What GAO Found
Identity Theft (IDT) Refund Fraud Cost Estimates. The Internal Revenue Service's (IRS) fraud estimates met several GAO Cost Guide best practices, such as documenting data sources and detailing calculations. However, the estimates do not reflect the uncertainty inherent in measuring IDT refund fraud because they are presented as point estimates. Best practices suggest that agencies assess the effects of assumptions and potential errors on estimates. Officials said they did not assess the estimates' level of uncertainty because of resource constraints and methodological challenges. Because making different assumptions could affect IDT fraud estimates by billions of dollars, a point estimate (as opposed to, for example, a range) could lead to different decisions about allocating IDT resources. Reporting the uncertainty that is already known from IRS analysis (and conducting further analyses when not cost prohibitive) might help IRS communicate IDT refund fraud's inherent complexity.
IRS Estimates of Attempted IDT Refund Fraud, 2013
While IRS's fraud estimates note the relevant cost assumptions used to develop estimates, they do not provide the rationale or analysis to support them. Officials stated they did not document the rationale because of the time and resources required. Best practices suggest that agencies should document assumptions. Given the evolving nature of IDT refund fraud, documenting assumptions' rationale would help IRS management and policymakers determine whether the assumptions remain valid or need to be updated.
Taxpayer Authentication. IRS recently created a group aimed at centralizing several prior ad hoc efforts to authenticate taxpayers across its systems. IRS's planning documentation contains goals and short- and long-term priorities (including implementation plans). However, a commitment to cost, benefit and risk analysis is not documented in the group's short- and long-term priorities. The draft planning documentation makes no mention of where such analyses would be included in IRS's priorities. Office of Management and Budget guidance states that agencies should use cost-benefit analyses that consider alternatives to promote efficient resource allocation and that agencies should ensure that authentication processes provide the appropriate level of assurance by assessing risks. Without analysis of costs, benefits and risks, IRS and Congress will not have quantitative information that could inform decisions about whether and how much to invest in the various authentication options. Cost, benefit and risk estimates for authentication would have the additional benefit of allowing comparisons with other options for combating IDT refund fraud. IDT options could have significant costs for taxpayers and IRS, so more information about the tradeoffs would help inform IRS and congressional decision making.
Why GAO Did This Study
IRS estimated it prevented $24.2 billion in fraudulent identity theft (IDT) refunds in 2013, but paid $5.8 billion later determined to be fraud. Because of the difficulties in knowing the amount of undetected fraud, the actual amount could differ from these point estimates. IDT refund fraud occurs when an identity thief uses a legitimate taxpayer's identifying information to file a fraudulent tax return and claims a refund.
GAO was asked to review IRS's efforts to combat IDT refund fraud. This report, the second in a series, assesses (1) the quality of IRS's IDT refund fraud cost estimates, and (2) IRS's progress in developing processes to enhance taxpayer authentication.
GAO compared IRS's IDT estimate methodology to GAO Cost Guide best practices (fraud is a cost to taxpayers). To assess IRS's progress enhancing authentication, GAO reviewed IRS documentation and interviewed IRS officials, other government officials, and associations representing software companies, return preparers, and financial institutions.
GAO recommends IRS improve its fraud estimates by (1) reporting the inherent imprecision and uncertainty of estimates, and (2) documenting the underlying analysis justifying cost-influencing assumptions. In addition, IRS should estimate and document the economic costs, benefits and risks of possible options for taxpayer authentication. IRS agreed with GAO's recommendations and provided technical comments that GAO incorporated, as appropriate.
Recommendations for Executive Action
|Internal Revenue Service||1. To improve the reliability of <em>Taxonomy</em> estimates for future filing seasons, the Commissioner of Internal Revenue should follow relevant best practices outlined in the <em>GAO Cost Guide</em> by documenting the underlying analysis justifying cost-influencing assumptions.|
|Internal Revenue Service||2. To improve the reliability of <em>Taxonomy</em> estimates for future filing seasons, the Commissioner of Internal Revenue should follow relevant best practices outlined in the <em>GAO Cost Guide</em> by reporting the inherent imprecision and uncertainty of the estimates. For example, IRS could provide a range of values for its <em>Taxonomy</em> estimates.|
|Internal Revenue Service||
Priority Rec.3. To ensure relevant information is available to decision makers, the Commissioner of Internal Revenue should estimate and document the costs, benefits and risks of possible options for taxpayer authentication, in accordance with Office of Management and Budget and National Institute of Standards and Technology guidance.