IRS, Security Summit partners mark significant progress against identity theft; key taxpayer protection trends continue
WASHINGTON — The Internal Revenue Service and the Security Summit partners today announced new results from 2018 that show major progress in the fight against tax-related identity theft and added protection for thousands of taxpayers and billions of dollars.
Since forming the Security Summit in 2015, the IRS, state tax agencies and the private-sector tax industry enacted joint initiatives, many invisible to taxpayers, that have resulted in fewer fraudulent tax returns entering tax processing systems, fewer confirmed identity theft returns being stopped, fewer bad refunds being issued and fewer Americans identifying themselves as victims of tax-related identity theft.
“The IRS and the Security Summit continue to make tremendous inroads in the battle against identity theft,” said IRS Commissioner Chuck Rettig. “In 2018, our partnership protected more taxpayers and more tax dollars from tax-related identity theft. At a time when many in the private sector continue to struggle with these issues, the tax community has made major progress working together to stop identity theft and refund fraud.”
Key annual indicators mark major progress
The Security Summit held its first meetings in 2015 and enacted its first round of initiatives in 2016. The Summit partners shared dozens of elements from tax returns that could be indicators of fraud such as the length of time to prepare the return. The IRS enhanced and expanded its fraud filters and added protections to business as well as individual tax returns. States requested more information such as driver’s license numbers. Software providers strengthened password requirements to protect accounts and added multi-factor identity authentication. Debit card companies tightened their practices, and more financial institutions helped recover fraudulent refunds.
As part of this team effort, the Summit partners established the Identity Theft Tax Refund Fraud Information Sharing and Analysis Center (IDTTRF-ISAC) to detect and prevent identity theft tax refund fraud. There are now 65 groups participating in the ISAC, able to react and respond quickly as scams arise.
As the Summit partners made these and other changes, the overall results improved immediately as fewer fraudulent returns entered IRS processing systems. Here are key, calendar-year 2018 indicators and how they compare to the 2015 base year:
“Despite these major successes, more work remains,” Rettig said. “Identity thieves are often members of sophisticated criminal syndicates, based here and abroad. They have the resources, the technology and the skills to carry on this fight. The IRS and the Summit partners must continue to work together to protect taxpayers as cyberthieves continue to evolve and adjust their tactics.”
Identity thieves adjust; take aim at businesses, tax professionals
As the Security Summit partners make progress, identity thieves continue to change their targets and tactics. Two areas of concern are business identity theft and data theft from tax professionals.
The number of businesses reporting they are victims of tax-related identity theft increased by 10 percent for 2018, with 2,450 reports compared to 2,233 reports in 2017. Following in the footsteps of successful work protecting individual taxpayers, the Security Summit partners have enacted similar protections for business tax returns given that business identity theft is a relatively new area.
Identity thieves use several different tactics with businesses. They may file a fraudulent tax return, a fraudulent quarterly tax payment or use stolen Employer Identification Numbers (EINs) to create fraudulent Forms W-2. Thieves also may impersonate business executives to convince payroll or finance employees to disclose employee W-2 information or make wire transfers. Partnerships, trusts and estates also can be at risk for tax-related identity theft.
Because of Security Summit efforts, criminals need more personal data details to impersonate taxpayers, so they have targeted tax professionals and their information. Theft of taxpayer information held by tax professionals remains a major issue. Thieves can breach practitioners’ computer systems, steal client data and file fraudulent tax returns before a preparer may even know they have been victimized.
Thieves may also steal the tax practitioners Electronic Filing Identification Number (EFIN) or Preparer Tax Identification Number (PTIN) to help with identity theft and filing false returns. Tax professionals who experience a data theft should contact their IRS stakeholder liaison immediately for assistance.