==AUDIT FINDINGS - FRAUDULENT USE
OF THIRD-PARTY AUTHORIZATION
FORMS TO OBTAIN TAXPAYER
INFORMATION==
TIGTA’s review identified that IRS management
has not implemented sufficient processes and
procedures to authenticate the validity of
Forms 2848, Power of Attorney and Declaration
of Representative, and Forms 8821, Taxpayer
Information Authorization.
BACKGROUND
Taxpayers can grant a power of attorney to
individuals (i.e., representatives) who are given
the authority to represent a taxpayer before the
IRS. These representatives can be an attorney,
certified public accountant, or enrolled agent.
Internal Revenue Code Section 6103(c) also
allows taxpayers to authorize a designee to
review and receive their returns and return
information.
WHY THE AUDIT WAS DONE
This audit was initiated to evaluate the IRS’s
controls to authenticate requests received from
individuals seeking to represent taxpayers and
access taxpayer information.
RECOMMENDATIONS
TIGTA recommended that the IRS: 1) develop a
confirmation letter program to ensure that
taxpayers authorized the third-party access;
2) revoke the authorizations for those
representatives and designees that taxpayers
did not authorize; 3) develop a process to
ensure that all Taxpayer Identification Numbers
associated with confirmed fraudulent CAF
authorizations are forwarded to the appropriate
office; 4) develop procedures for all functions
involved with fraudulent authorization requests
and stolen CAF numbers to timely report their
findings to CAF management; 5) remove the
refund indicator from all 72,095 authorizations
that were processed prior to January 2013;
6) ensure that tax examiners follow guidelines to
limit the issuance of CAF numbers to one CAF
number per representative/designee at each
office; and 7) correspond with representatives
and designees assigned multiple CAF numbers
to inform them that they are permitted to have
one CAF number per location.
https://www.oversight.gov/sites/default/files/oig-reports/201840062fr.pdf