Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Asset Forfeiture Tracking and Retrieval

 

Privacy Impact Assessment – Asset Forfeiture Tracking and Retrieval (AFTRAK)

AFTRAK System Overview: 

The Asset Forfeiture Tracking and Retrieval (AFTRAK) database tracks assets seized by Criminal Investigation (CI) agents during investigations, reports on their status while in government custody, reports on the disposition of assets and distribution of proceeds from asset sales and other disposal methods for forfeited assets.  This system supports the Internal Revenue Service (IRS) CI Asset Forfeiture Program which conducts asset seizure and forfeiture activities in conjunction with criminal investigations and manages asset inventories and the distribution of proceeds under the auspices of the Treasury Executive Office of Asset Forfeiture (TEOAF).  IRS CI agents seize assets under Titles 18 (general federal code violations), 21 (food and drug federal code violations), 26 (internal revenue code violations), and 31 (money and finance code violations) of the United States Code (USC). 

Systems of Records Number(s):

Treasury/IRS 46.002 Criminal Investigation Management and Information System (CIMIS)
Treasury/IRS 34.037 IRS Audit Trail and Security Records System

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A. Taxpayer: None

B. Employee:
* Seizing Agent First and Last name
* Case Agent First and Last Name

C. Audit Trail:
* Date Created (date time of record creation,
* Created By (login of user who created record),
* Date Updated (date time of last update to record),
* Updated By (login of user who last updated record),
* Created By Sid (Windows unique identifier associated with login of the record creator),
* Updated by Sid (Windows unique identifier associated with login of the user that last updated the record).

D.  Other:  
*  Names and addresses of individuals that have claims on seized assets
* Contact Names of agents from other agencies that have requested a share in the proceeds of an asset that their agency helped IRS seize and forfeit.
* Names and addresses of Storage Location Vendors.
* Asset description may contain identifying information, to include bank account numbers and vehicle identification numbers. This depends on the type of asset seized.
 
2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. IRS: The Criminal Investigation Management Information System (CIMIS) Number is manually input into the AFTRAK system. The application then validates this number against the CIMIS Database.

B. Taxpayer: None
C. Employee: None 

D. Other Federal Agencies:
TEOAF provides National Finance Center (NFC) data that is matched with data in AFTRAK. Users view reports showing matched and unmatched data in order to reconcile differences.  This information contains no privacy information, and is only an asset number and an amount.

U.S. Customs SEACATS data is provided to AFTRAK via Contract Asset Property Managers.  The SEACATS data is matched with data in AFTRAK.  Users view reports showing matched and unmatched data in order to reconcile differences.  This information contains vendor name and address. 

E. State and Local Agencies: None

F. Third Party Resources: A Contract Asset Property Manager provides US Customs SEACATS data.

3. Is each data item required for the business purpose of the system?  Explain.

Yes.  Assets must be stored and maintained by the government until asset disposition decisions are made.   AFTRAK is the inventory tool for these assets which supports the business purpose of the system. 

4. How will each data item be verified for accuracy, timeliness, and completeness?

The AFTRAK Unit employee category of users is made up of contractors responsible for validating the accuracy of data submitted by the field offices and inputting the data from the forms into the AFTRAK system.  This group also works with field offices to resolve issues that are found on forms and in AFTRAK.

5. Is there another source for the data?  Explain how that source is or is not used.

No.  There are no other sources of data beyond what has already been mentioned previously in this PIA.

6. Generally, how will data be retrieved by the user? 

AFTRAK application users can only use the Seizure Number to retrieve data.  The seizure number is only an identifier number for AFTRAK and not privacy related data.

AFTRAK Report users retrieve data based on the data scope. Data scope is either National (all data), region (data for all field offices in region, or field office (only data within their field office).

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes.  Data retrieval is possible by name.  This retrieval can only be performed by two AFTRAK users, a Warrants and Forfeitures (W&F) Program Analyst and the CI DBA who have permission to perform ad hoc queries against all data in the system.  Data retrieval is not possible by SSN.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

The AFTRAK application is maintained by IRS Criminal Investigations (CI) employees.   AFTRAK system users are categorized within the following user role groups:

Asset Forfeiture Specialists (AFSs) and Asset Forfeiture Coordinators (AFCs) have privileges to run reports within their assigned field office.  All individuals acting as Asset Forfeiture Specialist are contractors.

AFTRAK Unit Employees have privileges to input seizure and asset information into the system using the application. They also have privilege to run reports for the nation.  All AFTRAK Unit employees are contractors.  

AFTRAK Program Manager has privileges to input seizure and asset information into the system using the application. He/she also has privilege to run reports for the nation.

W&F Program Analysts have privileges to input seizure and asset information into the system using the application. They also have privilege to run reports for the nation.

W&F Senior Analysts have privileges to view seizure and asset information in the system using the application. They also have privilege to run reports for the nation.

The CI Database Administrator (DBA) has permission to troubleshoot problems with the application, and to add users to the system’s groups and permissions table.
 
Any contractor users of the system have an approved Minimum Background Investigation (MBI) completed by National Background Investigation Center (NBIC).

9. How is access to the data by a user determined and by whom? 

The AFTRAK Program Manager approves requests to add users to the system and forwards an e-mail to the CI DBA. The DBA adds users to windows operating system groups which are mapped to database roles. In addition, report users are added to a permissions table.  Users are assigned to those roles (with associated permissions) that support the tasks they need to perform to complete their job duties.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

Yes.  Criminal Investigation Management Information System (CIMIS) Number is manually input into the AFTRAK system, with no electronic interconnection. 

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

CIMIS:
* The previous PIA was approved on 2/6/2006, expiring 2/6/2009.
* Certification and Accreditation (C&A) was approved on 12/2/2004, expiring 12/2/2007.

12.  Will other agencies provide, receive, or share data in any form with this system?

Yes.  The U.S. Treasury Executive Office for Asset Forfeiture (TEOAF) receives Title 18, 21, and 31 monthly and quarterly paper reports, and various ad hoc reports from AFTRAK via manual transmission.  A formal data sharing agreement exists with TEOAF. 

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Records are maintained, administered and disposed of in accordance with Internal Revenue Manual (IRM) 1.15.30 Records Management, Records Control Schedule for Criminal Investigation, January 1, 2003.  The IRM allows that investigative files are frozen and, therefore, disposal is not authorized at this time. 

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. 

No.  This system will not use technology in a new way.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.  No.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.  No. 

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.  No. 

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

No.  AFTRAK is only an inventory tool and does not have the capability to make negative determinations.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

No. AFTRAK is not a web-based system.
 


Page Last Reviewed or Updated: August 10, 2006