The IRS and taxpayers have been pummeled in recent years by all manner of fraud and identity theft problems but today, the agency, state tax administrators and leading tax preparation and software firms said they would step up enforcement efforts and bolster tax system security.
The question is of course, is it enough?
+More on Network World: Yikes: 10,000 IRS impersonation scam calls are placed every week+
In a nutshell, in the face of billions in stolen money, the industry and government groups agreed to work together to identify new steps to validate taxpayer and tax return information at the time of filing. There will be standardized sharing of suspected identity fraud information and analytics from the tax industry to identify fraud schemes and locate indicators of fraud patterns. And there will be collaboration in the future.
The collaborative agreement stems from a Security Summit held by the IRS – which just last month said its tax transcript request website was hacked to the tune of $39 million in lost tax refunds -- with the chief executive officers and private sector firms such as H&R Block, Liberty Tax and others, as well as federal and state tax administrators to discuss emerging threats on identity theft and expand existing collaborative efforts to stop fraud.
The IRS said three specialized working groups were established as part of the Summit, which was held in March, with members from the IRS, states and industry co-chairing and serving on each team.
During the past 12 weeks, the teams focused on developing ways to validate the authenticity of taxpayers and information included on tax return submissions, information sharing to improve detection and expand prevention of refund fraud, and threat assessment and strategy development to prevent risks and threats, the IRS stated.
The group agreed to several important new initiatives:
Taxpayer authentication. The industry and government groups identified numerous new data elements that can be shared at the time of filing to help authenticate a taxpayer and detect identity theft refund fraud. The data will be submitted to the IRS and states with the tax return transmission for the 2016 filing season. Some of these issues include, but are not limited to: Reviewing the transmission of the tax return, including the improper and or repetitive use of Internet Protocol numbers, the Internet ‘address’ from which the return is originating. Reviewing computer device identification data tied to the return’s origin. Reviewing the time it takes to complete a tax return, so computer mechanized fraud can be detected. Capturing metadata in the computer transaction that will allow review for identity theft related fraud.
Fraud identification. The groups agreed to expand sharing of fraud leads. For the first time, the entire tax industry and other parts of the tax industry will share aggregated analytical information about their filings with the IRS to help identify fraud. This post-return filing process has produced valuable fraud information because trends are easier to identify with aggregated data. Currently, the IRS obtains this analytical information from some groups. The expanded effort will ensure a level playing field so everyone approaches fraud from the same perspective, making it more difficult for the perpetration of fraud schemes.
Information assessment. In addition to continuing cooperative efforts, the groups will look at establishing a formalized Refund Fraud Information Sharing and Assessment Center (ISAC) to more aggressively and efficiently share information between the public and private sector to help stop the proliferation of fraud schemes and reduce the risk to taxpayers. This would help in many ways, including providing better data to law enforcement to improve the investigations and prosecution of identity thieves.
Cybersecurity framework. Participants with the tax industry agreed to align with the IRS and states under the National Institute of Standards and Technology (NIST) cybersecurity framework to promote the protection of information technology (IT) infrastructure. The IRS and states currently operate under this standard, as do many in the tax industry.
Taxpayer awareness and communication. The IRS, industry and states agreed that more can be done to inform taxpayers and raise awareness about the protection of sensitive personal, tax and financial data to help prevent refund fraud and identity theft. These efforts have already started, and will increase through the year and expand in conjunction with the 2016 filing season.
+More on Network World: FBI and IRS warn of pervasive, maddening business, consumer scams+
The group said major system and process changes will be made this summer and fall by the participants in order to be ready for the 2016 filing season.
"We've made tremendous progress, and we will continue these efforts. Taxpayers filing their tax returns next filing season should have a safer and more secure experience," IRS Commissioner John Koskinen said in a statement. "Industry, states and the IRS all have a role to play in this effort. We share a common enemy in those stealing personal information and perpetrating refund fraud and we share a common goal of protecting taxpayers. We want to build these changes into the DNA of the entire tax system to make it safer."
But is the new IRS-led plan enough?
Watchdogs at the Government Accountability Office last September issued a report that looked at the IRS identity theft problem and make a few recommendations on how to fight the massive fraud that is taking place right now.
The first and possibly most effective solution is to stop the IRS practice of what the GAO called “looking back” which matches returns with W-2 information after tax forms are filed.
“The IRS currently cannot do such matching because employers' wage data (from Form W-2s) are not available until months after IRS issues most refunds. Consequently, IRS begins matching employer-reported W-2 data to tax returns in July, following the tax season. If IRS had access to W-2 data earlier—through accelerated W-2 deadlines and increased electronic filing of W-2s—it could conduct pre-refund matching and identify discrepancies to prevent the issuance of billions in fraudulent refunds,” the GAO stated.
For example, in 2012, the IRS received more than148.3 million tax returns and issued more than $309.6 billion in refunds to110.5 million taxpayers. By March 1, 2012 IRS had issued about 50% of all 2012 refunds, but did not have access to most of the 2012 W-2 data verified by the Social Security Administration.
According to the GAO, in 2014 the Department of the Treasury proposed that Congress accelerate W-2 deadlines to January 31.
“However, IRS has not fully assessed the impacts of this proposal. Without this assessment, Congress does not have the information needed to deliberate the merits of such a significant change to W-2 deadlines or the use of pre-refund W-2 matching,” the GAO stated.
Another fix the GAO proposed is requiring smaller companies to electronically file W-2s. Currently, employers who file 250 or more W-2s annually must e-file those forms. The IRS is generally prohibited from requiring those filing fewer than 250 returns annually to e-file. The Social Security Administration (SSA) estimated that to meaningfully increase W-2 e-filing, the threshold would have to be lowered to include those companies filing 5 to 10 W-2s, the GAO stated. In addition, SSA estimated an administrative cost savings of about $0.50 per e-filed W-2.
Part of the overall issue is that the IRS is under pressure to issue refunds quickly, the GAO stated. The IRS is required by law to pay interest if it takes longer than 45 days after the due date of the return to issue a refund. The IRS tells taxpayers to anticipate their refunds generally within 21 days after filing and actively tries to meet this target. For tax year 2013, IRS reported that for tax returns filed through early March, taxpayers received refunds an average of 9.6 days after filing, the GAO stated.
Delaying those refunds is likely to burden taxpayers, according to the IRS. Taxpayers who file early and who are financially dependent on a refund, such as low-income taxpayers receiving refundable credits, could be hurt.
Check out these other hot stories: