The Internal Revenue Service (IRS) processes over $100 billion per year through its IRS Centers. Without improvements to physical security and other controls at these Centers, taxpayer remittances are vulnerable to theft. Although current data on actual and alleged embezzlements by IRS employees were not available, an earlier IRS internal review reported that, between January 1995 and July 1997, thefts of taxpayer remittances totaling over $5.3 million were investigated.

Recent audit reports issued by the IRS’ Internal Audit function (now the Treasury Inspector General for Tax Administration [TIGTA]) and the General Accounting Office (GAO) disclosed a variety of control weaknesses regarding the security of remittances in the IRS Centers. The objective of this audit was to determine whether the IRS had taken corrective actions to reduce the risk of theft of taxpayer remittances in these IRS Centers.

The IRS has significantly improved physical security and internal controls over taxpayer remittances and has improved the screening processes for job applicants. Specific actions taken by the IRS include the following:

• Lockers have been installed at most IRS Centers, and restrictions have been placed on personal items taken into Remittance Processing functions.
• Security is discussed with Remittance Processing personnel on an ongoing basis.
• Areas receiving unopened mail directly from outside sources have been limited.
• Unauthorized IRS Center personnel have been restricted from accepting remittances from taxpayers.
• Security of remittances in transit from IRS Centers to banks has been improved, and courier contracts have been modified to limit the Government’s exposure in the event of lost, stolen, or damaged deposits in transit.
• Policies have been issued restricting the hiring of new employees until fingerprint pre-screening checks have been completed.

Despite these actions taken by the IRS, further improvements in the areas of physical security, certain control procedures, and the hiring process are necessary to safeguard taxpayer remittances.

The IRS’ physical facilities we reviewed did not meet IRS security standards. The IRS’ procedures require that taxpayer remittances be maintained in areas which have been designed to limit access to authorized personnel during duty hours and to prevent undetected entry by unauthorized persons during non-duty hours. However, both of the IRS Centers included in our review had taxpayer remittances in non-secured areas.

The IRS chose not to install surveillance cameras to monitor employees as they are opening, extracting, and sorting mail and processing remittances. Although the IRS requires outside business entities that process remittances for the IRS to have functioning surveillance cameras, IRS officials determined that surveillance cameras in its Remittance Processing functions would not be effective deterrents to theft. The IRS’ decision not to use surveillance cameras was based on limited and sometimes inaccurate information.

The IRS did not always ensure only authorized employees entered areas with remittances. The Executive Officer for Service Center Operations (EOSCO) issued guidelines to improve the security over remittances. However, only one of the seven Remittance Processing areas we reviewed had copies of the current EOSCO guidelines.

In both of the IRS Centers included in our review, cleaning personnel’s access to Remittance Processing areas had not been limited as it should have been. Managers at the two IRS Centers we reviewed were unaware of this problem.

Certain remittances that are particularly vulnerable to theft (e.g., returned refund checks) and remittances discovered outside Remittance Processing areas were not properly controlled. Although the IRS had agreed to correct control weaknesses over these remittances, the two IRS Centers included in our review had not implemented the agreed upon corrective actions.

The IRS employs juveniles (high school students) to process taxpayer remittances without a process to ensure that they meet minimum suitability requirements. During Fiscal Year 2000, the 2 IRS Centers included in our review had hired 192 juveniles to work in their Remittance Processing areas as of April 2000. All of these juveniles had fingerprint pre-screening checks completed. However, Title 18 of the Federal Criminal Code states that information about a juvenile’s record may not be released when the request for information is related to an application for employment. Therefore, the case results from any arrest of these juveniles were unavailable to the IRS.

IRS employees in Remittance Processing functions handle thousands of taxpayer receipts and sensitive taxpayer information, which requires a high degree of public confidence and trust. Because of this, the IRS has specific needs in screening potential job applicants. These needs may not be met by the Office of Personnel Management’s guidelines. However, the IRS has not issued guidelines to address these needs.

The Chief Operations Officer should ensure that physical security over remittances at all IRS Centers meets applicable requirements. The EOSCO and the Assistant Commissioner (Forms and Submission Processing) should implement control procedures designed to protect taxpayer remittances (including those addressed in previous IRS Internal Audit [now TIGTA] and GAO recommendations). Also, the Director, Personnel Services, should provide sufficient guidance to ensure that all job applicants for Remittance Processing functions (including juveniles) meet minimum suitability requirements unique to the IRS.

Management’s Response: Management’s response was due on September 20, 2000. As of September 21, 2000, management had not responded to the draft report.