- 25.23.12 IMF Identity Theft Toll-Free Guidance
- 126.96.36.199 Program Scope and Objectives
- 188.8.131.52 Background of Identity Theft Toll-Free
- 184.108.40.206.1 Authority
- 220.127.116.11.2 Identity Theft Toll-Free Assistors Responsibilities
- 18.104.22.168.3 Acronyms
- 22.214.171.124.4 Related Resources for IDT Toll-free
- 126.96.36.199 Identity Theft Telephone General Guidance
- 188.8.131.52 Non-Tax-Related Identity Theft - Self Identified
- 184.108.40.206 Tax-Related Identity Theft
- 220.127.116.11.1 Telephone Inquiries Regarding Tax-Related IDTVA Cases
- 18.104.22.168.2 Open IDTVA Controls - Call Back not Received by Taxpayer
- 22.214.171.124.3 Identity Theft - Freeze Codes
- 126.96.36.199.4 Identity Theft - Refund Inquiries
- 188.8.131.52.4.1 Identity Theft Cases from External Data Breaches
- 184.108.40.206.5 Identity Theft - Transcript Requests
- 220.127.116.11.5.1 Transcript NOT Requested - Taxpayer Claims Identity Theft
- 18.104.22.168.6 Identity Theft - Unpostables
- 22.214.171.124.7 Identity Theft - Balance Due Issues
- 126.96.36.199.8 Responses to IM Breach Notification Letter 4281C
- 188.8.131.52.9 Receiving Calls on Accounts Involving IPSU criteria; Identity Theft Assistance Request (ITAR)
- 184.108.40.206 Responses to Requests for copies of Fraudulent Return(s) for Identity Theft Victims
Part 25. Special Topics
Chapter 23. Identity Protection and Victim Assistance
Section 12. IMF Identity Theft Toll-Free Guidance
September 10, 2019
(1) This transmits revised IRM 25.23.12, Identity Protection and Victim Assistance, IMF Identity Theft Toll-Free Guidance.
(1) IRM 220.127.116.11 Updated information to include taxpayers rights.
(2) IRM 18.104.22.168.1 Added link to Publication 5710 and Taxpayer Bill of Rights.
(3) IPU 18U1407 issued 11-01-2018 IRM 22.214.171.124 Added conditions in (2) when additional authentication is required based on SERP feedback 201803704.
(4) IRM 126.96.36.199 Added reference to additional taxpayer authentication and removed exception for TC 971 AC 522 with MISC code MITS CSIRC OTHER due to the removal of IRM 188.8.131.52.5.1.
(5) IRM 184.108.40.206 Added link in (7) to IRM 25.23.1-1 for Identity Protection Terms and Definitions.
(6) IPU 19U0790 issued 06-18-2019 IRM 220.127.116.11(3) Removed reference to an obsoleted IRM based on SERP feedback 201902579.
(7) IPU 18U1503 issued 12-03-2018 IRM 18.104.22.168(6) Updated how a taxpayer can obtain Publication 5027 based on SERP feedback 201804716.
(8) IRM 22.214.171.124 Updated language about filing Form 14039 for Non-Tax related identity theft.
(9) IPU 18U1407 issued 11-01-2018 IRM 126.96.36.199(2) Updated to add clarification of procedures for taxpayer’s request to flag their SSN.
(10) IRM 188.8.131.52 Updated references for IRM 25.23.4 and moved order of list.
(11) IPU 18U1503 issued 12-03-2018 IRM 184.108.40.206(1) (a) Added a note to provide a reference to additional guidance for dependents claimed on multiple returns based on SERP feedback 201804731.
(12) IRM 220.127.116.11.1 Added clarification for disclosure requirements on open or unresolved IDTVA tax related identity theft cases.
(13) IPU 19U0605 issued 05-06-2019 IRM 18.104.22.168.1(2) Added procedures for authenticating a taxpayer if IAT tool is not available based on SERP feedback 201900248.
(14) IPU 19U0126 issued 02-06-2019 IRM 22.214.171.124.1(2) Revised sentence to clarify basic and high-risk authentication must be completed using the IAT Disclosure tool for identity theft calls based on SERP feedback 201805104.
(15) IRM 126.96.36.199.1 Removed option in (3) to fax documents and clarified printing procedures for transcripts when identity theft is involved.
(16) IPU 18U1407 issued 11-01-2018 IRM 188.8.131.52.1(5) CAUTION Revised wording from SSN to TIN and providing clarification of procedures for toll-free assistors based on SERP feedback 201803996.
(17) IRM 184.108.40.206.1 Added clarification regarding authentication of caller.
(18) IPU 18U1503 issued 12-03-2018 IRM 220.127.116.11.1(8) Added requirement to document AMS with DLN of the return the caller authenticates.
(19) IRM 18.104.22.168.4.1 Updated references for IRM 25.23.4 and titles.
(20) IPU 19U0605 issued 05-06-2019 IRM 22.214.171.124.9(2) Changed initial contact time-frame promised to taxpayers from 10 business-days to 30-days for ITAR cases.
(21) IPU 19U0605 issued 05-06-2019 IRM 126.96.36.199.9(3) Changed initial contact time-frame promised to taxpayers from 10 business-days to 30-days for ITAR cases.
(22) IRM 188.8.131.52 Updated reference to remove the word redacted.
(23) IPU 19U0605 issued 05-06-2019 IRM 184.108.40.206 Updated to include masked transcripts.
(24) Editorial updates have been made throughout the IRM to correct citations, spelling and grammar problems.
Karen A. Michaels
Director, Accounts Management
Wage and Investment Division
Purpose: This IRM provides Individual Master File (IMF) Identity Theft Toll-free victim assistance guidance and resource information.
Audience: This IRM is for use by all employees when responding to identity theft related telephone inquiries received on IRS toll-free numbers.
Policy Owner: The Director of Accounts Management.
Program Owner: Identity Protection Strategy and Oversight, Identity Theft Victim Assistance, Accounts Management, Wage and Investment.
Primary Stakeholders: The primary stakeholders are organizations that Accounts Management collaborates with; for example; Return Integrity & Compliance Services (RICS), Compliance and Submission Processing.
Program Goals: Identity theft toll-free focuses on assistance activities and recommendations to help lighten the emotional toll identity theft takes on its victims. Program goals and objectives can be achieved by following the processes and procedures provided within this IRM. Other IRMs and resource guides should also be used to assist with resolving and/or referring their phone call. IRS employees should also utilize and become familiar with the pre-requisite IRMs listed below in conjunction with IRM 25.23.12 to assist with resolving/referring their phone call:
IRM 25.23.1, Identity Protection and Victim Assistance Program - Policy Guidance
IRM 25.23.2, Identity Protection and Victim Assistance - General Case Processing
IRM 25.23.3, IMF Identity Protection Specialized Unit (IPSU) Paper Overview and Guidance
IRM 25.23.4, IDTVA Paper Process
IRM 25.23.9, BMF Identity Theft Processing
IRM 25.23.10, Compliance Identity Theft Case Processing
The IRS will not tolerate discriminatory treatment of taxpayers by its employees in any programs or activities supported by the Service. No taxpayer should be subject to discrimination in educational programs or activities based on sex, race, color, national origin, disability, reprisal, religion, or age.
If a taxpayer believes they have been discriminated against on the basis of sex, race, color, national origin (including limited English proficiency), disability, reprisal, religion, or age, advise the taxpayer that he/she can forward an e-mail to*EDI.Civil.Rights.Division@irs.gov, or send a written complaint to: Internal Revenue Service, Office of Equity, Diversity, and Inclusion, CRU, 1111 Constitution, N W, Room 2413, Washington, DC 20224. A complaint form can be obtained online at Civil Rights On-Line form.
The Internal Revenue Service Commissioner’s testimony before Congress on April 10, 2008 prompted Accounts Management (AM) to take a proactive position in combatting identity theft. A toll -free number for identity theft victims was created (800-908-4490). The hours of operation are 7:00 am - 7:00 p.m. Monday - Friday. Taxpayers calling from Alaska and Hawaii will adhere to Pacific Time frames. These procedures were created to address taxpayers that are victims of tax-related identity theft and provide general guidance for non-tax related identity theft.
Refer to IRM 1.2.21,Servicewide Policies and Authorities, Policy Statements for Customer Account Services Activities, for information.
The Taxpayer Bill of Rights adopted by the IRS in June 2014, ensures taxpayers, the right to prompt, courteous, and professional assistance in their business communications and transactions with the IRS. See Pub 5170, Taxpayer Bill of Rights and Taxpayer Bill of Rights FAQs.
Policy Statement 10-1, Assisting Taxpayers who Report they are Victims of Identity Theft. See IRM 220.127.116.11, P–10–1 (formerly P-25-1).
The Wage and Investment Commissioner has overall responsibility for the policy related to this IRM which is published on a yearly basis.
Additional information is found in IRM 18.104.22.168.3,Accounts Management (AM), and IRM 21.1.1, Accounts Management and Compliance Services Overview.
See IRM 22.214.171.124.3, Responsibilities - Accounts Management, Compliance Services and Field Assistance.
All taxpayers desire and expect courteous service. Taxpayers who have experienced identity theft are already victims, either emotionally or financially. All employees need to be aware of that impact and handle the contact with an additional level of sensitivity and understanding and be empathic when dealing with identity theft victims.
Refer to the table below for a list of acronyms used throughout this IRM.
Acronym Definition 1.
Automated Collection System Support 2.
Adjusted Gross Income 3.
Account Management System 4.
(phone) Application 5.
Automated Under Reporter 6.
Business Master File 7.
Centralized Authorization File 8.
Centralized Distribution Site 9.
Corporate Files On-Line 10.
Correspondence Imaging System 11.
Close of Business 12.
Compliance Services Collection Operations 13.
Customer Service Representative 14.
Disclosure Verified 15.
Electronic Products and Services Support 16.
Employee User Portal 17.
Federal Trade Commission 18.
Fraudulent Return Request 19.
Global Review 20.
High-Risk Authorization IAT 21.
Integrated Automation Technologies 22.
Image Control Team 23.
Integrated Data Retrieval System 24.
Identity theft 25.
Identity Theft Victim Assistance 26.
Incident Management 27.
Individual Master File 28.
Identity Protection Strategy and Oversight 29.
Identity Protection Specialized Unit 30.
Internal Revenue Manual 31.
Internal Revenue Service 32.
Identity Theft Assistance Request 33.
Individual Taxpayer Identification Number 34.
Modernized e-File 35.
Master File 36.
Operations Assistance Request 37
P&A Analyst MITS CSIRC
Planning and Analysis Analyst, Modernization & Information Technology Services, Computer Security Incident Response Center 38.
Personally Identifiable Information 39.
Power of Attorney 40.
Return and Income Verification Services 41.
Return Preparer Misconduct 42.
Sensitive But Unclassified 43.
Standard Employee Identifier 44.
Servicewide Electronic Research Program 45.
Submission Processing 46.
Social Security Administration 47.
Social Security Number 48.
Taxpayer Assistance Center 49.
Taxpayer Advocate Service 50.
Transcript Delivery System 51.
Tax Examiner 52.
Taxpayer Identification Number 53.
Taxpayer Protection Program 55.
Telephone Transfer Guide
Various resources must be referred to and used as it relates to IDT Toll-free. Resources specific to IDT Toll-free are:
The list of resources provided in the table below is not all inclusive as new resources are created and become available frequently.
Resource Description 1.
There are various IAT tools that have been created specific to IPSU inventory; IPSU IAT Tool.
Refer to IRM 126.96.36.199.4.14, Integrated Automation Technologies, and Exhibit 21.2.2-2, Accounts Management Mandated IAT Tools.
Assistors should become acquainted with the list of (IDTVA) IRMs.
See IRM 188.8.131.52 (6) for a list of recommended identity theft IRMs.
IRM 25.23.2, Identity Protection and Victim Assistance - General Case Processing, takes precedence over guidance presented in IRM 25.23.12, IMF Identity Theft Toll-Free Guidance, when processing and resolving identity theft claims. Closing actions are located in 25.23.2, Identity Protection and Victim Assistance- General Case Processing.
Accounts Management (AM) IRMs - Utilize and become familiar with appropriate chapters.
Refer to SERP for access to all IRM 21 chapters.
Integrated Data Retrieval System (IDRS)
This system is used for research and documenting taxpayer accounts as well as adjustment and closing actions for assigned cases.
Servicewide Electronic Research Program (SERP)
Designed to provide employees with access to current IRMs, updated with interim procedural guidance, as well as reference materials. SERP provides employees with notification of IRM changes and current procedures.
Accounts Management System (AMS)
This system is used for research and documenting taxpayer accounts as well as adjustment and closing actions for assigned cases.
Employee User Portal (EUP)
This portal is used to access MeF for the Fraudulent Return Program (FRR).
Individuals may call the IRS to report their SSN or Individual Taxpayer Identification Number (ITIN) has been misused to obtain good or services, to report other complaints of identity theft, and/or to request protection of their tax account information. An identity theft toll-free number 800-908-4490 (Application 161/162) was established specifically to receive identity theft related calls and provide taxpayer access to automated messages and assistors. The hours of operation are 7:00 a.m. to 7:00 p.m., Monday through Friday, (taxpayer’s local time). Taxpayers calling from Alaska and Hawaii need to follow the Pacific Time.
All toll-free employees receiving calls should continue to follow basic required authentication procedures using the IAT Disclosure tool to assist callers and prevent unauthorized disclosure of taxpayer information whenever it is necessary to access a taxpayer’s account. The IAT Disclosure tool alerts users to account conditions when identity theft is a factor/suspected and documented. When disclosing information on accounts involving multiple entities, mixed periods, cases involving ID Theft related transactions, MFT 32 accounts, open identity theft controls, etc., additional authentication must be completed before disclosing information. See IRM 184.108.40.206.4 , Additional Taxpayer Authentication, for high-risk authentication procedures.
Communication Skills, IRM 220.127.116.11;
Required Taxpayer Authentication, IRM 18.104.22.168.3;
Additional Taxpayer Authentication, IRM 22.214.171.124.4; and
Third Party (POA/TIA/F706) Authentication, IRM 126.96.36.199
TCD 0249, Communication Skills
Guidance will be provided to individuals identifying themselves as potential victims of identity theft, including actions to take when there is currently no tax-related impact or tax-related identity theft. It is important to identify the issue and/or the reason why the taxpayer is calling (balance due notice, refund offset, rejected e-file, lost or stolen purse/wallet, etc.) and follow those particular IRM guidelines. Generally, calls should not be transferred to the identity theft toll-free number or application with the exception of default screeners. Follow the Telephone Transfer Guide to determine when the transfer of a call is appropriate.
Taxpayer inquires received on the toll-free lines (examples: App 20/21 or 161/162) that meet the Taxpayer Protection Program (TPP) criteria, See IRM 188.8.131.52, Non Taxpayer Protection Program (TPP) Telephone Assistors Response to Taxpayers.
If the call is from a business entity that has experienced a data breach, refer to IRM 184.108.40.206, Data Breach - Business Entities Whose Employees or Clients PII was Breached, for instructions.
If the call is from an individual who is a victim of an external data breach, refer to IRM 220.127.116.11, Taxpayers who are Victims of a Data Breach, for instructions.
Ask if the taxpayer would prefer to receive the information via the internet or over the phone
If the taxpayer prefers internet access, provide the IRS website, www.irs.gov, and advise the taxpayer to search using key words, "identity theft". If there are no further issues or questions, go to (7).
If internet access is not an option or the caller prefers to receive the resource information over the phone, provide the following recommendations as applicable:
Advise the caller they must continue to file their tax returns and pay the taxes as appropriate while their identity theft claim is under review.
Advise the taxpayer if they are concerned about protecting their identity (including their SSN) to prevent misuse, they may contact the two agencies listed below. The agencies will be able to assist them in identifying what specific information is needed in order to pursue an allegation of identity theft.
If the taxpayer is calling to report they cannot e-file, recommend the Form 14039 be completed, printed and attached to the back of their paper tax return when filing.
Contact Web Address Contact Number 1.
Federal Trade Commission (FTC)
For victims needing to complete Form 14039, the FTC is currently providing a fillable Form 14039 on www.identitytheft.gov. This is in addition to the fillable IRS Form 14039 available on IRS.gov. This is authorized by the IRS and its present placement on the FTC site is intended as providing an additional resource for identity theft victims who are self-reporting to the FTC. The victim should only file one Form 14039, either directly with the IRS or through the FTC. CSR’s should not attempt to provide assistance with the form’s functionality on the FTC website. See IRM 18.104.22.168.1, Taxpayer Interaction.
www.ftc.gov/idtheft 877-438-4338 2.
Social Security Administration (SSA)
type in "identity theft" in the search box
Advise the taxpayer they should contact their financial institution to report the allegation of identity theft.
Advise the taxpayer they may file a report with their local or state police.
Advise the taxpayer to contact one of the three major credit bureaus listed below. They will be able to assist them in identifying what specific information is needed in order to pursue an allegation of identity theft.
Credit Bureau Web Address Contact Phone Number 1.
www.equifax.com 800-525-6285 2.
www.experian.com 888-397-3742 3.
Advise the taxpayer to obtain an electronic copy of Pub 5027, Identity Theft Information for Taxpayers. Publication 5027 provides resource information in both English and Spanish. This publication and other publications can be obtained electronically on the IRS website, www.irs.gov.
There are numerous websites and publications available to the public to assist with the prevention of becoming a victim of identity theft and with steps on how to protect personal identifying information (PII) etc. The recommendations above are not all inclusive. If the caller mentions or questions other websites or publications, simply provide a word of caution to ensure the website they are referencing is legitimate.
Advise the taxpayer to check their local state agencies to determine if additional steps are required at the state level.
Provide the caller with the identity theft toll-free number, 800-908-4490, including the-hours of operation when appropriate.
Each situation needs to be researched to determine if there is an impact to the taxpayer’s account. See Exhibit IRM 25.23.1-1 , Glossary of Identity Protection Terms and Definitions, to assist with your determination. If the caller’s issue pertains to non-tax-related self-identified identity theft; refer to IRM 22.214.171.124, Non-Tax-Related Identity Theft - Self-Identified. If the caller’s issue pertains to tax-related identity theft, then refer to IRM 126.96.36.199, Tax-Related Identity Theft, for additional guidance.
If the Caller’s inquiry is about And Then Non-Tax-Related Self-identified identity theft issues Refer to IRM 188.8.131.52, Non-Tax Related Identity Theft - Self Identified Tax-related Identity Theft Refer to IRM 184.108.40.206, Tax Related Identity Theft
Individuals experiencing non-tax-related identity theft may call the IRS for guidance.
Take the following actions:
Provide guidance and resource information as referenced in IRM 25.23.2, Identity Protection and Victim Assistance)- General Case Processing, and IRM 220.127.116.11.5, When to Request Additional Information to Support an Allegation of Identity Theft.
The taxpayer is welcome to file a Form 14039 for non-tax related issues. If an individual requests that their SSN be marked, red flagged/protected, etc., then provide guidance for submitting the form either through the FTC website or by paper. Also, see IRM 18.104.22.168Identity Theft Claims - General Guidelines, and IRM 22.214.171.124.1, Taxpayer Interaction.
If the taxpayer insists or states he/she will be submitting Form 14039, then advise callers they may receive correspondence acknowledging receipt of their ID theft claim or requesting additional information.
When taxpayers call to report tax-related identity theft, probe the taxpayer to determine if a notice or a bill related to unknown income, or a notification of an audit was received. Review and research the taxpayer’s account to determine if additional information is needed. Refer to IRM 126.96.36.199 and IRM 188.8.131.52.5 for guidance on when a taxpayer should submit a claim and when additional information is needed. See Exhibit 25.23.1-1, Glossary of Identity Protection Terms and Definitions, for the definition of an "Identity Theft Claim" .
If compliance is involved with the case, Form 14039 must be submitted with the taxpayers’ response.
For taxpayer inquiries received on the toll-free lines (examples: App 20/21 or 161/162) that meet Taxpayer Protection Program (TPP) criteria (i.e., taxpayer states they received one of the following letters addressed to them, Letter 4883C, Letter 5071C, Letter 5447C or Letter 5747C; or there is an Unpostable 126 RC 0), see IRM 184.108.40.206, Non Taxpayer Protection Program (TPP) Telephone Assistors Response to Taxpayers.
If during your research you find an open identity theft control (examples: IDT(x) or IDS(x), where the x REPRESENTS 1, 3, 6, 8, or 9) or IDI(x), where the x represents 1, 2, 3, 4, 5, 6, 8 or 9), see IRM 220.127.116.11.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases, for additional information and guidance.
Be empathetic to the taxpayer's issue. Assure the taxpayer that the IRS is firmly committed to working with them to resolve their identity theft issues. Cases such as theirs require complete and thorough research to provide them with a status update and to make a correct determination for case resolution.
If the taxpayer received a reject message after attempting to e-file due to the TIN having already been used to e-file a return, then advise the taxpayer to file a paper return with a Form 14039 attached. Enter AMS narrative by selecting Identity Theft; "TP will file paper return with IDT claim" .
If the taxpayer is responding to an IRS letter or notice (with the exception of the TPP letters referenced above), advise the taxpayer to submit an identity theft claim, when appropriate with a copy of the IRS letter or notice. Send the information to the address indicated on the letter or notice. Enter AMS narrative by selecting Identity Theft, "TP will respond to letter/notice with IDT claim."
Advise the taxpayer to include any additional information such as written statements, supporting evidence, credit bureau letters etc. the notice/letter is requesting (example: an AUR notice may include a request that all income issues be addressed and whether they were part of the identity theft impact).
If the taxpayer is contacting IRS about a dependent TIN being used as a primary or secondary TIN on another tax return, see IRM 18.104.22.168, Taxpayer Inquiries Involving Identity Theft (IDT).
Advise the taxpayer there will be processing delays while the situation is resolved and they may receive correspondence requesting additional information.
Provide taxpayers with a realistic expectation of the time frame for resolution of their cases. Explain that identity theft is complex in nature and constantly changing. Suggested language is:
Identity theft is a challenging and ever-changing issue and the IRS is firmly committed to working with victims like you to resolve tax-related identity theft cases. Most cases are resolved in 120 days or less, however some are more complex and can take as much as 180 days or more to resolve. The issues involved are complex and require complete and thorough research to resolve. Due to these complexities, resolution time for some of these cases exceeds our typical processing times for resolution of return or account issues.
For subsequent calls, apologize to the taxpayer for the length of time required to resolve their issue. Suggested language is:
I apologize for the length of time it is taking to resolve your case. Identity theft is a challenging and ever-changing issue and the IRS is firmly committed to working with victims like you to resolve tax-related identity theft cases. Most cases are resolved in 120 days or less, however some are more complex and can take as much as 180 days or more to resolve. The issues involved are complex and require complete and thorough research to resolve. Due to these complexities, resolution time for some of these cases exceeds our typical processing times for resolution of return or account issues.
Individuals not required to file a return may also be negatively impacted by tax-related identity theft. For example, a taxpayer may state the Social Security Administration (SSA) has reduced or stopped his/her Social Security benefits based on a tax return filed with the IRS. The taxpayer indicates that he/she has not filed a return. When this type of call is received, follow the instructions below:
Advise the taxpayer to write a letter explaining their situation and any additional information they may think would be appropriate to substantiate their situation. Provide the IRS address associated with the taxpayer’s state for mailing. Refer to the Campus Mailing Address under the Who/Where tab on Servicewide Electronic Research Program (SERP) for Campus mailing address. Enter AMS narrative and select Identity Theft; "NFR - TP will respond to letter/notice with IDT claim."
Advise the taxpayer they may receive correspondence requesting additional information.
Input a TC 971 AC 522 per IRM 22.214.171.124.4, Initial Allegation or Suspicion of Tax-Related Identity Theft - IMF Identity Theft Indicators, and Exhibit 25.23.2-10, IMF Only TC 971 AC 522 Tax-Related Identity Theft, Case Status (Initial Claim/Suspicion).
A tax-related identity theft case controlled on IDRS can be identified by control categories, IDT(x), or IDS(x), (The "x" represent IDT/S 1, 2, 3, 6, 8, or 9, or IDI(x), where the “x” represents 1, 2, 3, 4, 5, 6, 8 or 9). Telephone CSRs must not make adjustments or take any account actions on open identity theft accounts.
Basic and high-risk authentication must be completed using the IAT Disclosure tool for all telephone calls involving open or unresolved IDTVA tax related identity theft cases. See IRM 126.96.36.199.3, Required Taxpayer Authentication. If IAT Disclosure tool is not available or an employee has a problem with the IAT Tool Manager, the case should be processed through IDRS following established procedures. See IRM 188.8.131.52.4.14(2), Integrated Automation Technologies, for additional information.
If the identity theft case is closed/resolved, you may provide account information to the TIN owner utilizing normal procedures. You may provide the TIN owner with the information from his/her account only. Fraudulent information may be combined with the TIN owner's information, such as IRP data, account transcripts, etc. Do not provide information from the fraudulent return. If the taxpayer is asking for transcript information see IRM 184.108.40.206.8, Transcripts and Identity Theft. Also refer to IRM 220.127.116.11.8.4.3, Wage and Income Transcript Identity Theft. You can usually identify the following transaction(s) on Integrated Data Retrieval System (IDRS) via cc ENMOD and/or cc IMFOLE, if the case has been resolved.
A posted TC 971 AC 501 or,
A posted TC 971 AC 506
See IRM 18.104.22.168.1, Tracking and Reporting Identity Theft Cases - Identity Theft Indicators, for additional information related to IDT indicators.
Accounts or cross-reference accounts with TC 971 AC 501, 506, 522, 524 or 525 will not be able to receive transcripts via online, mail order or phone services. Taxpayers are instructed to contact the IDT toll free number for the transcript. Do not refer the taxpayer to self-serve options. See IRM 22.214.171.124.8, Transcripts and Identity Theft, for additional guidance . For guidelines on issuing a specific type of transcript see IRM 126.96.36.199.8.4, Type of Transcript Requested for Identity Theft Accounts.
For a closed identity theft case, if the SSN owner did not receive their refund, received an incorrect refund amount, or received an incorrect balance due notice because the case was worked incorrectly, (for example, an employee failed to input the TC 971 AC 850 causing a direct deposit into the bad taxpayer's account), treat the case as priority work and take the following actions:
If the case Then 1.
Can be resolved over the telephone, see IRM 188.8.131.52, Oral Statement Authority, and IRM 184.108.40.206.2, Adjustments with Oral Statement
Input the adjustment. 2.
Cannot be resolved over the phone and the case meets:
IPSU criteria; see IRM 220.127.116.11.6 or,
TAS criteria, see IRM 18.104.22.168.2, TAS Case Criteria 5 - 7, Systemic Burden
Complete the correct referral to either IDTVA IPSU or TAS following guidance in:
IRM 22.214.171.124.6 or,
IRM 126.96.36.199, Taxpayer Advocate Service (TAS) Guidelines.
Cannot be resolved over the telephone and case does not meet IPSU or TAS criteria
Complete the appropriate Form 4442 and transmit or fax to the specific area based on the AM Case Referral/Reassignment Listing located on SERP.
On open identity theft cases, do not give out specific account information on the common TIN (when staffing the toll-free lines) unless the caller passes additional/high-risk authentication. For additional information, see IRM 188.8.131.52.4, Additional Taxpayer Authentication. If the caller passes the additional taxpayer authentication, you can provide general information on status updates and CIS case notes entered on "AMS". In order to provide a reasonable time frame necessary to complete the processing of the case, general information from the case may be necessary.
Do not assume that the caller is the true owner of the TIN. If, while completing authentication and/or additional authentication, you are unable to determine that you are speaking with the true owner of the TIN, advise the caller to check their records, terminate the call and use AMS issue/narrative to leave a brief note recording the failed disclosure.
If the taxpayer is calling only to check on the status of their refund and no additional information is provided, then provide an update on the status of the case including a reminder of the identity theft time frames. In an attempt to minimize frustration a statement like this one could be provided:
"Identity theft is a challenging and ever-changing issue and the IRS is firmly committed to working with victims like you to resolve tax-related identity theft cases. Most cases are resolved in 120 days or less, however some are more complex and can take as much as 180 days or more to resolve. The issues involved are complex and require complete and thorough research to resolve. Due to these complexities, resolution time for some of these cases exceed our typical processing times for resolution of return or account issues."
If you are unable to assist the taxpayer by responding to their questions and concerns as it relates to the open IDTVA case, use the IDTVA Employee Lookup tool to find the controlling IDTVA employee’s contact information. Provide the taxpayer with the IDTVA toll-free number (855-343-0057), IDTVA’s employee’s name, six digit extension and Tour of Duty (TOD), and availability based on the taxpayer’s time zone.
Advise the taxpayer of the following:
"If you receive the employee’s voice mail, leave a brief message to identify yourself and provide your telephone number. Your call will be returned within five (5) business-days. The five business-days will begin the day after the message was left" .
"If you do not receive a call back within five (5) business-days, call back on the identify theft toll-free number (800-908-4490) and advise the IRS employee answering the call that you had left a message for the assigned employee and have not received a call back within five business-days. That employee will follow-up on the call back request."
After the information above has been provided to the taxpayer (or a secure e-mail sent), AMS must be updated to document the call and the information the taxpayer provided:
The letter or notice (example: Letter 4674C/4674SP, Letter 4675C/4675SP, Letter 5064C or CP 01C or CP 701C etc.) the taxpayer was inquiring about
Document the DLN of the return to which the caller authenticated if the tax year/module in question contains multiple returns.
A telephone number(s) where the taxpayer can be reached and the best time for the IDTVA employee to contact them
The date the caller’s tax return was filed and the amount of refund expected (when applicable)
Other pertinent information filed on the return that will assist the IDTVA employee in resolving the case
If the TIN was stolen and used on a fraudulent return or the refund amount they received was not what they were expecting.
If a taxpayer calls and indicates they have not received a call back within five business-days:
Try to answer the taxpayer’s questions.
Research and verify through AMS that a call was received and contact information (employee’s name, extension and TOD) was provided to the taxpayer and at least five business-days has passed since the day after the taxpayer left a message requesting a call back.
A taxpayer calls on a Monday and leaves a message on IDTVA employee Mr. Smith’s extension, requesting a call back. The five business-days will start the day after the message was left which would be Tuesday. The taxpayer would need to wait until the following Monday before stating they did not receive a call back.
Search AMS for indications the IDTVA employee attempted to contact the taxpayer. If the employee has attempted contact, advise the taxpayer of those attempts and of any action the employee may have taken, such as sending the TP a letter or similar closing actions.
If you are unable to assist the taxpayer, advise the taxpayer that you will follow-up to have their call returned within two business-days.
Use the IDTVA Employee Lookup tool to find the controlling IDTVA employee's contact information. Issue a secure e-mail to the employee and their manager, with a copy (CC) to the assigned P&A analyst. Advise them the call must be returned no later than the next business-day.
If the controlling employee’s IDRS Number is not available and a secure e-mail was previously issued, provide detailed information related to the history in a follow-up secure e-mail.
Refer to IRM 21.5.6, Freeze Codes, for guidance specific to freeze codes.
For most calls, refer to the subsections under IRM 21.4 , Refund Inquiries. However, if research of the taxpayer’s account shows a systemic true duplicate condition along with an indication of an external data breach (TC 976, TC 971 AC 142 and/or a TC 971 AC 125), see IRM 184.108.40.206.4.1 for guidance on how to complete a e-4442.
There have been some instances where identity theft claims were resolved incorrectly when the taxpayer was a victim of an external data breach.
Identity theft resulting from external data breaches may be challenging to recognize, but careful and thorough research must be performed to ensure we don’t treat those returns as true duplicates or reject valid claims. In the worst-case scenario, a fraudster obtained completed but un-filed tax returns from a tax preparer’s computer system. Because of this, the identity theft returns were the same as the SSN owners’ returns except for the direct deposit information; they were identified as systemic true duplicate.
CSRs may receive calls from taxpayers inquiring about their refunds and there may be evidence of a systemic true duplicate filing condition involving an external data breach incident. Characteristics can be identified on the SSN account with the following:
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
If research confirms the taxpayer is a victim of identity theft as a result of an external data breach, and some of the characteristics listed above are present on the taxpayer’s account, take the following action:
If the situation meets IPSU criteria, refer to IRM 220.127.116.11.9, Receiving Calls on Accounts Involving IPSU Criteria; Identity Theft Assistance Request (ITAR).
If the situation does not meet IPSU criteria, see IRM 18.104.22.168.2.1.1, Preparing an e-4442, to make a referral to IDTVA for action,
Inform the taxpayer a referral will be issued to an employee who will review and resolve the issue identified. Provide the appropriate time frame and apology per IRM 22.214.171.124.3, IDT Case Processing Time Frames.
Create an e-4442 on AMS using the following information along with other required fields,
Referral Type: IRM. From the IRM drop down menu, select “Other-write-in”; enter IRM 126.96.36.199.4.1
Reason field, select Complex Issue/Training Specialization
Clearly note a valid/correct address in the appropriate field of the e- 4442 if, after verifying disclosure, the taxpayer has confirmed a different address than what is on Master File (MF)
Provide a detailed narrative in the "Taxpayer Inquiry/Proposed Resolution" field explaining the taxpayer’s situation including the following comments; “TP appears to be a victim of an external data breach”.
Include the fax number the referral will be sent to the “Identity Theft - Accounts Management Case Referral/Reassignment Listing” under the Who/Where tab on SERP
If there is already an open IDTVA control, see IRM 188.8.131.52.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases. If a different open control is identified (example: TPRQ, DUPF, XRET, etc.), in the "Proposed Resolution" field, include in your recommendation the case be reassigned to IDTVA immediately.
Send the referral along for the systemic approval path
Refer to IRM 184.108.40.206.8 , Transcripts and Identity Theft, for guidance specific to requests involving identity theft.
If the taxpayer indicates receipt of a transcript they did not request, probe to determine if their spouse or someone who is authorized (such as a tax professional, power of attorney or financial institution, etc.) could have requested the transcript.
If the taxpayer is calling about a Form 14611 they received, see IRM 220.127.116.11.8, Transcripts and Identity Theft.
Once it has been confirmed neither the taxpayer, nor the taxpayer’s spouse or any other authorized representative requested the transcript in the mail, apologize and explain that someone had enough information to request the transcript through our system, but did not receive the transcript. Thoroughly research the SSN(s) on the transcript in question to ensure there is no open or unresolved tax-related identity theft issue.
If an open identity theft control is identified, see IRM 18.104.22.168.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases, for additional actions and guidance.
See Exhibit 25.23.2-16, IDTVA IDRS Category Controls by Function, for a list of identity theft category control codes.
If an unresolved tax related identity theft issue is identified without an open control, see IRM 22.214.171.124.9, Receiving Calls on Accounts Involving IPSU Criteria; Identity Theft Assistance Request (ITAR), to determine if the issue meets IPSU criteria and requires an e-4442 for ITAR. If IPSU criteria is not met, complete the e-4442 and transmit or fax to the specific area based on the AM Case Referral/Reassignment Listing located on SERP under the Who/Where tab. Provide the taxpayer with a 30 day time frame for contact or resolution. See IRM 126.96.36.199.1, When to Prepare a Referral.
If there is no tax-related identity theft on the SSN(s), tell the taxpayer there are currently no identity theft indicators on their tax account. To protect their tax account, advise the taxpayer they can file a Form 14039 and check box 2 in Section B. Provide guidance and resource information for identity theft per IRM 188.8.131.52, Identity Theft Telephone General Guidance.
Update AMS history to specify the reason the taxpayer called (example: received transcripts that were not requested).
Refer to IRM 21.5.5, Unpostables, for guidance specific to unpostable transactions.
For calls related to a balance due issue on a closed identity theft issue see IRM 184.108.40.206.1, Identity Theft Claim.
For calls related to a balance due issue on an open IDTVA control, see IRM 220.127.116.11.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases, paragraphs (5), (6), (7) and (8).
Refer to IRM 10.5.4.4.7.1, Handling Inquiries About IM Data Breach Notification Letters, for guidance specific to request involving Letter 4281C. Questions regarding the content of IRM 10.5.4 should be directed to that IRM owner.
As part of the Identity Theft program, the IRS will generally assist taxpayers whose situations meet TAS criteria 5-7 AND involve identify theft. Applicable cases will now be considered IPSU criteria and MUST be referred to IDTVA using Form 4442, Inquiry Referral, using the Account Management System (AMS) if available.
Accounts Management employees working phones will create a Form 4442 Inquiry Referral if a taxpayer calls the identity theft toll-free number, and the IPSU criteria is met. See IRM 18.104.22.168.2.1.1, Preparing an e-4442. Clearly note a valid/correct address in the appropriate field of the e-4442 if after verifying disclosure the taxpayer has confirmed a different address than what is on Master File (MF). The completed referral will be sent using AMS within 24 hours of when the IPSU criteria was identified. Inform the taxpayer he/she can expect contact either by phone or correspondence within 30-days from the date of the call. Inform the taxpayer he/she should call the toll-free number (800-908-4490) if he/she does not receive correspondence or a confirmation phone call within the 30-days. A detailed narrative must be entered in the "Taxpayer Inquiry/Proposed Resolution" field of the Form 4442 explaining the taxpayer’s issue, and why it meets IPSU criteria.
If using AMS for referrals, select category ITAR from the IRM drop down menu, select English or Spanish. Fresno-Electronic should be the ONLY SITE SELECTION. Enter a narrative on AMS. See IRM 22.214.171.124.4.14, Integrated Automation Technologies.
If Then enter a Narrative on AMS 1.
Address is verified as good during disclosure
DV - Address verified 2.
A different address is obtained during disclosure
DV - address updated in box 13 of F4442
If not using AMS, annotate ITAR, and English or Spanish whichever is applicable on the top of the Form 4442 prior to forwarding to IDTVA-I via secure e-mail; *W&I-ITAR or a designated fax number within 24 hours of when the IPSU criteria was identified. See IRM 126.96.36.199.2.2,Controlling Referrals.
If a taxpayer calls back on the regular toll-free line or the identity theft toll-free number as directed above stating he/she has not received the contact within the promised 30-days, take the following action:
Complete research to provide the taxpayer with as much of a status update on the account as possible.
Verify there is an open ITAR control on IDRS.
Research CC ENMOD to verify a Letter 4524C/4524SP was issued.
Provide the date the letter was issued.
If during your research you find an open identity theft control (examples: IDT(x) or IDS(x), where the x represents 1, 3, 6, 8 or 9) or IDI(x), where the x represents 1, 2, 3, 4, 5, 6, 8 or 9), then follow the guidance in IRM 188.8.131.52.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases, paragraphs (5), (6), (7) and (8).
Enter required AMS narrative selecting category Identity Theft, and enter "Additional 5 business-days provided." as a narrative.
If it has been determined the 4524C/4524SP, Identity Theft Assistance Request (ITAR), letter was not issued and/or there is no open ITAR control within the prescribed time frames mentioned in paragraph 3 above, then:
Step Action 1. Obtain as much additional information from the taxpayer as possible (example: a current contact phone number (cell and/or home) and correct mailing address). 2. Create a F4442/e4442 referral to your P&A analyst (through your manager or lead) for immediate action within the same day. 3. Apologize and provide the taxpayer a 7 business-day time frame for expected contact. 4. Enter AMS narrative and select category "Identity Theft" and enter, “F4442 to P&A - ITAR follow-up”. Your P&A analyst will work with the P&A analyst at the assigned site where the ITAR case is controlled within the same day, for appropriate action.
If there is an open ITAR control, and the taxpayer is providing additional information to assist in the resolution of the case or has not received their requested contact within the specified time frame, then refer to IRM 184.108.40.206.1, When to Prepare a Referral. Enter AMS narrative selecting Identity Theft, "Additional 10 business-days provided" .
AMS must be updated with this contact and information provided to the taxpayer. See IRM 220.127.116.11.4.14, Integrated Automation Technologies.
See IRM 18.104.22.168.6 , Identity Theft Assistance Request (ITAR) - General Information, for additional information regarding ITAR processing.
The IRS is accepting requests for and providing masked copies of fraudulent returns to victims of identity theft or persons authorized to obtain the identity theft information. Requests will be accepted and processed for instances where the fraudulent return was filed and accepted for processing using the identity theft victim’s name and social security number as a primary or secondary taxpayer.
When an identity theft victim requests a copy of a fraudulent return filed under their SSN via toll-free, employees will:
Inform the requestor that Form 4506-F (with instructions on the back) and FAQs are available on www.irs.gov. “Instructions for Requesting a Copy of Fraudulent Returns”.
Answer any question the caller may have about the form and/or instructions.
Explain the form must be mailed, and then provide the centralized address:
Internal Revenue Service
Fresno, CA 93888-0025
Inform the requestor some information on the fraudulent return will be masked or blacked out, but there will be sufficient information to determine how the taxpayer’s personal information was used.
Explain the IRS cannot provide a copy of the fraudulent return to any person only listed as a dependent, nor can it be provided to that person's/dependent's parent, legal guardian, or authorized representative.
Answer any additional questions raised by the requestor; do not refer the taxpayer to another phone number.
If the requestor does not have access to the internet, the CSR will verbally provide the information from the IRS website: Instructions for Requesting Copy of Fraudulent Returns