- 25.23.12 IMF Identity Theft Toll-Free Guidance
- 184.108.40.206 Program Scope and Objectives
- 220.127.116.11 Background of Identity Theft Toll-Free
- 18.104.22.168.1 Authority
- 22.214.171.124.2 Identity Theft Toll-Free Assistors Responsibilities
- 126.96.36.199.3 Acronyms
- 188.8.131.52.4 Related Resources for IDT Toll-free
- 184.108.40.206 Identity Theft Telephone General Guidance
- 220.127.116.11 Non-Tax-Related Identity Theft - Self Identified
- 18.104.22.168 Tax-Related Identity Theft
- 22.214.171.124.1 Telephone Inquiries Regarding Tax-Related IDTVA Cases
- 126.96.36.199.2 Open IDTVA Controls - Call Back not Received by Taxpayer
- 188.8.131.52.3 Identity Theft - Freeze Codes
- 184.108.40.206.4 Identity Theft - Refund Inquiries
- 220.127.116.11.4.1 Identity Theft Cases from External Data Breaches
- 18.104.22.168.5 Identity Theft - Transcript Requests
- 22.214.171.124.5.1 Transcript NOT Requested - Taxpayer Claims Identity Theft
- 126.96.36.199.6 Identity Theft - Unpostables
- 188.8.131.52.7 Identity Theft - Balance Due Issues
- 184.108.40.206.8 Responses to IM Breach Notification Letter 4281C
- 220.127.116.11.9 Receiving Calls on Accounts Involving IPSU criteria; Identity Theft Assistance Request (ITAR)
- 18.104.22.168 Responses to Requests for copies of Fraudulent Return(s) for Identity Theft Victims
Part 25. Special Topics
Chapter 23. Identity Protection and Victim Assistance
Section 12. IMF Identity Theft Toll-Free Guidance
September 4, 2018
(1) This transmits new IRM 25.23.12, Identity Protection and Victim Assistance, IMF Identity Theft Toll-Free Guidance.
(1) Toll free guidance previously located in subsections of IRM 25.23.3, Identity Protection and Victim Assistance, IMF Toll-Free and Identity Protection Specialized Unit (IPSU) Paper, have been moved into new IRM 25.23.12, IMF Identity Theft Toll-Free Guidance.
(2) Editorial updates have been made throughout the IRM to correct citations, spelling and grammar problems.
(3) IPU 18U0262 issued 02-07-2018 IRM 25.23.12 Updates and corrections to various IRM citations have been made throughout this IRM as a result of updates to tridocs made in other IRMs.
(4) IRM 22.214.171.124.3 Inserted P&A Analyst MITS CSIRC to the acronym table.
(5) IRM 126.96.36.199(2) Inserted a new bullet for TCD 0249, Communication Skills
(6) IPU 18U0912 issued 06-06-2018 IRM 188.8.131.52 (2) Clarified sentence related to required authentication for account calls only and clarified the 2nd exception in paragraph (3). Updated the Equifax toll-free number per SERP feedback 201802010 in paragraph (6).
(7) IRM 184.108.40.206(6) Clarified the Note in Row 1 of the table. Also clarified paragraph in 2nd bullet.
(8) IPU 18U0262 issued 02-07-2018 IRM 220.127.116.11(6) Inserted a note related to a fillable Form 14039 available on the FTC website.
(9) IRM 18.104.22.168(2)(a) Corrected reference for the Campus Mailing Address list available on SERP.
(10) IRM 22.214.171.124.1(3) Note, inserted IRM citation 126.96.36.199.
(11) IRM 188.8.131.52.1(4) Corrected the title for IRM 184.108.40.206.2 in Row 2. Corrected reference to the AM Referral Reassignment listing in Row 3.
(12) IPU 17U1621 issued 11-21-2017 IRM 220.127.116.11.1(7) first bullet; and editorial update; changed the word "two" to "five"
(13) IRM 18.104.22.168.1(8) Included references to Spanish letter and notices.
(14) IPU 17U1525 issued 10-27-2017 IRM 22.214.171.124.1(8) Revised the wording in the Note at the end of this paragraph. SERP Feedback 201705896.
(15) IPU 18U0262 issued 02-07-2018 IRM 126.96.36.199.2(1) Example, changed "Thursday" to "the following Monday" to agree with the five (5) business day time frame for a call back. SERP feedback 201800329.
(16) IRM 188.8.131.52.2(3) Inserted a Note related to the required e-mail. When the IDTVA Employee Look-Up tool is used, these names are systemically included in the required e-mail.
(17) IPU 18U0262 issued 02-07-2018 IRM 184.108.40.206.2(3) Inserted a hyperlink for the IDTVA Employee Look-up Tool based on SERP Feedback 201800007.
(18) IPU 17U1525 issued 10-27-2017 IRM 220.127.116.11.4 Expanded the paragraph to include guidance for taxpayers who have become a victim of identity theft because of an external data breach.
(19) IPU 17U1525 issued 10-27-2017 IRM 18.104.22.168.4.1 Inserted a new section with guidance for when a taxpayer calls to report they are a victim of identity theft because of an external data breach.
(20) IRM 22.214.171.124.5(1) Updated the IRM citation and title.
(21) IPU 17U1621 issued 11-21-2017 IRM 126.96.36.199.5.1 Inserted a new section with guidance for when a taxpayer calls claiming a receipt of a Transcript they did not request or order and is now reporting being a victim of identity theft.
(22) IRM 188.8.131.52.5.1(1) and (4) Clarified the paragraphs.
(23) IPU 17U1621 issued 11-21-2017 IRM 184.108.40.206.7(1) Updated the IRM citation to IRM 220.127.116.11.1 per SERP Feedback 201706075,
(24) IRM 18.104.22.168.9(3) Step 2 Clarified the required action.
(25) IRM 22.214.171.124(2) Clarified the first bullet.Identity Protection and Victim Assistance, IMF Identity Theft Toll-Free Guidance effective date October 1, 2018 supersedes IRM 25.23.12, Identity Protection and Victim Assistance, IMF Identity Theft Toll-Free Guidance effective date September 12, 2017. This IRM also incorporates the following IRM Procedural Updates (IPUs) 18U0912 (dated 6-6-2018), 18U0262 (dated 20702018), 17U1621 (dated 11-21-2017) and 17U1525 (dated 10-27-2017).
Karen A. Michaels
Director, Accounts Management
Wage and Investment Division
Purpose: This Section of IRM 25.23.12 provides Individual Master File (IMF) Identity Theft Toll-free victim assistance guidance and resource information.
Audience: This IRM is for use by all employees when responding to identity theft related telephone inquiries received on IRS toll-free numbers.
Policy Owner: The Director of Accounts Management.
Program Owner: Identity Protection Strategy and Oversight, Identity Theft Victim Assistance, Accounts Management, Wage and Investment.
Primary Stakeholders: The primary stakeholders are organizations that Accounts Management collaborates with; for example; Return Integrity & Compliance Services (RICS), Compliance and Submission Processing.
Program Goals: Identity theft toll-free focuses on assistance activities and recommendations to help lighten the emotional toll identity theft takes on its victims. Program goals and objectives can be achieved by following the processes and procedures provided within this IRM. Other IRMs and resource guides should also be used to assist with resolving and/or referring their phone call. IRS employees should also utilize and become familiar with the pre-requisite IRMs listed below in conjunction with IRM 25.23.12 to assist with resolving/referring their phone call:
IRM 25.23.1, Identity Protection and Victim Assistance Program - Policy Guidance
IRM 25.23.2, Identity Protection and Victim Assistance - General Case Processing
IRM 25.23.3, IMF Identity Protection Specialized Unit- (IPSU) Paper
IRM 25.23.4, IDTVA Paper Process
IRM 25.23.9, BMF Identity Theft Processing
IRM 25.23.10, Compliance Identity Theft Case Processing
The Internal Revenue Service Commissioner’s testimony before Congress on April 10, 2008 prompted Accounts Management (AM) to take a proactive position in combatting identity theft. A toll -free number for identity theft victims was created (800-908-4490). The hours of operation are 7:00 am - 7:00 p.m. Monday - Friday. Taxpayers calling from Alaska and Hawaii will adhere to Pacific Time frames. These procedures were created to address taxpayers that are victims of tax-related identity theft and provide general guidance for non-tax related identity theft.
Refer to IRM 1.2.21,Servicewide Policies and Authorities, Policy Statements for Customer Account Services, for information.
The Taxpayer Bill of Rights adopted by the IRS in June 2014, ensures taxpayers, the right to prompt, courteous, and professional assistance in their business communications and transactions with the IRS.
Policy Statement 10-1, Assisting Taxpayers who Report they are Victims of Identity Theft. See IRM 126.96.36.199, P–10–1 (formerly P-25-1).
The Wage and Investment Commissioner has overall responsibility for the policy related to this IRM which is published on a yearly basis.
Additional information is found in IRM 188.8.131.52.4,Accounts Management, and IRM 21.1.1, Accounts Management and Compliance Services Overview.
See IRM 184.108.40.206.3, Responsibilities - Accounts Management, Compliance Services and Field Assistance.
All taxpayers desire and expect courteous service. Taxpayers who have experienced identity theft are already victims, either emotionally or financially. All employees need to be aware of that impact and handle the contact with an additional level of sensitivity and understanding and be empathic when dealing with identity theft victims.
Refer to the table below for a list of acronyms used throughout this IRM.
Acronym Definition 1.
Automated Collection System Support 2.
Adjusted Gross Income 3.
Account Management System 4.
(phone) Application 5.
Automated Under Reporter 6.
Business Master File 7.
Centralized Authorization File 8.
Centralized Distribution Site 9.
Corporate Files On-Line 10.
Correspondence Imaging System 11.
Close of Business 12.
Compliance Services Collection Operations 13.
Customer Service Representative 14.
Disclosure Verified 15.
Electronic Products and Services Support 16.
Employee User Portal 17.
Federal Trade Commission 18.
Fraudulent Return Request 19.
Global Review 20.
High Risk Authorization IAT 21.
Integrated Automation Technologies 22.
Image Control Team 23.
Integrated Data Retrieval System 24.
Identity theft 25.
Identity Theft Victim Assistance 26.
Incident Management 27.
Individual Master File 28.
Identity Protection Strategy and Oversight 29.
Identity Protection Specialized Unit 30.
Internal Revenue Manual 31.
Internal Revenue Service 32.
Identity Theft Assistance Request 33.
Individual Taxpayer Identification Number 34.
Modernized e-File 35.
Master File 36.
Operations Assistance Request 37
P&A Analyst MITS CSIRC
Planning and Analysis Analyst, Modernization & Information Technology Services, Computer Security Incident Response Center 38.
Personally Identifiable Information 39.
Power of Attorney 40.
Return and Income Verification Services 41.
Return Preparer Misconduct 42.
Sensitive But Unclassified 43.
Standard Employee Identifier 44.
Servicewide Electronic Research Program 45.
Submission Processing 46.
Social Security Administration 47.
Social Security Number 48.
Taxpayer Assistance Center 49.
Taxpayer Advocate Service 50.
Transcript Delivery System 51.
Tax Examiner 52.
Taxpayer Identification Number 53.
Taxpayer Protection Program 55.
Telephone Transfer Guide
Various resources must be referred to and used as it relates to IDT Toll-free. Resources specific to IDT Toll-free are:
The list of resources provided in the table below is not all inclusive as new resources are created and become available frequently.
Resource Description 1.
There are various IAT tools that have been created specific to IPSU inventory; IPSU IAT Tool.
Refer to IRM 220.127.116.11.4.14, Integrated Automation Technologies, and Exhibit 21.2.2-2, Accounts Management Mandated IAT Tools.
Assistors should become acquainted with the list of (IDTVA) IRMs.
See IRM 18.104.22.168 (6) for a list of recommended identity theft IRMs.
IRM 25.23.2, Identity Protection and Victim Assistance - General Case Processing, takes precedence over guidance presented in IRM 25.23.12, IMF Identity Theft Toll-Free Guidance, when processing and resolving identity theft claims. Closing actions are located in 25.23.2, Identity Protection and Victim Assistance- General Case Processing.
Accounts Management (AM) IRMs - Utilize and become familiar with appropriate chapters.
Refer to SERP for access to all IRM 21 chapters.
Integrated Data Retrieval System (IDRS)
This system is used for research and documenting taxpayer accounts as well as adjustment and closing actions for assigned cases.
Servicewide Electronic Research Program (SERP)
Designed to provide employees with access to current IRMs, updated with interim procedural guidance, as well as reference materials. SERP provides employees with notification of IRM changes and current procedures.
Accounts Management System (AMS)
This system is used for research and documenting taxpayer accounts as well as adjustment and closing actions for assigned cases.
Employee User Portal (EUP)
This portal is used to access MeF for the Fraudulent Return Program (FRR).
Individuals may call the IRS to report their SSN or Individual Taxpayer Identification Number (ITIN) has been misused to obtain good or services, to report other complaints of identity theft, and/or to request protection of their tax account information. An identity theft toll-free number 800-908-4490 (Application 161/162) was established specifically to receive identity theft related calls and provide taxpayer access to automated messages and assistors. The hours of operation are 7:00 a.m. to 7:00 p.m., Monday through Friday, (taxpayer’s local time). Taxpayers calling from Alaska and Hawaii need to follow the Pacific Time.
All toll-free employees receiving calls should continue to follow basic required authentication procedures using the IAT Disclosure tool to assist callers and prevent unauthorized disclosure of taxpayer information whenever it is necessary to access a taxpayer’s account. See IRM 22.214.171.124, Communication Skills.
Required Taxpayer Authentication, IRM 126.96.36.199.3;
Additional Taxpayer Authentication, IRM 188.8.131.52.4; and
Third Party (POA/TIA/F706) Authentication, IRM 184.108.40.206
TCD 0249, Communication Skills
Guidance will be provided to individuals identifying themselves as potential victims of identity theft, including actions to take when there is currently no tax-related impact or tax-related identity theft. It is important to identify the issue and/or the reason why the taxpayer is calling (balance due notice, refund offset, rejected e-file, lost or stolen purse/wallet, etc.) and follow those particular IRM guidelines. Generally, calls should not be transferred to the identity theft toll-free number or application with the exception of default screeners. Follow the Telephone Transfer Guide to determine when the transfer of a call is appropriate.
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
Taxpayer inquires received on the toll-free lines (examples: App 20/21 or 161/162) that meet the Taxpayer Protection Program (TPP) criteria, See IRM 220.127.116.11, Non TPP Telephone Assistors Response to Taxpayers.
If the call is from a business entity that has experienced a data breach, refer to IRM 18.104.22.168, Data Breach - Business Entities Whose Employees or Clients PII was Breached, for instructions.
If the call is from an individual who is a victim of an external data breach, refer to IRM 22.214.171.124, Taxpayers who are Victims of a Data Breach, for instructions.
Ask if the taxpayer would prefer to receive the information via the internet or over the phone
If the taxpayer prefers internet access, provide the IRS website, www.irs.gov/, and advise the taxpayer to search using key words, "identity theft". If there are no further issues or questions, go to (7).
If internet access is not an option or the caller prefers to receive the resource information over the phone, provide the following recommendations as applicable:
Advise the caller they must continue to file their tax returns and pay the taxes as appropriate while their identity theft claim is under review.
Advise the taxpayer if they are concerned about protecting their identity (including their SSN) to prevent misuse, they may contact the two agencies listed below. The agencies will be able to assist them in identifying what specific information is needed in order to pursue an allegation of identity theft.
If the taxpayer is calling to report they cannot e-file, recommend the Form 14039 be completed, printed and attached to the back of their paper tax return when filing.
Contact Web Address Contact Number 1.
Federal Trade Commission (FTC)
For victims needing to complete Form 14039, the FTC is currently providing a fillable Form 14039 on www.identitytheft.gov. This is in addition to the fillable IRS Form 14039 available on IRS.gov. This is authorized by the IRS and its present placement on the FTC site is intended as providing an additional resource for identity theft victims who are self-reporting to the FTC. The victim should only file one Form 14039, either directly with the IRS or through the FTC. CSR’s should not attempt to provide assistance with the form’s functionality on the FTC website. See IRM 126.96.36.199, Taxpayer Interaction.
www.ftc.gov/idtheft 877-438-4338 2.
Social Security Administration (SSA)
type in "identity theft" in the search box
Advise the taxpayer they should contact their financial institution to report the allegation of identity theft.
Advise the taxpayer they may file a report with their local or state police.
Advise the taxpayer to contact one of the three major credit bureaus listed below. They will be able to assist them in identifying what specific information is needed in order to pursue an allegation of identity theft.
Credit Bureau Web Address Contact Phone Number 1.
www.equifax.com 800-525-6285 2.
www.experian.com 888-397-3742 3.
Advise the taxpayer to obtain a copy of Publication 5027, Identity Theft Information for Taxpayers or Publication 5027-SP. Publication 5027 provides resource information in both English and Spanish. This publication and other publications can be obtained using one of the methods found in IRM 188.8.131.52.1,Ordering Forms and Publications.
There are numerous websites and publications available to the public to assist with the prevention of becoming a victim of identity theft and with steps on how to protect personal identifying information (PII) etc. The recommendations above are not all inclusive. If the caller mentions or questions other websites or publications, simply provide a word of caution to ensure the website they are referencing is legitimate.
Advise the taxpayer to check their local state agencies to determine if additional steps are required at the state level.
Provide the caller with the identity theft toll-free number, 800-908-4490, including the hours of operation when appropriate.
Research the taxpayer’s account and determine if the caller’s issue pertains to non-tax-related self-identified identity theft; refer to IRM 184.108.40.206, Non-Tax-Related Identity Theft - Self-Identified. If the caller’s issue pertains to tax-related identity theft, then refer to IRM 220.127.116.11, Tax-Related Identity Theft, for additional guidance.
If the Caller’s inquiry is about And Then Non-Tax-Related Self-identified identity theft issues Refer to IRM 18.104.22.168, Non-Tax Related Identity Theft - Self Identified Tax-related Identity Theft Refer to IRM 22.214.171.124, Tax Related Identity Theft
Individuals experiencing non-tax-related identity theft may call the IRS for guidance.
Take the following actions:
Provide guidance and resource information as referenced in IRM 25.23.2, Identity Protection and Victim Assistance (IDTVA)- General Case Processing, and IRM 126.96.36.199.1, When to Request Identity Theft Supporting Documents.
If the taxpayer insists or states he/she will be submitting Form 14039, then advise callers they may receive correspondence acknowledging receipt of their ID theft claim or requesting additional information.
When taxpayers call to report tax-related identity theft, probe the taxpayer to determine if a notice or a bill related to unknown income, or a notification of an audit was received. Review and research the taxpayer’s account to determine if additional information is needed. Refer to IRM 188.8.131.52 and IRM 184.108.40.206.1 for guidance on when a taxpayer should submit a claim and when additional information is needed. See Exhibit 25.23.1-1, Glossary of Identity Protection Terms and Definitions, for the definition of an "Identity Theft Claim" .
If compliance is involved with the case, Form 14039 must be submitted with the taxpayers’ response.
For taxpayer inquiries received on the toll-free lines (examples: App 20/21 or 161/162) that meet Taxpayer Protection Program (TPP) criteria (i.e. taxpayer states they received one of the following letters addressed to them, Letter 4883C, Letter 5071C, Letter 5447C or Letter 5747C; or there is an Unpostable 126 RC 0), see IRM 220.127.116.11, Non TPP Telephone Assistors Response to Taxpayers.
If during your research you find an open identity theft control (examples: IDT(x) or IDS(x), where the x REPRESENTS 1, 3, 6, 8, or 9) or IDI(x), where the x represents 1, 3, 3, 4, 5, 6, 8 or 9), see IRM 18.104.22.168.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases, for additional information and guidance.
If the taxpayer received a reject message after attempting to e-file due to the TIN having already been used to e-file a return then advise the taxpayer to file a paper return with a Form 14039 attached. Enter AMS narrative by selecting Identity Theft; "TP will file paper return with IDT claim" .
If the taxpayer is responding to an IRS letter or notice (with the exception of the TPP letters referenced above), advise the taxpayer to submit an identity theft claim, when appropriate with a copy of the IRS letter or notice. Send the information to the address indicated on the letter or notice. Enter AMS narrative by selecting Identity Theft, "TP will respond to letter/notice with IDT claim."
Advise the taxpayer to include any additional information such as written statements, supporting evidence, credit bureau letters etc. the notice/letter is requesting (example: an AUR notice may include a request that all income issues be addressed and whether they were part of the identity theft impact).
If the taxpayer is contacting IRS about a dependent TIN being used as a primary or secondary TIN on another tax return, see IRM 22.214.171.124.1, Taxpayer Inquiries Involving Questionable Ownership of a Primary, Secondary, or Dependent TIN on a Filed Return.
Advise the taxpayer there will be processing delays while the situation is resolved and they may receive correspondence requesting additional information.
Be empathetic to the taxpayer's issue. Assure the taxpayer that the IRS is firmly committed to working with them to resolve their identity theft issues. Cases such as theirs require complete and thorough research to provide them with a status update and to make a correct determination for case resolution.
Provide taxpayers with a realistic expectation of the time frame for resolution of their cases. Explain that identity theft is complex in nature and constantly changing. Suggested language is:
Identity theft is a challenging and ever changing issue and the IRS is firmly committed to working with victims like you to resolve tax-related identity theft cases. Most cases are resolved in 120 days or less, however some are more complex and can take as much as 180 days or more to resolve. The issues involved are complex and require complete and thorough research to resolve. Due to these complexities, resolution time for some of these cases exceeds our typical processing times for resolution of return or account issues.
For subsequent calls, apologize to the taxpayer for the length of time required to resolve their issue. Suggested language is:
I apologize for the length of time it is taking to resolve your case. Identity theft is a challenging and ever changing issue and the IRS is firmly committed to working with victims like you to resolve tax-related identity theft cases. Most cases are resolved in 120 days or less, however some are more complex and can take as much as 180 days or more to resolve. The issues involved are complex and require complete and thorough research to resolve. Due to these complexities, resolution time for some of these cases exceeds our typical processing times for resolution of return or account issues.
Individuals not required to file a return may also be negatively impacted by tax-related identity theft. For example, a taxpayer may state the Social Security Administration (SSA) has reduced or stopped his/her Social Security benefits based on a tax return filed with the IRS. The taxpayer indicates that he/she has not filed a return. When this type of call is received, follow the instructions below:
Advise the taxpayer to write a letter explaining their situation and any additional information they may think would be appropriate to substantiate their situation. Provide the IRS address associated with the taxpayer’s state for mailing. Refer to the Campus Mailing Address under the Who/Where tab on Servicewide Electronic Research Program (SERP) for Campus mailing address. Enter AMS narrative and select Identity Theft; "NFR - TP will respond to letter/notice with IDT claim."
Advise the taxpayer they may receive correspondence requesting additional information.
Input a TC 971 AC 522 per IRM 126.96.36.199, Initial Allegation or Suspicion of Tax-Related IMF Identity Theft - Indicators, and Exhibit 25.23.2-10, IMF Only TC 971 AC 522 Tax-Related Identity Theft, Case Status (Initial Claim/Suspicion).
A tax-related identity theft case controlled on IDRS can be identified by control categories, IDT(x), or IDS(x), (The "x", represent IDT/S 1, 2, 3, 6, 8, or 9, or IDI(x), where the “x” represents 1, 2, 3, 4, 5, 6, 8 or 9. Telephone CSRs must not make adjustments or take any account actions on open identity theft accounts.
Authentication must be completed using the IAT Disclosure tool and the HRA IAT tools for all calls involving identity theft.
If the identity theft case is closed/resolved, you may provide account information to the TIN owner utilizing normal procedures. You may provide the TIN owner with the information from his/her account only. Fraudulent information may be combined with the TIN owner's information, such as IRP data, account transcripts, etc. Do not provide information from the fraudulent return. If the taxpayer is asking for transcript information see IRM 188.8.131.52.8, Transcripts and Identity Theft. Also refer to IRM 184.108.40.206.8.4.3, Wage and Income Transcript Identity Theft. You can usually identify the following transaction(s) on Integrated Data Retrieval System (IDRS) via cc ENMOD and/or cc IMFOLE, if the case has been resolved.
A posted TC 971 AC 501 or,
A posted TC 971 AC 506
See IRM 220.127.116.11, Tracking and Reporting Identity Theft Cases - Identity Theft Indicators, for additional information related to IDT indicators.
Accounts or cross-reference accounts with TC 971 AC 501, 506, 522, 524 or 525 will not be able to receive transcripts via online, mail order or phone services. Taxpayers are instructed to contact the IDT toll free number for the transcript. Do not refer the taxpayer to self-serve options. Provide the requested transcript to the taxpayer by printing from TDS and sending by mail or fax as applicable, to the taxpayer. See IRM 18.104.22.168.8, Transcripts and Identity Theft, and IRM 22.214.171.124 for additional information.
For a closed identity theft case, if the SSN owner did not receive their refund, received an incorrect refund amount, or received an incorrect balance due notice because the case was worked incorrectly, (for example, an employee failed to input the TC 971 AC 850 causing a direct deposit into the bad taxpayer's account), treat the case as priority work and take the following actions:
If the case Then 1.
Can be resolved over the telephone, see IRM 126.96.36.199, Oral Statement Authority, and IRM 188.8.131.52.2, Adjustments with Oral Statement
Input the adjustment. 2.
Cannot be resolved over the phone and the case meets:
IPSU criteria; see IRM 184.108.40.206.6 or,
TAS criteria, see IRM 220.127.116.11.2, TAS Case Criteria 5 - 7, Systemic Burden
Complete the correct referral to either IDTVA IPSU or TAS following guidance in:
IRM 18.104.22.168.6 or,
IRM 22.214.171.124, Taxpayer Advocate Service Guidelines.
Cannot be resolved over the telephone and case does not meet IPSU or TAS criteria
Complete the appropriate Form 4442 and transmit or fax to the specific area based on the AM Case Referral/Reassignment Listing located on SERP.
On open identity theft cases, do not give out specific account information on the common number unless the taxpayer passes additional/high risk authentication. For additional information, see IRM 126.96.36.199.4, Additional Taxpayer Authentication. If the owner of the TIN fails the additional taxpayer authentication, you can provide general information on status updates and CIS case notes entered on "AMS". In order to provide a reasonable time frame necessary to complete the processing of the case, general information from the case may be necessary.
Do not assume that the taxpayer calling is the true owner of the SSN. Determine if you are speaking with the taxpayer who filed the TC 150 or the TC 976 by asking questions related to the appropriate return and data on IDRS. The true owner of the SSN can only be determined by a CSR/TE who has been trained in working identity theft cases and who makes the determination after all necessary research steps are taken. As a CSR on the toll-free line, you may have the experience to work identity theft cases, but your duties on the toll-free line do not allow the extended amount of time necessary to perform complete research.
If the taxpayer is calling only to check on the status of their refund and no additional information is provided, then provide an update on the status of the case including a reminder of the identity theft time frames. In an attempt to minimize frustration a statement like this one could be provided:
"Identity theft is a challenging and ever changing issue and the IRS is firmly committed to working with victims like you to resolve tax-related identity theft cases. Most cases are resolved in 120 days or less, however some are more complex and can take as much as 180 days or more to resolve. The issues involved are complex and require complete and thorough research to resolve. Due to these complexities, resolution time for some of these cases exceed our typical processing times for resolution of return or account issues."
If you are unable to assist the taxpayer by responding to their questions and concerns as it relates to the open IDTVA case, use the IDTVA Employee Lookup tool to find the controlling IDTVA employee’s contact information. Provide the taxpayer with the IDTVA toll-free number (855-343-0057), IDTVA’s employee’s name, six digit extension and Tour of Duty (TOD), and availability based on the taxpayer’s time zone.
Advise the taxpayer of the following:
"If you receive the employee’s voice mail, leave a brief message to identify yourself and provide your telephone number. Your call will be returned within five (5) business days. The five business days will begin the day after the message was left" .
"If you do not receive a call back within five (5) business days, call back on the identify theft toll-free number (800-908-4490) and advise the IRS employee answering the call that you had left a message for the assigned employee and have not received a call back within five business days. That employee will follow-up on the call back request."
After the information above has been provided to the taxpayer (or a secure e-mail sent), AMS must be updated to document the call and the information the taxpayer provided:
The letter or notice (example: Letter 4674C/4674SP, Letter 4675C/4675SP, Letter 5064C or CP 01C or CP 701C etc.) the taxpayer was inquiring about
A telephone number(s) where the taxpayer can be reached and the best time for the IDTVA employee to contact them
The date the caller’s tax return was filed and the amount of refund expected (when applicable)
Other pertinent information filed on the return that will assist the IDTVA employee in resolving the case
If the TIN was stolen and used on a fraudulent return or the refund amount they received was not what they were expecting.
If a taxpayer calls and indicates they have not received a call back within five business days:
Try to answer the taxpayer’s questions
Research and verify through AMS that a call was received and contact information (employee’s name, extension and TOD) was provided to the taxpayer and at least five business days has passed since the day after the taxpayer left a message requesting a call back
A taxpayer calls on a Monday and leaves a message on IDTVA employee Mr. Smith’s extension, requesting a call back. The five business days will start the day after the message was left which would be Tuesday. The taxpayer would need to wait until the following Monday before stating they did not receive a call back.
Search AMS for indications the IDTVA employee attempted to contact the taxpayer. If the employee has attempted contact, advise the taxpayer of those attempts and of any action the employee may have taken, such as sending the TP a letter or similar closing actions.
If you are unable to assist the taxpayer, advise the taxpayer that you will follow-up to have their call returned within two business days.
Use the IDTVA Employee Lookup tool to find the controlling IDTVA employee's contact information. Issue a secure e-mail to the employee and their manager, with a copy (CC) to the assigned P&A analyst. Advise them the call must be returned no later than the next business day.
If the controlling employee’s IDRS Number is not available and a secure e-mail was previously issued, provide detailed information related to the history in a follow-up secure e-mail.
Refer to IRM 21.5.6, Freeze Codes, for guidance specific to freeze codes.
For most calls, refer to the subsections under IRM 21.4, Refund Inquiries. However, if research of the taxpayer’s account shows a systemic true duplicate condition along with an indication of an external data breach (TC 976, TC 971 AC 142 and/or a TC 971 AC 125), see IRM 188.8.131.52.4.1 for guidance on how to complete a e-4442.
There have been some instances where identity theft claims were resolved incorrectly when the taxpayer was a victim of an external data breach.
Identity theft resulting from external data breaches may be challenging to recognize, but careful and thorough research must be performed to ensure we don’t treat those returns as true duplicates or reject valid claims. In the worst-case scenario, a fraudster obtained completed but un-filed tax returns from a tax preparer’s computer system. Because of this, the identity theft returns were the same as the SSN owners’ returns except for the direct deposit information; they were identified as systemic true duplicate.
CSRs may receive calls from taxpayers inquiring about their refunds and there may be evidence of a systemic true duplicate filing condition involving an external data breach incident. Characteristics can be identified on the SSN account with the following:
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
If research confirms the taxpayer is a victim of identity theft as a result of an external data breach, and some of the characteristics listed above are present on the taxpayer’s account, take the following action:
If the situation meets IPSU criteria, refer to IRM 184.108.40.206.9, Receiving Calls on Accounts Involving IPSU Criteria; Identity Theft Assistance Request (ITAR)
If the situation does not meet IPSU criteria, see IRM 220.127.116.11.2.1.1, Preparing an e-4442, to make a referral to IDTVA for action
Inform the taxpayer a referral will be issued to an employee that will review and resolve the issue identified. Provide the appropriate time frame and apology per IRM 18.104.22.168, IDT Case Processing Time Frames.
Create an e-4442 on AMS using the following information along with other required fields
Referral Type; IRM. From the IRM drop down menu, select “Other-write-in”; enter IRM 22.214.171.124.4.1
Reason field, select Complex Issue/Training Specialization
Clearly note a valid/correct address in the appropriate field of the e- 4442 if, after verifying disclosure, the taxpayer has confirmed a different address than what is on Master File (MF)
Provide a detailed narrative in the "Taxpayer Inquiry/Proposed Resolution" field explaining the taxpayer’s situation including the following comments; “TP appears to be a victim of an external data breach”.
Include the fax number the referral will be sent to the “Identity Theft - Accounts Management Case Referral/Reassignment Listing” under the Who/Where tab on SERP
If there is already an open IDTVA control, see IRM 126.96.36.199.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases. If a different open control is identified (example: TPRQ, DUPF, XRET, etc.), in the "Proposed Resolution" field, include in your recommendation the case be reassigned to IDTVA immediately.
Send the referral along for the systemic approval path
Refer to IRM 188.8.131.52.8, Transcripts and Identity Theft, for guidance specific to requests involving identity theft.
If the taxpayer indicates receipt of a transcript they did not request, probe to determine if their spouse or someone who is authorized (such as a tax professional, power of attorney or financial institution, etc.) could have requested the transcript.
If the taxpayer is calling about a Form 14611 they received, see IRM 184.108.40.206.8, Transcripts and Identity Theft.
Once it has been confirmed neither the taxpayer, nor the taxpayer’s spouse or any other authorized representative requested the transcript in the mail, apologize and explain that someone had enough information to request the transcript through our system, but did not receive the transcript. Thoroughly research the SSN(s) on the transcript in question to ensure there is no open or unresolved tax-related identity theft issue.
If an open identity theft control is identified, see IRM 220.127.116.11.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases, for additional actions and guidance.
See Exhibit 25.23.2-16, IDRS Category Controls by Function, for a list of identity theft category control codes.
If an unresolved tax related identity theft issue is identified without an open control, see IRM 18.104.22.168.9, Receiving Calls on Accounts Involving IPSU Criteria; Identity Theft Assistance Request (ITAR), to determine if the issue meets IPSU criteria and requires an e-4442 for ITAR. If IPSU criteria is not met, complete the e-4442 and transmit or fax to the specific area based on the AM Case Referral/Reassignment Listing located on SERP under the Who/Where tab. Provide the taxpayer with a 30 day time frame for contact or resolution. See IRM 22.214.171.124.1, When to Prepare a Referral.
If there is no tax-related identity theft on the SSN(s), tell the taxpayer there are currently no identity theft indicators on their tax account. To protect their tax account, advise the taxpayer they can file a Form 14039 and check box 2 in Section B. Provide guidance and resource information for identity theft per IRM 126.96.36.199, Identity Theft Telephone General Guidance.
Update AMS history to specify the reason the taxpayer called (example: received transcripts that were not requested).
Refer to IRM 21.5.5, Unpostables, for guidance specific to unpostable transactions.
For calls related to a balance due issue on a closed identity theft issue see IRM 188.8.131.52.1, Identity Theft Claim.
For calls related to a balance due issue on an open IDTVA control, see IRM 184.108.40.206.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases, paragraphs (5), (6), (7) and (8).
Refer to IRM 10.5.4.4.7.1, Handling Inquiries Regarding Data Loss Letters, for guidance specific to request involving Letter 4281C. Questions regarding the content of IRM 10.5.4 should be directed to that IRM owner.
As part of the Identity Theft program, the IRS will generally assist taxpayers whose situations meet TAS criteria 5-7 AND involve identify theft. Applicable cases will now be considered IPSU criteria and MUST be referred to IDTVA using Form 4442, Inquiry Referral, using the Account Management System (AMS) if available.
Accounts Management employees working phones will create a Form 4442 Inquiry Referral if a taxpayer calls the identity theft toll-free number, and the IPSU criteria is met. See IRM 220.127.116.11.2.1.1, Preparing an e-4442. Clearly note a valid/correct address in the appropriate field of the e-4442 if after verifying disclosure the taxpayer has confirmed a different address than what is on Master File (MF). The completed referral will be sent using AMS within 24 hours of when the IPSU criteria was identified. Inform the taxpayer he/she can expect contact either by phone or correspondence within 10 business days from the date of receipt of the e4442. Inform the taxpayer he/she should call the toll-free number (800-908-4490) if he/she does not receive correspondence or a confirmation phone call within the 10 business days. A detailed narrative must be entered in the "Taxpayer Inquiry/Proposed Resolution" field of the Form 4442 explaining the taxpayer’s issue, and why it meets IPSU criteria.
If using AMS for referrals, select category ITAR from the IRM drop down menu, select English or Spanish. Fresno-Electronic should be the ONLY SITE SELECTION. Enter a narrative on AMS. See IRM 18.104.22.168.4.14, Integrated Automation Technologies.
If Then enter a Narrative on AMS 1.
Address is verified as good during disclosure
DV - Address verified 2.
A different address is obtained during disclosure
DV - address updated in box 13 of F4442
If not using AMS, annotate ITAR, and English or Spanish whichever is applicable on the top of the Form 4442 prior to forwarding to IDTVA-I via secure e-mail; *W&I-ITAR or a designated fax number within 24 hours of when the IPSU criteria was identified. See IRM 22.214.171.124.2.2,Controlling Referrals.
If a taxpayer calls back on the regular toll-free line or the identity theft toll-free number as directed above stating he/she has not received the contact within the promised 10 business days, take the following action:
Complete research to provide the taxpayer with as much of a status update on the account as possible.
Verify there is an open ITAR control on IDRS.
Research CC ENMOD to verify a Letter 4524C/4524SP was issued.
Provide the date the letter was issued.
If during your research you find an open identity theft control (examples: IDT(x) or IDS(x), where the x represents 1, 3, 6, 8 or 9) or IDI(x), where the x represents 1, 2, 3, 4, 5, 6, 8 or 9), then follow the guidance in IRM 126.96.36.199.1, Telephone Inquiries Regarding Tax-Related IDTVA Cases, paragraphs (5), (6), (7) and (8).
Enter required AMS narrative selecting category Identity Theft, and enter "Additional 5 business days provided." as a narrative.
If it has been determined the 4524C/4524SP, Identity Theft Assistance Request (ITAR), letter was not issued and/or there is no open ITAR control within the prescribed time frames mentioned in paragraph 3 above, then:
Step Action 1. Obtain as much additional information from the taxpayer as possible (example: a current contact phone number (cell and/or home) and correct mailing address). 2. Create a F4442/e4442 referral to your P&A analyst (through your manager or lead) for immediate action within the same day. 3. Apologize and provide the taxpayer a 7 business day time frame for expected contact. 4. Enter AMS narrative and select category "Identity Theft" and enter, “F4442 to P&A - ITAR follow-up”. Your P&A analyst will work with the P&A analyst at the assigned site where the ITAR case is controlled within the same day, for appropriate action.
If there is an open ITAR control, and the taxpayer is providing additional information to assist in the resolution of the case, or has not received their requested contact within the specified time frame, then refer to IRM 188.8.131.52.1, When to Prepare a Referral. Enter AMS narrative selecting Identity Theft, "Additional 10 business days provided" .
AMS must be updated with this contact and information provided to the taxpayer. See IRM 184.108.40.206.4.14, Integrated Automation Technologies.
See IRM220.127.116.11.6, Identity Theft Assistance Request (ITAR) - General Information, for additional information regarding ITAR processing.
The IRS is accepting requests for and providing redacted copies of fraudulent returns to victims of identity theft or persons authorized to obtain the identity theft information. Requests will be accepted and processed for instances where the fraudulent return was filed and accepted for processing using the identity theft victim’s name and social security number as a primary or secondary taxpayer.
When an identity theft victim requests a copy of a fraudulent return filed under their SSN via toll-free, employees will:
Inform the requestor that Form 4506-F (with instructions on the back) and FAQs are available on www.irs.gov. “Instructions for Requesting a Copy of Fraudulent Returns”.
Answer any question the caller may have about the form and/or instructions
Explain the form must be mailed, and then provide the centralized address:
Internal Revenue Service
Fresno, CA 93888-0025
Inform the requestor some information on the fraudulent return will be redacted or blacked out, but there will be sufficient information to determine how the taxpayer’s personal information was used
Explain the IRS cannot provide a copy of the fraudulent return to any person only listed as a dependent, nor can it be provided to that person's/dependent's parent, legal guardian, or authorized representative.
Answer any additional questions raised by the requestor; do not refer the taxpayer to another phone number
If the requestor does not have access to the internet, the CSR will verbally provide the information from the IRS website: Instructions for Requesting Copy of Fraudulent Returns