Law Enforcement

Cybercrime at the center of IRS investigations in 2019

bitcoin in data center 

For decades, the type of the crimes pursued by the IRS have remained consistent: tax fraud, identity theft, money laundering and tax evasion. What has changed is the way those crimes are carried out, with officials emphasizing a wholesale shift in tax and financial criminal activity to the cyber domain.

In an annual report released this week, the IRS Criminal Investigations Unit details just how much the agency's investigative arm has evolved over the past decade as the Internet has become the primary stage for criminals and businesses to carry out financial crime or evade their tax obligations.

According to the report, the unit added 117 special agents to its workforce over the past year, but the agency loses about 130-150 agents every year, creating resource constraints. In addition to building up their own staff and capabilities, CIU has increasingly partnered with other law enforcement agencies in the federal government, foreign allies, private industry and even academia. These other stakeholders have "capabilities and data scientists and computer program software" that IRS lacks, and the way money moves quickly across borders online means the agency cannot rely solely on internal resources to do its job.

"This is the next wave of crime that is going on in front of our eyes," Don Fort, Chief of the Criminal Investigations Unit, said on a call with reporters. "The movement of money occurs in a split second and it requires us to really employ new ways of investigating and solving these crimes, and it really is all about collaboration and partnership."

Fort said that as the agency has undergone a decade of budget cuts and workforce shrinkage, those lean years have led to "wiser" investments, hiring agents with backgrounds in digital forensics, data analysis, encryption and navigating the dark web.

"I've talked about over the past couple of years about our investment in cyber and cyber investigations, both tax and non-tax, our work in data analytics…those are all things that we've invested in wisely over the last couple of years and now that we're adding additional resources, we'll continue to invest in those areas because we're really starting to see the fruits of our labor in that regard," Fort said.

That fruit includes $1.8 billion in tax fraud identified, another $4.4 billion for other financial crimes and the seizure of 1.24 petabytes of data over the past year. The unit's mandate is primarily around tax crimes, but its agents are also involved in broader investigation efforts within the federal government and abroad through international partnerships like the J5.

"The fact of the matter is, if a case involves money and it's a crime that rises to the federal level, IRS-CI almost always has jurisdiction," Deputy Chief Jim Lee wrote in an introductory note for the report.

In particular, tracking and investigating the use of cryptocurrencies by companies or individuals to evade taxes or engage in criminal has become the division's "bread and butter" and given it a prominent seat at the table in broader law enforcement investigations.

IRS officials pointed to the arrest and prosecution this year of a 23-year-old South Korean man Jong Woo Son and hundreds of individuals inside the United States in connection with the "Welcome to Video" child pornography and exploitation site, calling it a prime example of how their cryptocurrency tracking techniques trickle out into larger criminal cases. The dark web site charged users fees in Bitcoin, so investigators sent funds to Welcome to Video and used services by contractor Chainalysis to track those payments to Son as well as users.

Looking ahead to 2020, Fort said that while many of the most notable cyber cases this year dealt with money laundering and non-tax crimes, he anticipates that a bulk of active investigations going into next year will largely show how cryptocurrencies and cyber means are being used to facilitate tax-related crimes. Additionally, he said the agency will continue to explore involvement in multi-agency task forces where their expertise in areas like tracking cryptocurrency provide unique value.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at [email protected], or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Veterans Affairs
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA health record go-live pushed back to July

    The Department of Veterans Affairs is delaying a planned initial deployment of its $16 billion electronic health record project by four months, but is promising added functionality at the go-live date.

  • Workforce
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    Esper says he didn't seek the authority to gut DOD unions

    Defense Secretary Mark Esper told lawmakers he was waiting for a staff analysis of a recent presidential memo before deciding whether to leverage new authority.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.