IRS Works to Prevent Tax Fraud as Thieves Intensify Cyberattacks Aimed at Payroll Data

Payroll on Bloomberg Tax is built to get you to the right answer faster and more efficiently. Get all the payroll intelligence you need with Bloomberg Tax expert analysis, perspectives and...

By Michael Trimarchi

Efforts by the Internal Revenue Service to prevent fraud and safeguard personal tax information are improving, but criminals generally are staying one step ahead of the measures, an agency official said March 27.

Tamara Powell, a program manager in the IRS wage and investment group, said payroll departments often are singled out in tax-fraud schemes.

“As we’ve made progress, criminals have redoubled their efforts,” said Powell, who spoke at the American Payroll Association’s annual Capital Summit in Washington. “They need even more personal information to impersonate the taxpayer.”

“This has made you targets for criminals,” Powell said to the payroll professionals attending the summit.

During the 2016 filing season, the IRS found that about 300,000 Forms W-2, Wage and Tax Statement, were compromised from an email phishing scam, Powell said. This year, the IRS found that 300,000 W-2s were compromised in January alone, she said.

The IRS recently reissued a warning about the phishing scam, which uses a corporate officer's name to request employee W-2s from payroll or human resources departments. In such cases, the initial contact was followed by a fake executive email to the payroll department or the comptroller asking that a wire transfer also be made to an account, the agency said in a news release ( IR-2017-20).

To combat identity fraud this tax season, employer W-2 copies were to be filed with the Social Security Administration by Jan. 31. The deadline was moved up from the previous Feb. 29 deadline for forms submitted on paper and the March 31 deadline for forms submitted electronically.

Identity thieves, in response, posed as corporate officers and sent official-looking emails to payroll departments asking for a list of all company employees and accompanying W-2s, Powell said.

Efforts to Safeguard Personal Information Show Marked Improvement

Programs such as an ongoing security summit with state tax agencies and industry partners has led to improved identity-theft protections, Powell said. Leaders of the summit, which was formed in 2015, said new and expanded safeguards for taxpayers in 2017 would help ensure the authenticity of taxpayer and tax returns before, during and after the time when returns are filed.

In 2015, for example, the IRS stopped 1.4 million tax returns identified as identity theft, Powell said. In 2016, the agency stopped 969,000 such returns.

Although fewer returns were identified in 2016, stricter requirements for software development and improved identification helped the agency identify and block potentially fraudulent returns from being filed, Powell said.

Additionally, the IRS expanded a W-2 verification code pilot program for returns filed in 2017. The program uses a 16-character alphanumeric code to verify W-2 data that appear on the 2016 Form 1040, U.S. Individual Income Tax Return. Employees are to enter the verification code on the 1040 when using tax-preparation programs.

The code appeared on nearly 47.8 million Forms W-2 for tax year 2016, up from 1.7 million for tax year 2015. Payroll service providers Automatic Data Processing LLC, Ceridian LLC, Intuit Inc. and Paychex Inc. participated in the pilot.

But employers and payroll-service providers should remain ever vigilant, Powell said. “For every action we take, the criminals take another action,” she said.

Other topics discussed at the Capital Summit included:

•The compliance rate for payroll-reporting agents required to file Schedule R with Forms 941, Employers Quarterly Federal Tax Return, is about 24 percent, said Judy Davis, a senior IRS tax analyst. The agency is considering for the first time assessing penalties for reporting agents that do not comply with reporting rules.

“In the past, we have not had penalties on such failure to include the form,” Davis said. “But now, we are doing a lot to look into when to start assessing such penalties.”

Agents approved by the IRS under Internal Revenue Code Section 3504 and certified professional employer organizations are required to complete Schedule R each time they file an aggregate Form 941. Schedule R, which was developed to simplify the aggregate reporting process for employers, aggregate filers and the IRS, would list all the employers and their wage and tax information.

•Recent applicants to the Certified Professional Employer Organization are expected to be notified regarding authorization in early June, Davis said. Eligible applicants would be eligible for retroactivity of responsibilities to the first quarter of 2017, she said. Participants would remain in the program unless voluntarily leaving or unless their certification is revoked by the IRS for failing to meet requirements, she said.

The IRS also could end certification if the PEO, related entity or a responsible person of the group was charged with or convicted of a criminal offense, was the subject of an active IRS criminal investigation or failed to file returns or pay federal, state or local taxes.

The agency released strict rules in December (Revenue Procedure 2017-14) that were intended to ensure that the federal government received the employment taxes it was owed.

To contact the reporter on this story: Michael Trimarchi in Washington at

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Payroll