The IRS has made big strides in cracking down on taxpayer identity theft, but the agency’s auditor told Congress on Wednesday that hackers and fraudsters remain the greatest risk to the agency’s operations.
“There is still a major concern about the ability of the IRS to authenticate who it is that they’re dealing with as it relates to tax information,” said J. Russell George, the Treasury Department’s inspector general for tax administration.
The IRS announced this week that it has cut instances of reported individual identity theft by about two-thirds in the past two years, down to 107,000 cases so far in 2017.
At the same time, though, the agency has reported an increase in identity theft tied to business-related tax returns, reporting 10,000 through June 1 compared to 4,000 for all of 2016 and 350 for all of 2015.
Identity thieves constantly change their tactics, and the IRS has to be vigilant, Mr. George told a Senate Appropriations subcommittee.
It’s the latest warning for the embattled tax agency, which saw a massive breach two years ago, when hackers managed to get complete tax records of hundreds of thousands of Americans.
SEE ALSO: IRS approves tea party application process
IRS Commissioner John Koskinen said the agency has lost funding and personnel since 2010, and said in written testimony to the panel he’s concerned that the “continued erosion” of the agency workforce will threaten its effectiveness.
“It’s especially difficult to identify any tax return as fraudulent when criminals are using information stolen from tax preparers,” Mr. Koskinen said.
Treasury Secretary Steven Mnuchin suggested that a simpler system and more electronic processes could help with the strain on the agency’s resources.
“How do we use technology more effectively as opposed to having to use call centers? How can we communicate with the taxpayers electronically?” he said to lawmakers.
But Mr. George said that even with new steps toward electronic authorization methods, criminals can always adapted to exploit the system’s weaknesses.
“Even prior to that, if an individual, because they either rumbled through somebody’s garbage, or was able to convince someone in a different forum completely to provide name, social security number, date of birth, they, in the past, have had the ability to gain information from the IRS or engage in transactions that they should not have, or they should not be able to,” he said.
Safeguarding taxpayer information from potential identity thieves has long been a conundrum for the agency.
A separate report released Wednesday by the Government Accountability Office found that despite some improvements, the IRS was still falling short in its information security, “exposing financial and sensitive taxpayer information to unnecessary risk of unauthorized access, use, disclosure, and modification.”
The GAO outlined nearly 100 recommended actions for the IRS to take to improve things, and the agency said it would review them.
• David Sherfinski can be reached at dsherfinski@washingtontimes.com.
Please read our comment policy before commenting.