CONTINUED REFINEMENT OF THE RETURN
REVIEW PROGRAM IDENTITY THEFT
DETECTION MODELS IS NEEDED TO INCREASE DETECTION
Final Report issued on December 11, 2015
Highlights of Reference Number: 2016-40-008 to the Internal Revenue Service Chief Technology Officer and Commissioner for the Wage and Investment Division.
IMPACT ON TAXPAYERS
Identity theft continues to be a serious and evolving issue which has a significant impact on tax administration. In February 2009, the IRS began development of the Return Review Program (RRP) to replace its current fraud detection system. The IRS conducted a pilot test of the RRP to assess its effectiveness in identifying potential identity theft tax returns during Processing Year 2014, and based on the positive pilot results, expanded the use of the RRP’s identity theft detection for Processing Year 2015.
WHY TIGTA DID THE AUDIT
This audit was initiated as part of our continued coverage of the IRS’s identity theft detection efforts. The overall objective of this review was to assess the effectiveness of the IRS’s RRP efforts to improve identity theft detection and prevention. TIGTA also assessed the IRS’s new process to limit direct deposits to a single bank account in an effort to further combat identity theft.
WHAT TIGTA FOUND
The RRP provides the IRS with the ability to change or adjust selection models throughout the processing year. For example, the RRP provides the capability to change models to identify new or variations of identity theft schemes as they emerge. This capability is not possible with the detection system that the RRP will eventually replace.
The RRP pilot successfully identified tax returns involving identity theft that were not identified by other fraud detection systems. However, TIGTA’s analysis also showed that 54,175 confirmed identity theft tax returns with refunds totaling more than $313 million were identified by other existing fraud detection systems, but were not selected by the RRP. As the IRS continues to develop the RRP, it needs to ensure that the RRP will identify identity theft cases being identified by existing systems as well as other identity theft cases.
In response to TIGTA’s continued identification of large volumes of potentially fraudulent tax returns with tax refunds deposited into the same bank, the IRS implemented a new process to limit the number of deposits (three) to a single bank account. TIGTA’s review of this process identified programming errors that resulted in 5,516 direct deposits totaling almost $13.5 million that were not converted to paper refund checks. The IRS addressed two of the programming errors and plans to correct the remaining error by August 2016.
Also, additional processes are needed for processing checks returned as undeliverable. For example, TIGTA identified 113 tax refunds totaling $354,109 that were returned undeliverable for which the IRS did not reissue a refund check as required after the taxpayer contacted the IRS and made an address change. Finally, TIGTA identified 325 returned undeliverable tax refund checks totaling $309,068 in which the IRS did not identify the refund as being associated with an identity theft tax return and take actions to remove the fraudulent refund from the tax account.
WHAT TIGTA RECOMMENDED
TIGTA recommended that the Commissioner, Wage and Investment Division, ensure that the RRP selects identity theft tax returns identified by other fraud detection systems and develop additional processes to resolve taxpayer accounts when checks are returned as undeliverable or remain uncashed. The IRS agreed with three of the four recommendations and partially agreed with the remaining recommendation.
READ THE FULL REPORT
To view the report, including the scope, methodology, and full IRS response, go to:
Phone Number / 202-622-6500
E-mail Address / TIGTACommunications@tigta.treas.gov
Website / https://www.treasury.gov/tigta