Rep. Maloney Requests Full Committee Hearing on Equifax’s IRS Contract Awarded After Data Breach

Oct 10, 2017
Press Release

WASHINGTON, DC – Congresswoman Carolyn B. Maloney (NY-12) today called for an investigation into the decision by the IRS to award Equifax a no-bid contract to provide tax fraud protection services just three weeks after the public disclosure of the company’s major security and data breach. Rep. Maloney, senior member of the House Committee on Oversight and Government Reform, asked Chairman Trey Gowdy and Ranking Member Elijah Cummings to convene this hearing.

In her request, the Congresswoman says, “Multiple committees in the House and Senate have held hearings over the last two weeks to conduct oversight and investigations are ongoing. Given these efforts, I have deep concerns about the IRS’s decision to move forward with this $7.2 million no-bid contract to Equifax and believe our committee should schedule a hearing to determine how the IRS came to its decision.”

She adds, “[T]he American people need and deserve to know how the government is protecting their personal data. Our Committee has thoroughly investigated data security breaches in both the private and public sectors, and I believe oversight on this issue is critical to provide transparency about a government contract that has an impact on millions of Americans.”

Full text of the letter below and a PDF can be found here.

Dear Chairman Gowdy and Ranking Member Cummings,

I write to request a Full Committee hearing to investigate Internal Revenue Service’s (IRS) decision to grant Equifax a no-bid contract to provide tax fraud protection services, just three weeks after it was disclosed that Equifax experienced a data breach that affected an estimated 145 million Americans. We are still learning about how the Equifax breach occurred and how consumers are being affected. Multiple committees in the House and Senate have held hearings over the last two weeks to conduct oversight and investigations are ongoing. Given these efforts, I have deep concerns about the IRS’s decision to move forward with this $7.2 million no-bid contract to Equifax and believe our committee should schedule a hearing to determine how the IRS came to its decision.

The highly sensitive nature of IRS information makes close oversight of this contract all the more necessary. An IRS contract with Equifax was scheduled to expire on September 29, 2017 and, according to media reports, the IRS made a decision in July 2017 to award a new tax fraud prevention contract to Experian Information Systems. Equifax challenged this decision and Jeffrey Tribiano, the IRS’ Deputy Commissioner for Operations Support, has testified that the agency needed to renew a so-called bridge contract with Equifax until the Government Accountability Office (GAO) settles this dispute. A GAO spokesperson has challenged this claim and told Nextgov that, despite this protest, “Congress provided IRS (and all agencies) with the authority to proceed should the agency determine that performance of the contract ‘is in the best interest of the United States,’ or that there are ‘urgent and compelling circumstances that significantly affect interests of the U.S.’”[1]

In the meantime, the American people need and deserve to know how the government is protecting their personal data. Our Committee has thoroughly investigated data security breaches in both the private and public sectors, and I believe oversight on this issue is critical to provide transparency about a government contract that has an impact on millions of Americans.

Providing tax filers an opportunity to access more records digitally has great benefits, but we must be vigilant in ensuring that those technological upgrades do not come at the expense of security and identification protections. In instances where the government seeks private sector partnerships to put identity safeguards in place, Americans expect that due diligence is carried out to ensure the highest standard of service. I look forward to working closely with you to further look into the circumstances behind the renewal of the recently announced IRS contract with Equifax, and appreciate your attention to this important issue.

Sincerely,

Carolyn B. Maloney

###

 

 

 

 

 

 

[1] GAO to IRS: Actually, You Didn’t Have to Give Equifax a Contract, Nextgov (October 6, 2017) (online at http://www.nextgov.com/cio-briefing/2017/10/gao-irs-actually-you-didnt-have-give-equifax-contract/141618/?oref=nextgov_today_nl)