On 17 April 2018, the final day for U.S. citizens to file 2017 tax returns, the U.S. Internal Revenue Service (IRS) suffered a major system failure related to the hardware supporting its 58-year old, 20-million-line Cobol-basedIndividual Master File system [PDF], which is still being used today to process the vast majority of individual tax returns. As a result of the failure, the IRS extended by a day the filing due date.
Back in 2016, there was another hardware failure that affected the electronic filing of annual tax returns, but luckily, that event happened in February rather than on the April filing due date when millions of returns are typically sent in.
According to a Nextgov.com story, the IRS attributed the cause of the most recent failure to a new, 18-month-old piece of computer hardware “supporting the Individual Master File [that] experienced a caching issue causing the system to fail. The failure disrupted almost all other services and systems IRS provides because those systems ingest data from the Individual Master File. When those systems—such as Direct Pay and the structured payments portal—called to the Individual Master File mainframe and got no response, they too failed.”
The tax system failure seemed to have been foreshadowed last October in testimony before Congress by Jeffrey Tribiano, IRS Deputy Commissioner for Operations Support and CIO Silvana Gina Garza. In their testimony [PDF], they stated that the increasing age of IT infrastructure was also increasing “the potential for a catastrophic system failure.” More funding for IRS modernization would alleviate the risk, they indicated.
Former IRS Commissioner John Koskinen went so far as to assert that the failure was the predictable consequence of years of congressional budget cuts. He was not alone, with some commentators claiming the IRS budget cuts remain “a core issue involved in IT deficiencies” or that “poor funding was the root of the IT system failures.” They strongly implied that IRS budget cuts were the reason why the IMF system that went live during the Kennedy administration hadn’t yet been replaced.
While it’s true that the IRS has experienced budget reductions over the past several years, those cuts hardly explain a failure of an 18-month-old piece of computer hardware. More important, those claims conveniently ignore that the IRS has spent untold billions since the late 1960s on numerous attempts to modernize its IT systems, all centered on trying to replace the ancient IMF system, with minimum success.
For instance, from 1968 through 1978, there was the IRS Automated Tax Administration System initiative aimed at “designing and acquiring a new data processing system for tax administration” meant to last into the 1980s and beyond. An essential element of that effort was the rapid replacement of the IMF system. But the initiative crashed and burned [PDF] in 1978, however, because the proposed $1.8 billion effort ($7.68 billion today) was seen as providing little benefit for the costs involved, and critically, the IRS could not ensure that federally mandated taxpayer privacy rules wouldn’t be violated.
In 1982, the IRS next embarked on its Tax System Redesign planning effort that eventually led to the Tax Systems Modernization program in 1986 that was projected to be completed about 20 years later. Again, replacing the IMF was a―if not the―primary objective. The planned $8 billion effort ($18.2 billion today) was scrapped in 1997 after years of difficulties while expending some $4 billion of its budget with little to show for it. Assistant Commissioner of the IRS Arthur Gross admitted at the time the major reason for scrapping the latest IRS modernization effort and starting over was that the systems then under development “do not work in the real world.”
In 1998, the IRS started over yet again, this time on its initially funded $3 billion ($4.63 billion today) Business System Modernization program that was supposed to finish around 2013. Again, replacing the IMF by what the IRS was now calling the Customer Account Date Engine (CADE) was a top priority. The CADE was expected to cost $254 million in total, scheduled to initially go live in 2001, and after a series of releases, be ready to replace the IMF operationally by 2010.
However, after years of complications, the CADE effort finally began deployment in mid-2004. Unsurprisingly, the project was halted in 2009 after delivering only 15 percent of the capability intended at a cost of $400 million. At the time of its arrested development, the IRS spending on the entire modernization program had reached $2.6 billion, with planned expenditures expected to surpass $8 billion by the early 2020s.
Undaunted by CADE’s development problems, the IRS launched the approximately $435 million CADE 2 effort in 2010 to build on its predecessor [PDF] in two phases by the end of 2013. However, phase 1, which was supposed to cost $315 million, ended up costing $397 million; it also didn’t go live until late 2012, some 10 months late. The IRS also found that data quality problems and unfinished work resulting from the initial CADE 2 release required another phase (1.5) be squeezed into the development, which meant an additional―and unplanned for―$101 million cost.
Phase 2 of CADE 2 soon saw its delivery slip first from 2013 to 2016, then to 2020, and is now scheduled for, well, sometime. As the Treasury Inspector General for Tax Administration told Congress last year, “there is no scheduled or planned completion date for CADE 2 development,” despite the IRS avowing that CADE 2 remains one of the agency’s top priorities and that the ultimate success of its BSM efforts depends on it working. CADE 2’s final development cost (assuming it ever works as planned) is currently estimated [PDF] to be at least $1.5 billion.
When CADE 2 initially ran into trouble and busted its budget by $183 million, the IRS “forgot” to inform Congress of the overrun, even as agency head Koskinen complained that the IRS was starved by a lack of IT modernization funds.
It is not surprising, given the decades of myriad IT failures and a history of being less than candid about those failures, that Congress has long put IRS IT spending on a very tight leash. When dealing with the IRS and IT modernization, the safest operational maxim is distrust and verify―and verify again.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.