In an audit, the Treasury Inspector General for Tax Administration (TIGTA) found that the IRS has greatly improved its identity theft protection program since the 2012 filing season but that additional changes should be made (The Taxpayer Protection Program Improves Identity Theft Detection; However, Case Processing Controls Need to Be Improved, TIGTA Rep't No. 2013-40-062 (June 21, 2013)). The report looked at the program controls used to process suspected cases, not at the adequacy of IRS filters in identifying potential tax identity theft fraudulent refund claims, which will be the subject of a separate TIGTA review.
Improvements noted. TIGTA found that the Taxpayer Protection Program improves identity theft detection and that the improvements made since the 2012 filing season helped even more. In 2012, the program identified 324,670 tax returns involving identity theft and prevented the issuance of fraudulent tax refunds totaling $2.2 billion. During the 2012 filing season (for 2011 returns), only 10 employees were assigned to answer the toll-free telephone hotline, and as a result, only 24% of the calls to the number reached an employee. For the 2013 filing season, responsibility to answer the toll-free number was transferred to the Wage and Investment Division’s Accounts Management function, where more than 200 employees answered the phones.
Other improvements were the development of clear guidelines for employees in working potential identity theft cases. TIGTA interviewed a number of IRS employees, all of whom said the guidelines were helpful and that management listened to their suggestions for improvement.
Shortcomings. Under the program, the IRS mailed 375,742 letters to taxpayers during calendar 2012 asking the taxpayer to verify that he or she filed the return. If a letter in such cases is returned as undeliverable, there is no response, or the tax return is determined to involve identity theft, the IRS does not process the return and places an identity theft indicator on the return. However, TIGTA found that required identity theft indicators were not always placed on taxpayer accounts because Taxpayer Protection Program employees did not consistently follow procedures to input these indicators and because the format for entering information was not consistent, resulting in mismatched taxpayer identification numbers (TINs).
The second shortcoming was that employees in the Taxpayer Protection Program were not updating the central IRS Account Management Services (AMS) system with the actions they had taken on taxpayers’ identity theft accounts. TIGTA explained that it was crucial that employees accurately update the AMS system because managers use it to identify the inventory of open and closed cases and to review casework.
Third, TIGTA found that the IRS had not established procedures to track how long identity theft cases took to resolve. The IRS claimed that it took an average of 15 minutes from the time a taxpayer placed a telephone call to resolve cases, but TIGTA noted that this did not account for taxpayer attempts to contact the IRS by mail, pointing specifically to taxpayer letters that had not been assigned to an employee in the three months after they were received.
The final criticism was the lack of documentation of training that Taxpayer Protection Program employees had received. The IRS provided TIGTA with a list of the employees who had received the training, but it kept no other records and did not require training to be documented in the Enterprise Learning Management System, the IRS’s centralized storage location for employee training records.
Recommendations. TIGTA made four recommendations to address these shortcomings, all of which the IRS agreed to implement:
- Develop a process to ensure that required identity theft indicators are placed on taxpayer accounts;
- Develop a process to ensure that employees are properly updating the AMS system with the actions they have taken on identity theft cases;
- Develop a system to measure how long it takes to resolve cases and ensure the measurement begins at the first taxpayer contact;
- Ensure that employees receive the required training and that records are kept in the Enterprise Learning Management System.
TIGTA Rep't No. 2013-40-062
By Sally P. Schreiber, J.D., a JofA