IRS Automation: Controlling Electronic Filing Fraud and Improper Access to Taxpayer Data

GAO discussed the Internal Revenue Service's (IRS) efforts to: (1) control fraud in the electronic filing program; (2) safeguard taxpayer automated files from unauthorized access by IRS employees; and (3) reduce unnecessary risk from its computer systems environment. GAO noted that: (1) although IRS plans to make electronic tax return filing the cornerstone of its future business plans, the system remains very susceptible to fraud; (2) IRS needs additional security systems and controls to protect against the increasing amount of electronic tax returns being filed; (3) it is unclear whether the increase in fraudulent returns is due to an increase in fraudulent activity or an improvement in IRS fraud detection efforts; (4) IRS could improve controls over electronic filing by screening and monitoring persons and firms authorized to file returns electronically, improving editing systems that prevent fraudulent returns from being accepted, and better detecting fraudulent returns that have been accepted; (5) IRS needs to develop security systems to effectively restrict unauthorized access to confidential taxpayer files; (6) the primary weaknesses in IRS computer systems include limited monitoring of taxpayer account transactions, poor contingency plans for disaster recovery, and improper management of software changes; and (7) reducing computer security risks will depend on the prompt and effective implementation of systems security improvements.