IRS Electronic Fraud Detection System (or EFDS) Unit

By | December 5, 2015

When the tax return is filed, what generally happens is it takes two paths. The first one is what is called the Electronic Fraud Detection System (or EFDS). And what this does is it goes through and it looks at all the different lines on a tax return, paper and electronic. And, based on the different lines in the tax return and how they relate to each other… for example, you’ve got an adjusted gross income of $10,000 and you’ve got $15,000 in contributions. It could be suspicious. And trust me; that has happened. What it does is it looks at all the different lines on the return, it compares one against the other, and it gives it a score. And all the score does is it identifies the risk of a suspicious return. It doesn’t say that it is; it doesn’t say that it isn’t. All it says is that there is a risk of identity theft or fraud on this return.


How does the IRS Electronic Fraud Detection System (or EFDS) Unit Work?

Once it goes through EFDS, it makes a right-hand turn and it goes over to our Dependent Database. Now, Dependent Database doesn’t necessarily mean “dependents.” What it does is: our database has a bunch of different filters in it, and the filters identify things that we have seen in identity-theft schemes. Right now, we have 195 specific filters just for identity theft. And the thing about using the Dependent Database is it allows us to manipulate these different filters in real time so that if we see a scheme coming down the road and somebody calls in and they say, “I’ve seen a lot of this,” we can take those filters and design that scheme in the Dependent Database. When a return comes through, it looks for it. If it finds that criteria, it pulls it out, and, again, assigns it a score as a potential for identity theft.


Example IRS Electronic Fraud Detection System (or EFDS)

So, once these are pulled out, then it gets interesting because it then goes to your desk, and you may see some things like this. In 2014 – just to give you an idea of how effective this is – we had 5.6 million returns we identified, so we are pulling them out. We know we have a long way to go, and we intend to work on the filters going down the road as they become more available. As they get more sophisticated, we can change. We also had $545 million in fraudulent refunds returned from the banks. So, we have that on our side, too. If the banks see something, they can then return it to us and say, “This is potentially suspicious.”


IRS Dependent Database

Once the Dependent Database picks it out and identifies it as a potentiallyfraudulent return, we send a letter to the taxpayer. And the taxpayer goes to the address that is on the return. Now, the reason we do that is it has to go back to the person who sent it. If your client gets one of these letters, the best advice you can give them is “Respond to it.” We give them 30 days. If they don’t respond to the letter in 30 days, the return gets pulled out of processing and it goes into this big black hole (and the return goes in there). It gets put in the crate and is never seen again. So, have them respond to the letter if they get it. Now, it’s at this point when the letters go out that you may get involved in the process because they are going to come to you and they are going to say, “What do I do?”


What happens when the IRS detects fraud?

Now, there’s three possible letters that go out. The 4883C: this goes out to anybody who is filing a potential identity theft return for a prior year during the current processing year. So, this year, we filed our 2014 taxes. If somebody files a 2013 or earlier and it looks suspicious, then it is going to get kicked out and they are going to get a 4883C. The 4883C requires the taxpayer to call up to our taxpayer protection number and answer a series of questions so we can authenticate them as the person that they are. Again, it is very important that they call. If they don’t call, we don’t know it is them. If they didn’t file the return, we want them to call and tell us, “We didn’t file the return.”

Receiving IRS Form 5071C

There are things we can do to clear the account out so when they do file the return, things will be easier for them. But no matter what, if they get a letter, call. The second letter: the 5071C. These are for potential identity theft returns for a current-year return filed during the current filing season. And this is the one you are probably going to see the most of because people are going to file 2014 returns. If we think they are suspicious, they are going to go right out. Now, this one has an interesting option to it. This has two options: you can either call up the taxpayer protection line, or it is going to give you an option to go online. And the online website is Now, I’ll admit the first year we did this, we did not do a very good job of letting practitioners know this existed. And we stood up here on the stage and we said that we do not have a website that is going to ask you for personal information to verify who you are. It is probably fraudulent except for this one.


What is IRS ID Verify?

The ID Verify is a real-time system that is going to ask the taxpayer a series of out-of-wallet questions. These are the ones I talked about earlier. “Which of the following cars relates to you for 2011? Which of the following addresses relates to you for 2005?” They are all designed, based on public record information, to verify who the taxpayer is. All we want to do is make sure the person on the other end of that computer is the person we think it is. If it’s not, and they fail authentication – and some people do, and I’m not saying that everybody who gets this (a legitimate taxpayer) is going to pass the authentication. Sometimes you look at the questions, some folks just say, “I can’t do this,” and they can’t answer it, and they fail.

If they fail authentication, they still have the option of calling the Taxpayer Protection Program number on the letter and verifying it over the phone. Some people just don’t trust websites, and that is fine. My parents will never buy anything over the Internet. And if I asked them to put their information on a website, they would look at me like I had three heads. So, some people just don’t like it. That is fine. So, they can call up the taxpayer service, verify themselves over the phone, and move forward. If for some reason they fail this one, there’s still a third option. They can go to a taxpayer walk-in site with two forms of identification – a Social Security card and a picture ID – and they can verify in-person. And it has been known that some people for some reason fail both authentications. We don’t want the legitimate taxpayer put out just because maybe they didn’t understand a question or they feel uncomfortable. That is fine. We want them to do everything they possibly can.

IRS Letter 5447C

The last letter is the 5447C. This letter is going out to anybody who files an international return. You may not ever see this because these go overseas. This contains an international taxpayer number where they can call. We don’t want them calling people in the states to say, “Oh, we think it’s suspicious, so go ahead and make a long-distance call across the pond.” We would rather have them call a local international number. All right. Again, if you receive a notice from the IRS such as a verification request, the most important thing is to answer it, whether or not they filed the return. The warning signs they are going to get: if they received a letter and they didn’t file the return or their letter looks suspicious, it could be a problem.