Payroll professionals need to become more involved in the prevention of identity theft and tax fraud as part of a collaborative and wide-ranging effort led by the IRS, a report to Congress said June 19.
The annual report by the Electronic Tax Administration Advisory Committee, which assesses the Internal Revenue Service’s progress with electronic tax administration, focused on the prevention of identity theft and refund fraud for the second year in a row. The report also included an evaluation of the multimember Security Summit’s efforts to prevent identity theft.
The committee made 10 recommendations that encompassed three themes to prevent identity theft: strengthening the Security Summit and the Information Sharing and Analysis Center, improving security, and protecting taxpayers.
Identity theft is expected to be a “challenge for some time to come,” the report said. “In fact, nation-states and cybercriminals are becoming more sophisticated and will continue to make it difficult to detect and stop their criminal activities, which will directly impact legitimate taxpayers trying to meet their tax filing obligations.”
Payroll’s Critical Role
A key recommendation was to integrate the payroll community more fully into the Security Summit, the report said. Payroll departments hold information, such as employee Social Security numbers and banking account numbers, that attracts cybercriminals. Payroll professionals also have insights about how to detect and prevent identity theft, the report said. Adding a payroll subgroup to the summit was recommended by the advisory panel.
The Security Summit, which was founded in 2015, helps to provide ways to protect sensitive data and prevent tax fraud. The summit works the IRS and representatives of the software industry, tax-preparation firms, payroll and tax financial product processors, and state tax administrators to fight identity theft and tax fraud.
“The IRS should, in collaboration with Security Summit members, conduct a prompt review of the payroll community and develop a plan for the community’s full integration” into the summit and the nonprofit Information Sharing and Analysis Center “on an accelerated basis,” the report said. The center is a global organization that compiles information on cyberthreats and enables the sharing of reports between public and private sectors.
Employers generally handle two primary payroll functions: filing employment tax returns, and paying employees, which includes income tax withholding and issuing Forms W-2, Wage and Tax Statement. Payroll processing often is carried out by in-house staff members and third-party payroll providers. The complexity of these functions may make it difficult to understand the payroll process, the report said.
The IRS should start the collaborative process by gaining a “clear understanding of the structure of the industry, the roles and functions performed by its different segments and the risk profiles of different business and operational models,” the report said, noting that payroll information may be stored across multiple databases that may be accessed by employers, third-party providers, and employment return compliance contractors.
IRS-sponsored payroll events also should be drawn on to communicate with payroll professionals and seek their observations on identity theft issues, the report said.
The extent of identity theft has been well documented by the Security Summit, which has provided warnings to employers about the growing wave of scams involving identify theft and Forms W-2, mostly through email phishing. Among the latest such scams, emails generally impersonate employees who contact the payroll department asking to change their direct-deposit account and provide information for an account that essentially is controlled by a cybercriminal, the IRS said.
“The wholesale theft of huge volumes of personal information has provided criminals and other bad actors with detailed and accurate taxpayer information,” the advisory committee said in its report. “Our sophisticated adversaries can use this information to create and file returns that look almost identical to those of the legitimate taxpayer. Unfortunately, there is no silver bullet that makes it easy for the IRS to spot these fraudulent returns among the hundreds of millions of legitimate returns.”
94x Series E-Filing Up Slightly
The Electronic Tax Administration Advisory Committee report also released filing statistics on a number of tax forms.
The electronic filing of Forms 940, 941, 943, 944, and 945, a series collectively known as Forms 94x, improved slightly in 2018, up 44.6%, compared with 41.4% in 2017, the report said. By comparison, the electronic filing of Forms 1040, U.S. Individual Income Tax Return, rose to 88.5% from 87.7% of returns filed over the same period.
The 94x series has the second-highest volume of tax returns, but the lowest e-file rate, the report said. The IRS should focus on a two-phase approach to improve the filing rate, it said: improve communications with states and employers about Form 94x electronic filing, and streamline policies and procedures to remove unnecessary barriers to e-filing the forms. The two-phase approach was also recommended in the committee’s 2018 report to Congress.
The 94x filing rate for 2019 was projected to be 47.1%, the report said. The estimate appears to be in line with that made in the previous report, which projected an e-filing rate of 43.6% for 2018, an estimate that was off by a percentage point.
The advisory committee, made up of 18 volunteer members who are appointed by the treasury secretary to three-year terms, represented several segments of the tax and finance sector, including tax preparers, payroll service providers, tax software developers, and employers. State and local governments also were represented.
To contact the reporter on this story:
To contact the editor on this story: Michael Baer in Washington at firstname.lastname@example.org