The IRS has joined with representatives of the software industry, tax preparation firms, payroll and tax financial product processors and state tax administrators to combat identity theft refund fraud to protect the nation's taxpayers.
The Security Summit (PDF) consists of IRS, state tax agencies and the tax community, including tax preparation firms, software developers, payroll and tax financial product processors, tax professional organizations and financial institutions. Total membership includes 42 state agencies and 20 industry offices in addition to the IRS.
The Security Summit members are organized into six work groups, each tasked with addressing an area of need and each with a co-lead from the IRS, states and industry.
In 2016, Security Summit partners agreed there was a need for a formal public-private partnership where sharing could take place in a collaborative environment based on partner-agreed rules.
In 2017, the IRS, state tax agencies and the tax industry created a public/private partnership, to facilitate information sharing consistent with applicable law, and analytics necessary to detect, prevent, and deter activities related to stolen identity refund fraud.
The ISAC purpose is to:
- Facilitate information exchange for tax administration purposes related to identity theft tax refund fraud.
- Provide a forum for participants to discuss real-time responses to such fraud schemes.
- Promote the advancement of data analysis, capabilities, methodologies and strategies to detect, reduce, and prevent this type of fraud.
The ISAC issued its first Annual Report (PDF) in April 2018. It highlights key accomplishments across three measures:
- Levels of industry and state participation in the ISAC.
- Volume and quality of alert and data contributions that identify ecosystem threats.
- Volume and quality of ISAC data analysis to identify suspected fraud.
This report also outlines the ISAC strategic plans going forward, to ensure a tax ecosystem where taxpayers can confidently file their taxes safely and securely.
For an overview of what the Identity Theft Tax Refund Fraud (ISAC) is doing to prevent identity theft see Using a PublicPrivate Partnership to Address a Common Problem (PDF) and How the ISAC Compliments the Security Summit (PDF).
2018 National Tax Security Awareness Week
The IRS, state tax agencies and the tax industry held a National Tax Security Awareness Week on December 3 - December 7, 2018, to encourage both individual and business taxpayers to take steps to protect their tax data and identities in advance of the 2019 filing season.
IR-2018-245, December 7, 2018 - IRS, Security Summit Partners warn tax professionals of high risk of data theft attacks
IR-2018-243, December 6, 2018 - Security Summit warns employers: Be alert to identity theft and W-2 scams
IR-2018-241, December 4, 2018 - Security Summit Partners highlight new password guidance, urge taxpayers and practitioners to protect all accounts
IR-2018-240, December 4, 2018 - IRS sees surge in email phishing scams; Summit Partners urge taxpayers: "Don't Take the Bait"
- IR-2018-238, December 3, 2018 - IRS, Security Summit Partners warn public: It shopping season for identity thieves, too; Tax Security Awareness Week offers tips
- IR-2018-228, November 20, 2018 - Security Summit plans National Tax Security Awareness Week, Dec. 3-7; New Twitter handle launched, webinar planned
Follow @IRSTaxSecurity on Twitter and look for the hashtag #TaxSecurity.
- Tax Security 2.0 - The "Taxes-Security-Together" Checklist is a Security Summit awareness campaign to call on tax professionals nationwide to take time to review their current security practices, enhance safeguards where necessary and take steps to protect their businesses from global cybercriminal syndicates prowling the Internet.
- Protect Your Clients; Protect Yourself: Security 101 - Protect Your Clients; Protect Yourself: Tax Security 101 is a Security Summit awareness campaign intended to provide tax professionals with the basic information they need to better protect taxpayer data and to help prevent the filing of fraudulent tax returns.
- Don't Take the Bait - The Don't Take the Bait awareness series is focused on the need for tax professionals to increase their computer security and be cautious of spear phishing scams. Tax professionals must remember that they have a legal requirement under federal law to protect taxpayer information. See also: Continuing Education Credit for Qualified Data Security Courses.
- Protect Your Clients; Protect Yourself - Every tax professional in the United States -- whether a member of a major accounting firm or an owner of a one-person storefront -- is a potential target for highly sophisticated, well-funded and technologically adept cybercriminals around the world.
- Taxes-Security-Together - We are asking you - taxpayers, tax professionals and businesses - to join with us to create an even stronger partnership. Our "Taxes-Security-Together" awareness campaign is an effort to better inform you about the actions you can take to protect your sensitive data.
- IR-2019-127, July 16, 2019 - Tax Security 2.0 – A "Taxes-Security-Together" Checklist – Step 1
- IR-2019-122, July 9, 2019 - Tax Security 2.0 – A "Taxes-Security-Together" Checklist
- IR-2019-66, April 8, 2019 - IRS, Security Summit partners mark significant progress against identity theft; key taxpayer protection trends continue
- IR-2018-21, February 8, 2018 - Key IRS Identity Theft Indicators Continue Dramatic Decline in 2017; Security Summit Marks 2017 Progress Against Identity Theft
- News Events and Announcements - 2018
- News Events and Announcements - 2017
- News Events and Announcements - 2016
- News Events and Announcements - 2015
Organizations involved in the preparation and processing of tax returns and refunds (such as software firms, tax preparation firms, payroll processors or financial institutions and/or processors of tax time financial products) and governmental tax agencies are welcome to apply for membership in the Security Summit, a collaborative effort to fight identity theft tax refund fraud. If your agency or organization meets the required Membership Criteria (PDF), please complete the Security Summit Membership Application (PDF) and submit a statement of interest describing your role, mission and functional responsibilities within the tax ecosystem. Also see the Required Criteria and Qualifications Statement of Interest Example (PDF).
If you have any questions or need additional information, please email firstname.lastname@example.org.