No government or corporation has invented a fail-safe method for preventing identify theft. But the Internal Revenue Service—which has been under fire for allowing theft of taxpayer data—views itself as having a decent batting average in preventing fraudulent tax refunds claimed by criminals using other taxpayers’ personal information.
At a Senate Finance Committee hearing on Tuesday, Comptroller General Gene Dodaro credited the IRS with improving its tools to prevent illicit access to its databases and updated the latest numbers on the impact of identity theft.
As this chart from the Government Accountability Office shows, the IRS estimates it paid $3.1 billion in fraudulent refunds in the 2014 filing season, while preventing $22.5 billion (precise estimates are difficult, GAO noted).
GAO faulted the tax agency, however, for not full implementing some 49 past recommendations to boost information technology security, and offered 45 new ones, including suggestions on assessing costs, benefits and risks of different taxpayer sign-on authentication options.
Internal Revenue Commissioner John Koskinen told the same panel that the agency is making progress in using $16.1 million to target identity theft. “The IRS takes protection of taxpayer data very seriously, and with that in mind, we must constantly strike a balance between citizen convenience and strong authentication and security protocols in an ever-changing cybercrime environment,” he testified. Recent incidents “also illustrate a wider truth about identity theft in general, which is that there are no perfect systems.”