Perfect timing, as I’ve been thinking about this a lot. Unfortunately, they don’t seem to have many answers.
What the GAO found (from their summary):
Understanding the extent and nature of identity theft-related refund fraud is important to crafting a response to it, but Internal Revenue Service (IRS) managers recognize that they do not have a complete picture. Program officials said that one of the challenges they face in combating this type of fraud is its changing nature and how it is concealed. While perfect knowledge about cases and who is committing the crime will never be attained, the better IRS understands the problem, the better it can respond and the better Congress can oversee IRS’s efforts. IRS officials described several areas where the extent and nature of identity theft is unknown.
- Total number and cost of fraudulent returns. IRS does not know the full extent of the occurrence of identity theft. Officials said that they count the refund fraud cases that IRS identifies but that they do not estimate the number of identity theft cases that go undetected.
- Identity of the thieves. Unless IRS pursues a criminal investigation, IRS generally does not know the real identity of the thieves.
- Whether a fraudulent return is an individual attempt or part of a broader scheme. Identifying new schemes or significant cases, such as one thief using numerous taxpayer identities, depends on analysts noticing patterns or other indications that a few cases may be part of a larger scheme. As a result, some schemes or cases involving multiple taxpayers may go undetected.
- Characteristics of known identity theft returns. IRS officials told us that the agency does not systematically track characteristics of known identity theft returns, including the type of return preparation (e.g., paid preparer or software), whether the return is filed electronically or on paper, or how the individual claimed a refund (e.g., check, direct deposit, or debit card).
Add to the list of questions they can’t answer: how are the criminals obtaining the identity information used for these purposes? We know guess there are many sources: buying information from online fora, low-tech mail theft, insider breaches, hacking, phishing, etc. But what percent are from insider breaches, and which sector seems most vulnerable to this problem? My bet would be financial and medical, but are there any data?
Full report (GAO-13-132TNovember 29, 2012)
I wonder how old the main frames are at the IRS. I wonder how much processing power they actually have – and are there people still alive that may be able to query information from these mainframes.
I seen a DRAGNET show a LONG tme ago, which was all about fraud. They went to the computer geeks in the local IRS building and were able to track down the fraudsters by running different queries. I think some were like, a taxpayer receiving a refund after they died. A taxpayer receiving a refund more than once a year and a taxpayer receiving a refund at more than one location.
I am sure there are “holes” in fraudulent returns, since as w-2 statements, and maybe the full names and SSNs of ALL dependents.
Being a newtork person, they way analysts are looking at this seems to be kind of a narrow view. If they want to catch and thwart all of this, they need to take what evidence they have and work backwards. I am sure there is a common thread of action, but finding that thread may lead them to the root of the issue.
Another way out is the use of a username and password + PIN to file. What would it take for the IRS to simply put in the US mail, a username/password/pin combo for people who wish to file electronically. It would be a one-time password and then be useless. If people required to refile or amend a tax year, they would have to request a new username/password/pin combo . Odds that this would be a pure burden is very slim. It would cut down on fraud immensely becuase requests via telephone or via computer can be tracked.
These username and password + PIN combos also add a layer of security. If a combo is mailed out, and then it is used, it more than likely proves that the return came from a legit source. The Address it was mailed to was correct, and the security info used should match what was sent.
I am sure there are may other ways to cut down on fraud. You can either bear the dollar numbers in debt and fraud or you can educate the public and apease some of the old school people who shun change – but in order to get a return, follow the rules.
Problem with all this is that agencies…. not only agencies that protect our national security – but ones that protect our financial foundation – don’t – or cannot effectively communicate with each other. The crooks know this and use that against the goverment each and every day.
Heck, I seen a 60 minutes show a few years ago where a woman had 3-4 seperate welfare accounts. I think she was located close to the border on a few states, and would simply travel from area to area when needed. When people are able to do that without much thought or effort, think of the ramifications when some one that is smart, cunning and applies this to many accounts.
RONCO for President. There has to be a better way.