Advisory Committee Urges IRS to Continue Cybersecurity Fight
The latest annual report from the Electronic Tax Administration Advisory Council gives credit for progress made in the fight against identity theft, while making suggestions for new areas worthy of their attention.
John Sapp, a Drake vice president, serves as ETAAC chairman. The panel held its annual public meeting recently in Washington, using the opportunity to release its annual report along with recommendations for improving cybersecurity and fighting identity-theft-related tax fraud.
The annual report centered on the work of the Security Summit, a joint effort between the IRS, state taxing agencies and tax industry partners. The Security Summit was initiated in 2015 for the expressed purpose of improving computer security measures for the tax industry and taxpayers. Drake Software is represented on the Security Summit by Vice President Jami Gibson.
The ETAAC report sees the Security Summit as making a positive impact on the security challenges facing the tax industry and should be a vital component in the IRS’ arsenal against identity-theft-related tax fraud. The report also applauds Congress’ decision approving an additional $290 million for the IRS budget for 2016 to improve taxpayer service, strengthen cybersecurity, and expand the agency’s ability to deal with identity theft.
ETAAC sees a successful security program as one that keeps taxpayers and tax preparers safe from threats using a combined approach.
“Security practices can have a significant impact on the tax experience and taxpayer behavior,” the report states. “Improving the taxpayer experience will require sustained creativity and focus for the IRS to build systems that are both secure and, conversely, easy to access and use from a taxpayer perspective. A system that is secure but that few can use will not be successful for IRS as it expands some of its key online services. IRS must strive to achieve a situation where services are both secure and easy to use and access.”
Specific recommendations to the IRS in the 56-page ETAAC report include:
- Improving taxpayer authentication practices
- Replace outmoded prior year AGI/PIN e-file signature verification
- Engage tax professionals by updating IRS publications, increasing awareness/education, communicating standards and providing easy-to-use compliance tools
- Continue establishment of a common cybersecurity standard
- Expand federal, state and industry participation in cybersecurity area
- Increase state and tax industry participation across the Security Summit
- Expand payroll community participation in the Security Summit
- Increase Financial Institution (FI) participation in Security Summit and IRS “leads” programs
The report also urges the IRS to implement the Identity Theft Tax Refund Fraud (IDTTRF) Information Sharing & Analysis Center (ISAC) by increasing participation, removing barriers to sharing, and providing adequate funding for its mission. ISAC is seen as a clearing house for cutting-edge security techniques that apply to the IRS and income tax industry.
The ETAAC report makes one thing abundantly clear: The only direction for the IRS, the states and the nation’s tax industry to go is onward. Retreat is out of the question.
“America’s voluntary compliance tax system and electronic tax filing systems exist, and succeed, because of the trust and confidence of the American taxpayers (and policy makers). Any corrosion of trust in filing tax returns electronically would result in reverting back to the less-efficient and very costly “paper model.” That option is neither feasible any longer nor desirable.” The report continues, “As failure is not an option, ETAAC strongly believes IRS must remain ever vigilant in combating IDTTRF and use the public-private collaborative model of trusted stakeholders whenever possible to gain advantage over fraudsters.”