[Congressional Bills 114th Congress]
[From the U.S. Government Publishing Office]
[S. 676 Introduced in Senate (IS)]

114th CONGRESS
  1st Session
                                 S. 676

   To amend the Internal Revenue Code of 1986 to prevent tax-related 
         identity theft and tax fraud, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             March 9, 2015

 Mr. Nelson (for himself, Mr. Brown, Mr. Cardin, Mrs. Feinstein, Mrs. 
 Gillibrand, Ms. Klobuchar, and Mr. Schumer) introduced the following 
  bill; which was read twice and referred to the Committee on Finance

_______________________________________________________________________

                                 A BILL


 
   To amend the Internal Revenue Code of 1986 to prevent tax-related 
         identity theft and tax fraud, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE; ETC.

    (a) In General.--This Act may be cited as the ``Identity Theft and 
Tax Fraud Prevention Act of 2015''.
    (b) Table of Contents.--The table of contents of this Act is as 
follows:

Sec. 1. Short title; etc.
       TITLE I--PROTECTING VICTIMS OF TAX-RELATED IDENTITY THEFT

Sec. 101. Expedited refunds for identity theft victims.
Sec. 102. Single point of contact for identity theft victims.
Sec. 103. Enhancements to IRS PIN Program.
Sec. 104. Electronic filing opt out.
Sec. 105. Taxpayer notification of suspected identity theft.
  TITLE II--SHUTTING DOWN ABUSIVE IDENTITY THEFT AND TAX FRAUD SCHEMES

Sec. 201. Restrictions on ability to use prepaid cards for tax fraud.
Sec. 202. Limitation on multiple tax refunds to the same account.
TITLE III--ADDING CRITICAL NEW PROTECTIONS TO SAFEGUARD SOCIAL SECURITY 
                                NUMBERS

Sec. 301. Reducing medical identity theft.
Sec. 302. Prohibiting the display of Social Security account numbers on 
                            newly issued Medicare identification cards 
                            and communications provided to Medicare 
                            beneficiaries.
Sec. 303. Prohibition of the display, sale, or purchase of Social 
                            Security numbers.
Sec. 304. Criminal penalties for the misuse of a Social Security 
                            number.
Sec. 305. Civil actions and civil penalties.
  TITLE IV--STRENGTHENING LAWS AND IMPROVING ENFORCEMENT AGAINST TAX-
                         RELATED IDENTITY THEFT

Sec. 401. Criminal penalty for using a false identity in connection 
                            with tax fraud.
Sec. 402. Increased penalty for improper disclosure or use of 
                            information by preparers of returns.
Sec. 403. Authority to transfer Internal Revenue Service appropriations 
                            to combat tax fraud.
Sec. 404. Local law enforcement liaison.
Sec. 405. Extend Internal Revenue Service authority to require 
                            truncated social security numbers on Form 
                            W-2.
Sec. 406. Clarification with respect to regulation of Federal tax 
                            return preparers.
Sec. 407. Authentication of users of electronic services accounts.
Sec. 408. Identity verification by tax return preparers required.
    TITLE V--ACCELERATING TRANSITION TO A REAL-TIME TAX SYSTEM THAT 
                  PROTECTS TAXPAYERS AND REDUCES FRAUD

Sec. 501. Improvement in access to information in the National 
                            Directory of New Hires for tax 
                            administration purposes.
Sec. 502. Plan of action for transitioning to a real-time tax system.

       TITLE I--PROTECTING VICTIMS OF TAX-RELATED IDENTITY THEFT

SEC. 101. EXPEDITED REFUNDS FOR IDENTITY THEFT VICTIMS.

    Not later than 180 days after the date of the enactment of this 
Act, the Secretary of the Treasury, or the Secretary's delegate, shall 
establish a plan of action to reduce the administrative time required 
to process and resolve cases of identity theft in connection with tax 
returns, including the issuance of refunds to legitimate taxpayers, to 
no more than 90 days, on average.

SEC. 102. SINGLE POINT OF CONTACT FOR IDENTITY THEFT VICTIMS.

    Not later than 180 days after the date of the enactment of this 
Act, the Secretary of the Treasury, or the Secretary's delegate, shall 
establish new procedures to ensure that any taxpayer whose return has 
been delayed or otherwise adversely affected due to identity theft has 
a single point of contact at the Internal Revenue Service throughout 
the processing of his or her case. The single point of contact shall 
track the case of the taxpayer from start to finish and coordinate with 
other specialized units to resolve case issues as quickly as possible.

SEC. 103. ENHANCEMENTS TO IRS PIN PROGRAM.

    (a) In General.--The Secretary of the Treasury, or the Secretary's 
delegate, shall issue a personal identification number to any 
individual requesting protection from identity theft-related tax fraud 
after the individual's true identity has been established and verified.
    (b) Report.--Not later than 360 days after the date of the 
enactment of this Act, the Secretary of the Treasury shall submit to 
Congress a report analyzing the effectiveness of the program described 
in subsection (a) in reducing tax fraud.

SEC. 104. ELECTRONIC FILING OPT OUT.

    Not later than 180 days after the date of the enactment of this 
Act, the Secretary of the Treasury, or the Secretary's delegate, shall 
implement a program under which a person who has filed an identity 
theft affidavit with the Secretary may elect to prevent the processing 
of any Federal tax return submitted in an electronic format by a person 
purporting to be such a person.

SEC. 105. TAXPAYER NOTIFICATION OF SUSPECTED IDENTITY THEFT.

    (a) In General.--Chapter 77 of the Internal Revenue Code of 1986 is 
amended by adding at the end the following new section:

``SEC. 7529. NOTIFICATION OF SUSPECTED IDENTITY THEFT.

    ``If the Secretary determines that there was an unauthorized use of 
the identity of any taxpayer, the Secretary shall--
            ``(1) as soon as practicable and without jeopardizing an 
        investigation relating to tax administration, notify the 
        taxpayer, and
            ``(2) if any person is criminally charged by indictment or 
        information relating to such unauthorized use, notify such 
        taxpayer as soon as practicable of such charge.''.
    (b) Clerical Amendment.--The table of sections for chapter 77 of 
the Internal Revenue Code of 1986 is amended by adding at the end the 
following new item:

``Sec. 7529. Notification of suspected identity theft.''.
    (c) Effective Date.--The amendments made by this section shall 
apply to determinations made after the date of the enactment of this 
Act.

  TITLE II--SHUTTING DOWN ABUSIVE IDENTITY THEFT AND TAX FRAUD SCHEMES

SEC. 201. RESTRICTIONS ON ABILITY TO USE PREPAID CARDS FOR TAX FRAUD.

    (a) Accounts With Elevated Risk of Identity Theft.--
            (1) In general.--Not later than 360 days after the date of 
        the enactment of this Act, the Federal primary financial 
        regulatory agencies, in consultation with the Secretary of the 
        Treasury, shall jointly prescribe regulations requiring newly 
        issued deposit or transaction account numbers, as the case may 
        be, to be distinguishable between verified accounts and at-risk 
        accounts.
            (2) Definitions.--As used in this section--
                    (A) the term ``at-risk account'' means any deposit 
                account or transaction account, including accounts 
                associated with a prepaid access arrangement, that is 
                not a verified account;
                    (B) the term ``primary financial regulatory 
                agency'' has the same meaning as in section 2(12) of 
                the Dodd-Frank Wall Street Reform and Consumer 
                Protection Act (12 U.S.C. 5301(12)); and
                    (C) the term ``verified account'' means any deposit 
                account or transaction account in which the identity of 
                the account holder and any prepaid access customer 
                associated with the account is verified by--
                            (i) customer identification procedures that 
                        comply with section 5318(l) of title 31, United 
                        States Code; and
                            (ii) direct review of an original, 
                        unexpired government-issued form of 
                        identification bearing a photograph or similar 
                        safeguard, such as a driver's license or 
                        passport.
    (b) GAO Audit of Debit Card Issuers To Ensure Compliance With 
Customer Identification Requirements.--
            (1) Review and evaluation.--The Comptroller General of the 
        United States shall review and evaluate the effectiveness of 
        the current Customer Identification Program rules implementing 
        the customer identification program requirements under section 
        5318(l) of title 31, United States Code, as such rules apply to 
        the prepaid card industry.
            (2) Required considerations.--The review and evaluation 
        required under paragraph (1) shall--
                    (A) consider whether weaknesses in current customer 
                identification programs are contributing to identity 
                theft and financial loss, particularly with respect to 
                tax fraud; and
                    (B) review whether--
                            (i) current risk-based standards for 
                        customer identification are the best means to 
                        prevent criminal use of prepaid cards and 
                        provide sufficient guidance and certainty to 
                        the sellers and providers of prepaid access;
                            (ii) current exclusions from customer 
                        identification requirements, such as exclusions 
                        for government benefit programs, are 
                        appropriate; and
                            (iii) Federal regulatory agencies exercise 
                        adequate oversight and supervision of customer 
                        identification practices of the prepaid card 
                        industry.
            (3) Report to congress.--Not later than 360 days after the 
        date of the enactment of this Act, the Comptroller General of 
        the United States shall submit to Congress a report--
                    (A) on the findings of the review and evaluation 
                required under paragraph (1); and
                    (B) containing any recommendations or proposals for 
                legislative or administrative action to improve the 
                customer identification practices of the prepaid card 
                industry.

SEC. 202. LIMITATION ON MULTIPLE TAX REFUNDS TO THE SAME ACCOUNT.

    (a) In General.--Not later than 180 days after the date of the 
enactment of this Act, the Secretary of the Treasury, or the 
Secretary's delegate, shall issue regulations that restrict the 
delivery or deposit of multiple tax refunds from the same tax year to 
the same individual account or mailing address.
    (b) Exception.--The regulation promulgated under subsection (a) 
shall provide that the restrictions shall not apply in cases and 
situations where the Secretary determines there is not a likelihood of 
tax fraud.

TITLE III--ADDING CRITICAL NEW PROTECTIONS TO SAFEGUARD SOCIAL SECURITY 
                                NUMBERS

SEC. 301. REDUCING MEDICAL IDENTITY THEFT.

    (a) Reduction in Reliance on Social Security Account Numbers in 
Electronic Health Records.--Section 3002 of the Public Health Service 
Act (42 U.S.C. 300jj-12) is amended by adding at the end the following:
    ``(f) Authorization To Develop Certification Standards.--
            ``(1) Plan.--
                    ``(A) Development.--The HIT Policy Committee shall 
                develop a plan to provide for a reliable nationwide 
                health information technology infrastructure that 
                precludes the use of an individual's social security 
                account number for data matching, coordination of 
                benefits, billing, and research purposes.
                    ``(B) Report to congress.--Not later than 1 year 
                after the date of the enactment of this subsection, the 
                HIT Policy Committee shall submit to Congress a report 
                detailing the plan developed under subparagraph (1), 
                together with recommendations for such legislation and 
                administrative action as the HIT Policy Committee 
                determines appropriate.
            ``(2) Incorporation.--Not later than 5 years after the date 
        of the enactment of this subsection, the Secretary, in 
        consultation with the HIT Standards Committee and following 
        notice and comment rulemaking, shall incorporate the plan 
        developed under paragraph (1)(A) in certification criteria and 
        use all means available to impose the plan on non-certified 
        health information systems.''.
    (b) Improved Security Standards.--
            (1) In general.--Section 1173(d)(1) of the Social Security 
        Act (42 U.S.C. 1320d-2(d)(1)) is amended--
                    (A) in subparagraph (A)(v), by striking ``and'' at 
                the end;
                    (B) in subparagraph (B), by striking the period at 
                the end and inserting ``: and''; and
                    (C) by adding at the end the following new 
                subparagraph:
                    ``(C) require a health care provider to 
                discontinue, over an established period of time, the 
                storage of an individual's social security account 
                number after the individual's eligibility and financial 
                responsibility for specific services has been 
                determined, except when--
                            ``(i) the individual's ability to pay for 
                        such services is in doubt;
                            ``(ii) the individual's social security 
                        account number is needed for the coordination 
                        of benefits for services rendered prior to the 
                        effective date of this subparagraph; or
                            ``(iii) the health insurance claim number 
                        of the individual contains the individual's 
                        full social security account number.''.
            (2) Effective date.--The amendments made by paragraph (1) 
        shall take effect 90 days after the earlier of--
                    (A) the date the Secretary of Health and Human 
                Services implements section 302(b); or
                    (B) the date that is 4 years after the date of the 
                enactment of this Act.
    (c) Report.--Not later than 1 year after the date of the enactment 
of this Act, the Secretary of Health and Human Services shall submit to 
Congress a report on the state of information security at medical 
offices and facilities. Such report shall include recommendations for 
such legislative actions as the Secretary determines appropriate to 
help prevent identity theft at such offices and facilities.

SEC. 302. PROHIBITING THE DISPLAY OF SOCIAL SECURITY ACCOUNT NUMBERS ON 
              NEWLY ISSUED MEDICARE IDENTIFICATION CARDS AND 
              COMMUNICATIONS PROVIDED TO MEDICARE BENEFICIARIES.

    (a) In General.--Not later than 2 years after the date of the 
enactment of this Act, the Secretary of Health and Human Services, in 
consultation with the Commissioner of Social Security, shall establish 
and begin to implement procedures to eliminate the unnecessary 
collection, use, and display of Social Security account numbers of 
Medicare beneficiaries.
    (b) Newly Issued Medicare Cards and Communications Provided to 
Beneficiaries.--
            (1) Newly issued cards.--
                    (A) In general.--Not later than 4 years after the 
                date of enactment of this Act, the Secretary of Health 
                and Human Services, in consultation with the 
                Commissioner of Social Security, shall ensure that each 
                newly issued Medicare identification card meets the 
                requirements described in subparagraph (B).
                    (B) Requirements.--
                            (i) In general.--Subject to clause (ii), 
                        the requirements described in this subparagraph 
                        are, with respect to a Medicare identification 
                        card, that the card does not display or 
                        electronically store (in an unencrypted format) 
                        a Medicare beneficiary's Social Security 
                        account number.
                            (ii) Use of partial account number.--The 
                        Secretary of Health and Human Services, in 
                        consultation with the Commissioner of Social 
                        Security, may provide for the use of a partial 
                        Social Security account number on a Medicare 
                        identification card if the Secretary determines 
                        that such use does not allow an unacceptable 
                        risk of fraudulent use.
            (2) Communications provided to beneficiaries.--Not later 
        than 4 years after the date of enactment of this Act, the 
        Secretary of Health and Human Services shall prohibit the 
        display of a Medicare beneficiary's Social Security account 
        number on written or electronic communication provided to the 
        beneficiary unless the Secretary, in consultation with the 
        Commissioner of Social Security, determines that inclusion of 
        Social Security account numbers on such communications is 
        essential for the operation of the Medicare program.
    (c) Medicare Beneficiary Defined.--In this section, the term 
``Medicare beneficiary'' means an individual entitled to, or enrolled 
for, benefits under part A of title XVIII of the Social Security Act 
(42 U.S.C. 1395c et seq.) or enrolled for benefits under part B of such 
title (42 U.S.C. 1395j et seq.).
    (d) Conforming Amendments.--
            (1) Reference in the social security act.--Section 
        205(c)(2)(C) of the Social Security Act (42 U.S.C. 
        405(c)(2)(C)) is amended--
                    (A) by moving clause (x), as added by section 
                1414(a)(2) of the Patient Protection and Affordable 
                Care Act (Public Law 111-148), 6 ems to the left;
                    (B) by redesignating clause (x), as added by 
                section 2(a)(1) of the Social Security Number 
                Protection Act of 2010 (42 U.S.C. 1305 note), as clause 
                (xi);
                    (C) by redesignating clause (xi), as added by 
                section 2(b)(1) of the Social Security Number 
                Protection Act of 2010 (42 U.S.C. 1305 note), as clause 
                (xii); and
                    (D) by adding after clause (xii), as redesignated 
                by subparagraph (C), the following new clause:
    ``(xiii) Subject to the Identity Theft and Tax Fraud Prevention Act 
of 2015, social security account numbers shall not be displayed on 
Medicare identification cards or on communications provided to Medicare 
beneficiaries.''.
            (2) Access to information.--Section 205(r) of the Social 
        Security Act (42 U.S.C. 405(r)) is amended--
                    (A) by moving paragraph (9) 2 ems to the left; and
                    (B) by adding at the end the following new 
                paragraph:
    ``(10) To prevent and identify fraudulent activity, the 
Commissioner shall upon the request of the Attorney General or upon the 
request of the Secretary of Health and Human Services enter into a 
reimbursable agreement with the Attorney General or the Secretary to 
provide information collected under paragraph (1) if--
            ``(A) the requirements of subparagraphs (A) and (B) of 
        paragraph (3) are met; and
            ``(B) such agreement includes appropriate provisions to 
        protect the confidentiality of information provided by the 
        Commissioner under such agreement.''.
    (e) Pilot Program.--
            (1) Establishment.--The Secretary shall establish a pilot 
        program utilizing smart card technology to evaluate--
                    (A) the applicability of smart card technology to 
                the Medicare program under title XVIII of the Social 
                Security Act (42 U.S.C. 1395 et seq.), including the 
                applicability of such technology to Medicare 
                beneficiaries or Medicare providers; and
                    (B) whether such cards would be effective in 
                preventing fraud under the Medicare program.
            (2) Implementation.--
                    (A) Initial implementation.--The Secretary shall 
                implement the pilot program under this subsection not 
                later than 1 year after the date of enactment of this 
                Act.
                    (B) Scope and duration.--The Secretary shall 
                conduct the pilot program--
                            (i) in not less than 2 States; and
                            (ii) for a period of not less than 180 days 
                        or more than 2 years.
            (3) Report.--Not later than 12 months after the completion 
        of the pilot program under this subsection, the Secretary shall 
        submit to the appropriate committees of Congress and make 
        available to the public a report that includes the following:
                    (A) A summary of the pilot program and findings, 
                including--
                            (i) the costs or savings to the Medicare 
                        program as a result of the implementation of 
                        the pilot program;
                            (ii) whether the use of smart card 
                        technology resulted in improvements in the 
                        quality of care provided to Medicare 
                        beneficiaries under the pilot program; and
                            (iii) whether such technology was useful in 
                        preventing or detecting fraud, waste, and abuse 
                        in the Medicare program.
                    (B) Recommendations regarding whether the use of 
                smart card technology should be expanded under the 
                Medicare program.
            (4) Definitions.--In this subsection:
                    (A) Medicare provider.--The term ``Medicare 
                provider'' includes a provider of services (as defined 
                in section 1861(u) of the Social Security Act (42 
                U.S.C. 1395x(u))) and a supplier (as defined in section 
                1861(d) of such Act (42 U.S.C. 1395x(d))).
                    (B) Secretary.--The term ``Secretary'' means the 
                Secretary of Health and Human Services.
                    (C) Smart card.--The term ``smart card'' means 
                identification used by a Medicare beneficiary or a 
                Medicare provider that includes anti-fraud attributes. 
                Such a card--
                            (i) may rely on existing commercial data 
                        transfer networks or on a network of 
                        proprietary card readers or databases; and
                            (ii) may include--
                                    (I) cards using technology adapted 
                                from the financial services industry;
                                    (II) cards containing individual 
                                biometric identification, provided that 
                                such identification is encrypted and 
                                not contained in any central database;
                                    (III) cards adapting technology and 
                                processes utilized in the TRICARE 
                                program under chapter 55 of title 10, 
                                United States Code, or by the Veterans' 
                                Administration; or
                                    (IV) such other technology as the 
                                Secretary determines appropriate.

SEC. 303. PROHIBITION OF THE DISPLAY, SALE, OR PURCHASE OF SOCIAL 
              SECURITY NUMBERS.

    (a) Prohibition.--
            (1) In general.--Chapter 47 of title 18, United States 
        Code, is amended by inserting after section 1028A the 
        following:
``Sec. 1028B. Prohibition of the display, sale, or purchase of Social 
              Security numbers
    ``(a) Definitions.--In this section:
            ``(1) Display.--The term `display' means to intentionally 
        communicate or otherwise make available (on the Internet or in 
        any other manner) to the general public an individual's Social 
        Security number.
            ``(2) Person.--The term `person' means any individual, 
        partnership, corporation, trust, estate, cooperative, 
        association, or any other entity.
            ``(3) Purchase.--The term `purchase' means providing 
        directly or indirectly, anything of value in exchange for a 
        Social Security number.
            ``(4) Sale.--The term `sale' means obtaining, directly or 
        indirectly, anything of value in exchange for a Social Security 
        number.
            ``(5) State.--The term `State' means any State of the 
        United States, the District of Columbia, Puerto Rico, the 
        Northern Mariana Islands, the United States Virgin Islands, 
        Guam, American Samoa, and any territory or possession of the 
        United States.
    ``(b) Limitation on Display.--No person may display any 
individual's Social Security number to the general public without the 
affirmatively expressed consent of the individual.
    ``(c) Limitation on Sale or Purchase.--Except as otherwise provided 
in this section, no person may sell or purchase any individual's Social 
Security number without the affirmatively expressed consent of the 
individual.
    ``(d) Prerequisites for Consent.--In order for consent to exist 
under subsection (b) or (c), the person displaying or seeking to 
display, selling or attempting to sell, or purchasing or attempting to 
purchase, an individual's Social Security number shall--
            ``(1) inform the individual of the general purpose for 
        which the number will be used, the types of persons to whom the 
        number may be available, and the scope of transactions 
        permitted by the consent; and
            ``(2) obtain the affirmatively expressed consent 
        (electronically or in writing) of the individual.
    ``(e) Exceptions.--
            ``(1) In general.--Nothing in this section shall be 
        construed to prohibit or limit the display, sale, or purchase 
        of a Social Security number--
                    ``(A) required, authorized, or excepted under any 
                Federal law;
                    ``(B) for a public health purpose, including the 
                protection of the health or safety of an individual in 
                an emergency situation;
                    ``(C) for a national security purpose;
                    ``(D) for a law enforcement purpose, including the 
                investigation of fraud and the enforcement of a child 
                support obligation;
                    ``(E) if the display, sale, or purchase of the 
                number is for a use occurring as a result of an 
                interaction between businesses, governments, or 
                business and government (regardless of which entity 
                initiates the interaction), including--
                            ``(i) the prevention of fraud (including 
                        fraud in protecting an employee's right to 
                        employment benefits);
                            ``(ii) the facilitation of credit checks or 
                        the facilitation of background checks of 
                        employees, prospective employees, or 
                        volunteers;
                            ``(iii) the retrieval of other information 
                        from other businesses, commercial enterprises, 
                        government entities, or private nonprofit 
                        organizations; or
                            ``(iv) when the transmission of the number 
                        is incidental to, and in the course of, the 
                        sale, lease, franchising, or merger of all, or 
                        a portion of, a business;
                    ``(F) if the transfer of such a number is part of a 
                data matching program involving a Federal, State, or 
                local agency; or
                    ``(G) if such number is required to be submitted as 
                part of the process for applying for any type of 
                Federal, State, or local government benefit or program.
            ``(2) Rule of construction.--Nothing in this subsection 
        shall be construed as permitting a professional or commercial 
        user to display or sell a Social Security number to the general 
        public.
    ``(f) Limitation.--Nothing in this section shall prohibit or limit 
the display, sale, or purchase of Social Security numbers as permitted 
under title V of the Gramm-Leach-Bliley Act (15 U.S.C. 6801 et seq.), 
or for the purpose of affiliate sharing as permitted under the Fair 
Credit Reporting Act (15 U.S.C. 1681 et seq.), except that no entity 
regulated under such Acts may make Social Security numbers available to 
the general public, as may be determined by the appropriate regulators 
under such Acts. For purposes of this subsection, the general public 
shall not include affiliates or unaffiliated third-party business 
entities as may be defined by the appropriate regulators.''.
            (2) Conforming amendment.--The chapter analysis for chapter 
        47 of title 18, United States Code, is amended by inserting 
        after the item relating to section 1028 the following:

``1028B. Prohibition of the display, sale, or purchase of Social 
                            Security numbers.''.
    (b) Study; Report.--
            (1) In general.--The Attorney General shall conduct a study 
        and prepare a report on all of the uses of Social Security 
        numbers permitted, required, authorized, or excepted under any 
        Federal law. The report shall include a detailed description of 
        the uses allowed as of the date of enactment of this Act, the 
        impact of such uses on privacy and data security, and shall 
        evaluate whether such uses should be continued or discontinued 
        by appropriate legislative action.
            (2) Report.--Not later than 1 year after the date of the 
        enactment of this Act, the Attorney General shall report to 
        Congress findings under this subsection. The report shall 
        include such recommendations for legislation based on criteria 
        the Attorney General determines to be appropriate.
    (c) Effective Date.--The amendments made by this section shall take 
effect on the date that is 30 days after the date on which the final 
regulations promulgated under section 1028B of title 18, United States 
Code, are published in the Federal Register.

SEC. 304. CRIMINAL PENALTIES FOR THE MISUSE OF A SOCIAL SECURITY 
              NUMBER.

    (a) Prohibition of Wrongful Use as Personal Identification 
Number.--No person may obtain any individual's Social Security number 
for purposes of locating or identifying an individual with the intent 
to physically injure, harm, or use the identity of the individual for 
any illegal purpose.
    (b) Criminal Sanctions.--Section 208(a) of the Social Security Act 
(42 U.S.C. 408(a)) is amended--
            (1) in paragraph (8), by inserting ``or'' after the 
        semicolon; and
            (2) by inserting after paragraph (8) the following:
            ``(9) except as provided in subsections (e) and (f) of 
        section 1028B of title 18, United States Code, knowingly and 
        willfully displays, sells, or purchases (as those terms are 
        defined in section 1028B(a) of title 18, United States Code) 
        any individual's Social Security account number without having 
        met the prerequisites for consent under section 1028B(d) of 
        title 18, United States Code; or
            ``(10) obtains any individual's Social Security number for 
        the purpose of locating or identifying the individual with the 
        intent to injure or to harm that individual, or to use the 
        identity of that individual for an illegal purpose;''.

SEC. 305. CIVIL ACTIONS AND CIVIL PENALTIES.

    (a) Civil Action in State Courts.--
            (1) In general.--Any individual aggrieved by an act of any 
        person in violation of this Act or any amendments made by this 
        Act may, if otherwise permitted by the laws or rules of the 
        court of a State, bring in an appropriate court of that State--
                    (A) an action to enjoin such violation;
                    (B) an action to recover for actual monetary loss 
                from such a violation, or to receive up to $500 in 
                damages for each such violation, whichever is greater; 
                or
                    (C) both such actions.
        It shall be an affirmative defense in any action brought under 
        this paragraph that the defendant has established and 
        implemented, with due care, reasonable practices and procedures 
        to effectively prevent violations of the regulations prescribed 
        under this Act. If the court finds that the defendant willfully 
        or knowingly violated the regulations prescribed under this 
        subsection, the court may, in its discretion, increase the 
        amount of the award to an amount equal to not more than 3 times 
        the amount available under subparagraph (B).
            (2) Statute of limitations.--An action may be commenced 
        under this subsection not later than the earlier of--
                    (A) 5 years after the date on which the alleged 
                violation occurred; or
                    (B) 3 years after the date on which the alleged 
                violation was or should have been reasonably discovered 
                by the aggrieved individual.
            (3) Nonexclusive remedy.--The remedy provided under this 
        subsection shall be in addition to any other remedies available 
        to the individual.
    (b) Civil Penalties.--
            (1) In general.--Any person who the Attorney General 
        determines has violated any section of this Act or any of the 
        amendments made by this Act shall be subject, in addition to 
        any other penalties that may be prescribed by law--
                    (A) to a civil penalty of not more than $5,000 for 
                each such violation; and
                    (B) to a civil penalty of not more than $50,000, if 
                the violations have occurred with such frequency as to 
                constitute a general business practice.
            (2) Determination of violations.--Any willful violation 
        committed contemporaneously with respect to the Social Security 
        numbers of 2 or more individuals by means of mail, 
        telecommunication, or otherwise, shall be treated as a separate 
        violation with respect to each such individual.
            (3) Enforcement procedures.--The provisions of section 
        1128A of the Social Security Act (42 U.S.C. 1320a-7a), other 
        than subsections (a), (b), (f), (h), (i), (j), (m), and (n) and 
        the first sentence of subsection (c) of such section, and the 
        provisions of subsections (d) and (e) of section 205 of such 
        Act (42 U.S.C. 405) shall apply to a civil penalty action under 
        this subsection in the same manner as such provisions apply to 
        a penalty or proceeding under section 1128A(a) of such Act (42 
        U.S.C. 1320a-7a(a)), except that, for purposes of this 
        paragraph, any reference in section 1128A of such Act (42 
        U.S.C. 1320a-7a) to the Secretary shall be deemed to be a 
        reference to the Attorney General.

  TITLE IV--STRENGTHENING LAWS AND IMPROVING ENFORCEMENT AGAINST TAX-
                         RELATED IDENTITY THEFT

SEC. 401. CRIMINAL PENALTY FOR USING A FALSE IDENTITY IN CONNECTION 
              WITH TAX FRAUD.

    (a) In General.--Section 7206 of the Internal Revenue Code of 1986 
is amended--
            (1) by striking ``Any person'' and inserting the following:
    ``(a) In General.--Any person'', and
            (2) by adding at the end the following new subsection:
    ``(b) Use of False Identity.--Any person who willfully 
misappropriates another person's taxpayer identity (as defined in 
section 6103(b)(6)) for the purpose of making any list, return, 
account, statement, or other document submitted to the Secretary under 
the provisions of this title shall be guilty of a felony and, upon 
conviction thereof, shall be fined not more than $250,000 ($500,000 in 
the case of a corporation) or imprisoned not more than 5 years, or 
both, together with the costs of prosecution.''.
    (b) Aggravated Identity Theft.--Section 1028A(c) of title 18, 
United States Code, is amended by striking ``or'' at the end of 
paragraph (10), by striking the period at the end of paragraph (11) and 
inserting ``; or'', and by adding at the end the following new 
paragraph:
            ``(12) section 7206(b) of the Internal Revenue Code of 1986 
        (relating to use of false identity in connection with tax 
        fraud).''.
    (c) Effective Date.--The amendments made by this section shall 
apply to offenses committed after the date of the enactment of this 
Act.

SEC. 402. INCREASED PENALTY FOR IMPROPER DISCLOSURE OR USE OF 
              INFORMATION BY PREPARERS OF RETURNS.

    (a) In General.--Section 6713(a) of the Internal Revenue Code of 
1986 is amended--
            (1) by striking ``$250'' and inserting ``$1,000'', and
            (2) by striking ``$10,000'' and inserting ``$50,000''.
    (b) Criminal Penalty.--Section 7216(a) of the Internal Revenue Code 
of 1986 is amended by striking ``$1,000'' and inserting ``$100,000''.
    (c) Effective Date.--The amendments made by this section shall 
apply to disclosures or uses after the date of the enactment of this 
Act.

SEC. 403. AUTHORITY TO TRANSFER INTERNAL REVENUE SERVICE APPROPRIATIONS 
              TO COMBAT TAX FRAUD.

    For any fiscal year, the Commissioner of Internal Revenue may 
transfer not more than $10,000,000 to any account of the Internal 
Revenue Service from amounts appropriated to other Internal Revenue 
Service accounts. Any amounts so transferred shall be used solely for 
the purposes of preventing, detecting, and resolving potential cases of 
tax fraud.

SEC. 404. LOCAL LAW ENFORCEMENT LIAISON.

    (a) Establishment.--The Commissioner of Internal Revenue shall 
establish within the Criminal Investigation Division of the Internal 
Revenue Service the position of Local Law Enforcement Liaison.
    (b) Duties.--The Local Law Enforcement Liaison shall serve as the 
primary source of contact for State and local law enforcement 
authorities with respect to tax-related identity theft and other tax 
fraud matters, having duties that shall include--
            (1) receiving information from State and local law 
        enforcement authorities;
            (2) responding to inquiries from State and local law 
        enforcement authorities;
            (3) administering authorized information-sharing 
        initiatives with State or local law enforcement authorities and 
        reviewing the performance of such initiatives;
            (4) ensuring any information provided through authorized 
        information-sharing initiatives with State or local law 
        enforcement authorities is used only for the prosecution of 
        identity theft-related crimes and not re-disclosed to third 
        parties; and
            (5) any other duties as delegated by the Commissioner of 
        Internal Revenue.

SEC. 405. EXTEND INTERNAL REVENUE SERVICE AUTHORITY TO REQUIRE 
              TRUNCATED SOCIAL SECURITY NUMBERS ON FORM W-2.

    (a) In General.--Paragraph (2) of section 6051(a) of the Internal 
Revenue Code of 1986 is amended by striking ``his social security 
number'' and inserting ``an identifying number for the employee''.
    (b) Effective Date.--The amendment made by this section shall take 
effect on the date of the enactment of this Act.

SEC. 406. CLARIFICATION WITH RESPECT TO REGULATION OF FEDERAL TAX 
              RETURN PREPARERS.

    (a) In General.--Subsection (a) of section 330 of title 31, United 
States Code, is amended--
            (1) by striking paragraph (1) and inserting the following:
            ``(1) regulate--
                    ``(A) the practice of representatives of persons 
                before the Department of the Treasury; and
                    ``(B) the practice of tax return preparers; and'', 
                and
            (2) in paragraph (2)--
                    (A) by inserting ``or tax return preparer'' after 
                ``representative'' each place it appears, and
                    (B) by inserting ``or in preparing their tax 
                returns, claims for refund, or documents in connection 
                with tax returns or claims for refund'' after ``cases'' 
                in subparagraph (D).
    (b) Authority To Sanction Regulated Tax Return Preparers.--
Subsection (b) of section 330 of title 31, United States Code, is 
amended--
            (1) by striking ``before the Department'',
            (2) by inserting ``or tax return preparer'' after 
        ``representative'' each place it appears, and
            (3) in paragraph (4), by striking ``misleads or threatens'' 
        and all that follows and inserting ``misleads or threatens--
                    ``(A) any person being represented or any 
                prospective person being represented; or
                    ``(B) any person or prospective person whose tax 
                return, claim for refund, or document in connection 
                with a tax return or claim for refund, is being or may 
                be prepared.''.
    (c) Tax Return Preparer Defined.--Section 330 of title 31, United 
States Code, is amended by adding at the end the following new 
subsection:
    ``(e) Tax Return Preparer.--For purposes of this section--
            ``(1) In general.--The term `tax return preparer' has the 
        meaning given such term under section 7701(a)(36) of the 
        Internal Revenue Code of 1986.
            ``(2) Tax return.--The term `tax return' has the meaning 
        given to the term `return' under section 6696(e)(1) of the 
        Internal Revenue Code of 1986.
            ``(3) Claim for refund.--The term `claim for refund' has 
        the meaning given such term under section 6696(e)(2) of such 
        Code.''.

SEC. 407. AUTHENTICATION OF USERS OF ELECTRONIC SERVICES ACCOUNTS.

    (a) In General.--The Commissioner of Internal Revenue shall 
establish a program to verify the identity of any individual opening an 
e-Services account with the Internal Revenue Service before such 
individual is able to use the e-Services tools.
    (b) Report.--The Commissioner of Internal Revenue shall report to 
the Committee on Finance of the Senate and the Committee on Ways and 
Means of the House of Representatives, not later than 1 year after the 
date of the enactment of this Act, on any further legislative 
recommendations to prevent fraud relating to the Internal Revenue 
Service e-Services tools, including an authorized e-file provider 
program.

SEC. 408. IDENTITY VERIFICATION BY TAX RETURN PREPARERS REQUIRED.

    (a) In General.--Section 6695 of the Internal Revenue Code of 1986 
is amended by adding at the end the following new subsection:
    ``(i) Failure To Verify Taxpayer Identity.--Any person who is a tax 
return preparer with respect to any return or claim for refund who 
fails to verify (in such manner and with such documentation as the 
Secretary shall provide) the identity of the taxpayer with respect to 
such return or claim for refund shall pay a penalty of $500 for each 
such failure.''.
    (b) Effective Date.--The amendment made by this section shall apply 
to returns or claims for refund filed after December 31, 2014.

    TITLE V--ACCELERATING TRANSITION TO A REAL-TIME TAX SYSTEM THAT 
                  PROTECTS TAXPAYERS AND REDUCES FRAUD

SEC. 501. IMPROVEMENT IN ACCESS TO INFORMATION IN THE NATIONAL 
              DIRECTORY OF NEW HIRES FOR TAX ADMINISTRATION PURPOSES.

    (a) In General.--Paragraph (3) of section 453(i) of the Social 
Security Act (42 U.S.C. 653(i)) is amended to read as follows:
            ``(3) Administration of federal tax laws.--The Secretary of 
        the Treasury shall have access to the information in the 
        National Directory of New Hires for purposes of administering 
        the Internal Revenue Code of 1986.''.
    (b) Effective Date.--The amendment made by this section shall take 
effect on the date of the enactment of this Act.

SEC. 502. PLAN OF ACTION FOR TRANSITIONING TO A REAL-TIME TAX SYSTEM.

    Not later than 270 days after the date of the enactment of this 
Act, the Secretary of the Treasury, or the Secretary's delegate, shall 
submit to Congress a report analyzing and outlining options and 
potential timelines for moving toward a tax system that reduces burdens 
on taxpayers and decreases tax fraud through real-time information 
matching.
                                 <all>