TREASURY INSPECTOR GENERAL
FOR TAX ADMINISTRATION
THE INTERNAL REVENUE SERVICE SHOULD TAKE ADDITIONAL ACTIONS TO PROTECT TAXPAYER REMITTANCES
Reference No. 2000-30-153
The Internal Revenue Service (IRS) processes over $100 billion per year through its IRS Centers. Without improvements to physical security and other controls at these Centers, taxpayer remittances are vulnerable to theft. Although current data on actual and alleged embezzlements by IRS employees were not available, an earlier IRS internal review reported that, between January 1995 and July 1997, thefts of taxpayer remittances totaling over $5.3 million were investigated.
Recent audit reports issued by the IRSí Internal Audit function (now the Treasury Inspector General for Tax Administration [TIGTA]) and the General Accounting Office (GAO) disclosed a variety of control weaknesses regarding the security of remittances in the IRS Centers. The objective of this audit was to determine whether the IRS had taken corrective actions to reduce the risk of theft of taxpayer remittances in these IRS Centers.
The IRS has significantly improved physical security and internal controls over taxpayer remittances and has improved the screening processes for job applicants. Specific actions taken by the IRS include the following:
Despite these actions taken by the IRS, further improvements in the areas of physical security, certain control procedures, and the hiring process are necessary to safeguard taxpayer remittances.
Physical Security Over the Internal Revenue Serviceís Remittance Processing Areas Still Needs Improvement
The IRSí physical facilities we reviewed did not meet IRS security standards. The IRSí procedures require that taxpayer remittances be maintained in areas which have been designed to limit access to authorized personnel during duty hours and to prevent undetected entry by unauthorized persons during non-duty hours. However, both of the IRS Centers included in our review had taxpayer remittances in non-secured areas.
The IRS chose not to install surveillance cameras to monitor employees as they are opening, extracting, and sorting mail and processing remittances. Although the IRS requires outside business entities that process remittances for the IRS to have functioning surveillance cameras, IRS officials determined that surveillance cameras in its Remittance Processing functions would not be effective deterrents to theft. The IRSí decision not to use surveillance cameras was based on limited and sometimes inaccurate information.
Some Control Procedures Designed to Protect Taxpayer Remittances Were Not Functioning as Intended
The IRS did not always ensure only authorized employees entered areas with remittances. The Executive Officer for Service Center Operations (EOSCO) issued guidelines to improve the security over remittances. However, only one of the seven Remittance Processing areas we reviewed had copies of the current EOSCO guidelines.
In both of the IRS Centers included in our review, cleaning personnelís access to Remittance Processing areas had not been limited as it should have been. Managers at the two IRS Centers we reviewed were unaware of this problem.
Certain remittances that are particularly vulnerable to theft (e.g., returned refund checks) and remittances discovered outside Remittance Processing areas were not properly controlled. Although the IRS had agreed to correct control weaknesses over these remittances, the two IRS Centers included in our review had not implemented the agreed upon corrective actions.
The Internal Revenue Serviceís Hiring Processes for Employees Handling Taxpayer Remittances Need Further Improvement
The IRS employs juveniles (high school students) to process taxpayer remittances without a process to ensure that they meet minimum suitability requirements. During Fiscal Year 2000, the 2 IRS Centers included in our review had hired 192 juveniles to work in their Remittance Processing areas as of April 2000. All of these juveniles had fingerprint pre-screening checks completed. However, Title 18 of the Federal Criminal Code states that information about a juvenileís record may not be released when the request for information is related to an application for employment. Therefore, the case results from any arrest of these juveniles were unavailable to the IRS.
IRS employees in Remittance Processing functions handle thousands of taxpayer receipts and sensitive taxpayer information, which requires a high degree of public confidence and trust. Because of this, the IRS has specific needs in screening potential job applicants. These needs may not be met by the Office of Personnel Managementís guidelines. However, the IRS has not issued guidelines to address these needs.
Summary of Recommendations
The Chief Operations Officer should ensure that physical security over remittances at all IRS Centers meets applicable requirements. The EOSCO and the Assistant Commissioner (Forms and Submission Processing) should implement control procedures designed to protect taxpayer remittances (including those addressed in previous IRS Internal Audit [now TIGTA] and GAO recommendations). Also, the Director, Personnel Services, should provide sufficient guidance to ensure that all job applicants for Remittance Processing functions (including juveniles) meet minimum suitability requirements unique to the IRS.
Managementís Response: Managementís response was due on September 20, 2000. As of September 21, 2000, management had not responded to the draft report.