Ezel / AG Opinions / CO
CO No. 12-07 2012-12-27

Could Colorado hire a private 'recovery audit' contractor to comb through tax refund records, looking for refunds the state had issued in error?

Short answer: No. The AG concluded that issuing a tax refund is not a 'payment activity' under the Recovery Audit Statute, and a taxpayer is not a 'vendor or other entity.' The Statute therefore did not apply to tax refunds. Reading it otherwise would, in effect, outsource tax auditing to a private consultant and breach broad taxpayer confidentiality rules in § 39-21-113, C.R.S.
Currency note: this opinion is from 2012
Subsequent statutory amendments, court decisions, or later AG opinions may have changed the analysis. Treat this page as historical context, not current legal advice. Verify current law before relying on any specific rule, deadline, or remedy mentioned here.
Disclaimer: This is an official Colorado Attorney General opinion. AG opinions are persuasive authority but not binding precedent. This summary is for informational purposes only and is not legal advice. Consult a licensed Colorado attorney for advice on your specific situation.

Opinion 12-07: Colorado's Recovery Audit Statute does not reach tax refunds, because issuing a refund is not a "payment activity" and a taxpayer is not a "vendor"

Plain-English summary

In 2010 and 2011, Colorado adopted the Recovery Audit Statute, § 24-30-203.5, C.R.S., to let the State Controller hire private consultants to comb through state agency disbursements looking for "improper payments" — duplicate payments, payments resulting from invoice errors, missed discounts, and similar mistakes. The statute was self-funding: the consultant kept a percentage of what it recovered, so the more it found, the more it earned.

The Department of Revenue and the State Controller asked whether this audit framework reached tax refunds. The question mattered for two reasons: tax refunds run through the Controller's voucher process like other state disbursements, and unclaimed refund warrants flow into the Unclaimed Property Trust Fund. If the statute applied, a private consultant would gain access to taxpayer-by-taxpayer data and could effectively audit refund claims for accuracy.

The AG said no. Issuing a tax refund is not a "payment activity" of the Department of Revenue. The refund returns money the taxpayer had already deposited. The taxpayer is not a "vendor or other entity" in the contracting sense the statute used; the statute's listed examples (duplicate payments, invoice errors, pricing errors, missed discounts, purchasing-agreement failures) all describe vendor relationships. Letting a private consultant rifle through tax records would breach Colorado's strong taxpayer confidentiality rules under § 39-21-113, C.R.S., and would, in effect, outsource the Department of Revenue's audit function. The AG concluded that if the General Assembly wanted to permit private audits of tax refunds, it would have to write a statute that said so.

Currency note

This opinion was issued in 2012. Subsequent statutory amendments, court decisions, or later AG opinions may have changed the analysis. Treat this page as historical context, not current legal advice. Verify current law before relying on any specific rule, deadline, or remedy mentioned here.

Background and statutory framework

The Recovery Audit Statute, codified at § 24-30-203.5, C.R.S., declared improper payments a serious problem for state agencies. Under the statute, the Controller had to contract with at least one private consultant to perform recovery audits across state government. The statute defined a "recovery audit" as "a financial management technique used to identify improper payments made by a state agency to vendors and other entities in connection with the payment activities of the state." § 24-30-203.5(2)(c), C.R.S. An "improper payment" was one made "to a vendor or other entity" that was made in error or in excess of what the recipient was due. The statutory examples listed duplicate payments, invoice errors, pricing errors, missed discounts and rebates, purchasing-agreement failures, and similar inadvertent errors, all classic vendor-relationship mistakes.

The Department of Revenue's tax-refund process worked differently. Under § 39-21-108(2), C.R.S., the Department issued a refund only after determining that "the tax, penalty, or interest paid by any taxpayer is in excess of the amount due or has been illegally or erroneously collected." That is, refunds returned money the state had already collected from the taxpayer. The Controller issued the warrant; uncashed warrants eventually flowed into the Unclaimed Property Trust Fund under § 38-13-116.5, C.R.S.

Section 39-21-113, C.R.S., set up Colorado's strict taxpayer confidentiality framework. The Department could not "divulge or make known in any way" information from a tax return or an investigation, with narrow statutory exceptions for sharing with other taxing authorities, the Division of Employment and Training, and the Department of Human Services for child support enforcement. Violators faced criminal penalties and, for state employees, dismissal. Colorado courts had described the policy of taxpayer confidentiality as "strong public policy" (Losavio v. Robb, 579 P.2d 1152, 1156 (Colo. 1978)). The Department also relied on access to Federal Tax Information ("FTI") under I.R.C. § 6103, which required adherence to detailed federal handling and confidentiality rules.

What the AG concluded at the time

The AG worked through the Recovery Audit Statute step by step:

The act of issuing a tax refund is not a "payment activity." The refund returns the taxpayer's own previously deposited money after the Department determined the prior collection was excessive or erroneous under § 39-21-108(2). The statutory term "payment activity" assumes the state is paying out for something, not refunding what was overcollected.

A taxpayer is not a "vendor or other entity" within the statute's meaning. The list of examples in § 24-30-203.5(2)(b) made the statute's target clear: vendor-side mistakes like invoice errors, missed discounts, and purchasing-agreement failures. Although that list was not exhaustive, the surrounding language used vendor-relationship terms throughout. Reading "or other entity" to sweep in taxpayers who file refund claims would stretch the statute past its plain meaning.

Even if the statute reached tax refunds, applying it would breach taxpayer confidentiality. Section 39-21-113 protects not only tax returns but also "any information" obtained from a return or from a Department investigation. The Recovery Audit Statute's general waiver of confidentiality (binding the consultant and its employees and agents to the same disclosure rules and penalties) was not specific enough to override § 39-21-113. The Recovery Audit Statute also required the Controller to share consultant reports with the Governor, State Auditor, and legislative audit and joint budget committees, more sharing than the tax confidentiality statute permits.

Applying the statute to tax refunds would also collide with the Department's exclusive statutory authority to assess, refund, and compromise tax cases under §§ 39-21-106, -108, and -112, C.R.S. A private consultant working on percentage commission would have a financial incentive to challenge refund decisions. The AG concluded that Colorado would, in effect, have outsourced part of its tax-audit function to a private firm whose subcontractors could not even be identified up front, an absurd result the legislature could not have intended given the strong public policy of taxpayer confidentiality.

The AG separately concluded that depositing an uncashed refund warrant in the Unclaimed Property Trust Fund did not waive taxpayer confidentiality, that the Department could not confirm or deny the validity of a refund to a consultant, and that a consultant who learned about a refund disbursement from a non-Department source could contact the recipient directly but would be operating outside the scope of any recovery audit authority.

Common questions

Did this opinion stop the Recovery Audit Statute entirely?
No. The Recovery Audit Statute remained in force for the kinds of disbursements it was actually written to address: payments to vendors, contractors, and grantees. The opinion only ruled out applying it to tax refunds.

Could a private consultant ask the Department of Revenue to confirm a particular refund?
No. The AG concluded the Department could not confirm or deny the validity of a refund to a consultant. The "in any way" language in § 39-21-113(4)(a), C.R.S., reaches even a yes-or-no confirmation.

What if the consultant found out about a refund through some other channel (a tip, a public document, a competitor)?
The consultant could contact the refund recipient directly to ask about the refund's validity, but doing so would not be within the scope of the Recovery Audit Statute. The Department itself still could not engage with the consultant on that file.

Does the refund amount have to come back from the Unclaimed Property Trust Fund if the Department decides it was improper?
The Department may reclaim those funds from the UPTF and credit them back to the appropriate state revenue fund under §§ 39-21-108(5)(b) and -108(7)(b), C.R.S. Most other unclaimed property cannot be reclaimed by the state.

What about Federal Tax Information sharing?
The AG flagged that the Department's access to FTI under I.R.C. § 6103 carries strict federal handling rules. Letting a private consultant access Department records that include FTI would put that federal access at risk. The AG did not need to reach this issue to resolve the question presented, but the threat to FTI access was an additional reason to read the Recovery Audit Statute narrowly.

Could the legislature change this?
Yes. The AG was explicit: "Although the General Assembly could craft a statute permitting such audits, it has not done so." Researchers should verify whether subsequent legislation has authorized private contractor access to tax refund records.

Citations

Statutes:

  • § 24-30-203.5, C.R.S. (Recovery Audit Statute)
  • § 24-30-203.5(2)(b), (c), C.R.S. (definitions)
  • § 39-21-108, C.R.S. (tax refund procedure and statute of limitations)
  • § 39-21-113, C.R.S. (taxpayer confidentiality)
  • § 38-13-116.5, C.R.S. (Unclaimed Property Trust Fund)
  • I.R.C. § 6103 (federal taxpayer information protections)

Cases:

  • Huber v. Kenna, 205 P.3d 1158 (Colo. 2009)
  • Knapp-Monarch Co. v. Comm'r, 139 F.2d 863 (8th Cir. 1944)
  • People v. Gutierrez, 222 P.3d 925 (Colo. 2009)
  • Losavio v. Robb, 579 P.2d 1152 (Colo. 1978)
  • Alcon v. Spicer, 113 P.3d 735 (Colo. 2005)

Source

Original opinion text

John W. Suthers, Attorney General
STATE OF COLORADO
Cynthia H. Coffman, Chief Deputy Attorney General
Office of the Attorney General
DEPARTMENT OF LAW
Daniel D. Domenico, Solicitor General

State Services Building
1525 Sherman Street, 7th Floor
Denver, Colorado 80203
Phone (303) 866-4500

FORMAL OPINION OF JOHN W. SUTHERS, Attorney General
No. 12-07
AG Alpha No. LW AG AGBDT
December 27, 2012

On August 28, 2012, Barbara J. Brohl, Executive Director of the Colorado Department of Revenue (the "Department") and David J. McDermott, State Controller within the Colorado Department of Personnel and Administration ("the Controller"), jointly requested a formal legal opinion from this office regarding the applicability of Section 24-30-203.5, C.R.S., (the "Recovery Audit Statute" or the "Statute") to state tax refunds.

QUESTIONS PRESENTED AND SHORT ANSWERS

  1. Section 24-30-203.5(2)(c), C.R.S., provides that a "recovery audit" means a "financial management technique used to identify improper payments made by a state agency to vendors and other entities in connection with the payment activities of the state."

Question 1a. Does the issuance of a tax refund constitute a "payment activity" within the meaning of the Recovery Audit Statute?
Answer 1a. No. The issuance of a tax refund does not constitute a "payment activity" within the meaning of the Recovery Audit Statute.

Question 1b. Is a taxpayer who receives a tax refund a "vendor or other entity" within the meaning of the Recovery Audit Statute?
Answer 1b. No. A taxpayer who receives a tax refund is not a "vendor or other entity" within the meaning of the Recovery Audit Statute.

Question 1c. Does the Recovery Audit Statute create any distinction between a "duplicate payment" and any other payment that was made in error or is in excess of the amount to which the recipient is entitled?
Answer 1c. No. The Recovery Audit Statute does not create any distinction between a "duplicate payment" and any other payment that was made in error or is in excess of the amount to which the recipient is entitled.

Question 1d. Does the Recovery Audit Statute apply to the Department's tax refunds?
Answer 1d. No. The Recovery Audit Statute does not apply to the Department's tax refunds.

  1. Section 24-30-203.5(3)(c), C.R.S., provides that a consultant ("Consultant") and its employees and agents, when receiving confidential information in the custody of the Controller, a state agency subjected to recovery audit, or a contractor or vendor, are subject to all prohibitions against the disclosure of such confidential information that apply to the Controller, the applicable state agency, or the contractor or vendor, or an employee thereof, and to all civil or criminal penalties that apply to a violation of any such prohibition.

Question 2a. Does the Recovery Audit Statute authorize a Consultant to access records of the Department or records of the unclaimed property fund, created under § 24-13-116.5, C.R.S., for the purpose of conducting recovery audits on tax refund disbursements?
Answer 2a. No. Because the Recovery Audit Statute does not apply to the Department's tax refunds, it does not authorize a Consultant to access such records for this purpose.

Question 2b. Is a duplicate disbursement of a tax refund by the Department afforded the same degree of confidentiality as a tax refund payment that is correct at the time of disbursement, but subsequently becomes erroneous based upon new information received by the Department? Does the length of time the tax refund disbursement has been outstanding affect the analysis?
Answer 2b. Yes (the same degree of confidentiality applies) and no (the length of time does not affect the analysis). As noted above, the Recovery Audit Statute does not distinguish between a duplicate payment and any other payment that was made in error or is in excess of the amount to which the recipient is entitled. Further, the statute governing the confidentiality of tax information does not contain an exception for duplicate disbursements of a tax refund. Finally, nothing in the relevant statutes creates a lesser degree of confidentiality for tax refunds that have been outstanding for any particular length of time.

Question 2c. If a Consultant obtains information about a tax refund disbursement from a source other than the Department, is the Department required to confirm or deny the validity of the refund upon inquiry by the Consultant or the Controller?
Answer 2c. No. Under these circumstances and within the context of a recovery audit, the Department would be prohibited from disclosing such information to the Consultant or the Controller.

Question 2d. If a Consultant obtains information about a tax refund disbursement from a source other than the Department, is the Consultant permitted to contact the recipient of the tax refund disbursement to ascertain the validity of the refund?
Answer 2d. Yes, such an inquiry would not violate confidentiality provisions; however, the inquiry would not be within the scope of the Consultant's duties under the Recovery Audit Statute.

BACKGROUND

A. The Recovery Audit Statute.

The Recovery Audit Statute, adopted by the General Assembly in 2010 and amended in 2011, declares that improper payments are a serious problem for state agencies because they waste state and federal moneys and detract from the efficiency and effectiveness of state agency operations by diverting resources from their intended uses.

To address this problem and recoup improper payments, fees, gifts, grants, donations, and other expenditures of state and federal moneys not specifically excluded by law or rule, the Statute requires the Controller to contract with at least one private contractor ("Consultant") to perform recovery audits. A recovery audit is defined as "a financial management technique used to identify improper payments made by a state agency to vendors and other entities in connection with the payment activities of the state." "Improper payment," in turn, means "a payment by a state agency to a vendor or other entity that is made in error or is in excess of the amount to which the recipient is entitled."

Recovery audits conducted under the Statute are self-funding, with the Consultant's costs deducted as a percentage of the dollars recovered. Agencies subject to a recovery audit must provide the private Consultant with confidential information in the custody of the state agency, any provision of law to the contrary notwithstanding, except to the extent prohibited by federal law or regulations or by an agreement between the state and the federal government or another state. The Consultant and its employees and agents are subject to all prohibitions against the disclosure of confidential information obtained and all civil or criminal penalties that apply to disclosure of the information.

B. State tax law.

To determine the applicability of the Recovery Audit Statute to tax refunds, a review of certain basic state tax law concepts is necessary.

  1. The tax refund process.

The Department's functions include collection of "[t]axes levied and license fees imposed by the provisions of articles 22 and 26 to 29 of title 39, C.R.S., and section 21 of article X of the state constitution, and the administration and enforcement of said provisions." Article 21, Title 39 of the Colorado Revised Statutes addresses procedure and administration with respect to the collection of taxes by the Department, including procedure and administration for the filing and payment of tax refund claims.

The tax system relies upon self-reporting. As with the IRS and most state and local taxing authorities, the Department typically issues a tax refund upon receiving a tax return requesting a refund, without contemporaneous audit by the Department to determine the accuracy of the return. A tax refund is granted in order to return moneys to the taxpayer that were deposited with the Department, but that are believed to be in excess of the amount the taxpayer owed. Upon determination that a tax refund is due, the Department issues a voucher to the Controller for the refund, and in turn the Controller issues the tax refund to the taxpayer. The Controller is required to keep as a part of his or her files a duplicate of the voucher and a statement that sets forth the reason why the refund has been ordered.

The tax statutes refer to moneys that should be returned to a taxpayer as "illegally collected tax." That is, section 39-21-108(2) provides, "If the executive director discovers from the examination of a return within the time periods provided for the filing of refunds, or upon claim duly filed by the taxpayer, or upon final judgment of a court that the tax, penalty, or interest paid by any taxpayer is in excess of the amount due or has been illegally or erroneously collected, then the executive director shall issue in favor of the taxpayer his voucher to the controller for the refund of such illegally collected tax, penalty, or interest..." (emphasis added). Here, the phrase "such illegally collected tax, penalty, or interest" refers to any tax, penalty or interest that is "in excess of the amount due" or "has been illegally or erroneously collected."

Often, the taxing authority will provide a refund based on a taxpayer's return and, upon further review, determine that the taxpayer was not entitled to the refund. The taxpayer, in turn, might challenge the Department's findings and provide additional documentation, resulting in an ongoing process to determine whether a refund already issued was in excess of the amount to which the taxpayer was entitled.

As part of this process, the Department may re-examine and re-determine the propriety of a tax assessment or refund at any time within the statute of limitations. Generally speaking, the statute of limitations for tax assessments is four years for income tax and three years for other types of taxes. This limitations period can be extended by agreement of the parties, and is automatically extended in the state income tax setting if extended for federal income tax purposes. Large corporations often have an extended federal statute of limitations due to ongoing federal audits, and thus would have an extended state statute of limitations. Finally, in the case of a failure to file a return or the filing of a fraudulent income tax return, no limitations period applies.

In summary, a determination that an improper refund has issued is the result of a multi-step process. First, the Department collects tax from a taxpayer through payroll withholdings, estimated tax payments, or otherwise. Second, the Department determines that the tax collected was "in excess of the amount due or has been illegally or erroneously collected." Third, the Department issues a voucher to the Controller for the return of the taxpayer's money (now considered "illegally collected tax") to the taxpayer as a refund based upon the taxpayer's return or for some other reason. Fourth, the Department determines that the refund itself was erroneously granted and issues a notice of rejection of claim for refund. Fifth, the Department or the taxpayer may discover still further information that again results in a revised tax assessment, and this cycle may continue.

As a result, it is a common and even expected part of the process that the Department, like any taxing authority, will at times issue initial tax refunds that ultimately turn out to be in excess of the amount to which the taxpayer was due.

  1. Taxpayer confidentiality.

Taxpayer confidentiality protections are broad and deep. A tax return is "capable of revealing 'the skeletal outline of a taxpayer's personal and financial life,'" and Colorado law recognizes an individual's privacy interest in his or her tax returns. As set forth in Section 39-21-113, C.R.S. ("Section 113"), confidentiality restrictions applicable to the Department's tax information are still more extensive, and apply not only to a tax return, but also to any "information" obtained from a tax return or from an investigation conducted by the Department or its agents. The Department may not "make [this information] known in any way." The General Assembly has "expressed a strong public policy in [Section 113(4)(a)] of protecting the confidentiality of taxpayers' state income tax returns."

Any person who violates the confidentiality provisions in Section 113(4) is subject to criminal penalties, and, if the person is a state employee, dismissal from office. Section 113 contains several exceptions to the general rule found in Section 113(4). By way of example, these exceptions include information sharing with other taxing authorities, with the Division of Employment and Training and with the Department of Human Services in connection with past-due child support payment collection.

In addition, the Department relies heavily upon its access to "Federal Tax Information," or "FTI," which is defined broadly to include any information gathered by the IRS with regard to a taxpayer's liability. The protections surrounding FTI are extensive, and apply even to data that is stripped of identifying information. In order to maintain its access to FTI, the Department must agree to adhere to very strict requirements regarding the handling and confidentiality of FTI.

  1. The Unclaimed Property Fund and taxpayer information.

In addition to the Department's statutory obligations to provide tax refund information to the Controller, the Department is statutorily obligated to provide certain taxpayer information to the state treasurer through the Unclaimed Property Trust Fund ("UPTF"). Specifically, if a taxpayer does not cash or deposit a warrant representing a tax refund issued by the Department within six months, the refund warrant becomes void. The Department then must forward the taxpayer's name, taxpayer identification number, last known address, amount of the canceled warrant and funds representing the amount on the canceled warrant to the state treasurer for deposit in the UPTF.

The mere act of submitting the listed information and funds to the state treasurer does not waive taxpayer confidentiality. For example, the Department must include individuals' taxpayer identification numbers to the state treasurer, but the provision of such information to aid in the administration of the UPTF does not void the confidentiality of the taxpayer's social security number. Like the Controller, the UPTF receives confidential information from multiple sources, and nothing in the Unclaimed Property Act establishes that owners of unclaimed property waive any right to confidentiality by virtue of failing to cash a check or otherwise abandoning their property.

If a tax refund warrant is submitted to the UPTF, and the Department subsequently determines that the warrant represented an erroneously granted refund, the Department may reclaim the funds from the UPTF and credit them to the appropriate state revenue fund. The Unclaimed Property Act thereby accounts for the fluid nature of tax assessment. In contrast to tax refunds, most moneys in the UPTF cannot be reclaimed by the state and remain as part of the UPTF if they are not claimed by the intended beneficiary. Such moneys do not revert to the general fund.

ANALYSIS

A. The Recovery Audit Statute does not apply to tax refunds.

When the Department issues a tax refund, it is not engaged in a "payment activity." Rather, a tax refund reflects a determination by the Department's Executive Director that the tax, penalty, or interest paid by any taxpayer is in excess of the amount due or has been illegally or erroneously collected. That is, the purpose of the refund is to return the taxpayer's previously deposited money to the taxpayer. Because issuance of a tax refund is not a "payment activity" of the Department, review of tax refunds is not part of a "recovery audit" within the meaning of Section 24-30-203.5(2)(c), C.R.S., and the Recovery Audit Statute does not apply to tax refunds.

Even if the issuance of a tax refund were considered part of the Department's "payment activities," the Recovery Audit Statute still would not apply because a taxpayer is not a "vendor or other entity" within the meaning of the Statute. A recovery audit is intended to detect an "improper payment" made by a state agency to a "vendor or other entity." An "improper payment" under the Statute is defined as a payment that is "made in error or is in excess of the amount to which the recipient is entitled." The types of "improper payments" listed in the Statute, although not exhaustive, indicate that the Statute was intended to apply to vendors and entities that function like vendors, such as other entities with whom the state has entered a contractual relationship. The listed examples include: a duplicate payment; a payment resulting from an invoice or pricing error; a payment resulting from a failure to apply an applicable discount, rebate, or other allowance; a payment resulting from a failure to comply with a purchasing agreement; and a payment resulting from any other inadvertent error.

The Statute does not distinguish between a duplicate payment and any other type of payment that is made in error or is in excess of the amount to which the recipient is entitled. If the Statute were read broadly enough to encompass tax refunds, it would, in effect, result in the outsourcing of tax auditing services to a private Consultant and its unnamed subcontractors. It is not difficult to imagine scenarios in which a Consultant could be prompted to explore other types of refunds that turn out to be in excess of the amount to which the taxpayer was entitled. For example, a corporation, suspecting that a competitor is understating income or overstating deductions on a return requesting a refund, may provide a tip to the Consultant. If the Statute applies to tax refunds, the Consultant in turn could ask the Department for the competitor's otherwise confidential tax information, and could in essence engage in its own audit of that competitor.

Moreover, this interpretation would infringe on the Department's core functions, which are to collect taxes and administer and enforce the provisions of law imposing various taxes and fees. State tax laws vest these functions exclusively in the Department. Included in the Department's powers are: 1) the power to issue refunds; 2) the power to make assessments for taxes due; and 3) the power to compromise a case (i.e., to negotiate and agree to a settlement).

Finally, to read the Recovery Audit Statute as applicable to tax refunds would result in a violation of taxpayer confidentiality. Exceptions to state taxpayer confidentiality typically appear within Section 39-21-113, C.R.S., and often emphasize that the penalties associated with improper disclosure of taxpayer information also apply to the recipient of the information. The intent of the Recovery Audit Statute is to permit a private Consultant to review otherwise confidential state records and determine whether an improper payment has occurred. Although the Statute does provide that the Contractor and all its employees and agents would be subject to all prohibitions against disclosure of confidential information and related criminal and civil penalties, this non-specific waiver of confidentiality does not appear to be sufficient to override the confidentiality of tax records. Given the "strong public policy of protecting" taxpayer confidentiality, such an interpretation of the Statute would lead to an absurd result. Taxpayer returns and information, which could not otherwise be disclosed even to a grand jury without an explicit court order, would be provided to a private contractor and its private subcontractors based upon broad and general statutory waivers of confidentiality.

For all of these reasons I conclude that the Recovery Audit Statute does not apply to tax refunds. Although the General Assembly could craft a statute permitting such audits, it has not done so.

B. Confidentiality questions.

You have posed several questions about taxpayer confidentiality in relation to a recovery audit. These questions are answered by the analysis above.

The Recovery Audit Statute does not create an exception to the strict confidentiality surrounding tax refunds. Further, a deposit of money (unbeknownst to the taxpayer) in the UPTF does not constitute a waiver of the confidentiality of taxpayer information. Consequently, a Consultant is not permitted to access records of the Department or records of the UPTF for the purpose of conducting recovery audits on tax refund disbursements. The Department also cannot respond to a Consultant's request to confirm or deny the validity of a refund, because the Department may not "divulge or make known in any way" any "information" obtained from a tax return or an investigation conducted by the Department or its agents. For the same reason, if a Consultant obtains information about a tax refund disbursement from a source other than the Department, the Department may not confirm or deny the validity of the refund upon inquiry by the Consultant or the Controller.

If a Consultant obtains information about a tax refund disbursement from a source other than the Department, the Consultant may contact the recipient of the tax refund disbursement to ascertain the validity of the refund. However, such activity would be outside the scope of the recovery audit process, because the Recovery Audit Statute does not apply to tax refunds.

Finally, neither the Recovery Audit Statute nor Section 113(4) creates a distinction between duplicate tax refunds and other types of tax refunds that are later discovered to be erroneous, nor does either statutory provision establish a distinction based on the length of time a refund has been outstanding or unclaimed.

CONCLUSION

Tax assessment, refund and collection activities are not "payment activities" within the meaning of the Recovery Audit Statute, and a taxpayer is not a "vendor or other entity" with respect to his or her tax account within the meaning of the Statute. Application of the Statute to tax assessment, refund and collection activities would lead to an absurd result not consistent with the intent of the legislature. The Recovery Audit Statute does not apply to the issuance of a tax refund.

Issued this 27th day of December, 2012.

JOHN W. SUTHERS
Colorado Attorney General