IRS employee misconduct cited in accessing taxpayer accounts
Monday, May 23, 2022
Today the hubby got a disconcerting mailing from one of his investment accounts. It had paperwork for survivor claims.
The last we checked (a few hours ago), he is very much alive. And since neither he nor I asked for this information, we immediately thought someone might have stolen his identity and tried to cash out this account.
That doesn't seem to be the case (whew!). Our initial checks into the account, both ourselves online and by calling the investment company, indicate there's no security issue.
But it's a good reminder to stay on top of your financial and personal data. That true even — or actually, especially — when your taxes are involved.
A recent Government Accountability Office (GAO) investigation found that when it comes to safeguarding taxpayer data, the Internal Revenue Service's security has some holes.
Notably, over the last 10 fiscal years, more than a quarter of the tax agency's internal taxpayer data breach instances involved employees intentionally snooping on filers' information.
Unauthorized IRS employee access: The details are in the report GAO-22-105872, entitled "IRS Security of Taxpayer Information: Characteristics of Employee Unauthorized Access and Disclosure Cases" that was released on May 19.
Unauthorized access can either be considered inadvertent, such as when an IRS employee accidentally enters an incorrect taxpayer identification number and gets into an account other than the one being worked.
However, willful unauthorized access is just what its name says. It's the intentional access, attempted access, or inspection of tax returns or return information without a valid IRS processing or examination reason.
GAO investigators found that between fiscal years 2012 and 2021, the IRS completed 1,694 investigations into the willful unauthorized access, referred to as UNAX, of tax data by employees. Twenty-seven percent of those incidents were substantiated as misconduct, according to the report.
To deter UNAX violations, IRS rules say spying staffers could be fired, as well as possibly face criminal and civil penalties. In most of the violations discovered by the GAO, the offending employees were suspended, resigned, or removed.
Small, but significant numbers: Yes, 1,694 instances are not a lot. And the 27.3 percent of willful access comes to the even smaller number of 462.
Those figures are negligible when you consider that for the last couple of filing seasons more than 169 million people a have submitted returns. That includes more than 14 million new filers who provided the IRS with personal data in order to collect COVID-19 economic relief payments and advance enhanced Child Tax Credit amounts.
But when it comes to taxes, every number is crucial. Unauthorized access, and particularly willful UNAX, should be zero.
Info bonanza for ID thieves: Taxpayer data access by IRS eyes prying beyond valid tax processing reasons is unacceptable for a lot of reasons.
First, there are the ramifications of what could happen if the info gets into criminal hands.
We taxpayers accept that in the general course of conducting business, IRS employees must access our confidential information. This includes such things as our (and our spouse's and dependents') Social Security numbers, along with income information (both amounts and sources).
However, if that data is accessed by IRS personnel for nefarious reasons, the tax filing victims could end up dealing with the unwelcome consequences of identity theft.
Undermining taxpayer confidence: There's also a broader tax concern.
The IRS depends on citizen confidence that the personal and financial information it's tasked with collecting each year is properly safeguarded from all threats, both in and outside IRS offices.
If the IRS is unable to do that, particularly in connection with staff access to taxpayer accounts, those breaches could adversely affect voluntary taxpayer compliance, the hallmark of the U.S. tax system.
A recent leak of IRS data was the impetus for the GAO investigation. The investigative website ProPublica obtained tax data on wealthy individuals, which it used in a report on the amount of taxes those individuals paid.
While our voyeuristic tendencies in this reality programming and tell-all social media age make such articles fun to read, the method by which the info was obtained is troubling.
The tax data of every single U.S. taxpayer is private. That's law. And that means every taxpayer's IRS account deserves the same strict and secure safeguards.
You also might find these items of interest:
- Be ready for the worst: Create a tax data theft recovery plan
- Scam attempts to obtain taxpayers' personal info remain part of IRS' Dirty Dozen
- GOP lawmakers still awaiting IRS answers on last summer's taxpayer data breach
You can follow this conversation by subscribing to the comment feed for this post.