IBM v the IRS: The audit – what can we learn?

Image by Bettina Nørgaard from Pixabay

This story of an audit that found its way into court last year is, originally, from 2013 but only recently came to light…and it’s a doozy!

What happened?

According to a whistle-blower (a former IBM employee), IBM allegedly fraudulently created a $91 million non-compliance penalty during a software audit in order to force an eventual renewal of $265 million. Not only that, the customer was the IRS (Inland Revenue Service)…the people who put Al Capone behind bars!

The case was brought under the False Claims Act (FCA) which is also known as the “Lincoln Law” – due to it being passed in 1863, during his presidency. The FCA is a US federal law aimed at those who attempt to defraud the US Government – recoveries between 1986 and 2019 totalled over $62 billion.

How did the case begin?

The IRS had made it known that they planned to migrate away from IBM software including Rational and Tivoli to Open Source alternatives, meaning Big Blue stood to lose a fair amount of money as the IRS payment for FY2012 was around $23 million. According to the complaint, IBM convinced the customer to forgo the final “option” year of their initial contract and then:

“IBM {suggested} a friendly compliance audit that would provide the IRS with software usage data, allowing the IRS to realize cost savings in a new agreement by choosing only the software it needed”

The documents have several examples of internal IBM employees talking about this such as an email between IBM’s Dermot Murray, Senior Director of Federal Civilian Software, and Len Fleischmann, Manager of Enterprise Sales for IBM’s Federal Sector, saying that the:

“[o]nly way to work a new deal is for IRS to cancel the contract…Having IRS out of contract provides the maximum leverage on getting the deal done.”

And another person telling them they could realise savings by not exercising the option year.

What next?

IBM engaged Deloitte to perform the audit and they came back with a $500,000 gap which, in the overall scheme of things, was barely anything…and certainly not enough to make the IRS sign a new deal. It was also clear that the IRS were barely using much of the IBM software in question.

IBM allegedly chose not to disclose these results to the customer and, through various assumptions that “were either without basis or . . . impossible”, managed to push up the non-compliance amount to $18.9 million. After IRS rejected IBM’s initial findings, IBM reworked the assumptions until they had non-compliance charges of $292 million. Ultimately, the IRS were presented with a $91 million bill in November 2012 which Adam Kravitz, Senior Manager of the IRS IT Supplier Management Office – and seemingly primary contact for the IBM discussions – rejected again.

IBM saw an opportunity a couple of weeks later when Kravitz went on holiday. In his absence, they went to his boss – James McGrane, the IRS Deputy CIO. Following presentations of the Deloitte findings:

“IBM told McGrane that it had retained lawyers to collect the $91 million overage payment, but that IBM would agree to waive the payment if the IRS entered a new contract”

It’s alleged in the claim that there was a hidden column in the presentation that would have shown the distinct lack of software usage.

Later that month, December 2012, the IRS signed a new, 5-year, $265 million dollar contract with IBM. It is claimed that over $80 million of overage fees were “hidden” within this overall amount…despite IBM’s promise to waive such fees.

The matter in court

The case discussed here was brought on the basis that the IRS signed the new deal because of the falsified information that IBM gave to them. The claim puts it quite succinctly:

“IBM coerced the IRS into paying $265 million for software that the agency did not want, to avoid $91 million in fabricated penalties” and that “IBM surreptitiously inserted nearly $91 million in penalties into the contract under a false specification for new licenses mean[ing] the IRS purportedly signed a contract to pay $265 million for only $174 million worth of software.”

The court dismissed the claim as, they believe, it fell short on 2 elements: “causation” and “materiality”.

Causation

According to the court, the claim must show that:

“not only that the omitted information was material but also that the government was induced by, or relied on, the fraudulent statement or omission.”

And here there was a difference of opinion between the two sides. The claimant argued that the false audit claims being a “substantial factor” in the IRS decision to sign the new contract was sufficient, while IBM argued it must be a case of “but for” i.e. without the falsified info, the IRS wouldn’t have entered into a new contract.

The court agreed with IBM and stated that in such claims, the claimant must “plausibly allege” the aforementioned “but-for” level of causation. They had to show that “the false audit findings actually induced the IRS to enter into the new licensing agreement when it would not have otherwise” and the court felt the claimant had failed to do that here.

Materiality

The FCA defines information as “material” if it has a “natural tendency to influence, or be capable of influencing, the payment or receipt of money or property”. The court goes on to say that the Supreme Court has stated:

“[I]f the Government regularly pays a particular type of claim in full despite its actual knowledge that certain requirements were violated, and has signalled no change in position, that is strong evidence that the requirements are not material”

And they believe there is “strong evidence” in this case that the IRS didn’t consider the falsified audit figures as material. The IRS paid most of the money to IBM after the suit was initially filed and then went on the extend the contract by 6 months, paying an additional $16,147, 772 to IBM. The court then makes a seemingly good point – that it seems strange for the IRS to do all this after discovering it had been tricked into spending over ¼ of a billion dollars for software it didn’t need. Not only did they find that “implausible” but also the fact that, if IBM had hidden the non-compliance fees in the new contract, the IRS didn’t attempt to recover any of that money.

The court said:

“It is not plausible that the IRS failed to recognize that IBM had not delivered on one-third of its new licensing agreement, or that it did recognize that shortcoming, but still continued to pay IBM”

But I think we can all agree that a large (particularly Government) organisation not paying attention to what a Tier 1 vendor has actually delivered is far from unheard of!

Conclusion

While this claim wasn’t successful in court, it doesn’t necessarily mean that the alleged claims didn’t occur. It means that this couldn’t be proven to a high enough degree in court – which certainly isn’t the same thing as it not happening. Some lessons we can learn here include:

• If a vendor encourages you to do something, really make sure you understand why. What’s in it for you and what’s it in for them? What might occur further down the road as a result?
• If you’re dealing with an audit, make sure there’s an internal plan in place so the vendor can’t attempt to go around you
• Interrogate all the data (and look for hidden columns in spreadsheets!)
• Be prepared for audit activity once you announce plans not to renew
• Know what software you’re actually using before any audit/negotiations

Unfortunately, being suspicious of the vendor’s intentions so often seems to be warranted and the above does nothing to dispel that. Be cautious, be aware, be prepared, and be willing to challenge any and all data.

Further Reading

Tactical Law Group blog
Court Documents
IBM increase on-premises pricing