August 16, 2013 2:04 pm

The fraudbusters

When identity thieves targeted a woman in Atlanta, Georgia, and claimed a fake tax refund, they unleashed a massive new anti-fraud campaign
David Smith and Judith Barringer-Jenkins, both systems engineers at the Network Operations Center at the Lexis Nexis headquarters in Alpharetta, Georgia©Bryan Meltz

Scanning for fraud: engineers at the LexisNexis data analysis centre in Alpharetta, Georgia

When Michelle MacGinnitie, of Atlanta, Georgia, tried to file her tax return in April 2011, she was surprised to be told she had already done so. Not only that, she had also cashed a refund for overpaid tax from the previous year. Someone had used her name and social security number to file a fake return, and then claimed a large refund based on the falsified figures. The refund had been credited to a debit card that had long since been cashed.

Michelle MacGinnitie happens to be married to Douglas MacGinnitie, the commissioner of Georgia’s Department of Revenue. MacGinnitie took office just a few months before his wife was targeted, and tax refund fraud had barely crossed his radar – even though it was bleeding the state of tens of millions of dollars each year. Across the US, the scale of the crime is enormous: the Treasury Inspector General for Tax Administration estimates that $5bn in federal tax revenues ends up in the hands of identity thieves each year.

More

IN FT Magazine

“If it can happen to the commissioner’s wife, it can happen to anyone,” said MacGinnitie, when we met in his office in the Department of Revenue’s glass tower in downtown Atlanta. “At first I was like, ‘What?’ I don’t think I really understood what had happened … I probably laughed because it’s kind of ironic.” Then MacGinnitie, a 46-year-old former lawyer and city councillor, began to wonder what could be done about the problem. “It probably did make me somewhat empathetic to people who have to go through it.”

MacGinnitie quickly realised that “there was a lot of stuff going on that we wouldn’t be able to stop on our own”. So when a former police officer now working at data analytics company LexisNexis got in touch, out of the blue, and asked if Georgia wanted to take part in trials of a new anti-fraud system designed to detect identity theft, MacGinnitie was in the mood to listen.

Andrew Bucholz, Senior Director of Government Fraud Solutions at Lexis Nexis©Bryan Meltz

Andy Bucholz at LexisNexis

The origins of the LexisNexis project lay in a chance encounter at the company’s Washington offices several years earlier. One morning in May 2008, Andy Bucholz, a former policeman who was now working in sales at LexisNexis, helped a senior colleague who had forgotten his pass to gain access to the building. Haywood “Woody” Talcove – the company’s government services group chief executive – was grateful, and he invited Bucholz to lunch to say thank you. As they sat down to eat, Talcove had no idea of Bucholz’s background, or that he was obsessed with both big data and identity fraud and had come to work at LexisNexis after a failed attempt at a tech start-up had almost bankrupted him.

By the end of lunch, Talcove had moved Bucholz out of sales and given him the go-ahead to develop a new kind of software that could be used as a frontline defence against the nation’s highly adaptive ID fraudsters. Bucholz’s idea was to create 31 “fraud filters” or computer codes that could run state and federal tax returns against LexisNexis’s massive databases and flag suspicious characteristics in the forms. But he needed tax returns to test the software; Talcove insisted on data for an entire state.

That’s where MacGinnitie came in. Georgia was the first state to agree to allow LexisNexis access to all of one year’s tax returns – four million of them. LexisNexis then ran residents’ names, addresses and social security numbers against its own databases of property records, court records, bankruptcy liens and criminal convictions to look for anomalies. Tens of thousands of suspicious returns were picked up, including the one filed in Michelle MacGinnitie’s name.

“We get pitched all the time by consultants peddling stuff,” said MacGinnitie. “Telling me I have a problem is one thing. Telling me how to solve it is another. They were pretty close to telling us how to solve the problem.”

Georgia tax comissioner Douglas J. MacGinnitie photographed at his office at the Georgia Department of Revenue in Atlanta©Bryan Meltz

Douglas MacGinnitie, commissioner of Georgia’s Department of Revenue, in his Atlanta office

MacGinnitie persuaded the state legislature to allocate $2.5m to run the LexisNexis system alongside its existing fraud detection system for a year. In 2012, Georgia’s system identified fraudulent attempts to claim more than $70m in tax refunds. The LexisNexis system picked up a further $23m in illegal claims.

“If this were a business, every day, all day long, you would invest $2m to return $23m,” MacGinnitie told me. “That’s real money.”

. . .

In the old days fraudsters needed drugs. In the new world what they need are identities,” Bucholz said as he showed me around the tightly guarded network operations centre at one of LexisNexis’ data facilities. “I thought, this is an identity problem and one a lot of government agencies are having. We could solve this.”

Mark Smith, a systems engineer at the Network Operations Center at the Lexis Nexis headquarters in Alpharetta©Bryan Meltz

Handling data at the LexisNexis complex in Alpharetta

Five thousand servers at the data centre in Alpharetta, a leafy suburb north of Atlanta, process LexisNexis’s 30 pedabytes of data. A stack of laptop computers as high as the Empire State Building would be required to store an equivalent amount of information.

This is where Georgia’s tax returns are checked. Fewer than 100 employees have access: their palms are scanned for entry. The air is refrigerated and filtered to keep out pollutants, pollen and humidity. A strange scent – the unfamiliar smell of pure air – fills the corridors. There are no toilets in the hub of the data centre, to prevent the spread of bacteria. Nothing must endanger the health of those giant servers.

Technological growth is “convenient for citizens and for the government, but it opened up a backdoor to fraud,” said Bucholz. It’s a door he and MacGinnitie are determined to slam shut. After the LexisNexis search flags a suspicious return, Georgia takes over, asking the taxpayer to answer an online multiple-choice questionnaire, or to call the state’s revenue agents’ office to complete it over the phone. The tests might include identifying which of four addresses is the one that the interviewee has not lived at, or which of four telephone numbers they have never had.

If someone fails the questionnaire twice, they are referred to a special investigative group within the revenue service. But cases are rarely straightforward. Fraudsters evolve their schemes as quickly as the investigators can catch up with them. Last year, for example, it was common to have a phoney form filled out by a single head of household. This year, Georgia officials are seeing more false joint returns, sometimes lumping together two strangers, with no connection to one another, as couples.

Some of the equipment at the Lexis Nexis headquarters in Alpharetta©Bryan Meltz

Hardware at the Alpharetta complex

One thing fraudsters are consistent about, though, is that they almost always ask for refunds to be placed on preloaded debit cards, which are not linked to any bank account. “You can go to Walmart and buy 25 debit cards and … have deposits made on to them,” said Staci Guest, the head of Georgia’s special investigations division. Otherwise, sophisticated fraud gangs have been known to bribe postal workers to intercept mail if refunds are being sent as cheques.

The addition of the LexisNexis program to detect extra cases, said Guest, is “kind of a no-brainer”. But, according to MacGinnitie, the commissioner, that’s by no means the end of the story. “We are right now better at blocking than prosecuting,” he said.

Across the US, though, the rising cost of tax refund fraud has forced a change in how the Department of Justice investigates cases. In March this year, Russell B Simmons Jr, a used-car dealer and convicted drug trafficker from Tampa Bay, Florida, was sentenced to 15 years in prison for tax frauds totalling $1.7m. Authorities also seized a green 2005 Bentley GT, an 18-carat gold Rolex watch, a bracelet with 2,420 diamonds, and other jewellery.

The Simmons case was brought as part of Operation Rainmaker – so named by Secret Service agents and local law enforcers after finding that criminal gangs were hosting what they called “rain parties”. Fraudsters get together in hotel rooms and, in a cloud of marijuana smoke, file hundreds of fake returns from their laptops. The IRS estimates that 78 per cent of all tax returns receive refunds, for an average amount of $2,650: the criminals just sit back and wait for the money to “rain down”.

“This was such easy money that criminals converted [their modus operandi] to using the electronic route to steal from the government,” said John Joyce, special agent in charge of the Secret Service’s Tampa field office.

. . .

The Simmons case exposed bureaucratic hurdles that were allowing many fraudsters to operate with impunity. One Tampa detective testified before Congress that the hold-ups had delayed the Simmons investigation by months.

“We’re making a big effort in this office for real-time prosecutions … even if that means not having the bigger picture,” said Steven Grimberg, deputy chief of the economic crimes section of the US attorney’s office in Atlanta (which was not involved in the Simmons case). “We go ahead and charge them to stop the bleeding.” In Atlanta, prosecutors are also charging defendants with aggravated identity theft, which has a two-year mandatory minimum sentence, in addition to any sentence imposed for other charges.

In September 2012, the DoJ expanded a pilot programme it started in Florida – in response to delays in the Simmons case – to all 50 states, allowing prosecutors to move more swiftly. The Justice Department also eased a rule requiring tax supervisors in Washington to sign off on every case before a grand jury investigation could be launched or funds seized. And in March this year the IRS also struck a deal with all 50 states to allow investigators to view taxpayer records if they have consent from the victims. Filing criminal charges will still require approval first from federal tax attorneys in Washington.

The IRS has doubled the number of employees working on identity theft to 3,000, and is adding more filters to its review systems, including ones that flag multiple refunds to a single bank account or address. So far this year, the IRS says it has rejected or suspended 4.6 million suspicious returns seeking more than $7.4bn, and has opened 1,100 new investigations since October. It now believes that an earlier five-year projection of $21bn lost to fraud is “significantly overstated”.

Even so, “the volume of identity theft returns continues to grow at an alarming rate,” Nina Olson, the IRS’s national taxpayer advocate told Congress in April. In the first four months of the 2013 fiscal year, the IRS said it opened 542 new investigations – adding them to the 1.25 million cases it has ongoing.

Darlene, photographed at her home in Canton, Georgia, was a victim of identify theft and tax fraud when her information was stolen from her accountant's office and used to file fraudulent tax returns©Bryan Meltz

Darlene, whose identity was stolen, in her Georgia home

One of those “cases” is Darlene, a full-time mother who lives in the Atlanta area and who does not want to give her surname. She filed her federal income tax return with her husband earlier this year. A few months later it was rejected because a return had already been made in her name.

“We don’t know how much they sought,” said Darlene, 58. “How could this happen? How is it that there is nothing to alert the government to false [returns] being filed or [using] different addresses?”

The theft of her identity was linked to a burglary at her tax preparer, Costen Tax Group, on December 1 2012. Thieves slid through a window at the back of the building and stole a desktop computer and monitor. Priscilla Costen, owner of the tax firm, estimates 80 of her clients were affected, with the thieves obtaining over $1m in fraudulent tax refunds using their identities. “It has been a headache,” said Costen. “I’m a little upset with the IRS and the way it’s been handled. It should be a red flag if someone [reported] $150,000 in wages and then all of a sudden they’re on $30,000 a year. The filters aren’t working. By the time it becomes apparent what happened they have already absconded with the money.”

“As far as we know, nobody has used our social security numbers for anything else but tax fraud. But we are holding our breath,” said Darlene. Her main worry is that the thieves, who now have her home address, will realise her family is well-off and burgle them. “That is probably my biggest fear,” she said. “The rest of this is really frustration, but that’s my biggest fear.”

Last month, a state judge issued a warrant for the arrest of two suspects in the identity theft scam against Mrs MacGinnitie – and she is just one of four people against whom the pair are believed to have committed 46 counts of identity and card fraud. No warrants are out in Darlene’s case. She has to hope that the current focus on refund fraud will deter organised groups from preying on taxpayers like her. But Special Agent Joyce warned that, nationwide, the campaign was up against determined fraudsters who viewed tax fraud as a victimless crime.

“They didn’t have to look somebody in the face when they stole from them,” he said. “One criminal said to me, ‘It’s like if somebody left the keys in their car. If I didn’t steal it, somebody else would.’”

-------------------------------------------

Kara Scannell is the FT’s US regulatory correspondent. To comment on this article, please email magazineletters@ft.com

Copyright The Financial Times Limited 2014. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.

LIFE AND ARTS ON TWITTER

More FT Twitter accounts