Management Report: Improvements Needed in IRS's Internal Controls
(20-MAY-03, GAO-03-562R).					 
                                                                 
In November 2002, we issued our report on the results of our	 
audit of the Internal Revenue Service's (IRS) financial 	 
statements as of and for the fiscal years ending September 30,	 
2002 and 2001, and on the effectiveness of its internal controls 
as of September 30, 2002. We also reported our conclusions on	 
IRS's compliance with significant provisions of selected laws and
regulations and on whether IRS's financial management systems	 
substantially comply with requirements of the Federal Financial  
Management Improvement Act of 1996 (FFMIA). A separate report on 
the implementation status of recommendations from our prior IRS  
financial audits and related financial management reports will be
issued shortly. The purpose of this report is to discuss issues  
identified during our fiscal year 2002 audit regarding accounting
procedures and internal controls that could be improved for which
we do not presently have any recommendations outstanding.	 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-03-562R					        
    ACCNO:   A06934						        
  TITLE:     Management Report: Improvements Needed in IRS's Internal 
Controls							 
     DATE:   05/20/2003 
  SUBJECT:   Accounting procedures				 
	     Internal controls					 
	     Financial statement audits 			 
	     Reporting requirements				 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-03-562R

GAO- 03- 562R IRS Management Report

United States General Accounting Office Washington, DC 20548

May 20, 2003 The Honorable Mark W. Everson Commissioner of Internal
Revenue

Subject: Management Report: Improvements Needed in IRS's Internal Controls

Dear Mr. Everson: In November 2002, we issued our report on the results of
our audit of the Internal Revenue Service*s (IRS) financial statements as
of and for the fiscal years ending September 30, 2002 and 2001, and on the
effectiveness of its internal controls as of September 30, 2002. 1 We also
reported our conclusions on IRS*s compliance with significant provisions
of selected laws and regulations and on whether IRS*s financial management
systems substantially comply with requirements of the Federal Financial
Management Improvement Act of 1996 (FFMIA). A separate report on the
implementation status of recommendations from our prior IRS financial
audits and related financial management reports will be issued shortly.

The purpose of this report is to discuss issues identified during our
fiscal year 2002 audit regarding accounting procedures and internal
controls that could be improved for which we do not presently have any
recommendations outstanding. Although not all of these issues were
discussed in our fiscal year 2002 audit report, they all warrant
management*s attention.

Results in Brief

During fiscal year 2002, IRS had a number of internal control issues that
affected financial reporting, which includes safeguarding of assets. These
issues concern policies and procedures related to (1) employee fingerprint
records, (2) enforcement of courier service standards, (3) taxpayer
receipt processing areas, (4) candling, 2 (5) acceptance of tax payments
in cash, and (6) structuring of installment

agreements. Each of these control weaknesses posed added risks of losses,
nonpayment of taxes, or potential burden to taxpayers.

1 U. S. General Accounting Office, Financial Audit: IRS*s Fiscal Years
2002 and 2001 Financial Statements, GAO- 03- 243 (Washington D. C.: Nov.
15, 2002). 2 Candling is a process used by IRS to determine whether any
contents remain in open envelopes before their destruction. Candling is
generally performed by placing open envelopes in front of a light source.

GAO- 03- 562R IRS Management Report Page 2 Specifically, we found the
following:

IRS did not always ensure that fingerprint check results for individuals
entering on duty were under the required 180 day expiration period. The
fingerprint check results consist of information provided by law
enforcement agencies on events that occurred before the fingerprint check
results are released. The older the fingerprint check results are, the
greater the risk that IRS might hire applicants unsuitable for working
with taxpayer receipts and information.

IRS did not always ensure that couriers adhered to certain security
requirements. We found that (1) at half of IRS*s service center campuses,
couriers did not undergo the specified background investigations or
fingerprint checks and (2) a courier service had not maintained the
required insurance coverage for the deposits it transports.

IRS did not maintain consistently effective physical security controls
over its receipt processing areas. We found (1) instances at service
centers where prohibited items were brought into receipt processing areas
and where the requirement to carry permitted personal items in clear
plastic bags was circumvented and (2) at one of two taxpayer assistance
centers 3 we visited, employees were allowed to store personal belongings
with cash payments and official receipt certificate vouchers.

IRS did not always ensure that emptied envelopes were candled twice or
that final candling was not performed by a single employee in a remote
area. 4 At some taxpayer assistance centers, IRS did not accept cash
payments from

taxpayers as required by IRS policy, thereby imposing an undue burden on
certain taxpayers.

IRS did not always structure installment agreements with taxpayers to
provide for full payment of the tax liability as required by the Internal
Revenue Code.

At the end of our discussion of each of the first five of these issues, we
make recommendations for strengthening IRS*s internal controls.

In its comments, IRS agreed with our recommendations and described actions
it was taking or planned to take to address several of the control
weaknesses described in this report. At the end of our discussion of each
of the issues in this report where we are making recommendations, we have
summarized IRS* related comments and

3 Taxpayer assistance centers handle questions and accept payments from
taxpayers who choose to conduct business with IRS in person. They are
located in field offices. 4 Final candling occurs at the end of the mail
extraction process to ensure that all the contents have been removed from
each envelope.

GAO- 03- 562R IRS Management Report Page 3 provided our evaluation. We
also considered IRS* comments on our findings and have

made revisions as appropriate.

Scope and Methodology

As part of our audit of IRS*s fiscal years 2002 and 2001 financial
statements, we evaluated IRS*s internal controls and its compliance with
selected provisions of laws and regulations. We designed our audit
procedures to test relevant controls including those for proper
authorization, execution, accounting, and reporting of transactions.

We conducted our audit in accordance with U. S. generally accepted
government auditing standards. We requested comments on a draft of this
report from the Acting Commissioner of IRS. We received written comments
from the Acting Commissioner and have reprinted the comments in enclosure
I to this report. Further details on our scope and methodology are
included in our November 2002 report on the results of our fiscal years
2002 and 2001 financial statement audits and are reproduced in enclosure
II. 5 Enforcement of Expiration Period Policy for Fingerprint Check
Results

In previous years, we found that IRS was hiring individuals and allowing
them access to cash, checks, and other taxpayer data before it had
received satisfactory results of their fingerprint checks, thereby
subjecting IRS to an increased risk of theft or misuse of taxpayer
receipts and taxpayer data. 6 During our fiscal year 2002 audit, we found
that IRS had made substantial progress in this area and as a result had
significantly reduced its exposure related to the risk of hiring
individuals prior to receiving satisfactory fingerprint check results. 7
However, fingerprint results most accurately reflect all the information
known by law enforcement authorities on an individual on the date the
results are obtained. The usefulness of preemployment fingerprint results
in enabling an employer to assess an individual*s suitability for
employment therefore decreases as the age of the fingerprint results used
increases.

IRS*s hiring policies require that IRS receive and evaluate fingerprint
check results before individuals enter on duty and set the expiration
period for these results at 180 days. However, in our fiscal year 2002
audit, we found that IRS did not actively track fingerprint results to
ensure that they did not exceed the 180- day limit when individuals
entered on duty. Specifically, we found 53 instances in which new
employees entered on duty at IRS with fingerprint check results over180
days old.

5 GAO- 03- 243. 6 U. S. General Accounting Office, Internal Revenue
Service: Progress Made, but Further Actions Needed to Improve Financial
Management, GAO- 02- 35 (Washington D. C.: Oct. 19, 2001). 7 GAO- 03- 243.

GAO- 03- 562R IRS Management Report Page 4 Until IRS enforces its policy
on the expiration period for fingerprint check results it is

exposed to increased risk of hiring applicants with unsuitable backgrounds
to handle cash, checks, and sensitive taxpayer information. This, in turn,
increases the risk of potential theft and misuse of taxpayer receipts and
data.

Recommendation To further reduce IRS*s risk of hiring unsuitable employees
to handle and process taxpayer receipts and data, we recommend that IRS
enforce its policy of a 180- day expiration period for fingerprint check
results when an individual enters on duty.

IRS*s Comments and Our Evaluation IRS agreed with this issue and indicated
in its response that it has already taken action to address the finding.
In its comments, IRS stated that it has a policy of 180 days for the
expiration period of fingerprint results. IRS had initially informed us
that it did not have such a policy. As a result, we modified the report to
stress the importance of IRS enforcing this policy. With respect to
actions taken to address this finding, IRS stated that it had (1)
reemphasized its policy to background investigation coordinators and
personnel officers and (2) created and distributed software calculating
the fingerprint results expiration date and instructed staff to use this
software and note the expiration date on the fingerprint check results
documentation. We will evaluate the effectiveness of IRS*s efforts during
our fiscal year 2003 financial audit.

IRS also noted that exceptions could be made to the policy for GS- 1811
Criminal Investigation Special Agents and executives from outside the IRS,
as they must complete an additional background investigation prior to
their entering on duty. However, we had specifically excluded any
individual having met these additional requirements from our count of 53
instances in which employees entered on duty with fingerprint check
results past the 180- day expiration period.

Enforcement of Courier Service Standards

During previous audits of IRS*s financial statements, we found that IRS
did not have effective controls in place to ensure that its courier
service requirements were enforced. Since November 1998, we have reported
that IRS lacks effective controls

GAO- 03- 562R IRS Management Report Page 5 over courier services
responsible for transporting taxpayer receipts. 8 To address

some of these matters, we recommended that IRS (1) clarify that the intent
of the requirement for background investigations is meant to apply to
personnel being entrusted with taxpayer receipts and information rather
than just personnel being granted access to an IRS facility and (2)
develop policies intended to ensure that contracts related to courier
services do not unduly expose the government or taxpayers to losses in the
event that deposits are lost, stolen, or damaged in transit. IRS has made
an effort to address courier security weaknesses we identified by adopting
more stringent security standards for couriers who transport IRS*s daily

deposits to depositary institutions. Specifically, as a result of our
recommendations, IRS established a policy that couriers requiring access
to IRS facilities undergo a limited background investigation, including a
fingerprint check. IRS subsequently extended the requirement for
background investigations to all personnel entrusted with taxpayer
receipts and information. In addition, the courier service standards were
revised to include, in particular, a requirement that courier services
have and maintain insurance coverage valued at $1 million to cover the
costs of reconstructing a lost, stolen, or destroyed deposit. However,
during our fiscal year 2002 audit, we identified two issues related to
IRS*s enforcement of its courier service standards that increased the risk
that (1) taxpayer receipts and taxpayer data could be lost, stolen, or
misused by couriers who transport these items and (2) taxpayers and the
government could be unnecessarily exposed to the risk of financial loss.

Specifically, we found that at 5 of IRS*s 10 service centers for which
agreements for courier services were negotiated by the Department of the
Treasury*s Financial Management Service (FMS), there was no requirement
that couriers undergo background investigations or FBI fingerprint checks.
9 Such a requirement does exist for the 5 service center campuses for
which courier services agreements were negotiated by IRS. According to
FMS, these background check requirements were not

8 U. S. General Accounting Office, Internal Revenue Service: Physical
Security Over Taxpayer Receipts and Data Needs Improvement, GAO/ AIMD- 99-
15 (Washington D. C.: Nov. 30, 1998); Internal Revenue Service: Custodial
Financial Management Weaknesses, GAO/ AIMD- 99- 193 (Washington D. C.:
Aug. 4, 1999); Internal Revenue Service:

Recommendations to Improve Financial and Operational Management, GAO- 01-
42 (Washington D. C.: Nov. 17, 2000); Management Report: Improvements
Needed in IRS's Accounting Procedures and Internal Controls, GAO- 02- 746R
(Washington D. C.: July 18, 2002); and GAO- 02- 35. 9 Courier service
agreements for IRS service center campuses are negotiated by either IRS or

FMS, depending on the type of depositary institution IRS uses to deposit
campus receipts. IRS has the option of depositing campus receipts into a
Federal Reserve Bank or into a general depositary. General depositaries
are designated commercial banks that have been specifically authorized by
Treasury to maintain a Treasury General Account for the purpose of
accepting deposits for Treasury. When receipts are to be deposited to an
FRB, IRS contracts for the courier services. When receipts are to be
deposited to a general depositary, FMS negotiates an agreement with the
depositary to perform services for FMS. There are five service center
campuses with FMS- negotiated agreements and five service center campuses
with IRS- negotiated agreements.

GAO- 03- 562R IRS Management Report Page 6 incorporated in the FMS-
negotiated courier agreements because FMS had been

waiting since 2000 for IRS to issue a final revision of its courier
service standards* IRS issued revised standards on September 6, 2002. As
of the end of our fiscal year 2002 audit fieldwork, FMS- negotiated
agreements for couriers had not been revised. As a result, through fiscal
year 2002, couriers under FMS- negotiated contracts were not required to
undergo background investigations. While IRS relies on FMS to enter into
agreements with general depositaries, IRS nonetheless retains the
responsibility to ensure that resulting contracts reflect the standards it
establishes as necessary for personnel entrusted with taxpayer deposits.
Until all couriers who are entrusted with IRS deposits are required to
undergo background investigations, including fingerprint checks, IRS runs
an increased risk that taxpayer receipts and taxpayer data may be
vulnerable to theft, loss, or misuse.

Additionally, at one of two IRS service center campuses we visited, we
found that the campus did not verify that the courier service had
insurance coverage as required by the courier service standards. According
to the courier*s insurance agency, it had not provided insurance coverage
to the courier service for the last year. Until IRS ensures that courier
services are complying with courier service standards, taxpayers and the
government will be unnecessarily exposed to the risk of financial loss.

Recommendations We recommend that IRS

confirm with FMS that IRS* requirements for background and fingerprint
checks for courier services are met regardless of whether IRS or FMS
negotiates the service agreement, and

establish procedures to verify that courier services are adhering to the
standards established for them by IRS, including the requirement that the
courier services have insurance coverage.

IRS*s Comments and Our Evaluation IRS agreed with our recommendations. IRS
noted that (1) FMS had amended the Courier Memorandum of Understanding to
include the requirement that all courier employees under contracts
negotiated by FMS satisfy the basic investigation requirements, (2) IRS
had established a campus contact at each of its 10 service center campuses
to ensure that all required information is submitted to the National
Background Investigation Center (NBIC) and that a clearance is granted,
and (3) it had requested NBIC to provide it with a monthly report of
campus compliance. IRS also noted that its Security Review Team of Receipt
and Control reviews compliance with the courier requirements monthly and
that it had (1) requested that the 5 campuses where IRS holds the courier
contracts produce insurance certificates for

the couriers during these reviews and (2) requested FMS to direct the
depositary

GAO- 03- 562R IRS Management Report Page 7 banks holding the courier
contracts for the 5 remaining campuses to provide the

insurance certificates to IRS. We will evaluate the effectiveness of IRS*
efforts during our fiscal year 2003 financial audit.

Controls in Receipt Processing Areas During our fiscal year 2002 audit, we
identified weaknesses in IRS*s controls over its receipt processing areas
that increased the risk that taxpayer receipts and taxpayer information
could be lost or stolen. These weaknesses relate to the presence of
certain personal belongings that employees bring into receipt processing
areas. GAO*s Standards for Internal Control in the Federal Government
requires agencies to establish controls to secure and safeguard vulnerable
assets.

In our prior audits, we found that IRS did not have consistent controls
over personal belongings brought into receipt processing areas; we
recommended that IRS (1) restrict personal items that can be brought into
the receipt processing areas, such as handbags, briefcases, and bulky
outerwear, (2) provide lockers and require their use for storing personal
belongings outside of the receipt processing areas, and (3) expand IRS*s
review of service center deterrent controls to include similar analyses of
controls at IRS field offices in areas such as safeguarding of receipts by
storing them in locked containers. 10 In response to our recommendations,
IRS issued policies requiring that (1) employees display in clear plastic
bags certain other personal items that can be kept at their desks and
transported in and out of the receipt processing area, (2) employees store
such items as purses, backpacks, lunch bags, CD cases, newspapers, and
magazines in lockers before they enter the receipt processing area, and
(3) taxpayer assistance centers secure cash payments and receipts in
locked containers.

In each of our fiscal year 2001 and 2002 audits, we found that at one of
two service center campuses we visited, many of the clear plastic bags
employees used to bring personal belongings into the receipt processing
area contained so many items that it would have been easy for employees to
use the bags to conceal and remove checks from the area. At one of these
campuses, we found that employees carried prohibited items such as CD
cases, newspapers, and magazines* all items in which taxpayer receipts
could be easily concealed* into the receipt processing area in plastic
bags. At another campus, we observed employees using large clear plastic
backpacks and tote bags to carry multiple personal belongings such as
lunch bags, makeup bags and items of clothing. Such practices are at odds
with the purpose intended in IRS*s policies---- namely limiting personal
items allowed into the receipts processing area and requiring that all
items allowed in be clearly visible. Until campuses are required to adhere
to policies concerning employees* personal belongings in a consistent

10 U. S. General Accounting Office, Internal Revenue Service: Immediate
and Long- Term Actions Needed to Improve Financial Management, GAO/ AIMD-
99- 16 (Washington D. C.: Oct. 30, 1998) and GAO/ AIMD- 99- 193.

GAO- 03- 562R IRS Management Report Page 8 manner and until these policies
are effectively enforced, taxpayer receipts and

taxpayer information are vulnerable to theft or loss. Additionally, during
our fiscal year 2002 audit, we found that at one of two taxpayer
assistance centers we visited, employees were allowed to store cash
payments and official receipt certificate vouchers with their personal
belongings in desk drawers, overhead cabinets, and lockers. IRS employees
could use these personal belongings to conceal and remove funds from the
receipt processing area. Unlike service centers, IRS does not have a
policy concerning personal belongings at taxpayer assistance centers.
Thus, there is nothing preventing employees at taxpayer assistance centers
from storing personal belongings with cash payments and receipts. Until
IRS ensures that cash payments and receipts are not stored with employees*
personal belongings, taxpayer receipts are vulnerable to theft, loss, or
misuse.

Recommendations We recommend that IRS

enforce consistent implementation of its policy limiting personal
belongings in receipt processing areas at service center campuses and

prohibit the storage of employees* personal belongings with cash payments
and receipts at IRS*s taxpayer assistance centers.

IRS*s Comments and Our Evaluation IRS agreed with our recommendations and
stated it would (1) issue a memorandum requiring managers in receipt
processing areas at service center campuses to ensure that employees are
adhering to the established security procedures and (2) require unit
managers in these areas to conduct random reviews of employee compliance
with all security policies. IRS also stated it would review managerial
adherence to this direction on a monthly basis as well as have its
security review team perform unannounced reviews. We will evaluate the
effectiveness of IRS* efforts in future audits.

Candling Procedures

During our fiscal year 2002 financial audit, we found that IRS*s candling
procedures were not adequate to minimize the risk that taxpayer receipts
and information could be destroyed, lost, or stolen. GAO*s Standards for
Internal Control in the Federal Government requires agencies to establish
physical controls to secure and safeguard vulnerable assets.

IRS receives mail of different dimensions and separates and uses different
methods to extract the contents depending on their dimensions. The
extraction methods IRS

GAO- 03- 562R IRS Management Report Page 9 employs to separate the
envelopes from their contents are not always fully effective.

To help ensure that items that were not removed from envelopes during
extraction are not subsequently destroyed with the envelopes, IRS
established a candling process.

The candling procedures are documented in two separate sections of IRS*s
Internal Revenue Manual (IRM). The first section addresses the extraction
of envelope contents and requires that envelopes be candled after their
contents have been removed. The second section states that *those
envelopes to be destroyed shall be reviewed again before destruction.*
However, these procedures do not provide sufficient guidance as to what
specific candling procedures need to be followed in each of the two
candlings. During our fiscal year 2002 audit, as well as in our previous
audits, we observed instances where taxpayer receipts or taxpayer data
were not removed from envelopes during the extraction phase and would have
been destroyed had they not been discovered through a final candling just
prior to destruction of the envelopes and using a light source to
illuminate the envelopes. Yet, in fiscal year 2002, we found that at one
of two IRS service center campuses we visited, some envelopes were not
candled at the point of extraction. Thus, these envelopes received, at
most, one candling prior to destruction. Until IRS clarifies its candling
requirements to ensure that emptied envelopes are candled twice and to
specify the precise candling methods to be used based on the dimensions of
the mail processed and the extraction method used for each of the two
candlings, IRS*s risk of loss of taxpayer receipts and information is
increased.

We also found that at one of the two IRS service center campuses we
visited, a single employee performed the final candling of envelopes in an
area removed from other ongoing work in the receipts processing area - - a
procedure not prohibited by IRS*s policies and procedures. The initial
candling, because it is performed immediately upon extraction, generally
occurs in the presence of other employees in the receipt processing area.
However, final candling often occurs in a less- populated area of receipt
processing. By not prohibiting a single employee in a remote location from

performing the final candling, IRS*s risk of theft of taxpayer receipts
and information increases.

Recommendations We recommend that IRS

revise its candling procedures to specify the precise candling methods to
be used based on the dimensions of the mail processed and the extraction
method used for both the first and the final candling and

establish and implement procedures prohibiting a single employee from
performing the final candling in a remote location.

GAO- 03- 562R IRS Management Report Page 10 IRS*s Comments and Our
Evaluation IRS agreed with our recommendations and stated it would provide
us with copies of

the procedures developed to address these recommendations by May 30, 2003.

Cash Acceptance Procedures at Taxpayer Assistance Centers

During our fiscal year 2002 audit, we found that IRS did not have controls
in place to ensure that its taxpayer assistance centers adhere to its cash
payment acceptance requirement. IRS policy states that IRS must accept
cash payments from taxpayers who do not have a check or money order, are
unable to obtain one, or insist on paying in cash. However, during our
fiscal year 2002 audit, we found that the

taxpayer assistance center at one of two IRS field offices we visited, as
well as other taxpayer assistance centers in the area, did not accept cash
payments. At the taxpayer assistance center we visited, employees would
direct taxpayers to a nearby financial institution where they could obtain
a money order, but that institution did not maintain the same hours as the
center and was regularly closed during parts of the day.

These centers* refusal to accept cash payments could place undue burden on
taxpayers who do not have a check or money order or are unable to obtain
one. To obtain a money order, they must find an open financial institution
and then pay a fee. The burden associated with these extra efforts and
costs could adversely impact IRS*s collection of taxes owed.

Recommendations We recommend that IRS

determine which taxpayer assistance centers do not accept payment of taxes
in cash and issue a memorandum reminding them of the requirement that cash
be accepted and

establish a mechanism to periodically review adherence to this policy.
IRS*s Comments and Our Evaluation IRS agreed with our recommendations. In
its comments, IRS noted that (1) it had

included guidelines in its Fiscal Year 2003 Field Assistance Office
Operating Procedures stating that all taxpayer assistance centers (TACs)
would accept all standard forms of payment including checks, money orders,
and cash, (2) signs are to be posted in all TACs, specifying that exact
change must be remitted as IRS cannot make change, and (3) it will be
reviewing adherence to these procedures.

GAO- 03- 562R IRS Management Report Page 11

Structuring of Installment Agreements

During our fiscal year 2002 financial audit, we found that IRS did not
always structure installment agreements to provide for full payment of the
tax liability as required by section 6159 of the Internal Revenue Code. As
we noted in our fiscal year 2002 audit report, the presence of cases in
fiscal year 2002 that were not structured to obtain full payment indicates
that IRS was not in compliance with the Internal Revenue Code. 11 IRS*s
failure to properly structure taxpayer installment agreements could result
in the

loss to the federal government of legally collectible tax revenue. Section
6159 of the Internal Revenue Code grants IRS the power to enter into
written agreements with certain taxpayers to allow them to pay their full
tax liability (along with additional interest) in installments. Both the
Internal Revenue Code and IRS*s procedures require that installment
agreements fully satisfy the tax debt (including future accruals of
interest and penalties) before the statutorily allowed period for
collection on the liability expires. 12 However, in our testing of a
statistical sample of 59 installment agreements entered into during fiscal
year 2002, we found 4 instances in which the terms of the agreements did
not require full satisfaction of the tax liability. Based on the results
of our work, we estimate that nearly 7 percent of the new installment
agreements entered into during fiscal year 2002 had payment terms that
would not fully satisfy the tax liability within the statutory collection
period. 13 In each of these cases, we found that the installment
agreements did not fully satisfy

the tax debt because IRS did not consider accruals of interest and
penalties in calculating the total amount to be paid under the installment
agreements. This occurred for two reasons. First, customer service
representatives relied on IRS*s Integrated Data Retrieval System (IDRS) to
determine the amount of the taxpayer*s liability in structuring the terms
of the installment agreement. However, IDRS includes only assessed
balances rather than the total amount of tax owed, which must also include
interest and penalties. While IRS procedures require that its customer
service representatives use a special command function that takes various

accruals into account when entering into installment agreements, these
procedures were not followed in these cases.

Second, taxpayers may apply for an installment agreement through the
Telephone Routing Interactive System. However, the balance due amounts in
this system, like those in the IDRS, do not include accrued interest and
penalties, and thus understate the total amount of tax owed.

After we discussed these findings with IRS, management reinforced the
current installment agreement guidance, provided additional training, and
issued a memo to

11 GAO- 03- 243. 12 The statutory collection period for taxes is generally
10 years from the date of the tax assessment. However, this period can be
extended by agreement with the taxpayer. 13 We are 95 percent confident
that the error rate could be as high as 15 percent.

GAO- 03- 562R IRS Management Report Page 12 the customer service
representatives that stressed the importance of following this

guidance. In addition, IRS revised the Telephone Routing Interactive
System to include both interest and penalty accruals in its calculation of
installment agreement balances. We commend IRS for its prompt action to
develop and implement corrections to the installment agreement controls
and will evaluate the effectiveness of these corrective actions during our
fiscal year 2003 financial audit.

- - - - - This report contains recommendations to you. The head of a
federal agency is required by 31 U. S. C. 720 to submit a written
statement on actions taken on these recommendations. You should submit
your statement to the Senate Committee on Governmental Affairs and the
House Committee on Government Reform within 60 days of the date of this
report. A written statement must also be sent to the House and Senate
Committees on Appropriations with the agency*s first request for
appropriations made more than 60 days after the date of the report.

This report is intended for use by the management of IRS. We are sending
copies to Chairmen and Ranking Minority Members of the Senate Committee on
Appropriations; Senate Committee on Finance; Senate Committee on
Governmental Affairs; Senate Committee on the Budget; Subcommittee on
Transportation, Treasury, and General Government, Senate Committee on
Appropriations; Subcommittee on Taxation and IRS Oversight, Senate
Committee on Finance; and the Subcommittee on Oversight of Government
Management, the Federal Workforce, and the District of Columbia, Senate
Committee on Governmental Affairs. We are also sending copies to the
Chairmen and Ranking Minority Members of the House Committee on
Appropriations; House Committee on Ways and Means; House Committee on
Government Reform; House Committee on the Budget; Subcommittee on
Transportation, Treasury, and Independent Agencies, House Committee on
Appropriations; Subcommittee on Government Efficiency and Financial
Management, House Committee on Government Reform; and the Subcommittee on
Oversight, House Committee on Ways and Means. In addition, we are sending
copies of this report to the Chairman and Vice- Chairman of the Joint
Committee on Taxation, the Secretary of the Treasury, the Director of the
Office of Management and Budget, the Chairman of the IRS Oversight Board,
and other interested parties. Copies will be made available to others upon
request. The report is also available free on GAO*s web site at http://
www. gao. gov.

GAO- 03- 562R IRS Management Report Page 13 We acknowledge and appreciate
the cooperation and assistance provided by IRS

officials and staff during our audit of IRS*s fiscal years 2002 and 2001
financial statements. If you have any questions or need assistance in
addressing these matters, please contact Paul Foderaro, Assistant
Director, at (202) 512- 2535.

Sincerely yours, Steven J. Sebastian Director Financial Management and
Assurance

Enclosure I GAO- 03- 562R IRS Management Report Page 14

Comments from the Internal Revenue Service See comment 1.

Enclosure I GAO- 03- 562R IRS Management Report Page 15 See comment 2.

Enclosure I GAO- 03- 562R IRS Management Report Page 16

Enclosure I GAO- 03- 562R IRS Management Report Page 17 See comment 3.

Enclosure I GAO- 03- 562R IRS Management Report Page 18

Enclosure I GAO- 03- 562R IRS Management Report Page 19 The following are
GAO*s comments on the Internal Revenue Service*s letter dated

April 28, 2003.

GAO Comments 1. IRS stated it has a policy of 180 days for the expiration
period of fingerprint results. IRS had initially informed us that it did
not have such a policy. As a result, we modified our report to stress the
importance of IRS enforcing its policy and modified our recommendation
accordingly.

2. IRS had previously informed us of these exceptions. As a result, we had
specifically excluded any individual having met these additional
requirements from our count to arrive at the total of 53 instances in
which employees entered on duty with fingerprint check results over the
180 day expiration period.

3. In our draft report, we initially recommended that IRS establish a
supervisory mechanism to monitor the effectiveness of the additional
guidance and training in addressing the deficiencies noted in the
structuring of installment agreements. In its comments, IRS stated that
its policy is to require managers to approve installment agreements where
the unpaid assessment balance exceeds $25,000 or where the balance cannot
be fully paid within 5 years, regardless of the size of the balance. We do
not find that this policy is unreasonable at this time and have thus
revised our report accordingly.

Enclosure II GAO- 03- 562R IRS Management Report Page 20

Details on Audit Methodology

To fulfill our responsibilities as the auditor of IRS*s financial
statements, we:

Examined, on a test basis, evidence supporting the amounts and disclosures
in the financial statements. This included testing selected statistical
samples of unpaid assessment, revenue, refund, accounts payable, accrued
expenses, payroll, nonpayroll, property and equipment, and undelivered
order transactions. These statistical samples were selected primarily to
substantiate balances and activities reported in IRS*s financial
statements. Consequently, dollar errors or amounts can and have been
statistically projected to the population of transactions from which they
were selected. In testing these samples, certain attributes were
identified that indicated either significant deficiencies in the design or
operation of internal control or compliance with provisions of laws and
regulations. These attributes, where applicable, can be and have been
statistically projected to the appropriate populations.

Assessed the accounting principles used and significant estimates made by
management.

Evaluated the overall presentation of the financial statements.

Obtained an understanding of internal control related to financial
reporting (including safeguarding assets), compliance with laws and
regulations (including the execution of transactions in accordance with
budget authority), and performance measures reported in the Management*s
Discussion and Analysis.

Tested relevant internal control over financial reporting (including
safeguarding assets) and compliance, and evaluated the design and
operating effectiveness of internal control.

Considered the process for evaluating and reporting on internal control
and financial management systems under the Federal Managers* Financial
Integrity Act of 1982.

Tested compliance with selected provisions of the following laws and
regulations: Anti- Deficiency Act, as amended (31 U. S. C. S:1341( a)( 1)
and 31 U. S. C. S:1517( a)); Agreements for payment of tax liability in
installments (26 U. S. C. S:6159); Purpose Statute (31 U. S. C. S:1301);
Release of lien or discharge of property (26 U. S. C. S:6325); Interest on
underpayment, nonpayment, or extensions of time for payment of tax (26 U.
S. C. S:6601); Interest on overpayments (26 U. S. C. S:6611);
Determination of rate of interest (26 U. S. C. S:6621); Failure to file
tax return or to pay tax (26 U. S. C. S:6651); Failure by individual to
pay estimated income tax (26 U. S. C. S:6654); Failure by corporation to
pay estimated income tax (26 U. S. C. S:6655); Prompt Payment Act (31 U.
S. C. S:3902 (a), (b), and (f), and 31 U. S. C.

Enclosure II GAO- 03- 562R IRS Management Report Page 21 S:3904) ; Fair
Labor Standards Act of 1938, as amended (29 U. S. C. S:206); Civil

Service Retirement Act of 1930, as amended (5 U. S. C. S:S: 5332, 5343);
Federal Employees' Retirement System Act of 1986, as amended (5 U. S. C.
S:S: 8422 and 8423); Social Security Act, as amended (26 U. S. C. S:3101
and 3121, and 42 U. S. C. S:430); and Federal Employees Health Benefits
Act of 1959, as amended (5 U. S. C. S:S: 8905, 8906, and 8909).

Tested whether IRS*s financial management systems substantially comply
with the three FFMIA requirements.

Enclosure III GAO- 03- 562R IRS Management Report Page 22

GAO Contacts and Staff Acknowledgments GAO Contacts

Paul Foderaro, (202) 512- 2535 Alain Dubois, (202) 512- 6365

Acknowledgments

Staff making key contributions to this report were: William Cordrey,
Laurie King, Yola Lewis, and J. Lawrence Malenich.

(196001)

GAO*s Mission The General Accounting Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting its
constitutional responsibilities and to help improve the performance and
accountability of the federal government for the American people. GAO
examines the use of public funds; evaluates federal programs and policies;
and provides analyses, recommendations, and other assistance to help
Congress make informed oversight, policy, and funding decisions. GAO*s
commitment to good government is reflected in its core values of
accountability, integrity, and reliability.

The fastest and easiest way to obtain copies of GAO documents at no cost
is through the Internet. GAO*s Web site (www. gao. gov) contains abstracts
and fulltext files of current reports and testimony and an expanding
archive of older products. The Web site features a search engine to help
you locate documents using key words and phrases. You can print these
documents in their entirety, including charts and other graphics.

Each day, GAO issues a list of newly released reports, testimony, and
correspondence. GAO posts this list, known as *Today*s Reports,* on its
Web site daily. The list contains links to the full- text document files.
To have GAO e- mail

this list to you every afternoon, go to www. gao. gov and select
*Subscribe to daily E- mail alert for newly released products* under the
GAO Reports heading.

The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent of
Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more
copies mailed to a single address are discounted 25 percent. Orders should
be sent to: U. S. General Accounting Office 441 G Street NW, Room LM
Washington, D. C. 20548 To order by Phone: Voice: (202) 512- 6000

TDD: (202) 512- 2537 Fax: (202) 512- 6061

Contact: Web site: www. gao. gov/ fraudnet/ fraudnet. htm E- mail:
fraudnet@ gao. gov Automated answering system: (800) 424- 5454 or (202)
512- 7470 Jeff Nelligan, managing director, NelliganJ@ gao. gov (202) 512-
4800

U. S. General Accounting Office, 441 G Street NW, Room 7149 Washington, D.
C. 20548 Obtaining Copies of GAO Reports and

Testimony Order by Mail or Phone

To Report Fraud, Waste, and Abuse in Federal Programs Public Affairs

This is a work of the U. S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed in
its entirety without further permission from GAO. However, because this
work may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this material
separately.
*** End of document. ***