Outdated and Old IT Systems Slow Government and Put Taxpayers at Risk

How long does it take to get a payment from the government? Tax refunds, Social Security, Medicare and Medicaid claims, and much more are processed through federal IT systems. But many of these systems are decades old AND outdated—which can slow down federal payments and services, and make taxpayer information vulnerable to cyberattacks.

Congress has long recognized aging IT systems as a costly vulnerability for the federal government and has appropriated funding to update systems. But many of these efforts face delays and setbacks. Today’s WatchBlog post explores.

Image

Aging IT may be delaying your tax return and refund

IRS uses hundreds of applications, software, and hardware systems that are outdated—25 years or older, or written in a programming language that is no longer used. Among these, one example stands out: the primary system that IRS uses to process individual taxpayer account data.

This critical system helps IRS assess taxes, generate refunds, update accounts, and more. It was built in the late 1960s, around the same time NASA’s Apollo missions were first sending astronauts to the moon. The system has been updated over the years, but maintaining it is getting harder because it relies on a computer programming language (COBOL) that fewer and fewer programmers know.  

Our new report found that IRS has spent hundreds of millions of dollars trying to update this system. But IRS officials said the system wouldn’t be fully replaced until 2030 at the earliest—at which time it will be 60 years old.

In the report, we recommended establishing time frames for addressing this and other IT modernization needs that affect taxpayers. We also recommended developing a plan that would improve the effectiveness of IRS’s efforts.

Learn more about those efforts by checking out our podcast with GAO’s Dave Hinchman.

How widespread is the issue?

The IRS is just one of many agencies, government-wide, grappling with aging or old IT systems. Of the government’s $100 billion in annual IT spending, 80% goes to operating and maintaining existing systems. The older the systems are, the more the upkeep costs—and, older systems are more vulnerable to hackers.

Image

In April 2021, we testified before Congress about these vulnerabilities. We analyzed 65 federal legacy systems and identified the 10 most critical systems—each at a different agency—that needed to be modernized. These 10 systems:

• Provided essential services like emergency management, health care, and defense
• Were between 8 and 51 years old
• Collectively cost about $337 million annually to operate and maintain

Some of these systems also used outdated code, relied on hardware or software that manufacturers no longer support, or had major security risks.

To learn more about the federal government’s aging IT systems and funding available to modernize them, check out our report.

• Comments on GAO’s WatchBlog? Contact blog@gao.gov.