The Government Accountability Office recently audited the Internal Revenue Service’s financial statements for the 2017 and 2018 fiscal years. The GAO found the IRS maintained effective internal controls over financial reporting as of Sept. 30, 2018.
GAO’s report states, “GAO's tests of IRS's compliance with selected provisions of applicable laws, regulations, contracts, and grant agreements detected no reportable instances of noncompliance in fiscal year 2018.”
Auditors found the IRS had made big progress in addressing long-standing, significant weakness in internal controls over unpaid assessments. These weaknesses had been pointed out in previous audits. This newest study, however, found a number of new measures.
Data quality had been enhanced and controls improved over the statistical process used to estimate amount of taxes receivable, compliance assessments, and write-offs for financial reporting purposes. GAO says deficiencies remain, but they are not great enough to be termed a “material” weakness.
However, the GAO notes, the remaining shortcomings—along with new issues with the information security systems unearthed in the new audit—still represent a significant deficiency in the IRS’ internal control over financial reporting systems.
“Until IRS takes the necessary steps to address these deficiencies in controls, its financial reporting and taxpayer data will remain at increased risk of inappropriate and undetected use, modification, or disclosure,” the GAO report says.
Beyond the internal control shortcomings, the GAO also found “significant ongoing financial management challenges” in three basic areas:
- Safeguarding taxpayer receipts and associated information
- Preventing and detecting fraudulent refunds based on identity theft
- Implementing the tax-related provisions of the Patient Protection and Affordable Care Act.
The GAO made a number of recommendations to the IRS addressing the internal control deficiencies based on earlier audits. Separately, the GAO will also continue to monitor IRS efforts to resolve prior GAO recommendations. GAO also says it will monitor the deficiencies outlined in this new audit and the IRS efforts to correct them.
After receiving a draft copy of the GAO report, Internal Revenue Service officials stated the agency continues to increase its focus on information security and internal controls.
To read the full 116-page report, download it from the GAO website.