IRS, KPMG partners launch framework to combat tax identity fraud

The IRS is trying to move identity-fraud defense upstream. Its new Security Summit framework trims the old six-work-group structure to five teams focused on earlier detection, forecasting emerging schemes, prevention, response and post-filing efforts, signaling that tax fraud is being fought before a return ever looks suspicious.

For KPMG tax and advisory professionals, the practical change is less about slogans than about workflow. The IRS said the enhanced structure will deepen collaboration with payroll partners, which puts payroll data, source documents, identity proofing and digital workflows squarely in the attack surface. That means clients are more likely to ask what has to change in document handling, authentication, data exchange and employee training before the next filing cycle.

The Security Summit has been around since 2015 as a public-private partnership built to protect taxpayers and the tax system from identity theft refund fraud. It brings together the IRS, state tax agencies, tax preparation firms, software developers, payroll and tax financial product processors, tax professional organizations and financial institutions. In other words, the people who build and run the tax filing chain are also the ones expected to spot where criminals are slipping in.

That matters because the fraud problem has become more data-driven and harder to catch with old controls. The IRS says identity thieves are increasingly stealing underlying tax and financial information from taxpayers, businesses and tax professionals, then using that data to file authentic-looking returns that can blend in with legitimate filings. The new framework is meant to make warning-sharing faster and more actionable, not just more frequent.

The Summit’s track record gives the latest restructuring some credibility. IRS materials say its safeguards produced a 57% decline in confirmed identity theft returns and a 65% decline in the number of taxpayers reporting themselves as victims in the first two years. The partnership also runs National Tax Security Awareness Week each late fall, which has served as its public-facing reminder that fraud prevention is not a once-a-year compliance memo.

For KPMG teams, the key question is whether this update creates better accountability or just repackages coordination that already existed. The answer will show up in how quickly threat signals move between IRS analysts, states, software vendors, payroll processors and tax firms, and whether that leads to sharper front-end checks before returns are filed. If the framework works, it should reduce the number of bad surprises that land in January and February, when preparers and clients are already under peak-season pressure.