The Internal Revenue Service has investigated nearly 1,700 cases of unauthorized access of taxpayer data by its own employees in the past decade, and over one-fourth of them turned out to be violations that typically led to employees being suspended, fired, or resigning.
A report released by the Government Accountability Office found the IRS completed 1,694 investigations into the willful unauthorized access of taxpayer data between fiscal years 2012 and 2021 by employees and 27% were found to be violations.
Such access is against the law and could even lead to criminal prosecution
The report arrives at a time when the IRS has come under fire from Congress and tax professionals for backlogs in processing tax returns, the destruction of 30 million paper information return documents, and the difficulty of reaching IRS employees by phone. Lawmakers have also demanded answers from the IRS about potential taxpayer confidentiality leaks in response to reports from the investigative news site ProPublica about the tax avoidance strategies used by billionaires such as Elon Musk, Jeff Bezos, Warren Buffett, George Soros, Michael Bloomberg, Mark Zuckerberg, Bill Gates, Rupert Murdoch, Peter Thiel, and others.
“Federal tax returns include confidential information (such as Social Security numbers),” said the report. “IRS employees are responsible for accessing federal tax information only when it is required for their job. If they access federal tax information otherwise, they could be removed from their job and face criminal and civil penalties.”
The GAO report noted that several offices at the IRS share responsibilities for overseeing policies and practices that protect federal tax information. IRS employees are usually responsible for accessing federal tax information only when it’s required to complete their official duties. Workers also play a role in protecting the confidentiality and privacy of taxpayer information to which they have access.
“If IRS employees access tax information that (1) is not a part of their assigned duties, or (2) is otherwise prohibited, then this access is unauthorized,” said the report. “Unauthorized access can either be considered inadvertent or willful. UNAX is the willful unauthorized access, attempted access, or inspection of tax returns or return information. Similarly, disclosures of tax information that are not authorized can be considered inadvertent or willful.”
The Treasury Inspector General for Tax Administration (TIGTA) probes suspected unauthorized access of taxpayer data or unauthorized disclosure incidents to decide whether the incident can be substantiated. Most of the time, TIGTA finds out about the incidents when someone reports an incident or through its own analysis of IRS reports, both of which can originate from a number of sources. If TIGTA finds sufficient evidence to suggest an unauthorized access or disclosure violation happened, it refers the case to the Justice Department to decide whether it wants to pursue prosecution. TIGTA also gives the IRS the information it collected during its investigation. IRS employees are subject to criminal penalties for unauthorized access of taxpayer data and disclosure violations, and those could include imprisonment or fines.
The IRS sets penalties for their employees committing access and disclosure violations
IRS investigates the incidents, and when appropriate, sets the penalty for IRS employees who committed unauthorized access and disclosure violations. In cases where the IRS determines they warrant disciplinary action, the employee's management team decides on the appropriate penalties. IRS policy generally requires the removal of the employee to be proposed for all unauthorized access violations. A similar IRS policy says removal is an appropriate penalty for willful unauthorized disclosure violations.
About one-quarter of cases investigated in the time period reviewed by the GAO were ultimately substantiated. Between fiscal years 2012 and 2021, IRS completed 1,694 investigations of employee discipline cases that included an unauthorized access issue. More than half the so-called UNAX cases originated in the IRS's Wage & Investment Division, while approximately 30% of the cases came from the IRS’s Small Business/Self-Employed Division. Of the 1,694 UNAX cases, 12% (204) also included an unauthorized disclosure issue. The IRS substantiated 27% of the 1,694 UNAX cases as violations and about 24 percent of the 204 unauthorized disclosure cases. Over the past 10 fiscal years, it has taken TIGTA and IRS, on average, a total of 464 days to investigate and close unauthorized cases.
Non-managerial employees commit the majority of violations
The majority of unauthorized access and disclosure violations during fiscal years 2012-2021 were committed by non-managerial employees. Managers accounted for less than 10% of unauthorized access of taxpayer data and under 15% of unauthorized disclosure violations. During this same period, permanent full-time employees committed most unauthorized access and disclosure violations.
More than 82% of the unauthorized access violations led to the offending employee's suspension, resignation, or removal. In all the cases where the IRS found employees committed both unauthorized access and disclosure violations, the offending employee also was suspended, resigned, or removed.
The IRS conducts monitoring to identify these incidents, investigate cases and adjudicate any findings
In response to the report, the IRS said it takes its responsibility to prevent unauthorized access and disclosure seriously and has created a monitoring system to identify such incidents, investigate cases and adjudicate any findings. IRS employees are constantly reminded that they should only access taxpayer information that is directly related to their casework.
“The vast majority of IRS employees take their charge to protect taxpayer information as the foundation of their career in serving America’s taxpayers,” wrote Jeffrey Tribiano, deputy commissioner for operations support at the IRS. “The small number of employees who do not uphold our standards face serious discipline up to and including removal from the IRS. We will continue to educate our employees and refine our capabilities to detect UNAX and unauthorized disclosures as these efforts are key to ensuring that taxpayers can trust that the information provided to the IRS will be protected and only used for legitimate tax administration purposes.”
If your clients have any tax matters they need help with, please don't hesitate to reach out to me or any of my Tax Problem Solver Team, and we can help them with whatever's going on. You can rest assured that we'll take good care of them! And all information is held in the strictest confidence and the utmost privacy, of course. Contact me by one of the methods below in the blue box, or email me at Larry@TaxProblemSolver.com and we can review their specific issues and solve them. You can also pass along this link to them so they can book a free consultation.
Would You Like to Find Out What Your
Next Best Steps Should Be?
Choose one of the 3 FREE contact methods that is easiest for you.
Schedule a Call with Us
Click the calendar button below to view our appointment calendar, and choose a day & time, and we’ll call you then.
We look forward to your free consult!
Call Us Now
Click the phone button below to either "click to call" or direct dial a number to speak with us right now.
We look forward to speaking with you!
9-Secrets You Need to Know
When the IRS is after you, you need to be informed. What you say to the IRS can be used against you.
Get My 9 Secrets email series now. I'll also add you to my newsletter.