IRS, Industry, and States Continue Their Collaborative Effort to Fight Tax Identity Theft
July 7, 2016
The IRS, along with representatives of the tax software industry and state tax agencies, marked the first year of their ground-breaking collaborative Security Summit partnership to help combat tax identity theft and protect the nation’s taxpayers from identity theft fraud.
CrossLink continues to participate in this effort and looks forward to being part of the continuing partnership with other tax industry companies, the IRS, and states in the year ahead to help combat the growing impact of identity theft to the federal and state tax systems.
The Security Summit leaders met in Washington on June 28, 2016 to review the 2016 successes and finalize the initiatives for the upcoming 2017 filing season. The Security Summit first gathered in 2015 as the IRS, state tax agencies, and the tax industry sought to counter increasingly sophisticated criminal enterprises that were gathering massive amounts of personal data stolen elsewhere and using that data to prepare fraudulent tax returns.
The Summit priorities remain focused on improving authentication procedures, enhancing information sharing between the industry, IRS, and states to improve fraud detection, heightened cybersecurity, and greater education and outreach to the public and tax preparers.
Below are a few of the Security Summit initiatives that were used during the 2016 filing season:
- New protocols required all individual tax software customers to update their security credentials to a minimum eight-digit password and establish security questions.
- Software providers shared approximately 20 data elements from tax returns with the IRS and states to help identify possible fraud.
- Industry partners performed regular reviews to identify possible identity theft schemes and report them to the IRS and state partners to help stay on top of emerging schemes.
- Summit partners launched a “Taxes. Security. Together.” campaign to increase public awareness about the need for computer security and provide people with tips on how to protect their personal information.
IRS Commissioner Koskinen noted these accomplishments had real and substantial impact on curbing stolen identity tax refund fraud during this past filing season:
- From January through April 2016, the IRS stopped $1.1 billion in fraudulent tax refunds claimed by identity thieves on more than 171,000 tax returns; compared to $754 million in fraudulent tax refunds claimed on 141,000 returns for the same period in 2015. Better data from returns and information about schemes meant better internal processing filters to detect identity theft tax returns.
- Thanks to leads reported from industry partners, the IRS suspended for further review 36,000 suspicious tax returns January through May 8, 2016, and $148 million in claimed tax refunds. This was twice the amount of the same period in 2015 of 15,000 tax returns claiming $98 million. Had industry not flagged these returns, these returns would have passed through IRS processing filters.
- Because of Summit efforts, the number of anticipated taxpayer victims fell between 2015 and 2016. Since January, the IRS Identity Theft Victim Assistance function experienced a marked drop of 48 percent in receipts, which includes Identity Theft Affidavits (Form 14039) filed by victims and other identity theft related correspondence.
- The number of tax refunds that banks and financial institutions returned to the IRS because they appeared suspicious dropped by 66 percent. This is another indication that improved data led to better filters, which reduced the number of bad tax refunds being issued.
For the upcoming 2017 filing season, the Security Summit initiatives that will be put in place, like those before it, will generally be invisible to taxpayers. These initiatives will include:
- Expanding a W-2 Verification Code test to cover approximately 50 million 2016 Form W-2s. The selected forms will contain a 16-digit code that taxpayers and tax preparers will enter in their tax software. The code will help validate not only the taxpayer’s identity but also the information on the form. This pilot is among the most visible Summit action for 2017.
- Identifying additional data elements from tax returns that will help improve authentication of the taxpayer and identify possible identity theft scams and sharing data elements from corporate tax returns.
- Launching the Identity Theft Tax Refund Fraud Information Sharing & Analysis Center (IDTTRF-ISAC) in 2017. This will serve as the early warning system for partners, collecting and analyzing tax-related identity theft schemes.
- Expanding the Security Summit’s “Taxes. Security. Together.” awareness campaign to tax return preparers to ensure they have the information they need to protect themselves from cyberattacks and to safeguard taxpayer data.
- Creating a process for financial institutions to identify questionable state tax refunds and return them to states for validation. Twenty-three states have signed on.
To learn more about this ongoing IRS, industry, and state collaborative effort to fight identity theft and protect taxpayers, see the following on the IRS website: