The Tax Audit Becomes the Risk Model
AI in tax enforcement does not need to decide the law to change the state. It changes who receives attention, paperwork, suspicion, and the burden of proof, often before the taxpayer knows there is a machine-shaped decision to contest.
An audit risk model is a decision about official attention, not proof of liability. The governance question is whether the institution can explain, test, correct, and stop that attention before administrative friction becomes evidence.
The State Learns to Select
The tax audit is one of the oldest modern encounters between citizen and administrative state. It asks a simple question with heavy consequences: why did this return, this household, this partnership, this corporation, or this transaction deserve official attention?
The public-facing baseline is older than today's AI vocabulary. IRS Publication 556 says returns may be selected by computerized screening, random sample, income-document matching, or information from other sources, and that selection for examination does not itself suggest an error or dishonesty. That distinction is the hinge of the whole governance problem: selection creates burden, but it is not proof.
Artificial intelligence enters tax enforcement at the selection layer. It does not need to calculate the final tax bill, decide a legal appeal, or accuse anyone of fraud to matter. If a model helps decide which returns, partnerships, credits, balances, notices, or suspected schemes move to the front of the queue, it has already changed the distribution of state attention.
For this essay, a tax audit risk model is not only the statistical or machine-learning artifact. It is the whole selection pipeline: the data warehouse, labels, features, thresholds, routing rules, human review, notices, audit correspondence, default closures, appeals, and feedback into later enforcement. That makes it a public-power system, not a private dashboard. It belongs beside AI in government, AI audit trails, and notice and appeal, even when the operational details cannot be public.
Why the IRS Wants Models
The IRS has a practical reason to want better selection. It faces complex returns, limited enforcement staff, refund fraud, nonfilers, abusive promoters, high-income taxpayers, large corporations, and partnerships whose structures can be hard to inspect manually. In September 2023, the IRS announced a shift toward those groups, saying improved technology and artificial intelligence would help detect tax cheating, identify emerging threats, and improve case selection.
The agency's 2024 Inflation Reduction Act strategic update gives the concrete picture. It says the IRS used AI and advanced analytics to help select complex partnerships for audits and had open examinations of 76 of the largest U.S. partnerships as of December 2023. It also describes analytics used to identify large corporate taxpayers for audit and a focus on business aircraft use by large corporations, large partnerships, and high-income taxpayers.
The IRS's FY 2027 Congressional Justification continues the same direction. It frames data-driven enforcement as a priority built around artificial intelligence, advanced analytics, and improved data integration, and describes a Case Selection and Anomaly Detection initiative that uses AI and machine learning to improve fraud detection, prioritize higher-impact cases, identify pre-refund risks, and automate parts of taxpayer-response evaluation.
The case for these systems is not absurd. If models reduce no-change audits, target complex abuse, and spare compliant taxpayers from unnecessary burden, they can make enforcement both fairer and more effective. The danger is that "risk" becomes a quiet administrative fact before the taxpayer has any chance to contest it. In tax enforcement, selection is not punishment, but it can still impose cost, delay, fear, and recordkeeping demands.
Current Context
As of June 23, 2026, the public record is wider than a press release but still incomplete. GAO reported in March 2026 that IRS had 126 active AI use cases in its inventory as of June 2025, including 65 treated as too sensitive for public reporting or as research-and-development uses exempt from public reporting. GAO also said IRS had used AI for years in areas including taxpayer service and audit selection, while recommending stronger information quality, strategic management, and workforce planning.
The strongest governance signal is the IRS's February 2026 AI policy. It says AI that informs or influences whether a taxpayer will be subject to audit, or what aspects of a return will be subject to audit, is a presumed high-impact use. That matters because high-impact AI use cases require pre-deployment testing, an impact assessment, ongoing monitoring for performance and adverse impacts, human training and oversight, remedies or appeals, and end-user or public feedback unless a justified determination, pilot certification, or waiver applies.
The policy also makes the inventory itself part of governance. IRS AI use cases in pre-deployment, pilot, deployed, or retired stages generally must be entered into the IRS AI Use Case Inventory, and high-impact systems that cannot be brought into compliance are supposed to be discontinued. For audit selection, that means a model is not just a technical asset. It is an accountable public-administration record with an owner, risk classification, lifecycle state, and stop condition.
That does not mean exact audit triggers should be public. Tax administration has real evasion and fraud risks, and taxpayer data is highly sensitive. It means the accountability record must exist in tiers: public summaries and inventories where lawful, restricted oversight for sensitive model details, and taxpayer-facing notices that explain the factual issue without publishing the detection playbook.
Selection Is Not Neutral
Selection is at least three decisions: whether to open a case, which issue to raise, and how much administrative friction to impose before closure. Each has a different error pattern. A fair system cannot collapse all three into a single risk score.
GAO's 2024 report on refundable credits shows why that matters. IRS uses an automated system, the Dependent Database program, to flag returns claiming refundable credits such as the Earned Income Tax Credit for potential audit. GAO found that IRS regularly reviews the system, but does not comprehensively consider whether the data inputs and assumptions used in selection could create unintended demographic bias.
GAO also described how default audits can distort the meaning of "change." If a taxpayer does not respond or cannot provide enough documentation, the audit may close as changed even when nonresponse is driven by instability, low income, lack of banking access, language access, disability, unstable housing, or difficulty communicating with the IRS. If past audit outcomes train or steer future selection, administrative friction can start to look like confirmed noncompliance.
This is the governance problem hidden inside the word "risk." A model may be statistically useful and still distribute burden unfairly. It may find genuine noncompliance and still overrepresent people who are easier to audit, harder to reach, or less able to challenge an initial notice. That is why the relevant metric cannot be revenue yield alone. A tax selection model also has to be measured against no-change audits, refund delays, response barriers, appeal outcomes, repeat selection, and disparate administrative burden. It belongs in the same family as opaque scoring systems, right-to-explanation debates, and algorithmic recourse, not just fraud analytics.
Three distinctions should survive every model update. Nonresponse is not confession. A changed audit is not automatically proof that selection was fair if the change came from default. A high-yield model is not automatically a rights-preserving model if it shifts paperwork costs onto taxpayers least able to respond.
The Data Shadow
The IRS Compliance Data Warehouse privacy assessment is unusually clear about the substrate. It says AI models developed using CDW data can predict taxpayer risk of noncompliance, identify potential audit issues, or detect fraud, and that these models use historical taxpayer data showing patterns in reporting, service outcomes, and audit outcomes for training. It also says project teams are responsible for reliability, bias, drift, and validation work.
Historical data is not neutral memory. It contains underfunded enforcement priorities, correspondence failures, documentation burdens, old model choices, changing law, and the uneven ability of taxpayers to respond. It may contain genuine noncompliance. It may also contain the shadow of who was easiest to audit, easiest to reach, easiest to scare into silence, or easiest to close by default. A selection model that learns from this record needs data governance, not just predictive accuracy.
Tax transparency cannot mean publishing the full feature set for enforcement models. But secrecy should be scoped, logged, and reviewable. Sensitive taxpayer data calls for data minimization, purpose limits, access controls, retention rules, and audit trails that allow oversight bodies to inspect the system without widening the exposure of the data the system is supposed to govern.
GAO has found related weaknesses, and some of the public status has changed over time. Its 2023 partnership audit report said IRS used statistical models to review partnership returns for potential noncompliance, but those models used unrepresentative samples and untested assumptions, and IRS lacked a plan to incorporate audit-result feedback. Its 2024 tax-gap report said IRS was piloting an AI process for National Research Program audit sampling but had not completed documentation of key elements and technical specifications. Later GAO recommendation updates show IRS closed several NRP documentation gaps in 2025, while validation and evaluation-process documentation remained only partially addressed. The governance lesson is not that IRS never documents models. It is that the record has to follow assumptions, technical specifications, risk-level decisions, validation, update triggers, limitations, and evaluation decisions as living evidence.
The Governance Standard
A serious tax-enforcement AI program should begin with taxpayer rights. IRS's Taxpayer Bill of Rights includes the right to challenge the IRS's position, appeal in an independent forum, finality, privacy, and confidentiality. A model that changes who receives enforcement attention should be governed in light of those rights, not only by hit rate.
First, separate selection from judgment. A risk score should not be treated as evidence of liability. Notices, examiner guidance, and case files should preserve the distinction between model-selected attention and established tax facts. If an examiner cannot explain the factual basis for a question without leaning on the score, the model has crossed the wrong line.
Second, document the system, not just the model. GAO's findings on incomplete documentation and incomplete AI inventories point to a public-administration requirement: the agency must know what models exist, what data they use, what decisions they influence, who owns them, how they are validated, and when they are retired. That is the tax-enforcement version of an AI system inventory, an algorithmic impact assessment, and AI audits and assurance.
Third, protect the notice layer. A taxpayer does not need every score input to be public, but a notice should identify the factual issue, the records needed, the deadline, the consequences of nonresponse, the route for help, and the route for challenge. Notice is where model selection becomes a human-facing process.
Fourth, audit burden as well as revenue. A model can look efficient if it increases assessments while ignoring time, anxiety, documentation cost, delayed refunds, default closures, and appeal barriers for compliant taxpayers. Burden metrics should follow the full case, not stop when the model hands it to an examiner.
Fifth, test equity before scale. The system should be evaluated for disparate burden across income, geography, language, family structure, race proxies, disability, and access to professional representation, even when protected-class data is not directly collected. Where disclosure of exact selection factors would invite evasion, the substitute cannot be secrecy alone. It has to be independent review, documented tests, and public reporting at a level that does not reveal enforcement playbooks.
Sixth, break bad feedback loops. Default closures, refund delays, nonresponse, examiner overrides, appeals, and audit reconsiderations should be labeled as administrative outcomes, not silently treated as confirmed fraud or confirmed noncompliance. Retraining a model on polluted outcomes can convert service failure into future suspicion.
Seventh, preserve the denominator. Audit-selection learning should not look only at selected cases. The agency needs records of not-selected populations, random samples, no-change audits, default closures, overrides, and excluded cases so it can tell whether the model found risk or merely learned where the agency historically looked.
Eighth, separate service barriers from compliance facts. Returned mail, language barriers, unstable housing, disability, lack of banking access, phone access, digital-access problems, and missed correspondence may matter operationally, but they should not quietly become proof of tax risk. Service failure has to be measured as service failure before it is reused as enforcement signal.
Ninth, keep humans and vendors accountable. IRS policy now requires AI use-case inventory entries and says high-impact AI that cannot be brought into compliance must be discontinued. It also reaches contractor and vendor systems, which means procurement files need enough model, data, documentation, and change-control evidence for the IRS to meet its own obligations. Accountability has to reach the examiner, manager, contractor, data scientist, and policy owner who shape the system. Human oversight means a named person can pause, override, correct, and answer for the case, not merely rubber-stamp a queue.
Tenth, use tiered transparency. The public should get plain-language use-case information, impact-assessment summaries, waiver summaries, and aggregate performance evidence where lawful. Restricted oversight bodies can inspect sensitive model details. Taxpayers need case-specific reasons and routes for correction. That is the tax version of transparency and public registers, adapted to enforcement sensitivity.
What This Changes
The tax audit risk model is a high-control interface because it operates before the taxpayer can see a score, a queue, or a threshold. It changes the odds of contact. It changes which facts are requested. It changes how quickly a refund moves. It changes which taxpayers must prove ordinary life in administrative language.
A fair tax system needs enforcement. Complex avoidance by wealthy taxpayers and large entities is not a fiction. But better enforcement cannot mean hiding the selection machine behind the letterhead. The state may use models to decide where to look. It must not let the model become an unchallengeable suspicion ritual.
The practical demand is simple: if AI helps choose who gets audited or what is audited, the institution must be able to explain, test, correct, and stop that choice-making machinery. The public may not be entitled to every feature weight or fraud pattern. It is entitled to a rights-preserving system: high-level disclosure, auditable records, appeal channels, privacy controls, bias testing, incident reporting, and a clear distinction between algorithmic suspicion and legal proof.
Otherwise the audit is no longer only a legal process. It is a data shadow asking the citizen to answer for itself, while the state treats the shadow as common sense.
Source Discipline
Claims about IRS AI should distinguish five evidence types. IRS announcements, budget justifications, and strategic plans show agency intent. The Internal Revenue Manual and federal AI policy show required governance. Privacy and civil-liberties assessments describe data systems and stated controls. Public inventories show only the releasable part of the portfolio. GAO and inspector-general reports provide independent findings about inventories, documentation, bias review, staffing, governance, and audit-selection weaknesses. None of these, by itself, proves that a specific risk model is fair, unlawful, effective, or harmful.
Tax administration is a hard case for transparency because exact selection factors can become an evasion manual and taxpayer return information is protected. Source discipline should not demand publication of the fraud playbook. It should demand named evidence tiers: public summaries, restricted oversight files, model and data inventories, validation records, notice templates, audit outcomes, appeal records, incident logs, and retention rules.
Strong claims should name the use case, population, data source, selection threshold, human review step, taxpayer notice, audit outcome, appeal path, feedback loop, and oversight body. Without those details, the honest conclusion is narrower: model-mediated tax enforcement is already real, the public documentation is partial, and the governance standard must treat selection as an exercise of public power.
Related Pages
- The Government Chatbot Becomes the Front Desk
- Recoding America and the Implementation State
- Automating Inequality and the Digital Poorhouse
- Seeing Like a State and Administrative Legibility
- The Adverse Action Notice Becomes the Explanation Interface
- The Return Counter Becomes a Risk Score
- The AI Audit Becomes the Compliance Interface
- The AI Register Becomes Public Memory
- AI in Government, AI Audits and Assurance, AI Audit Trails, and Algorithmic Impact Assessments
- Notice and Appeal, Algorithmic Recourse, and Right to Explanation
- Privacy and Data, Vendor and Platform Governance, and Transparency and Public Registers
Sources
- Internal Revenue Service, Publication 556: Examination of Returns, Appeal Rights, and Claims for Refund, Rev. September 2013, reviewed June 23, 2026.
- Internal Revenue Service, IRS announces sweeping effort to restore fairness to tax system with Inflation Reduction Act funding, September 8, 2023.
- Internal Revenue Service, IRS IRA Strategic Operating Plan Annual Update Supplement, April 2024.
- Department of the Treasury, Internal Revenue Service, FY 2027 Congressional Justification, reviewed June 23, 2026.
- Internal Revenue Service, 10.24.1 IRS Policy for Artificial Intelligence Governance, February 10, 2026.
- Office of Management and Budget, M-25-21, Accelerating Federal Use of AI through Innovation, Governance, and Public Trust, April 3, 2025.
- Internal Revenue Service, Compliance Data Warehouse Privacy and Civil Liberties Impact Assessment, reviewed June 23, 2026.
- U.S. Government Accountability Office, Artificial Intelligence: IRS Actions Needed to Address Skills Gaps, Information Quality, and Strategic Management, March 24, 2026.
- U.S. Government Accountability Office, Tax Enforcement: IRS Audit Selection Processes for Returns Claiming Refundable Credits Could Better Address Equity, March 13, 2024.
- U.S. Government Accountability Office, Tax Enforcement: IRS Audit Processes Can Be Strengthened to Address a Growing Number of Large, Complex Partnerships, July 27, 2023.
- U.S. Government Accountability Office, Tax Gap: IRS Should Take Steps to Ensure Continued Improvement in Estimates, May 16, 2024.
- Treasury Inspector General for Tax Administration, Governance Efforts Should Be Accelerated To Ensure the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, November 12, 2024.
- Internal Revenue Service, Taxpayer Bill of Rights, reviewed June 23, 2026.