Improved Tax Return Filing and Tax Account Access Authentication Processes and Procedures Are Needed

The Deputy Commissioner for Services and Enforcement should develop a Service-wide strategy that establishes consistent oversight of all authentication needs across IRS functions and programs including all interactions with individuals face-to-face, online, and through the telephone. In addition, the IRS should ensure that responsibility for implementing the strategy is optimally aligned to provide centralized oversight and facilitate decision making for the development and integration of all forms of authentication including frameworks, policies, and processes across the IRS.

The Deputy Commissioner for Services and Enforcement should ensure that the level of authentication risk for all current and future IRS online applications accurately reflects the risk to the IRS and taxpayers should an authentication error occur.

The Deputy Commissioner for Services and Enforcement should ensure that the implemented authentication processes used for all current and future online applications provide the level of assurance required by National Institute of Standards and Technology (NIST) standards for the determined level of authentication risk.