In the wake of an online attack that bilked the Internal Revenue Service out of at least $39 million in fraudulent refunds, the agency has announced it is teaming up with tax-preparation firms and state officials to fight identity theft and fraud.
As part of what it called a “sweeping new collaborative effort,” the IRS said it will require more rigorous authentication before it releases information and refunds and will broaden efforts to identify patterns of fraud.
Major system and process changes will be made this summer and fall, well in advance of the 2016 filing season.
“This agreement represents a new era of cooperation and collaboration among the IRS, states and the electronic tax industry that will help combat identity theft and protect taxpayers against tax refund fraud,” IRS commissioner John Koskinen said in a news release, predicting that taxpayers should have “a safer and more secure experience” next filing season.
“We want to build these changes into the DNA of the entire tax system to make it safer,” he said.
Koskinen had convened a Security Summit in March with the CEOs and leaders of private-sector firms and federal and state tax administrators to discuss emerging cybersecurity threats and expand existing collaborative efforts to stop fraud.
Earlier this month, the commissioner disclosed that criminals who hacked their way into 104,000 taxpayer accounts at the IRS may have fooled the agency into paying out up to $39 million in fraudulent refunds. The hackers gained access to the accounts through an online service called Get Transcript, where filers can get tax returns and other filings from previous years.
As part of the beefed-up security measure, The New York Times reports, returns filed electronically will be crosschecked with Internet addresses and computer devices, and will be scanned for mechanized fraud by checking the time it takes to complete a return.
The IRS will also provide monthly, anonymous data reports to the tax-preparation industry summarizing the latest tactics used by criminals.
The new uniform rules requiring all industry players to report suspicious activity “will be instrumental in helping to protect and serve legitimate taxpayers and safeguard their privacy,” said Brad Smith, chief executive of software company Intuit, which makes TurboTax.