Menu
Tax Notes logo

GAO: Enforcement of Tax Law Is Still High-Risk Area

MAR. 1, 2019

GAO: Enforcement of Tax Law Is Still High-Risk Area

DATED MAR. 1, 2019
DOCUMENT ATTRIBUTES
[Editor's Note:

Asterisks indicate omitted text.

]

HIGH-RISK SERIES
Substantial Efforts
Needed to Achieve
Greater Progress on
High-Risk Areas

March 2019

* * *

Enforcement of Tax Laws

The Internal Revenue Service (IRS) needs to increase its capacity to implement new initiatives, improve ongoing enforcement and taxpayer service programs, and combat identity theft refund fraud.

Why Area Is High Risk

This high-risk area, added to the list in 1990, comprises two pressing challenges for IRS — addressing the tax gap and combatting IDT refund fraud. In 2016, IRS estimated that the average annual net tax gap, the difference between taxes owed and taxes paid on time, was $406 billion, on average, for tax years
2008-2010. IRS enforcement of the tax laws helps fund the U.S. government by collecting revenue from noncompliant taxpayers and, perhaps more importantly, promoting voluntary compliance by giving taxpayers confidence that others are paying their fair share.

IDT refund fraud occurs when an identity thief files a fraudulent tax return using a legitimate taxpayer's identifying information and claims a refund. IRS estimates that at least $12.2 billion in individual IDT tax refund fraud was attempted in 2016, of which it prevented at least $10.5 billion (86 percent). Of the amount attempted, IRS estimated that at least $1.6 billion (14 percent) was paid.

Contact Information

For additional information about this high-risk area, contact James R. McTigue, Jr. or Jessica Lucas-Judy at 202-512-9110 or mctiguej@gao.gov or lucasjudyj@gao.gov

Enforcenent of Tax Laws

Since our 2017 High-Risk Report, ratings for all five criteria remain unchanged. IRS continues to demonstrate top leadership commitment for improving tax compliance and has made strides in improving tax gap data. The agency has also taken steps to address identity theft (IDT) refund fraud through continued development and deployment of the Return Review Program (RRP), a system which screens returns for potential IDT and other refund fraud before IRS issues refunds.

However, IRS's capacity to implement new initiatives, carry out ongoing enforcement and taxpayer service programs, and combat IDT refund fraud remains a challenge. IRS continues to take actions toward meeting three other criteria for removal from our High-Risk List: developing a corrective action plan, monitoring, and demonstrating progress.

Addressing the Tax Gap

 

Addressing the Tax Gap

Ratings for this segment of the high-risk area remain unchanged since our previous High-Risk Report in 2017, with IRS meeting one criterion, partially meeting three, and not meeting one.

Leadership commitment: met. IRS adopted a more strategic approach to identifying and selecting budget program priorities, among other steps. For instance, IRS's fiscal year 2018-2022 strategic plan includes a goal to facilitate voluntary compliance and deter noncompliance that could help address the tax gap.

Capacity: not met. IRS continues to face capacity challenges because it does not calculate return on investment estimates for each enforcement program — information IRS could use to inform resource allocation decisions. IRS has also not evaluated the costs and benefits of expanding RRP to address more tax enforcement activities, such as underreporting and noncompliance more broadly. Moreover, IRS still faces challenges for implementing new initiatives and carrying out ongoing enforcement and taxpayer service programs under an uncertain budgetary environment.

Action plan: partially met. IRS has a strategic plan that discusses general approaches to make voluntary compliance easier for taxpayers and to ensure taxes owed are paid. However, in some areas, the strategic plan does not include specific efforts for improving compliance. In addition, IRS has not documented a comprehensive strategy that shows how it intends to use National Research Program (NRP) data to develop or improve compliance strategies. IRS collects data through NRP audits to measure and report tax compliance for different types of taxes and taxpayers.

Monitoring: partially met. IRS continues to use tax gap data to study compliance behaviors and update formulas designed to identify tax returns with a high likelihood of noncompliance. In addition, the Large Business and International division is implementing a new approach to compliance that focuses on specific issues, such as partnerships that underreport certain types of income. However, IRS does not adequately measure the effect of some compliance programs, such as those used for large partnerships, because it has not clearly defined them, tracked the results from auditing such entities, or analyzed how to better use audit resources for these types of returns.

Demonstrated progress: partially met. IRS implemented some corrective measures to improve compliance and reduce the tax gap, including its use of RRP to screen individual returns claiming refunds, but more work remains to meet this criterion. IRS also lacks specific quantitative goals to reduce the tax gap or improve voluntary compliance. Without long-term, quantitative voluntary compliance goals and related performance measures, it will be more difficult for IRS to determine the success of its strategies.

What Remains to Be Done

Over the years since we added this area to our high-risk list, we have made numerous recommendations related to this high-risk issue, 103 of which were made since the last high-risk update in February 2017. As of December 2018, 189 recommendations are open. IRS should implement all of our recommendations on improving audit effectiveness and resource investments, such as:

  • re-establishing goals for improving voluntary compliance and developing and documenting a strategy that outlines how it will use its data to update compliance strategies that could help address the tax gap,

  • developing and documenting plans to assess the NRP employment tax study results to estimate the current state of the employment tax gap, and

  • evaluating the costs and benefits of expanding RRP to analyze individual returns not claiming refunds to support other enforcement activities.

Congressional Actions Needed

Given that the tax gap has been a persistent issue, reducing the tax gap will require targeted legislative actions, including additional third-party information reporting, enhanced electronic filing, math error authority, and paid preparer regulation. Specifically, Congress should consider:

  • expanding third-party information reporting to IRS, which could increase voluntary tax compliance. For example, reporting could be required for certain payments that rental real estate owners make to service providers, such as contractors who perform repairs on their rental properties, and for payments that businesses make to corporations for services;

  • requiring additional taxpayers to electronically file tax and information returns to help IRS improve compliance efficiency;

  • providing IRS with authority — with appropriate safeguards — to correct math errors and to correct errors in cases where information provided by the taxpayer does not match information in government databases, among other things, could help IRS correct errors and avoid burdensome audits and taxpayer penalties; and

  • establishing requirements for paid tax return preparers to help improve the accuracy of the tax returns they prepare.

Refund Fraud Related to Identify Theft

Refund Fraud Related to Identify Theft

 

Ratings for this segment of the high-risk area remain unchanged since our previous High-Risk Report in 2017, with IRS meeting two criteria and partially meeting the other three.

Leadership commitment: met. IRS has demonstrated leadership commitment in addressing IDT refund fraud. For example, IRS has taken significant actions to facilitate information sharing with states and industry partners through the Identity Theft Tax Refund Fraud Information Sharing and Analysis Center.

Capacity: partially met. In October 2016, IRS began operating RRP as its primary pre-refund system for detecting IDT and other refund fraud, automating some of IRS's manual processes for screening returns, and identifying fraud schemes. Although IRS can adjust RRP during the filing season to respond to emerging threats or other concerns, IRS's ability to combat IDT fraud continues to be challenged as a result of large-scale cyberattacks on various entities. However, identity theft refund fraud is an evolving and costly problem, the risks of which have increased as more personally identifiable information has become readily available.

Action plan: met. IRS has a strategic plan that identifies refund fraud and IDT as major challenges facing the nation's tax system over the next several years. IRS has also identified several strategic objectives relevant to its efforts to combat IDT. Further, IRS is using RRP to automatically detect IDT and other refund fraud in individual returns, and is working to expand RRP to detect fraud in business returns.

Monitoring: partially met. Following a security breach with the Get Transcript program, IRS changed its authentication procedures for affected taxpayers and has prevented a total of about $591 million in fraudulent payments between fiscal years 2015 through 2017. In addition, RRP prevented about $4.4 billion in invalid refunds during the 2017 filing season. However, in July 2018 we found ways to improve and expand the program — such as increasing the amount of data available, including loading W-2 data into it more frequently and digitizing paper returns. As we reported in June 2018, IRS also lacks internal controls to effectively monitor telephone, in-person, and correspondence authentication.

Demonstrated progress: partially met. IRS has demonstrated some progress by developing tools and programs to further detect and prevent IDT refund fraud, such as RRP, which uses advanced analytic techniques and business rules to compare taxpayer-reported information to W-2s. IRS has also improved telephone authentication procedures and enhanced its authentication efforts for some online services by requiring a multi-factor process using the Secure Access platform. However, in June 2018 we reported that IRS could further demonstrate progress by updating its authentication procedures to be in compliance with new government standards. Further, IRS has not articulated priorities for its foundational authentication initiatives or the resources it will require to complete them, sufficiently assessed and monitored risks, or developed a comprehensive process to evaluate potential new authentication technologies and approaches. As a result, IRS may be missing an opportunity to implement the most secure, robust technologies to protect taxpayers.

What Remains to Be Done

IRS should implement all of our recommendations for addressing IDT refund fraud, including:

  • finding ways to improve and expand RRP, such as increasing the frequency at which incoming W-2 information is available to the program;

  • assessing the benefits and costs of additional uses and applications of W-2 data for pre-refund compliance checks, such as other fraud or noncompliance before issuing refunds;

  • prioritizing foundational authentication initiatives and the resources required to complete them; and

  • developing a comprehensive process to identify and evaluate alternative options for improving taxpayer authentication.

Congressional Actions Needed

Given that IDT refund fraud has been an ongoing issue, combating it will require targeted legislative actions, including:

  • requiring that returns prepared electronically but filed on paper include a scannable code printed on the return to better leverage RRP's capabilities; and

  • providing the Secretary of the Treasury with the regulatory authority to lower the threshold for electronic filing of W-2s from 250 returns annually to between 5 to 10 returns, as appropriate.

Related GAO Products

Tax Fraud and Noncompliance: IRS Could Further Leverage the Return Review Program to Strengthen Tax Enforcement, GAO-18-544. Washington, D.C.: July 24, 2018.

Identity Theft: IRS Needs to Strengthen Taxpayer Authentication Efforts, GAO-18-418. Washington, D.C.: June 22, 2018.

Tax Fraud and Noncompliance: IRS Can Strengthen Pre-refund Verification and Explore More Uses, GAO-18-224. Washington, D.C.: January 30, 2018.

Identity Theft: Improved Collaboration Could Increase Success of IRS Initiatives to Prevent Refund Fraud, GAO-18-20. Washington, D.C.: November 28, 2017.

Tax Gap: IRS Needs Specific Goals and Strategies for Improving Compliance, GAO-18-39. Washington, D.C.: October 31, 2017.

Employment Taxes: Timely Use of National Research Program Results Would Help IRS Improve Compliance and Tax Gap Estimates, GAO-17-371. Washington, D.C.: April 18, 2017.

IRS Return Selection: Improved Planning, Internal Controls, and Data Would Enhance Large Business Division Efforts to Implement New Compliance Approach, GAO-17-324. Washington, D.C.: March 28, 2017.

2016 Filing Season: IRS Improved Telephone Service but Needs to Better Assist Identity Theft Victims and Prevent Release of Fraudulent Returns, GAO-17-186. Washington, D.C.: January 31, 2017.

Tax Debt Collection: IRS Needs to Define Field Program Objectives and Assess Risks in Case Selection, GAO-16-787. Washington, D.C.: September 13, 2016.

IRS 2017 Budget: IRS Could Improve Presentation of Budget Data in Its Congressional Justification, GAO-16-695. Washington, D.C.: July 21, 2016.

* * *

 

DOCUMENT ATTRIBUTES
Copy RID