A better path forward for the Internal Revenue Service’s verification system

It is not too late for the IRS to reset, table its current thinking and embrace a more open and collaborative approach.

Friction is the enemy of a good customer experience. Especially during the application and onboarding phase of a new financial relationship, putting a potential customer through unnecessary hoops or a slow, inefficient process is a sure way to lose a prospect.

Now imagine if a consumer or small business owner applying for a loan online is directed to stop the application, navigate to the web site of a federal government agency or download their app, create an account, validate their identity, and grant approval to the agency to share specific information with their lender, all before any progress can be made with the loan application. Now imagine if the federal agency in question is the Internal Revenue Service.

It’s hard to conceive of a worse customer experience.

Yet this is exactly what the IRS is proposing for its modernization of the Income Verification Express Service (IVES). A 2018 law — the Taxpayer First Act — directed IRS to upgrade this system, which is used by financial institutions to verify a consumer or small business loan applicant’s income data. Congress called for a fully automated, real-time capability that uses an application programming interface (API) to make the process seamless, fast and unobtrusive for consumers. The existing IVES system is fax-based and takes several days to provide responses to lenders.

If implemented as currently envisioned, the IRS’s proposed approach will miss the intent of Congress to streamline and speed up the lending process for consumers and small business owners, and result in a costly system that will not be used by most in the private sector.

The IRS is pursuing this approach because it wants to control the identity verification process. Under the existing IVES system, this function is the responsibility of the entity making the request in a “trusted third party” model. IRS has not identified any shortcoming with this approach or provided any justification for considering such a drastic and disruptive change. Despite this, the financial services industry is calling for closer collaboration with the IRS, including on technical aspects of a future “eIVES” system.

Our companies, and the many others that are interested in the IRS getting this right, are committed to upholding consumer privacy standards and ensuring the person applying for a financial product is who they say they are. In fact, we and our partners are required to adhere to very stringent financial rules and regulations. As such, a future “eIVES” system that maintains the existing “trusted third party” model for identity verification is uniquely logical and efficient.

The IRS need not look far to see how this can be accomplished successfully. Over the last few years, many in the financial industry have been collaborating closely with the Social Security Administration to plan and build the Electronic Consent Based Social Security Number Verification system (eCBSV). This system — which validates whether a given name, date-of-birth and SSN on a financial application match with SSA’s records in real-time via an API — relies on regulated financial institutions or their service providers connecting to the system to:

  • Obtain consent from the consumer
  • Verify that the entity is permitted to use the system
  • Maintain the security and confidentiality of the consumer’s identity information, consistent with established financial regulations

From the earliest days of eCBSV development – which also began in 2018 as a result of a congressional directive – the SSA sat down with future users of the system to understand the operational and technical requirements to make a successful system. Today, the eCBSV is in the second phase of its pilot and has verified the data for over 22 million consumer financial applications, preventing fraud along the way. The eCBSV has cost roughly $18 million, a steep discount from the nearly $80 million the IRS has estimated it will cost to build a similar API capability.

It is not too late for the IRS to reset, table its current thinking and embrace a more open and collaborative approach à la SSA and eCBSV. Critical to this would be starting anew in planning for the technical capabilities of the system, including the best way to maintain a model that places the responsibility for identity verification with the users of the system. Pausing now is necessary for the IRS to meet the intent of Congress and ensure the system that gets built provides a benefit to American consumers and small businesses.

Jason Kratovil is Head of Public Policy and Industry Relations for SentiLink, a provider of fraud and identity solutions. Ryan Metcalf is Head of Public Policy and Regulatory Affairs for FundingCircle, a peer-to-peer lending marketplace for small and medium-sized businesses.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    Amelia Brust/Federal News Networkcybersecurity

    How should software producers be held accountable for shoddy cybersecurity products?

    Read more
    Amelia Brust, Federal News NetworkTelework

    What the UK gets about remote work that the US doesn’t

    Read more