GAO Releases Report on IRS Cybersecurity Oversight The Government Accountability Office (GAO) released a report, produced for the IRS, regarding safety concerns over third-party tools used to file taxes, as well as a series of recommendations. It is estimated that 90% of people use commercial software, like TurboTax, free file options like CreditKarma, or paid preparers to file their taxes. In the event of a cybersecurity event involving any of these platforms (or tax and accounting professionals) an individual's personal information could be accessed and stolen. In the report highlights, the GAO summarizes the concern: "IRS seeks to help safeguard electronic tax return filing for various types of third-party providers through requirements under its Authorized e-file Provider program. However, IRS's efforts do not provide assurance that taxpayers' information is being adequately protected." Federal law requires that the IRS protect the integrity and confidentiality of a taxpayer's information within its databases. However, the IRS does not currently have a consistent set of security requirements for software, preparer, or online, return preparation, that requires the same protections. GAO's report, Taxpayer Information: IRS Needs to Improve Oversight of Third-Party Cybersecurity Practices addresses the issue in greater depth and proposes steps that the IRS … Read More
Are you interested in getting more involved with the internal processes of the IRS? The Internal Revenue Service is seeking qualified applicants for nomination to the Electronic Tax Administration Advisory Committee (ETAAC). Applications will be accepted through May 29, 2019. The ETAAC provides an organized public forum for discussion of issues in electronic tax administration, such as prevention of identity theft and refund fraud. ETAAC supports the overriding goal that paperless filing is the preferred and most convenient method of filing tax and information returns. ETAAC members work closely with the Security Summit, a joint effort of the IRS, state tax administrators and the tax industry to fight electronic fraud. The IRS is looking for up to 10 qualified individuals who will serve three-year terms beginning in September 2019. Applicants should have experience in such areas as state tax administration, cybersecurity and information security, tax software development, tax preparation, payroll and tax financial product processing, systems management and improvement and implementation of customer service initiatives. The IRS also encourages representatives from consumer groups with an interest in tax issues to apply. Nominations of qualified individuals may be made by letter and received from organizations or the individuals themselves. Applicants should … Read More
The IRS and its partners in the Security Summit have succeeded in reducing reports of identity theft by 71% in the last three years. Between 2015 and 2018, the number of filed identity theft affidavits fell to 199,000 reports in 2018 from 677,000 in 2015, the IRS said in an April 8th news release, IR-2019-66. During that same period, the IRS protected a combined $24 billion in fraudulent refunds, with financial industry partnerships recovering an additional $1.4 billion. “At a time when many in the private sector continue to struggle with these issues, the tax community has made major progress working together to stop identity theft and refund fraud,” IRS Commissioner Charles Rettig said in the news release. NSTP members should note that the IRS has identified two areas of concern moving forward: data theft from tax professionals, and business identity theft. The theft of business identity information is used to file fraudulent business returns, where the requested refunds are significantly larger than fraudulent individual returns. According to the IRS news release, the number of businesses reporting they were victims of tax-related identity theft increased by 10% in 2018.
Tax-related identity theft occurs when a thief uses someone’s stolen Social Security number to file a tax return and claim a fraudulent refund. The victim may be unaware that this has happened until they e-file their return. Even before the victim files their return, the IRS may send the taxpayer a letter saying the agency identified a suspicious return using the stolen SSN. Here are some things people should know about identity theft, including warning signs and steps to take after identity theft occurs. Warning signs that a theft occurs Taxpayers should be alert to possible tax-related identity theft if they are contacted by the IRS or their tax preparer about: More than one tax return being filed using the taxpayer’s SSN. Additional tax owed. A refund offset. Collection actions taken against the taxpayer for a year when they did not file a tax return. IRS records indicating they received wages or other income from an employer for whom the taxpayer did not work. Taxpayers who suspect they are a victim of ID theft should continue to pay their taxes and file their tax return, even if they must do so on paper. Steps to take if someone becomes a … Read More
To protect their offices and clients, many tax preparers hire a cybersecurity professional. Every tax business is unique, so preparers should discuss their specific concerns with someone they hire. This will help safeguard both the preparer’s business and their clients’ data. Here are some things preparers should do when selecting a cybersecurity professional: Ask for recommendations Preparers can talk to other business owners or professionals for recommendations and references. Be selective Ultimately a preparer or business owner will need to select the person they trust most. They should choose someone with whom they feel comfortable discussing the safety and security of their business and clients. Do interviews Preparers should ask questions of the candidates to learn just how much experience they have in data protection. Here are some preliminary examples of questions preparers can ask to get the ball rolling: How does ransomware work and what can we do to protect our systems? What are the best options to securely back-up data and why are those options the best? Do you have suggestions regarding data encryption, malware, firewalls, disaster recovery, and remote access tools? Have you ever created a security plan for a similar business? Can you do an assessment … Read More
The Internal Revenue Service is warning the public about a new phone scam. A twist on the IRS impersonation phone scam, criminals fake calls from the Taxpayer Advocate Service (TAS), an independent organization within the IRS. Similar to other IRS impersonation scams, thieves make unsolicited phone calls to their intended victims fraudulently claiming to be from the IRS. In this most recent scam variation, callers “spoof” the telephone number of the IRS Taxpayer Advocate Service office in Houston or Brooklyn. Calls may be ‘robo-calls’ that request a call back. Once the taxpayer returns the call, the con artist requests personal information, including Social Security number or individual taxpayer identification number (ITIN). TAS can help protect your taxpayer rights. TAS can help if you need assistance resolving an IRS problem, if your problem is causing financial difficulty, or if you believe an IRS system or procedure isn’t working as it should. TAS does not initiate calls to taxpayers “out of the blue.” Typically, a taxpayer would contact TAS for help first, and only then would TAS reach out to the taxpayer. In other variations of the IRS impersonation phone scam, fraudsters demand immediate payment of taxes by a prepaid debit card … Read More