Tax Ombud to investigate widespread taxpayer profile hijackings

Posted on 2 Comments

The tax fraternity is at its wits end over the unabated hijacking of taxpayers’ and tax practitioners’ electronic profiles and has now turned to the Office of the Tax Ombud (OTO) for intervention.

Tax practitioners are deeply concerned about the ease with which scamsters can bypass security protocols, thereby undermining the integrity of the tax system and eroding trust and confidence in the system.

Members from recognised controlling bodies, South African Tax Practitioners United (SATPU), and individual taxpayers approached the OTO after hijackings started escalating in April this year.

The annual tax filing season for individuals and trusts starts in July. Scamsters are particularly active when taxpayers are filing their returns and refunds are paid out.

Tax Ombud Yanga Mputa and her office held a meeting with stakeholders last week to discuss the most pressing issues. It also attempted to identify some of the “low-hanging fruit” that the South African Revenue Service (SARS) can immediately tackle to assist taxpayers.

Systemic investigation

Mputa expressed her office’s intention to conduct a systemic investigation into the matter, given the number of complaints it has received, the slow progress with resolving the problem, and the fact that the problem extends back to 2021.

The OTO is mandated to review any systemic and emerging issues relating to service matters, the application of the Tax Administration Act, or the procedural and administrative provisions of a tax Act. The investigation can be initiated either at the request of the Minister of Finance or at the initiative of the Tax Ombud with the minister’s approval.

Theo Burrows, the secretary general of SATPU, says the increase in incidents where taxpayers’ eFiling passwords, bank account details, and email addresses were changed is dominating discussions on chat forums.

During the OTO meeting, Burrows said South Africans are vulnerable to the government’s administrative processes. They already have a “fragile relationship” with government institutions.

“SARS is an institution that we need to have a high level of confidence and trust in. It is the recipient and custodian of demographic, personal, and financial information.”

Although there is appreciation for the modernisation drive at SARS, many things – mostly unintentional – are disrupting and affecting access to services.

Security protocols

The fact that security protocols can be bypassed with incredible speed and apparent ease inadvertently raises the question how it can happen without internal support from SARS.

“All of these issues undermine confidence in SARS, and it creates mistrust,” Burrows adds.

Mark Kingon, the head of leverage legal products at SARS, said there is no evidence of any staff members being involved in the hackings or assisting hackers to change passwords, bank account details, or email addresses.

During the discussion, two banks were constantly singled out as “hacker favourites”. Kingon cautioned against restricting it to the two banks and oversimplifying the issue.

“Each bank has got its own risk appetite in terms of registering clients. It is not standard, but we are equally concerned, and we are engaging on the matter of how easily a bank account can be opened.”

SARS has also noticed the appearance of “sub-accounts” under a main bank account where fraud may transpire. “It is a moving target, and we need to remain on top of our game. We will always acknowledge that we can communicate better, and our team needs to be more responsive.”

Syndicate involvement

SARS has established a specialised digital fraud unit that deals with profile hacking, which is supposed to enable a “seamless process” to report digital fraud on the SARS online query system.

Talitha Muade, the senior operations manager at the OTO, says most of the cases that have been reported to the OTO and referred to SARS remain unresolved. “The feedback that we received is that most of the complaints are linked to syndicates, and these investigations take longer for SARS to finalise.”

The OTO was scheduled to meet with the digital fraud unit to obtain an update on the complaints that have remained unresolved for some time. Maude invited tax practitioners or taxpayers who have not yet approached the OTO to contact the office to add their cases to the ones already reported to SARS.

Investment focus

Thabo Legwaila, the OTO’s chief executive, says the vast investment in the automation and digitalisation of tax administration was highlighted during a recent conference on taxpayer rights in Belgium.

This is welcomed and necessary, he says. However, taxpayers are conscious of the fact that there seems to be more focus by the tax authorities on instruments to collect taxes without equal attention and investment in taxpayer protection. This may compromise the tax system.

Kingon has invited taxpayers and practitioners to report digital fraud at

They can email SARS at if there is no response, or if they want feedback on their cases.

Role-players also emphasised the need for other players in the financial sector, such as the Banking Ombud, the Financial Intelligence Centre, and the Financial Sector Conduct Authority, to get on board.

Amanda Visser is a freelance journalist who specialises in tax and has written about trade law, competition law, and regulatory issues.

Disclaimer: The views expressed in this article are those of the writer and are not necessarily shared by Moonstone Information Refinery or its sister companies. The information in this article does not constitute financial planning, legal or tax advice that is appropriate to every individual’s needs and circumstances.

2 thoughts on “Tax Ombud to investigate widespread taxpayer profile hijackings

  1. I personally am a victim of the syndicate that appears to be from within SARS. I’m saying this because
    1. A suspicious audit was initiated on my personal capacity that had no traceability
    2. Then in April a list of ghost employees were submitted under my company. My profile was hacked. Case reported to the police and to SARS, but SARS hasn’t cleared me on this.

  2. My profile it’s hacked earlier May 2024. I can’t access my profile anymore. I reportered the matter to sars however they can’t make it possible that forced me to report it to fraud help line. The case is registered as I’m saying.

Comments are closed.