Thu, Feb 7, 2013

Just in Time for Tax Season, Tax-related Identity Theft Is Once Again in the Spotlight

National Taxpayer Advocate (NTA) Nina Olson delivered her annual report to Congress last month and, for the sixth time since 2004, identity theft has been included as a Most Serious Problem. As might be expected, the problem has only grown worse, but the surprise is just how bad it’s gotten: The Taxpayer Advocate Service (TAS) says its case receipts have increased more than 650 percent from 2008 to 2012. The IRS itself saw a 78 percent increase in identity theft cases last year alone.

The NTA cites several actions to tackle this problem, including the need to establish a centralized single point of contact for identity theft victims instead of the current labyrinth of 21 specialized units. Another issue is the average length of time it takes to resolve identity theft victim’s cases. The IRS did not track this statistic prior to 2012; however, according to the NTA, victims will wait on average six months or more to receive a refund or to have their issues resolved. Kroll Advisory’s own investigators note that, of the tax-related identity theft victims they’ve worked with recently, the time it takes to receive a refund is typically closer to nine months.

The report also states that as of September 2012, the IRS maintains more than 650,000 unresolved cases of identity theft. This hefty number of standing cases is just another indicator of how tax-related identity theft has exploded in the past few years. Organizations that suffer a data breach often feel this pain too, from the increasing likelihood that their breach population includes pre-existing identity theft victims. The fact that the events are likely not related will be of little importance to those who determine their status as identity theft victims during a breach event, creating further dissatisfaction and tension amongst constituents.

The TAS recommendations include utilizing the Identity Protection Specialized Unit (IPSU) as a single point of contact for the taxpayer, rather than having to work with multiple units. Additionally, sufficient staffing to handle the ever-growing population of identity theft victims this is also tied to several recommendations to improve the service levels and management functions of the IPSU and other IRS agencies that provide identity theft services.

Kroll’s investigators have assisted countless members with tax-related identity theft issues last year, the most common tax-related complaint from members was that they could not file a return electronically because a Social Security Number (SSN) listed on the return had already been received by the IRS on another return. There is a clear need for expanded efforts at the federal level to deal with the problem, and for individual taxpayers, it is important to adopt a heightened awareness of this risk and know what steps you must take should you become a victim.

By Kroll Editorial Team

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.