IRS Shares Federal Tax Data With 1,100+ Organisations: TIGTA Flags Governance Gaps
A report published by the Treasury Inspector General for Tax Administration has found that the IRS shares federal tax information with at least 1,124 external organisations but cannot readily account for all of those arrangements. The finding lands at a politically sensitive moment, with the agency facing separate scrutiny over how it has handled data requests from immigration authorities.
What the TIGTA Report Found
TIGTA conducted the evaluation after Congress asked for clarity on which outside bodies, including federal agencies such as Immigration and Customs Enforcement, receive access to federal tax information. The resulting report maps a wide and only partially charted landscape.
Scale of the data-sharing network
TIGTA identified 1,124 known data-sharing agreements between the IRS and external organisations. The vast majority serve state and local tax administration purposes. Every US state and territory holds at least one such agreement. Ohio leads with 42 agreements; Nevada has the fewest at four.
The tracking problem
As of March 2026, the IRS's Privacy, Governmental Liaison and Disclosure office had logged 1,094 of those 1,124 agreements in its Governmental Liaison Agreement Library. That is 97% coverage, which sounds close, but the 30 untracked agreements were not minor oversights. They existed because certain IRS business units had established their own data-sharing arrangements without engaging the PGLD office, despite internal guidance that requires them to do so. TIGTA discovered these 30 additional federal tax information agreements precisely because those units had bypassed the standard notification process.
On the procurement side, the IRS's Office of the Chief Procurement Officer had no mechanism to flag contracts with non-government organisations that involve the sharing of federal tax information. The Office of Information Technology separately identified 27 such contracts, covering a range of operational support functions including the scanning of federal tax information at contractor facilities.
Why IRC Section 6103 Makes This Matter
Section 6103 of the Internal Revenue Code is the statutory framework governing when and how the IRS may disclose federal tax information to federal, state, and local agencies. It permits disclosure for tax administration and other authorised purposes, but it also places strict limits on unauthorised use, inspection, and disclosure. TIGTA's report quotes its own language on the underlying principle: the US tax system depends on voluntary compliance, and that compliance rests on taxpayer confidence that personal and financial information submitted to the IRS will be protected.
Gaps in tracking data-sharing agreements are not simply an administrative inconvenience. They create conditions in which the IRS cannot confirm whether every arrangement involving federal tax information has the legal authorisation, security controls, and oversight that Section 6103 demands. For accounting firms and CFOs whose clients' data sits within those pipelines, that is a material governance concern.
This connects to a broader pattern of IRS operational strain. Our earlier coverage of IRS staff reassignments following recent workforce reductions highlighted how institutional knowledge gaps can compound compliance risk across the agency's functions.
TIGTA's Recommendations and the IRS Response
Three core recommendations
TIGTA made three specific recommendations directed at the IRS's chief privacy officer and chief procurement officer:
- Coordinate to establish a centralised database covering all data-sharing agreements and contracts that involve federal tax information, whether held by PGLD or by other business units.
- The chief privacy officer should remind all IRS business units of the requirement to engage with the PGLD office when creating any new federal tax information data-sharing arrangement with a government agency.
- The chief procurement officer should develop a process to readily identify every contract with an external organisation that involves the sharing of federal tax information.
The IRS agreed
The agency accepted all three recommendations. Acting chief privacy officer John Walker confirmed in writing that the IRS will strengthen its processes to identify and track all active data-sharing agreements and contracts containing federal tax information. No timeline for implementation was specified in the public version of the report.
Practical Implications for Tax Practitioners
For accounting firms serving clients with complex tax positions, and for CFOs managing sensitive financial data submitted to the IRS, this report raises a few specific questions worth asking now.
First, data shared with the IRS does not stay within a single, hermetically sealed system. It flows outward to a network of more than a thousand external bodies, and the IRS's own internal controls for mapping those flows were, until this report, incomplete. Second, the report surfaces a structural issue: the agency's business units can enter agreements that create federal tax information obligations without the privacy office knowing. Third, the scrutiny around ICE access to IRS data is a reminder that data-sharing agreements can acquire political and legal salience quickly, sometimes faster than governance frameworks can respond.
Practitioners advising clients on IRS interactions, or firms that themselves receive federal tax information under sub-agreement arrangements, should keep a close eye on how the IRS implements the recommended centralised database. The agency's acceptance of TIGTA's findings is a start, but acceptance and execution are different things. Our coverage of IRS Circular 230 AI guidance reflects how quickly new operational dimensions are being layered onto an agency already managing significant institutional change.
Key Data Points at a Glance
| Data point | Detail |
|---|---|
| Total known data-sharing agreements | 1,124 |
| Agreements tracked by PGLD office (as of March 2026) | 1,094 (97%) |
| Agreements found outside PGLD tracking | 30 |
| FTI-related contracts identified by Office of Information Technology | 27 |
| State/territory with most agreements | Ohio (42) |
| State/territory with fewest agreements | Nevada (4) |
| IRS acceptance of TIGTA recommendations | Full (all three accepted) |
What is federal tax information (FTI) under IRC Section 6103?
Federal tax information refers to any return or return information obtained by the IRS from a taxpayer or from a third party. Section 6103 of the Internal Revenue Code sets out the conditions under which the IRS may share this data with external bodies, including federal agencies, state tax authorities, and authorised contractors.
Why did TIGTA conduct this review?
Congress requested the evaluation in the context of growing attention to IRS data-sharing with immigration authorities, specifically ICE. TIGTA's mandate is independent oversight of IRS operations, and the review was designed to map the full scope of external organisations receiving federal tax information.
Does the IRS sharing data with ICE comply with Section 6103?
That question was addressed in a separate TIGTA report, referenced in the current findings. The compliance status of specific disclosures to ICE is subject to ongoing legal and congressional scrutiny. This article covers the governance findings in the broader data-sharing report only.
What is the PGLD office and what does it do?
The Privacy, Governmental Liaison and Disclosure office is the IRS unit responsible for managing data-sharing agreements with external government agencies and for maintaining records of those arrangements. TIGTA found its tracking library was unaware of 30 agreements established by other IRS business units.
What should accounting firms do in response to this report?
Firms that handle federal tax information on behalf of clients, or that are themselves parties to IRS data-sharing arrangements, should review their agreement inventories and confirm that all relevant contracts are properly documented. They should also monitor IRS announcements on the implementation of the centralised database TIGTA has recommended.
Source: Accounting Today
FAQ
Federal tax information refers to any return or return information obtained by the IRS from a taxpayer or from a third party. Section 6103 of the Internal Revenue Code sets out the conditions under which the IRS may share this data with external bodies, including federal agencies, state tax authorities, and authorised contractors.
Congress requested the evaluation in the context of growing attention to IRS data-sharing with immigration authorities, specifically ICE. TIGTA's mandate is independent oversight of IRS operations, and the review was designed to map the full scope of external organisations receiving federal tax information.
That question was addressed in a separate TIGTA report referenced in the current findings. The compliance status of specific disclosures to ICE is subject to ongoing legal and congressional scrutiny. This article covers the governance findings in the broader data-sharing report only.
The Privacy, Governmental Liaison and Disclosure office is the IRS unit responsible for managing data-sharing agreements with external government agencies and for maintaining records of those arrangements. TIGTA found its tracking library was unaware of 30 agreements established by other IRS business units.
Firms that handle federal tax information on behalf of clients, or that are themselves parties to IRS data-sharing arrangements, should review their agreement inventories and confirm that all relevant contracts are properly documented. They should also monitor IRS announcements on the implementation of the centralised database TIGTA has recommended.
