FATCA Security Risks with Sensitive Data

The Foreign Account Tax Compliance Act, commonly called “FATCA” has caused Americans abroad to be fearful of security risks when their personal financial information is reported by non-US financial institutions or foreign government agencies to the IRS. FATCA reporting will include the name, address and taxpayer identification number of each US account holder at the financial institution; the account number; account balance and value; the account’s gross receipts and gross withdrawals or payments; and other account related information requested by the Internal Revenue Service (IRS). The Treasury Inspector General for Tax Administration has expressed concerns with the security of data transmission as mandated by FATCA.  In September of 2014 the IRS issued a fraud alert to all international financial institutions that are complying with FATCA. Scam artists posing as the IRS have fraudulently solicited financial institutions seeking account holder identities as well as financial account information.  Financial institutions directly registered to comply with FATCA, and those in jurisdictions that are treated as having an IGA in effect to implement the FATCA provisions through their home governments, have already been approached by parties impersonating themselves as the IRS. The IRS now has reports of incidents from various countries and continents.