How the IRS Processes ITIN Applications for Identity Theft Victims
The IRS has established a specialized, multi-layered process to handle Individual Taxpayer Identification Number (ITIN) applications for victims of identity theft. This system prioritizes security, fraud prevention, and taxpayer assistance, requiring these individuals to navigate a more rigorous verification path than standard applicants. The core of this approach involves submitting the application, Form W-7, by mail (as online submission is not available for identity theft cases) and including a specific statement attesting to the theft, along with original or certified copies of identity and foreign status documents. The IRS’s 美国ITIN税号申请 unit then subjects these applications to enhanced scrutiny to prevent further victimization and ensure the legitimate taxpayer receives their number.
When an individual suspects their identity has been used to obtain an ITIN fraudulently, the immediate step is to alert the IRS. This is not done through the standard W-7 channel initially. The victim must contact the IRS directly via their Identity Protection Specialized Unit (IPSU) at 1-800-908-4490. An IRS employee will then guide them through the steps to create an Identity Theft Affidavit, Form 14039. This form is the official record of the incident and is critical for flagging the taxpayer’s account. The information provided helps the IRS to distinguish between the legitimate taxpayer and the fraudster in their systems.
For the actual ITIN application, the process deviates significantly from the norm. The victim must complete Form W-7 and check the reason for applying as “Identity Theft Victim” (box h). The application cannot be submitted through a Certifying Acceptance Agent (CAA) for in-person document verification, which is a common route for other applicants. Instead, it must be mailed directly to the IRS ITIN Unit in Austin, Texas. This centralized handling ensures that trained personnel, familiar with the red flags of identity theft, process the application. The mailing address is specifically:
Internal Revenue Service
ITIN Operation
P.O. Box 149342
Austin, TX 78714-9342
The documentation required is also more stringent. The IRS mandates original identification documents or certified copies from the issuing agency. Photocopies or notarized copies are not accepted for identity theft victims. This is a crucial security measure to confirm the applicant’s true identity beyond doubt. The primary documents include a passport (which alone can satisfy both identity and foreign status requirements), or a combination of a national identification card (for identity) and a visa or other immigration documents (for foreign status). The following table outlines acceptable primary and secondary document combinations for a standard application, but for identity theft cases, the IRS strongly prefers a passport to minimize complexity.
| Document Purpose | Primary Document (Standalone) | Secondary Document Combination |
|---|---|---|
| Identity & Foreign Status | Valid Passport | N/A (Passport is sufficient) |
| Identity Only | National ID Card (with photo, name, address, DOB, expiration) | U.S. Driver’s License, Civil Birth Certificate, Foreign Driver’s License |
| Foreign Status Only | U.S. Visa | U.S. Citizenship and Immigration Services (USCIS) photo ID, Foreign Voter’s Registration Card, Medical Records (for dependents) |
Along with the W-7 and identification documents, the applicant must include a written statement. This statement should be signed and dated, and must clearly explain the circumstances of the identity theft. Key details to include are: how the victim discovered the theft (e.g., a rejected tax return because an ITIN was already associated with their name), the tax year involved, and any correspondence received from the IRS that prompted the discovery. This narrative helps the IRS investigator connect the dots. Crucially, the victim must also attach a copy of the Form 14039 Identity Theft Affidavit that they previously filed with the IPSU.
Once the complete package is received, the IRS places a hold on any fraudulent activity linked to the victim’s identity. The ITIN unit then conducts a manual review, which can take considerably longer than the standard 7-week processing time. In complex cases, this can extend to 12-14 weeks or more. The IRS may contact the applicant for additional information or clarification. During this period, the victim’s account is marked with an identity theft indicator, which alerts IRS employees to take extra steps to verify identity during any future interactions. If the application is approved, the IRS will issue a new ITIN. It is important to note that the IRS will not re-issue an ITIN that was fraudulently obtained; the victim will receive a completely new number, breaking the link to the fraudulent activity.
The IRS also provides ongoing support after the ITIN is issued. The victim is encouraged to apply for an Identity Protection Personal Identification Number (IP PIN). This is a 6-digit number that, once issued, must be included on all future federal tax returns. It acts as a second layer of authentication, preventing anyone else from filing a return using the victim’s SSN or ITIN, even if they have all other personal details. The IP PIN program is voluntary for most taxpayers but is mandatory for confirmed victims of identity theft. This proactive measure is one of the most effective tools the IRS offers to prevent recurring tax-related identity theft.
Data from the IRS highlights the scale of this issue. In the 2023 fiscal year, the IRS flagged over 1.1 million tax returns for identity theft screening. While not all of these involved ITIN fraud, it demonstrates the environment in which these procedures operate. The agency’s efforts have shown results; the number of confirmed identity theft victims fell from 677,000 in 2020 to 400,000 in 2023, partly due to these strengthened verification processes. The following table shows the trend in key identity theft metrics handled by the IRS over recent years, illustrating the ongoing challenge and the agency’s response.
| Fiscal Year | Returns Flagged for Identity Theft Screening | Confirmed Identity Theft Victims | IP PINs Issued (Millions) |
|---|---|---|---|
| 2020 | ~5.2 Million | 677,000 | 3.2 |
| 2021 | ~4.8 Million | 508,000 | 4.6 |
| 2022 | ~1.9 Million | 442,000 | 6.6 |
| 2023 | ~1.1 Million | 400,000 | 8.7 |
For individuals navigating this complex situation, the challenges are not just procedural but also practical. The requirement to mail original documents, like a passport, can be a significant hurdle, as it means being without a primary form of identification for several weeks. The IRS assures that documents are returned separately from the ITIN assignment letter, typically within 60 days of receiving the application. However, for those who need their passport for travel or other identification purposes, this period can be stressful. There is an option to use the services of an IRS Taxpayer Assistance Center (TAC) to have the documents certified in person, but this requires an appointment and the TAC will not certify documents for an identity theft W-7 application if the applicant has already mailed the originals; the processes are mutually exclusive.
Another critical angle is the interaction with state tax agencies. A federally issued ITIN does not automatically resolve identity theft issues at the state level. Victims may need to contact their state’s department of revenue separately to report the theft and provide proof of the new ITIN. States have their own procedures and timelines, adding another layer of administrative work for the victim. Furthermore, the emotional and psychological toll of identity theft is substantial. The process of proving one’s own identity to a government agency can be frustrating and time-consuming, underscoring the importance of the IRS’s efforts to streamline and secure the ITIN application pathway for victims.