[House Hearing, 113 Congress]
[From the U.S. Government Publishing Office]



 DHS FINANCIAL MANAGEMENT: INVESTIGATING DHS'S STEWARDSHIP OF TAXPAYER 
                                DOLLARS

=======================================================================

                                HEARING

                               before the

                       SUBCOMMITTEE ON OVERSIGHT
                       AND MANAGEMENT EFFICIENCY

                                 of the

                     COMMITTEE ON HOMELAND SECURITY
                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED THIRTEENTH CONGRESS

                             FIRST SESSION

                               __________

                           NOVEMBER 15, 2013

                               __________

                           Serial No. 113-44

                               __________

       Printed for the use of the Committee on Homeland Security
                                     



[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]


      Available via the World Wide Web: http://www.gpo.gov/fdsys/
                               __________

                   U.S. GOVERNMENT PRINTING OFFICE

87-374 PDF                WASHINGTON : 2014
______________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800;
DC area (202) 512-1800 Fax: (202) 512-2250  Mail: Stop SSOP, 
Washington, DC 20402-0001










                     COMMITTEE ON HOMELAND SECURITY

                   Michael T. McCaul, Texas, Chairman
Lamar Smith, Texas                   Bennie G. Thompson, Mississippi
Peter T. King, New York              Loretta Sanchez, California
Mike Rogers, Alabama                 Sheila Jackson Lee, Texas
Paul C. Broun, Georgia               Yvette D. Clarke, New York
Candice S. Miller, Michigan, Vice    Brian Higgins, New York
    Chair                            Cedric L. Richmond, Louisiana
Patrick Meehan, Pennsylvania         William R. Keating, Massachusetts
Jeff Duncan, South Carolina          Ron Barber, Arizona
Tom Marino, Pennsylvania             Dondald M. Payne, Jr., New Jersey
Jason Chaffetz, Utah                 Beto O'Rourke, Texas
Steven M. Palazzo, Mississippi       Tulsi Gabbard, Hawaii
Lou Barletta, Pennsylvania           Filemon Vela, Texas
Chris Stewart, Utah                  Steven A. Horsford, Nevada
Richard Hudson, North Carolina       Eric Swalwell, California
Steve Daines, Montana
Susan W. Brooks, Indiana
Scott Perry, Pennsylvania
Mark Sanford, South Carolina
                       Greg Hill, Chief of Staff
          Michael Geffroy, Deputy Chief of Staff/Chief Counsel
                    Michael S. Twinchek, Chief Clerk
                I. Lanier Avant, Minority Staff Director
                                 ------                                

          SUBCOMMITTEE ON OVERSIGHT AND MANAGEMENT EFFICIENCY

                 Jeff Duncan, South Carolina, Chairman
Paul C. Broun, Georgia               Ron Barber, Arizona
Lou Barletta, Pennsylvania           Donald M. Payne, Jr., New Jersey
Richard Hudson, North Carolina       Beto O'Rourke, Texas
Steve Daines, Montana, Vice Chair    Bennie G. Thompson, Mississippi 
Michael T. McCaul, Texas (Ex             (Ex Officio)
    Officio)
               Ryan Consaul, Subcommittee Staff Director
                   Deborah Jordan, Subcommittee Clerk
           Tamla Scott, Minority Subcommittee Staff Director






















                            C O N T E N T S

                              ----------                              
                                                                   Page

                               Statements

The Honorable Jeff Duncan, a Representative in Congress From the 
  State of South Carolina, and Chairman, Subcommittee on 
  Oversight and Management Efficiency:
  Oral Statement.................................................     1
  Prepared Statement.............................................     3
The Honorable Ron Barber, a Representative in Congress From the 
  State of Arizona, and Ranking Member, Subcommittee on Oversight 
  and Management Efficiency:
  Oral Statement.................................................     4
  Prepared Statement.............................................     6
The Honorable Bennie G. Thompson, a Representative in Congress 
  From the State of Mississippi, and Ranking Member, Committee on 
  Homeland Security:
  Oral Statement.................................................     7
  Prepared Statement.............................................     8

                               Witnesses

Mr. Charles Fulghum, Acting Chief Financial Officer, U.S. 
  Department of Homeland Security:
  Oral Statement.................................................    10
  Prepared Statement.............................................    11
Mr. Asif A. Khan, Director, Financial Management and Assurance, 
  U.S. Government Accountability Office:
  Oral Statement.................................................    14
  Prepared Statement.............................................    15
Ms. Anne L. Richards, Assistant Inspector General for Audits, 
  Office of Inspector General, U.S. Department of Homeland 
  Security:
  Oral Statement.................................................    19
  Joint Prepared Statement.......................................    20

                                Appendix

Questions From Chairman Jeff Duncan for Charles Fulghum..........    37

 
 DHS FINANCIAL MANAGEMENT: INVESTIGATING DHS'S STEWARDSHIP OF TAXPAYER 
                                DOLLARS

                              ----------                              


                       Friday, November 15, 2013

             U.S. House of Representatives,
          Subcommittee on Oversight and Management 
                                        Efficiency,
                            Committee on Homeland Security,
                                                    Washington, DC.
    The subcommittee met, pursuant to call, at 9:32 a.m., in 
Room 311, Cannon House Office Building, Hon. Jeff Duncan 
[Chairman of the subcommittee] presiding.
    Present: Representatives Duncan, Daines, Barber, Thompson, 
and O'Rourke.
    Also present: Representative Jackson Lee.
    Mr. Duncan. The Committee on Homeland Security, 
Subcommittee on Oversight and Management Efficiency will come 
to order.
    The purpose of this hearing is to examine the financial 
management of the Department and identify the progress made and 
the challenges that remain to financial management systems and 
practices.
    Before I recognize myself for an opening statement, I will 
say that I am observing ``No Shave November,'' and I am raising 
awareness of men's health issues, specifically November is 
pancreatic and prostate cancer month. We all know folks like my 
good friend, Representative David Umphlett, that died in June 
2011 of pancreatic cancer, and I wear this in his memory.
    I now recognize myself for an opening statement.
    Since its inception 10 years ago, the Department of 
Homeland Security has faced a multitude of challenges in 
combining the 22 distinct legacy agencies into one Cabinet-
level department. This has been especially true with the 
resolving financial management deficiencies at DHS. Integrating 
components in their budgets is a complex process in the best of 
situations, but doing it while protecting the Nation from 
terrorist attacks, natural disasters, and other day-to-day 
missions has proven particularly difficult.
    These challenges were further compounded at the Department 
by inherited financial management problems that existed at 
several legacy components, including the Coast Guard, FEMA, and 
the agencies that now make up the United States Immigration and 
Customs Enforcement.
    Congress has conducted vigorous oversight over DHS 
financial management and has demanded the Department make 
progress in better managing its finances. In October 2004, in 
an effort to enhance the management and credibility of the 
Department, Congress has passed various pieces of legislation 
requiring that DHS undergo annual financial audits, keep better 
financial information, and make sure financial statements are 
ready in a timely manner in order to have them adhere to 
applicable accounting principles, also known in financial-speak 
as obtaining a clean opinion.
    It is important to mention some of the progress that DHS 
management has committed to and accomplished toward its 
financial management goals in recent years. Notably, from 2005 
to 2012, the Department corrected many problems with its 
financial statements, increased component progress through more 
direction and oversight, and strengthened internal controls to 
increase the usefulness, reliability, and timeliness of 
financial information.
    While the Department has made progress in obtaining a clean 
opinion on its financial statements, the Government 
Accountability Office in its report released to Congress 
yesterday explains that this has been the result of complex 
manual workarounds that make up for a lack of effective 
controls. GAO has concluded that, absent sound internal 
controls over its financial reporting, ``The Department's 
ability to efficiently manage its operations and resources on a 
daily basis and routinely provide useful, reliable, and timely 
financial information for decision making is seriously 
hindered.''
    A recent case study in this could be seen in an 
investigation and report released a few weeks ago by the U.S. 
Office of Special Counsel, which documented the blatant and 
sustained abuse of administratively uncontrollable overtime, or 
AUO, by six separate offices at DHS. Examples such as this make 
it clear that without the proper financial management systems 
and controls in place, how can DHS and its components know that 
money is not being wasted?
    If the American people can open their checking account on-
line and know to the penny how much they have, then surely the 
third-largest Federal department should be able to produce 
real-time financial data. Back in my home State of South 
Carolina, families and businesses have had to take a hard look 
at their budgets and make tough choices. DHS must do the same. 
The better financial information DHS has, the greater the 
chance it could cut costs and save taxpayer dollars without 
sacrificing our homeland security.
    Addressing internal-control weaknesses and obtaining a 
clean audit opinion remain challenges for the Department. DHS's 
inability to obtain a clean audit opinion on its financial 
statements and improve the effectiveness of internal controls 
were key factors for GAO keeping the Department on its high-
risk list.
    According to GAO's most recent work, the DHS has made 
limited progress in obtaining a clean opinion on its internal 
controls over financial reporting and will continue to face 
challenges in obtaining and, perhaps more importantly, in 
sustaining a clean opinion over its books until it addresses 
serious internal-control and financial management system 
deficiencies. Using manual data calls to collect cost 
information from various components in order to compile the 
data is simply not a feasible way to manage the long-term 
financial needs and responsibilities of the Department.
    While DHS has turned away from the previous failed attempts 
to modernize its financial management systems at a Department-
wide level, choosing instead to focus on upgrading those 
components with the most critical need, GAO reports that DHS 
has no real vision of the end-state for the future of its 
financial management system. Sound and sustained financial 
management practices in the long term should be a low-cost, 
efficient way to support the Department's missions and goals.
    I cannot lay out the case any clearer than the Department's 
own Office of Inspector General did last year. ``The Federal 
Government has a fundamental responsibility to be an effective 
steward of taxpayer dollars. Sound financial practices and 
related management operations are critical to achieving the 
Department's mission and to providing reliable, timely 
financial information to support management decision-making 
throughout DHS. Congress and the public must be confident that 
DHS is properly managing its finances to minimize inefficient 
and wasteful spending, to make informed decisions to manage 
government programs and implement its policies.''
    I appreciate the panelists being here today.
    [The statement of Mr. Duncan follows:]
                   Statement of Chairman Jeff Duncan
    Since its inception 10 years ago, the Department of Homeland 
Security has faced a multitude of challenges in combining 22 distinct 
legacy agencies into one Cabinet-level department. This has been 
especially true with resolving financial management deficiencies at 
DHS. Integrating components and their budgets is a complex process in 
the best of situations, but doing it while protecting the Nation from 
terrorist attacks, natural disasters, and other day-to-day missions has 
proven particularly difficult. These challenges were further compounded 
at the Department by inherited financial management problems that 
existed at several legacy components, including the Coast Guard, FEMA, 
and the agencies that now make up U.S. Immigration and Customs 
Enforcement.
    Congress has conducted vigorous oversight over DHS financial 
management and has demanded that the Department make progress in better 
managing its finances. In October 2004, in an effort to enhance the 
management and credibility of the Department, Congress has passed 
various pieces of legislation requiring that DHS undergo annual 
financial audits, keep better financial information, and make sure 
financial statements are ready in a timely manner in order to have them 
adhere to applicable accounting principles, also known in financial 
speak as obtaining a ``clean opinion.''
    It is important to mention some of the progress DHS management has 
committed to and accomplished toward its financial management goals in 
recent years. Notably, from 2005 to 2012, the Department corrected many 
problems with its financial statements, increased component progress 
through more direction and oversight, and strengthened internal 
controls to increase the usefulness, reliability, and timeliness of 
financial information.
    While the Department has made progress in obtaining a clean opinion 
on its financial statements, the Government Accountability Office, in 
its report released to Congress yesterday, explains that this has been 
the result of complex manual work-arounds that make up for a lack of 
effective controls. GAO has concluded that absent sound internal 
controls over its financial reporting, ``the Department's ability to 
efficiently manage its operations and resources on a daily basis and 
routinely provide useful, reliable, and timely financial information 
for decision making, is seriously hindered.''
    A recent case study in this could be seen in an investigation and 
report released a few weeks ago by the U.S. Office of Special Counsel 
which documented the blatant and sustained abuse of Administratively 
Uncontrollable Overtime, or AUO, by six separate offices at DHS. 
Examples such as this make it clear that without the proper financial 
management systems and controls in place, how can DHS and its 
components know that money is not being wasted?
    If the American people can open up their checking account on-line 
and know to the penny how much they have, then surely the third-largest 
Federal department should be able to produce real-time financial data. 
Back home in South Carolina, families and businesses have had to take a 
hard look at their budgets and make tough choices. DHS must do the 
same. The better the financial information DHS has, the greater the 
chance it could cut costs and save taxpayer dollars without sacrificing 
our homeland security.
    Addressing internal control weaknesses and obtaining a clean audit 
opinion remain challenges for the Department. DHS's inability to obtain 
a clean audit opinion on its financial statements and improve the 
effectiveness of internal controls were key factors for GAO keeping the 
Department on its High-Risk List. According to GAO's most recent work, 
DHS has made limited progress in obtaining a clean opinion on its 
internal controls over financial reporting and will continue to face 
challenges in obtaining, and perhaps most importantly, in sustaining a 
clean opinion over its books until it addresses serious internal 
control and financial management systems deficiencies.
    Using manual data calls to collect cost information from various 
components in order to compile data is simply not a feasible way to 
manage the long-term financial needs and responsibilities of the 
Department. While DHS turned away from the previous failed attempts to 
modernize its financial management systems at a Department-wide level, 
choosing instead to focus on upgrading those components with the most 
critical need, GAO reports that DHS has no real vision of the end-state 
for the future of its financial management system.
    Sound and sustained financial management practices in the long-term 
should be a low-cost, efficient way to support the Department's 
missions and goals. I could not lay the case out any clearer than the 
Department's own Office of Inspector General did last year: ``The 
Federal Government has a fundamental responsibility to be an effective 
steward of taxpayer dollars. Sound financial practices and related 
management operations are critical to achieving the Department's 
mission and to providing reliable, timely financial information to 
support management decision-making throughout DHS. Congress and the 
public must be confident that DHS is properly managing its finances to 
minimize inefficient and wasteful spending, make informed decisions to 
manage government programs, and implement its policies.''

    Mr. Duncan. I will now recognize the Ranking Member, the 
Member from Arizona, Mr. Barber, for any statement that he may 
have.
    Mr. Barber. Well, thank you, Mr. Chairman, and thank you 
for convening this hearing. It is a very important part of our 
job as an oversight subcommittee.
    I want to thank the witnesses for being here this morning. 
I look forward to your testimony.
    Since its inception a little more than 10 years ago, the 
Department of Homeland Security has faced multiple challenges 
in building ``One DHS'' from a network of 22 legacy agencies. 
When the Department was created, many of those legacy agencies 
came to the new department with financial systems that were, to 
say the least, not optimal.
    In fact, four of the previous stand-alone and largest 
components--U.S. Customs Service, the Transportation Security 
Administration, Immigration and Naturalization Service, and the 
Federal Emergency Management Agency, or FEMA--were not in 
compliance with the requirements of the Federal Financial 
Management Improvements Act of 1996 prior to their inclusion in 
the Department of Homeland Security. So, clearly the Department 
inherited some very poor, ineffective financial management 
systems.
    These financial management systems and those of other DHS 
components have continued, unfortunately, to age, and the 
Department has not yet successfully updated and modernized 
them.
    As the Ranking Member, I believe it is imperative--and I 
think all of us would agree--to be good stewards of taxpayer 
money. I also want DHS to be more transparent and accountable, 
both to Congress and to the American people, and we cannot do 
that without good information that is essential to meeting this 
goal.
    It is just not acceptable that the largest law enforcement 
entity in the Federal Government, one that protects our borders 
and ensures the efficient movement of goods and people, have 
outdated and inefficient management and operation systems. 
Inefficient financial management means DHS cannot accurately 
account for its assets, assess equipment or personnel costs, or 
provide quality data to oversight committees or other agencies 
that seek to monitor how the agency does its job. These 
inefficiencies can lead to holes in the homeland security 
armor, and they must be fixed.
    Just an example of a decision that was made in my State, in 
a town not too far from Tucson called Ajo, where the Department 
made a decision to build homes for Border Patrol personnel at 
the cost of $600,000, on the average, for each home in a 
community where the average cost of homes was $100,000. Seems 
to me that a good financial system might have informed 
management about those costs, and they might have made a 
different decision.
    We know that twice the Department has attempted to fix 
financial management challenges by merging its disparate 
systems into one. On both occasions, we know also that those 
attempts have not worked. The Department's new effort, what it 
calls the Financial Systems Modernization, is under way at 
FEMA, and plans are in place to implement the system 
Department-wide.
    A plan to modernize DHS's financial management systems is 
scheduled to be completed in the next several years. However, 
that assumes that there are no glitches. I think we know a 
whole lot about glitches in computer systems.
    I am cautiously optimistic about the success of this latest 
effort because I want to see DHS be a leader in financial 
management and operations efficiency. However, I remain 
concerned regarding the day-to-day effect of the third-largest 
Federal agency operating with systems that on any given day may 
not be usable because they are outdated. These problems bear 
directly on the safety and security of our Nation.
    An independent auditor recently determined that the U.S. 
Customs and Border Protection did not detect that it actually 
possessed assets that were incorrectly recorded, misclassified, 
or not recorded at all in the general ledger. Additionally, 
certain assets were recorded as being in possession in CBP's 
general ledger that no longer existed. When these types of 
mistakes occur, it causes an agency to purchase items it does 
not need or, even worse, to fail to make purchases that are 
needed to assist those working in the field. Given the present 
budgetary constraints, we can neither tolerate nor afford 
either scenario.
    The American public does not always see the progress the 
Department has made over the years and the hard work of our 
Border Patrol agents, customs officers, and other DHS 
employees. However, the American people do notice, as they 
should, such inefficiencies. It is this type of inefficiency 
that gives this Government and the Department a bad name, and 
we can and must do better.
    The Department must complete the implementation of the 
initiatives to stabilize its internal controls and improve its 
financial reporting. The modernization of the Department's 
financial management systems is necessary in order to get to a 
point where the Department's financial information is reliable, 
up-to-date, and in compliance with the Office of Management and 
Budget under the Federal mandates.
    I appreciate that both the Government Accountability Office 
and the Office of the Inspector General have served as a 
partner with the Department in trying to improve its systems 
and right this ship. I hope that the Department has taken both 
the GAO and the OIG recommendations seriously and will 
implement the necessary changes to makes its financial 
management system efficient and effective, using taxpayer 
dollars wisely.
    I look forward to hearing from our witnesses on progress 
that has been made, how the progress or lack thereof is 
affecting the Department's mission, and what is needed to 
further improve the Department's efforts.
    Thank you, Mr. Chairman. I yield back.
    [The statement of Mr. Barber follows:]
                 Statement of Ranking Member Ron Barber
                           November 15, 2013
    Since its inception, the Department of Homeland Security has faced 
multiple challenges in building ``One DHS'' from a network of 22 legacy 
agencies.
    When the Department was created many of the legacy agencies came 
into the new Department with financial management systems that were not 
operating at optimal levels.
    In fact, four of the previously stand-alone and largest, 
components--U.S. Customs Service, the Transportation Security 
Administration, Immigration and Naturalization Service, and the Federal 
Emergency Management Agency (FEMA)--were not in compliance with the 
requirements of the Federal Financial Management Improvement Act of 
1996 (FFMIA) prior to their inclusion in the Department of Homeland 
Security.
    These financial management systems and those of other DHS component 
agencies have continued to age and, unfortunately, the Department has 
not successfully updated and modernized them.
    As Ranking Member, I believe it is imperative that DHS be good 
stewards of taxpayer dollars.
    It is simply unacceptable for the largest law enforcement entity 
within the Federal Government, one that protects our borders and 
ensures the efficient movement of goods and people, to have outdated 
and inefficient management and operations systems.
    Inefficient financial management means DHS cannot accurately 
account for its assets, assess equipment or personnel costs, or provide 
quality data to oversight committees or other agencies that seek to 
monitor how the agency uses its funds.
    These inefficiencies can lead to holes in our homeland security 
armor and they must be fixed.
    Twice the Department has attempted to fix its financial management 
challenges by merging its disparate systems into one. On both occasions 
those attempts have not worked.
    The Department's new effort--what it calls the Financial Systems 
Modernization--is already underway at FEMA and plans are in place to 
implement the system Department-wide.
    The plan to modernize DHS's financial management systems is 
scheduled to be completed in the next several years. However, that 
assumes that there are no glitches.
    I am cautiously optimistic about the success of this latest effort 
because I want to see DHS be a leader in management and operations 
efficiency.
    However, I remain concerned regarding the day-to-day effect of the 
third-largest Federal agency operating with systems that on any given 
day may not be usable because they are outdated.
    These problems bear directly on the safety and security of our 
Nation.
    An independent auditor recently determined that U.S. Customs and 
Border Protection did not detect that it actually possessed assets that 
were incorrectly recorded, misclassified, or not recorded at all in the 
general ledger.
    Additionally, certain assets were recorded as being in possession 
in CBP's general ledger that no longer existed.
    When these types of mistakes occur, it causes an agency to purchase 
items it does not need or, even worse, to fail to make purchases that 
are needed to assist those working in the field.
    Given present budgetary constraints, we can neither tolerate nor 
afford either scenario.
    The American public does not always see the progress the Department 
has made over the years and the hard work of our Border Agents, Customs 
Officers, and other DHS employees. However, the American public does 
notice, as they should, such inefficiencies. It is this type 
inefficiency that gives Government and the Department a bad name and we 
can and must do better.
    The Department must complete the implementation of initiatives to 
stabilize its internal controls and improve its financial reporting.
    The modernization of the Department's financial management systems 
is necessary in order to get to a point where the Department's 
financial information is reliable, up-to-date, and in compliance with 
the Office of Management and Budget and other Federal mandates.
    I am thankful that both the Government Accountability Office (GAO) 
and the Office of Inspector General (OIG) have served as a partner with 
the Department in trying to improve its systems and right this ship.
    I hope that the Department has taken both GAO and OIG 
recommendations seriously and will implement the necessary changes to 
make its financial management system efficient and effective, using 
taxpayer dollars wisely.
    I look forward to hearing from our witnesses on progress that has 
been made, how the progress or lack thereof is affecting the 
Department's mission, and what is needed to further improve the 
Department's efforts.

    Mr. Duncan. I thank the Ranking Member.
    The Chairman will now recognize and welcome the Ranking 
Member of the full committee, the gentleman from Mississippi, 
Mr. Thompson, for any statement he may have.
    Mr. Thompson. Thank you very much, Chairman Duncan, for 
holding today's hearing.
    The Department of Homeland Security has one of the largest 
budgets in the Federal Government. It is the third-largest 
agency, and approximately $60 billion in taxpayer funds flows 
in and out of the Department on an annual basis. Among other 
things, these funds are used to provide salaries for the 
Department's more that 240,000 employees, provide disaster aid 
to State and local governments, and purchase equipment used by 
those protecting our borders. We owe it to the taxpayers to 
ensure that these funds are appropriately used, fully accounted 
for, and auditable.
    Unfortunately, this has not been the case at the Department 
of Homeland Security. Last year, for the first time ever, the 
Department was given a qualified audit opinion. While this 
achievement is laudable, the Department's financial management 
systems continue to hamper the everyday operations of the 
Department, impacting management functions and ultimately our 
security.
    Ten years into several attempts at integrating its 
financial management systems and millions of dollars later, the 
Department is still using six different systems, all of which 
are plagued with problems. Most of these systems are aging, and 
some have reached the end of their life cycle.
    Oftentimes, when Congress, the Government Accountability 
Office, or the inspector general seeks financial information 
from the Department regarding procurement of various programs, 
employees have to retrieve this information manually because 
the systems are not equipped to handle automated data calls. 
This wastes time, puts strain on an already challenged 
workforce, and reduces the reliability of the information 
provided.
    But even more troublesome is the effect these aging systems 
have on homeland security. For example, inaccurate cost-benefit 
analysis and the inability to determine whether what is being 
purchased is the best value can lead to program failure. 
Program failure leads to gaps in the mission, and gaps in the 
mission undermine security.
    For these reasons, I am pleased that the Department is yet 
again attempting to improve its system through the current 
Financial Systems Modernization efforts, which, as I 
understand, is probably the third rodeo for the Department to 
try to get it right. I do have concerns, however, about the 
total cost, currently estimated at $225 million, and the 
Department's ability to accurately receive an appropriation for 
that amount in this current austere budget environment.
    At any rate, improvements must be made, and I am pleased 
that plans are under way and at least one component, the 
Federal Emergency Management Agency, has already begun the 
process. We will continue to exercise diligent oversight over 
this process. I look forward to hearing from the witnesses 
regarding the status of this effort, including whether the 
Department is in compliance with both GAO and OIG 
recommendations.
    I yield back, Mr. Chairman.
    [The statement of Mr. Thompson follows:]
             Statement of Ranking Member Bennie G. Thompson
                           November 15, 2013
    The Department of Homeland Security (Department) has one of the 
largest budgets in the Federal Government. It is the third-largest 
agency and approximately $60 billion in taxpayer funds flows in and out 
of the Department on an annual basis. Among other things, these funds 
are used to provide salaries for the Department's more than 240,000 
employees, provide disaster aid to State and local governments, and 
purchase the equipment used by those protecting our borders.
    We owe it to taxpayers to ensure that these funds are appropriately 
used, fully accounted for, and auditable. Unfortunately, this has not 
been the case at the Department of Homeland Security. Last year, for 
the first time ever, the Department was given a qualified audit 
opinion. While this achievement is laudable, the Department's financial 
management systems continue to hamper the everyday operations of the 
Department impacting management functions and ultimately our security.
    Ten years into several attempts at integrating its financial 
management systems, and millions of dollars later, the Department is 
still using six different systems, all of which are plagued with 
problems. Most of these systems are aging and some have reached the end 
of their life cycle.
    Oftentimes, when Congress, the Government Accountability Office 
(GAO), or the Office of the Inspector General (OIG) seeks financial 
information from the Department regarding procurements or various 
programs, employees have to retrieve this information manually because 
the systems are not equipped to handle automated data calls.
    This wastes time, puts strain on an already challenged workforce 
and reduces the reliability of the information provided. But even more 
troublesome, is the effect these aging systems have on homeland 
security. For example, inaccurate cost/benefit analyses and an 
inability to determine whether what is being purchased is the best 
value can lead to program failure.
    Program failure leads to gaps in the mission and gaps in the 
mission undermines security. For these reasons, I am pleased that the 
Department is yet again attempting to improve its systems through the 
current Financial Systems Modernization effort.
    I do have concerns; however, about the total cost--currently 
estimated at $225 million--and the Department's ability to actually 
receive an appropriation for that amount in this current austere budget 
environment. At any rate, improvements must be made and I am pleased 
that plans are underway, and at least one component--the Federal 
Emergency Management Agency--has already begun the process.
    We will continue to exercise diligent oversight over this process, 
and I look forward to hearing from the witnesses regarding the status 
of this effort including whether the Department is in compliance with 
GAO and OIG recommendations.

    Mr. Duncan. I thank the Ranking Member.
    Other Members of the subcommittee are reminded that opening 
statements may be submitted for the record.
    Now, we are pleased to have a distinguished panel of 
witnesses before us today on this topic.
    Let me remind the witnesses that their entire written 
statement will appear in the record. I will introduce each of 
you first and then recognize you individually for your 
testimony.
    Our first panelist today is Mr. Chip Fulghum. He is the 
acting chief financial officer for the Department of Homeland 
Security as well as the agency's budget director.
    The Office of the Chief Financial Officer is responsibility 
for the fiscal management, integrity, and accountability of the 
Department. Its mission is to provide guidance and oversight of 
the Department's budget, financial management, financial 
operations for all Departmental management operations, the DHS 
Working Capital Fund, grants, and assist in awards and resource 
management systems to ensure that funds necessary to carry out 
the Department's mission are obtained, allocated, and extended 
in accordance with the Department's priorities and relevant law 
and policies.
    Mr. Fulghum joined the DHS in October 2012 as its budget 
director. Prior to joining the Department, Mr. Fulghum served 
for 28 years in the United States Air Force, retiring with the 
rank of colonel. He is also a graduate of The Citadel, the 
military college from South Carolina.
    It is an honor to have you here. Thanks for your service to 
our great Nation. Go, Bulldogs. But I hope my Tigers beat you 
next week. That is all I can say.
    Mr. Fulghum. They may have a problem next week.
    Mr. Duncan. Thank you for being here. Yes, sir.
    The second panelist is Mr. Asif Khan. He is a director at 
the U.S. Government Accountability Office for financial 
management and assurance issues. Mr. Khan has extensive 
experience in performing financial accounting, financial 
statements, audits, restatements, internal-control reviews, 
business process analysis. He has worked on large and complex 
audits and investigations relating to waste, fraud, and abuse. 
Prior to joining the GAO, Mr. Khan was a senior manager at 
Deloitte accounting firm.
    The third panelist is Ms. Anne Richards. She is the 
assistant inspector general for the Office of Audits under 
Office of Inspector General at the Department of Homeland 
Security. The Office of Audits focuses on promoting 
effectiveness, efficiency, and economy in DHS's programs and 
operations, in addition to detecting fraud, abuse, and waste 
and mismanagement. Prior to joining the Office of Inspector 
General, Ms. Richards was assistant inspector general at the 
U.S. Department of the Interior.
    I appreciate all the panelists being here today.
    I will now recognize Mr. Fulghum to testify.

 STATEMENT OF CHARLES FULGHUM, ACTING CHIEF FINANCIAL OFFICER, 
              U.S. DEPARTMENT OF HOMELAND SECURITY

    Mr. Fulghum. Thank you, Chairman Duncan, Ranking Member 
Barber, and Members of the subcommittee, for the opportunity to 
testify before you today on the Department of Homeland 
Security's progress towards strengthening financial management 
and ensuring strong stewardship of the taxpayers' dollars.
    DHS is committed to instituting sound financial management 
practices, which is evidenced by our recent achievements in 
auditability. Working together as ``One DHS'', the financial 
management community launched a multi-year effort to drive the 
Department toward a clean audit opinion and a full accounting 
for how it spends taxpayer dollars. As a part of this effort, 
DHS put in place strong internal controls, established 
Department-wide policies and business processes, strategically 
recruited staff, and developed essential skill sets through 
workforce development.
    DHS senior leadership is committed to identifying areas for 
improvement and developing plans to address those areas. Using 
corrective action plans as our roadmap, the Department 
established policies, processes, and structures to ensure 
consistent operations for accounting centers and financial 
management offices within the components.
    Because of these efforts, DHS has made substantial progress 
towards maturing financial management and reporting. In fiscal 
year 2012, approximately 90 percent of DHS's $87.2 billion in 
assets and liabilities were auditable, which is an increase 
from 63 percent in 2009. Last year, the Department was able to 
provide a qualified assurance on internal control over 
financial reporting and earned a qualified audit opinion on all 
its 2012 financial statements--a first in its history.
    These improvements have paved the way for the Department to 
reach its ultimate goal of sustainable clean audit opinions on 
all financial statements and on internal controls over 
financial reporting. DHS is committed to achieving an 
unqualified opinion on all its fiscal year 2013 financial 
statements. We are executing a multi-year plan to provide full 
assurance of the effectiveness of internal controls over 
financial reporting by 2016.
    It is critical that DHS continue to build on its successes, 
increasing the efficiency and effectiveness of financial 
management. Key to sustaining progress is the ability of 
components to produce consistent, reliable data from their 
financial systems.
    Several component financial systems are outdated and in 
need of modernization. To address this, DHS launched the 
Financial Systems Modernization initiative, which seeks to 
build increased business intelligence capabilities and 
modernize component systems where needed.
    The Department's decentralized approach to systems 
modernization conforms to the guidance from OMB to split 
modernization projects into smaller, simpler segments with 
clear deliverables and to focus on the most critical business 
needs first. It also conforms to OMB's objective to use shared 
services wherever possible. By buying a service, the Department 
can leverage proven processes and best practices, deliver 
functionality faster, and reduce the risk associated with 
building and maintaining a complex internal system.
    Through the Financial Systems Modernization initiative, DHS 
will be able to reduce costs by eliminating redundant or 
nonconforming systems and promote good business practices 
through the standardization of processes and data where 
possible.
    Under the target state for DHS Financial Systems 
Modernization, the Department uses enhanced systems tools to 
pull financial data from disparate systems and turn it into 
timely, actionable information to support informed decision-
making. These tools increased transparency into how we spend 
appropriated dollars and improve the quality of the Department-
wide financial reporting.
    By improving overall data integrity and analytics, the DHS 
financial management community can better equip Departmental 
leadership to take those tough trade-off decisions and maintain 
the Department's focus on its priority missions.
    Despite resource constraints, the DHS financial management 
community continues to identify and implement best practices to 
make operations as efficient and as effective as possible. This 
is only possible with the expertise and tireless efforts of our 
highly-skilled workforce. Together, we have built a sturdy 
foundation of sustainable financial management practices that 
will support Departmental operations for years to come. We will 
continue to work on improving financial management access 
across the Department, ensuring we make the most of every 
taxpayer dollar.
    Thank you for your continued support of this Department, 
and I am happy to answer any questions that you may have.
    [The prepared statement of Mr. Fulghum follows:]
                 Prepared Statement of Charles Fulghum
                           November 15, 2013
    Thank you Chairman Duncan, Ranking Member Barber, and Members of 
the subcommittee for the opportunity to testify before you on the 
Department of Homeland Security's (DHS) progress in strengthening 
financial management and ensuring strong stewardship of the resources 
entrusted to it.
    The DHS financial management community has a shared, related, and 
interdependent responsibility to deliver efficient financial 
management, and to ensure funds are obtained, allocated, and expended 
effectively and in accordance with Department priorities and applicable 
law and policies. DHS is committed to instituting sound financial 
management practices to safeguard taxpayer dollars, as is evidenced by 
recent achievements in auditability.
    During its first 5 years, the Department's headquarters was small, 
and it was faced with the task of having to unify the incongruent 
financial management policies, processes, and infrastructure that 
components brought with them to DHS. When the Department was stood up 
in 2003, there were an estimated 100 financial management systems 
operating in 22 components. In addition, components were operating 
under legacy policies and disparate business processes. Further, DHS 
inherited 30 significant financial reporting deficiencies, 18 of which 
were considered material weaknesses. These conditions hampered the 
Department's ability to produce timely, reliable financial data.
    Since 2003, the Department has worked with Congress, the Government 
Accountability Office, the Office of Management and Budget, the DHS 
Office of Inspector General, and our independent auditor to strengthen 
financial management to support the DHS mission. The passage of the DHS 
Financial Accountability Act in 2004 reinforced our efforts to mature 
Department operations, providing an essential framework to successfully 
structure and improve financial management and corrective action 
planning for DHS through audit opinions, internal controls over 
financial reporting, and accountability reports.
    Working together as One DHS, the financial management community 
launched a multi-year effort to drive the Department toward a clean 
audit opinion and a full accounting for how it spends taxpayer dollars. 
DHS put in place strong internal controls, strategically recruited 
staff, developed essential skill sets through workforce training, and 
established Department-wide policies and business processes--the 
fundamental building blocks for effective financial management. To 
improve the auditability of its financial statements, DHS has worked to 
standardize business practices and to execute systematic plans to 
correct recognized weaknesses.
    DHS senior management has a continued commitment toward identifying 
areas for improvement, developing and monitoring corrective actions, 
and establishing and maintaining effective financial management 
internal controls. Each year, my office works closely with DHS 
components to perform targeted risk assessments to identify weaknesses 
in accounting and financial reporting where problems could occur due to 
changing operations and programs, and to develop and implement mission 
action plans for those high-risk areas. Component heads certify that 
the annual plans address critical deficiencies identified by management 
and/or the auditor, and commit to devoting adequate resources to 
remediate the deficiencies and to strengthen and improve the overall 
internal control environment. Using mission action plans as a roadmap, 
the Department has established policies, processes, and structures to 
help ensure consistent operations for accounting centers and financial 
management offices within the components. For example, DHS developed 
the Financial Management Policy Manual, which provides the Department 
with current and comprehensive financial management policies and 
procedures to ensure that DHS maintains efficient and transparent 
operations and that our resources are not vulnerable to waste, fraud, 
and mismanagement.
    These efforts have built a foundation of strong financial 
management policies and practices, the impact of which is visible in 
our substantial progress maturing DHS financial management and 
reporting. In fiscal year 2012, approximately 90 percent of DHS's $87.2 
billion in assets and liabilities were auditable, an increase from 63 
percent in fiscal year 2009. The Department has continued to improve 
internal control deficiencies through corrective actions and best 
practices. DHS has reduced its material weaknesses from 18 to 5, and 
has further reduced the scope of several remaining weaknesses due to 
significant progress achieved in remediating concerns in those areas.
    DHS continues to demonstrate measurable progress every year, 
developing and implementing corrective actions and decreasing material 
weakness and significant deficiency conditions, confirming DHS's on-
going commitment to sound financial management practices. In 2012, the 
Department earned a qualified audit opinion on all its fiscal year 2012 
financial statements, a first in its history. This means that the 
Department has systems in place to responsibly account for its 
resources. The Department was also able to provide a qualified 
assurance on internal control over financial reporting, our first major 
milestone toward obtaining an opinion on internal control. This means 
that with the exception of a few areas, DHS has good business processes 
in place to ensure our financial statements are accurate. These 
achievements highlight the success of management integration efforts at 
DHS and represent important steps toward increasing transparency and 
accountability for the taxpayer resources entrusted to the Department.
    DHS remains committed to further strengthening its financial 
management practices to better safeguard taxpayer dollars. The 
Department will continue to apply its audit readiness strategy of 
targeted risk assessment and strong oversight of corrective actions, 
working closely with components to mitigate the risk of any new 
material weaknesses or audit qualifications as a means to sustain 
continuing success. This will lead the Department to its ultimate goal 
of sustainable clean audit opinions on all financial statements and on 
internal controls over financial reporting. DHS is committed to 
achieving an unqualified opinion on all its fiscal year 2013 financial 
statements and is executing its multi-year plan to provide full 
assurance of the effectiveness of its internal control over financial 
reporting by fiscal year 2016.
    It is critical that DHS continue to build on its successes, 
increasing the efficiency and effectiveness of financial management. 
Key to sustaining progress implementing sound financial management 
practices and internal controls is the ability of components to produce 
consistent, reliable financial data. By improving overall data 
integrity and analytics, DHS can produce accurate and auditable 
financial statements and can support leadership in making trade-off 
decisions and maintaining the Department's focus on its priority 
missions.
    Some component DHS financial systems are outdated and in need of 
modernization. To address this, DHS launched the Financial Systems 
Modernization initiative to expand business intelligence capabilities 
and modernize financial systems where needed. The Department's 
decentralized approach conforms to guidance from Office of Management 
and Budget (OMB) to split modernization projects into smaller, simpler 
segments with clear deliverables and to focus on the most-critical 
business needs first. It also conforms to OMB's objective to leverage 
shared services where possible, rather than continuing to make costly 
capital investments in duplicative accounting systems. Through the 
Financial Systems Modernization initiative, DHS will be able to better 
manage its resources, provide enterprise-level information quicker to 
support critical decision making, reduce costs by eliminating redundant 
or nonconforming systems, and promote good business practices through 
standardization of processes and data where possible.
    Each DHS component, supported by the strong governance and 
oversight of the Financial Systems Modernization Executive Steering 
Committee, is analyzing solutions with varying degrees of integration, 
including integration with acquisition and asset management systems. 
The Department is approaching each modernization using procurement best 
practices to obtain the best possible value. DHS provides oversight and 
guidance to ensure component modernization projects align with 
Department objectives and best practices. Components are required to 
conform to Department-wide standards to ensure consistent enterprise-
level information and reporting to internal and external stakeholders. 
Each component is also required to develop and maintain an updated 
Integrated Master Schedule. After each component determines its path 
forward, each will develop and implement a specific individual 
transition plan for moving from its current financial management 
environment to the future financial management environment on the basis 
of its finalized path forward.
    DHS and its components collaborate to ensure financial system 
modernization projects are planned and executed to meet reporting 
requirements, minimize costs for financial operations, and make certain 
that financial management systems provide for the systematic 
measurement of performance and have management controls in place to 
support the DHS mission. My office performed an extensive review of 
lessons learned and best practices from other Federal financial system 
projects, and is working with DHS Centers of Excellence to ensure best 
practices in program management, systems engineering, and security are 
incorporated into component projects. In addition, DHS is incorporating 
lessons learned from previous modernization efforts, as well as 
recommendations from the Government Accountability Office and a 
recently completed independent assessment validating its approach. DHS 
will continue to collaborate with Treasury and OMB to execute our 
aligned strategy and will update relevant supporting documentation as 
each component completes its Alternatives Analysis and finalizes its 
path forward.
    Under the target state for DHS financial systems modernization, the 
Department will use enhanced business intelligence tools to pull 
financial data from disparate systems and turn it into timely, 
actionable information to support informed decision making by 
Department leadership. DHS is standardizing data elements and business 
processes to support internal controls and improve and sustain audit 
success, and is providing governance and oversight of current and 
future financial management system enhancements. The business 
intelligence tools increase transparency into how we spend appropriated 
dollars and improve the quality of Department-wide financial reporting 
through automated data controls. These tools have improved Departmental 
compliance with the CFO Act and DHS Financial Accountability Act, 
regulations and OMB guidance, and Government accounting standards. 
These tools have also increased efficiencies by reducing the 
Department's reliance on manual data calls, which are labor-intensive 
and have a greater risk of inaccurate, outdated, or incomplete 
contents.
    The DHS financial management community continues to identify and 
implement best practices to make operations as efficient and effective 
as possible. This is only possible with the expertise and tireless 
efforts of our highly-skilled employees. Together, we have built a 
sturdy foundation of sustainable financial management practices that 
will support Department operations for years to come. We will continue 
the work of improving financial management across the Department, 
ensuring we make the most of every taxpayer dollar.
    Thank you for your continued support of the Department of Homeland 
Security. I am happy to answer any questions you may have.

    Mr. Duncan. Thank you, Colonel.
    The Chairman will now recognize Mr. Khan.

 STATEMENT OF ASIF A. KHAN, DIRECTOR, FINANCIAL MANAGEMENT AND 
        ASSURANCE, U.S. GOVERNMENT ACCOUNTABILITY OFFICE

    Mr. Khan. Good morning, Chairman Duncan, Ranking Member 
Barber, and Members of the subcommittee. I am here to discuss 
our recent work on the Department of Homeland Security's 
efforts to improve its financial management and reporting. I 
would like to thank the subcommittee for holding this hearing 
and focusing attention on actions needed to meet difficult 
challenges.
    Effective financial management and reporting is important 
for DHS decision makers and their stewardship of Federal funds. 
It is also integral to DHS business operations, such as 
acquisition, payroll, asset management, that provides crucial 
support to DHS's mission.
    Today, I will discuss the results of our recent work on 
DHS's efforts to improve its financial management and 
reporting. I will focus on progress towards obtaining a clean 
opinion on both its financial statements and internal controls 
over reporting as well as modernizing its financial management 
systems.
    Since DHS was established in 2003, its internal controls 
and financial management system weaknesses have impeded its 
ability to provide reliable, timely, and useful financial data 
to support daily operations and decision making. These 
deficiencies contributed to our designation of DHS management 
functions, including financial management, as high-risk.
    Sound financial management at DHS is a top priority for 
Congress, which enacted legislation in 2004 requiring DHS to 
undergo annual financial statement audits. DHS is also required 
to obtain an audit opinion on its internal controls over 
financial reporting, making it the only CFO Act agency 
explicitly required to do so.
    A key factor in improving accountability and achieving an 
entity's mission is to implement an effective internal-control 
system. In 2012, additional legislation was passed required DHS 
to take the necessary steps to ensure that its fiscal year 2013 
financial statements are ready to obtain a clean opinion.
    In recent years, DHS has made considerable progress towards 
obtaining a clean opinion on its financial statements. However, 
DHS has made limited progress towards obtaining a clean opinion 
on its internal controls and modernizing its financial 
management systems. DHS's top leaders have shown commitment to 
making the needed improvements, and its components are taking 
the actions necessary to identify weaknesses, yet much remains 
to be done.
    For the first time, DHS was able to receive a qualified 
opinion on all its fiscal year 2012 financial statements, in 
part based on management's commitment to improving its 
financial management processes. DHS is working to resolve the 
deficiencies that resulted in the qualified opinion and has a 
goal of achieving a clean opinion on its financial statements 
for fiscal year 2013. However, the auditors' report indicated 
that DHS continues to rely on compensating controls and complex 
manual workarounds to support its financial reporting.
    Over the years, DHS's auditors have reported a reduction in 
the number of material weaknesses in internal controls. For the 
most recent completed audit, DHS's auditors reported five 
material weaknesses at eight components, including the Coast 
Guard. According to DHS's auditors, these material weaknesses 
limit DHS's ability to process, store, and report financial 
data in a manner that ensures accuracy, confidentiality, 
integrity, and availability of data without substantial manual 
intervention.
    DHS has plans to resolve these remaining weaknesses, with a 
goal of achieving a clean opinion on its internal controls for 
fiscal year 2016. DHS components are in the early stages of 
planning for their financial management systems, and DHS 
expects these efforts to be completed by 2018.
    This decentralized approach is consistent with OMB 
guidance. However, DHS has not fully incorporated certain 
information technology best practices, including developing a 
detailed target state that describes how the component systems 
will operate in the future. DHS also lacks a transition plan 
that describes how components will move to a new Department-
wide financial management environment. Without a target state 
and transition plan, DHS risks using resources ineffectively by 
investing and implementing systems that do not provide the 
needed capabilities.
    In closing, we are encouraged by the sustained commitment 
of DHS leadership. They have developed plans and begun the 
implementation of specific action items in all financial 
management areas. Their follow-through to effectively remediate 
the auditors' finding and implement IT best practices will be 
needed to sustain progress over the long term. To support this 
subcommittee's oversight, GAO will continue monitoring and 
reporting on the Department's financial management 
improvements.
    Mr. Chairman, this concludes my prepared statement. I would 
be happy to answer any questions you or the other Members of 
the subcommittee may have. Thank you.
    [The prepared statement of Mr. Khan follows:]
                   Prepared Statement of Asif A. Khan
                           November 15, 2013
dhs financial management.--continued effort needed to address internal 
                     control and system challenges
                              gao-14-106t
    Chairman Duncan, Ranking Member Barber, and Members of the 
subcommittee: I am pleased to be here today to discuss our recent work 
on the Department of Homeland Security's (DHS) efforts to improve its 
financial management and reporting. Since DHS's inception in March 
2003,\1\ internal control and financial management system weaknesses 
have impeded its ability to provide reliable, timely, and useful 
financial data to support daily operational decision making.\2\ Those 
internal control and financial management system deficiencies 
contributed to our decision to designate DHS's management functions--
including financial management--as high-risk in 2003.\3\ As noted in 
our 2013 high-risk report, continued improvement is needed to mitigate 
the risks identified and to help ensure that management weaknesses do 
not hinder the Department's ability to efficiently and effectively use 
its resources and accomplish its mission.\4\
---------------------------------------------------------------------------
    \1\ In March 2003, DHS was created by merging 22 disparate agencies 
and organizations, many of which had known financial management 
weaknesses and vulnerabilities. Only 5 of the agencies that transferred 
to DHS had been subject to financial statement audits--U.S. Customs 
Service, Transportation Security Administration, Immigration and 
Naturalization Service, Federal Emergency Management Agency, and 
Federal Law Enforcement Training Center. DHS currently comprises 16 
component entities.
    \2\ Internal control is a major part of managing an organization 
and comprises the plans, methods, and procedures used to meet missions, 
goals, and objectives and, in doing so, supports performance-based 
management. GAO, Standards for Internal Control in the Federal 
Government, GAO/AIMD-00-21.3.1 (Washington, DC: November 1999) provides 
an overall framework for establishing and maintaining internal control 
and for identifying and addressing major performance and management 
challenges and areas at greatest risk of fraud, waste and abuse, and 
mismanagement.
    \3\ GAO, High-Risk Series: An Update, GAO-03-119 (Washington, DC: 
January 2003).
    \4\ GAO, High-Risk Series: An Update, GAO-13-283 (Washington, DC: 
February 2013).
---------------------------------------------------------------------------
    The DHS Audit Requirement Target Act of 2012 requires DHS to take 
the necessary steps to ensure that its fiscal year 2013 financial 
statements are ready in a timely manner in order to obtain a clean 
opinion.\5\ A clean opinion means that the financial statements are 
presented fairly, in all material respects, in accordance with the 
applicable accounting principles. DHS's financial statements consist of 
the consolidated balance sheets; statements of net cost, changes in net 
position, budgetary resources, and custodial activity; and related 
notes. Further, DHS is required by the DHS Financial Accountability Act 
of 2004 \6\ to obtain an audit opinion on its internal control over 
financial reporting.\7\ A clean opinion states that, in the auditors' 
opinion, the entity maintained effective internal control over 
financial reporting.
---------------------------------------------------------------------------
    \5\ Pub. L. No. 112-217,  2(b), 126 Stat. 1591 (Dec. 20, 2012).
    \6\ Pub. L. No. 108-330,  4(a), 118 Stat. 1277 (Oct. 16, 2004).
    \7\ The objectives of internal control over financial reporting are 
to provide reasonable assurance that: (1) Transactions are properly 
recorded, processed, and summarized to permit the preparation of the 
financial statements in conformity with U.S. generally accepted 
accounting principles, and assets are safeguarded against loss from 
unauthorized acquisition, use, or disposition, and (2) transactions are 
executed in accordance with laws governing the use of budget authority 
and with other laws and regulations that could have a direct and 
material effect on the financial statements.
---------------------------------------------------------------------------
    We have long held that accountability is part of the organizational 
culture that goes well beyond receiving a clean audit opinion on the 
financial statements; the underlying premise is that agencies must 
become more results-oriented, cost-conscious, and focused on internal 
control. A disciplined and structured approach to assessing internal 
control is critical to successfully implement and maintain adequate 
financial management oversight in the Federal Government.
    My remarks today are primarily based on our September 2013 report 
on DHS financial management issues.\8\ Accordingly, this testimony 
addresses DHS's progress toward: (1) Obtaining a clean opinion on its 
financial statements; (2) obtaining a clean opinion on its internal 
control over financial reporting; and (3) modernizing its financial 
systems, including the extent to which DHS's approach for modernizing 
its current financial systems was consistent with Office of Management 
and Budget (OMB) requirements. We also discuss whether DHS followed 
certain information technology (IT) best practices while implementing 
its approach. For our report, we reviewed relevant DHS guidance and 
documents, determined whether DHS followed OMB requirements and certain 
industry best practices, and interviewed key DHS officials. We updated 
this statement for new information obtained from DHS since the issuance 
of our report related to DHS's schedule for completing its financial 
system modernization efforts. This work was performed in accordance 
with generally accepted Government auditing standards. Those standards 
require that we plan and perform the audit to obtain sufficient, 
appropriate evidence to provide a reasonable basis for our findings and 
conclusions based on our audit objectives. Our report provides further 
details on our scope and methodology.
---------------------------------------------------------------------------
    \8\ GAO, DHS Financial Management: Additional Efforts Needed to 
Resolve Deficiencies in Internal Controls and Financial Management 
Systems, GAO-13-561 (Washington, DC: Sept. 30, 2013).
---------------------------------------------------------------------------
    In summary, we found DHS:
   has made considerable progress toward generating reliable 
        financial data to obtain a clean opinion on its financial 
        statements;
   has made limited progress in establishing effective controls 
        to obtain a clean opinion on its internal control over 
        financial reporting; and:
   is in the early planning stages of implementing its 
        decentralized approach with each component determining the 
        specific solution for its financial systems modernization.
                    opinion on financial statements
    DHS's progress on obtaining a clean opinion on its financial 
statements includes reducing the number of audit qualifications from 11 
in 2005 to 1 in 2010;\9\ receiving a qualified audit opinion on two of 
its five fiscal year 2011 financial statements--the consolidated 
balance sheet and statement of custodial activity;\10\ expanding the 
financial audit in fiscal year 2012 to all financial statements; and 
obtaining a qualified opinion on the fiscal year 2012 financial 
statements.\11\ DHS was able to achieve this progress based in part on 
management's commitment to improving its financial management process.
---------------------------------------------------------------------------
    \9\ An audit qualification is a matter identified by auditors that 
contributes to their inability to render a clean opinion on the 
financial statements.
    \10\ Auditors reported that: (1) The other three financial 
statements, including the statements of net cost, changes in net 
position, and budgetary resources, were not auditable, and (2) DHS must 
be able to represent that its balance sheet is fairly stated, and 
obtain at least a qualified opinion before it is practical to extend 
the audit to other financial statements.
    \11\ A qualified opinion, in relation to the financial statements, 
states that certain reported balances are unauditable, or the financial 
statements contain a material departure from generally accepted 
accounting principles, or both.
---------------------------------------------------------------------------
    DHS is working to resolve the deficiencies in the U.S. Coast 
Guard's (USCG)--one of DHS's major component entities--ability to 
complete certain reconciliations and provide evidence supporting 
certain components of general property, plant, and equipment (PP&E), as 
well as heritage and stewardship assets that caused its auditors to 
issue a qualified opinion on its fiscal year 2012 financial statements. 
DHS has a goal of achieving a clean opinion for fiscal year 2013. 
However, the auditors' report indicates that DHS continues to rely on 
compensating controls and complex manual work-arounds to support its 
financial reporting, rather than sound internal control over financial 
reporting and effective financial management systems.
                      opinion on internal control
    In regard to DHS's progress on obtaining a clean opinion on 
internal control over financial reporting, from fiscal years 2005 
through 2011, DHS's auditors reported a reduction in the number of 
material weaknesses in internal control over financial reporting from 
10 to 5 and a decrease in the number of control deficiencies 
contributing to the material weaknesses from 30 to 15.\12\ Although the 
number of auditor-reported material weaknesses in DHS's internal 
control over financial reporting has decreased since fiscal year 2005, 
the largest reduction--for fiscal year 2007--was due to a consolidation 
of weaknesses into fewer, broader categories for reporting 
purposes.\13\ For fiscal year 2012, the most recently completed audit, 
DHS's auditors reported material weaknesses in five areas related to 
deficiencies at eight components, including USCG.
---------------------------------------------------------------------------
    \12\ A material weakness is a significant deficiency, or a 
combination of significant deficiencies, in internal control such that 
there is a reasonable possibility that a material misstatement of the 
entity's financial statements will not be prevented, or detected and 
corrected, on a timely basis. A significant deficiency is a control 
deficiency, or combination of deficiencies, in internal control 
important enough to merit attention by those charged with governance. A 
control deficiency exists when the design or operation of a control 
does not allow management or employees, in the normal course of 
performing their assigned functions, to prevent, or detect and correct, 
misstatements on a timely basis.
    \13\ For fiscal year 2007, auditors consolidated certain material 
weaknesses by combining: (1) Intragovernmental balances into the 
financial reporting material weakness; (2) PP&E with the operating 
materials and supplies material weakness and reporting the combination 
as capital assets and supplies; and (3) actuarial liabilities with the 
legal and other liabilities and reported the combination as actuarial 
and other liabilities. The auditors noted that DHS had made progress 
during fiscal year 2007 in remediating the deficiency related to 
intragovernmental balances. USCG was the only DHS component that 
contributed to the fiscal year 2006 material weaknesses in operating 
materials and supplies and actuarial liabilities, but the auditors did 
not report that USCG had made progress during fiscal year 2007 in 
remediating the deficiencies within operating materials and supplies 
and actuarial liabilities.
---------------------------------------------------------------------------
    The material weaknesses reported in fiscal year 2012 include: (1) 
Financial reporting, (2) IT controls and financial system 
functionality, (3) property, plant, and equipment, (4) environmental 
and other liabilities, and (5) budgetary accounting.\14\ According to 
DHS's auditors, the existence of these material weaknesses limits DHS's 
ability to process, store, and report financial data in a manner that 
ensures accuracy, confidentiality, integrity, and availability of data 
without substantial manual intervention. DHS has plans to resolve the 
remaining five material internal control weaknesses, with a goal of 
achieving a clean opinion on internal control over financial reporting 
for fiscal year 2016. DHS will continue to face challenges in obtaining 
and sustaining a clean opinion on its financial statements and 
attaining a clean opinion on its internal control over financial 
reporting until serious internal control and financial management 
systems deficiencies are resolved.
---------------------------------------------------------------------------
    \14\ For detailed information on the five material weaknesses, see 
GAO-13-561, appendix IV.
---------------------------------------------------------------------------
                      financial management systems
    For nearly a decade, DHS tried to modernize its financial 
management systems by attempting to implement a Department-wide 
integrated financial management system. DHS's efforts included two 
projects--one that ended in December 2005 when DHS acknowledged that 
its pilot project had not been successful, and another in June 2011 
when requirements had changed and DHS canceled the program. Now, under 
its decentralized approach, DHS plans to modernize the financial 
systems of components with the most critical need first and integrate 
the financial systems with asset management and acquisition systems, 
resulting in component-level integrated financial management systems. 
DHS determined that components with a critical business need to 
modernize their financial management systems include Immigration and 
Customs Enforcement and USCG, and their customer components, as well as 
the Federal Emergency Management Agency. Components are in the early 
planning stages of implementing the approach, and as of September 2013, 
DHS estimated that its financial system modernization efforts will not 
be completed until fiscal year 2018.
    In our September 2013 report, we found that DHS's decentralized 
approach for modernizing its components' financial systems is 
consistent with relevant OMB requirements, such as implementing 
projects in smaller, simpler segments, but not all relevant IT best 
practices have been fully implemented. DHS has implemented certain IT 
recommended best practices that reflect key areas of effective program 
management, such as conducting an analysis of alternatives, 
establishing a governance structure, developing financial management 
systems baseline business process requirements, and developing a 
description of its current financial management environment. However, 
DHS had not fully incorporated other IT best practices, including 
developing a description of how its components' financial management 
systems will operate in the future--called a detailed target state--or 
a description of how components will transition to a new financial 
management environment--called a Department-level transition plan.\15\
---------------------------------------------------------------------------
    \15\ We also had two other findings and recommendations in our 
report related to IT best practices and the need for DHS, at the time 
of our review, to update its standard operating procedures and include 
specific procedures for revising milestone dates and providing written 
confirmation of completed activities reflected in its integrated master 
schedule and for performing key elements of a lessons learned process. 
After DHS received our draft report for comment, DHS finalized its 
procedures to resolve these issues, and we agreed that DHS had 
completed actions to address these two recommendations.
---------------------------------------------------------------------------
    To help DHS deploy component-level integrated financial management 
systems, we made two recommendations to DHS regarding the need to 
follow best practices related to its target state and transition plan. 
After reviewing the draft report, DHS generally agreed with our 
recommendations and described actions already taken to address them. 
However, we believe that further action is needed to address these 
recommendations. Specifically, DHS has not developed other important 
details for its target state, such as Department-level operational 
needs and characteristics, including the systems' availability, data 
flow, expandability, and interoperability. In addition, its transition 
strategy is missing needed elements of a transition plan such as 
milestones and time frames for implementing new systems as well as the 
optimal sequencing of activities. Without a detailed target state and 
Department-level transition plan, DHS has an increased risk of, among 
other things, investing in and implementing systems that do not provide 
the desired capabilities and inefficiently using resources during its 
financial management system modernization efforts.
    With regard to the status of DHS's efforts to complete actions 
necessary to achieve removal from our high-risk list, in a September 
2010 letter to DHS, we identified, and DHS subsequently agreed to 
achieve, 31 actions and outcomes, including 9 related to financial 
management, that are critical to addressing the high-risk issues and 
challenges within the Department's management areas.\16\ Based on our 
recent review, we determined that DHS has made progress improving its 
financial management and fully addressing 2 of the 9 high-risk 
financial management actions and outcomes--obtaining top management 
commitment and developing corrective action plans.\17\ However, a 
significant amount of work remains to be completed on the remaining 7 
financial management actions and outcomes, which include obtaining and 
sustaining a clean opinion on its financial statements, addressing 
weaknesses in internal controls and systems to obtain an opinion on the 
effectiveness of internal control over financial reporting, ensuring 
that its financial systems substantially comply with the Federal 
Financial Management Improvement Act of 1996,\18\ and deploying modern 
financial systems at certain components. Achieving these outcomes will 
greatly enhance DHS's ability to produce reliable, timely, and useful 
financial information to support operational decision making, and thus 
assist it in efficiently and effectively using its resources to 
accomplish its mission.
---------------------------------------------------------------------------
    \16\ For a list and discussion of the 31 actions and outcomes, see 
GAO, Department of Homeland Security: Continued Progress Made Improving 
and Integrating Management Areas, but More Work Remains, GAO-12-1041T 
(Washington, DC: Sept. 20, 2012); and High-Risk Series: Government-wide 
2013 Update and Progress Made by the Department of Homeland Security, 
GAO-13-444T (Washington, DC: Mar. 21, 2013).
    \17\ For detailed information on the 9 financial management actions 
and outcomes, see GAO-13-561, appendix II.
    \18\ Pub. L. No. 104-208, div. A, title VIII, 110 Stat. 3009, 3009-
389 (Sept. 30, 1996).
---------------------------------------------------------------------------
    Chairman Duncan, Ranking Member Barber, and Members of the 
subcommittee, this concludes my prepared remarks. I would be happy to 
answer any questions that you may have.

    Mr. Duncan. Thank you, Mr. Khan.
    Ms. Richards, welcome back. You are recognized.

STATEMENT OF ANNE L. RICHARDS, ASSISTANT INSPECTOR GENERAL FOR 
    AUDITS, OFFICE OF INSPECTOR GENERAL, U.S. DEPARTMENT OF 
                       HOMELAND SECURITY

    Ms. Richards. Good morning, Chairman Duncan, Ranking Member 
Barber, and Members of the subcommittee. Thank you for inviting 
me to testify about financial management at the Department of 
Homeland Security.
    Today, I will focus my remarks on information provided in 
two reports: The fiscal year 2012 Independent Auditors' Report 
on Financial Statements and Internal Control Over Financial 
Reporting, which was prepared by the independent auditing firm 
KPMG, and the financial management section of our Major 
Management Challenges report. Both of these reports were issued 
in November 2012. We expect to issue the fiscal year 2013 
reports in mid-December of this year.
    Overall, the Department continued to improve its financial 
management in fiscal year 2012, and it achieved a significant 
milestone: The completion of a full-scope audit on all 
financial statements. The independent auditors issued a 
qualified opinion on DHS's financial statements but were unable 
to opine on the internal controls over financial reporting 
because of the material weaknesses identified during the audit 
of those controls.
    In the fiscal year 2012 financial statement audit, KPMG 
identified the same five material weaknesses as in the fiscal 
year 2011 audit. Those were in financial reporting; IT controls 
and financial system functionality; property, plant, and 
equipment; environmental and other liabilities; and budgetary 
accountings. The auditors also identified other significant 
deficiencies in general Department-level controls, grants 
management, revenue collected on behalf of the U.S. Treasury, 
and drawbacks.
    After the fiscal year 2011 report, the Department and its 
components worked diligently to take steps to address the 
identified deficiencies. In the fiscal year 2012 report, the 
auditors made additional recommendations for corrective 
actions.
    Of the material weaknesses, IT controls and financial 
system functionality is of particular concern. General IT 
controls and IT application controls are essential to effective 
and reliable financial and performance data. DHS is making 
progress in the area of IT controls. In fiscal year 2012, DHS 
remediated or corrected 46 percent of the prior-year IT control 
weaknesses, with CBP, FEMA, and TSA making the most progress.
    Financial system functionality, which is literally how the 
financial systems take the data input, such as journal entries, 
and compile the financial statements, as well as how DHS's 
myriad of systems align or can be coordinated to exchange 
information, remains troubling. In expanding our audit to 
include all the financial statements rather than just the 
balance sheet and statement of custodial activity, we have 
discovered additional weaknesses for deficiencies in financial 
system functionality.
    The ability to provide fairly presented financial 
statements and obtain an unqualified audit opinion is an 
important step in DHS's journey to sound financial management, 
and the Department continues to work diligently towards this 
goal. However, a clean financial statement audit does not 
ensure that there is sound financial information about all 
Department operations.
    As we noted in our fiscal year 2012 report on DHS's major 
management challenges, the Department's financial management 
systems cannot yet provide timely accumulated cost information 
by major program or areas of responsibility aligned with each 
entity's major goals and outputs. As of fiscal year 2012, the 
Department was still using manual data calls to collect cost 
information from the various components and to compile 
consolidated data. According to DHS, it is working to improve 
its access to such information as well as the quality of the 
information Department-wide.
    The Department has clearly demonstrated its commitment to 
improving its financial practices and operations. We believe 
that a clean audit opinion is a reachable goal, and we remain 
committed to conducting financial statement and other 
performance audits and making recommendations that will help 
ensure DHS ensures the proper stewardship of taxpayer dollars.
    Mr. Chairman, this concludes my prepared statement. I 
welcome any questions you or the other Members of the 
subcommittee may have.
    [The prepared statement of Ms. Richards follows:]
                 Prepared Statement of Anne L. Richards
                           November 15, 2013
    Good morning Chairman Duncan, Ranking Member Barber, and Members of 
the subcommittee: Thank you for inviting me here today to testify about 
financial management at the Department of Homeland Security (DHS). 
Today, I will address financial management within the Department by 
focusing on the Independent Auditors' Report on DHS' FY 2012 Financial 
Statements and Internal Control over Financial Reporting and on our 
fiscal year 2012 Major Management Challenges report, both of which were 
issued in November 2012. KPMG, LLP prepared the independent auditors' 
report. Both fiscal year 2013 reports will be issued in mid-December of 
this year.
    The Federal Government has a fundamental responsibility to be an 
effective steward of taxpayer dollars. Sound financial practices and 
related management operations are critical for DHS to achieve its 
mission and to provide reliable, timely financial information to 
support management decision making throughout DHS. Congress and the 
public must be confident that the Department is properly managing its 
finances to minimize inefficient and wasteful spending, and to make 
informed decisions to manage its programs and implement its policies.
    Although DHS produced an auditable balance sheet and statement of 
custodial activity in fiscal year 2011 and obtained a qualified opinion 
on those statements, challenges remained for the Department's financial 
management. Achieving a qualified opinion in fiscal year 2011 resulted 
from considerable effort by DHS employees, rather than through complete 
implementation of a reliable system of control over financial 
reporting. As a result of DHS obtaining a qualified opinion on its 
balance sheet and statement of custodial activity in fiscal year 2011, 
the scope of the fiscal year 2012 audit was increased to include 
statements of net cost, changes in net position, and combined statement 
of budgetary resources.
    The Department continued to improve financial management in fiscal 
year 2012 and achieved a significant milestone. Fiscal year 2012 was 
the first year the Department completed a full scope audit on all 
financial statements. The independent auditors issued a qualified 
opinion on the financial statements. Nevertheless, the Department still 
had work to do in fiscal year 2013. In fiscal year 2012, KPMG was 
unable to perform the necessary procedures to form an opinion on DHS' 
internal control over financial reporting of that fiscal year's 
financial statements. In addition, the Department had material 
weaknesses in internal control over financial reporting. To sustain or 
improve upon the fiscal year 2012 qualified opinion, DHS needed to 
continue remediating the remaining control deficiencies.
                       managerial cost accounting
    As we noted in our fiscal year 2012 report on DHS' major management 
challenges, the Department does not have the ability to provide timely 
cost information by major program, and by strategic and performance 
goals. Its financial management systems do not allow for the 
accumulation of costs at the consolidated level by major program, nor 
do they allow for the accumulation of costs by responsibility segments 
that directly align with the major goals and outputs described in each 
entity's strategic and performance plan. The Department also needs to 
develop a plan to implement managerial cost accounting, including 
necessary information systems functionality. As of fiscal year 2012, 
the Department was using manual data calls to collect cost information 
from the various components and compile consolidated data. During 
audits that we issued in fiscal year 2013, we identified a number of 
components that did not have the ability to provide various cost data 
when requested. For example:
   During the audit of the Transportation Security 
        Administration's (TSA) Aviation Channeling Service Provider 
        project (Transportation Security Administration's Aviation 
        Channeling Services Provider Project, OIG-13-42, February 
        2013), we learned that TSA did not track and report all project 
        costs. According to TSA officials, it was impossible to provide 
        exact costs because the expenditures were not tracked in 
        detail.
   During the audit examining U.S. Customs and Border 
        Protection's (CBP) acquisition and conversion of H-60 
        helicopters (DHS' H-60 Helicopter Programs, OIG 13-89 Revised, 
        May 2013), CBP officials received high-level cost information 
        from the U.S. Army, but it did not include the detail necessary 
        for adequate oversight of the component's H-60 programs. For 
        example, the Army conducted approximately 15,000 tests on CBP 
        H-60 components, but CBP could not identify which tests were 
        completed or the specific costs. In addition, for each CBP H-60 
        helicopter, financial data from three sources listed a 
        different total cost.
   During the audit of CBP's use of radiation portal monitors 
        at seaports (United States Customs and Border Protection's 
        Radiation Portal Monitors at Seaports, OIG-13-26, January 
        2013), we identified instances in which the acquisition values 
        for the monitors were incorrect and could not be supported.
                     anti-deficiency act violations
    As of September 30, 2012, the Department and its components 
reported five potential Anti-Deficiency Act (ADA) violations in various 
stages of review, including one potential ADA violation identified in 
fiscal year 2012, which the Department was investigating. The four 
other ADA violations involved: (1) Expenses incurred before funds were 
committed or obligated, (2) pooled appropriations to fund shared 
services, (3) a contract awarded before funds had been re-apportioned, 
and (4) improper execution of the obligation and disbursement of funds 
to lease passenger vehicles. No new ADA violations were identified in 
fiscal year 2013.
               fiscal year 2012 financial statement audit
    The Independent Auditors' Report on DHS' FY 2012 Financial 
Statements and Internal Control over Financial Reporting contained five 
items that showed the status of DHS' efforts to address internal 
control weaknesses in financial reporting. These were identified as 
material weaknesses in the fiscal year 2011 independent audit of DHS' 
consolidated balance sheet and statement of custodial activity. All 
five material weaknesses remained in fiscal year 2012. Table 1, which 
appeared in independent auditors' report, summarizes the auditors' 
fiscal year 2012 findings. The auditors identified significant 
deficiencies considered to be material weaknesses in financial 
reporting; information technology (IT) controls and financial system 
functionality; property, plant, and equipment (PP&E); environmental and 
other liabilities; and budgetary accounting. DHS made progress in 
remediating two material weaknesses. Specifically, the United States 
Coast Guard (USCG) properly stated environmental liability balances, 
which resulted in the auditors retroactively removing the fiscal year 
2011 qualification in this area. The USCG was also able to remediate a 
number of internal control weaknesses related to IT scripting, and it 
continued to make progress in PP&E, with the goal of being able to 
assert to the entire PP&E balance by January 2013. They did not, 
however, meet that goal. Other significant deficiencies were identified 
in entity-level controls, grants management, and custodial revenue and 
drawback.


[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]



    In fiscal year 2012, the Department provided qualified assurance 
that internal control over financial reporting was operating 
effectively at September 30, 2012, and it acknowledged that material 
weaknesses continued to exist in key financial processes. Consequently, 
the independent auditors were unable to render an opinion on DHS' 
internal controls over financial reporting in fiscal year 2012.
                          financial reporting
    Financial reporting presents financial data on an agency's 
financial position, its operating performance, and its flow of funds 
for an accounting period. In fiscal year 2011, the USCG, U.S. 
Citizenship and Immigration Services (USCIS), and TSA contributed to 
the material weakness in this area. Although some findings reported in 
fiscal year 2011 were corrected, other findings at the USCG and TSA 
remained in fiscal year 2012. Also, in fiscal year 2012, new financial 
reporting findings were identified at U.S. Immigration and Customs 
Enforcement (ICE).
    As in the previous year, the auditors reported in fiscal year 2012 
that the USCG did not have properly designed, implemented, and 
effective policies, procedures, processes, and controls related to its 
financial reporting process. The USCG used three general ledgers, 
developed more than a decade ago. This legacy system had severe 
functional limitations that affected its ability to address systemic 
internal control weaknesses in financial reporting, strengthen the 
control environment, and comply with relevant Federal financial system 
requirements and guidelines.
    The auditors also identified deficiencies that remained in some 
financial reporting processes at TSA. For example, there were weak or 
ineffective controls in some key financial reporting processes, in 
management's quarterly review of the financial statements, and in 
supervisory reviews over journal vouchers. In addition, TSA was not 
fully compliant with the United States Government Standard General 
Ledger requirements at the transaction level. In recent years, TSA 
implemented several new procedures and internal controls to correct 
known deficiencies, but some procedures still required modest 
improvements to fully consider all circumstances or potential errors. 
The control deficiencies contributed to substantive and classification 
errors reported in the financial statements and discovered during the 
audit.
    During fiscal year 2012, the auditors noted financial reporting 
control weaknesses at ICE, primarily resulting from expanded audit 
procedures for the full-scope financial statement audit. ICE had not 
fully developed sufficient policies, procedures, and internal controls 
for financial reporting. It also needed adequate resources to respond 
to audit inquiries promptly and accurately, and to be able to identify 
potential technical accounting issues. ICE faced challenges in 
developing and maintaining adequate lines of communication within its 
Office of Financial Management and among its program offices. 
Communication between financial managers and personnel responsible for 
contributing to financial reports was not sufficient to consistently 
generate clear and usable information. In addition, ICE did not have 
sufficient coordination with IT personnel, including contractors who 
were generating certain financial reports.
    The independent auditors made several recommendations to the USCG, 
TSA, and ICE to address these challenges.
  information technology controls and financial systems functionality
    IT general and application controls are essential to effective and 
reliable reports of financial and performance data.
    During the fiscal year 2011 financial statement audit, the 
independent auditors noted that the Department remediated 31 percent of 
the prior year IT findings. The most significant fiscal year 2011 
weaknesses included: (1) Excessive unauthorized access to key DHS 
financial applications, resources, and facilities; (2) configuration 
management controls that were not fully defined, followed, or 
effective; (3) security management deficiencies in the certification 
and accreditation process and an ineffective program to enforce role-
based security training and compliance; (4) contingency planning that 
lacked current, tested contingency plans developed to protect DHS 
resources and financial applications; and (5) improperly segregated 
duties for roles and responsibilities in financial systems. These 
deficiencies negatively affected internal control over DHS' financial 
reporting and its operation and contributed to the fiscal year 2011 
financial management and reporting material weakness.
    In fiscal year 2012, DHS made some progress in correcting the IT 
general and application control weaknesses identified in fiscal year 
2011. DHS and its components remediated 46 percent of the prior year IT 
control weaknesses, with CBP, the Federal Emergency Management Agency 
(FEMA), and TSA making the most progress in remediation. Although CBP 
and FEMA made progress in correcting their prior year issues, in fiscal 
year 2012, the most new issues were noted at these two components. New 
findings resulted primarily from new IT systems and business processes 
that were within the scope of the broadened fiscal year 2012 financial 
statement audit and were noted at all DHS components.
    The auditors noted many cases in which financial system 
functionality limitations inhibited DHS' ability to implement and 
maintain internal controls, notably IT application controls supporting 
financial data processing and reporting. As a result, on-going 
financial system functionality limitations contributed to the 
Department's challenge to address systemic internal control weaknesses 
and strengthen the overall control environment. In fiscal year 2012, 5 
IT control weaknesses remained and presented risks to the 
confidentiality, integrity, and availability of DHS' financial data: 
(1) Access controls; (2) configuration management; (3) security 
management; (4) contingency planning; and (5) segregation of duties. 
Several findings were related to the USCG's financial system 
functionality, including limitations that were preventing the USCG from 
establishing automated processes and application controls that would 
improve accuracy, reliability, as well as facilitate efficient 
processing of certain financial data. Financial system functionality 
limitations also contributed to other reported control deficiencies.
    The independent auditors recommended that the DHS Office of the 
Chief Information Officer, in coordination with the Office of the Chief 
Financial Officer, continue the Financial Systems Modernization 
initiative, and make necessary improvements to the Department's 
financial management systems and supporting IT security controls.
                     property, plant, and equipment
    DHS capital assets and supplies consist of items such as PP&E 
operating materials, as well as supplies, including boats and vessels 
at the USCG, passenger and baggage screening equipment at TSA, and 
stockpiles of inventory to be used for disaster relief at FEMA. The 
USCG maintains approximately 50 percent of all DHS PP&E.
    During fiscal year 2011, TSA, the USCG, CBP, and the Management 
Directorate (MGMT) contributed to a Departmental material weakness in 
PP&E. During fiscal year 2012, TSA and MGMT substantially completed 
corrective actions in PP&E accounting processes.
    In fiscal year 2012, the USCG continued to remediate PP&E process 
and control deficiencies, specifically those associated with land, 
buildings and other structures, vessels, small boats, aircraft, and 
construction in process. However, remediation efforts were not fully 
completed in fiscal year 2012. The USCG had difficulty establishing its 
opening PP&E balances and accounting for leases, primarily because of 
poorly-designed policies, procedures, and processes implemented more 
than a decade ago, combined with ineffective internal controls and IT 
system functionality difficulties.
    As in prior years, CBP had either not fully implemented policies 
and procedures, or it did not have sufficient oversight of its 
adherence to policies and procedures, to ensure that all PP&E 
transactions were recorded promptly and accurately, or to ensure that 
all assets were recorded and properly valued in the general ledger.
    In fiscal year 2012, ICE did not have adequate processes and 
controls in place to identify internal-use software projects that 
should be considered for capitalization. It also did not have adequate 
policies and procedures to ensure that assets acquired were recorded in 
the general ledger in a timely manner.
    The independent auditors made several recommendations to the USCG, 
CBP, and ICE to address these challenges.
                  environmental and other liabilities
    Liabilities are the probable and measurable future outflow or other 
sacrifice of resources resulting from past transactions or events. 
Internal control weaknesses reported in this area relate to various 
liabilities, including environmental, accounts payable, legal, and 
accrued payroll and benefits.
    In fiscal year 2012, the USCG's environmental liabilities 
represented approximately $500 million or 75 percent of total DHS 
environmental liabilities. Later in fiscal year 2012, the USCG 
completed the final phases of a multi-year remediation plan to address 
process and control deficiencies related to environmental liabilities. 
However, the USCG did not implement effective controls to ensure the 
completeness and accuracy of all underlying data components used to 
calculate environmental liability balances. The USCG also did not have 
documented policies and procedures to update, maintain, and review 
schedules to track environmental liabilities (e.g., Formerly Used 
Defense Sites) for which it was not primarily responsible at the 
Headquarters level. Additionally, the USCG did not effectively 
implement existing policies and procedures to validate the prior year 
accounts payable estimate.
    The independent auditors made recommendations related to 
environmental and other liabilities to the USCG.
                          budgetary accounting
    Budgetary accounts are general ledger accounts for recording 
transactions related to the receipt, obligation, and disbursement of 
appropriations and other authorities to obligate and spend agency 
resources. DHS has numerous sources and types of budget authority, 
including annual, multi-year, no-year, and permanent and indefinite 
appropriations, as well as several revolving, special, and trust funds. 
Timely and accurate accounting for budgetary transactions is essential 
to managing Department funds and preventing overspending.
    In fiscal year 2012, the USCG implemented corrective actions plans 
over various budgetary accounting processes; however, some control 
deficiencies reported in fiscal year 2011 remained, and new 
deficiencies were identified. The USCG had not fully implemented 
existing policies, procedures, and internal controls to ensure that 
obligations were reviewed and that approved and undelivered order 
balances were monitored to ensure their timely deobligation when 
appropriate. It also did not have fully implemented policies, 
procedures, and internal controls over the monitoring of reimbursable 
agreements, and related budgetary unfilled customer orders, to ensure 
activity, including closeout and deobligation, as appropriate, was 
recorded timely and accurately. The component did not have sufficient 
policies and procedures for recording the appropriate budgetary entries 
upon receipt of goods, and prior to payment.
    Although FEMA also continued to improve its processes and internal 
controls over the obligation and monitoring process, some control 
deficiencies remained. The component did not effectively certify the 
status of its obligations to ensure validity prior to fiscal year end. 
It could not readily provide all supporting documentation for 
obligations and deobligations made during the year and for undelivered 
orders audited at June 30, 2012 and September 30, 2012. FEMA also did 
not properly review budgetary funding transactions recorded in the 
general ledger. It did not timely and effectively complete management 
reviews over the monthly reconciliations of the SF-132, Apportionment 
and Reapportionment Schedule, to the SF-133, Report on Budget Execution 
and Budgetary Resources.
    As the financial service provider, ICE is responsible for recording 
budgetary transactions, and it administers budgetary processes across 
different types of funds at the National Protection and Programs 
Directorate, the Science and Technology Directorate, MGMT, and the 
Office of Health Affairs. In fiscal year 2011, ICE identified and began 
remediating deficiencies in the financial management system that 
impacted accounting transactions, such as posting logic related to 
adjustments of prior year unpaid, undelivered orders. In fiscal year 
2012, ICE continued to address these issues with certain types of 
obligations.
    MGMT is responsible for the operations and financial oversight of 
several programs including the DHS Working Capital Fund, which provides 
shared services to DHS agencies. In fiscal year 2012, MGMT recorded 
several corrective adjustments that were indicative of deficiencies in 
internal controls over financial reporting at the process level. MGMT 
lacked effective controls to monitor undelivered order balances to 
deobligate or adjust undelivered order balances on a timely basis. 
Internal controls were not properly designed to adequately monitor 
unfilled customer order balances, related to both the Working Capital 
Fund and non-Working Capital Fund activity.
    The Federal Law Enforcement Training Center budgetary reporting 
process was within the scope of the fiscal year 2012 audit, and, as a 
result, new control deficiencies were identified. Management did not 
have controls in place to perform a thorough review of the fiscal year 
2012 unfilled customer order beginning balances related to reimbursable 
construction, to ensure that beginning balances were properly recorded.
    The auditors made recommendations to address deficiencies at the 
three DHS components, as well as at MGMT and the training center.
                               conclusion
    In fiscal year 2012, DHS received a qualified opinion on its 
financial statements. Improvements were seen at various components. For 
example, USCIS corrected control deficiencies in financial reporting 
that contributed to the overall material weakness. Likewise, TSA made 
significant progress in addressing PP&E, removing its contribution to 
the Department's material weakness. The USCG also continued to make 
financial reporting improvements in fiscal year 2012, by completing its 
planned corrective actions over selected internal control deficiencies. 
These remediation efforts allowed management to make new assertions in 
fiscal year 2012 related to the auditability of its financial statement 
balances. In addition, management was able to provide a qualified 
assurance of internal control over financial reporting in fiscal year 
2012.
    According to DHS' Office of Financial Management, in fiscal year 
2012, there was improved access to and better quality of financial 
management information. The Department implemented business 
intelligence tools to help organize, store, and analyze data more 
efficiently. According to the Office of Financial Management, the 
Department was able to take information from individual budgets and 
display it for the enterprise, allowing views of DHS' budget allocation 
by mission area. Additionally, the Department reported it was 
developing the Decision Support Tool to help compile Department-wide 
program cost information and to provide a central dashboard with key 
indicators, such as cost, funding, and schedule, to assess and track 
the health of acquisitions.
    Sound financial practices and related management operations are 
critical to achieving the Department's mission and to providing 
reliable, timely financial information to support management decision 
making throughout DHS. The Department has demonstrated its commitment 
to improving its practices and operations. It continued to make 
progress in fiscal year 2012, but needed to address some concerns to 
avoid losing momentum and to achieve the reachable goal of a clean 
opinion in fiscal year 2013. OIG, in turn, will continue to conduct 
financial statement audits and make recommendations to help DHS meet 
its challenges and ensure proper stewardship of taxpayer dollars.
    Mr. Chairman, this concludes my prepared statement. I welcome any 
questions you or other Members of the subcommittee may have.

    Mr. Duncan. Thank you so much.
    Members are reminded that first votes are expected on the 
floor about 10:30, so we are going to try to get through as 
many questions. I am going to adhere to the 5-minute rule as 
strictly as possible.
    Mr. Barber. Mr. Chairman, before you begin the questions, 
could I just ask unanimous consent that our colleague, 
Representative Jackson Lee, be allowed to sit in on the panel? 
She is a Member of the full committee, and she is here, or was 
here a moment ago, and she will be back.
    Mr. Duncan. Without objection, so ordered.
    So I now recognize myself for 5 minutes.
    First off, I ran a business for 16 years, and I can say 
that financial management and bookkeeping and accounting was 
not my favorite thing, but I had to do it. I had to do it to 
comply with the bank's requirements for audited financial 
statements. I had to comply with the IRS rules and tax filings. 
There were a lot of great tools out there for small businesses.
    So this is an interesting topic to me, but I also 
understand the frustration of bringing these 22 legacy agencies 
together and trying to mirror up and match up the accounting 
principles and assets that might be on the books, depreciation, 
replacement, all while trying to secure our Nation.
    So let me just delve right into the questioning. In its 
report on DHS financial management released yesterday, the GAO 
cited that DHS still lacks sound internal controls over 
financial reporting. This could inhibit DHS's ability to 
efficiently manage its operations and provide timely financial 
information for senior decision-makers.
    Mr. Fulghum, can you detail for the subcommittee what 
efforts you have undertaken to correct the internal controls 
that DHS has addressed in the GAO report and what further 
efforts the Department intends to make?
    Mr. Fulghum. Thanks, sir. Absolutely. The 5 material 
weaknesses that Mr. Khan referenced are in the report. I would 
remind everyone that back in 2005 we had 18 material 
weaknesses. We have brought that down to 5.
    What we are doing about it is, first of all, we have 
sound--we have developed sound practices and policies in place. 
So the first thing you have do is have sound policies and 
practices. Then you need aggressive engagement, so we have 
established process review teams across components to address 
these issues, as well as senior engagement. We have an internal 
progress review chaired by the under secretary for management 
that meets quarterly, reviews these issues, reviews the action 
plans that we have in place.
    Because that is the key. You do root-cause analysis of 
these issues, you develop action plans, you hold people 
accountable, and you measure progress. That is exactly what we 
are doing.
    We expect when the audit is complete in 2013 to have less 
than 5 material weaknesses. We believe our multi-year effort is 
on track to eliminate those material weaknesses by 2016.
    Mr. Duncan. Okay.
    Ms. Richards, do you believe the Department is doing enough 
to address the previous IG GAO recommendations?
    Ms. Richards. In my opinion, the Department is working very 
hard to address those issues and certainly is putting forth 
every effort. It is too early to say what this year's audit 
results will be.
    Mr. Duncan. Okay.
    Mr. Khan.
    Mr. Khan. I mean, we certainly recognize the progress that 
DHS has made.
    I want to refer to something that Ms. Richards mentioned in 
her testimony, was the qualified assurance that was made by DHS 
management. Before they made a qualified assurance in 2012, 
there was a lack of assurance over internal controls. As a 
result, new areas are going to be uncovered by future audits, 
and there may be additional internal-control weaknesses which 
would need to be addressed. That is one issue.
    The other issue that Ms. Richards mentioned was the issue 
of business systems modernization. That is also essential to 
addressing the internal-control problems at DHS.
    Mr. Duncan. Mr. Fulghum, do you think the IT issues that 
DHS has experienced have played a part in integrating some of 
the accounting practices and financial management practices?
    Mr. Fulghum. Absolutely. We have some basic IT challenges 
because we have outdated systems, so you have access issues, 
you have configuration management issues, day-to-day things, 
what I call basic blocking and tackling, when it comes to IT. 
As Mr. Khan said, the key to that is modernizing our systems. I 
believe--firmly believe we have a sound plan in place to do 
that.
    Mr. Duncan. The reason I ask that is, as I understand from 
briefing before this hearing about some of the data calls that 
managers are having to make just to get--it seems very time-
intensive and labor-intensive to do this stuff manually, when I 
believe the systems are out there for real-time data management 
with regard to that.
    So do you care to further elaborate on what you are doing 
to address that?
    Mr. Fulghum. Yes, sir. We have eliminated a lot of manual 
data calls. We have made a lot of progress with our business 
intelligence tool that reaches in and grabs information, and we 
are able to do that. We are able to produce a monthly execution 
report now in an automated fashion.
    We are not as happy as we would like to be about the 
timeliness of that report, and we are working to drive the 
timeliness of that down, as you noted. But we are making good 
progress, and we are doing it through the use of business 
intelligence and our CFO horizon tool.
    Mr. Duncan. Okay.
    Mr. Fulghum. But I share your concern. As the Budget 
Director, I don't like manual calls, data calls, any more than 
anyone else.
    Mr. Duncan. Right. Well, going forward, I would just ask 
that you keep us up-to-date on the progress being made there. I 
think that is very, very important.
    My time has expired. I will recognize the gentlemen from 
Arizona, Mr. Barber, the Ranking Member.
    Mr. Barber. Thank you, Mr. Chairman.
    My first question is for Mr. Fulghum.
    First of all, I want to, I think, congratulate or maybe 
commiserate with you for taking this daunting task on. It is 
important that we get it done and get it done properly.
    As was stated earlier, we know that at least two major 
attempts to fix the financial systems failed, and a lot of 
money was wasted, quite frankly, on those efforts. So I want to 
focus on this effort and to see what is different about it.
    You formulated within the Department a time line for each 
component to get the financial system in order. So my questions 
are--I will throw them all out to you at once and see if you 
can help me with the answers.
    First of all: How and who developed these time lines? How 
were the components prioritized for first, second, and third, 
and so on, in terms of the priority for getting the job done?
    Is the current schedule on time--modernization effort on 
time?
    Really importantly, because this goes to the issue of what 
happened twice before, who is overseeing the modernization 
process? Who will be held accountable within those components 
if it is not done timely? We cannot have another failure, and I 
think you would agree.
    So could you respond to those questions?
    Mr. Fulghum. Yes, sir. If I don't get them all, you will 
help me.
    Mr. Barber. Yeah.
    Mr. Fulghum. So, how did we go about doing it? How did we 
prioritize? We did mission needs. We looked at the capabilities 
of each of our financial management systems; we looked at the 
gaps. Based on some criteria that was established, we said, 
this is the worst, this is the next-worst, so on and so forth. 
So that is how we established a priority as to who went first, 
who goes second, who goes third, et cetera.
    As far as the schedule goes, the schedule is tight. I will 
be the first to admit that the schedule is aggressive. We 
believe it is achievable.
    The biggest concern I have about the schedule is the 
resourcing of it. I say that because in the 2014 budget we have 
asked for nearly $30 million. Both the House and the Senate 
have supported that, but yet it is unclear whether we will get 
an appropriations bill or not. So, given that, we have to 
develop some alternative means should that not materialize. So 
what concerns me most about the schedule is the resourcing of 
it.
    What else?
    Mr. Barber. The question about accountability. Obviously, 
in your position, you are overseeing the whole project. Where 
does accountability rest in each of the component parts to make 
sure we don't have another failure?
    Mr. Fulghum. So, what I would start with is to tell you 
that this project has the support of the leadership in DHS as 
well as the components. We have an excellent partnership with 
both OMB and the Treasury Department.
    We have an engaged oversight process. The Office of the 
Under Secretary for Management established an executive 
steering committee that I am the chairman of, where we have 
representation from both the CIO community as well as the 
procurement community, because we need those partners, as well 
as every CFO within DHS.
    It is just one of the most engaged executive steering 
committees I have ever been a part of. I would say, No. 1, we 
are holding each other accountable, but, obviously, as the 
chairman of that group, I am the one that is ultimately 
accountable in the financial management community. I am 
extremely confident that we are on the right path and that we 
are going to get there with this initiative.
    Mr. Barber. Thank you for that response.
    I would like to ask Mr. Khan to comment on an issue that 
you raised that I think is pretty crucial to success not only 
in this area but across the Department. I think we all know 
that about 40 percent of the senior management positions in DHS 
are currently vacant, held by an acting or interim director or 
assistant secretary.
    Mr. Khan, as you look at that from the outside, from GAO's 
perspective, what impact does that level of management vacancy 
have on the ability to get this job done?
    My concern is this: We have already had two failures, and 
now we have a whole bunch of folks who may not be there 6 
months to a year from now. We are still waiting for a 
Secretary. How does that impact on the ability to get a job 
done in this circumstance and to hold people accountable?
    Mr. Khan. I can respond to that question in general. What 
we have seen at other agencies, there is always a concern when 
there is turnover at senior management, so it is crucial to 
have these practices institutionalized. So there is a concern 
that, given this turnover in vacancies, that they will be 
followed through in terms of many of the action steps which are 
necessary for financial management.
    As far as systems modernization is concerned, we have 
reflected in our report that they follow best practices. There 
were a couple of areas where we feel they need to be 
strengthened. One was a transition plan, and the other one was 
the target state. These two steps were defined and make it much 
more transparent as to what the goal is for the agency and the 
specific steps how to get there. Once those have been clearly 
laid out, then there will be more accountability and follow-
through.
    Mr. Barber. Thank you, Mr. Khan.
    My time is up. I yield back.
    Mr. Duncan. The Chairman will now recognize the Ranking 
Member, the gentleman from Mississippi, Mr. Thompson, for 5 
minutes.
    Mr. Thompson. Thank you very much, Mr. Chairman.
    Mr. Khan, on at least four different occasions, the 
Department had been in violation of the Antideficiency Act, 
that I am aware of. Can you provide any direction as to how you 
think the Department can come into compliance with this?
    Mr. Khan. In our work, we did not review the Antideficiency 
Act violations for the Department, but, in general, this is 
part of funds control and accountability. Having stronger 
internal controls that we have talked about earlier on will go 
a long way to making sure that management has reliable and 
timely information.
    Antideficiency violation occurs when there is time, 
purpose, and amount violations of the appropriations. Having 
strong funds control and internal controls will go a long way 
to prevent these violations from occurring.
    Mr. Thompson. Mr. Fulghum, were you aware of these 
violations?
    Mr. Fulghum. Yes, sir.
    Mr. Thompson. Can you just kind of tell us what are you 
trying to do to come into compliance?
    Mr. Fulghum. Well, in addition to what Mr. Khan said--
internal controls are extremely important and vital--the best 
prevention is education and training.
    So what have we done about it? We are about to roll out an 
on-line training course and make that available to all resource 
managers. We have partnered with the procurement community 
because they are an integral part of this, as far as our 
training efforts. We have brought our general counsel to 
symposiums and conferences where we have had this topic 
discussed. We have even had folks who were a part of the 
Antideficiency Act violation come in and talk about the lessons 
that they learned, what they did wrong, what could have helped 
them to avoid this.
    So, to me, one of the keys is an aggressive education and 
training program, and we are doing that at DHS.
    Mr. Thompson. Well, and that is good. Are these training 
offerings required for employment in the respective positions?
    Mr. Fulghum. Basic fiscal law and things of that nature are 
a requirement in terms of refresher-type training, yes, sir.
    Mr. Thompson. You indicated to us that you are preparing 
courses to be on-line----
    Mr. Fulghum. Yes, sir.
    Mr. Thompson [continuing]. For people. Are those on-line 
courses required training for employees?
    Mr. Fulghum. They should be, but let me check and confirm 
that. But they should be a part of their certification process, 
yes, sir. Basic fiscal law, those things should be a part of--
--
    Mr. Thompson. Can you provide the committee with whatever 
the certification requirements are for those employees----
    Mr. Fulghum. Yes, sir.
    Mr. Thompson [continuing]. You are talking about?
    Mr. Fulghum. Yes, sir.
    Mr. Thompson. What period of time they are required to 
complete that certification?
    Mr. Fulghum. Yes, sir.
    Mr. Thompson. As well as how many have completed it and how 
many are still left to complete it.
    Mr. Fulghum. We will get that information for you.
    Mr. Thompson. Thank you.
    Ms. Richards, one of the things we are concerned about and 
we hear about, the failing financial management systems. What 
impact do you see that those failing systems could have on the 
security of our Nation?
    Ms. Richards. Well, I think that it has already been 
described very well that when the financial systems are not 
providing good information it is difficult to make decisions on 
how to spend the money and where to put your resources.
    We recently did an audit on radio equipment. Some of the 
components had equipment that other components needed, but 
because the financial--because the systems weren't compatible 
and recording information the same way, that information 
couldn't be exchanged. So----
    Mr. Thompson. In other words, they didn't know.
    Ms. Richards. That is right. The left hand didn't know what 
the right hand had even though they needed it. So officers 
might have had to go without a radio or they might be borrowing 
radios between shifts.
    So when the systems, including the financial systems, don't 
speak to one another, don't exchange information, don't provide 
accurate data that can be translated into information by 
managers, decisions are being made with less than optimal 
information, which can lead to wrong decisions, wrong 
investments, and increased risk.
    Mr. Thompson. So, Mr. Fulghum, is your testimony that this 
new systems modernization will resolve the issue we just shared 
with from Ms. Richards?
    Mr. Fulghum. What the system will do is--one of the 
requirements of the system is to have a common account 
structure, which is what she is talking about. Today, if you 
look at how the Department gathers and reports information, we 
do it basically by appropriation, project and activity and 
object class. What she is referring to is the next couple 
levels of detail down. So one of the requirements that we have 
within our Financial Systems Modernization initiative is a 
common account structure, where we are building more 
granularity into the financial data so that we can do exactly 
what she is talking about.
    Mr. Thompson. Thank you.
    I yield back, Mr. Chairman.
    Mr. Duncan. I thank the Ranking Member.
    I will now go to the gentleman from big sky country, 
Montana, Mr. Daines, for 5 minutes.
    Mr. Daines. Thank you, Mr. Chairman.
    Like the Chairman mentioned when he had his opening 
remarks, I spent 28 years in the private sector, 13 years with 
a Fortune 20 company, 12 years launching a start-up, took it 
public and so forth, and have had a deep appreciation for the 
good financial metrics and general accounting practices.
    But I also recognize the fact that--and maybe to use the 
football analogy that was going back and forth between the 
Tigers and the Bulldogs here, is that having a great scoreboard 
and having a great staff department, while necessary, is not 
sufficient to make sure you have a winning program. Ultimately, 
it comes down to execution with the coaches and the teams. It 
is not just about tracking the numbers. It is also about 
delivering wins versus losses, and particularly to think about 
the title of this hearing, which is ``Stewardship of Taxpayer 
Dollars.''
    So I am going to pivot over, perhaps, to a little different 
area, and that is getting into performance. Maybe for Mr. 
Fulghum--again, thank you for being Acting CFO there at DHS. 
But do you have a performance review annually at DHS?
    Mr. Fulghum. We do quarterly mission performance reviews 
with the Deputy Secretary.
    Mr. Daines. But you, personally, do you have a quarterly 
performance review then?
    Mr. Fulghum. So, as a part of that process, as we go up the 
line, yeah. I think, if I understand your question right.
    Mr. Daines. Sure. What are the top two or three metrics 
that you are evaluated on for your own performance?
    Mr. Fulghum. So, as far as execution of dollars, obligation 
rates from a chief financial officer, and where I was before, a 
budget director, obligation rates, things of that nature are 
things which you are referring to?
    Mr. Daines. Sure. Just, I mean, if you think about what 
your boss will be evaluating your performance on, what would be 
the top three metrics in terms of you being successful or not 
in your job?
    Mr. Fulghum. Our spend rates, things of that nature, 
measuring our spend rates against our projections in terms of 
what we, as a department, expected to spend and deviations.
    Mr. Daines. Are you incentivized to spend under your 
budget?
    Mr. Fulghum. We are incentivized to make the most of every 
taxpayer dollar.
    Mr. Daines. But let me ask a question. Is there incentive 
for you to spend less than your budget?
    Mr. Fulghum. What I would say again is there is an 
incentive for me to make the most out of every taxpayer dollar.
    Mr. Daines. But the question is, if you had a budget of X 
and you came in several million dollars below that for your 
results, are you incentivized to come in well below your budget 
or are you incentivized to spend your budget?
    Mr. Fulghum. Well, I guess what I would say is, in the 
appropriations provisions, there is the ability in some 
accounts to not spend all the dollars in the first year. So 
there is that ability.
    Mr. Daines. So what incentives exist for you, as you wake 
up every morning here, as I look at this, to be a steward of 
the taxpayer dollars, to try to spend less than what has been 
budgeted?
    Mr. Fulghum. Well, as a public servant, I have dedicated 
myself to looking to find and get the most out of every 
taxpayer dollar and to drive efficiencies across the 
Department, which the Department has done.
    Mr. Daines. Right. But, again, are there any--and I 
appreciate the laudable goal, but I am getting back to, as we 
think about the culture in the organization, when it is a $60 
billion organization, 240,000 employees, and maybe pivoting 
over to the line managers who are accountable for budgets, are 
there incentives for them to think about how they can spend 
under their budget?
    I am asking, are there incentives so that those who do 
spend less that their budgets are promoted and progress faster 
than others?
    Mr. Fulghum. I am not aware of incentives. There may be 
incentives out there that you are describing, but I am not 
aware of them.
    Mr. Daines. Maybe specifically, do you see any kind of 
additional spending that occurs in the agency the last week or 
2 of the fiscal year?
    Mr. Fulghum. What I see is folks who are working and are 
dedicated to spending dollars that they have for needed 
requirements. When they get dollars late in the fiscal year, 
they have to spend those dollars to keep programs on track. A 
lot of times that occurs later in the fiscal year.
    Mr. Daines. Let me ask you another question. Is there a 
culture of you need to spend your budget or potentially lose it 
if you don't?
    Because as somebody who has watched the Federal Government 
operate in the private sector and selling to it, anybody out 
there who does that knows the best week to sell to the Federal 
Government is the last week of the fiscal year, because we know 
they are incentivized to spend their budgets or to lose them.
    Is that part of the culture in DHS?
    Mr. Fulghum. No, sir.
    Mr. Daines. So you don't see any accelerated spending in 
the last week or 2 because of that?
    Mr. Fulghum. I see additional spending, but, again, it is 
for a variety of factors, to include the fact that there is 
typically a pretty uncertain budget environment going year to 
year, and so when you finally do get the resources, you have to 
expedite the spending of those resources to keep things on 
track.
    Mr. Daines. Okay.
    Last--I know we are running out of time here, though--are 
those managers and public servants in the organization that 
find ways to spend less money, are they rewarded?
    Mr. Fulghum. Absolutely. They are rewarded and recognized.
    Mr. Daines. Are those the folks who are progressing, who 
are spending less than their budgets?
    Mr. Fulghum. I can't give you specific examples of that, 
but I know that that is a part of the culture of the 
Department, looking to find the most and make the most out of 
every resource.
    Mr. Daines. Okay. Thank you.
    Mr. Duncan. The gentleman is recognized, from Texas, Mr. 
O'Rourke, for 5 minutes.
    Mr. O'Rourke. Thank you, Mr. Chairman.
    I am hoping the panel can address a concern I have about I 
guess what I would describe as inertia in spending practices 
and in projects that, by a measure of common sense and 
certainly a measure of return on investment, just don't seem to 
make sense. I will give you a specific example to El Paso, the 
community I represent, and then a much larger example.
    The specific example is CBP is about to proceed with 
building a half-mile extension of the border wall in our 
community in a place where we don't want that built. It is the 
most historic crossing along the U.S.-Mexico border. The first 
European road was built there. The first Thanksgiving was 
celebrated on the shores of the Rio Grande there. Our community 
is the safest city in the United States today, and we enjoy an 
operational control rating of 93 percent, when the goal is 90 
percent. But when I talk to the folks at CBP, this has been in 
the works for 3 or 4 years. The ball has been rolling for too 
long; it is too hard to stop now.
    That is a small example compared to my other one, which is 
SBInet. You know, initiated in 2006; I think the plug was 
pulled in 2010. Hundreds of millions of dollars committed and 
ultimately wasted on a failed program to militarize and secure 
the border using unproven technologies, with too much 
discretion given to the contractor.
    I want to know from the panel--and I would like to start 
with Ms. Richards and then go to Mr. Khan and then Mr. 
Fulghum--what controls are in place now to prevent that kind of 
inertia in spending, to provide the backstop and the check in a 
more immediate fashion so that we don't spend or proceed or 
build things that we don't need, don't want, and are a waste of 
taxpayer dollars?
    Ms. Richards. Thank you, sir. That is a very good question. 
I have to say that it is entirely reliant on management 
controls and management discretion. The information to 
calculate a return on investment in real time is dependent on 
the different programs. Some programs have better information 
than others. We do still see that problem in programs that we 
are auditing, and it is a very big concern for us.
    Mr. Khan. Part of this problem is a policy issue. I really 
cannot address that. But, again, from an accounting, financial 
management, internal controls, a strong internal control 
process, governance process is going to go a long way, at least 
to give visibility to these issues.
    With that respect, the new guidance that OMB has, and that 
really pertains to financial system modernization, that may be 
an example which could be considered, which says to implement 
systems in smaller increments and not move forward till they 
are proved. In such an environment, it is critical to have 
strong project management as well as management oversight. 
Strong management oversight may prevent some of the symptoms 
that you have just described.
    Mr. O'Rourke. I guess for Mr. Fulghum, are there checks now 
that would prevent something like SBInet from happening, in 
terms of the contracting, in terms of some kind of periodic 
check on progress and value versus dollars spent, quarterly, 
annually, biannually, so that it is not 4 years down the line, 
hundreds of millions of dollars wasted?
    Mr. Fulghum. Absolutely. What you are describing is our 
acquisition review process, our acquisition review board that 
the Under Secretary for Management chairs. It brings programs 
in periodically as milestones are coming and reviews progress 
and provides the management oversight that Mr. Khan is talking 
about.
    Mr. O'Rourke. Thank you.
    I yield back.
    Mr. Duncan. All right.
    Members are advised votes have just been called, but 13:14 
is left on the clock, so we have time.
    The Chairman will recognize the gentlelady from Texas, Ms. 
Jackson Lee, 5 minutes.
    Ms. Jackson Lee. Mr. Chairman, thank for your courtesies. 
To the Ranking Member, thank you very much for your courtesies. 
This is a very important hearing and certainly one that I hope 
we will continue to address.
    Let me just make one statement, Mr. Chairman and Ranking 
Member, because I know that we have been doing this, and I 
think it is important. I am not sure whether any of these 
individuals can--I won't put it in the context of a question, 
but I will put it in the context of getting a report back.
    There was a news report this morning that the fallen TSA 
officer had to wait 33 minutes for emergency services. I 
believe we, the American people, are due a report, whether that 
was a local issue or what issue it might have been, whether it 
is factual, but it certainly is outrageous and appalling.
    I would appreciate just on the record to maybe seek from 
the Department of Homeland Security a report of TSA on the 
accuracy of that and the determination as to why that occurred 
and that that would never, ever happen again. We hope we don't 
see a fallen officer of any kind, but I am just stunned and 
shocked and trying to determine whether that is accurate. I 
just wanted to----
    Mr. Duncan. The Chairman will ask the report to be sent to 
the committee. We will disseminate it to the Members.
    Ms. Jackson Lee. I thank the Chairman very much.
    Let me move to Mr. Khan. The financial management within 
the Department is divided between the Department's chief 
financial officer and the component chief financial officers. 
Does this structure inherently create blurred lines of 
responsibility and accountability between the Department and 
its component agency financial offices?
    I have a follow-up question.
    Mr. Khan. It can. It can create a blur like you are 
mentioning, Madam. But from what I understand at DHS, they have 
a pretty clear line of responsibilities. The Departmental or 
the component CFOs report to the Department CFOs. So there is a 
clear line of reporting and accountability.
    Ms. Jackson Lee. Well, does that mean that--and do you 
contract--well, let me--Mr. Fulghum, does DHS contract out its 
auditing and accounting responsibilities? Do you have 
contractors that are handling it? So if it is TSA, is that 
chief financial officer getting a contractor to do the work?
    Mr. Fulghum. I am not familiar with the specifics of TSA. I 
know for the IG, they have a contract audit firm that audits 
us.
    Ms. Jackson Lee. I am sorry, pardon me?
    Mr. Fulghum. Right?
    Ms. Richards. Yes, ma'am, the actual financial statement 
audit is conducted by the accounting firm KPMG, and we contract 
with them to do that work.
    Ms. Jackson Lee. Well, so that is what I--let me do this. 
Can I ask for you to give this committee a list of all of the 
auditing and/or accounting contracts that DHS has at this time? 
Does anybody have a list now or know?
    Mr. Fulghum. I don't have a list, but we will get one for 
you.
    Ms. Jackson Lee. Because you don't know whether or not 
Customs has one or ICE has a different one?
    Ms. Richards. Ma'am, all of the components, to my 
knowledge, have their own in-house accounting personnel. Most 
also have contracts with some of the leading accounting firms 
for support, particularly in the area of internal controls.
    Ms. Jackson Lee. I think it would be very important, 
because different accounting firms have different practices. 
What I am hearing, just in general, is the need for order, 
consistency, systems that work together, which is what I 
perceive from GAO's report.
    Let me ask again about something that we have expressed an 
interest, on minority/woman-owned businesses. Is that a 
separate entity in terms of seeking to make sure that there is 
that kind of balance? Do you audit how many MWBs you have? Do 
you, in the course of auditing or accounting services, such as 
the entity that you have, KPMG, do you assure that there is 
diversity there? Do you have a smaller firm working with you? 
Are smaller firms maybe more effective when they are doing 
finite work or minute work?
    Ms. Richards.
    Ms. Richards. Ma'am, our office has done a number of 
audits, a small number, but some audits on the Department's 
achieving and trying to achieve their small-business and 
minority-business goals.
    The contract that we have with KPMG is competitively-
awarded. We do not look specifically at their minority 
representation when we evaluate the people that are getting put 
on the contract. We are looking at their qualifications first.
    We can get you some additional information on the audits 
that have been conducted on those goals and how the Department 
is addressing them.
    Ms. Jackson Lee. Mr. Chairman, the only thing is if we have 
1 second for the gentleman, Mr. Fulghum, to answer.
    Do you have an answer, sir? I will be finished.
    I thank the Chairman for his indulgence, and I thank the 
committee for their indulgence.
    Mr. Fulghum. As it relates to small business, we have an 
office within DHS that tracks those goals and can provide you 
with additional information.
    Ms. Jackson Lee. All right. Well, I thank you, and I hope 
that this committee will continue its very fine work. I think 
we have some real questions about the utilization--not the 
utilization, but the recording or the assessing of the 
expenditures. I hope that we can continue to work with DHS to 
help you use these resources and to be better in the accounting 
for such. I know there are fine public servants there, but I 
think this is great work that the committee is doing.
    I yield back to the gentleman.
    Mr. Duncan. I thank the gentlelady from Texas and thank the 
witnesses. This is a valuable hearing for us. We need to keep 
in mind, this isn't DHS's money, it is not the United States 
Government's money, it is the taxpayers' money before it is 
taken in taxes and allocated out based on the acts of Congress. 
So, if we keep that in the forefront of our minds, that we are 
expending the money of hardworking American families, I think 
we will be better off.
    But I thank you for your valuable testimony, the Members 
for their great questions today.
    The Members of the subcommittee may have additional 
questions for the witnesses, and we ask that you respond to 
those in writing.
    Due to votes, without objection, the subcommittee stands 
adjourned.
    [Whereupon, at 10:39 a.m., the subcommittee was adjourned.]


                            A P P E N D I X

                              ----------                              

        Questions From Chairman Jeff Duncan for Charles Fulghum
    Question 1. OMB memo 13-08 states that ``agencies must consider, as 
part of their alternatives analysis, the use of a Federal Shared 
Services Provider (FSSP) with respect to all new agency proposals for 
core accounting and mixed system upgrades. Analysis should not be 
limited only to an evaluation of commercial SSPs. Instead, the 
preferred approach is for an agency to evaluate solutions offered by 
both FSSPs and commercial SSPs as part of a robust market research 
process. In order to determine the best value source, each agency is 
expected to develop an appropriately detailed alternatives analysis of 
SSP solutions based on their needs, risk performance and cost.''
    Mr. Fulghum, can you describe the process used to obtain approval 
from OMB for DHS or the components to use a Commercial Shared Services 
Provider and if the Department interpreted this memo as a requirement 
to use a Federal Shared Services Provider?
    Answer. In accordance with OMB memo 13-08, all DHS components 
pursuing financial systems modernization initiatives are developing an 
alternatives analysis that includes both Federal and commercial Shared 
Service Providers (SSPs). After Departmental review, DHS will provide 
analysis to the Department of the Treasury's Office of Financial 
Innovation and Transformation (FIT) for their and OMB's concurrence on 
the approach. Per the FIT Agency Modernization Evaluation (FAME) 
process, the components will next enter into a discovery phase with a 
Federal Shared Service Provider. DHS will continue to follow the FAME 
process if a Federal SSP is not deemed to be the best option and 
perform additional exploration of commercial SSPs.
     For the U.S. Coast Guard (USCG), Transportation Security 
Administration (TSA), and Domestic Nuclear Detection Office (DNDO), and 
the Federal Law Enforcement Training Centers (FLETC) DHS provided their 
alternatives analysis to FIT and additional information as requested by 
Treasury. FIT then provided a recommendation to OMB pertaining to USCG, 
TSA, and DNDO to proceed with a discovery phase. FIT provided a 
recommendation to OMB for FLETC to proceed with a technical refresh of 
its financial system.
    Before the issuance of OMB memo 13-08, for the Office of Health 
Affairs (OHA) and the Federal Emergency Management Agency (FEMA), DHS 
provided their alternatives analysis and additional information as 
requested by OMB and Treasury. FEMA obtained concurrence from OMB and 
Treasury on a technical refresh of their financial system. OHA obtained 
concurrence to proceed with their migration to a DHS internal shared 
service provider, Customs and Border Protection (CBP).
    Question 2. Is it true that DHS is planning to move to the 
Department of Interior FSSP? If so, what makes the Interior FSSP a good 
alternative for DHS?
    Answer. At this time, none of DHS's components have made the final 
decision to move to the Department of Interior (DOI) Federal shared 
service provider (FSSP). In accordance with the Department of the 
Treasury's guidance, DHS will first complete a discovery phase with a 
FSSP before signing a final agreement.
    DHS has executed an Interagency Agreement with DOI to complete a 
discovery phase for the U.S. Coast Guard, Transportation Security 
Administration, and Domestic Nuclear Detection Office. The discovery 
phase began in September 2013 and will conclude in April 2014. DHS will 
use the results of the discovery phase to determine whether DOI is 
suitable to provide financial management services to those three DHS 
components.
    Question 3. What ``appropriately detailed alternatives analysis'' 
are DHS and the components using as part of this decision-making 
process?
    Answer. Each DHS component pursuing financial systems modernization 
is developing an alternatives analysis that uses a systematic analytic 
and decision-making process to identify and document the optimal 
alternative to satisfy an identified mission capability gap. Each 
alternatives analysis involves extensive market research of both 
Federal and commercial shared service providers, including cost, risk, 
feasibility, effectiveness, suitability, and life-cycle cost for each 
viable alternative.
    DHS components are developing alternative analyses for financial 
systems modernization that adhere to the policies, standards, 
guidelines, and directives prescribed by the DHS Management Directive 
102 and support compliance with the Federal Acquisition Regulations 
(FAR).
    Question 4. What is DHS doing to leverage proven Shared Service 
Provider (SSP) Financial Management solutions currently in place at 
other Federal agencies? How will DHS assess systems used by other 
Federal agencies (such as through pilot programs or other means)?
    Answer. DHS has been assessing Shared Service Providers (SSPs) and 
financial management systems through extensive market research from 
surveys and system demonstrations over the past 3 years. Market 
research was performed on Federal SSPs, commercial SSPs, and other 
Government agency financial management solutions.
    DHS compiled and assessed data from the OMB-designated Federal 
SSPs, commercial SSPs, and over 15 Government agencies including 
Department of Justice, Department of Energy, General Services 
Administration, Nuclear Regulatory Commission, Bureau of Engraving and 
Printing, Department of the Treasury, Social Security Administration, 
Department of Housing and Urban Development, Department of Health and 
Human Services, National Aeronautics and Space Administration, 
Department of Agriculture, Department of Transportation, Department of 
the Interior (DOI), Department of Labor, Bureau of Public Debt, among 
others. This data has helped to inform and guide DHS leadership while 
planning the way forward for financial system modernization.
    DHS also worked closely with Treasury's Office of Financial 
Innovation and Transformation (FIT) to identify any additional SSPs. 
DHS will utilize the discovery phase with a Federal SSP to assess the 
viability of a Federal SSP's solution for DHS components.
    Question 5. To what extent do FSSPs have the capability and 
capacity to handle the financial management requirements of the unique 
DHS component agencies?
    Answer. OMB Memo 13-08 states, ``OMB and Treasury will help ensure 
each agency's future financial system needs are met by supporting the 
expansion of FSSP offerings and capabilities. We recognize that, to be 
able to meet agency needs, the FSSPs will need to enhance service 
offerings, expand technology and transaction processing capabilities, 
and have a strong governance structure. Furthermore, in order to fully 
realize the benefits of using a FSSP, it will be necessary for agencies 
to adjust and adopt standardized processes.''
    As DHS completes a discovery phase with a Federal Shared Services 
Provider (FSSP), per the Department of the Treasury's guidance, they 
will assess the capability and capacity of the FSSP to meet components' 
requirements. For example, DHS has recently entered into a discovery 
phase with the Department of the Interior (DOI) to determine whether 
DOI is suitable to provide financial management services to the U.S. 
Coast Guard, Transportation Security Administration, and Domestic 
Nuclear Detection Office.

                                 
