(U) Treasury Inspector General for Tax Administration Concerns
(U) In September 2020, OIG received a referral from the Treasury Inspector General for Tax Administration (TIGTA). According to the referral, in 2019, during an audit of the Internal Revenue Service’s (IRS) passport management and security controls,19 TIGTA requested from CA information associated with diplomatic and official passports issued to IRS employees and appointees for the last 20 years, as of March 31, 2019. Specifically, for each passport issued, TIGTA requested the applicant’s name, passport number, passport type, issuance date, and passport status (e.g., cancelled, lost, or stolen).
(U) According to TIGTA officials, TIGTA received three separate passport datasets from CA. However, TIGTA found that the data provided in each dataset were incomplete. For example, some passport records had blank issuance and expiration date fields. Furthermore, the data identified onlyfive passports that were issued in 2016 and indicated that no passports were issued to IRS employees from 2017 through 2019. However, IRS records indicated that more than 200 official or diplomatic passports were issued to employees between 2016 and 2019. Lastly, one dataset included only Department of Treasury employees and not IRS employees. According to TIGTA officials, CA officials could not explain why the database was providing incomplete data. Based on the missing records and data fields, TIGTA deemed CA’s information as unreliable for use in its audit.
(U) In response to TIGTA’s concerns about receiving incomplete data from CA, OIG reviewed the 847,880 official and diplomatic passport records provided to OIG by CA and found that none of the passport records had blank issuance or expiration date fields. Furthermore, the records showed that CA issued 652 official and diplomatic passports to IRS employees and their family members from FY 2017 through FY 2019 as opposed to the data provided to TIGTA, which showed that no passports were issued to IRS employees from FY 2017 through FY 2019.
The Special Issuance Agency (SIA) did not review the data!
(U) When asked about TIGTA’s concerns, CA officials stated that CA’s Office of Consular Systems and Technology ran a query in TDIS using sponsor codes28 that are associated with IRS to obtain the data requested by TIGTA. CA’s Office of Legal Affairs and Law Enforcement Liaison and the Office of Passport Integrity and Internal Controls reviewed the data before the data were released to TIGTA. SIA did not review the data. If SIA employees had reviewed the data, they would have recognized that it was incomplete. SIA employees would know, because of reimbursement data, the number of passports issued to IRS employees. CA officials also stated that, although there are processes in place for reviewing and clearing data prior to release to Federal customers, there is not a formal written policy or standard operating procedures. CA officials are formalizing procedures to address this deficiency.
(U) CA officials indicated that requests for passport information from other agencies are infrequent—there have been none since TIGTA’s request in 2019. However, it is important that CA have effective internal control activities in place to ensure that quality data are provided to other Government agencies. Internal control is a process effected by an entity’s management that provides reasonable assurance that the objectives of an entity will be achieved.29 Management should establish control activities through policies and procedures to achieve objectives.30 Because CA had not implemented effective internal control activities to ensure that the data provided to TIGTA in response to its request were properly reviewed and validated, it failed to meet its objective of delivering a high level of customer service and earning customer trust, which consequently impacted TIGTA’s ability to conduct an audit of passport management and security at the IRS. Although OIG acknowledges that CA is developing internal control activities and associated procedures to help ensure that the incident with TIGTA is not repeated, OIG is making the following recommendation and will track its implementation through the audit compliance process to confirm that the identified deficiency has been fully addressed.
(U) Prior Office of Inspector General Reports
(U) During this audit, OIG was alerted that a former Department of State employee had allegedly not surrendered their diplomatic passport upon separation from the Department. Department employees’ entitlement to an official or diplomatic passport, in most instances, ends when they separate from the Department, and the passport must be surrendered for cancellation.
(U) OIG found that CA had not electronically cancelled one of the former employee’s diplomatic passports. Based on that information, OIG performed additional steps to determine whether CA had cancelled other diplomatic or official passports once an employee had separated from the Department of State. OIG found that CA had not electronically cancelled 57 of 134 (43 percent) passports tested.5 In addition, of these 57 passports, 47 (82 percent) had not expired as of February 1, 2021, meaning they could still be valid. One reason for the deficiencies identified is that bureaus and offices did not always maintain proper accountability of passports and could not confirm whether separating employees had surrendered their passports for cancellation. OIG made one recommendation that is intended to improve the accountability of official and diplomatic passports of separating employees. As of June 2021, OIG considers the recommendation resolved, pending further action.
— State OIG (@StateOIG) August 19, 2021