IRS Warns Financial Institutions of Scams Designed to Steal FATCA-Related
Account Data

WASHINGTON — The Internal Revenue Service today issued a fraud alert for international financial
institutions complying with the Foreign Account Tax Compliance Act (FATCA).  Scam artists posing as the
IRS have fraudulently solicited financial institutions seeking account holder identity and financial account
information.

The IRS does not require financial institutions to provide specific account holder identity information or
financial account information over the phone or by fax or email.  Further, the IRS does not solicit FATCA
registration passwords or similar confidential account access information.

“Tax scams using the IRS name can take many forms and they are not limited by national borders,” said IRS
Commissioner John Koskinen.  “People should always be cautious before sending sensitive information to
anyone.”

Financial institutions directly registered to comply with FATCA and those in jurisdictions that are treated as
having in effect intergovernmental agreements (IGAs) to implement FATCA through intergovernmental
cooperation have been approached by persons representing themselves as the IRS.  The IRS has reports of
incidents from multiple countries and continents.

These fraudulent solicitations are known as “phishing” scams.  These types of scams are typically carried
out through the use of unsolicited emails and/or websites that pose as legitimate contacts in order to
deceptively obtain personal or financial information.

Financial institutions or their representatives that suspect they are the subject of a “phishing” scam should
report the matter to the Treasury Inspector General for Tax Administration (TIGTA) at 800-366-4484, or
through TIGTA’s secure website.  Any suspicious emails that contain attachments or links in the message
should not be opened, and the email should be forwarded to phishing@irs.gov.