Advisor Perspectives welcomes guest contributions. The views presented here do not necessarily represent those of Advisor Perspectives.
One advisory firm’s high-income venture capital client, who regularly sees major financial gains, is now facing a nightmare. After filing for a tax extension in April 2024, they waited until October 13 to receive their final K-1s and submitted their return on October 15 – only to have the IRS reject it. The reason? According to the IRS, a return had already been filed in their name – a return the client had never submitted. This is deeply distressing, especially with an $800,000 refund at stake.
“An $800,000 return is substantial, but for this client, it's not unusual,” said the advisor, who wishes to remain anonymous so as not to have additional clients targeted. “The IRS likely didn't question it because the client – a private equity and venture capital investor – often has large, fluctuating gains and losses. Their income is ‘lumpy,’ with significant capital gains one year and little the next. To the IRS, this simply looked like another instance of their typical income variability.”
Now they are in limbo, waiting for the IRS to investigate the situation and determine what happened to this substantial sum. As a safeguard, the client has frozen their credit and taken every precaution against identity theft. But right now, they’re left in a precarious position, unsure of how long it will take for answers – or if their refund will be recovered at all.
The ongoing threat of data breaches
So how did this happen? This year saw a massive National Public Data (NPD) breach that exposed 272 million tax ID numbers. The NPD breach should concern everyone given the sheer number of TINs exposed along with names, addresses, and phone numbers. NPD also inadvertently shared passwords to its internal systems, allowing hackers to gain access to volumes of sensitive taxpayer data. The NPD breach wasn’t an isolated event. Several other significant data breaches have also occurred, making the wave of security failures feel unrelenting. The threat is constant, underscoring the need for vigilant data protection.
The risk of fraudulent tax returns after the NPD data breach
One of the most alarming consequences of identity theft following the NPD breach is the heightened risk of fraudulent tax filings like this. Criminals with access to stolen taxpayer identification numbers can submit fake returns early in the tax season, often claiming substantial refunds before the legitimate taxpayer even files – exactly what happened to this advisor’s client.
By the time the IRS processes the real return and discovers the discrepancy, the refund has already been issued to the fraudster. Now the taxpayer and their advisor must navigate a complex and time-consuming investigation with the IRS to resolve the issue and reclaim the lost funds.
Proactive strategies financial advisors can use to protect clients from tax-related identity theft
Financial advisors are in a prime position to help clients adopt preventive measures against tax-related identity theft. Effective protection involves a mix of robust security practices, ongoing fraud prevention education, and tools for monitoring client accounts. Here are essential strategies advisors can recommend to strengthen their clients’ defenses:
-
Enhancing Security Practices: Encourage clients to secure their online accounts with unique, complex passwords and enable multifactor authentication wherever possible. These basic but powerful steps can help prevent unauthorized access to sensitive financial information.
-
Reviewing IRS Notices: Advise clients to carefully review any correspondence from the IRS. Fraudulent activity often triggers IRS notices, and addressing these early can prevent false filings from progressing further.
-
Monitoring Financial Accounts: Recommend regular monitoring of bank and credit accounts for suspicious transactions. While not directly linked to tax filings, this practice strengthens overall financial security and can detect broader fraud patterns.
-
Filing Early: The sooner a legitimate tax return is filed, the less opportunity there is for criminals to file a fraudulent return first. Advisors should encourage clients to submit tax returns as early as possible.
-
Using the IRS IP PIN Program: The IRS’ Identity Protection Personal Identification Number (IP PIN) program, originally limited to confirmed identity theft victims, is now available to all taxpayers. An IP PIN adds a layer of security to prevent others from filing false returns under a taxpayer’s Social Security number, making it a valuable preventive tool.
With these strategies, advisors can help clients proactively protect themselves against a rising tide of tax-related identity theft threats.
Strengthening fraud prevention with technology-driven monitoring solutions
While traditional fraud monitoring methods remain essential, technology-driven solutions provide a new level of protection that can significantly reduce risk. Some platforms now offer real-time visibility into IRS account activity, capable of detecting suspicious behavior such as tax return filings, issued refunds, and address changes. These tools can send alerts early if fraud indicators appear, enabling faster responses.
“After our client learned they had been the victim of tax fraud, our firm had to send in a paper return, leaving us in a frustrating ‘wait-and-see’ mode with no visibility into the IRS’ processing timeline,” said the advisor.
“If we had implemented [a service like] TaxStatus at the time, we could have proactively monitored our client's account. TaxStatus would have alerted us immediately if there was any activity on the account, such as a return being filed. This early notification could have allowed us to detect the fraudulent filing right away and take swift action to protect our client’s identity and refund.”
Integrated into a broader fraud prevention strategy, monitoring solutions empower advisors to proactively protect their clients. Alerts for unusual activity allow advisors and clients to respond promptly, enhancing the advisor’s role as a vigilant protector of their clients’ financial well-being and reinforcing trust in the advisory relationship.
However, it’s critical that these tools supplement – rather than replace – standard security practices. Advisors should encourage clients to adopt a proactive, multilayered approach to fraud prevention, which remains the strongest defense against identity theft.
Protecting clients in the wake of the 2024 National Public Data breach
The 2024 NPD breach is a stark reminder of the vulnerabilities that exist in today’s digital landscape. This event emphasizes the need for financial advisors to be proactive in educating and protecting clients from tax-related fraud. By offering a mix of education, strong security practices, and technology-driven solutions, advisors can help mitigate the risks posed by breaches and help safeguard their clients’ financial identities.
“I'm sharing our story to help protect more people from falling victim to these risks,” said the anonymous advisor. “With AI, the dark web, and the proliferation of new tools criminals are using to commit identify fraud, it’s alarming what’s possible now. The threats are out there, and they’re getting more sophisticated every day.”
In the ever-evolving world of cyber threats, take action before fraud occurs. Financial advisors who guide their clients through these challenges demonstrate their expertise and commitment to protecting their clients’ financial security.
Kevin Knull, CFP®, is president of TaxStatus (www.TaxStatus.com) and a certified financial planner focused on elevating the quality of advice in the financial services industry. TaxStatus provides frictionless, continuous IRS account monitoring and consent-based access to IRS tax records for financial professionals and the clients they serve.
A message from Advisor Perspectives and VettaFi: To learn more about this and other topics, check out some of our webcasts.
More Liquidity Topics >