The Growing Crime of Tax Identity Theft
by Maxine Aaronson
Tax identity theft is exploding. In fiscal 2012 alone, the IRS estimates receipt of over one million fraudulent tax returns. While some were caught before processing—the IRS reported intercepting over 260,000 false tax returns, claiming refunds of almost $1.3 billion in the 2011 filing season—it is clear that the majority of fraudulent returns are not caught before the refunds go out. The Taxpayer Advocate Service (TAS) reports that its tax ID theft case inventory grew by over 650 percent between 2008 and 2012. Tax ID theft cases now constitute one quarter of all of open cases at the Taxpayer Advocate Service.
The typical individual identity theft case is uncovered when a taxpayer’s return is rejected because a fraudulent return has already been filed and refund sent for that social security number. Victims of this crime should go to the IRS’s identity fraud web page (www.irs.gov/uac/Identity-Protection), retrieve IRS Form 14039 (Identity Fraud Affidavit), and complete and file that form as instructed. Victims can also contact the local TAS office at 1114 Commerce Street, MC1005DAL, Dallas, TX 75242 or by calling TAS at (214) 413-6500. When a report is made, the IRS issues the victim a special PIN that must be used when filing their tax returns to differentiate the real taxpayer from the imposter. Because of the PIN requirement, victims cannot file returns electronically—all subsequent returns will have to be paper returns.
Upon receipt of Form 14039 or a TAS contact, the IRS will begin its investigation into the matter. Based on anecdotal evidence from across the country, victimized taxpayers can expect the investigative process to take 6-12 months to fully resolve. Notably, taxpayers will not get their tax refund until the matter is resolved. Unfortunately, this can create hardships for lower income taxpayers who often rely on tax refunds to pay for big ticket items.
Business tax identity theft is more insidious and more difficult to address. While there are cases of false business tax returns claiming refunds, Employer Identification Number (EIN) theft is more often a component of another crime. For example, a criminal who files a false individual tax return often fabricates a fake Form W-2, using a real company and its real EIN as the employer, showing tax allegedly withheld.
Because the IRS does not receive W-2 information from Social Security until many months after information returns are filed, they cannot check the fake W-2 against the real information filed by the employer in real time. About two years later, the IRS Combined Annual Wage Reporting (CAWR) program will compare the total of all the employer’s W-2s that were submitted with Forms 1040 to the totals on the employer’s payroll tax returns. If the amounts do not match, the IRS sends a notice to the employer seeking an explanation and proposing additional tax and penalties. These CAWR notices contain only aggregate amounts and do not include an itemized list of the W-2s that were purportedly matched. As a practical matter, this makes it almost impossible for most employers to determine what the error is. Most companies simply pay the IRS bill using a cost to benefit rationale. When that happens, the business becomes a fraud victim because they suffer the loss.
Another EIN scam involves the hijacking of defaulted entities. A criminal reinstates the company at the Secretary of State, changing the registered agent and mailing addresses. Often the entity’s EIN number is readily available from public sources. If not, an Internet black market for stolen tax ID numbers exists. Once the credit reporting agencies pick up the address change, the criminal is able to take out loans and open credit lines in the entity’s name using its prior credit history. They may also open merchant credit card processing accounts in the hijacked business’ name. The scale can be enormous. Over a four year period, one group of criminals established over 100 credit card processing accounts, ran over 1.3 million small transactions on stolen credit card numbers and netted $9.5 million of illicit gain before being caught and prosecuted. Interestingly, only about six percent of the charges had been disputed by the card holders.
Lawyers should advise clients to watch out for these problems. If possible, entities should be formally dissolved, not just forfeited at the Secretary of State. Colorado’s Secretary of State has an excellent guide to preventing business ID theft on its website, and www.businessidtheft.org is another eye-opening resource. Both are recommended reading for lawyers and clients alike.
Maxine Aaronson, a solo practitioner, is Board Certified in Tax Law. She can be reached at email@example.com.