IRS and Terrorist-Related Information Sharing
Gao ID: GAO-03-50R October 21, 2002
Events preceding and following the attacks of September 11, 2001, spotlighted ineffective information sharing, particularly related to intelligence and law enforcement activities, as a serious weakness. Poor information sharing hinders effectively identifying vulnerabilities and coordinating efforts to detect attacks. GAO monitored the Internal Revenue Service's (IRS) efforts to enhance the security of the tax filing process, to study how terrorist-related threat information is shared with IRS. The Federal Bureau of Investigation (FBI) uses task forces and electronic means to share terrorist-related threat information with the Treasury Inspector General for Tax Administration (TIGTA). More specifically, it shares information through its involvement with TIGTA and others in Joint Terrorism Task Forces and through electronic arrangements such as the National Threat Warning System. For its part, TIGTA uses formal communications to disseminate threat information to IRS. TIGTA and IRS officials were satisfied with the FBI's and TIGTA's information-sharing procedures, respectively.
GAO-03-50R, IRS and Terrorist-Related Information Sharing
This is the accessible text file for GAO report number GAO-03-50R
entitled 'IRS and Terrorist-Related Information Sharing' which was
released on October 21, 2002.
This text file was formatted by the U.S. General Accounting Office
(GAO) to be accessible to users with visual impairments, as part of a
longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
United States General Accounting Office:
Washington, DC 20548:
October 21, 2002:
The Honorable Max Baucus:
Chairman:
The Honorable Charles E. Grassley:
Ranking Member:
Committee on Finance:
United States Senate:
Subject: IRS and Terrorist-Related Information Sharing:
Events preceding and following the attacks of September 11, 2001,
spotlighted ineffective information sharing, particularly related to
intelligence and law enforcement activities, as a serious weakness.
Poor information sharing hinders effectively identifying
vulnerabilities and coordinating efforts to detect attacks.
As agreed with your offices, as part of our response to your request to
monitor the Internal Revenue Service‘s (IRS) efforts to enhance the
security of the tax filing process,[Footnote 1] we studied how
terrorist-related threat information is shared with IRS. More
specifically, one of this report‘s objectives is to describe the
process the Federal Bureau of Investigation (FBI) uses to share this
kind of information with the Treasury Inspector General for Tax
Administration (TIGTA) and the process TIGTA uses to share information
with IRS. Another objective is to describe TIGTA and IRS officials‘
views on the procedures for sharing information.
We included the FBI in our work because it is responsible for ensuring
a coordinated and vigorous response to terrorist acts and needs to
share information to carry out its responsibility. We included TIGTA
because even though it is separate from IRS, it is responsible for
investigating threats against IRS facilities and employees and is the
conduit to IRS for FBI information related to IRS.
Results in Brief:
The FBI uses task forces and electronic means to share terrorist-
related threat information with TIGTA. More specifically, it shares
information through its involvement with TIGTA and others in Joint
Terrorism Task Forces (JTTFs) and through electronic arrangements such
as the National Threat Warning System. For its part, TIGTA uses formal
communications to disseminate threat information to IRS.
TIGTA and IRS officials were satisfied with the FBI‘s and TIGTA‘s
information-sharing procedures, respectively. We are making no
recommendations.
After reviewing a draft of this report, the FBI had no comments, and
TIGTA and IRS agreed with our findings. However, TIGTA noted that
receiving no additional funding for its enhanced participation in JTTFs
made TIGTA‘s information-sharing efforts especially challenging, and
that, in this context, continuing its efforts to improve the process
raised concerns about endangering other program initiatives.
How the FBI Shares Information with TIGTA:
According to FBI officials, the FBI shares information with TIGTA and
many other agencies through FBI-chaired JTTFs. Composed of various
federal, state, and local agencies, JTTFs aim to prevent, preempt,
deter, and investigate terrorism and related activities affecting the
United States and to apprehend terrorists. According to an FBI
official, the FBI had a JTTF in each of its 56 field offices by July
2002, and a TIGTA official said that TIGTA would be involved in a full-
time, part-time, or liaison capacity in almost all the JTTFs. According
to FBI officials, full-time JTTF members share information by working
side by side in the same space every day, and JTTF meetings include
discussions of casework, intelligence information, administrative
matters, available training, and other JTTF-related issues. According
to a TIGTA official, when TIGTA works with a JTTF in a liaison or part-
time capacity, the FBI agrees to notify TIGTA of anything of interest
to TIGTA that arises in a TIGTA representative‘s absence. Another TIGTA
official cautioned, however, that TIGTA‘s absence means that the FBI
has to recognize a risk to IRS that TIGTA would otherwise recognize.
FBI officials told us that in a liaison capacity, JTTF members
participate through regular meetings, conferences, and telephone calls.
At a different level, TIGTA also participates in a national JTTF, which
allows for information sharing on a national basis among federal,
state, and local groups, and it was trying to hire someone to
participate full-time.
Because the FBI requires that a memorandum of understanding be executed
with all agencies participating full-time in the JTTFs, it finalized
one with TIGTA in September 2001. Lasting until TIGTA withdraws from
JTTFs, the memorandum governs how TIGTA employees are detailed or
otherwise assigned to work at the FBI as part of JTTFs. According to a
TIGTA official, TIGTA‘s role with the JTTFs evolved from an earlier
FBI/TIGTA relationship.
In addition to sharing information through JTTFs, the FBI shares
information with TIGTA electronically. TIGTA receives FBI information
through the National Threat Warning System over secure teletype; the
National Law Enforcement Telecommunications System, which provides for
interagency exchange of unclassified criminal justice information; and
the National Infrastructure Protection Center, which is the national
focal point for information on threats to critical infrastructures,
such as telecommunications and banking and finance systems. Similarly,
TIGTA has access to the FBI‘s National Crime Information Center
database, which has a terrorism subfile. The purpose of this database
is to share biographical information on people of interest to the FBI
who should be treated with caution.
How TIGTA and IRS Share Information:
According to TIGTA officials, TIGTA is the primary conduit through
which terrorist-related threat information flows both ways between the
FBI and IRS. When IRS reports a threat to TIGTA, TIGTA determines its
validity and passes it on to the FBI, if warranted.
Similarly, through its involvement in individual JTTFs, according to
TIGTA officials, TIGTA becomes aware of information, such as militia or
antitax activity, and decides whether it should be passed on to IRS. In
May 2001, TIGTA formed its own counterterrorism group, which is the
centralized point where threat information related to IRS, including
information received from TIGTA representatives on the JTTFs, is
analyzed. The group is charged with coordinating TIGTA‘s investigations
of terrorism threats directed against IRS or its employees.
TIGTA formally disseminates some terrorist-related threat information
to IRS‘s Agencywide Shared Services through threat advisories.
[Footnote 2] The purpose of the advisories is to advise TIGTA and IRS
management of significant anti-government activity that may affect the
safety of IRS personnel and facilities. According to a TIGTA official,
the decision to disseminate advisories is a collaborative effort using
years of law enforcement experience to assess threats.
The information in the advisories we examined came from many sources,
including the FBI, other federal agencies, and the media. Many of the
advisories warned TIGTA agents of developments relating to fighting
terrorism, but others warned IRS of situations threatening federal
agencies and others in general. Very seldom did an advisory mention
anything specific to IRS or the federal tax system.
TIGTA and IRS Officials Are Satisfied with Information-Sharing
Procedures:
The TIGTA and IRS officials we interviewed were satisfied with the
procedures used for sharing information. A TIGTA Assistant Special
Agent-in-Charge told us that the FBI shared terrorist-related threat
information with TIGTA in a way that was timely and responsive to IRS‘s
needs. Similarly, IRS officials responsible for security policymaking
and implementation told us that they were satisfied with the job TIGTA
was doing. According to the Director of the Office of IRS-Wide
Security, TIGTA represented IRS‘s interests well, explaining to others
why IRS had to have certain knowledge. According to officials in IRS‘s
Agencywide Shared Services responsible for distributing threat
information throughout IRS, TIGTA shared information alerts as they
occurred, and IRS received everything it needed to complete its job.
Agency Comments:
We provided a draft of this report to the Attorney General, the Acting
Treasury Inspector General for Tax Administration, and the Commissioner
of Internal Revenue for comment. On October 8, 2002, the Department of
Justice‘s Audit Liaison Office orally told us that the FBI had no
comments. Also in oral comments, the Director of the Office of IRS-Wide
Security said on September 26, 2002, that IRS agreed with our findings.
In providing written comments on our draft, TIGTA‘s Deputy Inspector
General for Investigations also agreed with our findings. He added that
TIGTA‘s not receiving any additional funding to support its enhanced
participation in JTTFs made TIGTA‘s information-sharing efforts
especially challenging. In this context, he also expressed concern that
TIGTA‘s continued efforts to improve its process would imperil other
program initiatives. We did not address TIGTA‘s funding in our report
because it was beyond our scope. The full text of the Deputy Inspector
General‘s comments is reprinted in the enclosure.
Scope and Methodology:
To obtain information on processes used to share terrorist-related
threat information and officials‘ views of those processes, we reviewed
our reports and testimonies [Footnote 3] and other materials on
information-sharing procedures and coordination among federal agencies;
interviewed FBI, TIGTA, and IRS officials responsible for
counterterrorism, information dissemination, threat assessment, and IRS
security policymaking and implementation; reviewed the memorandum of
understanding between the FBI and TIGTA; and obtained information on
TIGTA threat advisories issued from March 2001 through June 2002. We
did not test the FBI‘s or TIGTA…s information-sharing procedures. We
did our work in the Washington, D.C. area from February through July
2002 in accordance with generally accepted government auditing
standards.
As agreed with your offices, unless you publicly announce its contents
earlier, we plan no further distribution of this report until 30 days
from the date of this report. At that time, we will send copies of this
report to the Attorney General, the Treasury Inspector General for Tax
Administration, the Commissioner of Internal Revenue, and other
interested parties. We also will make copies available to others upon
request. In addition, the report will be available at no charge on the
GAO Web site at [hyperlink, http://www.gao.gov].
If you or your staff have any questions about this report, please
contact David Attianese or me on (202) 512-9110. Key contributors to
this report were Chan My J. Battcher and Lawrence M. Korb.
James R. White:
Director, Tax Issues:
[End of section]
Enclosure:
Department Of The Treasury:
Inspector General for Tax Administration:
Washington, D.C. 20220:
October 10, 2002:
James White:
Director, Tax Issues:
U.S. General Accounting Office:
Dear Mr. White:
We have reviewed the report regarding the most important topic of, IRS
and Terrorist-Related information Sharing (GAO-03-50R) and appreciate
the opportunity to comment on the audit and associated report.
We appreciate the efforts of your staff and concur in the findings that
TIGTA has been successful in establishing procedures that ensure
effective information sharing between the FBI, IRS and TIGTA. Our
primary vehicle for obtaining this information is through our
participation in the Joint Terrorism Task Forces (JTTF) throughout the
nation and in interacting with the IRS to insure timely notification of
critical information. We find this assignment especially challenging in
light of the fact we have not received any additional funding from
which to support our enhanced participation with the fifty-six JTTFs
throughout the country. We will continue to refine our efforts to
improve this process, but are concerned that it will ultimately come at
the peril of other program initiatives.
Again let me express my appreciation for you, Mr. Korb and his team for
the work done in this area and the reaffirmation of the success of our
program.
Signed by:
(for) Robert J. Cortesi:
Deputy Inspector General for Investigations:
[End of enclosure]
Footnotes:
[1] We issued interim and final ’limited official use only“ reports to
you on IRS mail security in February and August 2002.
[2] Agencywide Shared Services is the IRS organization responsible for
distributing threat information throughout IRS.
[3] For instance, U.S. General Accounting Office, FBI Reorganization:
Initial Steps Encouraging but Broad Transformation Needed, GAO-02-865T
(Washington, D.C.: June 21, 2002). In this testimony, we said that
communication problems significantly hampered the FBI‘s ability to
share information internally and with other intelligence and law
enforcement agencies. We also testified that the FBI‘s recent steps
toward greater information sharing, improving analytical capacity, and
establishing a central unit to make sense of gathered information
seemed to be rational ones.
[End of section]
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "Subscribe to Updates."
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. Government Accountability Office:
441 G Street NW, Room LM:
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Gloria Jarmon, Managing Director, JarmonG@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Jeff Nelligan, Managing Director, AndersonP1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548: