The Taxpayer First Act making its way through Congress includes an identity theft bill that would require the IRS to act when someone makes unauthorized use of an individual’s identity. Broadly speaking, the bill would affect:
- individual taxpayers,
- disclosure safeguards and penalties, and
- internal IRS organization.
Overall, the IRS identity theft bill requires the IRS to work with public and private sectors to try to protect taxpayers from identity theft refund fraud.
Taxpayer First Act Modernizes, Restructures IRS
The House passed the Taxpayer First Act of 2019 (HR 1957) on April 9 by voice vote. The House bill would modernize and substantially restructure the IRS for the first time in more than 20 years. In addition to the identity theft provisions, the IRS reform act would:
- establish an independent IRS Office of Appeals,
- modify investigation, enforcement and collection procedures, and
- modernize IRS structure.
The House bill must pass the Senate and be signed by the president to become law.
Taxpayer First Act Would Add Individual Protections
The IRS identity theft bill would allow an individual to ask for an Identity Protection Personal Identification Number, and require the IRS to notify individuals of identity theft.
IPPINs Would Help Verify Identity
The IRS would have to establish a program to issue Identity Protection Personal Identification Numbers (IPPINs) to individual taxpayers who request them. The IRS could use an IPPIN with the individual’s taxpayer identification number (usually the social security number) to help verify identity.
The IRS could roll out the program on a state-by-state basis, but it would have to expand the program each year. It would have to make IPPINs available nationwide within five years.
IRS Would Notify Victims of Identity Theft
New IRC §7529 would require the IRS to notify an individual if it determines that there has been any unauthorized use of that person’s identity. As soon as practicable, the IRS would have to:
- notify the victim that there was an unauthorized use of his or her identity;
- explain how to report it to law enforcement, and how to let law enforcement access personal information during the investigation;
- provide information about how the victim can protect him- or herself from harm resulting from the unauthorized use;
- offer identity protection measures, such as an IPPIN; and
- tell the victim if the use was investigated and, if so, what the results were.
IRS Would Look for Employment-Related Identity Theft
These notification rules would also apply to the unauthorized use of an individual’s identity to obtain employment—as, for instance, when a worker uses someone else’s social security number. The IRS would have to review information from employer statements and information returns, such as W-2s and Forms 1099, that indicate a mismatch between the social security number and the name provided.
Taxpayer First Act Adds Disclosure Safeguards and Penalties
The identity theft provisions of the Taxpayer First Act enhance some penalties and provide new disclosure safeguards.
Disclosure Penalties Would Increase for Return Preparers
The identity theft provisions in the Taxpayer First Act would enhance the IRC §6713 penalty for a return preparer’s unauthorized disclosure of return information that is used in connection with any crime related to identity theft. These penalties would apply even if the crime does not involve tax filings.
- The penalty for each unauthorized disclosure would increase from $250 to $1,000.
- The cap on the total penalty would increase from $10,000 to $50,000.
- The $50,000 cap on the total penalty would apply separately from the $10,000 cap on the maximum penalty for other disclosures.
In addition, the maximum criminal penalty for a preparer’s knowing or reckless disclosure would increase from $1,000 to $100,000.
IRS Would Protect Victims from Underreporting Penalties
In determining any penalty for underreported income, the IRS would have to establish procedures to ensure it did not take into account any income reported in connection with the unauthorized use of the taxpayer’s identity.
New Disclosure Safeguards for Contractors and Agencies
After 2022, contractors and federal, state and local agencies could not receive returns or return information from the IRS unless they provide safeguards to protect confidentiality. The agency would also have to agree to conduct an on-site review of each contractor or agent at least every three years, and certify compliance with the safeguards.
Taxpayer First Act Makes Internal IRS Changes
Finally, the identity theft provisions in the Taxpayer First Act include several changes to internal IRS structures and functions.
Victims Would Have Single Point of IRS Contact
The IRS would have to ensure that any taxpayer whose return is delayed or otherwise adversely affected by tax-related identity theft would have a single point of contact at the agency. This single point of contact would:
- track the taxpayer’s case, and
- coordinate with other IRS employees to resolve issues as quickly as possible.
The single point of contact would be a team or a subset of specially trained employees who could work across IRS functions to resolve issues, and be accountable for handling the taxpayer’s case until it is resolved. Of course, the individual employees on the team could change, as long as the IRS has procedures to ensure continuity of records and case history, and to notify the taxpayer as appropriate.
New IRS Guidelines for Managing Stolen Identity Refund Fraud Cases
Within one year after passage of the Taxpayer First Act, the IRS would have to develop and implement guidelines for managing cases involving stolen identity refund fraud and reducing the victim’s administrative burdens. These guidelines could include standards for:
- the average length of time to resolve a case,
- the maximum average length of time a victim should wait for the refund,
- the maximum number of IRS offices and employees a victim should have to work with,
- opening, assigning, reassigning or closing a case, and
- implementing end evaluating these rules.
IRS Would Study Ways to Prevent Identity Theft Refund Fraud
The IRS’s Electronic Tax Administration Advisory Committee would have to study and make recommendations for methods to prevent identity theft and refund fraud.
Finally, the IRS would be authorized to participate in an information sharing and analysis center (ISAC) to centralize, standardize, and enhance data compilation and analysis to facilitate sharing data and information with respect to identity theft tax refund fraud. The IRS would be able to share specified return information with ISAC participants who sign nondisclosure agreements.
By Kelley Wolf, JD, LLM