Congress should enact a “a carefully targeted” exception for identity theft tax refund fraud (IDTTRF)  to IRC Section 6103. That would enable the companies to share information under the ISAC. It should also “grant the IRS the authority to establish and enforce security standards for our tax system,” the community recommended.

ETAAC says Congress needs to fund the Information Sharing and Analysis Center. The ISAC includes the IRS, state and industry membership with the number of participating organizations increasing from 18 in 2017 to more than 60 in 2018.

The reports says the center “enables the IRS, state revenue agencies and industry to identify, report, analyze, distribute and act on IDTTRF activity in real time.” 

ETAAC also wants increased participation in the Security Summit from the payroll community. The committee noted the lack of a “basic security standard applicable to the business tax area to guide companies and employers.”

The Security Summit’s STAR Work Group, including its Payroll Subgroup, is developing best practices around security controls based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

However, ETAAC said the IRS should have the independent legal authority to develop, implement and enforce appropriate information security standards and practices in the tax administration area, including the business tax and payroll areas. 

The report called for better use of current community calls and meetings with payroll organizations and “Communicating more clearly and systematically with Payroll Community stakeholders on relevant topics and risks in these channels.” That means using payroll terminology and discussing issues such as the use of self-service portals.

The IRS also needs to reassess the direction of the Payroll SubGroup, which the report describes as not being aligned on the focus on developing standards under the NIST framework.

Bob Scott

• Email

Bob Scott has provided information to the tax and accounting community since 1991, first as technology editor of Accounting Today, and from 1997 through 2009 as editor of its sister publication, Accounting Technology. He is known throughout the industry for his depth of knowledge and for his high journalistic standards.  Scott has made frequent appearances as a speaker, moderator and panelist and events serving tax and accounting professionals. He  has a strong background in computer journalism as an editor with two former trade publications, Computer+Software News and MIS Week and spent several years with weekly and daily newspapers in Morris County New Jersey prior to that.  A graduate of Indiana University with a degree in journalism, Bob is a native of Madison, Ind