How the IRS Uses Third-Party Data Brokers in Tax Enforcement

Overview

In recent years the IRS has stepped up use of commercially available data to improve enforcement and find cases of underreported income or other noncompliance. Third‑party data brokers aggregate information from payment processors, public records, credit bureaus, online marketplaces, and other commercial sources. The IRS uses those data points to cross‑reference returns and information returns (e.g., W‑2s and Forms 1099) and to help prioritize audits and correspondence reviews.

This article explains how the IRS uses this data, legal limits and safeguards, what types of taxpayers are most likely to be affected, and practical steps you can take if the IRS contacts you. In my 15+ years advising individuals and small businesses, I’ve seen data‑broker signals trigger correspondence and audits — but clear documentation often resolves questions quickly.

Sources: IRS privacy and disclosure rules (IRC §6103), IRS recordkeeping guidance, and Consumer Financial Protection Bureau (CFPB) materials on data brokers.

How the IRS obtains third‑party data

The IRS does not compile every data point itself. Instead it receives and purchases aggregated commercial data from private vendors and compares that data against tax filings and the agency’s own information returns. Typical data sources include:

• Payment processors and marketplace platforms (aggregated volumes and transaction patterns).
• Commercial credit and identity firms (transaction histories, business registrations).
• Public records (property ownership, mortgages, liens, vehicle titles).
• Aggregated online data (advertising profiles, business listings).

The IRS also receives mandatory information returns (Forms W‑2, 1099 series, etc.). Data brokers can supplement those returns with behavioral signals — for example, a high volume of card activity in a small‑business category or receipts from gig platforms — that suggest additional taxable activity.

Where to learn more: see the IRS overview of taxpayer privacy and disclosure rules (https://www.irs.gov/privacy‑disclosure/overview) and general consumer guidance on data brokers from the CFPB (https://www.consumerfinance.gov/).

What the IRS uses the data for

Third‑party data brokers support several enforcement uses:

• Case selection and scoring. The IRS uses models and analytics to prioritize audits and correspondence checks; brokered data can raise a compliance score for a return.
• Automated matching. The agency matches broker data to filed returns and information returns to identify discrepancies.
• Investigative leads. For suspected fraud or large anomalies, broker data can produce leads about unreported income, undisclosed assets, or identity issues.
• Verification for compliance programs. The agency uses external data to validate claims for credits or deductions with high fraud risk.

These uses are intended to increase efficiency and focus resources where the likelihood of significant noncompliance is highest.

Legal limits and taxpayer privacy protections

Although the IRS uses commercial data, it operates under strict confidentiality and statutory limits. Key protections include:

• IRC §6103 (tax return secrecy). The IRS must protect return information and can only disclose returns or return information under specific authorized circumstances; internal use for enforcement is permitted but external disclosure is limited (see IRS Privacy page).
• Administrative and contractual safeguards. When the IRS buys or accesses commercial datasets, vendors are generally required to meet data‑security and use‑restriction standards.
• Accuracy and relevancy standards. Commercial data are often noisy. The IRS generally follows up with taxpayers prior to making a final assessment and provides appeal rights.

You can read more about how the IRS treats taxpayer information at the IRS privacy overview: https://www.irs.gov/privacy‑disclosure/overview.

Which taxpayers are most likely to be affected

Data‑driven selection tends to focus on complexity and mismatch. Taxpayers with the following profiles are more likely to draw attention:

• Small business owners and sole proprietors who receive electronic payments through merchant processors or gig platforms.
• Sellers on online marketplaces and platforms.
• Real‑estate investors with multiple properties or liens shown in public records.
• High spenders whose lifestyle or property holdings appear inconsistent with reported income.

That said, data‑broker signals alone do not determine liability — they’re used as triggers for review.

Common real‑world scenarios

• Payment processor mismatch: A taxpayer reported low business income, but a brokered data feed showed sustained, high-volume card transactions linked to the business. The IRS opened a correspondence audit requesting bank and merchant statements. Properly organized records resolved the inquiry with a modest adjustment.

• Rental property discrepancy: Public records showed multiple property purchases and refinanced loans while reported rental income was minimal. The IRS examined bank deposits and lease agreements and proposed an adjustment where gross rents were materially understated.

• Marketplace sales: A part‑time online seller’s platform reports suggested much higher sales than reported on tax returns. An information‑matching notice led to amended returns and payment of tax and penalties in one case where records were incomplete.

These examples reflect typical patterns I’ve encountered advising clients; documentation and early professional help usually limit escalation.

How to respond if the IRS contacts you

1. Read the notice carefully. IRS notices will identify the reason for contact (e.g., information mismatch). Don’t ignore it.
2. Gather records. Collect bank and merchant statements, invoices, contracts, receipts, and any platform reports that substantiate the amounts you reported. The IRS recommends keeping most business records for at least three years; retain 6 years if you substantially understate income — see IRS recordkeeping guidance: https://www.irs.gov/businesses/small‑businesses‑self‑employed/recordkeeping.
3. Correct errors proactively. If you discover you underreported, you can usually file an amended return (Form 1040X for individuals).
4. Get representation. If the matter is complex, a CPA, enrolled agent, or tax attorney can handle communications and negotiate on your behalf — including appeals and collection alternatives. See FinHelp guidance on preparing for audits ([What to Expect During a Tax Audit: Procedures and Tips](