by Jim Marasco and Chris Frontale, The Daily Record, April 2017 – As the 2016 filing deadline draws to a close, many taxpayers have noticed the additional information required by the Internal Revenue Service and many states in order to successfully submit a tax return. These extra steps required to file a tax return may seem superfluous, but they were designed with the taxpayer’s best interests in mind. These safeguards were specifically designed to reduce the amount of fraudulent returns accepted by the government.

Tax identity theft occurs when someone uses your stolen social security number to file a tax return claiming a fraudulent refund. The thief files early on in the filing season to receive the fraudulent refund before the victim files their return. With paperless e-filing, this scam is easier than ever to pull off. Thieves can simply make up false wages, submit the return electronically and receive the refund via mail or direct deposit. While the IRS does keep records of earned wages and other types of taxable income reported by taxpayers’ employers, they do not match these records to the information submitted electronically before issuing refund checks. By the time the IRS notifies the victim that it has received another tax return in their name, the thief is long gone and has already cashed the refund check.

According to the Government Accountability Office, the IRS paid an estimated $5.8 billion in fraudulent refund claims in 2013. This number was expected to grow to nearly $21 billion by 2016. However, earlier this year the IRS reported that the number of new people reporting stolen identities on federal tax returns actually fell by more than 50% in 2016. The implementation of new safeguards at both the federal and state levels have played a substantial role in continuing to reduce the occurrence of this issue.

What are the New Safeguards?

As identity thieves took advantage of lax security measures, the government became blindsided. However, now they’re quickly reacting. The IRS has recently joined forces with state tax agencies, along with payroll and tax professionals from the public sector, in an attempt to protect taxpayers. This partnership, known as the Security Summit, is devoted to consistently improving the prevention of tax identity theft and fraudulent refund claims. Safeguards put in place by the Security Summit include the following:

• W2 Verification Codes – This is a pilot program that consists of adding verification codes to 50 million Form W-2’s in 2017. The verification code is a 16-digit alphanumeric code that appears on the W-2 and is required when e-filing tax returns.
• New Data Elements – Certain States, along with the IRS, are requiring additional information from taxpayers to more accurately authenticate the individuals attempting to file the tax return. An example of this is the state of New York requiring a taxpayer’s state-issued driver’s license or non-driver ID number when electronically filing a return.
• Software Industry – Tax software companies are being required to enhance the use of passwords and other security elements that play a role in protecting important taxpayer information.
• The due date for filing partnership tax returns was accelerated from April 15^th to March 15^th, similar to corporate tax returns. This allows the government more time to match Form K-1’s to individual personal returns. 

Security Summit Education Campaign

Regardless of how many safeguards are implemented at the federal or state level, educated taxpayers and tax preparers are the most important factor in protecting against tax identity theft. The IRS has previously published the following recommendations to aid taxpayers:

• Do not routinely carry your Social Security card or any document with your Social Security number on it.
• Do not give a business your social security number just because they ask. Only give it when absolutely necessary.
• Safeguard your personal financial information at home and on your computer.
• Check your credit report annually.
• Check your Social Security administration earnings statement annually.
• Protect your personal computers by using firewalls, anti-virus/spam software, update security patches and change passwords for Internet accounts.
• Do not give personal information over the telephone, through the mail or the Internet unless you have either initiated the contact or are sure you know who is asking.
• Always remember that the IRS does not initiate contact with taxpayers by email to request personal or financial information.
• Make sure all tax documents and paperwork are secured in a safe, locked location at all times.
• Sensitive documents kept on a computer should be locked with a password.
• Be selective about who works on your taxes. Investigate tax preparation companies with the Better Business Bureau, especially for new or seasonal offices.

This year, the IRS has initiated a new campaign titled “Protect your Client; Protect Yourself,” urging tax preparers to use the best security practices available, including a similar checklist for ensuring data security for businesses.

What to do if your identity is stolen?

If you do become a victim of tax identity fraud, the IRS recommends the following steps for reporting the incident:

• File a report with the local police.
• File a complaint with the Federal Trade Commission at www.identitytheft.gov or the FTC Identity Theft Hotline at 1-877-438-4338.
• Contact one of the three major credit bureaus (Equifax, Experian, or TransUnion) to place a fraud alert on your credit reports.
• Close any accounts opened without your permission or tampered with.
• Respond immediately to any IRS notice and call the number provided.
• Complete IRS Form 14039, Identity Theft Affidavit.
• Continue to pay your taxes and file your tax return, even if you must do so by paper.

Stay Proactive

As this year’s tax deadline approaches, it is important to take the necessary steps to protect yourself and your personal information to help mitigate the risk of falling victim to tax identity fraud. Taxpayers need to be educated and vigilant in staying ahead of identity thieves.

James I. Marasco, CPA, CIA, CFE is a partner at Stonebridge Business Partners.  Chris Frontale, a Stonebridge staff member, also assisted with this article.