The Internal Revenue Service (IRS) has come under fire from a government watchdog for major security flaws that put taxpayer data at risk. In a recent audit conducted by the Government Accountability Office (GAO), three significant deficiencies were identified in the areas of security management and access controls. These shortcomings were described as “sensitive in nature” and pose a threat to the protection of sensitive taxpayer information.
One of the deficiencies highlighted by the GAO was the IRS’s failure to consistently create a plan of action to correct identified weaknesses in security management. This lack of action could result in insufficient protection of critical resources and unnecessary expenditures on low-risk resources. Additionally, the IRS failed to review and certify a monthly security report on a timely basis, further compromising access controls and audit monitoring. The GAO also found that the IRS did not consistently implement security configuration settings for some servers, which are significant to financial reporting.
The GAO report also revealed that the IRS had not completed 36 out of 51 corrective actions identified in a previous report. This lack of progress is concerning, especially considering that a prior review faulted the IRS for failing to implement 77 out of 451 recommendations since 2010. While the IRS has previously blamed resource constraints for its inability to meet these recommendations, it recently received a significant funding infusion of $78 billion. Despite this, the IRS has merely pledged to address the identified deficiencies without providing concrete plans for improvement.
In addition to these security flaws, another watchdog, the Treasury Inspector General for Tax Administration (TIGTA), found that the IRS has lost track of thousands of microfilm cartridges containing millions of sensitive business and individual tax records. This lack of accountability raises concerns about potential identity theft and tax fraud. The TIGTA report highlighted significant deficiencies in how the IRS safeguards, stores, and accounts for these microfilm cartridges.
These alarming findings prompted the watchdog to recommend a detailed inventory of all microfilm cartridges, including those that have been disposed of or are missing. The IRS wage and investment commissioner attributed these deficiencies to long-term underfunding and staff attrition. However, the lack of oversight and proper management of sensitive taxpayer information is a critical issue that must be addressed.
Despite these security and operational shortcomings, the IRS has managed to collect a near-record $4.7 trillion in taxes last year. This achievement was made possible by a $78 billion funding boost from Congress, which allowed the agency to hire more enforcers and deploy advanced technologies like artificial intelligence for better tax collection. Furthermore, the IRS plans to hire thousands more tax enforcers in 2024 to further increase tax revenues.
In September, the IRS announced a “sweeping, historic” tax enforcement crackdown as part of a “sea change” in its operations. The agency has pledged to prioritize enforcement actions on high-income taxpayers with significant tax debt while promising not to increase audit rates for individuals earning less than $400,000 per year.
In conclusion, the IRS is facing criticism for major security flaws that endanger taxpayer data. The recent audit by the GAO highlighted deficiencies in security management and access controls, while the TIGTA report revealed the loss of sensitive tax records. Despite a substantial funding boost, the IRS has been slow to address these issues. The agency’s ability to collect a record amount of taxes raises further questions about its priorities and allocation of resources. Steps must be taken to rectify these shortcomings and protect the sensitive information of American taxpayers.