IRS under fire for making taxpayer identity fraud a low priority

Rep. Charles Boustany, R-La. Rep. Charles Boustany, R-La. Harry Hamburg/AP

Internal Revenue Service managers “created an environment which discourages employees from detecting fraudulent applications” for taxpayer identification numbers, risking billions of dollars in improper tax refunds, auditors said.

None of the IRS’ subdivisions made detecting fraud a priority because doing so would eliminate some applications and maintaining a large inventory of applications provides job security, according to the Treasury Inspector General for Tax Administration.

The report prompted Rep. Charles Boustany Jr., R-La., chairman of the Ways and Means Subcommittee on Oversight, to write a letter to IRS Commissioner Doug Shulman demanding he identify which IRS manager made the decision to deemphasize the significance of errors in applications for taxpayer identification numbers. Boustany complained that “beyond training and employee incentives, IRS management has chosen to shut down processes and practices with proven success in identifying fraudulent [identification number] applications.”

Since 1996, the IRS has allowed taxpayers who are not eligible for Social Security to apply for a taxpayer identification number. In tax processing year 2011, the IRS handled more than 2.9 million such applications and made tax refunds of $6.8 billion.

In response to complaints from an unnamed U.S. senator and House member who heard from two internal whistleblowers, TIGTA reviewed the agency’s procedures for detecting fraud in ITIN applications. It concluded that IRS management has not established “adequate internal controls to detect and prevent the assignment of an ITIN to individuals submitting questionable applications” involving identity and foreign status, noted the report, dated June 16 but released Wednesday.

Interviews with IRS staff revealed that managers had “eliminated successful processes used to identify questionable ITIN application fraud patterns and schemes.” IRS management indicated that no function, including criminal investigation and the Accounts Management Taxpayer Assurance Program, “is interested in dealing with ITIN application fraud,” the auditors said.

Boustany’s letter underlined the IG’s examples of suspicious details in identification number applications: 154 mailing addresses were used 1,000 or more times; 10 individual addresses were used for filing 53,994 tax returns, resulting in the processing of $86.4 million in fraudulent refunds; 10 bank accounts received 23,560 tax refunds totaling more than $16 million; and a Michigan address where the IRS had previously rejected an ITIN application  went on to receive 640 separate refunds totaling $1.5 million.

“This report is shocking,” Boustany said in a statement. “It’s one thing if the IRS tries to catch fraud and fails, but it’s quite another when management apparently takes steps to weaken program integrity.”

IRS managers said they had investigated the schemes described in the report and taken some action. Of nine recommendations TIGTA made for creating new controls, the IRS, after reviewing a draft, agreed with seven and made plans for changes. The other two are still under consideration.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.