WASHINGTON - A pilot program of the Internal Revenue Service's (IRS) replacement fraud detection system successfully identified tax returns involving identity theft that other IRS fraud detection systems did not identify. However, the other existing fraud detection systems identified tax returns involving identity theft that the replacement system did not select. For example, the other IRS fraud detection systems identified 54,175 confirmed identity theft tax returns with refunds totaling more than $313 million not identified by the replacement system. This is a finding in an audit report that the Treasury Inspector General for Tax Administration (TIGTA) publicly released today.
Identity theft continues to be a serious and evolving issue which has a significant impact on tax administration. In February 2009, the IRS began developing the Return Review Program (RRP) to replace its current fraud detection system. The IRS conducted a pilot test of the RRP to assess its effectiveness in identifying potential identity theft tax returns during Processing Year 2014, and because of the positive pilot results, expanded the use of the RRP's identity theft detection for Processing Year 2015.
The TIGTA audit was initiated as part of its continued coverage of the IRS's identity theft detection efforts. The overall objective of this review was to assess the effectiveness of the IRS's RRP efforts to improve identity theft detection and prevention. TIGTA also assessed the IRS's new process to limit direct deposits to a single bank account in an effort to further combat identity theft.
"With identity theft continually evolving, it is important that the IRS advance its detection and prevention efforts into the next generation," said Mike McKenney, Deputy Inspector General for Audit. "The IRS needs to make every effort to ensure that its replacement fraud detection system detects identity theft cases identified by existing systems, as well as improving upon its identity theft detection and prevention efforts," he added.
With the RRP, the IRS can change or adjust selection models for identity theft during the processing year. For example, the RRP provides the capability to change models to identify new or variations of identity theft schemes as they emerge. This capability is not possible with the detection system that the RRP will eventually replace.
In response to TIGTA's continued identification of large volumes of potentially fraudulent tax returns with tax refunds deposited into the same bank, the IRS implemented a new process to limit the number of deposits (three) to a single bank account. TIGTA's review of this process identified programming errors that resulted in 5,516 direct deposits totaling almost $13.5 million that were not converted to paper refund checks. The IRS addressed two of the programming errors and plans to correct the remaining error by August 2016.
Also, for processing checks returned as undeliverable, the IRS needs additional procedures. For example, TIGTA identified 113 tax refunds totaling $354,109 that were returned as undeliverable for which the IRS did not reissue a refund check as required after the taxpayer contacted the IRS and made an address change.
Finally, TIGTA identified 325 returned undeliverable tax refund checks totaling $309,068 in which the IRS did not identify the refund as associated with an identity theft tax return and did not take action to remove the fraudulent refund from the tax account.
TIGTA recommended that the Commissioner, Wage and Investment Division, ensure that the RRP selects identity theft tax returns identified by other fraud detection systems and develop additional processes to resolve taxpayer accounts when checks are returned as undeliverable or remain uncashed. The IRS agreed with three of the four recommendations and partially agreed with the remaining recommendation, stating that processes are in place for addressing and resolving refund cancellations caused by refund checks not being cashed within fourteen months of issuance. However, the volume of taxpayer accounts with cancelled refund checks is not yet known. While the time for the check cancellation has not yet passed and the volume of converted refund payments that are ultimately cancelled is unknown, TIGTA continues to believe that appropriate next steps are to treat the taxpayer accounts as identity theft.