Ever since news broke that Hillary Clinton used an unauthorized and unsecured private e-mail server for all of her correspondence as secretary of state, she has defended herself with several arguments. None of the information transmitted through the server was classified, Clinton insisted at first, a claim that has been proven false in well over a thousand instances.

Even after that fell apart, Clinton claimed that the use of private e-mail for official business fell within the rules of the State Department and that she had ensured that the server met the department’s security requirements.

Related: Clinton’s Staff Ignored Investigators as They Looked Into Her Emails

Finally, Clinton insisted that she and her team complied with the Federal Records Act by making sure that their correspondence got copied to other State Department addresses. Clinton explained this decision by insisting that she wanted the most efficient method of handling electronic communications, even if in retrospect that decision turned out to be regrettable.

Regrets should be coming, but not in the way Clinton has suggested. State’s Inspector General released the long-awaited report into Clinton’s use of a private e-mail server – and it contradicts every excuse Clinton has offered over the last 15 months.

The use of private e-mail might have been interpreted to be acceptable prior to 2009, when Clinton first assumed office as secretary of state, but by then, “the department’s guidance was considerably more detailed and sophisticated,” the IG concludes. From 2005 forward and for at least two years into her tenure, State had issued a number of memoranda detailing the need – nay, the “obligation” – to use the department’s own communications systems, even for sensitive-but-unclassifed (SBU) material.

Related: How the FBI Could Derail Hillary Clinton’s Presidential Run

If a need arose to use an outside communications channel to transmit SBU data, then Clinton should have “requested a solution” from within the department. Instead, the IG found “no evidence that Secretary Clinton ever requested such a solution, despite the fact that emails exchanged on her personal account regularly contained information marked as SBU.”

The IG also rebutted claims that Clinton ever put “robust protections” on her server, claims that appear on Clinton’s website. State’s information-management groups told the IG that Clinton had never checked with them at all. Neither her server nor the mobile device Clinton used to access it had ever been certified to meet standards established before Clinton took office. Furthermore, no official recalled Clinton ever checking to ensure that the use of the server was acceptable – and that such a request would have been rejected outright had she made one.

Perhaps most notably, officials at State issued multiple warnings about records retention in relation to Clinton’s use of the private server, especially given the need for FOIA and Congressional access to official State business. In 2010 and in 2011, the issue arose, but in both cases the discussion got shut down.

The first query was dismissed by Clinton’s deputy chief of staff, claiming that the requirement to use two devices for official and personal e-mail “didn’t make a lot of sense.” Staffers raised concerns again the next January, but were told by a director that Clinton had received approval for her private server, even though she never requested it. Furthermore, the same official “instructed the staff never to speak of the Secretary’s personal e-mail system again.”

Related: Another Batch of Clinton State Dept. Emails Included ‘Top Secret’ Material

To recap: Clinton lied about having approval for the system. She lied about saying it was within the rules to use it, and that she had brought the server up to State Department security standards. Contrary to multiple statements from her team, not only did warnings arise about the use of that system during her tenure, those who raised the red flags were told to shut up about them. And despite assurances that Clinton would cooperate in reviews of her use of the private e-mail system, the IG report pointedly notes that “[t]hrough her counsel, Secretary Clinton declined OIG’s request for an interview.”

For someone who’s been insisting since the beginning that she was allowed to operate her own e-mail system, that refusal is stunning all on its own.

That also contradicts more recent Clinton statements. The FBI has begun to interview Clinton’s inner circle, a sign that the investigation is coming to a conclusion. Two weeks ago, Clinton told CBS News’ Face the Nation host John Dickerson that the FBI had not yet requested an interview, but that she would be “more than ready to talk to anyone, anytime.” The IG report clearly shows that as another lie, and if her attorneys kept her from talking with State Department investigators, it’s almost certain that she’d pass on an FBI “interview” as well.

Related: If Clinton Loses Her Security Clearance, Could She Still Be President?

The new IG report gives clarity to the screamingly obvious. Hillary Clinton used an unauthorized and unsecured private e-mail server to avoid compliance with legitimate Congressional oversight and Freedom of Information Act requests. Under her leadership, the State Department misled several courts and a number of Congressional inquiries about the existence of Clinton’s e-mails.

In doing so, she allowed the system to transmit and retain highly classified information relating to intelligence and national security, putting that data and those responsible for collecting it in danger. Clinton did so recklessly, negligently, and in violation of 18 USC 793 and 18 USC 1924 – statutes that identify such transgressions as felonies.

What happens if the FBI investigation goes to a grand jury? We might have the spectacle of a major-party nominee getting subpoenaed to testify in a criminal inquiry – and taking the Fifth to avoid self-incrimination. And that might be the most honest statement that Clinton would have made about her secret e-mail server in the past 15 months.