The IRS and APIs: Can Your Tax Returns Be Accessed?

The IRS and APIs

There’s a fascinating article over at TechCrunch about the possibility of the IRS being mandated by Congress to expose an API. The IRS undoubtedly already has lots of internal APIs, and might even expose some of them to external users. But the mandated API would give authorized third parties access to certain details from the someone’s tax returns.

Why would you want to let someone access your tax returns?

The answer is to prove what your income is in order to obtain a better rate on a loan or a loan at all. In fact, you can already tell the IRS to provide this information by filing a 4506-T form with the IRS. It’s just that it takes a long time to get it.

Being able to get it instantaneously via API would help create a virtuous circle of cheaper loans and reducing cost and risk to the lender. That’s because they can access more accurate information more quickly.

Identical versions of the bipartisan bill (which might raise eyebrows in the current climate) have been introduced into both houses of Congress. The Skoops Labs prognosis on the GovTrack site gives a probability of 8% for the House bill being enacted, but only 2% over the Senate one. A similar bill was introduced in 2016, so there is certainly no guarantee that anything like this legislation will ever become law.

As with anything related to taxes and the IRS, pushing through even a pretty simple administrative change can be a Sisyphean task. And, naturally, there are concerns about privacy. It’s true that you can already get the information the API would provide. But perhaps it’s the case that it might be easier for fraudsters to get it via the API and definitely quicker if they can.

It’s also very likely that in practice implementing the API securely and robustly might well be harder than the article implies, especially for an organization that doesn’t really want to provide the API, both out of fear that something might go wrong on the security front and just because it does fit with The Way We (Have Always) Do(ne) Things Here (and We are the IRS, So You Can’t Argue).

One area where API monitoring comes in

The IRS would want to monitor the APIs, but so might other government agencies and users. Negative testing would be especially important. But the article goes on to make the interesting point that the very existence of the IRS API might help to galvanize the sclerotic market for open API-based financial services in the US. Europe is far ahead of the US in creating such a market.

As we have discussed here on our blog, PSD2 (Payment Services Directive 2) comes into force in the European Single Market and in the UK. And the development of open banking standards driven by APIs is continuing apace.

The IRS API would only support one particular, albeit important, aspect of the financial services market in the US, but it might take a 900-pound gorilla to catalyze the widespread introduction of open API-based financial services.

It’s widely acknowledged that in the American retail banking sector is still mired in the mid-twentieth century. Something like 90% of the world’s checks are written in the US. Even in a country like the UK that decided not to abolish checks, it’s rare to write or receive one in 2018. The future is API-shaped and if the US wants to remove the burden of its antiquated banking practices and reap the advantages of adopting cutting edge fintech to benefit financial institutions and their personal and business customers, it needs to follow Europe and adopt API-based open banking.

With although those mission-critical APIs coming into use, APImetrics will be there to help they really are delivering the performance and quality promised to the users who depend on them.

Photo courtesy of Chris Potter
By |2018-01-03T05:43:55+00:00January 3rd, 2018|API Update, Opinion|0 Comments

Leave A Comment