Skip to main content

Outdated and Old IT Systems Slow Government and Put Taxpayers at Risk

Posted on February 15, 2023

How long does it take to get a payment from the government? Tax refunds, Social Security, Medicare and Medicaid claims, and much more are processed through federal IT systems. But many of these systems are decades old AND outdated—which can slow down federal payments and services, and make taxpayer information vulnerable to cyberattacks.

Congress has long recognized aging IT systems as a costly vulnerability for the federal government and has appropriated funding to update systems. But many of these efforts face delays and setbacks. Today’s WatchBlog post explores.



Image Showing Computer Code


Aging IT may be delaying your tax return and refund

IRS uses hundreds of applications, software, and hardware systems that are outdated—25 years or older, or written in a programming language that is no longer used. Among these, one example stands out: the primary system that IRS uses to process individual taxpayer account data.

This critical system helps IRS assess taxes, generate refunds, update accounts, and more. It was built in the late 1960s, around the same time NASA’s Apollo missions were first sending astronauts to the moon. The system has been updated over the years, but maintaining it is getting harder because it relies on a computer programming language (COBOL) that fewer and fewer programmers know.  

Our new report found that IRS has spent hundreds of millions of dollars trying to update this system. But IRS officials said the system wouldn’t be fully replaced until 2030 at the earliest—at which time it will be 60 years old.

In the report, we recommended establishing time frames for addressing this and other IT modernization needs that affect taxpayers. We also recommended developing a plan that would improve the effectiveness of IRS’s efforts.

Learn more about those efforts by checking out our podcast with GAO’s Dave Hinchman.

How widespread is the issue?

The IRS is just one of many agencies, government-wide, grappling with aging or old IT systems. Of the government’s $100 billion in annual IT spending, 80% goes to operating and maintaining existing systems. The older the systems are, the more the upkeep costs—and, older systems are more vulnerable to hackers.


photo of a floppy disc halfway out of its protective sleeve


In April 2021, we testified before Congress about these vulnerabilities. We analyzed 65 federal legacy systems and identified the 10 most critical systems—each at a different agency—that needed to be modernized. These 10 systems:

  • Provided essential services like emergency management, health care, and defense
  • Were between 8 and 51 years old
  • Collectively cost about $337 million annually to operate and maintain

Some of these systems also used outdated code, relied on hardware or software that manufacturers no longer support, or had major security risks.

To learn more about the federal government’s aging IT systems and funding available to modernize them, check out our report.


Related Products

About Watchblog

GAO's mission is to provide Congress with fact-based, nonpartisan information that can help improve federal government performance and ensure accountability for the benefit of the American people. GAO launched its WatchBlog in January, 2014, as part of its continuing effort to reach its audiences—Congress and the American people—where they are currently looking for information.

The blog format allows GAO to provide a little more context about its work than it can offer on its other social media platforms. Posts will tie GAO work to current events and the news; show how GAO’s work is affecting agencies or legislation; highlight reports, testimonies, and issue areas where GAO does work; and provide information about GAO itself, among other things.

Please send any feedback on GAO's WatchBlog to