Washington, D.C.—U.S. Senator Susan Collins, the Chairman of the Senate Special Committee on Aging, today announced the release of a Government Accountability Office (GAO) report she requested evaluating the Internal Revenue Service’s (IRS) efforts to combat identity theft refund fraud. Identity theft refund fraud occurs when a fraudster obtains a victim’s personally identifiable information and uses it to file a fraudulent tax return. In 2014, the IRS estimated that it paid $3.1 billion in fraudulent returns.
“Last Congress, the Aging Committee held a hearing examining tax-related identity theft, an epidemic that harms many taxpayers and seniors in particular,” said Senator Collins, the Chairman of the Senate Special Committee on Aging. “Mainers work hard for their money, and it is unconscionable that the refunds they are owed would be stolen by a fraudster. Victims of tax refund fraud often must wait years to get the refunds to which they are entitled, and a substantial number become victims of other forms of identity fraud. While the IRS has developed tools and programs to detect and prevent refund fraud due to identity theft, GAO’s report shows that substantial improvement is still needed. I will continue to support measures to ensure that fraudsters cannot pass for legitimate filers and falsely obtain their tax refunds.”
The IRS maintains a Taxpayer Protection Program (TPP), which is intended to authenticate the identities of suspicious tax return filers and help prevent refund fraud. According to GAO, however, many criminals are still able to use stolen personal information to thwart the TPP despite recent efforts to strengthen the program. In the 2015 filing season, for instance, the IRS estimated that it paid approximately $30 million to fraudsters who filed about 7,200 returns that passed TPP authentication. Moreover, GAO’s analysis indicated that the IRS has likely underestimated this fraud.
GAO recommends that IRS conduct an updated risk assessment to identify new or ongoing risks for TPP’s online and phone authentication options. Currently, IRS remotely verifies taxpayers’ identities using single-factor authentication procedures. Due to the wide availability of personal information available online, criminals are often able to find or purchase enough personal information to pass these authentication quizzes.
According to GAO, once IRS updates TPP’s risk assessment, the agency can then select the appropriate authentication technology needed to strengthen TPP authentication. IRS could implement a multi-factor authentication standard that would require filers to provide proof of “something they have” in addition to questions about “what they know.” Strengthening TPP could help IRS prevent criminals from stealing billions of dollars in tax refunds.
Read the GAO’s full report HERE.