As the Government Accountability Office detailed in 2016, the Treasury Department’s taxpayer data program uses assembly language code — a low-level computer code that is difficult to write and maintain — and operates on an IBM mainframe. At this point, it is about 60 years old.
That is why the IRS and Treasury have devised a comprehensive modernization plan to propel the revenue service into the 21st century. The plan, formally known as the IRS Integrated Modernization Business Plan, was released in April and details how the IRS plans to modernize its processes for the digital age and improve services for citizens.
During a congressional hearing in April, IRS Commissioner Charles Rettig cited IT modernization as one of the agency’s most important priorities over the next few years. The replacement and modernization of the IRS’ aging IT systems is expected to cost between $2.3 billion and $2.7 billion over the next six years, beginning with $290 million requested in the president’s fiscal 2020 budget proposal, as FedScoop reports.
While that is a substantial sum of money, the IRS plan makes clear that it will cost the agency more in the long run to maintain legacy systems than it will to modernize. “The cost to operate the IRS technology infrastructure annually now exceeds $2.2 billion and is expected to exceed $3 billion by FY2026 if current trends continue,” the plan states. “Modernization is necessary to deliver efficient taxpayer services and enforcement with enhanced user experiences and to curtail the rising operational costs.”
A key element of the modernization plan is to streamline IRS operations through the elimination of millions of lines of legacy code.
Through modernization, the IRS wants to be able to, among other things, reduce call wait times and case resolution times with customer callback technology, online notices, and live online customer support; speed up tax return and refund processing with real-time return processing and taxpayer error correction; simplify identity verification to expand access to online services while protecting data; and increase systems availability for taxpayers and tax professionals.
IRS Focuses Modernization on the User Experience
Speaking last month to Congress, and in asking for funding for modernization, Rettig described how the IRS’ legacy IT systems are insecure and unsustainable in their current form.
“They have been patched through the years and IRS systems have been asked to take on more and more tasks,” he said, according to FedScoop. “We have about 60 different applications. We have 12,000 or 13,000 servers on 12 mainframes. It’s difficult to continually patch. At some point, we need to replace. And we’re definitely at that point.”
The modernization plan is based on four pillars: the taxpayer experience, core taxpayer services and enforcement, modernizing IRS operations, and cybersecurity and data protection.
“Rapid advancements in the digital customer service experience offered by private industry increase customer expectations of superior service from government agencies, including the IRS,” the plan notes.
In an introductory section of the plan signed by Rettig, Deputy Commissioner for Operations Support Jeffrey Tribiano and Deputy Commissioner for Services and Enforcement Kirsten Wielobob, the IRS leaders say that they ultimately aim to enhance the citizen experience and make the IRS’ IT systems more resilient.
“We all know that advances in technology will require adjustments over time and that challenges lie ahead,” they say. “If and when disaster strikes, the story shouldn’t be that a system went offline but rather how quickly we recovered and resumed normal operations.”
To that end, the plan calls for the IRS to use more web applications for self-service options, establish secure information exchange options and build internal capabilities. “By enabling authorized third parties and taxpayers to interact digitally with the IRS, the investment will provide a better user experience, achieve significant savings by moving some service interactions to lower cost channels, and deliver consistent data and services through reusable Application Programming Interfaces (APIs),” the plan states.
The IRS also plans to target younger citizens and develop “digital notices through the secure messaging platform that provides communications to taxpayers who prefer that channel over mailed correspondence, including digital chat.”
Another project involves converting more than 200,000 lines of legacy assembly-language code to modern software language. Similarly, the plan says, “efforts are underway to migrate from text-based legacy programming languages (e.g., Common Business-Oriented Language (COBOL)) to modern, common languages (e.g., .NET, JAVA), which will promote programming language standardization and reduce workforce sustainment risks.”
Cloud and Cybersecurity Are Key Elements of IRS Modernization
To maintain the efficiency of its apps and underlying tax data, the IRS needs to have end-to-end visibility and be more agile. As a result, the plan says, the IRS will transition its “data, applications, and services from onsite to the cloud, where applicable.”
Moving to the cloud “will reduce fixed investment, minimize the risks of aging hardware, and improve scalability and elasticity.”
In particular, migrating to private and hybrid cloud architectures “will support long-term and emergent business requirements for enterprise IT orchestration and service management,” the plan says. “IRS systems must accommodate heavy demand during peak times, resulting in the critical need for both infrastructure scalability and flexibility.”
The plan also emphasizes the importance of cybersecurity. “To protect IRS systems and retain public trust, we must maintain a strong security posture with a focus on Identity & Access Management (IAM), vulnerability and threat management, and enterprise-wide security operations and management,” it says.
The IRS aims to implement existing IAM capabilities as a set of common services to standardize authentication and authorization across its platforms. The revenue service also wants to be able to “proactively identify emerging threats and vulnerabilities through the use of real-time intelligence information and analytics.”
Additionally, the IRS says it will “establish security standards and reusable security services and tools appropriate to the evolving technology ecosystem. We will integrate security processes into the service design/operations lifecycle to deliver systems and processes with security built in at the outset.”