tax form (negmardesign/Shutterstock.com)

Indiana's risk-based strategy for tax fraud detection

In tax season, state authorities have their work cut out for them preventing fraud.  Over the past four years, the Indiana Department of Revenue has used fraud analytics to examine each return for suspicious information, each year refining its methods for flagging potentially fraudulent filings.

DOR’s Identity Protection and Fraud Prevention Program has stopped more than $110 million in fraudulent return payments since 2014.  Once returns are submitted, information is sent to a third-party provider that compares the information with that in multiple credit monitoring and financial history databases.

Within 48 hours, details on suspicious returns are sent back to DOR fraud analysts, who evaluate those returns  based on risk-based factors in several categories to determine whether more investigation is necessary.

Before refunds are released, tax filers whose returns have been flagged must take a four-question identity-verification quiz. The quiz asks questions similar to those a person would get when logging into a bank account -- questions to which only that person should know the answers, Laura Rakaska, director of audit and compliance support at DOR, told GCN.

Questions relate to family relationships, previous home addresses or vehicles possessed. “We try to weed out questions that can be determined through a basic Google search and do analysis to determine which questions are too hard or go too far back in time,” she said.

Tuning the "knowledge-based authentication" questions is critical, as such methods have been manipulated in the past. In the 2015 compromise of the IRS's Get Transcript tool, for example, hackers used personal information readily available from services such as Zillow and Spokeo or on the black market to get into the IRS system and steal personally identifiable information of more than 100,000 taxpayers.

The DOR’s testing of the identity quiz has helped the agency to figure out how to tailor it to different users. For example, younger fliers may not have long credit histories, but user testing has enabled DOR to use “different logic” to accommodate them, Rakaska said.

Each user has three minutes to complete the quiz and gets two attempts to complete it successfully.

If taxpayers are unable to complete the quiz successfully, they are not notified of their failure immediately.  DOR informs all potential refund recipients that it takes seven to 14 days to process a return, and an additional review can verify identity of taxpayers who were not able to answer questions successfully.

In 2017, the quiz confirmed the identities of 260,000 taxpayers and stopped more than 5,500 fraudulent refunds from being processed.

At the end of each tax year, DOR examines the data to determine changes that need to be made to the risk-based factors. Some of the changes have involved tracking bank accounts that receive multiple refunds or checking refunds that exceed a certain amount for a single or married taxpayer.

“When we first started capturing this data and looking at it with an analytical eye, we saw stuff that embarrassed us -- such as hundreds of refunds using celebrity names,” Rakaska said.

DOR is also working with the IRS to identify abuses related to earned income tax credits based on self-employment and personal businesses.  In 2017 DOR started to get data on self-employment from federal IRS Schedule C filings, which it uses to compare with data it has on taxpayers' claimed business earnings or loss. If DOR spots a discrepancy, it asks taxpayers to supply additional information on their self-reported income.

 “We see people create earned income so they can hit a sweet spot and get the maximum earned income credit,” Rakaska said. “The IRS has clear rules on what is acceptable under Schedule C, which has helped us to identify some clear patterns of use and fraud.”

Adding the fraud detection capabilities to DOR's refund process hasn’t complicated the agency’s workflow, Raksaka said.  All of the returns are digitized by DOR, and information is sent to LexisNexis Risk Solutions, which checks the data for fraud. It is then added to the agency’s case management system, where DOR staff can track the progress of flagged returns.

Once the current tax season ends in April, DOR will shift to planning for next year.  Improvements currently in the works would allow for one-time passwords based on device access and tracking phone numbers to provide better customer service.

About the Author

Sara Friedman is a reporter/producer for GCN, covering cloud, cybersecurity and a wide range of other public-sector IT topics.

Before joining GCN, Friedman was a reporter for Gambling Compliance, where she covered state issues related to casinos, lotteries and fantasy sports. She has also written for Communications Daily and Washington Internet Daily on state telecom and cloud computing. Friedman is a graduate of Ithaca College, where she studied journalism, politics and international communications.

Friedman can be contacted at sfriedman@gcn.com or follow her on Twitter @SaraEFriedman.

Click here for previous articles by Friedman.


inside gcn

  • network

    6 growing threats to network security

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group