21.9.2 Accounts Management Identity Theft

  • 21.9.2.1 Identity Theft - General Information
  • 21.9.2.2 Identity Theft - Expanded Procedures
  • 21.9.2.3 Identity Theft - Telephone Overview
  • 21.9.2.4 Identity Theft - Paper Overview - (Andover and Fresno only)
  • 21.9.2.5 Unpostable 147 Reason Code 1 - (UPC 147 RC 1) - Andover AM IPSU only
  • 21.9.2.6 Responses to Identity Theft Notification Letters/Notices
  • 21.9.2.7 Global Review
  • 21.9.2.8 Data Loss Notification - Personally Identifiable Information (PII)
  • 21.9.2.9 Post Function Adjustment Work
  • 21.9.2.10 Identity Theft Assistance Request (ITAR) - General Information

21.9.2.1 (10-01-2010)
Identity Theft - General Information

  1. The IRS currently classifies identity theft (IDT) cases into two categories. They are cases where a taxpayer's personally identifiable information (PII) has been compromised and:
  2. The taxpayer is at risk for an occurrence of IDT impacting tax administration, such as a lost of stolen purse or wallet, a questionable credit report or questionable credit card activity, a home robbery etc. Such cases could also include TOP offsets where IRS records are accurate and misuse of the SSN is an administration issue with another agency beyond the control of the IRS.
  3. Cases where the IDT impacts tax administration, such as the presence of a return filed by an unknown individual or a tax assessment made based on income earned by another individual. Such cases may involve duplicate filing conditions, the presence of a return on the account when the TIN owner has no filing requirement, a refund inquiry related to offset of a current overpayment to a liability on a prior year module for a return no filed by the TIN owner, an AUR assessment based on income earned by someone other than the TIN owner, etc.
  4. This IRM provides general IDT guidance for use by employees performing account/tax law work related to IDT, resource information for responding to telephone inquiries received on the general toll-free line and the Identity Theft Specialized Units (IPSU) line, and procedures specific to processes worked by the IPSU.
  5. Refer to IRM 10.5.3, Privacy, Information Protection & Data Security, Identity Protection Program, for additional information, procedures and guidance related to identity theft.
  6. All cases involving identity theft will receive priority treatment. This includes, but is not limited to, cases with identity theft documentation attached, Form 14027–A, Identity Theft Case Monitoring and Form 14027–B, Identity Theft Case Referral, referred to other functions (AM, ASFR, AUR, Collections, Examination, etc.) Identity Theft Assistance Request (ITAR) referrals are also included.
  7. Taxpayers stating they are victims of identity theft will be required to authenticate their identity and provide evidence of identity theft. Acceptable documentation is:
  8. A copy of one or more valid U.S. federal or state government-issued forms of identification (such as a social security card, passport, driver's license, or state identification card, ITIN assignment notice (CP565) etc.), AND
  9. A copy of a police report indicating identity theft as the issue, orForm 14039, Identity Theft Affidavit.
  10. Identity theft cases are controlled using the following category codes.

Category Code / Aging Criteria / Description / Used By
IDT1 / 180 days / See IRM 21.6.2.4.2, Multiple Individuals Using the Same TIN. / All AM IMF employees working cases with tax administration issues.
IDT2 / 120 days / Unpostable 147 cases see IRM 21.9.2.5, Unpostable 147 Reason Code 1 - (UPC147 RC1) - Andover AM IPSU only. / AM Identity Protection Specialized Units (IPSU).
IDT3 / 45 days / Reserved / Reserved.
IDT4 / 45 days / Self identified non -tax-related identity theft see IRM 21.9.2.4.1, Self Identified - Non-Tax-Related Identity Theft (Andover and Fresno only). / AM IPSU only.
IDT5 / 45 days / Responses to CP 01 Notices and/or letter 4445C, TC971 AC501 Acknowledgement Notification letters.
Note:
Effective July 1, 2009 acknowledgement notifications of ID theft documentation will be systemically generated as a CP 01, 2-12 cycles after input of the TC971 AC501.
See IRM 21.9.2.6, Responses to Identity Theft Notification Letters/Notices. / AM IPSU only.
IDT6 / 180 days / Post Function Adjustment Work. See IRM 21.9.2.9, Post Function Adjustment Work. / AM IPSU only.
IDT7 / 180 days / Reserved / Reserved.
IDT8 / 180 days / Reserved / Reserved.
IDT9 / 180 days / Reserved - Phishing / Reserved.
GRVW / 180 days / Global Review. See IRM 21.9.2.7, Global Review. / AM IPSU only.
IDTX / 365 days / Monitoring tax-related identity theft cases. See IRM 21.9.2.4.2, Tax-Related Identity Theft. / AM IPSU only.
ITAR / 180 days / Identity Theft Assistance Request (ITAR). See IRM 21.9.2.10, Identity Theft Assistance Request (ITAR). / AM IMF employees and AM IPSU CSRs.
  1. The Office of Privacy and Information Protection Office has developed action codes (AC) for use with transaction code (TC) 971 to mark the entity modules of accounts on which identity theft is factor and/or suspected and documented. They are:

Action Code / Description / Used by
501 / Tax-administration related identity theft - taxpayer provided the required ID theft documentation. / All functions.
504 / Self identified non-tax-administration related - taxpayer provided the required ID theft documentation. / AM IPSU only.
505 / IRS loss of Personally Identifiable Information (PII) -IRS identified, taxpayer not required to provide required ID theft documentation. / The Office of Privacy Information Protection and Data Security (PIPDS) only.
506 / IRS identified identity theft - IRS identified, taxpayer not required to provide required ID theft documentation, unless requested. /
  • Accounts Management IRM 21.6.2.4.2, Multiple Individuals using the Same TIN.
  • Criminal Investigation - Primary User.
  • Submission Processing based on analysis of an Unpostable 147 case.
  • AMTAP IRM 21.9.1, Taxpayer Assurance Program.

21.9.2.2 (10-01-2010)
Identity Theft - Expanded Procedures

  1. In compliance with Commissioner Shulman's testimony before Congress on April 10, 2008, Accounts Management (AM) has adopted a proactive stance against identity theft. As a result, AM has established Identity Protection Specialized Units (IPSU) to assist taxpayers that are, or may become, victims of identity theft. IPSU Teams are comprised of paper and phone teams.
  2. A toll-free number 800–908–4490, established specifically to receive identity theft related calls, provides taxpayer access to automated messages and assistors. The hours of operation are 8:00 a.m. to 8:00 p.m. (taxpayer's local time). Guidance will be provided to the individuals identifying themselves as potential victims of identity theft, including actions to take when there is currently no tax-related impact or tax-related ID theft.
  3. Toll-free Customer Service Representatives (CSR) receiving calls outside the IPSU 800–908–4490 number should follow IRM procedures to provide callers with the necessary guidance. See IRM 21.9.2.3.1, Self Identified - Non-Tax-Related Identity Theft and IRM 21.9.2.3.2, Tax-Related Identity Theft.

Note:

It is important to identify the issue/reason why the taxpayer is calling (balance due notice, refund offset, lost or stolen purse/wallet, etc.) and follow those particular IRM guidelines. With the exception of default screeners, calls should not be transferred to IPSU toll-free number. Follow the Telephone Transfer Guide.

  1. Also, refer to IRM 10.5.3.2.4, Identity Theft Frequently Asked Questions for additional information.

21.9.2.3 (10-01-2010)
Identity Theft - Telephone Overview

  1. Individuals may call the IRS to report that their Social Security Numbers (SSNs) or Individual Taxpayer Identification Number (ITIN) have been misused to obtain goods or services, to report other complaints of identity theft, and/or to request protection of their tax account information.

Caution:

Follow established procedures to assist callers and prevent unauthorized disclosure of taxpayer information.

  • Communication Skills, IRM 21.1.1.7
  • Taxpayer Advocate Service (TAS) Guidelines, IRM 21.1.3.18
  • Required Taxpayer Authentication, IRM 21.1.3.2.3
  • Additional Taxpayer Authentication, IRM 21.1.3.2.4
  1. Advise callers to contact the Federal Trade Commission (FTC) Identity Theft Hot line at 877–438–4338 and/or visit the FTC website at Advise callers the FTC assists individuals who are concerned about protecting their identity (including their Social Security Number (SSN)) to prevent misuse.
  2. Advise callers to contact the Social Security Administration (SSA) at 800–772–1213 and/or visit the SSA web site regarding "Identity Theft and Your Social Security Number" at The SSA will address inquiries related to lost or stolen social security cards/numbers, "posted earnings" determinations, and questions related to new or replacement SSNs.
  3. Advise callers they may file a report with their local or state police. They may also contact their state Attorney General's office. Callers could also check the Blue Pages of the telephone directory for the phone number or check The National Attorney General's webpage at for a list of state Attorneys General.
  4. Advise callers to contact one of the three major credit bureaus:
  5. Equifax800–525–6285
  6. Experian888–397–3742
  7. TransUnion800–680–7289
  8. Advise callers to visit the IRS website at (keyword identity theft) for additional information and links related to identity theft and tax records.
  9. Advise callers to obtain a copy of Publication 4535, Identity Theft Prevention and Victim Assistance. Publication 4535 provides resource information in both English and Spanish. This publication and other publications can be obtained using one of the methods found in IRM 21.3.6.4.1, Ordering Forms and Publications.

21.9.2.3.1 (06-11-2010)
Self Identified - Non-Tax-Related Identity Theft

  1. Individuals experiencing non tax-related impact may call and request that IRS take action to protect their tax account information. Callers should be advised to take the following actions. For a clear definition of taxpayer identity theft not affecting tax administration (Non-Tax-Related Identity Theft), refer to IRM 10.5.3.2.3.2, Taxpayer-Identified Identity Theft Not Affecting Tax Administration.
  2. Advise callers to obtain acceptable identity theft documentation. See IRM 21.9.2.1, Identity Theft - General Information.
  3. Advise callers they may receive correspondence requesting additional information.

Note:

If the caller used the 800–829–1040 line versus the IPSU number, 1–800–908–4490, to report non-tax-related identity theft, advise the caller to use the IPSU number for subsequent calls regarding non-tax-related identity theft.

  1. Advise callers that ID theft documentation should be submitted by mail or fax.
  2. Documentation can be mailed to: Internal Revenue Service, PO Box 9039, Andover, MA 01810–0939.
  3. Documentation can be faxed to: (978) 247–9965. Advise callers this is not a toll-free number. Their telephone company or a third party service provider, if applicable, may charge to send faxes.

Note:

Taxpayers can also take their documentation to their local Taxpayer Assistance Center (TAC) where the documentation will be faxed to the designated number. Provide callers with the address and telephone number of the closest TAC office if appropriate.

  1. Advise callers they should receive a notification letter from the IRS within 30 days of receipt of all required documentation.
  2. Record history of the taxpayer contact using the Accounts Management System (AMS) if TIN was obtained and disclosure verified.

21.9.2.3.2 (06-11-2010)
Tax-Related Identity Theft

  1. Individuals may call to report tax-related identity theft. For example, callers may reference an unknown person filing a tax return under their SSN, receipt of a notice or tax bill related to unknown income, or notification of an audit. For these situations, advise callers to obtain acceptable identity theft documentation. For a clear definition of identity theft affecting tax administration, refer to IRM 10.5.3.2.3.1, Taxpayer-Identified Identity Theft Affecting Tax Administration.
  2. If the caller reports concerns regarding the filing of a tax return (the presence of an unknown return filed under their SSN), advise the caller to attach the documentation referenced above to their paper return if they have not yet filed, or to a letter of explanation if they have already submitted a return. Send the information to the location where the return is filed.
  3. If the caller is responding to an IRS letter or notice of adjustment, advise the caller to attach the documentation referenced in (1) above to a letter of explanation, and include a copy of the IRS letter or notice. Send the information to the address indicated on the letter or notice.
  4. Advise callers that there will be processing delays while the situation is resolved and they may receive correspondence requesting additional information.
  5. Individuals not required to file a return may also be negatively impacted by tax-related identity theft. For example, a caller may state the Social Security Administration (SSA) has reduced or stopped his/her Social Security benefits based on a tax return filed with the IRS. The caller indicates that he/she has not filed a return. When this type of call is received, follow the instructions below.
  6. Advise callers to obtain acceptable identity theft documentation. See IRM 21.9.2.3,Identity Theft - Telephone Overview.
  7. Advise callers to attach the documentation referenced above to a letter explaining their situation. Provide the IRS address associated with the caller's state for mailing. Refer to Campus Locator Guide under the Who/Where tab on SERP for Campus mailing address.
  8. Advise callers they may receive correspondence requesting additional information.
  9. Record history of the taxpayer contact on AMS if the TIN was obtained and disclosure verified.

21.9.2.3.3 (03-30-2010)
Tax-Related Identity Theft (IPSU Toll-Free line CSRs only)

  1. If the caller used the 800–908–4490 number and there is currently an active relevant open control on the tax period in question, advise the caller that his/her account will be monitored through the research/resolution process. Relevant open controls include those related to AM, Automated Underreporter (AUR), Examination or Collection and any CI related controls that have or may result in adjustment activity. IPSU CSRs will complete Form 14027-A, Identity Theft Case Monitoring, and record a short description of the information provided to the caller in Section III; fax the form to the Image Control Team (ICT) in Andover using the designated fax number (978)247–9965; record history on AMS indicating the form was faxed (ex: 14027TOICT); and refer to IRM 21.3.5.4, Referral Procedures, to provide the taxpayer with the proper time frame for a response.

Exception:

If there is already an open control with Category Codes IDT2, IDT4, IDT6 or IDTX, a Form 14027-A will not be required. Instead, inform the taxpayer a caseworker is working to resolve their issue and they should hear from that caseworker within 45 days.

Note:

ICT will scan the Form 14027–A, Identity Theft Case Monitoring and any documentation into CIS and open a control in " B" status to the IPSU paper function for monitoring purposes.

  1. If the caller used the 800–908–4490 number and they are stating they received a 4403C, ID Theft - AM Point of Contact Letter (for Monitor Cases) letter but have lost the contact name and phone number of the employee, verify a 4403C was issued by researching command code (CC) ENMOD. Check for an open IDTX control on TXMOD. Complete a Form 4442, Inquiry Referral to the employee with the open control.
  2. If there is no open IDTX control, instruct the taxpayer to write in with their issue, and attach any notices or letters they have received to the address indicated on that letter or notice.

21.9.2.4 (10-01-2010)
Identity Theft - Paper Overview - (Andover and Fresno only)

  1. Individuals will be submitting standard identity theft documentation through designated PO Boxes and fax lines so that IRS can take action to mark tax accounts with an identity theft indicator. Controls on the related accounts will be established by CIS. Refer to IRM 10.5.3.2.3.1.3, The Identity Protection Specialized Unit (IPSU) and Referrals to other Functions.
  2. CSRs (staffing the IPSU number) will be completing Form 14027-A, Identity Theft Case Monitoring, and recording a short description of the information provided to the caller in Section III. CSRs will fax the form to ICT in Andover using the designated fax number, (978)247–9965. AMS and IDRS (TXMOD) should reflect that the form was faxed (ex: 14027TOICT).

Note:

ICT will scan the document into CIS and open a control in "B" status to the Identity Protection Specialized Unit (IPSU) paper function for monitoring purposes.

  1. IPSU Case Workers (staffing the paper processing teams) will monitor accounts with current tax-related activity. No action will be taken by the IPSU Case Worker to adjust these accounts. No requests to correct accounts should be sent to the IPSU when there is an open IDRS control base with a category code IDTX.

Note:

Refer to IRM 10.5.3.2.3.1.4, Functional Responsibilities Regarding Referrals from the IPSU.

21.9.2.4.1 (06-11-2010)
Self Identified - Non-Tax-Related Identity Theft - (Andover and Fresno only)

  1. Review the taxpayer account to ensure there are no tax-related issues and/or current open controls.

Note:

All research tools available must be used (ex: AMS, IDRS, Accessory Manager Tools (also known as IAT) etc.)

If the taxpayer submits an inquiry regarding a tax related issue and / Then
There is an open relevant control present (regardless of whether ID theft documentation was submitted) /
  • Convert the case to an IDTX by closing the IDT4 control on ENMOD using AMS/CIS and opening a base in "B" status using IDTX to the appropriate tax year/module involved.
  • Complete Form 14027–B, Identity Theft Case Referral.
Note:
Provide a brief narrative on the Form 14027-B explaining the taxpayer responded directly to AM IPSU and provide IRM 10.5.3.2.3.1.3(2), The Identity Protection Specialized Unit (IPSU) and Referral to other Functions, as a reference.
  • Save the form as a scanned document to the CIS case.
  • Fax a copy of the form and all attachments submitted by the taxpayer to the appropriate Identity Theft Liaison.
Note:
See the ID Theft Liaison listing under the Who/Where tab on SERP.
  • Record history on AMS indicating the form was faxed (ex: 14027TOAUR).
  • Begin monitoring the taxpayer's account following procedures. See IRM 21.9.2.4.2, Tax-Related Identity Theft.
  • If there is already an open IDTX control, close your IDT4 control, link the two cases on CIS and send a secure E-mail to the IPSU CSR with the IDTX control informing them of this action.

There is no open control present (regardless of whether ID theft documentation was submitted) / If the issue can be resolved within AM using IRM 21
Exception:
If the case involves AMTAP follow the steps in above box for referral purposes.
  • Convert the Category Code IDT4 to IDT1 by closing the IDT4 control on ENMOD using AMS/CIS and opening a base in the appropriate tax year/module using IDT1.
  • ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
  • Complete Form 14027–B, Identity Theft Case Referral. Scan into CIS, CSR specific.
  • Control as an IDTX case in "B" status to your own IDRS number.
  • Begin monitoring procedures; See IRM 21.9.2.4.2, Tax-Related Identity Theft - (Andover and Fresno only).
If the issue cannot be resolved within AM using the IRM 21, follow procedures in the box above to route the case to the appropriate function area.
  1. Review the case to ensure the taxpayer submitted all required identity theft documentation.

If the taxpayer submits / Then
All required identity theft documentation and there is no tax-related activity on the account /
  • Input TC971/504 on the taxpayer's account.
Note:
If the taxpayer's account is not established on Master File, see IRM 3.13.5.34, Establishing a New Account (TC000).
  • Issue a Letter 4402C, ID Theft (Self Identified) - AM AC 504 Notification Letter) to the taxpayer's address of record OR the current mailing address as noted on Form 14039, Identity Theft AffidavitIF ID theft documentation can be used to verify the new address.
  • Close the account on AMS/CIS.

Incomplete identity theft documentation and there is no tax-related activity on the account /
  • Request the missing information using a letter 131C, Information Insufficient or Incomplete for Processing Inquiry.
Note:
Use the taxpayer's address of record OR the current mailing address IF ID theft documentation can be used to verify the new address.
  • Enclose the taxpayer's original documentation (Form 14039 and/or other documentation).
  • Advise the taxpayer no action will be taken if they do not respond to the request.
  • Close the case on AMS/CIS.

  1. If the taxpayer requests the Self Identified Non Tax Relief indicator be reversed/removed, refer to Exhibit 10.5.3–7, TC 972 AC 504 - Reversal of TC 971 AC 504.

21.9.2.4.2 (10-01-2010)
Tax-Related Identity Theft - (Andover and Fresno only)