With a Week Before Tax Day, Merkley Calls on IRS to Tackle Tax ID Theft

Portland, OR – In preparation for tax day, Senator Merkley visited the Matt Dishman Community Center to call on the Internal Revenue Service (IRS) to increase its efforts to effectively tackle the problem of tax ID theft. As of September 2015, over 600,000 Americans were victims of tax ID theft and the IRS paid out $5.8 billion in fraudulent tax returns in 2013. 

To address this growing problem, Senator Merkley and Senator Mike Rounds (R-SD) sent a letter to the IRS Commissioner today, to highlight the threat of tax ID theft and ask the IRS to respond to questions about efforts to combat this issue. 

“Too many Oregonians are being cheated out of their tax refunds by criminals who steal their identities and their refund checks,” said Merkley. “This is a growing problem and we need action from the IRS to combat this criminal activity and create security within our nation’s accounting system.” 

Senator Merkley was joined at today’s event by Mark Ertle who has been a victim of tax ID theft and turned to Senator Merkley’s office for help. 

“The implications of tax ID theft can affect victims for months and years after first discovering that your identity has been stolen along with your tax refund,” said Mark Ertle of Portland. “For me I lost out on a home I wanted to purchase because my fraudulent tax returns were mistakenly sent to my bank which were in conflict with my legitimate returns I provided to my financial institution. It was then incumbent upon me to prove that my financial records were correct and what was received from the IRS were in fact incorrect due to ID theft.  I had to endure a cloud of suspicion from my bank that I was the one committing fraud and not a victim of cybercrime as I claimed. I’m pleased that Senator Merkley is asking for action on this issue that affects thousands of Oregonians each year.”

Full text of the letter sent to the IRS Commissioner is below. 

April 8, 2016

John Koskinen
The Internal Revenue Service
111 Constitution Avenue, NW
Washington, DC 20224

Dear Commission Koskinen,

We are deeply concerned about the growing number of cases involving taxpayer identity theft and write regarding the Internal Revenue Service’s (IRS) efforts to combat this problem facing our constituents and Americans across the country. 

As you are aware, taxpayer identity theft fraud occurs when a criminal obtains the name and social security number from an unsuspecting taxpayer. The thief files a fraudulent, often inflated, tax return in an effort to steal the rightful taxpayers’ refund. Often taxpayers only become aware of the fraud when they attempt to file a legitimate tax return and discover a return has been filed and a refund issued in their name. For many Americans, being cheated out of their refund is financially devastating. 

In recognition of the growing threat of taxpayer identity theft, the IRS created the Identity Protection (IP) Personal Identification Number (PIN) program, a six-digit number issued by the IRS to confirmed victims of identity theft. Once an IP PIN has been issued, it must be included when filing tax returns or the application will be rejected. Given that the IP PIN was a tool meant to help taxpayers, we were distressed to learn that the IRS was forced to suspend the program due to security failures related to online retrieval of IP PINs.[1] 

In March, the IRS admitted that more than 130,000 IP PIN accounts could have been compromised and in that same release, the IRS also stated that it has stopped 800 fraudulent returns connected. This is a step in the right direction, but clearly more needs to be done to protect the more than 130,000 tax accounts that may be at risk.

The IRS response to this predatory problem should not just include reactive programs, initiatives designed to help taxpayers already victims of tax refund fraud, but the IRS should also consider proactive measures to protect all tax filers before tax identity theft occurs. The rising total of data breaches, increasing the availably of personal information to individuals with criminal intent, necessitates the need for the IRS to create effective programs to preemptively stop tax identity theft.

Taxpayer identity theft is a growing problem for the IRS. According to a 2014 Government Accountability Office report, the IRS paid out $5.8 billion in fraudulent tax returns due to taxpayer identity theft in the 2013 tax year. As of September 30, 2015, the IRS handled over 600,000 tax identity theft cases, a 150% increase since 2014.

To combat this problem, the IRS must make certain that taxpayer information and refunds are kept secure against the growing threat of taxpayer identity theft. To that end, we request the IRS respond to our questions regarding their efforts to tackle this damaging practice:

  1. What extra scrutiny is the IRS giving to the returns of the 130,000 impacted taxpayers to stop the processing of fraudulent tax returns?
  2. What assistance is the IRS providing to taxpayers whose information has been compromised?
  3. According to Treasury Inspector General for Tax Administration, IP PIN applications relied on single-factor authentication, leaving taxpayer information vulnerable to cyber criminals. Is the IRS considering implementing a stronger authentication process? If so, what type of stronger identification process is the IRS considering? If not, why not? 
  4. In addition to authentication, is the IRS considering modifications to the IP PIN program specifically to secure sensitive personal information and fight taxpayer identity theft? If so, what modifications are being considered? If not, why not?
  5. Is the IRS considering other measures to ensure unscrupulous individuals do not access, or are able to obtain, taxpayer information in order to cheat the taxpayer and the tax system? 
  6. What steps is the IRS taking to proactively fight taxpayer identity theft generally so that taxpayers do not lose their refunds to fraudulent filers?

We appreciate your attention to this issue and hope you will address deficiencies in protecting consumers by issuing the strongest security measures to safeguard taxpayer information and taxpayer dollars.