Part 9. Criminal Investigation

Chapter 12. Administrative and Recordkeeping Matters

Section 1. Miscellaneous Administrative Procedures

9.12.1 Miscellaneous Administrative Procedures

Manual Transmittal

April 03, 2026

Purpose

(1) This transmits revised IRM 9.12.1, Miscellaneous Administrative Procedures.

Material Changes

(1) Added required internal controls to comply with IRM 1.11.2.2.4, Address Management and Internal Controls, and IRM 1.4.2, Monitoring and Improving Internal Controls.

(2) Removed § throughout the IRM.

(3) Updated all IRM’s, forms, and websites to quick links throughout the IRM.

(4) Subsection 9.12.1.2(2)(a) removed “and up to date”.

(5) Subsection 9.12.1.3(1) replaced “field office” with “Criminal Investigation” and added “in the field office and the Resident Agent in Charge (RAC) in headquarters”.

(6) Subsection 9.12.1.3(1)(Note) added “or the headquarters executive, the SAC/RAC” and “or Supervisory Court Witness Coordinator (SCWC)”.

(7) Subsection 9.12.1.3(3) added “SAC/RAC or SSA/SIA/SCWC” and removed ”this responsibility” and “as the designee”.

(8) Subsection 9.12.1.3(4) changed “correct” to “accurate”, “request system” to “process”, and “SIA” to “The supervisor”.

(9) Subsection 9.12.1.3(9)(c) added “SSA/SIA/SCWS”.

(10) Subsection 9.12.1.3(11) updated “SSA’s” to “supervisors” and “as a result” to “because”. Added “RAC” after ASAC.

(11) Subsection 9.12.1.4.1(Note) updated to “When there is doubt as to whether double sealed mailing envelopes should be used, it should be resolved in favor of using double sealed mailing envelopes”.

(12) Subsection 9.12.1.4.3(1) removed “as amended” and updated executive order reference to 13526.

(13) Subsection 9.12.1.4.6(2) removed “IRM 11.3., subsection 11.3.1.14.2, Electronic Mail and Secure Messaging, and IRM 10.8.1, Policy and Guidance subsection”.

(14) Added subsection 9.12.1.4.6(3) to state current procedures.

(15) Removed subsection 9.12.1.5, Recognition Programs from this IRM, relocating to IRM 9.11.4.17, Criminal Investigation Chief Recognition Program Award.

(16) Removed subsection 9.12.1.5.1, Criminal Investigation Chief’s Award, relocating to IRM 9.11.4.17, Criminal Investigation Chief Recognition Program Award.

(17) Removed subsection 9.12.1.6, Confidential Financial Disclosure Program for CI Employees, relocating to IRM 9.11.4.18.

(18) Subsection 9.12.1.7.3(1) updated to current procedures.

(19) Subsection 9.12.1.7.5 updated entire section to current procedures.

(20) Editorial changes made throughout the IRM for clarity.

Effect on Other Documents

This IRM supersedes IRM 9.12.1 dated February 13, 2024.

Audience

Criminal Investigation

Effective Date

(04-03-2026)

Gary A. Shapley, Jr
Deputy Chief, Criminal Investigation
for
Guy A. Ficco
Chief, Criminal Investigation

9.12.1.1 (04-03-2026)

Program Scope and Objectives

  1. Purpose: This section contains administrative procedures with respect to miscellaneous topics to provide guidance to Criminal Investigation employees.

  2. Audience: All Criminal Investigation employees.

  3. Policy Owner: Executive Director, Advanced Analytics & Innovation.

  4. Program Owner: Director, Advanced Analytics & Innovation.

  5. Primary Stakeholders: Director, Financial Crimes, Director, Technology Operations, and Director, Assurance & Advisory.

  6. Contact Information: To make changes to this IRM email *CI-HQ-IRM.

9.12.1.1.1 (02-13-2024)

Background

  1. The IRS Restructuring and Reform Act of 1998 resulted in a complete restructuring and reformatting of the IRM to align with IRS business processes. One of the primary goals of IRS modernization was to restore and maintain the IRM as the single, official compilation of IRS policies, procedures, and guidelines. The IRM is the primary source of instructions to staff.

9.12.1.1.2 (04-03-2026)

Authority

  1. See IRM 1.2.2, Servicewide Delegations of Authority, for the delegated authority relating to IRM 9.12.1, Miscellaneous Administrative Procedures.

9.12.1.1.3 (04-03-2026)

Roles and Responsibilities

  1. The Director, Advanced Analytics & Innovation owns this IRM and is responsible for:

    • Providing program oversight,

    • Maintaining and overseeing updates to this IRM,

    • Ensuring internal control content is complete, accurate, and reviewed annually,

    • Reviewing and approving any updates to this IRM before they are published.

  2. The Directors of Advanced Analytics & Innovation, Financial Crimes, Technology Operations, and Assurance & Advisory are responsible for:

    • Updating this IRM when the content is no longer accurate:
      -Updating references to forms, letters, publications, documents, notices, etc.,
      -Updating contact information, phone numbers, email addresses, web addresses, etc.,
      -Adding or updating new or amended legislation, regulations, programs, or processes,
      -Removing outdated or duplicated content,
      -Reorganizing or rewording content for clarity,
      -Providing other procedural, operational, and editorial changes as needed.

    • Incorporating interim guidance into the next revision of this IRM prior to the expiration date,

    • Ensuring the IRM provides reliable information for decision making and quality assurance,

  3. It is the responsibility of all Criminal Investigation employees to protect taxpayer confidentiality and to understand when access to or disclosure of taxpayer information is authorized by law. Information regarding disclosure of confidential tax information under the Freedom of Information Act and the Privacy Act can be found in IRM 11.3, Disclosure of Official Information.

9.12.1.1.4 (04-03-2026)

Program Management and Review

  1. The Directors of Advanced Analytics & Innovation, Financial Crimes, Technology Operations, and Assurance & Advisory will review this IRM annually for procedural, operational, and editorial changes ensuring consistent application of policy, procedures, and tax law while protecting taxpayers’ rights.

9.12.1.1.5 (04-03-2026)

Program Controls

  1. The Directors of Advanced Analytics & Innovation, Financial Crimes, Technology Operations, and Assurance & Advisory will:

    1. Utilize their business units efficiently and effectively to accomplish the strategies and mission of IRS and Criminal Investigation.

    2. Review their program and ensure employee compliance with all applicable elements of this IRM.

    3. During quality review, evaluate whether employees researched, interpreted, and correctly applied IRM instructions while performing their duties.

9.12.1.1.6 (04-03-2026)

Acronyms

  1. The table lists commonly used acronyms and their definitions:

    Acronym Description
    ASAC Assistant Special Agent in Charge
    CI Criminal Investigation
    DLN Document Locator Number
    ESF Emergency Support Function
    FOUO For Official Use Only
    LOU Limited Official Use
    POI Person of Interest
    RAC Resident Agent in Charge
    SAC Special Agent in Charge
    SBU Sensitive but Classified
    SCWC Supervisory Court Witness Coordinator
    SIA Supervisory Investigative Analyst
    SSA Supervisory Special Agent
    TFO Task Force Officer
9.12.1.1.7 (04-03-2026)

Related Resources

  1. IRM 1.2.2.12.2, Delegation Order 11-2 (Rev 5), Authority to Permit Disclosure of Tax Information and to Permit Testimony or the Production of Documents.

  2. IRM 9.3.1, Disclosure.

  3. IRM 10.8.1.4.19.2.1, Electronic Mail (Email) Security.

  4. IRM 10.23.2.3, Citizenship Requirements.

  5. IRM 21.1.3.9, Mailing and Faxing Tax Account Information.

9.12.1.2 (04-03-2026)

Daily Record of Activity Diary

  1. All technical and investigative support Criminal Investigation (CI) personnel, except Supervisory Special Agents (SSA), Supervisory Investigative Analysts (SIA) and upper management officials, are required to maintain a daily record of activities in an electronic data file, CI Diary. Non-technical personnel at the field office, area office, and headquarters (HQ) levels not directly involved in investigative activities are not required to maintain a daily record of activities. Such non-technical personnel include budget analysts, program analysts, management analysts, etc.

  2. The following instructions apply to the CI Diary:

    1. Keep diaries current.

    2. Entries should be brief but detailed enough to describe the employee's activities with respect to official matters, such as investigative actions, leave, Law Enforcement Availability Pay (LEAP), overtime/credit/compensatory hours worked, travel expenses, vehicle log including home-to-work entries, official expenditures, etc.

    3. Entries should cover important activities, such as initial interview of taxpayers, interviews of return preparers or key witnesses.

    4. Entries should be of sufficient length to describe the event. This would include sources, dates of origin, and other facts and circumstances involved in obtaining leads and evidence in investigations.

    5. LEAP entries should be specific as to the time and details of all activities.

  3. Diaries will be inspected by management officials to ensure that instructions pertaining to diary maintenance are being observed. Annually as directed, special agents, investigative analysts, tax fraud investigative assistants (TFIA) and compliance support assistants (CSA) will transfer a copy of their CI Diary data file to their immediate manager for review. The manager will access the "Manager Review" feature of the CI Diary and review the diary data file of their subordinate personnel. This review must be completed as soon as practicable, since subordinate personnel cannot make entries in their CI Diary until the reviewed data file is emailed back by the manager and saved to the CI Diary data file by the employee.

  4. All diaries or calendars used to maintain a daily record of activities should be retained by the CI head of office to which the employee is assigned. In the event an employee transfers within CI, the head of office will forward the employee's diaries or calendars to the head of office to which the employee is transferred. Diaries or calendars of an employee will be made available to the former field office upon request.

9.12.1.3 (04-03-2026)

Mandatory Guidelines for Tax Return Inventory Control

  1. A separate record of all original tax returns in the custody of Criminal Investigation personnel will be maintained by the Special Agent in Charge (SAC) in the field office and the Resident Agent in Charge (RAC) in headquarters. These original documents include Questionable Refund Program (QRP) and Return Preparer Program (RPP) documents that contain a Document Locator Number (DLN).

    Note:

    At the option of the Director, Field Operations, or the headquarters executive, the SAC/RAC may delegate this responsibility to an SSA/SIA or Supervisory Court Witness Coordinator (SCWC).

  2. These procedures require appropriate security for original tax returns and documents containing DLNs to prevent unauthorized disclosures. These original documents should not be retained by CI longer than necessary.

  3. The SAC/RAC or SSA/SIA/SCWC, if delegated, will designate a member of their professional staff to be responsible for the request, receipt, control, and custody of the inventory of tax returns.

  4. To request tax returns or documents containing a DLN, requestors will submit a complete and accurate request through the established investigative support process. The supervisor assignment of the request to the designee serves as management approval. The designee will input the request through the Integrated Data Retrieval System (IDRS) and maintain the request documentation in an authorized server location.

    1. A special agent assigned to assist government attorneys will not request tax returns or tax return information in response to "ex parte" orders. The Disclosure Officer serving the field office will request all returns and return information in response to an "ex parte" order. To facilitate expeditious handling, government attorneys should be directed by special agents to forward "ex parte" orders directly to the disclosure officer.

    2. The provisions of 26 USC 6103 do not authorize CI to secure returns or return information in response to "ex parte" orders. Failure to adhere to these provisions could result in an unauthorized disclosure. See IRM 11.3, Disclosure of Official Information., and IRM 1.2.2.12.2, Delegation Order 11-2, Authority to Permit Disclosure of Tax Information and to Permit Testimony or the Production of Documents.

  5. All original returns, documents bearing DLNs, and transmittals (Form 4251 , Return Charge Out and Form 3210, Document Transmittal), should go directly to the designee. The designee will maintain document request, receipt, custody, and assignment information in the official tax return inventory database maintained by CI, and notify the requestor when documents are received.

  6. The designee as the primary custodian will exercise exclusive control of the database described in the preceding paragraph and will have custody of all original tax returns and documents with DLNs. The delegate, as back-up, will have access to only the database information described in the preceding paragraph. The primary designee will keep the original tax returns and any related documents in a locked cabinet. The designee will also use Form 3210 as a controlling document or logbook to acknowledge transfer or receipt of original returns when they are assigned to special agents. Special agents will work from a copy of an original return and will not normally be assigned or retain the original for extended periods. Original tax return(s) should only be assigned to a special agent when needed for signature verification of the taxpayer and return preparer for grand jury or trial proceedings.

    1. A certified copy of the original tax return will be introduced as the grand jury or trial exhibit. The original tax return will remain in the custody of IRS.

  7. Special agents will periodically provide the designee with a list of all tax returns that are no longer needed for retention in the field office. At a minimum, the returns assigned to a special agent will be reviewed annually during their workload review to determine if the returns are still needed.

  8. Periodically, the designee will recharge original tax returns to files and update the tax returns status on the database.

  9. By November 30 of each year, the designee will perform database verifications to ensure that returns requested have been received or recharged to files, and that both database and related assignment documents match.

    1. There shall be a 100% physical verification of every original tax return in the custody and control of the designee.

    2. The SSA/SIA shall assign someone other than the designee to perform the 100% verification to ensure a separation of duties. If possible, the person performing the verification shall be a designee from another group within the field office.

    3. The SSA/SIA/SCWC shall be provided with the database verification by December 15 of each year so that they can take necessary actions to correct any discrepancies and ensure the effectiveness of the operation. The SSA/SIA will initial and date the database verification and retain it for two years. The retained verifications will show the actions taken to correct any discrepancies.

  10. By December 15 of each year, the SSA will sample Form 4844, Request for Terminal Action, to ensure the designee inputs only approved requests for any tax return.

  11. As part of their operational review, the SAC, Assistant Special Agent in Charge (ASAC), or RAC will verify the accuracy of the original tax return inventory and the supervisor’s original tax return assignments to the special agents or investigative staff. In instances where tax returns were secured because of a related statute determination, the SAC, ASAC, or RAC will ensure that a copy of the related statute determination memorandum is attached to the tax return or retained in the related tax return inventory file. See IRM 9.3.1, Disclosure.

9.12.1.4 (04-03-2026)

Security of Communications

  1. All communication must be protected from unauthorized disclosure. This includes oral, written and electronic communication. See IRM 9.3.1, Disclosure.

9.12.1.4.1 (04-03-2026)

Use of Double Sealed Mailing Envelopes

  1. Written communications involving matters to which access is limited should be mailed in double sealed envelopes marked, "to be opened by addressee only." This applies to:

    1. Investigative, statistical and management reports.

    2. Collateral requests and replies.

    3. Memoranda of any kind.

    Note:

    When there is doubt as to whether double sealed mailing envelopes should be used, it should be resolved in favor of using double sealed mailing envelopes.

9.12.1.4.2 (12-16-2008)

Discussion of Official Business

  1. Official matters should not be discussed in public or within the hearing of the public. See IRM 9.3.1, Disclosure.

9.12.1.4.3 (04-03-2026)

Use of Words "Top Secret," "Secret" and "Confidential"

  1. The designations "Top Secret", "Secret", and "Confidential" may be used only on documents containing information affecting the national security of the United States as defined in Executive Order 13526, Classified National Security Information.

  2. Sensitive But Unclassified (SBU) shall be the primary term used to mark sensitive but unclassified information originating within Treasury/Bureau offices. Previous designations to label sensitive information like Limited Official Use (LOU), For Official Use Only (FOUO), Eyes Only, etc. shall be discontinued in identifying SBU information produced within Treasury/Bureaus unless a particular term is authorized by law, statute or agency regulation, or as identified by the Freedom of Information Act (FOIA) or the Privacy Act. Except for the term “Law Enforcement Sensitive” used by CI, no other terms shall be applied to Treasury/Bureau originated sensitive information determined to be SBU unless authorized by law, statute, or regulation.

  3. Any documents that retain the designation “LOU”, “FOUO”, “OUO”, etc. should be considered as designated SBU/Law Enforcement Sensitive.

    Note:

    Unauthorized disclosure of SBU information may reduce the effectiveness of tax administration, violate law, and adversely affect the national interest, the conduct of federal programs, or the privacy to which individuals are entitled under the Privacy Act or other laws. The Law Enforcement Manual (LEM) Documents Part 9 are “Law Enforcement Sensitive” and require special handling to prevent its loss, misuse, alteration or unauthorized disclosure. See IRM 11.3.12, Disclosure of Official Information, Designation of Documents, for more information.

9.12.1.4.4 (07-15-2002)

Transmitting Documents by Mail

  1. When transmitting documents by regular mail, registered mail, certified mail, or other express service, confirmation of delivery will be used if any of the following documents are included in the transmittal:

    1. Administrative file, including original tax returns.

    2. Special agent's report (SAR).

    3. Exhibits to SAR.

    4. Supplemental report.

  2. Should confirmation of delivery not be received by the office transmitting such files or documents within a reasonable period, not to exceed 15 days, inquiry is to be made through the regular channels of the delivery service regarding the apparent failure of registered mail or express service to reach the addressee.

    1. Information concerning the delayed or lost transmittals should be forwarded to the addressee.

    2. Steps should be taken as appropriate or necessary to duplicate the contents of the original transmittal to permit the addressee to proceed with the proposed necessary action.

9.12.1.4.5 (12-16-2008)

Facsimile Transmission of Tax Information

  1. The legal restrictions for facsimile transmission of tax information are the same as for responding to an inquiry for tax information by telephone or mailing tax information to third parties. Guidelines regarding the faxing of return and return information can be found in IRM 21.1.3.9, Mailing and Faxing Tax Account Information.

9.12.1.4.6 (04-03-2026)

Electronic Mail

  1. Employees may not use email to transmit SBU data unless they use the IRS Secure Messaging (SM) system. Secure Messaging allows users to encrypt email messages and attachments for transmission between IRS employees. However, both the sender and recipient must have SM to protect the email.

  2. See IRM 10.8.1.4.19.2.1, Electronic Mail (Email) Security, for additional information regarding email guidelines.

  3. When the confidentiality of the contents of an email message (containing proprietary or sensitive information) needs to be protected, users must encrypt the body of the email message using an IRS Information Technology (IT)-approved solution for email. (NIST SP 800-45) (L, M, H) Note: Refer to the internal encrypt emails guidance for an IT-approved email encryption solution.

9.12.1.5 (11-16-2022)

Criminal Investigation Activities Within a Disaster Area

  1. The SAC may consult with the State Disaster Assistance Coordinator (SDAC) to consider the appropriateness of limiting enforcement activities until the conditions of the disaster have been alleviated. The SAC may issue guidelines covering general types of proscribed activities or may choose to require pre-approval at the SSA level for various activities on a case-by-case basis.

9.12.1.5.1 (07-29-2013)

Coordination with U. S. Attorney's Office

  1. In grand jury investigations and investigations pending legal action, any decisions to limit or suspend activities must be closely coordinated with the U.S. Attorney’s office.

9.12.1.5.2 (07-29-2013)

Initiation of Investigation

  1. Some financial crimes and tax evasion schemes, such as profiteering and price gouging, proliferate during and after disasters. CI may wish to focus attention on these areas as a potential source of investigations.

9.12.1.5.3 (04-03-2026)

Assistance to Local Law Enforcement

  1. The Federal Emergency Management Agency (FEMA) is responsible for assistance to state and local agencies facing catastrophic events. The Emergency Support Functions (ESF) was created to respond to such events. The ESF #13 addresses public safety and is the sole ESF supported by federal law enforcement officers, including CI.

9.12.1.5.4 (04-03-2026)

Access to the Criminal Investigation Network by Criminal Investigation Employees, Task Force Officers and Contractors

  1. The successful completion of a pre-employment background investigation is required for CI employees to access the CI system network and applications.

  2. The completion and approval of the Task Force Officer (TFO) application, Memorandum of Understanding (MOU), and CI TFO mandatory briefings certification is required for CI TFOs to access the CI system network and applications.

  3. Contracts for individuals requiring CI network access will include a requirement that the contracting company provide results showing the individual assigned to a CI contract has passed a drug test and preliminary background investigation prior to access being granted to the CI system network and applications. The test must check for the drugs specified by the IRS Drug Free Work Program and be dated no earlier than 30 days prior to the request for CI system network and applications access.

  4. All CI employees, TFOs, and contractors will be granted access to the CI network and appropriate applications following a request by the first-line manager. In making a request for accessing the CI network, the manager will:

    1. Utilize the current network and application request system to add the employee/TFO/contractor to their application system workgroup.

    2. Initiate the action to request CI network access for the employee/TFO/contractor. When approved, Technology Operations (Tech Ops) will issue a login and password.

    3. Ensure the employee/TFO/contractor reads and acknowledges the online "Information Systems Security Rules" and completes the mandatory "Computer Security" briefing.

9.12.1.5.5 (04-03-2026)

Access to the Criminal Investigation Network by Non-Criminal Investigation Personnel

  1. In instances where there is a bona fide business need for non-CI personnel, those not hired or paid for by the IRS and referred to as a person of interest (POI); to access the CI network, the requesting office will need to follow the process outlined by CI’s Non-IRS Employees/POI program.

  2. Requestors will complete the following steps, located in the Non-IRS Employees/POI Standard Operating Procedure (SOP), for access to be granted to CI information systems:

    1. STEP 1: Requesting organization will complete a Form 15333, Position Risk Level Determination Form for Non-IRS Personnel, for each individual needing access.

    2. STEP 2: Requesting organization will email the completed Form 15333 to the Personnel Action Request (PAR) Mailbox: *CI-HR-Hiring and PAR Requests, with the email subject line: POSITION RISK LEVEL DETERMINATION REQUEST – XXFO/HQ SECTION.

    3. STEP 3: The IRS Manager listed on the Form 15333 will receive an email notification after approximately 7-10 business days. This notification will state either:
      -The position risk level granted by individual’s home agency matches the risk level required by CI and reciprocity is granted: or
      -Further background investigation is needed by the applicant’s parent agency and reciprocity is denied.

    4. STEP 4: Requestor will check Discovery Directory 24 hours after receiving the email notification to ensure that the applicant’s name appears with a newly assigned SEID. If Directory Discovery is incorrect or not updated, requestor should contact CI-HR.

    5. STEP 5: The requestor will obtain local area/section executive approval via the Updated Systems Access Request Memo to grant the non-IRS person access to the requested IRS systems. Requestor will need to cite the reciprocity approval date in the Updated Access Request Memo.

    6. STEP 6: Requestor will email a copy of the signed "Updated Systems Access Request Memo" to the CI - User Support, Director and Assistant Directors. See the Tech Ops User Support SharePoint site for current contacts. The director/assistant director will then forward the request to the CI Service Desk Managers as a reference for the ticket in Step 7.

    7. STEP 7: Requestor will input a ServiceNow ticket following the New Hire ServiceNow/IRWorks – Request Computer Hardware process to get the applicant a laptop issued.

    8. STEP 8: Requestor will input a Business Entitlement Access Request System (BEARS) request to get the applicant Local Area Network - Criminal Investigation (LAN-CI) access and Enterprise Remote Access Program (ERAP), if not already requested.

    9. STEP 9: After access has been granted, have the user, or their CI sponsor, contact the CI Service Desk to coordinate the issuance of a grid card and password for log-on use.

      Note:

      At this time CI Technology Operations cannot import IRS certificates onto non-IRS issued Personal Identity Verification (PIV) cards, so all POIs will follow the process for non-PIV card users.

  3. The account will remain active until:

    1. Completion of the approved access period.

    2. Removal from the network before the end of the access period (no longer needed).

    3. Removal from the network to meet the needs of IRS.