Audio
Video
It’s Tax Time – Has Your Refund Already Been Stolen?
Posted
by
on Jan 31, 2012 in Business, Help, Life & Style, Politics, Technology | Comments Off | 307 views 
The next wave of identity theft crimes will be perpetrated through the institution that has the deepest pockets, weakest controls and lowest rate of criminal conviction: Internal Revenue Service.
It is a confluence of factors that has led to a meteoric increase – 1700% in the last four years – in tax-related identity theft incidents; however, this crime can be substantially reduced with effective IRS management and leadership.
A new report by the Government Accountability Report (Financial Audit, IRS’s Fiscal Years 2011 and 2010 Financial Statements, November 2011) indicates sensitive taxpayer information is not appropriately safeguarded, “During fiscal year 2011, IRS continued to have material weakness in internal control over information security.”
Imagine an unguarded and unlocked Fort Knox, and it does not present a fraction of the risk of an insecure IRS.
The IRS is responsible for $2.33 Trillion in yearly tax collections (FY 2009), which represents the entire income stream of the U.S. federal government. A major disruption in this stream is a threat to our economy and national security. The GAO report is the latest of many warning signs that signal a major disruption is not only possible, but it is a clear and present danger.
The ingrained security risks of the IRS are so extensive that is unconscionable for society to allow them to persist. Consider the following:
- 1700% increase in identity theft incidents in the last four years
- $1.25 Billion in fraudulent tax returns with stolen identities of the deceased
- A non complex identity theft refund case takes 12 to 18 months to resolve
- The average identity theft tax refund case is $3,400, which is often too low to merit prosecution
- When a tax payer’s information is compromised, they do not receive information about the case due to the criminal’s rights to privacy
This system is so fundamentally flawed and mismanaged that it is as if they sent out personalized invitations along with insider theft instructions to every crook in the world. Add the Social Security Administration’s Death Master File that makes publicly available the full name, date of birth and Social Security Number of the deceased, and you have all the chapters of Tax Fraud for Dummies.
Tax fraud identity theft is rapidly becoming the crime du jour even for street gangs. The Federal Bureau of Investigation 2011 Gang Threat Assessment indicates that gangs, such as the Blood and Crips, are engaging in identity theft “primarily due to the high profitability and much lower visibility and risk of detection and punishment than drug and weapons trafficking.”
With little personal information and ten minutes to file a simple return, a thief can earn tens of thousands of dollars. Police recently busted what identity thieves call “make it rain” parties, where criminals get together in a hotel room with Internet access and file fake return after fake return.
The problems and risks of the IRS system are large snowballs rolling down hill about to combine into an uncontrollable avalanche; however, we still have a small window of opportunity to take corrective actions and avert this disaster.
The solution is two-fold: 1) safeguard sensitive taxpayer information, and 2) develop and implement sound identity validation processes.
With the sensational data breaches of 2011, it is mystifying that the IRS has such weak data security controls. Inexcusable examples of these deficiencies are contained in the GAO report, “IRS continued to use unencrypted protocols for network devices and transfer of sensitive data. Also, certain database security controls were not yet in place for systems such as IFS and EFPPS.”
The IRS has failed at basic data security, and hence demonstrated a gross inability to adequately safeguard our information. As such, it is necessary to establish a special independent task force to analyze, revamp and secure the IRS’s systems.
In mid-2011, the IRS began issuing Identity Protection Personal Identification Numbers (IP PINs) to taxpayers that have been previously victims of identity theft. If the goal is to prevent identity theft, then why is it necessary to already be a victim?
Imagine if ADT only allowed an alarm system after your home was burglarized? Absurd.
If the IRS cannot develop a sound identity validation program, then minimally it must allow taxpayers to participate in the existing victim prevention program. In the current system, the best prevention tactic for taxpayers is to file before the criminals.
Identity theft is American’s top-ranked crime concern (Gallup), and this is only the infancy stage. We must demand our institutions address this crime and minimally afford us the opportunity to protect ourselves. This is bigger than any individual – it is now a matter of national security.
Originally posted: http://www.theidchannel.com/index.php?option=com_blog&task=detail&id=50
