the IRS effectively assist taxpayers and resolve identity theft cases.† The Taxpayer Protection Program is crucial to the IRSís efforts to combat tax refund fraud and help victims of identity theft receive their refunds.† This review addresses the IRSís major management challenge of Tax Compliance Initiatives.


The Taxpayer Protection Program improves identity theft detection.† In Calendar Year 2012, the program identified 324,670 tax returns that involved identity theft and prevented the issuance of fraudulent tax refunds totaling $2.2 billion.† These tax returns were identified before processing was completed to protect tax refunds from being issued.

However, controls over identity theft tax returns worked in the Taxpayer Protection Program need to be strengthened.† Tests of identity theft cases showed that the controls relating to the Taxpayer Protection Program data, cases worked, and training were insufficient.† For example:

       Identity theft indicators are not always input on taxpayer accounts.

       Account Management Services system cases are not clearly documented or closed accurately.

       Timeliness measures to accurately track the time frame to resolve cases have not been established.

        Documentation of employee training is not sufficient.


TIGTA recommended that the IRS develop processes to ensure that required identity theft indicators are placed on taxpayer accounts and employees properly update the Account Management Services system with actions they take when working identity theft cases.† In addition, timeliness measures need to be developed to accurately track the time frame to resolve Taxpayer Protection Program cases.† Employees should complete required training, and documentation should be maintained in the Enterprise Learning Management System.

The IRS agreed with all of our recommendations.† The IRS plans to refine existing procedures to ensure that appropriate identity theft indicators are placed on taxpayer accounts, develop a process for managers to review employee updates on cases, form a cross‑functional group to establish tracking methodologies for measuring cases from initial contact through case closure, and ensure that employee training is updated on the Enterprise Learning Management System.


To view the report, including the scope, methodology, and full IRS response, go to: ††

E-mail Address: ††

Phone Number:†† 202-622-6500