IRS’s FY 2017 Annual Report Blog #1: The IRS Appropriately Resets Its Criminal Priorities by Evan J. Davis
This is the first in a series of blogs that will analyze the IRS’s Fiscal Year 2017 Annual Report. This blog will focus on the shift away from easy cases in favor of harder cases such as foreign-account and hidden-income cases that most consider the core of IRS criminal enforcement. Later blogs will take a deeper dive into specific focuses of IRS-CI, to better know what’s coming down the pike in the next few years.
When most people think of an IRS criminal investigation, they think of special agents finding hidden income or going after non-filers. But for many years the typical IRS case instead involved low-level criminals who filed dozens or even hundreds of bogus tax returns to get tax refunds. For example, in 2014, about half of the IRS’s investigations involved non-tax (e.g., money laundering) and drug crimes, and of the half that involved tax crimes, a large percentage were false-return cases. The common perception of a run-of-the-mill IRS criminal case didn’t match with reality.
Recognizing that the IRS’s Criminal Investigations has the same number of agents that it had 50 years ago – when the US population was around 200 million versus 325 million now – the IRS’s new Chief of Criminal Investigation, Don Fort, has appropriately shifted the investigative focus to the more traditional targets of tax investigations which should positively impact overall tax compliance. Fort took over in June 2017, after having spent nearly three years as the second-in-command in CI. Before Fort started setting priorities, the IRS had pushed its scarce resources toward identity-theft and data-breach cases. Unlike most tax cases, identity-theft and data-breach cases can involve multiple defendants and can be relatively “low hanging fruit” when compared to individual income-tax prosecutions. It’s also easy to run up higher numbers of prosecutions when you charge a dozen defendants at a time.
In identity theft cases, organized criminals and individuals traditionally took advantage of a massive security hole in the IRS’s computer system to obtain millions of dollars of fraudulent refunds every year using fake or stolen social security numbers. The IRS has worked to eliminate that hole, which was the inability of the IRS computer system to quickly match up reported payments on tax returns to payments received by the IRS. To get refunds in the hands of taxpayers quickly, the IRS would assume that tax returns were accurate, pay refunds, and then match up W-2s filed by employers to those attached to tax returns to determine which returns were fake. This approach led to billions of dollars per year being paid out in fraudulent refunds, and the IRS tried to prosecute its way out of the problem for many years. That didn’t work, as the computer system was the fix, not prosecutions. Starting in 2018, W-2 forms will include a new verification code to speed up the authentication process. Partly because of the IRS’s improved matching system as well as a surge of indictments against false-return mills, the IRS is touting “significant progress” against identity theft. https://www.irs.gov/newsroom/security-summit-partners-mark-progress-in-identity-theft-battle-prepare-for-2018-tax-season. ID Theft cases alone dropped 75% from 2013 to 2017. Though the number of false returns has dropped, the problem remains a multi-billion dollar hit to the public fisc. The IRS could continue to focus on these cases and cut down on false returns, as even with the reduction in bogus filings losses remain in the billions per year. A more-cynical view of events is that the IRS is simply declaring victory and moving on to more-interesting cases.
Although the improved matching system should cut down on fraudulent W-2s – either fake SSNs or fake W-2s using real SSNs – the IRS hasn’t locked down how it will stop the burgeoning and more-sophisticated source of fraudulent returns: data breaches. Using “spoofing” and “spear-phishing” techniques, fraudsters trick HR departments, tax professionals, and executives into providing accurate W-2 information and race to file fraudulent tax returns and scoop up refunds ahead of real taxpayers. These crimes are the flip side of the same data-breach coin that the IRS and many other data aggregators have faced in recent years; although the IRS stood up two cybercrime units in 2014 in LA and DC, their portfolio is so large that it can’t expect to put more than a dent in any of its emphases, including data breaches.
The upshot of the decline in agents and the shift away from easy cases has led to an expected decline in cases referred by CI for prosecution and cases opened for investigation. However, if Don Fort has anything to say about it, the only tax criminals who will be rejoicing are the ID Theft fraudsters, not traditional tax criminals such as those with hidden offshore accounts, money launderers, and false-return filers. Instead, as will be addressed in the next blog, Fort is bringing data-mining to bear on these targets to select the most-egregious offenders. There’s no silver lining to the decline in IRS cases for many of the traditional targets of tax investigations.