TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

Office of Audit

The Number of Employment-Related Identity Theft Victims Is Significantly Greater Than Identified

Final Report Issued on June 20, 2017

Highlights

Highlights of Reference Number:  2017-40-031 to the Internal Revenue Service Commissioner for the Wage and Investment Division.

IMPACT ON TAXPAYERS

Employment-related identity theft (hereafter referred to as employment identity theft) occurs when an identity thief uses another person’s identity to gain employment.  Taxpayers may first realize they are a victim when they receive an IRS notice of a discrepancy in the income they reported on their tax return.  Each year, the IRS receives about 2.4 million tax returns filed using an Individual Taxpayer Identification Number (ITIN) with reported wages, an indicator of potential identity theft.

WHY TIGTA DID THE AUDIT

This audit was initiated to evaluate the IRS’s processes to identify and assist victims of employment identity theft.  This includes placing an identity theft marker on victims’ tax accounts and notifying the Social Security Administration to ensure that individuals’ Social Security benefits are not affected by the crime.

WHAT TIGTA FOUND

TIGTA identified that IRS processes are not sufficient to identify all employment identity theft victims.  For example, 497,248 victims, who did not have a tax account in Processing Year 2015, were not identified even though identity thieves electronically filed tax returns with evidence that they used the victims’ Social Security Numbers (SSN) to gain employment.  For another 60,823 victims, who have a tax account, the IRS did not update their account with an employment identity theft marker.

In addition, IRS processes do not identify employment identity theft when processing paper tax returns.  TIGTA reviewed a statistically valid sample of 292 paper tax returns filed in Processing Year 2015 by individuals with an ITIN.  These tax return filers reported wages on 150 (51.4 percent) of the returns and attached a Form W-2, Wage and Income Statement, indicating they used someone’s SSN to gain employment.  As a result, TIGTA projects that the IRS did not identify 272,416 victims of employment identity theft for the 685,737 paper tax returns filed by ITIN holders reporting wages in Processing Year 2015.

TIGTA also identified that the IRS does not have processes to identify employment identity theft in the IRS’s Form W-2 perfection processes or to notify the Social Security Administration of the crime when both the victim’s name and SSN are used by an ITIN holder.

WHAT TIGTA RECOMMENDED

TIGTA recommended that the IRS 1) develop a process to notify the parents and legal guardians of dependents whose SSNs were misused; 2) correct programming to ensure that the identity theft marker is placed on all victims’ accounts for ITIN/SSN mismatches on electronically filed tax returns; 3) place the identity theft marker on the accounts of the 60,823 victims; 4) require ITIN paper tax return filers to attach Forms W-2 to their tax return; 5) develop procedures to identify employment identity theft on paper ITIN returns and add the identity theft marker on valid SSN owners’ tax accounts; 6) ensure that the identity theft marker is placed on taxpayers’ accounts when the Taxpayer Identification Number Perfection unit determines an ITIN holder, rather than the taxpayer, earned the income on Forms W-2; and 7) develop a process to notify the Social Security Administration when ITIN/SSN mismatches involve an ITIN holder using a victim’s SSN and full or partial name to commit employment identity theft.

IRS management did not agree with five of the recommendations.  As a result, actions are not being taken to assist 548,968 victims of employment identity theft.

READ THE FULL REPORT

To view the report, including the scope, methodology, and full IRS response, go to:

http://www.treasury.gov/tigta/auditreports/2017reports/201740031fr.pdf.