The Treasury Inspector General for Tax Administration (TIGTA) has released a report regarding the implementation of new tax return-related data elements based on the 2015 Security Summit, Protecting Taxpayers from Identity Theft Tax Refund Fraud. TIGTA has concluded that tax-related identity thefts adversely affect the ability of taxpayers to file returns and receive their tax refunds in a timely manner. Such thefts can impose financial and emotional hardships on victims. TIGTA advocates, as a priority for the IRS, continued improvements and advancements in identification of identity theft when tax returns are processed and before fraudulent tax refunds are issued.
TIGTA tested 23 new data elements that had been implemented by the IRS’s Return Review Program system. Only three of these elements were used to filter returns and help prevent identity theft during the 2016 filing season. The IRS attributed the prevention of 24,000 taxpayer returns from being incorrectly selected as potential identity theft tax refund fraud returns to one of the three data elements.
TIGTA agreed with the IRS that the data elements should remain secret from the public. TIGTA recommended that the Wage and Investment Division permanently remove the data elements from public access to make sure that inappropriate use does not occur. The division should also conduct a thorough inspection of its public websites and publications to determine if other data element information is available to the public. If it is, the information should be removed. Finally, the division should implement a secure process to provide the data elements to valid parties who have a need to access them.
The IRS agreed with one recommendation and plans to implement a secure process to provide the data elements to valid parties. The IRS partially agreed with two recommendations and removed the schema information from its website. TIGTA contends that data element exposure on the IRS public website and in publications increases the risk of fraud. TIGTA continues to recommend removal of data element information from the IRS’s public website and from publications, in order to minimize potential misuse.