IRS and Terrorist-Related Information Sharing (21-OCT-02,	 
GAO-03-50R).							 
                                                                 
Events preceding and following the attacks of September 11, 2001,
spotlighted ineffective information sharing, particularly related
to intelligence and law enforcement activities, as a serious	 
weakness. Poor information sharing hinders effectively		 
identifying vulnerabilities and coordinating efforts to detect	 
attacks. GAO monitored the Internal Revenue Service's (IRS)	 
efforts to enhance the security of the tax filing process, to	 
study how terrorist-related threat information is shared with	 
IRS. The Federal Bureau of Investigation (FBI) uses task forces  
and electronic means to share terrorist-related threat		 
information with the Treasury Inspector General for Tax 	 
Administration (TIGTA). More specifically, it shares information 
through its involvement with TIGTA and others in Joint Terrorism 
Task Forces and through electronic arrangements such as the	 
National Threat Warning System. For its part, TIGTA uses formal  
communications to disseminate threat information to IRS. TIGTA	 
and IRS officials were satisfied with the FBI's and TIGTA's	 
information-sharing procedures, respectively.			 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-03-50R 					        
    ACCNO:   A05350						        
  TITLE:     IRS and Terrorist-Related Information Sharing	      
     DATE:   10/21/2002 
  SUBJECT:   Counterterrorism					 
	     Terrorism						 
	     Warning systems					 
	     Electronic data interchange			 
	     Law enforcement agencies				 
	     Federal intelligence agencies			 
	     Information resources management			 
	     Interagency relations				 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-03-50R

GAO- 03- 50R IRS and Terrorist- Related Information Sharing United States
General Accounting Office

Washington, DC 20548

October 21, 2002 The Honorable Max Baucus Chairman The Honorable Charles
E. Grassley Ranking Member Committee on Finance United States Senate

Subject: IRS and Terrorist- Related Information Sharing

Events preceding and following the attacks of September 11, 2001,
spotlighted ineffective information sharing, particularly related to
intelligence and law enforcement activities, as a serious weakness. Poor
information sharing hinders effectively identifying vulnerabilities and
coordinating efforts to detect attacks.

As agreed with your offices, as part of our response to your request to
monitor the Internal Revenue Service*s (IRS) efforts to enhance the
security of the tax filing process, 1 we studied how terrorist- related
threat information is shared with IRS. More specifically, one of this
report*s objectives is to describe the process the Federal Bureau of
Investigation (FBI) uses to share this kind of information with the
Treasury Inspector General for Tax Administration (TIGTA) and the process
TIGTA uses to share information with IRS. Another objective is to describe
TIGTA and IRS officials* views on the procedures for sharing information.

We included the FBI in our work because it is responsible for ensuring a
coordinated and vigorous response to terrorist acts and needs to share
information to carry out its responsibility. We included TIGTA because
even though it is separate from IRS, it is responsible for investigating
threats against IRS facilities and employees and is the conduit to IRS for
FBI information related to IRS.

Results in Brief

The FBI uses task forces and electronic means to share terrorist- related
threat information with TIGTA. More specifically, it shares information
through its involvement with TIGTA and others in Joint Terrorism Task
Forces (JTTFs) and through electronic arrangements such as the National
Threat Warning System. For its part, TIGTA uses formal communications to
disseminate threat information to IRS.

1 We issued interim and final *limited official use only* reports to you
on IRS mail security in February and August 2002.

GAO- 03- 50R IRS and Terrorist- Related Information Sharing Page 2 TIGTA
and IRS officials were satisfied with the FBI*s and TIGTA*s
informationsharing

procedures, respectively. We are making no recommendations. After
reviewing a draft of this report, the FBI had no comments, and TIGTA and
IRS agreed with our findings. However, TIGTA noted that receiving no
additional funding for its enhanced participation in JTTFs made TIGTA*s
information- sharing efforts especially challenging, and that, in this
context, continuing its efforts to improve the process raised concerns
about endangering other program initiatives.

How the FBI Shares Information with TIGTA

According to FBI officials, the FBI shares information with TIGTA and many
other agencies through FBI- chaired JTTFs. Composed of various federal,
state, and local agencies, JTTFs aim to prevent, preempt, deter, and
investigate terrorism and related activities affecting the United States
and to apprehend terrorists. According to an FBI official, the FBI had a
JTTF in each of its 56 field offices by July 2002, and a TIGTA official
said that TIGTA would be involved in a full- time, part- time, or liaison
capacity in almost all the JTTFs. According to FBI officials, full- time
JTTF members share information by working side by side in the same space
every day, and JTTF meetings include discussions of casework, intelligence
information, administrative matters, available training, and other JTTF-
related issues. According to a TIGTA official, when TIGTA works with a
JTTF in a liaison or part- time capacity, the FBI agrees to notify TIGTA
of anything of interest to TIGTA that arises in a TIGTA representative*s
absence. Another TIGTA official cautioned, however, that TIGTA*s absence
means that the FBI has to recognize a risk to IRS that TIGTA would
otherwise recognize. FBI officials told us that in a liaison capacity,
JTTF members participate through regular meetings, conferences, and
telephone calls. At a different level, TIGTA also participates in a
national JTTF, which allows for information sharing on a national basis
among federal, state, and local groups, and it was trying to hire someone
to participate full- time.

Because the FBI requires that a memorandum of understanding be executed
with all agencies participating full- time in the JTTFs, it finalized one
with TIGTA in September 2001. Lasting until TIGTA withdraws from JTTFs,
the memorandum governs how TIGTA employees are detailed or otherwise
assigned to work at the FBI as part of JTTFs. According to a TIGTA
official, TIGTA*s role with the JTTFs evolved from an earlier FBI/ TIGTA
relationship.

In addition to sharing information through JTTFs, the FBI shares
information with TIGTA electronically. TIGTA receives FBI information
through the National Threat Warning System over secure teletype; the
National Law Enforcement Telecommunications System, which provides for
interagency exchange of unclassified criminal justice information; and the
National Infrastructure Protection Center, which is the national focal
point for information on threats to critical infrastructures, such as
telecommunications and banking and finance systems. Similarly, TIGTA has
access to the FBI*s National Crime Information Center database,

GAO- 03- 50R IRS and Terrorist- Related Information Sharing Page 3 which
has a terrorism subfile. The purpose of this database is to share
biographical

information on people of interest to the FBI who should be treated with
caution.

How TIGTA and IRS Share Information

According to TIGTA officials, TIGTA is the primary conduit through which
terroristrelated threat information flows both ways between the FBI and
IRS. When IRS reports a threat to TIGTA, TIGTA determines its validity and
passes it on to the FBI, if warranted.

Similarly, through its involvement in individual JTTFs, according to TIGTA
officials, TIGTA becomes aware of information, such as militia or antitax
activity, and decides whether it should be passed on to IRS. In May 2001,
TIGTA formed its own counterterrorism group, which is the centralized
point where threat information related to IRS, including information
received from TIGTA representatives on the JTTFs, is analyzed. The group
is charged with coordinating TIGTA*s investigations of terrorism threats
directed against IRS or its employees.

TIGTA formally disseminates some terrorist- related threat information to
IRS*s Agencywide Shared Services through threat advisories. 2 The purpose
of the advisories is to advise TIGTA and IRS management of significant
anti- government activity that may affect the safety of IRS personnel and
facilities. According to a TIGTA official, the decision to disseminate
advisories is a collaborative effort using years of law enforcement
experience to assess threats.

The information in the advisories we examined came from many sources,
including the FBI, other federal agencies, and the media. Many of the
advisories warned TIGTA agents of developments relating to fighting
terrorism, but others warned IRS of situations threatening federal
agencies and others in general. Very seldom did an advisory mention
anything specific to IRS or the federal tax system.

TIGTA and IRS Officials Are Satisfied with Information- Sharing Procedures

The TIGTA and IRS officials we interviewed were satisfied with the
procedures used for sharing information. A TIGTA Assistant Special Agent-
in- Charge told us that the FBI shared terrorist- related threat
information with TIGTA in a way that was timely and responsive to IRS*s
needs. Similarly, IRS officials responsible for security policymaking and
implementation told us that they were satisfied with the job TIGTA was
doing. According to the Director of the Office of IRS- Wide Security,
TIGTA represented IRS*s interests well, explaining to others why IRS had
to have certain knowledge. According to officials in IRS*s Agencywide
Shared Services responsible for distributing threat information throughout
IRS, TIGTA shared information alerts as they occurred, and IRS received
everything it needed to complete its job.

2 Agencywide Shared Services is the IRS organization responsible for
distributing threat information throughout IRS.

GAO- 03- 50R IRS and Terrorist- Related Information Sharing Page 4

Agency Comments

We provided a draft of this report to the Attorney General, the Acting
Treasury Inspector General for Tax Administration, and the Commissioner of
Internal Revenue for comment. On October 8, 2002, the Department of
Justice*s Audit Liaison Office orally told us that the FBI had no
comments. Also in oral comments, the Director of the Office of IRS- Wide
Security said on September 26, 2002, that IRS agreed with our findings.

In providing written comments on our draft, TIGTA*s Deputy Inspector
General for Investigations also agreed with our findings. He added that
TIGTA*s not receiving any additional funding to support its enhanced
participation in JTTFs made TIGTA*s information- sharing efforts
especially challenging. In this context, he also expressed concern that
TIGTA*s continued efforts to improve its process would imperil other
program initiatives. We did not address TIGTA*s funding in our report
because it was beyond our scope. The full text of the Deputy Inspector
General*s comments is reprinted in the enclosure.

Scope and Methodology

To obtain information on processes used to share terrorist- related threat
information and officials* views of those processes, we reviewed our
reports and testimonies 3 and other materials on information- sharing
procedures and coordination among federal agencies; interviewed FBI,
TIGTA, and IRS officials responsible for counterterrorism, information
dissemination, threat assessment, and IRS security policymaking and
implementation; reviewed the memorandum of understanding between the FBI
and TIGTA; and obtained information on TIGTA threat advisories issued from
March 2001 through June 2002. We did not test the FBI*s or TIGTA* s
information- sharing procedures. We did our work in the Washington, D. C.
area from February through July 2002 in accordance with generally accepted
government auditing standards.

- - - - As agreed with your offices, unless you publicly announce its
contents earlier, we plan no further distribution of this report until 30
days from the date of this report. At that time, we will send copies of
this report to the Attorney General, the Treasury Inspector General for
Tax Administration, the Commissioner of Internal Revenue, and other
interested parties. We also will make copies available to others upon
request. In addition, the report will be available at no charge on the GAO
Web site at http:// www. gao. gov.

3 For instance, U. S. General Accounting Office, FBI Reorganization:
Initial Steps Encouraging but Broad Transformation Needed, GAO- 02- 865T
(Washington, D. C.: June 21, 2002). In this testimony, we said that
communication problems significantly hampered the FBI*s ability to share
information internally and with other intelligence and law enforcement
agencies. We also testified that the FBI*s recent steps toward greater
information sharing, improving analytical capacity, and establishing a
central unit to make sense of gathered information seemed to be rational
ones.

GAO- 03- 50R IRS and Terrorist- Related Information Sharing Page 5 If you
or your staff have any questions about this report, please contact David

Attianese or me on (202) 512- 9110. Key contributors to this report were
Chan My J. Battcher and Lawrence M. Korb.

James R. White Director, Tax Issues

Enclosure Page 6 GAO- 03- 50R IRS and Terrorist- Related Information
Sharing

(440134)
*** End of document. ***