[House Hearing, 115 Congress]
[From the U.S. Government Publishing Office]




                               BEFORE THE

                       SUBCOMMITTEE ON OVERSIGHT

                                 OF THE

                      COMMITTEE ON WAYS AND MEANS
                     U.S. HOUSE OF REPRESENTATIVES


                             FIRST SESSION


                            OCTOBER 4, 2017


                          Serial No. 115-OS08


         Printed for the use of the Committee on Ways and Means

                    U.S. GOVERNMENT PUBLISHING OFFICE                    
33-655                  WASHINGTON : 2019                     

                     COMMITTEE ON WAYS AND MEANS

                      KEVIN BRADY, Texas, Chairman

SAM JOHNSON, Texas                   RICHARD E. NEAL, Massachusetts
DEVIN NUNES, California              SANDER M. LEVIN, Michigan
PATRICK J. TIBERI, Ohio              JOHN LEWIS, Georgia
DAVID G. REICHERT, Washington        LLOYD DOGGETT, Texas
PETER J. ROSKAM, Illinois            MIKE THOMPSON, California
VERN BUCHANAN, Florida               JOHN B. LARSON, Connecticut
ADRIAN SMITH, Nebraska               EARL BLUMENAUER, Oregon
LYNN JENKINS, Kansas                 RON KIND, Wisconsin
ERIK PAULSEN, Minnesota              BILL PASCRELL, JR., New Jersey
KENNY MARCHANT, Texas                JOSEPH CROWLEY, New York
DIANE BLACK, Tennessee               DANNY DAVIS, Illinois
TOM REED, New York                   LINDA SANCHEZ, California
MIKE KELLY, Pennsylvania             BRIAN HIGGINS, New York
JIM RENACCI, Ohio                    TERRI SEWELL, Alabama
PAT MEEHAN, Pennsylvania             SUZAN DELBENE, Washington
KRISTI NOEM, South Dakota            JUDY CHU, California
GEORGE HOLDING, North Carolina
TOM RICE, South Carolina

                     David Stewart, Staff Director

                 Brandon Casey, Minority Chief Counsel


                       SUBCOMMITTEE ON OVERSIGHT

                    VERN BUCHANAN, Florida, Chairman

DAVID SCHWEIKERT, Arizona            JOHN LEWIS, Georgia
JACKIE WALORSKI, Indiana             JOSEPH CROWLEY, New York
CARLOS CURBELO, Florida              SUZAN DELBENE, Washington
MIKE BISHOP, Michigan                EARL BLUMENAUER, Oregon
PAT MEEHAN, Pennsylvania
GEORGE HOLDING, North Carolina

                            C O N T E N T S


Advisory of October 4, 2017 announcing the hearing...............     2


Jeffrey Tribiano, Deputy Commissioner for Operations Support, IRS     4
Gina Garza, Chief Information Officer, IRS.......................     4
Mr. Danny Verneuille, Assistant Inspector General for Security 
  and Information................................................    13
Technology Services, Treasury Inspector General for Tax 
  Administration (TIGTA).........................................    26
Mr. David Powner, Director, IT Management Issues, Government 
  Accountability Office (GAO)....................................    27

                        QUESTIONS FOR THE RECORD

Questions from The Honorable Vern Buchanan, to Jeffrey Tribiano..    58
Questions from The Honorable Jackie Walorski, to Jeffrey Tribiano    87
Questions from The Honorable Mike Bishop, to Jeffrey Tribiano....    90
Questions from The Honorable Vern Buchanan, to Danny Verneuille..    93
Questions from The Honorable Vern Buchanan, to David Powner......    98


Citizens Against Government Waste (CAGW).........................   105
The National Treasury Employees Union (NTEU).....................   107



                       WEDNESDAY, OCTOBER 4, 2017

             U.S. House of Representatives,
                       Committee on Ways and Means,
                                 Subcommittee on Oversight,
    The Subcommittee met, pursuant to call, at 9:01 a.m., in 
Room 2020, Rayburn House Office Building, Hon. Vern Buchanan 
[Chairman of the Subcommittee] presiding.
    [The advisory announcing the hearing follows:]

    Chairman BUCHANAN. The Subcommittee will come to order. We 
have Members that are running late, but I thought we would get 
started with this. Welcome to the Ways and Means Oversight 
Subcommittee hearing on IRS Reform: Challenges to Modernizing 
IT Infrastructure. Today's hearing will focus on the current 
state of the IRS IT, the challenges faced as the IRS seeks to 
modernize itself, and areas where the IRS could improve its 
efforts. The importance of this topic cannot be understated. A 
modern, efficient, IT infrastructure is essential to effective 
tax administration, something that we would all like to see in 
the near future.
    While I am sure today we will hear a lot about the idea of 
budgetary needs, this is not just simply a budgetary issue. 
Budget is one aspect of running a successful enterprise. 
However, as a guy that ran businesses over the years, I don't 
always have the money for everything I would like to do. 
Instead, I have to make tough decisions and set priorities in 
terms of my business moving forward in the future.
    Work from both the GAO and the inspector general has shown 
many instances where the IRS decision-making has led to 
significant IT problems. For example, in 2010, the IRS was 
instructed by the USCIO to pursue a cloud-first strategy. 
However, the IRS did not begin to work on the cloud strategy 
until 2016, and could not readily produce a full inventory of 
its clouds. The IRS has also spent millions of dollars 
procuring an IT system that later determined cannot be used.
    Again, examples such as these are not budget failures. They 
are management failures. But I am first to agree that we need 
to have a long-term vision in this area. As we examine tax 
administration reform, we welcome a discussion on changes to 
the IRS, its budget. However, changes to the budget must be 
coupled with better management and governance of its resources 
the IRS already has.
    As I have said before, we would like to see the IRS work to 
improve how it procures and implements its IT systems. We also 
want to see the IRS be good stewards of the resources that we 
have already given them. To that end, I look forward to hearing 
from the witnesses today on ways we might improve the 
management, the IRS, and IT investment.
    The Ranking Member is not present today, so we will move 
forward with witness testimony. Without objection, other 
Members' opening statements will be made part of the record.
    Today's witness panel includes four experts: Jeffrey 
Tribiano, Deputy Commissioner for Operating Support at the IRS; 
Gina Garza, Chief Information Officer at the IRS; Danny 
Verneuille, Assistant Inspector General for Audit for Security 
and Information Technology Services at TIGTA; David Powner 
Director of IT Management Issues at the GAO.
    The Subcommittee will have received your written 
statements, and they will be made part of the formal hearing 
record. You each have five minutes to deliver your oral 
    We will begin with the gentleman here to the left. You may 
start when you are ready.


    Mr. TRIBIANO. Thank you, Mr. Chairman.
    Chairman Buchanan, members of the subcommittee, my name is 
Jeff Tribiano, and I am the Deputy Commissioner for Operations 
Support at the IRS. I appreciate the opportunity to testify 
    In my position at the IRS, I oversee internal operations 
and administration, which includes information technology, 
human capital, finance, privacy, procurement, planning, 
facilities, security, enterprise risk, and the Office of Equity 
Diversity and Inclusion. Joining me at the witness table is Ms. 
Gina Garza, the IRS's Chief Information Officer.
    Providing outstanding taxpayer service is an ongoing high 
priority for the IRS. A safe, secure, and efficient, and up-to-
date information technology system plays an increasing 
important role in our efforts to sustain and improve taxpayer 
service. The most visible taxpayer service the IRS provides is 
the delivery of a smooth, problem-free tax filing season, so 
people can file their returns and receive their refunds as 
quickly and easily as possible.
    Our IT systems process more than 150 million individual 
income tax returns, and we pay out more than $300 billion in 
refunds to individuals each year. During the filing season and 
throughout the year, we provide taxpayer services through a 
variety of delivery channels to help taxpayers file their 
returns accurately and on time. Hereto, our IT systems are an 
essential component of our service efforts.
    For example, IT supports our call center operation, which 
is one of the largest in the country, with which we answer over 
60 million taxpayers' calls in 2016. Our IT systems also 
support our ability to offer online services, which we continue 
to expand in response to increasing taxpayer demand.
    The agency has been working for several years on longer 
term improvements to taxpayer experiences, and to tax 
administration. In this effort, the IRS relies heavily on 
information technology to help carry out these improvements. A 
major part of the initiative is developing an online account 
where taxpayers, or their representatives, can log on securely, 
get information about their account, and interact with the IRS 
as needed, including self-correcting some issues.
    Last year, we took the first step towards this when we 
launched an application on IRS.gov that provides information to 
taxpayers who have straightforward balance inquiries. Since its 
launch, this new tool has been used by taxpayers more than 1.7 
million times.
    Providing outstanding taxpayer service also involves 
ensuring the information taxpayers provide to the IRS will be 
kept secure. We are constantly working to protect our main 
computer systems from cyber incidents, intrusions, and attacks. 
Our core tax processing systems remain secure and currently 
withstand more than 1 million attempts to maliciously access 
the system each day.
    Another important area that IT supports is our battle 
against stolen identity refund fraud. Over the past years, we 
have made steady progress in protecting against this crime. 
That progress has accelerated since 2015, thanks to the 
collective efforts of the Security Summit Group and the 
implementation of the Return Review Program, or what we call 
RRP. The efforts of this strong, unique partnership between the 
public and private sectors, combined with RRP's ability to 
enhance our fraud filters has produced real results. In fact, 
the number of people reported to us that they are victims of 
identity theft declined from 698,000 in calendar year 2015 to 
376,000 in 2016, a drop of more than 47 percent, and that 
decline has continued in 2017.
    For the IRS to improve, even to maintain all these 
services, it is critical for our IT systems to be up to date. 
But they have long been operating with antiquated hardware and 
software. Approximately 64 percent of the IRS hardware is aged 
and out of warranty. And 32 percent of the software is two or 
more releases behind the industry standards, with 15 percent 
more than four releases behind.
    The IRS needs to upgrade its IT infrastructure not only to 
help ensure reliable and modern taxpayer service, but also to 
mitigate the risk to the system. This is a high priority for 
us. We are concerned that the potential for a catastrophic 
system failure is increasing as our infrastructure continues to 
age. But in working modernization of our IT systems, the IRS 
faces a number of challenges. None is more critical than our 
budget. The IRS budget is currently about $900 million below 
what it was in 2010. And modernizing at a faster pace will 
require significant and substantial additional resources in the 
IT area.
    Along with providing adequate funding, Congress can also 
help us by reauthorizing streamline critical pay authority. The 
loss of this authority has made it very difficult and time 
consuming to recruit, retain employees, and expertise in highly 
technical areas in IT, such as cybersecurity, architecture, 
engineering, and operation.
    Chairman Buchanan and members of the subcommittee, this 
concludes our opening statement, and we are happy to take your 
    [The prepared statement of Mr. Tribiano and Ms. Garza 


    Chairman BUCHANAN. Thank you.
    Ms. Garza, you are recognized.
    Ms. GARZA. I have no opening statement. It was with Jeff.
    Chairman BUCHANAN. Okay. Let's see. Mr. Verneuille, you are 


    Mr. VERNEUILLE. Chairman Buchanan, members of the 
subcommittee, thank you for the opportunity to discuss 
challenges to modernizing the IRS infrastructure. The IRS will 
spend about $2.9 billion, or 26 percent of its fiscal year 2017 
appropriations on information technology. About $500 million of 
this was allocated to business systems modernization. The IRS 
has faced significant challenges in modernizing its legacy 
    For example, the Customer Account Data Engine 2, referred 
to as CADE 2, is to plan replacement of the Individual Master 
File that is based on a 50-year-old program and architecture. 
Although CADE 2 has been under development since 2009, the 
previous CADE initiative dates back to the late 1990s. IRS has 
attributed the problems with developing CADE 2 to annual filing 
season, resources being provided for other system development 
projects, and the lack of key subject matter experts. 
Currently, there is no planned completion date for CADE 2 
    For the 2017 filing season, the IRS replaced the fraud 
detection capabilities of its legacy systems with the Return 
Review Program, which enhanced its capabilities to prevent, 
detect, and resolve criminal and civil noncompliance. However, 
the enterprise case management solution being developed to 
provide case management functions for the Return Review Program 
has stopped development efforts due to technical limitations in 
the commercial off-the-shelf product. We have an ongoing audit 
that will evaluate the IRS development of an enterprise case 
management solution and expect to issue the report in February 
    The IRS has been slow to modernize its operations and 
deploy online applications. Our audit of the IRS's 
implementation and use of cloud technologies and services found 
that the IRS does not have an enterprise-wide cloud strategy. 
In July 2016, the IRS created an integrated planning team with 
an overall goal of developing a cloud strategy. However, there 
is no timetable for implementation of a cloud strategy.
    We also recently reported that the IRS successfully 
deployed four web applications as part of its future-state 
initiative. However, the deployments were delayed because of 
inconsistent governance, and lack of project funding, and 
incompatible workflow processes.
    In addition to challenges in modernizing legacy systems, 
the IRS's current hardware architecture is getting older and is 
in need of upgrading. At the beginning of fiscal year 2017, 64 
percent of the hardware is aged. This level far exceeds the 
acceptable level of aged hardware of 20, 25 percent. IRS 
management explained that its budget, over the past 5 years, 
has impacted their ability to reduce the aged hardware.
    In conclusion, TIGTA believes the IRS needs to improve its 
project planning prior to starting development activities. This 
should include more clearly defined requirements and scope, and 
a well-designed architecture and comprehensive assessments of 
commercial off-the-shelf products to be used. The IRS also 
needs to ensure that it follows established methodologies to 
guide project development.
    In addition, the IRS has more information technology 
demands that can be addressed with the skilled resources it has 
available. The IRS should focus on fewer projects and provide 
sufficient resources to ensure the completion of its highest 
priority projects. From a budget perspective, we have seen the 
IRS have success when appropriations are designated for 
specific programs such as when additional fiscal year 2016 
funding was provided for cybersecurity enhancements and 
identity theft prevention.
    In addition, we agree with the IRS's request in the fiscal 
year 2018 President's budget submission for additional 
operation support account funds to be available for 2 years. 
Given the length of the information technology life cycle 
process, 2-year funding will provide the IRS an opportunity to 
utilize appropriated funds before they expire.
    Chairman Buchanan, that ends my statement. I look forward 
to your questions.
    [The prepared statement of Mr. Verneuille follows:]

    Chairman BUCHANAN. Thank you.
    Mr. Powner.


    Mr. POWNER. Chairman Buchanan, members of the subcommittee, 
thank you for inviting us to testify on IRS's efforts to 
modernize its antiquated IT systems and infrastructure. IRS 
spends about $2.7 billion annually on IT. Currently, about 1.9, 
or 70 percent, of this goes towards operational or legacy 
systems, and about $800 million, or 30 percent, goes towards 
new development or modernization. This proportion of spending 
on modernization is nowhere near ideal, and IRS's situation is 
a common Federal IT problem, as the Federal Government as a 
whole spends 80 percent of its IT spend on operational systems.
    Recognizing this problem, GAO put IT acquisitions and 
operations on our high-risk list in 2015, and we are tracking 
more than 800 recommendations across all agencies related to 
this area. Several of these are to IRS on how they prioritize 
and report performance on their IT modernization efforts.
    This morning, I would like to discuss, one, IRS's 
operational systems; two, efforts to modernize these systems; 
and, three, steps to address this situation.
    IRS's legacy, or operational systems, are critical assets 
that are essential to the annual collection of over $3 trillion 
in taxes. Some are newer systems, like the fraud detection 
system, which, this past filing season, prevented over $4 
billion in fraudulent payments. But IRS also has some of the 
oldest systems in the Federal Government, including the 
Individual Master File, which is over 50 years old.
    Our main concern with the Individual Master File is that we 
don't see a solid plan with realistic costs and milestones to 
replace it. Overall, IRS maintains over 20 million lines of 
assembly code. These millions of lines of archaic software and 
hardware that is no longer supported becomes more difficult and 
costly to maintain each year, and poses significant 
cybersecurity risks.
    To IRS's credit, it keeps these old systems running during 
the filing season. But relying on these antiquated systems for 
our Nation's primary source of revenue is highly risky, meaning 
that the chance of having a failure during the filing season is 
continually increasing.
    Now turning to IRS's efforts to modernize these systems, I 
would like to discuss the Fraud Detection System, the Foreign 
Account Tax Compliance Act known as FATCA, ACA, and CADE 2. 
CADE 2 is the system plan to replace the Individual Master 
File. Efforts continue to improve the Fraud Detection System. 
Congressional mandates like FATCA and ACA once consumed a large 
portion of IRS's modernization dollars, but that is no longer 
the case. CADE 2 is the number one modernization investment in 
terms of dollars. Having spent over $170 million in fiscal year 
2016, and 120 in fiscal year 2017, but our ongoing work is 
showing that IRS is not delivering on this modernization effort 
as planned, nor is there a solid plan here to eventually 
deliver CADE 2.
    We have made specific recommendations to IRS regarding 
modernization, but history tells us that congressional 
administration involvement could greatly help here starting 
with IRS. IRS needs to deliver on the priority modernization 
efforts like CADE 2. We are spending significant money here, 
and we are not delivering at an acceptable rate. IRS also needs 
to set clear modernization priorities and develop plans with 
accurate budgets and milestones. So, for instance, on IMF and 
CADE 2, we need to see exactly what it will take to convert the 
IMF to modern languages and replace it with CADE 2.
    Again, to be clear, we need to know how much money and a 
date when we expect to be done. No doubt, there will likely be 
gaps between needs and budget realities, but we need to know 
how much we are off, discuss it, and get realistic, achievable 
plans. Congress needs to hold IRS to the plan by receiving 
quarterly, or at least 6-month progress reports, to make sure 
they stay on track, and GAO can help with this effort.
    Turning to the administration. The administration has 
established the American Tech Council chaired by the President 
and the Office of Innovation, aimed at improving and 
modernizing Federal IT. Recently, these groups have set bold 
direction for the Department of Veterans Affairs to address 
tech improvements to better serve our vets. Leveraging these 
groups and setting similar direction for IRS modernization 
efforts are needed.
    Also, last fall, the comptroller general, Gene Dodaro, held 
a forum on IT high risk where former and current Federal and 
agency CIOs told us that one of the things that is important 
for these large modernization efforts is having the Federal CIO 
involved in our Nation's most important modernization efforts.
    In conclusion, when IRS focuses on priorities, we tend to 
get good results. Continued attention needs to occur with the 
filing season, congressional mandates, and fraud detection. But 
more needs to be done on replacing the Individual Master File. 
Modernizing these tax processing systems should be a top 
priority for our country. This concludes my statement. I look 
forward to your questions.
    [The prepared statement of Mr. Powner follows:]

    Chairman BUCHANAN. Thank you for your excellent testimony, 
all of you. I will now proceed to the question-and-answer 
session. In keeping with my precedent, I will hold my questions 
until the end.
    I now recognize the lady from Indiana, Mrs. Walorski.
    Mrs. WALORSKI. Thank you, Mr. Chairman. Thank you to the 
panel for being here.
    Ms. Garza, on September 7th, nearly a month ago, we learned 
of the single largest data breach with more than 140 million 
individuals being impacted. When did the IRS learn of the 
    Ms. GARZA. So we learned it as part of the news that 
evening. The very next day, we got together and started to talk 
about what that impact to the IRS might be.
    Mrs. WALORSKI. On September 8th, the next day, you were in 
contact with Equifax about the scope of the breach, whether it 
impacted the IRS data----
    Ms. GARZA. That is correct.
    Mrs. WALORSKI [continuing]. As you just said. In fact, IRS 
sent a team of IT experts, criminal investigators, and the 
Treasury Inspector General for Tax Administration to Atlanta, 
to Equifax, to verify everything that Equifax had told the IRS, 
    Ms. GARZA. That is correct.
    Mrs. WALORSKI. Did you have any reason to doubt Equifax or 
what they had told you during that process?
    Ms. GARZA. I had no reason to doubt them, but it is our 
protocol to go and do a physical inspection to validate what we 
are being told.
    Mrs. WALORSKI. Did you learn anything that caused concern?
    Ms. GARZA. So, in this case there were a couple of things. 
One, we were able to verify, by looking at the forensics of 
what the bad actor did and was able to access, that none of the 
IRS data had been compromised. However, we did find that we had 
gotten inconsistent information when we had first talked to 
Equifax. We did find that in their network logs, along with 
other companies' information, some of our information that we 
had sent over was maintained. But, as I said, there was no 
evidence that the bad actors were able to get to the network 
logs. Their primary area to look at were the databases.
    Mrs. WALORSKI. I read last night in the press that the IRS 
had just signed a $7 million contract to have Equifax provide 
identity proofing. That contract was just signed on September 
29th, correct?
    Ms. GARZA. That is what I have learned this morning.
    Mrs. WALORSKI. So more than 20 days had passed since we 
learned of the greatest data breach in history, and you just 
signed a contract to pay Equifax to have access to IRS data for 
identity verification purposes. Did you approve and sign that 
    Ms. GARZA. I did not.
    Mrs. WALORSKI. Mr. Tribiano, did you approve and sign that 
    Mr. TRIBIANO. No, ma'am, I did not.
    Mrs. WALORSKI. Who signed the contract?
    Mr. TRIBIANO. Our procurement officer would have signed 
that contract.
    Mrs. WALORSKI. And who is that?
    Mr. TRIBIANO. Ms. Shanna Webbers.
    Mrs. WALORSKI. How many employees at the IRS have the 
authority to sign a $7 million contract binding the IRS on IT 
    Mr. TRIBIANO. I would have to get back to you on that, 
ma'am. I don't have that number.
    Mrs. WALORSKI. Can you do that?
    Mr. TRIBIANO. Yes, ma'am.
    Mrs. WALORSKI. You know, I am floored to sit here this 
morning. This is an abject failure. And I haven't been on this 
Committee very long. But I think this is my third or fourth 
hearing already on this issue of IT and who is responsible. And 
we sit here this morning, we talk about all these issues we 
have talked about before with no changes happening. The 
American people are sitting there this morning saying, this is 
beyond abject failure. This is a management failure. If 
nothing, it shows that the IRS structurally needs some reform 
and needs major change. This is why the American people hold us 
accountable and we try to hold you accountable. And then we 
have contracts being signed right in the middle of these 
investigations of the biggest data breach in the history of 
this country, exposing a massive amount of Americans now to 
identity theft.
    Frankly, the IRS should not be in the position to have 
major IT acquisitions happening without you, Ms. Garza, or you, 
Mr. Tribiano, even knowing that they are happening. I don't 
think there is anything anybody can say at this point, other 
than pointing the fingers now to a third person that signed the 
    Mr. Tribiano, did you want to say anything?
    Mr. TRIBIANO. Yes, ma'am, if I can. I just want to clarify 
a couple of things, if I can, and walk through this. And this 
is not an excuse. This is just what happens. We had a contract 
with Equifax. We had two different contracts. We had one that 
was managed out of our privacy team, and that was for credit 
monitoring. That contract was competed and awarded to a 
different vendor. So that happened and went into effect October 
1. We had the other contract, which was our eAuthenticated 
service contract that was competed.
    Mrs. WALORSKI. Okay. Excuse me. I know we are going to run 
out of time here. I see the yellow light. And I know you have 
got to get back to me the number of people that can sign these 
contracts, but, obviously, Ms. Garza can, and you can, and the 
woman that you just explained can. Who else can? That is three 
right there. But who else has the authority to sign something 
like a $7 million contract?
    Mr. TRIBIANO. I will get back to you on that, ma'am, about 
the numbers. But I want----
    Mrs. WALORSKI. But you have to know the other people in the 
office that can sign.
    Mr. TRIBIANO. Well, there are certain procurement officers 
that have warrants to be able to do that.
    Mrs. WALORSKI. Are we talking 10 people? Are we talking 15 
people? Are we talking five people?
    Mr. TRIBIANO. The range of what procurement officers' 
warrants are for are varied. Some procurement officers have 
warrants up to a certain dollar amount. I have to be able to 
get you that breakdown and show you who and what category can--
    Mrs. WALORSKI. I appreciate it. And I know I am out of 
time. Thank you, Mr. Chairman. I will yield back.
    Chairman BUCHANAN. Thank you.
    Mr. Holding, you are recognized.
    Mr. HOLDING. Thank you, Mr. Chairman.
    Ms. Garza, I think this is a question for you. As we know, 
the Federal Acquisition Regulation, I think, is 12.101, sets 
forth the acquisition principles, policies, procedures that 
govern acquisitions of Federal agencies. And this regulation 
governs the contracts, orders, and agreements entered into by 
the IRS, obviously. And among things, the Federal Acquisition 
Regulation requires prime contractors and subcontractors to 
incorporate, to the maximum extent possible, practicable, 
commercial items and components of items supplied to the 
    So my question to you is, to what extent do you feel you 
are leveraging the new, more effective, and modern technologies 
that are currently purchased by the IRS?
    Ms. GARZA. So in developing our solutions for--especially 
in our modernized projects, we look for COTS products that 
might be available. RRP is a perfect example where we went out 
and we looked at a suite of products for us to utilize to 
deliver that capability. So we integrated those products. We 
look for things best-in-class in order to deliver modernization 
    Mr. HOLDING. So do you believe that there is anything you 
have currently purchased that you are underutilizing?
    Ms. GARZA. There might be something. I don't have an answer 
for that. I don't have full knowledge of that answer.
    Mr. HOLDING. Is there a way that you could--do you maintain 
some sort of inventory of products that you purchased, and, you 
know, measure their effectiveness, measure whether you are 
using them or not?
    Ms. GARZA. We measure whether we are using them or not. We 
have an inventory of those products to measure utilization. In 
some cases, there are some products that are underutilized. By 
that, I mean we don't have a lot of people using them. But some 
of this is a dialogue between us and our business customers. 
And there will be, like, groups of people that have unique 
needs that are using that product. And so it really goes back 
to, what is the business need? And is that product needed for 
that need? In some cases, we are trying to consolidate the 
products. We are trying to simplify our infrastructure, and we 
are making some progress in that. But it all goes back to, what 
is the business need? And does that product meet that need?
    Mr. HOLDING. So would you be able to provide the Committee 
with that inventory and with your analysis of what is being 
utilized or underutilized for our edification?
    Ms. GARZA. Sure.
    Mr. HOLDING. Good. Thank you.
    And, it came to light in a hearing last year, or the year 
before, the amount of unionization in the IRS. I think the 
Veterans Administration and the Internal Revenue Service are 
the two most unionized government agencies. Do you know the 
percentage of your IT employees that are unionized?
    Ms. GARZA. I do not know that answer.
    Mr. HOLDING. Mr. Tribiano, you are reaching for the mic 
there. Do you----
    Mr. TRIBIANO. No, sir. I do not know that answer. But those 
are statistics that we have, and we can deliver that answer to 
    Mr. HOLDING. I think I recall that your contracts provide 
that you are able to spend something like 500,000 paid hours 
per year in union activity at the IRS. Does that sound about 
    Mr. TRIBIANO. That could be right.
    Mr. HOLDING. I think Mrs. Walorski covered a couple of 
these in her questioning. But I want to make sure that we have 
got an answer for these for the Committee regarding the Equifax 
contract. Was it approved by the Director of Privacy at the 
    Mr. TRIBIANO. No, sir. What I was trying to explain before 
is we had two contracts. The Director of Privacy had the one 
for credit monitoring which is different than the contract for 
eAuthentication. That contract for credit monitoring was 
recompeted and awarded to a new vendor. The eAuthentication was 
recompeted and awarded to a new vendor, but Equifax protested 
the procurement. And that happened in July. So that is under 
GAO right now for a decision about which way to go. So when we 
came down to September 29th when the Equifax contract expired, 
we had to either, one, stop the service, which means millions 
of taxpayers would not be able to get their transcripts, 
including those that are in need of it, like in the hurricane 
disaster areas. They use those tools to get their transcripts, 
or do a bridge contract with Equifax until GAO decides on the 
protest, and we move forward.
    Mr. HOLDING. All right. Mr. Chairman, I see I have run out 
of time. Thank you.
    Chairman BUCHANAN. Thank you. Mr. Bishop, you are 
    Mr. BISHOP. Thank you, Mr. Chairman.
    I guess that I am not sure who to direct this to, Mr. 
Tribiano or Ms. Garza. I am listening to the questions. And, 
you know, Mrs. Walorski, I guess, I support the questions that 
she asked and the tone in which she asked them, because that is 
the tone in which my constituents are concerned about this.
    Can you give us some assurances, after this Equifax breach, 
that you have taken precautions, that there are steps that have 
been taken, to address what could be one of the biggest 
breaches in identity theft in the history of our country? 
Clearly, there is a gap there. And we have got to do something 
to address it. And I assume that the IRS has done something. 
What can you tell us today that would provide this Committee 
and our constituents assurances that we are going to do 
something about this to ensure that nothing really, really bad 
happens this tax filing season.
    Ms. GARZA. So I can take that. So what we did immediately, 
once we heard about the Equifax, we not only contacted Equifax, 
but we sent a team over. The team went over, and we did 
analysis of their data breach. We identified all of the 
elements that had been compromised. And then, working with--
take the investigations. We went through all of that 
information. And then we went through, on an application-by-
application basis, to determine if that compromise would put 
our systems at risk. Our evaluation showed that the approach 
that we have taken at the IRS is to have a multilayered defense 
mechanism in our applications. And so, based on that, we 
determined that we had other mitigating controls in place that 
would protect the taxpayer information. Furthermore, there was 
about 209,000 SSNs that we thought were at higher risk. And for 
those 209,000 SSNs, we are in the process of receiving the SSNs 
and we are going to protect those accounts specifically.
    Mr. BISHOP. Have those SSNs and the owners of those SSNs 
been informed of this situation?
    Ms. GARZA. That would be an Equifax question to be asked. 
We are going to tag the accounts to make sure that no one can 
come in and----
    Mr. BISHOP. But if my account is tagged, I would like to 
know why it is tagged. And I would think as a taxpayer I would 
have the right to know that.
    Ms. GARZA. So I think that is a business decision, and we 
will support whatever the business decision is.
    Mr. BISHOP. Okay. A million and one questions to ask here. 
Great concern. If a person--let me ask, Mr. Powner, did you 
have something to add to that?
    Mr. POWNER. Yeah. I would like to go back to the question 
of approving IT contracts. There was a law passed December 2014 
called the Federal Information Technology Acquisition Reform 
    Mr. BISHOP. Right.
    Mr. POWNER [continuing]. FITARA. I do a lot of work on 
FITARA at all agencies and departments. And one of the 
provisions in that law is to strengthen CIO authorities. The 
CIO should approve the IT budget. They should approve major IT 
contracts. That is a provision in the law. And I can tell you 
right now that was put in there because of this stuff that is 
happening. The procurement shop, and the IT shop, and sometimes 
the CFO organizations, there are walls between these 
organizations. And if we would simply approve major IT 
contracts by CIOs, it would help solve this problem.
    Mr. BISHOP. So that is another question that I have.
    Mr. Chairman, there has got to be a solution out there. In 
this great country of ours, with all the great innovation, the 
private sector has got to have a solution here. I know that the 
commercial side and the criminal side of the IRS deal with 
things differently. My understanding is the criminal side works 
with a 1994 product to address these issues, which is 
completely unacceptable to me. I may be wrong on that, on the 
timing, on the name of the product, but it is at EFDS.
    Ms. GARZA. So that is the system that RRP is replacing. 
And, basically, at this point, we have retired the bulk of the 
EFDS, the old system, and are using now the RRP system to do 
the pre refront in identity theft.
    Mr. BISHOP. How about the LCA system, the lead case 
    Ms. GARZA. So that is part of the new RRP system, the link 
analysis, and it is available to be utilized on that new 
system. There are still components of the old legacy system, 
primarily around the case management components, that still 
need to be modernized. We made a decision in trying to simplify 
our footprint to develop an enterprise case management system. 
So rather than having RRP build its own case management system 
and other parts of the organization building separate, there is 
63 different case management systems that we are going to 
consolidate into one platform of case management. And so we are 
waiting for that platform to be developed so that then those 
components of EFDS can be replaced.
    Mr. BISHOP. Mr. Chairman, I see I am out of time. But I 
would hope that at some point in time, we can get this group 
together again and talk about what we have done and not what we 
are going to do. Because this is a 1994 technology, and there 
is too much technology in this country to not utilize.
    Chairman BUCHANAN. Thank you.
    Mr. Schweikert.
    Mr. SCHWEIKERT. Thank you, Mr. Chairman.
    Mr. Powner, and I will tell you, we were going through some 
of this late last night and early this morning, and there are 
lots and lots of questions. So let's sort of go a different 
direction. When you have actually looked over the agency, first 
off, do you have a sense of how much of legacy systems are 
still up and running? And when I say legacy, I mean things that 
are maybe 15, 20, 25 years old, are still running in the 
    Mr. POWNER. Yeah. There is a good portion as legacy spans. 
There is real old stuff that is over 50 years old, going back 
to the origination on the Individual Master File that processes 
our tax returns.
    Mr. SCHWEIKERT. And are they just using bolt on, and bolt 
on, and bolt on----
    Mr. POWNER. And I think, as Mr. Tribiano mentioned, I mean, 
a lot of those versions behind, and we got hardware that there 
is no longer warranties on. That is the big issue. When you 
really look at IRS, I think the big problem at IRS is the 
Individual Master File. Because that is the system that 
processes our tax returns. And they do a great job getting this 
old system to work. But you know what is going to happen 
eventually one filing season? It is going to stop. And what is 
the plan to replace it? There isn't a good one.
    Mr. SCHWEIKERT. Okay. My thoughts, let's do them out of 
order. In your understanding, why is that master file not 
running on a cloud-based system?
    Mr. POWNER. Well, it is not running on a cloud-base or 
anything close to modern because there has been other 
priorities over the years. And it is not to say they don't work 
on it some, because it is the number one investment. But we are 
not getting enough return on it.
    Mr. SCHWEIKERT. Isn't there translational software that 
would basically do the migration?
    Mr. POWNER. Yes, sir. You can translate those languages. I 
mean, the issue with IRS now, they are multiple versions 
behind, so you are going to have multiple layers of 
translation. It is not an easy thing to do. But we need to 
focus on it as a priority. And that is why I say----
    Mr. SCHWEIKERT. No, no, no. It is a lot easier than running 
around sticking thumbs in dikes. And I know I am interrupting, 
but it is partially the time.
    When you also looked at the agency and its multiple 
subdivisions, did they have a commonality of platforms? They 
were all running on a certain type of software? Or did lots and 
lots, lots of little subdivisions within the agency, were they 
purchasing different types of software?
    Mr. POWNER. It is all over the board, depending on the 
mission criticality of the app--and some things are newer 
there. I think the RRP----
    Mr. SCHWEIKERT. I am less concerned about the age of the 
software. It is the commonality of the platform.
    Mr. POWNER. It would not be completely common across. No. 
There are probably opportunities to improve that.
    Mr. SCHWEIKERT. Okay. And I am going to screw up the quote. 
But I remember a year or two ago reading one of the biographies 
of Steve Jobs, and within there was a real interesting 
discussion when they had had a failure, a huge failure, trying 
to move their accounting systems, and coming back in and 
saying, we are going to try something new. We are going to 
change our work methodology to match the software instead of 
trying to force the software to match our work process.
    And everything I am reading, you have lots of subdivisions 
within the agency that are trying to make the software match 
how they already do their workflow. Workflow is a lot easier to 
    There is one other on my list that I need--did you see any 
pattern of IT talent in the agency leaving the agency and 
turning around and being rehired as a contractor in the agency?
    Mr. POWNER. I don't have information on that. I will tell 
you, though, this. When you--the difference between paying an 
internal employee and a contractor to maintain that old 
assembly code, it is a lot more expensive if you hire a 
    Mr. SCHWEIKERT. Okay. This may be for a future 
conversation, but we have someone who claims to be providing 
information that there is some sort of pattern.
    Mr. SCHWEIKERT. In my last--and, I am sorry. I thought I 
would go faster than this. I apparently haven't had enough 
coffee. Why such great difficulty moving to the cloud when that 
was--almost 10 years ago was going to be the major mission of 
the agency's CIO?
    Ms. GARZA. So although we do not have a cloud strategy 
documented, we have, for the last several years, been taking on 
elements of the cloud strategy. For example, our entire portal 
service, which was replaced in 2012 and has been steadily--as 
an infrastructure, as a service, private cloud strategy. We 
also did--our enterprise storage capability is a cloud solution 
that allows us to move data.
    Mr. SCHWEIKERT. Are you housing the enterprise servers?
    Ms. GARZA. I am sorry, what?
    Mr. SCHWEIKERT. Are you housing the enterprise servers?
    Ms. GARZA. Enterprise service.
    Mr. SCHWEIKERT. The servers. The servers. Do you control--
    Ms. GARZA. For storage?
    Mr. SCHWEIKERT. Do you control the hardware or is the 
hardware distributed?
    Ms. GARZA. For the enterprise storage capability, the 
servers are in the cloud, and we move the data back and forth.
    Mr. SCHWEIKERT. And those servers in the cloud are owned by 
someone on the outside or the agency?
    Ms. GARZA. I don't have that answer.
    Mr. SCHWEIKERT. Okay. Mr. Chairman, I think this is one of 
those occasions where there is going to be a long letter to 
    Chairman BUCHANAN. Thank you.
    Mr. Rice, you are recognized.
    Mr. RICE. Thank you, Mr. Chairman.
    Who on the panel thinks that the modernization efforts of 
the IRS are acceptable? Who on the panel is in charge, or is 
anybody--any of you all the point person, the person who 
directs modernization? Is it you?
    Ms. GARZA. I am responsible for that.
    Mr. RICE. Okay. And if nobody up here thinks it is 
acceptable and you are the one in charge, how long have you 
been doing this?
    Ms. GARZA. So I became the CIO about 14 months ago.
    Mr. RICE. Uh-huh.
    Ms. GARZA. But I have been involved in the modernization 
effort for some time. I will tell you that we have had a lot of 
success, and I ask that you look at it from the bigger picture. 
Our current electronic filing system was a huge success. The 
Integrative Financial System was part of the modernization 
program. At the same time, we have been delivering very 
    Mr. RICE. What----
    Ms. GARZA [continuing]. Legislative mandates----
    Mr. RICE. What is the Individual Master File?
    Ms. GARZA. So the Individual Master File is the database, 
the system, that holds every individual taxpayer's account. It 
has a record of the account changes, the things that have 
occurred to that account.
    Mr. RICE. The system that holds that, it was designed 50 
years ago?
    Ms. GARZA. It was first implemented in 1962.
    Mr. RICE. Okay. So the hardware that runs--that system runs 
on, it can't be modern. That system----
    Ms. GARZA. It is running on modern. The application, which 
is the ALC code, was developed in 1962. However, the hardware 
that it writes on is current technology.
    Mr. RICE. All right. So if the code was written that long 
ago, then you must have folks on your payroll that are 
continually maintaining that. Is that correct?
    Ms. GARZA. Yes. And the number of people that know and 
understand ALC is dwindling. So we do have a sense of urgency 
that we need to get the ALC, especially the core components of 
the master file modernized.
    Mr. RICE. It is only 55 years old.
    Ms. GARZA. That is correct.
    Mr. RICE. That is a heck of a sense of urgency.
    Mr. Powner, you said that part of the problem is that 
Congress needs to set goals and hold people accountable. Is 
that right?
    Mr. POWNER. I think that would be very helpful. And I have 
just seen it work over the years.
    Mr. RICE. We can't go in there ourselves and write code and 
convert files. That is not our job, and we are not capable. But 
can you help us come up with a----
    Mr. POWNER. Where I think you could help is this: Ask Gina, 
Ms. Garza, how much money it will take, and how many years to 
replace the Individual Master File. We need a clear answer on 
that. Is it 5 years at $100 million each year, whatever it is, 
we need that----
    Mr. RICE. What is the answer, Ms. Garza? What is the 
    Ms. GARZA. So there are two major components of the IMF 
that we have developed----
    Mr. RICE. How much money and how long will it take?
    Ms. GARZA. So we believe that we can deliver a system 
replacing those core components in 5 years if we can get 50 to 
60 FTEs and the funding associated with it, with some direct 
hire authority so that we can hire the right skills, and about 
$85 million each year. We----
    Mr. RICE. $85 million a year?
    Ms. GARZA. Yes, sir.
    Mr. RICE. Well, you got $2.9 billion now, right?
    Ms. GARZA. So a lot of that fund, those funds, are going to 
do the unfunded legislative mandates, to do tax filing season, 
to run all of our current operations.
    Mr. RICE. But this $2.9 billion is for IT, right?
    Ms. GARZA. Yes.
    Mr. RICE. Isn't it more expensive, at some point, to 
maintain 55-year-old software than it is to just buy new and 
convert it over? I mean, wouldn't it be cheaper?
    Ms. GARZA. Actually, the IMF is very efficient.
    Mr. RICE. Mr. Powner, wouldn't it be cheaper?
    Mr. POWNER. Yes, I think over time it would be cheaper, and 
I think it is efficient. The issue is, I think, the human 
capital scenario where we are running out of programmers that 
know this stuff. You know, we are training young programmers 
who know modern languages this old assembly code to keep it 
running. I just think it is highly risky, and I think what we 
heard here is they need $85 million over a 5-year period----
    Mr. RICE. So if your programmer has a heart attack, nobody 
is going to be able to get their tax refund. Is that what you 
are saying?
    Mr. POWNER. You know what, we have had examples like this. 
Last year I highlighted all the old systems in the government. 
This is right up there along with the 8-inch floppy discs that 
DoD is using on our nuclear command system. So we got problems, 
but this is one of the top five.
    Mr. RICE. Mr. Chairman, I sure would like to keep going, 
but I see my time is up.
    Chairman BUCHANAN. Thank you. You know, our goal in this 
Committee, we are trying to do the overall Committee tax reform 
sometime this year ideally. We are hopeful. And then IRS reform 
we would like to do, it has been 20 years. But I guess my 
question, and a lot of us--at least I was motivated, to think 
that we have equipment out there--I got out of college in the 
mid 1970's, we would sell many computers. I mean, just to think 
that we have got equipment from 1970s and 1980s out there is 
mind-boggling. But I guess the question I would have initially 
as a business guy over the years, is do you have an IT plan in 
terms of going forward? Because I think one of the things is 
when we do IRS reform, we have to take a look at the whole 
thing on IT, and identity theft, and there are a lot of 
different things. But do you have a plan? Has that plan ever 
been presented to a committee? Because if someone came in to 
me--and we had this situation--what I would do is I would have 
the best and brightest, present a plan, and then get some sense 
of the return that we would get as shareholders or whatever. So 
let me just ask all of you. Do you feel like you have a plan? 
Is there a buy-in to the plan? We will start with the gentleman 
    Mr. TRIBIANO. Yes, sir. We do have a digital roadmap on how 
we would get from where we are now to where we want to be. I 
don't know if we shared it with the committee. I have to go 
back and take a look.
    Chairman BUCHANAN. How long is that plan? Is that a five-
year, 10-year plan?
    Mr. TRIBIANO. It depends on what--there is a lot of 
components to it, and there are certain milestones that you 
have to reach. One of the major things we have to get to is 
stabilizing the infrastructure as we see it now so we can 
continue at least delivering filing season as we modernize from 
that point. So my concerns have been focused on the delivery of 
the filing season part of it. So we can have that----
    Chairman BUCHANAN. The thing is, you have got to have a 
vision. You have got to have a sense of the future, because, 
you know, otherwise, I think that is probably why we are in the 
situation we are in. We are just trying to react instead of 
being proactive.
    Mr. TRIBIANO. Absolutely. And we would love to sit down and 
go through that plan with the committee, with your staff, 
whatever you deem necessary, roundtable discussion, and have 
that back and forth and explain where we are going and how we 
think we can get there and get the input. I mean, as our 
partners at GAO are stating, we want congressional engagement 
on this. We want you to understand the concerns and issues and 
how we need to get to where we need to go.
    Chairman BUCHANAN. What is your thought on that? Do you 
feel like we have got a workable plan going forward? I mean, 
you know, it is not just about throwing a lot of money at it. 
It just seems that we can be a lot more efficient going forward 
in terms of personnel costs and everything else. And I will get 
into that in a minute. But do you feel like there is a plan? I 
mean, you are the one that is kind of heading this up.
    Ms. GARZA. We have what we have called a technology 
roadmap. And that technology roadmap was developed in concert 
with a future-state vision for the IRS. And so as part of that 
document, you will see the evolution and the migration of 
current-state IT to future-state IT.
    A- subset of that is the digital roadmap, which is what we 
are really focused and have prioritized right now. We want to 
be able to get out and provide services to taxpayers. But those 
documents are in place. We do utilize them. And as we talked 
earlier, the enterprise case management system is one of those 
things that came out of the technology roadmap where we are 
trying to consolidate 63 legacy systems that have been around 
forever into a single COTS platform in the cloud so that we can 
provide case management capabilities across the board.
    One of the things that we did with RRP, we did not let them 
create their own case management system. That was a conscious 
decision on our part because we needed to stop creating 
stovepipe solutions.
    Mr. RICE. Mr. Chairman, can I make a suggestion?
    Chairman BUCHANAN. Yeah.
    Mr. RICE. Why don't we ask Mrs. Garza, the CIO, to give us 
a plan from here to modern----
    Chairman BUCHANAN. Uh-huh.
    Mr. RICE [continuing]. And have regular meetings, you know, 
quarterly, or whatever, and ask what the progress is on those.
    Chairman BUCHANAN. That is a good point. Do you feel like--
is this a plan you have shared with anybody in terms of Members 
of Congress or anywhere else?
    Ms. GARZA. I don't know if we have shared the technology 
roadmap and the digital roadmap, is certainly something that we 
can do. And we would be happy--I remember--and Dave Powner and 
I go back to when we used to come up and brief, on a quarterly 
basis, congressional staff on the progress against----
    Chairman BUCHANAN. This is going to be an area where I 
think all of us are going to be interested going forward 
because it is not acceptable.
    But, Mr. Verneuille, I want to run through all of these. 
What is your sense? Is there a plan? Or is there a vision? What 
are your thoughts on it?
    Mr. VERNEUILLE. Like Ms. Garza mentioned, there is a 
technology roadmap, and we have seen it. The challenge we see 
is that the priorities change every year. So there is a 
strategy and a roadmap, but the details of what they deliver 
every year, the requirements that are going to be developed and 
delivered every year change annually based on priorities, 
resources, and other requirements coming in for that year. So 
it is a plan, but what they deliver is going to change every 
    Chairman BUCHANAN. Mr. Powner, would you want to comment on 
    Mr. POWNER. So to be balanced, I think there is a roadmap 
they have used to deliver on some aspects of the technology at 
IRS, but--and it is a big ``but''--there is not a workable, 
achievable plan to replace the IMF.
    Chairman BUCHANAN. The second follow-up question for all of 
you is this: I have a gentleman who has run a good-sized 
business, a lot of restaurants all over. He said to me, he 
said, Vern, you know, if I hire a manager, $50,000, in one of 
his stores--and then the cost today of supporting an individual 
is another 42 percent, so it is $70,000. He said, I have gone 
to much more automation, and as people retired out, I have just 
been able--not even had to cut head count, but, he said, we 
have been able to get a good return on our technology.
    And I guess the question is, is that, you know, as a part 
of a plan, I would like someone to tell me, here is what we 
need to invest, but here is the efficiency coming out of the 
system. Because if we are dealing with software back in the 
1970s and 1980s, and hardware, there has got to be a lot of 
deficiencies as a result of that. And I think that is the 
concern a lot of us have, just throwing more money at it. The 
question is, is to have a plan, what is the return on that plan 
in terms of the technology dollars being spent? We should have 
a way of being able to get to those numbers, because there has 
got to be an enormous savings.
    I went into a facility the other day with robots and 
everything. They have cut a lot of personnel out of this plant, 
a big plant, Amazon. It is one of our new facilities in our 
area. I was just shocked about it. They probably have three 
times as many folks working there because of today's 
capability. And that is something we need to think about. That 
is why I am big on planning, personally, as a business guy. 
Because if you don't have a vision, you perish. But we need to 
have a vision, a plan, in terms of this space, in terms of the 
IRS in general, before I would be willing to commit any 
dollars, because I would like to see what the return on that 
investment would be.
    So I will give you a chance, all of you, just to make a 
    Mr. TRIBIANO. Yes, sir.
    Chairman BUCHANAN. That is just my feeling. I am more of a 
big picture guy.
    Mr. TRIBIANO. Chairman, you are absolutely right. I mean, 
we have a plan. We have to do a better job of articulating what 
the results of that and the outcomes of those are. Now, there 
are some measurements with that that are not as easy as dollars 
versus costs.
    Chairman BUCHANAN. Uh-huh.
    Mr. TRIBIANO. But some of them is outcomes, meaning better 
taxpayer service, less lines at our walk-in centers, less calls 
to our call centers. But there are measurements that we can 
    Chairman BUCHANAN. But my point is, is that it should also 
have some savings in terms of personnel costs, I would think. 
Because there is much more capability in terms of computing 
power and everything else.
    Would you like to add something, Ms. Garza?
    Ms. GARZA. I agree with you. And, actually, as we spoke 
earlier, we are looking to robotics ourselves. We believe that 
there are a lot of business processes that can be automated, 
and, therefore, decreasing the number of FTEs that the IRS 
might need. There is also areas in testing and other areas 
where automation would be very, very helpful. We keep looking 
for places where we can be more efficient. Moving to cloud is 
one of the strategies that we are pursuing. We believe that we 
can either have a managed service or a cloud service, that then 
we won't need to have the people in order to maintain those 
systems, and then we can rely on them to make sure that all of 
the hardware/software is being maintained. So this is part of 
the conversation that we are having and the plans that we are 
    Chairman BUCHANAN. Well, one thing we are going to want to 
do is get whatever plan that you do have, just talk about that, 
where we are at and where we are going.
    Mr. Verneuille?
    Mr. VERNEUILLE. Yes, sir. Part of the return on investment 
also involves retirement of systems that you are replacing. So 
the issue with IMF not being completed or converted to CADE 2, 
they cannot retire IMF until CADE 2 is completed. So that is a 
loss of efficiency. They are spending millions of dollars a 
year maintaining IMF. And if they complete CADE 2, that is more 
savings. As well as on the RRP case management process, they 
are currently spending millions of dollars maintaining the EFDS 
case management until they get the enterprise case management 
solution implemented. So there is more savings by retiring 
legacy systems.
    Chairman BUCHANAN. Mr. Powner.
    Mr. POWNER. I would agree that there are huge efficiencies 
with modernization. I think another key aspect, though, that 
comes with the efficiencies is the improved security, 
cybersecurity, with the modern technology.
    Chairman BUCHANAN. Huge issue, obviously.
    Mr. POWNER. Absolutely. So that is extremely important 
going forward.
    Chairman BUCHANAN. Mr. Bishop, did anybody else have a 
comment or a question? I think we have a couple of minutes.
    Mr. BISHOP. Mr. Chairman, I appreciate this hearing, and I 
think it is very helpful. This is not a shot at the IRS. But I 
think it would also be helpful for this Committee to bring in a 
panel from the private sector to hear their solutions for this 
issue. Because we have ample ingenuity out there, entrepreneurs 
out there, who are working in this space every day of the week. 
And when the IRS needs 35 FTEs, or $85 million a year, I think 
before we do anything like that, we spend taxpayer dollars in 
that way, we ought to be talking to the private sector to see 
what their solutions are. And I know that Palantir, for 
example, out in California, is one of the companies that has 
provided the technology on the--I believe it is on the civil 
    Chairman BUCHANAN. Yeah.
    Mr. BISHOP. So it would be very helpful to be able to have 
them come in as well.
    Chairman BUCHANAN. Okay. I would like to thank our 
witnesses for appearing today before us. Please be advised that 
Members have two weeks to submit written questions, to answer 
later in writing. Those questions and answers will be a part of 
the formal record. And with that, the Subcommittee is 
    [Whereupon, at 9:57 a.m., the Subcommittee was adjourned.]
    [Member Questions for the Record follow:]