Summer Updates: Identity Theft and Tax Administration

0 Flares 0 Flares ×

Today, we welcome back guest blogger, Rachael E. Rubenstein.  Rachael served as the principal author in the Identity Theft chapter in the recently published 6th Edition of Effectively Representing Your Client before the IRS.  So much has been happening in this area recently that we asked Rachael to bring us up to date and she has done so with a comprehensive post on this area over the past few months.  Rachael just moved from a teaching position at St. Mary’s Law School in San Antonio, Texas where she directed the low income taxpayer clinic to the firm of Strasburger & Price, LLP in the same city.  We appreciate her willingness to write extensively while in the midst of a practice move.  Keith

Tax-related identity theft was a hot topic this summer.  Since I last blogged about it in May, the NTA released her Fiscal Year 2016 Objectives Report to Congress, alerting us to an upswing in the number of open identity theft cases in IRS inventory; a written report was released containing details of the 2015 Security Summit held by Commissioner Koskinen; Senators Johnson, Warner, and Ayotte introduced the Social Security Identity Defense Act of 2015; and the Senate Budget Committee held a hearing, convened by Senator Ayotte, on Tax-Related Identity Theft and Fraudulent Returns.


My previous post optimistically noted that after almost a decade of annual increases, the volume of IRS identity theft incidents finally declined by roughly 42 percent in 2014 compared to its peak of 1,901,105 in 2013. Considering the attention and resources focused on this problem, the marked decline in 2014 showed promise.  Unfortunately, the NTA’s June report indicates that the number of open identity theft cases impacting taxpayers in IRS inventory (as of May 2015) swelled again to near May 2013 levels—up 69 percent from May 2014.

The NTA attributes the recent rise in open identity theft cases back to levels observed in 2013 to “the overreach of the TPP [Taxpayer Protection Program] filters and understaffing of the TPP phone lines.” The TPP is responsible for detection, evaluation, and prevention of improper refunds related to identity theft. During the 2015 filing season, TPP return processing filters identified 1,558,874 potentially fraudulent returns using 196 distinct filters that flag returns when certain characteristics are identified. The false positive rate was around 34 percent, meaning that a third of electronically filed tax returns that TPP stopped from posting to a particular account were filed by legitimate taxpayers who expected timely receipt of their tax refunds. These taxpayers received a TPP notice instructing them to call a particular phone number to resolve the issue; however, most that called during the peak of tax season in February were unable to get through at all to a live phone assistor. For those that did get through, there average wait time was between 20 minutes to over an hour.

Immediately after the May 2015 data breach scandal (which turned out to affect around 250,000 more taxpayers than initially reported), we learned that earlier in the Spring, Commissioner Koskinen convened key officials from state taxing authorities and the private tax industry together for a Security Summit to discuss the significant challenges facing tax administration as a result of tax-related identity theft, and potential coordinated strategies. It was widely reported that an agreement was reached among the participants “to form a public-private partnership committed to protecting the nation’s taxpayers and the tax system from IDT [identity theft] refund fraud.” In June, a 9 page report was released detailing the goals of each of the working groups formed from the Security Summit, outlining recommendations, listing existing proposals for congressional consideration, discussing next steps, and describing the participants. This partnership is certainly an innovative approach, and it will be interesting to see how this collaboration plays out.

The Social Security Identity Defense Act was introduced in May and is aimed at amending section 6103 to make it easier for victims of identity theft and law enforcement officials to receive information pertaining to tax-related incidents of identity theft from the FBI and DOJ. Although it is unlikely to be enacted, this bill has reignited discussion regarding the intersection of identity theft and section 6103 disclosure issues. For example—to what extent is the victim taxpayer entitled to information from the Service regarding the incident? Presently, under PMTA 2012-005, Chief Counsel takes the position that once an invalid return is submitted, it becomes the return information of both the true owner of the SSN and the identity thief because the information relates to the potential investigation of liability with respect to both parties. Therefore, the victim of identity theft should have a right to a copy of the bad tax return as long as disclosure would not impair federal tax administration.

In confirmed or suspected cases of identity theft, a taxpayer’s account is marked with various types of identity theft indictors. When such an indicator is present, taxpayers and their representatives may find it difficult to obtain copies of tax returns or related tax transcripts from the Service because employees are trained to safeguard taxpayer information protected by section 6103. Disclosure violations carry the threat of civil fines and even potential criminal charges. Despite Chief Counsel guidance indicting that the bad return is the return information of both the victim and the alleged identity thief, the IRM “instructs employees to not  to provide . . . copies of tax returns when identity theft indicators are present on the requestor’s account.” In May of 2015, Senator Ayotte wrote a letter to Commissioner Koskinen expressing her concern “with IRS’s refusal to provide tax identity theft victims with copies of the fraudulent returns filed in their names.” She referenced the 2012 Chief Counsel memorandum to support her complaint and request for the Service to change its non-disclosure practices. Commissioner Koskinen acquiescence in a written response issued later the same month and stated that the Service would develop procedures to allow victims of identity theft to request and receive (redacted) copies of tax returns filed under their SSNs.

The hearing held in August covered familiar and fairly bleak territory as well as some encouraging announcements about major programmatic changes regarding identity theft cases processing. A taxpayer testified about the bureaucratic nightmare she endured dealing with IRS and other agencies when her e-filed return was rejected because her deceased child’s SSN was used to file multiple fraudulent returns (it is worth noting that none of the fraudulent filings actually got passed IRS filters). Christopher Lee, TAS Senior Attorney Advisor; J. Russel George, TIGTA; and Commissioner Koskinen testified about the general state of refund-related identity theft—the broad consensus was that despite its many gains in terms of detection and prevention of refund-related identity theft, the Service still has a long way to go in order to get ahead of the overall identity theft crisis.

In addition to the jump in the number of incidents during the 2015 filing season, and the TPP false positive rate, lengthy delays in case processing and poor customer service are stubborn problems (although the situation is certainly not as bad as it once was in the early part of the decade). A study conducted by TAS of cases closed in 2014 found that 179 days was the average resolution time for an identity theft case from a taxpayer’s perspective. The Service’s slow progress towards improvement of case processing times is partly attributable to the increasing complexity of identity theft cases. Such cases require the involvement of multiple functions under the Service’s decentralized case management structure, which has been in operation for several years. The same 2014 TAS study found that approximately 30 percent of cases involve multiple issues.

TAS has repeatedly called for the Service to set-up “a sole point of contact system” for victims with complex identity theft cases. While the Service has announced its final phase of a plan to re-engineer its approach to victim assistance, moving towards a more centralized model, the prospects for adoption of this particular TAS recommendation appear dim. Commissioner Koskinen’s version of a “single point of contact” described during the hearing involves yet another specialized toll free phone line, as opposed to the TAS model of one designated employee to handle a particular victim’s case.

The Commissioner’s testimony reminded stakeholders that sophisticated cyber criminals present momentous challenges to the Service in an era of archaic IRS technological systems and strained financial resources. Still, he pledged that the Service is continuing to work diligently on efforts to combat identity theft, and he announced some specific plans for 2015-2016. One is the roll out of the Identity Theft Assistance organization, a consolidation of various identity theft programs into one division aimed at unifying the Service’s victim assistance and identity theft compliance activities. Another is an improved case resolution average of 120 days. Further, new protections for electronic filing, developed by the Security Summit working groups, were promised before the 2016 filing season.

The Service requested additional money for improved cyber security and revamped identity theft initiatives, which is reflected in the President’s FY 2016 Budget pending before congress. All tax administrators who testified at the hearing agree that the IRS needs more funding to address the identity theft epidemic. They also share the view that congress should take a more active role in enacting various legislative tools to assist the IRS in combating this pervasive problem.




  1. Ms. Rubenstein misleads us into thinking that taxpayer identity theft is the work of “sophisticated cyber criminals.” And when she implies that the solution to this theft is to endow the IRS with more money and more authority, she addresses the identity theft symptom, not its disease.

    It is illegal aliens who commit at least 97% of taxpayer identify theft. Millions of them are in the work force, laboring under Social Security Numbers that they, or others in concert with them, knowingly stole from United States citizens.

    Ms. Rubenstein seems sincere about government efforts to stop taxpayer identify theft. If she is, then I suggest her next post or paper recommend that Congress provide more funding and authority, not to the IRS, but to ICE.

  2. Undocumented workers — many of whom may be here legally but with visas not permitting employment — may not cause all the problems but they probably cause a significant number that could easily be eliminated. If someone uses my SSN to apply for a job and the employer submits it through the eVerify system, I should be notified at my last known address or by email as registered with SSA or other agency.

    What this will not eliminate is the use of SSN’s by prisoners and their partners in crime. The smarter ones avoid IRS and settle for dozens of refunds from states with lesser security. Few analysts talk about that.

  3. I read this blog over breakfast in Rennes, my last full day of a month’s travel in Europe where many hotels still require your date of birth and/or a copy of your passport at registration.
    So I asked Google if this is strictly a US problem or one found elsewhere in the world. This 2012 article from the Financial Times provides a European perspective. Even in countries with national law enforcement systems more integrated than ours, there is no silver bullet.

  4. Rachael Rubenstein says

    Jason and Bob – thank you for your comments. This post discusses IRS refund-related identity theft, as opposed to employment-related identity theft. The Service grapples with both types and approaches them quite differently. I wrote quite a bit on the topic of undocumented immigrants and employment-related identity theft in Chapter 22 of Effectively Representing as well as in an upcoming section to Chapter 4 of Saltzman Practice and Procedure. The comment that 97% of taxpayer identify theft is committed by “illegal aliens” is not supported by my research in this area. Francine Lipman wrote an excellent article on the general topic of taxation and undocumented immigrants. Here is the cite – 9 Harv. Latino L. Rev. 1, 21 (2006).

    For a long time, little IRS attention and resources was focused on employment-related, which is problematic because victims of this type of identity theft often have many years affected and more post-assessment issues to untangle. Part of what makes employment-related identity theft complicated to address for the Service perspective is that under IRC 6103 wage information reported to the IRS, even that belonging to the non-holder of the SSN, is generally protected from disclosure. In 2014 the IRS piloted an Employment Related Identity Theft Notification Project to inform a select group of taxpayers that their SSNs were used by someone else for employment purposes. The notice letters explained the misuse, gave general advice on steps the true holder of the SSN could take to protect his or her personal information from further incidents of fraud, and stated that the IRS was not permitted to disclose the identity of the person using the SSN. I think there is some value in this type of notification and hope the IRS expands the pilot.

    • With apologies to Professor Rubenstein, I’m not sure how credible a source on even “the general topic of taxation and ‘undocumented immigrants'” is an article from the Harvard Latino Law Review.

      Further, the good professor’s attempt to distinguish between “tax refund” identify theft and “employment related” identify theft is a non-starter. Except for 3% of the cases, the two are either side of the same purloined coin. Tax refund identity theft stems from employment related identity theft.

      First, the illegal alien breaks into the country without the permission of the people who inhabit it, thereby ignoring the laws that the people’s representatives have enacted. Second, the illegal alien lies on his DHS Form I-9 and claims he is a citizen of the United States. Third, the illegal alien steals someone else’s Social Security Number and then uses that stolen number to complete his IRS Form W-4. Fourth, the illegal alien fraudulently uses the same Social Security Number that he stole from someone else to claim a refund of some, or all, of the taxes that his employer had deducted from his pay–and to make an unlawful claim for various tax credits, mainly the child tax credits and the earned income tax credit. Finally, based on his knowingly false and fraudulent return tax return, the illegal alien receives his ill-gotten refund that he just stole from the U.S. Treasury. He then sends a significant portion of his stolen funds to his own country–all the while complaining about what the people of the United States think of him.

      When Professor Rubenstein styles that same illegal alien criminal as merely “the non-holder of the SSN,” we know she is in no real hurry to see any identity theft type stopped. Her identity theft “solution,” to give more money and power to the IRS”, would only stuff more straw into the scarecrow.

  5. You can’t discuss tax-refund identity theft without mentioning Estonia. (Yes, I was there this summer.) Even if it requires mentioning Jeb! Bush (who politically is in a place I have never visited). As Bush correctly has claimed, it takes five minutes for most Estonians to file their tax returns. The country that gave us Skype also has managed, since liberation as a Russian satellite less than 25 years ago, to install real-time reporting of wages and withholding for tax administration. You can complete your return online because all or most of the data is already there.

    The only reason that IRS pays out billions in refunds of non-existent withholding credits, even after spending vast sums to prevent the crime and assist its victims, is that Congress and successive administrations have failed to update the technology required for efficient tax collection. Unlike Estonia, we are using Soviet-era computers and software. Our national budget policy is billions for defense, but only a paltry amount to collect the tribute it requires.

    Unlike their Estonian counterparts, our politicians have joined the Club for Collapse. Starve the IRS, and tax collections will go down the drain. So let’s not forget to mention the cause of the problem, as well as its only solution.

Comment Policy: While we all have years of experience as practitioners and attorneys, and while Keith and Les have taught for many years, we think our work is better when we generate input from others. That is one of the reasons we solicit guest posts (and also because of the time it takes to write what we think are high quality posts). Involvement from others makes our site better. That is why we have kept our site open to comments.

If you want to make a public comment, you must identify yourself (using your first and last name) and register by including your email. If you do not, we will remove your comment. In a comment, if you disagree with or intend to criticize someone (such as the poster, another commenter, a party or counsel in a case), you must do so in a respectful manner. We reserve the right to delete comments. If your comment is obnoxious, mean-spirited or violates our sense of decency we will remove the comment. While you have the right to say what you want, you do not have the right to say what you want on our blog.

Speak Your Mind