The Growing Corporate Threat of Taxpayer Identity Theft Fraud

Identity theft continues to be a growing problem nationwide, but particularly in Florida which continues to lead the nation per capita in reported incidents of identity theft according to the Federal Trade Commission (FTC), a national clearinghouse for consumer fraud complaints. Taxpayer identity theft fraud, a subset of identity theft in general, is the most prevalent form of identity theft according to the FTC which reported that tax-related identity theft incidents increased from 51,702 in 2008 to 248,357 in 2010. This is a dramatic increase from the 35,000 instances of employment-related identity theft cases reported in 2007.

Taxpayer identity theft fraud involves not only the theft of someone’s identity but also the filing of a fraudulent tax return using the victim’s social security number to receive a tax refund often totaling more than $9,000.00. The IRS identified and prevented the issuance of more than $14 billion in fraudulent refunds in 2011. A 2008 report issued by the Treasury Inspector General for Tax Administration (TIGTA), an IRS watchdog, stated that the prevention of taxpayer identity theft fraud is an employer’s issue involving the security of their systems and data. According to TIGTA, 938,664 of the 2.1 million fraudulent tax returns filed in 2011 involved identity theft and totaled $6.5 billion. The stolen information includes the person’s name, date of birth and social security number or Medicare beneficiary number.

The latest twist, however, is that your own employees are in on the crime as law enforcement agencies are reporting that employees at many businesses that compile personal information are misappropriating and selling the information to thieves who are filing fraudulent tax returns. The Centers for Medicare and Medicaid Services (CMS) issued a Fraud Alert in February 2012 warning healthcare providers that perpetrators are misappropriating the identities of Medicare beneficiaries from “employers, schools, hospitals, and prisons” but any businesses that store personal information are at risk from current or prospective employees. Recent law enforcement arrests report finding suspects with massive quantities of tax refunds and lists of prospective employers to apply for jobs with the specific intent to steal taxpayer identities from their databases.

The reality of this emerging threat is that perpetrators are actually targeting organizations for employment so that they can specifically breach their data security and commit identity theft and aid those committing tax refund fraud. These organizations have both a fiduciary and legal duty to safeguard that personal information, but also a legal duty to notify those consumers who they can reasonably identify that their personal information has been stolen.