[Senate Hearing 114-688]
[From the U.S. Government Publishing Office]




                                                        S. Hrg. 114-688
 
        STATE DEPARTMENT AND USAID MANAGEMENT CHALLENGES AND 
               OPPORTUNITIES FOR THE NEXT ADMINISTRATION

=======================================================================

                                HEARING


                               BEFORE THE


                    SUBCOMMITTEE ON STATE DEPARTMENT
                         AND USAID MANAGEMENT,
                     INTERNATIONAL OPERATIONS, AND
                  BILATERAL INTERNATIONAL DEVELOPMENT


                                 OF THE


                     COMMITTEE ON FOREIGN RELATIONS

                          UNITED STATES SENATE



                    ONE HUNDRED FOURTEENTH CONGRESS



                             SECOND SESSION



                               __________

                          DECEMBER 8, 2016

                               __________



       Printed for the use of the Committee on Foreign Relations
       
       
       
       
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]       
       


                   Available via the World Wide Web:
                        http://www.fdsys.gpo.gov
                        
                        
                        
                        
                  U.S. GOVERNMENT PUBLISHING OFFICE
                   
 26-844 PDF                 WASHINGTON : 2017       
____________________________________________________________________
 For sale by the Superintendent of Documents, U.S. Government Publishing Office,
Internet:bookstore.gpo.gov. Phone:toll free (866)512-1800;DC area (202)512-1800
  Fax:(202) 512-2104 Mail:Stop IDCC,Washington,DC 20402-001                             
                        
                        
                        
                        


             COMMITTEE ON FOREIGN RELATIONS               

             BOB CORKER, TENNESSEE, Chairman              

JAMES E. RISCH, Idaho                BENJAMIN L. CARDIN, Maryland
MARCO RUBIO, Florida                 BARBARA BOXER, California
RON JOHNSON, Wisconsin               ROBERT MENENDEZ, New Jersey
JEFF FLAKE, Arizona                  JEANNE SHAHEEN, New Hampshire
CORY GARDNER, Colorado               CHRISTOPHER A. COONS, Delaware
DAVID PERDUE, Georgia                TOM UDALL, New Mexico
JOHNNY ISAKSON, Georgia              CHRISTOPHER MURPHY, Connecticut
RAND PAUL, Kentucky                  TIM KAINE, Virginia
JOHN BARRASSO, Wyoming               EDWARD J. MARKEY, Massachusetts


               Todd Womack, Staff Director              
         Jessica Lewis, Democratic Staff Director              
           Rob Strayer, Majority Chief Counsel              
         Margaret Taylor, Minority Chief Counsel              
                    John Dutton, Chief Clerk        



  SUBCOMMITTEE MEMBERSHIP SUBCOMMITTEE ON STATE DEPARTMENT 
                        AND USAID              
        MANAGEMENT, INTERNATIONAL OPERATIONS, AND              
           BILATERAL INTERNATIONAL DEVELOPMENT              

             DAVID PERDUE, GEORGIA, Chairman              

JAMES E. RISCH, Idaho                TIM KAINE, Virginia
JOHNNY ISAKSON, Georgia              BARBARA BOXER, California
RON JOHNSON, Wisconsin               CHRISTOPHER A. COONS, Delaware
RAND PAUL, Kentucky                  CHRISTOPHER MURPHY, Connecticut


                              (ii)        

  


                            C O N T E N T S

                              ----------                              
                                                                   Page
Perdue, Hon. David, U.S. Senator from Georgia....................     1

Kaine, Hon. Tim, U.S. Senator from Virginia......................     2

Linick, Hon. Steve A., Inspector General, U.S. Department of 
  State, Washington, DC..........................................     3
    Prepared statement...........................................    23
    Responses to Additional Questions............................    28

Calvaresi Barr, Hon. Ann, Inspector General, U.S. Agency for 
  International Development, Washington, DC......................     5
    Prepared statement...........................................    34
    Responses to Additional Questions............................    42


                             (iii)        

  


STATE DEPARTMENT AND USAID MANAGEMENT CHALLENGES AND OPPORTUNITIES FOR 
                        THE NEXT ADMINISTRATION

                              ----------                              


                       THURSDAY, DECEMBER 8, 2016

                               U.S. Senate,
        Subcommittee on State Department and USAID 
Management, International Operations, and Bilateral 
                         International Development,
                            Committee on Foreign Relations,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 10:15 a.m., in 
Room SD-419, Dirksen Senate Office Building, Hon. David Perdue, 
chairman of the subcommittee, presiding.
    Present: Senators Perdue [presiding] and Kaine.

            OPENING STATEMENT OF HON. DAVID PERDUE, 
                   U.S. SENATOR FROM GEORGIA

    Senator Perdue. The committee will come to order.
    This hearing of the Subcommittee of the State Department 
and USAID Management, International Operations, and Bilateral 
International Development--only in Washington can we come up 
with names like that--is titled State Department and USAID 
Management Challenges and Opportunities for the Next 
Administration.
    I would like to begin by welcoming our distinguished guests 
and witnesses: Inspector General of the State Department and 
Broadcasting Board of Governors, Steve Linick, and Inspector 
General of the U.S. Agency for International Development, 
USAID, Ann Calvaresi Barr. Welcome. Thank you both so much for 
taking your time today and to be back before us. And welcome 
back.
    The Inspectors General before us here today are charged 
with evaluating and assessing State and USAID's programs and 
operations and making recommendations to strengthen their 
integrity, effectiveness, and accountability. As such, the 
Inspectors General are dedicated to detecting and preventing 
waste, fraud, abuse, and mismanagement. As we move forward into 
a new administration which will have new leadership and fresh 
ideas, I wanted to take the opportunity to bring you up--to 
really focus--to visit with us again, to focus again on the 
management piece of this mandate.
    We understand that you have both put out recent reports on 
major management and performance challenges for each of your 
respective agencies, and these contained key recommendations 
for what the next administration should prioritize. We have a 
lot of ground we can cover today, but there are some core 
things you have identified as challenges that I want to mention 
first: protecting our people and facilities overseas, No. 1; 
No. 2, managing posts and programs in conflict areas; No. 3, 
information security and management; No. 4, oversight of 
contracts and grants; and, lastly, meeting transparency and 
reporting requirements. We have got a lot to do today if we 
cover all of that.
    These challenges impact our ability to operate in conflict 
zones, keep those serving our Nation safe, ensure that our aid 
is doing what is intended, and that congressionally mandated 
transparency requirements are being met, and to protect the 
integrity of the IT systems these agencies rely on. We look 
forward to and welcome your suggestions on how these challenges 
should be addressed by State and USAID, and how the incoming 
Trump administration should prioritize and tackle these issues.
    Before we get started, I would also like to welcome back 
our ranking member today, Senator Kaine. Senator Kaine has been 
a stalwart on the Foreign Relations Committee in reaching 
bipartisan consensus here. I respect him greatly and appreciate 
his leadership, mentoring, and participation.
    And, with that, I would like to thank and recognize our 
ranking member, Senator Tim Kaine.

                 STATEMENT OF HON. TIM KAINE, 
                   U.S. SENATOR FROM VIRGINIA

    Senator Kaine. Thank you, Mr. Chair. And I echo those 
comments. It has been a treat to be the ranking member on this 
subcommittee with you for 2 years, and to be at this last 
meeting of our subcommittee. And it is a very important topic.
    And I welcome both of you and thank you for your service.
    I understand, Mr. Linick, you are feeling a little under 
the weather today, and so we will--we will not stint on our 
tough questions----
    [Laughter.]
    Senator Kaine [continuing]. But we will understand if the 
answers are abbreviated.
    IGs have a difficult mission, challenging mission, 
important mission, regardless what agencies they serve. But, 
given the overseas nature of the work that is done in USAID and 
State, the challenges that you each face in your roles, I 
think, are significantly advanced. And I thank you for the good 
work that you do.
    This hearing is meant to dig into your recent reports and 
talk about performance and management challenges for State and 
USAID as we move into the next administration. Obviously, top 
priority is responsibly spending taxpayer dollars. And that is 
a key function of what the IGs are charged with. As we continue 
to expand our presence around the globe, and we have expanded 
it greatly in the last 15 years, many programs can be 
susceptible to fraud, waste, abuse, if not just poor 
implementation challenges. And we see that in testimony before 
the Armed Services Committee, and we deal with the same issue 
there with DOD all the time. And this is, I know, something 
that you focus significantly on.
    Senator Perdue mentioned that an important piece of what we 
do is try to establish performance and management metrics. This 
is one of the reasons that he and I get along so well. We--we 
are into the management by data, management by results. If you 
do not measure, you do not really know how you are doing. But, 
you have to measure the right things to give your organizations 
the right incentives to be effective. And we want to talk about 
that. Managing these overseas complexes, managing the safety of 
our folks overseas, having the right tools in place for that 
are critically important.
    And, as we have concluded an election, where there has been 
a lot of discussion about cyber hacking of institutions, even 
electoral institutions, and State has been the subject of cyber 
hacks in the past, knowing what we ought to be doing to protect 
our infrastructure--cyber infrastructure is a key interest that 
I think we both share and I know that you will address.
    So, I am eager for your recommendations. I appreciate your 
service. I am glad that we are doing this hearing this morning.
    Thanks, Mr. Chair.
    Senator Perdue. Thank you, Senator Kaine.
    We will introduce our witnesses now. I would ask you to 
keep your opening remarks to 5 minutes; of course your written 
testimony will be submitted in the record.
    First, we have The Honorable Steve Linick, Inspector 
General of the U.S. Department of State, Broadcasting Board of 
Governors. Mr. Linick began his tenure as Inspector General for 
the State Department in September 2013. Prior to his 
appointment, he served for 3 years as, first, Inspector General 
of the Federal Housing Agency. Mr. Linick was an Assistant 
Attorney in California and Virginia. He also served as both 
Executive Director of the Department of Justice's National 
Procurement Fraud Task Force and Deputy Chief of its Fraud 
Section, Criminal Division.
    During his tenure at the DOJ, he supervised and 
participated in white collar criminal fraud cases involving, 
among other things, corruption in contract fraud against the 
U.S. in Iraq and Afghanistan. In his current capacity, 
Inspector General Linick is the senior official responsible for 
audits, inspections, evaluations, investigations, and other law 
enforcement efforts to combat fraud, waste, and abuse within, 
or affecting the operations of, the Department of State, 
Broadcasting Board of Governors.
    Mr. Linick, welcome.

  STATEMENT OF HON. STEVE A. LINICK, INSPECTOR GENERAL, U.S. 
             DEPARTMENT OF STATE, WASHINGTON, D.C.

    Mr. Linick. Thank you. And I apologize for my voice. I am 
delighted to testify before you today and talk about the work 
of the Office of Inspector General for the Department of State. 
So, I would like to thank you for the opportunity.
    I also want to thank this committee for its interest in, 
and support of, our work; in particular, for sponsoring the 
legislation intended to expand our hiring authority and to 
obtain information regarding misconduct by senior Department 
personnel. This legislation is critical to our work, and we 
really appreciate that.
    By way of background, our office oversees the operations 
and programs of the State Department, and the Broadcasting 
Board of Governors, which include more than 70,000 employees 
and over 270 overseas missions and domestic entities. And, 
aside from the sheer breadth of the work we have to oversee, 
the Department of State's OIG is unique, because, unlike other 
Inspectors General, we are statutorily required to inspect all 
overseas posts and bureaus in the Department. So, let me turn 
to some of the more important aspects of our recent work.
    First, as I testified previously, one of our top priorities 
is helping to protect the people who work for the Department 
around the world. And, although the Department has continued to 
make improvements in overseas safety and security over the last 
18 months, challenges still remain. And, through our 
inspections and our audits, we continue to find deficiencies 
that put personnel at risk. Since I last testified, we have 
particularly focused on health and safety issues overseas, 
emergency action plans, and maintaining physical security at 
overseas posts.
    Second, the security of information system remains a focus. 
The Department has spent a substantial amount of money over the 
past few years, but we are still concerned about the protection 
of the Department's IT infrastructure. For example, in recent 
months, we have reported significant weaknesses in the 
Department's Cybersecurity Incident Response Program. At the 
same time, I am pleased to report one important area of 
improvement, and that is our own IT systems. When I last 
testified here, I described our IT network as a major 
challenge. At the time, our network was connected to the 
Department's systems, and vulnerabilities in the Department's 
unclassified network directly affected our own system. In 
August, we migrated to our own independent IT system.
    Finally, the Department does face continuing challenges 
managing contracts and grants. To date, we have issued numerous 
reports and management assistance reports related to these 
topics, and we have opened numerous investigations on contract 
and procurement fraud. And we are concentrating our efforts on 
the Department's weaknesses in managing high-value critical 
contracts, including those in the conflict zones.
    I now turn to our initiatives. When I testified last time, 
I described several new initiatives. These programs are no 
longer new, but they are now an integral part of our day-to-day 
work processes. We have continued to use management assistance 
reports and management alerts to bring specific issues to the 
attention of senior management quickly, without waiting for the 
conclusion of longer-term audits and inspections.
    Second, our Office of Evaluations and Special Projects, 
which was established in 2014, is now well established and 
continues to focus on systemic issues, special assignments, and 
whistleblower protections.
    And finally, our work in connection with overseas 
contingency operations is well integrated into our overall 
mission, and our staff is working closely with DOD and USAID 
OIGs to oversee those operations.
    Next, I would like to address our primary ongoing 
challenge, which is what I discussed the last time I testified 
before you. Unlike other IGs, our office is not consistently 
given the opportunity to investigate allegations of criminal or 
serious administrative misconduct by the Department's 
employees. Department components, including the Bureau of 
Diplomatic Security, are not required to notify us of 
allegations that come to their attention. Accordingly, we 
cannot undertake effective independent assessments and 
investigations of these matters as envisioned by the Inspector 
General Act. We have been negotiating with the Department to 
address these limitations on our ability to conduct oversight 
for about 2 years, but the problem persists. Clearly, your 
legislation is needed to address this serious limitation, and I 
welcome your continued support as this Congress ends and the 
new one begins.
    Finally, I would like to discuss the significant impact of 
our work. In my written testimony, I included some financial 
metrics that demonstrate the way we help return money to the 
American taxpayers. But, these measurements do not fully 
reflect our most critically important work, which is helping to 
safeguard the lives of people who work in or visit our posts 
abroad, and protecting the Department's information reputation 
and the integrity of programs.
    Chairman Perdue, Ranking Member Kaine, I want to thank you 
for this opportunity, again. And I want to emphasize that our 
accomplishments are a credit to the talented and committed 
staff that I have had the privilege to lead. And I want to 
publicly thank them for their relentless pursuit of excellence.
    I look forward to your questions.

    [Mr. Linick's prepared statement is located at the end of 
this hearing on page 23. ]

    Senator Perdue. Thank you, Mr. Linick.
    Now we will turn to Ms. Calvaresi Barr.
    Previously, Mrs. Calvaresi Barr served as Deputy Inspector 
General at the U.S. Department of Transportation. She also 
spent 25 years at the U.S. Government Accountability Office, 
where she served as Director of the Acquisition and Sourcing 
Management Team, and earlier worked overseas to evaluate 
defense, national security, and foreign disaster assistance 
programs. In her role as USAID Inspector General, Ms. Calvaresi 
Barr oversees more than $20 billion in U.S. foreign assistance 
and development programs worldwide.
    I think you were just confirmed before this committee just 
a little over a year ago, so we welcome your comments today and 
thank you for coming again.

 STATEMENT OF HON. ANN CALVARESI BARR, INSPECTOR GENERAL, U.S. 
     AGENCY FOR INTERNATIONAL DEVELOPMENT, WASHINGTON, D.C.

    Ms. Calvaresi Barr.  Chairman Perdue, Ranking Member Kaine, 
and members of the subcommittee, thank you for inviting me to 
take part in this important hearing. As you know, I am charged 
with overseeing up to $15 billion spent annually on foreign 
assistance provided by USAID, MCC, USADF, IAF, and OPIC. Today, 
I will focus on the major management challenges USAID faces in 
carrying out its missions--its mission, and the reforms my 
office has taken to create a model OIG.
    We identified five USAID challenges that need particular 
attention in fiscal year 2017. These challenges stem from the 
inherent complexities in coordinating and implementing foreign 
assistance: poor project design, monitoring, and a lack of 
capacity to execute and oversee USAID-funded projects, and weak 
internal controls. Managing the complexities of working in 
areas beset by conflict, instability, or natural disaster is a 
longstanding challenge for USAID. According to the agency, 
these environments require flexible responses. We agree that 
some flexibility is needed to adapt to country contexts, but it 
must be tempered with discipline.
    Our investigations related to responses in Syria and other 
countries expose fraud schemes involving collusion, product 
substitution, inflated billing, and false claims. These schemes 
demonstrate the extent to which ad hoc approaches can leave 
USAID programs vulnerable to abuse and raise serious concerns 
about implementers' contracting processes and USAID's 
oversight.
    Reconciling priorities in operations that involve multiple 
U.S. agencies also present significant challenges. Our work in 
Pakistan and the Middle East found that USAID employees often 
struggle to balance USAID's development priorities with other 
agencies' aims. In response, USAID's administrator recently 
engaged State Department leadership to discuss solutions.
    Another challenge relates to program design and monitoring. 
Poor design has limited the impact of USAID projects, or 
disrupted them before they began. Monitoring has been 
constrained by unreliable data as well as insufficient 
guidance, staffing shortages, and a lack of employee training. 
Such weaknesses derailed USAID's plans to use a multi-tiered 
approach to monitor activities in Afghanistan. Ultimately, only 
one of 127 awards made between 2013 and 2014 used multi-tiered 
monitoring.
    Program sustainability also remains a challenge, 
particularly as it relates to securing host-country commitment 
and assessing local capacity. For example, a project in Haiti 
lacked a plan to transfer responsibility for paying healthcare 
workers' salaries at 80 facilities after USAID's role ended and 
the Haitian Government could not pay them. In addition, five 
U.S.-funded roads in the West Bank are deteriorating because 
the Palestinian Authority did not allocate funds to support 
road maintenance.
    Finally, longstanding internal control weaknesses have 
limited USAID's ability to meet Federal financial management 
requirements, including reconciling transactions between USAID 
and other agencies.
    Complying with the government's complex information 
security requirements has also proved challenging. While USAID 
has made great strides in implementing FISMA and removing 
significant deficiencies, concerns remain about the CIO's 
ability to exercise appropriate authority and the independence 
of USAID's FISMA compliance reviews.
    To provide the oversight needed to help USAID address these 
complex challenges, I have seized opportunities to improve our 
own operations. It begins with a vision for how we scope our 
work and how we execute that work, moving away from auditing 
and investigating individual programs and projects to targeting 
weaknesses that cut across all the entities that we oversee. 
This crosscutting work will provide solutions that link 
Washington-based strategies to field-level implementation.
    To better position my staff to carry out this work, I have 
initiated a number of reforms. First, I added more rigor to how 
we prioritize our work. Second, I called for matrix teams 
comprised of audit, investigations, and technical staff from 
headquarters and the field, and consolidated 11 overseas 
offices into four regional hubs. Third, I have taken steps to 
revitalize our workforce by recruiting new leaders, elevating 
performance standards, setting expectations for inclusivity and 
leadership, and identifying the training and resources all 
staff need to succeed. Finally, I have solidified our 
independence by establishing a cooperation memo with the USAID 
Administrator to formalize OIG's authority. We are also working 
to reclaim responsibility for closing out our recommendations.
    OIG remains committed to providing reliable and meaningful 
oversight and ensuring that we, as well as entities we oversee, 
achieve the highest return on taxpayer dollars. Given the risks 
in providing foreign assistance, this is no easy task, but it 
makes our work, and this subcommittee's sustained interest, 
critical to ensure we get it right.
    This concludes my prepared statement, I am happy to take 
any questions you might have.
    Thank you.

    [Ms. Calvaresi Barr's prepared statement is located at the 
end of this hearing on page 34.]

    Senator Perdue. Thank you, Ms. Calvaresi Barr.
    And thank you both for your statements and for your 
submissions to the record.
    We will start our questioning. And, just to manage the 
time, there is a Democratic Caucus meeting at 11:15, and 
Senator Kaine will probably have to excuse himself. If I have 
another question or two, we will continue with those questions 
in his absence; we are allowed to do that. But, I think we 
should be able to manage the questions in that time.
    We will start with Ranking Member Kaine.
    Senator Kaine. Thank you, Mr. Chair.
    And thanks, to the witnesses.
    I want to start, Mr. Linick, on the cyber issue. My 
understanding is that there are two bureaus at State that have 
responsibility for cyber and IT security, the Information 
Resource Management IRM) and Diplomatic Security (DS), and both 
have responsibility. Talk to me a little bit about the 
stovepiping issue of having two different branches responsible 
for this, the degree of duplication or gaps, the degree of 
current coordination and recommendations that you might have 
with respect to making State more effective in this area. We 
were all aware of the stories about foreign intrusion into the 
State Department networks in March of 2015. Please talk a 
little bit about how you are trying to tackle that challenge.
    Mr. Linick. Thank you, Ranking Member Kaine.
    The issue of dispersion of authority between DS and IRM is 
a serious issue. As I just testified, we have seen a number of 
significant recurring deficiencies in their IT system over the 
last 5 years. We think a number of them are created by a lack 
of coordination.
    Let me give you a specific example:
    One of the issues we have seen is employees who do not use 
their email accounts for a period of 90 days, those accounts 
are supposed to be disabled, because hackers can get in, or 
anybody can get in and use those emails for nefarious purposes. 
The Department has not disabled many of those accounts. And 
that is a coordination issue.
    We have seen other deficiencies occur as a result of this 
coordination issue. And it goes to a larger recommendation, 
which we have made to the Department, which is, the CIO, who 
works for IRM, currently reports to the Under Secretary for 
Management, and so does DS. We do not believe that the CIO is 
properly positioned to control IT security at the Department. 
It is not clear that the CIO gets information about security 
risks from other bureaus. We have asked the Department to take 
a look at that.
    The other thing is, the CIO--one of our key recommendations 
to address the deficiencies we have found in their IT system 
has to do with the fact--while the Department's working on it, 
they do not--they have not implemented an IT risk-management 
structure which identifies risk, assesses risk, monitors risk, 
and so forth. And the CIO has got to do that. I know they have 
been working on it. But, we believe that is key in order for 
the Department to get its hands around this problem.
    So, with that kind of risk-management system, the 
Department would be able to figure where it currently stands, 
from an IT perspective, where it needs to be, what the 
opportunities for improvement are, and how to communicate their 
risk to the Department.
    Senator Kaine. You gave me two different examples, and, in 
the second one, you indicate that there is effort underway at 
the State Department to grapple with the recommendation you 
made. How about on the first one, the notion of a CIO being 
placed differently in the organization, to have a more 
comprehensive oversight of these cybersecurity matters? What is 
the response that you have gotten from State on that? Please 
explain that to us.
    Mr. Linick. Well, our recommendations with the Department 
consider the positioning of the CIO. And the Department has 
come back and said that they have considered the position, and 
he will remain where he is. That is my understanding of it. 
However, this risk-management plan that I have discussed can 
identify the roles and responsibilities of various players and 
give the CIO the power and authority and the clear guidance 
that he needs in order to have the kind of control in order to 
implement, you know, an IT system, a security system.
    Senator Kaine. Let me ask about another aspect of cyber. I 
am on the Armed Services Committee, and we spend a lot of time 
in dealing with DOD about the same issues. Within DOD, there 
are some interesting projects and programs to deal with cyber 
issues. There is a program called Hack the Pentagon, which 
gives incentives to hackers to find and report vulnerabilities 
in DOD networks. And then the Air Force has something called an 
IT Swat Team, which is private-sector IT professionals that 
have agreed to come in and help the Air Force rapidly, if there 
are intrusions, deal with those. Are there similar projects or 
efforts underway at State to quickly deal with cyber intrusions 
or even encourage hackers to report vulnerabilities so that 
they can then be fixed?
    Mr. Linick. Yeah. I do think--I mean, they have spent 
several billion dollars over the last few years on trying to 
improve the system. I know they have been working hard to do 
it. I know they are partners with other agencies to help them--
including DHS--to help them detect hackers and so forth. I know 
they have provided more tools to staff, and they have been 
working hard at training, as well. So, I know they have taken a 
lot of steps. We really think a lot of this has to do with just 
having a better handle on all the risks and being able to see 
the entire organization and prioritize those risks.
    Senator Kaine. I want to go to the State Department folks 
and say, ``Hey, now you tell us what you are doing in response 
to these recommendations.'' And so, I appreciate that 
testimony. Maybe we will have the opportunity to do that with 
State Department folks, especially on the two points that you 
mentioned.
    I want to ask Ms. Calvaresi Barr this question. I 
understand that USAID is rolling out changes to its policy 
guidance. I see that it is called ADS201--I do not know that 
that is--but, basically, it is policy guidance about increasing 
the ability of implementing partners to be adaptive and 
creative in their execution of aid programs. So much of the 
great work of USAID is through implementing partners.
    Talk to us a little bit about that effort. What guidance 
would you give to us so we can both support but then also 
assess the degree to which the relations between USAID and its 
implementing partners are as effective as they can be?
    Ms. Calvaresi Barr.  Senator Kaine, thank you for that 
question. I think it is probably one of the more important 
questions that could be asked.
    USAID relies on implementing partners to deliver foreign 
assistance, right? So, right off the bat, you have to have 
assurance that those implementers have strong internal 
controls; you have to ensure that they are going to report, 
they are going to monitor, they are going to check, they are 
going to get back to us and know whether the goods (the 
services and the foreign assistance) are getting where they 
need to go.
    One thing that we have pointed out, time and time again in 
our work across the board, is a culture within USAID which 
views its implementers more as partners. So, as a result, we 
are seeing sort of a lack of the kind of rigorous oversight we 
would like to see from USAID to its implementing partners. And 
I think the best way to point that out is that you look at our 
work that our special agents have done in investigations. That 
is the effect. That is the effect of those weak internal 
controls. That is the effect of the vulnerabilities, not really 
knowing what is being shipped, what is reaching the desired 
entities. And in the case of Syria, in our cross-border 
operations from Turkey and Jordan, we found rings of corruption 
on product substitution, false claims, a whole host of issues. 
And we have put tremendous, tremendous pressure on USAID, as 
well as its implementing partners, to stand up and to have a 
better grasp on that. We stood up a Syria Investigations 
Working Group, where we pull the bilaterals together in that 
area. We work with State, we work with other entities to talk 
about where we have cracked down on fraud. Who are these 
partners? Who are the vendors? Who are the implementors? 
Because much of this money is going to other entities, and they 
may be using the same bad apples. So, there needs to be that 
kind of rigorous oversight put in place.
    My point here is, we are doing it, as the Office of the 
Inspector General, from our investigations standpoint. We would 
like to see AID do more of that. So, the design of the 
programs, the monitoring, the evaluation, it certainly does 
need to be addressed.
    Particular concern--and I will just end on this point--is, 
almost half of USAID's money goes through U.N. agencies. We do 
not have oversight over those public international 
organizations. That is a vulnerability. So, we have partnered 
very, very closely with them. In fact, I just got a call 
yesterday from the World Food Programme IG, and we are going to 
meet next week, actually, to talk about what needs to be put in 
place. We have suggested to USAID, ``You just do not turn over 
the money. Put conditions on that money, even if it is going to 
the PIs. Half of that money is going to them. You should put 
strings attached, conditions on the transfer of that money.'' 
That is beginning to happen. It has not happened before. Hence, 
what we see in Syria. Hence, what we see in Afghanistan. Hence, 
what we see in Africa, when it comes to global health. I could 
go on and on.
    Senator Kaine. So, even though you do not have the ability 
to exercise your function with respect to monies going to these 
U.N. agencies, you can put pressure on USAID to put strings on 
the money and make sure that they are trying to get the U.N.-
related agencies to up their own internal controls.
    Ms. Calvaresi Barr.  Absolutely. It goes to the heart of 
your question, What about monitoring and evaluation? What can 
they do? They need to look at these implementors, not so much 
as partners. They have to know what their internal control 
processes are. They need to know what they know about the 
vendors and the subcontractors they are going to be working 
with. What are their internal controls? And they have to put 
risk-mitigation factors in place to account for that. That is 
risk management.
    Senator Kaine. Let me ask both of you this question. Both 
State and USAID work in environments that are permissive and 
also in environments that are nonpermissive. I think I can 
intuit the answer to this question, but I think it is an 
important one to get on the record and for folks to understand. 
Talk about how the work of each of these agencies in 
nonpermissive environments--how does being in a nonpermissive 
environment change the work that an IG's office needs to do?
    Ms. Calvaresi Barr.  Okay, I would be happy to start.
    Certainly, it makes it more difficult because in a 
nonpermissive environment you cannot be out there. The reliance 
becomes even greater. You are looking to others to go in-
country for you. That is why these U.N. agencies are so 
critical to USAID because they are the ears and the eyes, and 
that is the footprint on the ground. That is the importance of 
having implementors that have our best interests in mind, that 
are interested in getting the return on every taxpayer dollar 
possible.
    So, these issues that we have found in our top management 
challenges, these cut across permissive and nonpermissive 
environments. What I would say to this is, when you are in a 
nonpermissive environment, you cannot be there on the front 
line.
    One example where I think USAID could do better. I 
mentioned the Syria program. We cannot go into Syria. But, our 
U.N. partners can go in. OFDA sent out a DART team to assess 
where the need was and make sure the supplies get there. It was 
our agents, not that DART team, that actually went to the 
warehouse and looked at what was supposed to go across border, 
Is this what it should be? Is it up to the quality it should 
be? So, we asked the question ``We are there, why is USAID not 
there?'' So, those are some of the things where we are pulling 
out, we are recommending, we are pushing in our reports. You 
need to have levels of review. Their multi-tiered monitoring 
approach, which they have been talking about for many, many 
years as the end-all/be-all for those situations, I think I 
mentioned here in my opening statement, one of 127 awards used 
that approach. And what that approach is--we know we cannot get 
in there, so we have got to work with the governments, we have 
got to work with our NGOs.--We have got to work with the other 
implementors. We have to have creative strategies for 
documenting the actual receipt of these goods. We need reports 
that come back.--In Afghanistan, one of 127 awards used it. Our 
recommendations are targeted at getting that much better than 
that kind of estimate.
    Senator Kaine. Mr. Linick, on the same issue about 
permissive versus nonpermissive environments, and then I have 
one workforce question before I hand it back to the Chair.
    Mr. Linick. The State Department is clearly working in 
providing foreign aid in nonpermissive environments, lots of 
it, you know, in governance programs, nonlethal aid working in 
Syria and Iraq and so forth. And it is a serious limitation, 
these nonpermissive environments, to monitor whether or not the 
goods or the services are being delivered as they should be.
    The State Department has sort of a mixed record on this. 
Some bureaus are using alternate means to compensate for that: 
use of third-party contractors, use of GPS, use of 
teleconferencing, talking to grantees in third countries. There 
are quite a few ways to get around this. And we are actually 
looking at those ways to see how effective they are.
    In other bureaus, they are not using these methods. And 
part of it is because there is no directive that provides a 
minimum standard for monitoring and evaluation. That is 
something we are looking at.
    Senator Kaine. I want to ask one workforce question and 
then just an observation about workforce. Within the DOD--
again, from my Armed Services experience--the senior executive 
service personnel, senior officers often attend very extensive 
planning curriculum to focus on things like contract 
management, et cetera. And my observation is that State and 
USAID Foreign Service Officers usually have a shorter rotation, 
with fairly limited training in planning and contract 
management, even though they are expected to do similar work. 
So, as I compare the kind of training on planning and contract 
management on the DOD side, versus the State side and the USAID 
side, I think State and USAID do not get the same amount. What 
can we do to foster more of a planning and training culture 
within the organizations?
    Ms. Calvaresi Barr.  Okay, this is certainly an issue that 
we have highlighted. The lack of training for the folks that 
are actually in charge of determining the programs following 
from a country development strategy, what the program should 
be, what the vehicle should be. And I think what we have found, 
across the board, is that, No. 1, the training is not there 
that is needed. This is huge project management. We might start 
with a $1 million grant. That can amp up very, very quickly 
because of changing situations. And then, when you are in a 
contingency operation where the need is tremendous, you have 
the staff actually overseeing 11 projects in that area. If they 
are not trained, if the right number of folks are not there, if 
there are not alternative strategies for how to monitor it--not 
a one-size-fits-all approach to this--then you are going to see 
the effect that we see, time and time again. It sounds like a 
broken record.--They are not achieving the goals that they 
established; the data is unreliable; we are not sure they are 
meeting where they need to be. So, training is absolutely at 
the heart of this.
    You mentioned Foreign Service. I think, you know, a 
complicating factor with this, because of the nature of that 
personnel system, folks are in, they are in for, you know, 2 
years--in contingency settings, 1 year--and they are out. So, 
you overlay that with the continual change that goes on, and I 
think it is certainly a recipe for tremendous, tremendous 
vulnerability in achieving the program.
    Senator Kaine. Mr. Linick?
    Mr. Linick. Senator Kaine, you raise what I think is one of 
the most important issues for the new administration to look 
at. In the State Department,--there is little emphasis on 
project management. They are working on it. And they have been 
working on it for a while. But, really, people go to the State 
Department because they want to be diplomats, and they do not 
want to have to manage contracts and grants and do all these 
things. It is a collateral duty for many. As you mentioned, 
Foreign Service Officers are rotating in and out of these 
posts--1, 2, 3 years. You know, they will serve as grant 
officer representatives, and then they move on to another post. 
So, you know, many grants have one, two, three grant officer 
representatives. They do not have the training, they do not 
have the staffing. Grant officers and contract officers are 
really not held accountable for oversight. You have got RSOs, 
regional security officers, who are also designated as 
contracting officers at posts, who are supposed to be managing 
the local guard contracts, but also making sure that the posts 
are secure from attack. This is a real problem, and we have 
made a number of recommendations to the Department to enhance 
accountability. It needs a better system for inventory and 
contracts and grants. It needs more training; it needs more 
resources. and it needs to be given the kind of priority that 
other topics do. Because, ultimately, in our view, effective 
management means effective diplomacy. And at the end of the 
day, this should be an organization which is also focused on 
the taxpayers.
    Senator Kaine. Let me offer--let me just offer one last--- 
not a question, just an observation, and then--and I appreciate 
the Chair letting me just drone on with 15 minutes of 
questions. And I am anxious to hear his questions.
    When I travel on CODELs, usually I combine travel for Armed 
Services and Foreign Relations purposes. And I have embarked on 
a habit I really love, which is, wherever I am, I go to the 
Embassy and I ask to meet with first- and second-tour FSOs, 
often people from USAID, and other folks that are connected 
with the Embassy. I just want to hear what their life is like. 
And I am always so impressed with the qualifications of people, 
and their experiences. We are doing a better and better job of 
thanking the military for their service. I do not think we 
often thank nonmilitary American employees enough, especially 
those who are deployed into high-risk settings around the 
world. But, I always ask them this question, ``You have a job 
that is very competitive to get. I mean, especially anybody who 
has passed the Foreign Service exam--extremely competitive to 
get, so you are to be congratulated for that. Tell me what will 
be the difference between you staying and making this a career 
and you leaving to do something else.'' I ask that question, 
and then I just listen, usually for about an hour. One of the 
things I hear a lot is this,--and it is in your wheelhouse as 
you are making recommendations to State or USAID and kind of 
seeing how they implement those recommendations. Foreign 
Service Officers tell me that they had to go through such an 
intense security vetting to get this job, but, for them to get 
a few dollars to go to a conference they have to fill out 
things in triplicate, as if they could not be trusted. They 
wonder how they were allowed to get through the vetting process 
if they could not be trusted. They understand that there needs 
to be a check against fraud and abuse, but they are still 
frustrated at being treated as if they could not be trusted, 
often for minor expenditures.
    Obviously, we have to have a balance, in terms of putting 
mechanisms in place to appropriately manage and protect the 
taxpayer dollar at the same time. When we put people through 
the--you know, one of the most intense vettings that anybody 
gets in our operation, then there ought to be a degree of 
respect and trust that comes with that.
    So, I just wanted--you do not need to comment--but I just 
wanted to tell you that is something that I hear as I travel 
around the world and try to say thank you to the people doing 
these important jobs. And you might want to consider that.
    And I will now hand it back to the Chair.
    Thank you.
    Senator Perdue. You know, I can relate to that when I am 
going through security at the airport, myself. [Laughter.]
    Senator Perdue. Thank you for those insightful questions.
    You know, let me follow up on that line of thought. You 
know, one of the great things about this job is, we do get to 
travel, and we do get to see our men and women in uniform and 
our State Department personnel around the world. And it really 
is an unbelievable thing to realize that the best of America is 
in uniform in our military, and the best of America is in our 
Embassy and diplomatic efforts around the world. I mean, it 
really is a very encouraging realization to come to as a new 
member. And I am worried about the continued safety and their 
careers. You know, I think Senator Kaine just talked about 
that. I mean, we talk about that in here a lot. The retention 
of really good people in any enterprise is a key success 
factor.
    I am worried about their safety, Mr. Linick, and I know you 
have talked about that before. And when I look at both your 
reports, they are so insightful. And if we could just implement 
everything in your reports, we would all be much better off. 
But, I am a little concerned when I see repeat recommendations, 
and there are a number in here. And the one that I want to call 
out and get you to speak to it very quickly. This is about 
Embassy security. Past events have proven that these embassies 
are, indeed, in danger at times. And so, we have to take this 
very seriously for the security of our people. But, in your 
testimony, you stated that Until the Department fully 
implements the IG's recommendations intended to improve the 
process to request and prioritize physical security needs, it 
will be unable to identify and address all physical security-
related deficiencies. And then you said that without taking 
such steps, the Department will be unable to make informed 
funding decisions.
    We had a meeting here earlier this year talking about how 
expensive it is to build the embassies, and the overruns and so 
forth. That is not what I am looking for here. What I am really 
looking for are the hindrances going on in State, and why is 
this a repeat recommendation? And, looking forward to the next 
year, how receptive has State been to your recommendations, and 
how would you advise us to continue to look at that? If safety 
of our diplomatic corps is one of the top priorities, it seems 
to me that we need to make sure that these recommendations are 
taken seriously.
    Mr. Linick. Senator, I think the issue of why do 
deficiencies continue to appear is a complex question. There 
are posts all over the world. There is lots of ground to cover. 
The world is a dangerous place. And there are probably lots of 
reasons why we continue to find issues. One thing we think 
would be a simple fix and would contribute to the Department's 
ability to address these issues is just having a database of 
all the security needs, the deficiencies around the world, so 
the Department knows how much money it needs to spend, where 
the highest-priority security issues are, and so forth. The 
Department has made progress. We made this recommendation in 
2014. They have a database. They have not populated the 
database. They just need to do that. But it has been a couple 
of years. So, again, it is a planning function. You do not know 
what you have unless you understand what the universe of needs 
are.
    The other thing I would say is--and this is another issue I 
think the new administration ought to look at that relates to 
the issue of dispersion of authority in the IT context--it is 
the issue of the need to enhance our mechanisms for 
accountability, particularly in the security area. Two key 
recommendations came from the Benghazi Accountability Review 
Board, one had to do with making sure that risk management is 
conducted at the highest levels of the Department. And that is 
very important for the new administration to undertake, 
particularly where we are sending folks in harm's way and we 
cannot mitigate risk. It ought to be done at the highest 
levels.
    The other issue is in terms of security. You know, we have 
had 12 Accountability Review Boards, from Dar-es-Salaam to 
Benghazi. And in Benghazi, we found that 40 percent of the 
recommendations made by the Benghazi Accountability Review 
Board were repeat recommendations--training, information-
sharing, et cetera. Why is that? Largely because it did not 
have leadership pushing down those recommendations. With 
changes of administrations a lot of these issues get delegated 
to the bureaus. That needs to be implemented from the top, as 
well. And they have actually put something in the FAN to 
require that the Deputy Secretary make sure that they oversee 
the implementation of those recommendations.
    Those are the primary reasons. We continue to find 
deficiencies all over the world, whether it is, not having the 
right setback or not having hardened doors, et cetera. Those 
are the root causes, and leadership needs to be on top of this.
    Senator Perdue. I notice, in London, in Singapore, and in 
Islamabad, that some of those recommendations have been 
incorporated into new construction--setback rules, et cetera. 
Is that correct, in terms of these priority embassies?
    Mr. Linick. Yes. After the Benghazi Accountability Board, 
the Department implemented many of those recommendations, and 
that has improved security at posts all over the world by 
sending more Marine security guards and enhancing training. So, 
the answer is yes, they have progressed.
    Senator Perdue. We had the privilege of visiting, in Melon, 
Spain, a Marine contingent, and one of their primary missions 
is to be there as the first call for embassies in Africa. And I 
know Senator Kaine has a son, a young Marine who is out there 
in harm's way; so we want to make sure those guys are well 
funded.
    Mrs. Calvaresi Barr, you noted in your testimony--this is a 
specific question, but you called it out, that you are seeking 
to align the USAID IG system of pay for Foreign Service 
investigators with that of the rest of the Federal law 
enforcement community, just to create a level playing field. 
Can you speak to that just a minute, about the deficiency and 
what we need to think about here in Congress to help get that 
rectified?
    Ms. Calvaresi Barr.  Thank you, Senator Perdue, very much 
for that question. Of the many challenges I confronted when I 
took over as IG, this is probably been one of the more 
disruptive to my organization internally.
    Senator Kaine. Has it--excuse me--has it affected retention 
since you have been there, in the last year?
    Ms. Calvaresi Barr.  It will if we do not have a fix soon, 
so let me try to take a very complicated issue and make this 
simple.
    I oversee two personnel systems. One is Civil Service, one 
is Foreign Service. When it comes to our criminal investigators 
on the Civil Service side of the house, our criminal 
investigators get a law enforcement availability pay, known as 
LEAP, and it allows them to receive 25 percent more over their 
base salary, up to a GS-15 step 10. And what that pay is for is 
to ask them to work for a minimum of 50 hours and be available 
anytime, going forward.
    For commissioned Foreign Service Officers, LEAP does not 
exist. So, my predecessors, many before me, in wanting to bring 
parity to the system, instituted special differential. So, the 
special differential was instituted to essentially bring the 
salaries to about the same because these are the Foreign 
Service criminal investigators that are in Syria, are in 
Afghanistan; and certainly, they should at least be entitled to 
the same pay, not only within my organization, but across 
government. Right? LEAP. So, they put a special differential in 
place for them. What they also did, though, is they put a cap 
on that differential. Recently, there was a challenge to the 
IG's ability to put a cap on that special differential.
    We are seeking legislation that would allow us to set the 
pay rate similar to the rate of the Civil Service, because if I 
do not, every imaginable scenario will directly affect what you 
asked me--recruitment and retention--or disparity. If I do not 
put a cap on those salaries, those criminal investigators will 
receive $40,000 more than their counterparts, in excess of 
$200,000 a year in their salary. If I take it away--they are 
going to fall way below that. I am not going to be able to 
retain or recruit.
    Folks at that level, at the FSO 1--level, are our special 
agents in charge. They run the operations regionally. This has 
been one of the more difficult things that I have had to deal 
with in our organization. So, we appreciate that we have worked 
very closely with your staff and other committees' staff to get 
a legislative fix to this so that we can just bring parity into 
the mix. And it would go a long way.
    Senator Perdue. Well, we are working with you. We really 
hope that we can create that level playing field. This is 
something that is obvious to those of us who see it from the 
outside.
    Ms. Calvaresi Barr.  Thank you.
    Senator Perdue. Let me ask both of you this. This is 
something that we see. We have a new President coming in, in 
January, who has outside business interests and so forth. So, 
the conflict-of-interest issue is now front and center at the 
highest level--inside the State Department, inside USAID,--as 
in all of government. But I want to talk specifically here 
about someone who might moonlight with a second job, what are 
the procedures, going forward, that we need to look at to 
ensure that there is no conflict of interest with their day 
job?
    Mr. Linick?
    Mr. Linick. Well, Senator, there are ethics rules and 
criminal rules which prohibit conflicts of interest--financial 
conflict of interest, in particular. We get allegations, in the 
investigations area, of conflicts of interest. We get them 
routinely, and they are pretty common.
    Senator Perdue. Are there training processes inside both 
institutions to educate people----
    Mr. Linick. Well, there is required ethics training, and we 
looked at the Department's ethics,--how they conducted ethics 
training. And I would have to get back to you for specifics 
about that. We have it within our own office; we take it very 
seriously. This is something that we deal with more on an 
allegation-by-allegation space.
    Senator Perdue. But, from a proactive standpoint, are there 
things that the IG Department does, interacting with people? 
Ms. Calvaresi Barr, do you want to speak to that?
    Ms. Calvaresi Barr.  I would be happy to, and I agree 
completely with what Mr. Linick said here about the rules and 
the regulations. There is ethics training across the board.
    One thing that our Office of Investigations did was put 
together an integrity working group within USAID. We have 
USAID's general counsel; we have people from civil rights 
there; we have people from the management bureau there; we have 
people from security there, and we are there. And we talk about 
employee integrity matters, conflicts of interest obviously 
being one of them.
    I can tell you that we are not, certainly, missing in terms 
of getting requests for us to do investigations. It is a best 
practice to set something like that up to make it clear that 
this all needs to come to the Office of the Inspector General. 
These meetings that we have on a monthly basis, all those 
matters are discussed. One thing I will say very, very strongly 
about USAID on this matter, they refer those things to us, the 
most egregious ones; we talk about all of them, and they let us 
have at them.
    So, I think that this is a good model, a best practice. And 
again, I am very proud of my staff for coming up with the idea 
that we have got to pull this together and pull the right 
stakeholders just to have discussions such as this.
    Senator Perdue. Thank you.
    Mr. Linick, I want to go to the IT area. This was a top 
topic last year, and it seems to be a strong part of your 
report again this year. You brought to light some serious 
issues that the State Department and the IG face preventing 
your office from being as effective as you would like. Can you 
provide an update on the issue of independence of the State 
Department and OIG, and the integrity of those investigations? 
And what about the independence of your IT network? I know we 
talked about that last year, as well.
    Mr. Linick. Well, fortunately, we have migrated to our own 
independent network. And last year when I testified, I 
expressed concern about the integrity of the information on our 
network--investigative information, audit information, grand 
jury information--and access to that information by folks. We 
have no evidence that the Department, just to clarify, actually 
has access to that. The problem is, we did not have firewalls 
and controls between our agencies to prevent that. So, we have 
moved to our own independent IT system, and our work now is 
secure.
    Senator Perdue. Well, that is great news. I know Senator 
Kaine has to leave. And we thank you so much for being with us.
    Ms. Calvaresi Barr, can I get you to comment on the same 
thing? You have only been there a year. Have you seen the same 
sort of thing. What are your comments on the IT function inside 
USAID?
    Ms. Calvaresi Barr.  Yes. So, first, I would just start 
off--from an independent standpoint, one of the first things I 
did within the first month was establish a memorandum of 
understanding about the IG's authorities and independence, and 
the need for that, that Administrator Gail Smith sent out to 
all folks within USAID. And that has gone a long way to stress 
the role, the responsibility, and the authorities we have. And 
that has played out extraordinarily well.
    With regard to IT systems, we do maintain our own servers, 
but there are certainly opportunities, if there is somebody 
nefarious within USAID proper that would want to try to hack 
in, whether it be through email accounts or other things, those 
walls and those structures are not as effectively built. We--
some of the new leadership I talked about, that I have brought 
in--one individual, in particular, very, very strong in our 
Office of Management, along with our great staff--our Director 
of IT and her staff--are working on ways to build in more 
security to those systems.
    But, we do have our own servers. I think we need to go a 
little bit further, because I would not be truthful if I said 
that it is completely foolproof and nobody can get into these 
systems. We have work to do on that--in that regard.
    Senator Perdue. I think that is fair.
    Mr. Linick, in your testimony, you stated that your office 
was--you may have given me this thing. I hope not. [Laughter.]
    Mr. Linick. I hope not.
    Senator Perdue. I am kidding. I am actually on the down 
side of the same thing.
    I am concerned about the absence of mitigating action plans 
for high-risk areas concerning oversight of contractor 
operations. That is an issue your office has raised before. You 
have issued four reports in the last years identifying these 
problems. Give us an update, if you will, on how State has gone 
about implementing your recommendations. Are you satisfied with 
the progress of those recommendations? And I know you just 
talked about, last year, that they made dramatic progress. Give 
us an update through this year. And also, you have made 
recommendations repeatedly. Some of those come back. And so, 
this, again, speaks to the fact that the issue shows up again 
this year. Can you just speak to that again, please?
    Mr. Linick. Well, we do make a lot of recommendations, and 
some of them are implemented, and others are not implemented. 
And we try very hard to follow up and follow through in terms 
of compliance once we issue a recommendation. In some 
instances, if it is a serious recommendation or if we are not 
seeing compliance, we will actually go back out and do a 
compliance follow-up review. It is a whole new team that goes 
out to check to see whether or not recommendations are 
accepted--you know, are complied with and so forth. We do not 
have the ability to require the Department to follow our 
recommendations. All we can do is make recommendations and hope 
they implement them.
    The one thing that has really been a help for us, though, 
we have made a number of recommendations that Congress has 
actually latched onto and incorporated into legislation. So, 
for example, our recommendations and some of our management 
alerts are in our contracting. The Department is required, 
through legislation, to report to Congress on its 
implementation of those recommendations. Some of the most 
critical recommendations in the contracting area, including 
basic stuff like setting up an inventory for contracts and 
grants, holding contractors and--excuse me--contracting 
officers, contracting officers' representatives accountable, 
things like that. So, that is the most helpful way that we can 
ensure that the Department follows up on our recommendations. 
But the bottom line is a mixed bag, and we try to identify the 
most significant recommendations and bring them to the 
attention of the Department.
    Senator Perdue. Well, going down the contractor issue that 
you raised, Ms. Calvaresi Barr, you note in your testimony that 
contract design flaws led to complications in Haiti in the 
implementation of an $88 million grant. But, there was about 
$12 million in question; --I think it was in an anti-malarial 
program, if I am not mistaken. Can you speak to that and then 
speak to what you have done to prioritize controls around that 
to avoid those in the future?
    Ms. Calvaresi Barr.  Yes. Design is absolutely crucial to 
get it right. That is the foundation for any sort of 
development assistance going right. And I think what we are 
finding is, within USAID, when they develop their country 
development strategy, specific projects follow from that. A 
number of things have to be looked at. You have to put the best 
practices in place with regard to delivering the aid, whatever 
that aid is that you are delivering there. Your goals have to 
be reasonable, and they have to be reasonable based on the 
environment in which you are working. So, USAID's emphasis is a 
lot on local solutions to provide sustainability, going 
forward. Let us invest in those local entities to make sure 
that the aid sticks. So, we talk ourselves out of business. We 
go in, and they can keep things working. But, you just cannot 
throw money at it and hope that it works. You have to assess 
capacity. You have to say, ``Do these entities that the money 
is going to even know what internal controls are?'' If they do 
not know what they are, does the money need to go more towards 
technical assistance to get them amped up to be able to receive 
this kind of money?
    So, in the examples that we provided, time and time again, 
with that being one, we had a less than rigorous look at the 
best practices, an assessment of the capacity, a reporting back 
of what we are getting.
    One thing that I will say that OFDA has recently done--and 
we have seen this in Afghanistan, which I think is another best 
practice--is, rather than throwing all of the money out, 
especially if you have weak monitoring and reporting coming 
back or data that is less than reliable, which we found across 
the board on our monitoring work, how about incremental 
funding? So, it makes the AORs, the CORs, those monitoring, 
say, ``Okay, here is the first tranche. What did we accomplish? 
Hey, if we are not getting where we need to be, what is it? Did 
we pick the wrong vehicle? Was the cost-share arrangements that 
we hoped we would get back from the government or the other 
entities, are they not standing up to their commitment?'' And 
then, recalibrate and change to get it right. But, we see, too 
often, the design on those principles that I mentioned as 
flawed in the beginning, and that is just going to have 
ramifications, going forward. That was just one example of 
many.
    Senator Perdue. Thank you.
    My last question really has to do with the reforms that you 
guys have both brought to your respective responsibilities. Can 
you just bring us up quickly on what reforms in the past year 
you have been able to implement? And then, the parting question 
here is, Are there other reforms that we need to be a partner 
with here legislatively or the things that--to help improve 
your oversight capability--the things that we need to do in 
changing the law to help you? I would like a brief answer here, 
but if you would like to submit an answer in writing to that, 
we would welcome that for the record, as well.
    Mr. Linick?
    Mr. Linick. Okay. So, Senator, to answer your first 
questions, in terms of reforms, I would divide it up into two 
baskets of reforms. One is internally, and externally. 
Internally, our people are our most important asset. We want to 
make sure that they have the proper work environment, they have 
the systems, and so forth. We have worked hard, and this is 
something that is continuing to improve--management systems, 
the quality assurance of our work, internal controls, workflow, 
and so forth, making sure the people have adequate space, that 
the culture in the office is right. And these are things that 
we have been working on consistently for the last few years.
    Externally, we are trying to be more effective at what we 
do. We are trying to aim at the highest risks to the 
Department, trying to be more efficient and effective. A few 
things we have done: our inspections division now operates on a 
risk-based system, so we are trying to be very smart about how 
we inspect, where we inspect. We look at a number of factors: 
how much money a post has, the complexity, the size, and so 
forth. And we might have different kinds of inspections, 
depending on the risk factor. We might send bigger teams to 
higher-risk places, smaller teams to lower-risk places. We may 
look at one function, like security, or we may look at all of 
the functions. We may look at just morale and leadership. So, 
those are the kinds of things.
    In addition, we created the Evaluation Special Projects 
Unit to be a rapid-response unit to handle whistleblower 
claims, administrative misconduct, and other special 
assignments, our management alerts and management assistance 
reports to get information to the highest levels of the 
Department quickly about urgent issues or systemic issues, and 
data analytics is something we are really trying to use in an 
integrated way throughout OIG.
    Senator Perdue. Ms. Calvaresi Barr?
    Ms. Calvaresi Barr.  I remember, Senator Perdue, you asked 
me, during my confirmation hearing, what was I going to do to 
get my arms around the organization and move it forward? So, 
let me come back to that. I mentioned three things: work, 
process, and people. And it is something I have lived by in 
every leadership position that I have been through.
    On the work front, we have done tremendous, tremendous work 
in the past, but what we have done is, we have targeted 
individual programs across all the countries that we are in--
and we had that structure that had 11 offices, and I can tell 
you, it was like having 11 different IG offices--transformed 
that into four regional hubs. Our work now is going to be more 
crosscutting. In addition to my oversight responsibility for 
USAID, I have those additional other entities that I oversee. 
So, work that we can do that is crosscutting, work that we can 
do that follows, as Mr. Linick said, high-priority areas of the 
Hill, high-priorities areas within the entities that we are 
overseeing, high priorities from work that we have identified. 
We have got to hit those things where there are big programs.
    For example, if we do an audit of Power Africa, Power 
Africa is getting at USAID's investment, it is getting at 
MCC's, it is getting at OPIC's, it is getting at ADF. We have 
to do that. The recommendations in our reports, then, that I 
can bring forward talk about systemic issues and lends itself 
to the kind of oversight hearings you could have with those 
officials about what their responsibility is to get this right. 
So, work clearly, you know, is number one.
    Processes, just very quickly, we needed to bring ourselves 
up to date with the best practices for how we do things within 
audit, things within investigations--new prioritizations, new 
audit planning guides, new templates and guidance--so that we 
are providing streamlined efforts so that our reports to you 
are as timely as they can be. Because if they are not timely, 
they are not relevant, and you cannot use them. So, I would 
highlight that.
    I have established an Office of Quality Assurance and 
Review that did not exist before. I am hiring a business 
process engineer to totally rebaseline our processes and bring 
some best practices into it. Communications officer, training 
director--none of that was in our office before, and that 
speaks to the people part of it. We have tremendous people at 
this agency, that have been with my office for a very, very 
long time.
    As I said, I have a pretty high standard on expectations, 
and I would like to think I hold myself to those, as well. And 
I set those standards. And I had the opportunity to bring in a 
fairly new bench of senior executive leaders along with all the 
existing leaders that have really proven already that they have 
the chops to get this done the way I want it done, with 
leadership, engagement, coaching, and inclusivity. And we are 
investing in our folks to do that.
    Finally, on the notion of what else we can do, going 
forward, thank you very much for the question on the pay issue. 
That is first and foremost--LEAP is one. A separate issue for 
me has to do with our authority with regard to OPIC, oversight 
of OPIC. The Foreign Assistance Act only gave limited 
authority, does not allow us to do financial statements. In 
short, the appropriations bill says, ``USAID, OIG, coordinate 
with OPIC's president, board, and come up with a MOU on the 
work that you are going to do.'' So, when I think about an IG's 
role--and I have been in this business for 32 years now--the 
fact that I have to negotiate what my oversight is going to be, 
and then I have to get it locked and loaded, and, if there is 
another issue that comes up that I want to look at, oops, it 
was not in the plan that was agreed to, the MOU--it is not 
working for me, it has not worked for the agency for a long 
time, so I think that that one is most important to me, as 
well.
    Senator Perdue. I am concerned about that, as well. I see 
that in your report. And, in my business career, that is the 
one that always jumped off the page at me, as well.
    Ms. Calvaresi Barr.  Okay.
    Senator Perdue. I am very sensitive to that.
    Thank you both for your testimony, and thank you for your 
tireless effort. I know providing oversight and accountability 
sometimes can be a thankless job, but I want to tell you, it is 
very much appreciated by this subcommittee and the committee at 
large. I want you to know your work is really making a 
difference. And informing us here in the Senate is so important 
that we get an objective look at these departments. I mean, 
these are tremendous departments. We are spending $54 billion, 
all in, between State and USAID today, and it is up from 20 
billion under the Clinton administration. So, under the last 
two Presidents, this thing has really kind of exploded to be a 
major investment around the world, and yet we see the needs 
around the world, both from our own internal security of State 
Department, but also the help that aid is giving around the 
world today is tremendous, relative to what we are trying to 
accomplish from a foreign policy standpoint. So, that is why 
these hearings are so important, to get this information on the 
record and to see the ball move down the field accordingly.
    It is through our diplomatic and foreign assistance 
agencies that we have been able to bring hope and opportunity 
to those most in need while also furthering peace and U.S. 
interests around the world. We cannot forget that oftentimes 
the meal a Syrian child receives, or the HIV/AIDS medication a 
mother in Africa receives, may be the first and only thing they 
learn about America. And so, we must ensure that the aid we 
provide is helpful, safe, and accountable, and that our people 
delivering that are safe.
    Most importantly, we cannot continue to help others if we 
do not maintain the trust of those who make this aid possible--
the American taxpayer--which is why these hearings are so 
insightful and important to maintain trust in that 
accountability.
    We will close now, but the record will remain open until 
Friday, close of business, for those wishing to submit 
additional questions. We may have a question or two, as we just 
mentioned. And also, I want to take the privilege here, sitting 
in the Chair. I want to thank and make a quick--just take a 
quick moment to thank Major Jim Purekal, of the United States 
Marine Corps, who is here with us today. He happens to be my 
congressional military fellow for the past year. Major Purekal 
has been invaluable in advising me personally, and our team, 
about the inner workings of military and national security. He 
moves now to the Senate legislative liaison. But, the thing I 
want to call out about his career, he was a helicopter pilot 
for Air Force 1, and so he brings a distinguished career to the 
Senate, and we look forward to working with him over the next 
year.
    So, Major, thank you very much. [Applause.]
    Senator Perdue. Thank you.
    Thank you again for your work and your testimony.
    This meeting stands adjourned.
    [Whereupon, at 11:30 a.m., the hearing was adjourned.]

                              ----------                              


              Additional Material Submitted for the Record


                 Prepared Statement of Steve A. Linick

    Chairman Perdue, Ranking Member Kaine, and members of the 
subcommittee, thank you for inviting me to testify today regarding the 
work of the Office of Inspector General (OIG) for the Department of 
State (Department) and the Broadcasting Board of Governors (BBG). I 
will highlight some of our recent oversight work, our continuing 
initiatives, and the challenges we face in performing efficient and 
effective oversight. I will also address the results and impact of our 
work. At the outset, I would also like to thank this Subcommittee for 
its interest in and support of OIG's work. In particular, I would like 
to take this opportunity to thank Members of this Subcommittee for 
sponsoring legislation intended to expand our hiring authority and our 
ability to obtain information regarding misconduct by senior Department 
personnel. This legislation is critical to our operation.
              i. state oig's mission and oversight efforts
    It is my honor to have led the State OIG for the last three years, 
and I am pleased to have this chance to update you on the work we have 
performed since I last testified before this Subcommittee in April 
2015.
    As I explained at that time, OIG's mandate is extensive and 
requires us to oversee both Department and BBG programs and operations, 
which include more than 70,000 employees and over 270 overseas missions 
and domestic entities. These agencies are funded through combined 
annual appropriations, fees, and other income of approximately $43 
billion. Moreover, one important difference between State OIG and most 
other OIGs is that we are statutorily required to periodically inspect 
and audit every domestic and overseas operating unit around the world.
    In recent reports, we have identified some of the top challenges 
that the Department faces. Today, I will focus particularly on the 
protection of people and facilities, the security of sensitive 
information around the world, and the management of contracts and 
grants. These three issues represent a significant part of the work 
that we have done over the past eighteen months.
Protecting people and facilities
    As testified previously, one of OIG's top priorities is protecting 
those who work for the Department around the world. OIG has always 
inspected physical security at overseas posts, but, since the September 
2012 attacks on U.S. diplomatic facilities and personnel in Benghazi, 
Libya, we are now expending additional resources on this critical 
issue. In 2015 alone, personnel and property experienced attacks in 
Bangladesh, Burundi, Canada, Central African Republic, Iraq, Mali, the 
Philippines, South Korea, Timor-Leste, Turkey, and Yemen.\1\ These 
incidents included grenade attacks at embassy residences, car bombs 
detonated in front of consulate facilities, and the non-fatal stabbing 
of the U.S. Ambassador to South Korea at an official event.
---------------------------------------------------------------------------
    \1\ Department of State, Bureau of Diplomatic Security Year in 
Review 2015 (June 2016).
---------------------------------------------------------------------------
    Although the Department has continued to make improvements in 
overseas safety and security over the past 18 months, challenges 
remain. Through our inspection and audit work, OIG continues to find 
deficiencies that put our people at risk. Given the sensitive nature of 
OIG's work in this area, many of the reports related to safety and 
security are classified, and my testimony today will be based solely on 
information that is publicly available.
    Health and safety concerns were a recurring theme in OIG's FY 2016 
reports. Our work in these areas covered a wide range of risks. For 
example, OIG found deficiencies in seismic risk mitigation in embassy 
residences \2\ and a lack of occupational safety and health approvals 
to ensure that hazards are addressed before overseas housing is 
occupied.\3\ OIG also identified life, health, and safety risks to 
building occupants due to hazardous spikes in electrical current in 
both the office and apartment complexes at Embassy Kabul.\4\ In another 
report, OIG identified inconsistencies in motor vehicle policies that 
resulted in a lack of proper training for personnel serving in 
countries with an elevated risk of car accidents and fatalities.\5\ The 
Bureau of Overseas Buildings Operations (OBO) statistics show that of 
the 773 armored vehicle mishaps that have occurred at overseas posts 
within the last 5 years, 469 (about 60 percent) were deemed 
preventable. Although the Department has acknowledged that driver 
behavior contributes to vehicle fatalities and that solutions must 
center on training, OIG recommended that the Department take additional 
action to address the issue by establishing a mandatory training 
requirement on armored vehicle safe-driving techniques for all overseas 
professional chauffeurs and incidental drivers who operate such 
vehicles.\6\
---------------------------------------------------------------------------
    \2\ OIG, Inspection of Embassy Tashkent (ISP-I-16-12A, March 2016); 
OIG, Inspection of Embassy Ashgabat (ISP-I-16-13A, March 2016).
    \3\ OIG, Inspection of Embassy Kinshasa (ISP-I-16-19A, June 2016).
    \4\ OIG, Management Alert: Hazardous Electrical Current in Office 
and Residential Buildings Presents Life, Health, and Safety Risks at 
U.S. Embassy Kabul, Afghanistan (MA-16-01, April 2016).
    \5\ OIG, Inspection of Embassy Ashgabat (ISP-I-16-13A, March 2016).
    \6\ OIG, Management Assistance Report: Armored Vehicle Training 
(ISP-16-17, July 2016).
---------------------------------------------------------------------------
    Another area of focus has been emergency action plans. These plans 
and associated processes are important because planning and preparation 
can make the difference between life and death in a crisis situation. 
During FY 2016, OIG identified several issues with the Department's 
emergency action planning and preparedness. For example, in a report 
published in February 2016, OIG found that chiefs of mission were 
unaware of the U.S. military assets available during emergency 
situations.\7\ Without this information, embassies and consulates 
cannot properly plan for emergencies and may be hindered in their 
responses to actual crises. OIG also found that consular sections in 
several posts that it inspected in 2016 were unfamiliar with their 
roles and responsibilities leading up to and during a crisis.\8\ OIG 
also found that emergency action plans were out of date, lacked key 
information, included erroneous points of contact, or were improperly 
certified by leadership.\9\ Without adequate staff training and a 
properly documented and tested emergency action plan, embassies and 
consulates cannot effectively mitigate the risks that a disaster or 
unforeseen incident poses to its operations.
---------------------------------------------------------------------------
    \7\ OIG, Inspection of Bureau of Diplomatic Security, Directorate 
of International Programs (ISP-I-16-07, February 2016).
    \8\ OIG, Inspection of Embassy Kinshasa (ISP-I-16-19A, June 2016); 
OIG, Inspection of Embassy Cairo (ISP-I-16-15A, April 2016).
    \9\ OIG, Inspection of Embassy Cairo (ISP-I-16-15A, April 2016); 
OIG, Inspection of Embassy Kinshasa (ISP-I-16-19A, June 2016); OIG, 
Inspection of Bureau of Energy Resources (ISP-I-16-06, February 2016).
---------------------------------------------------------------------------
    Finally, maintaining sufficient physical security at overseas 
facilities is an important aspect of protecting U.S. Government 
employees. Physical security relates to physical measures--such as 
locked doors, perimeter fences, and other barriers--to protect against 
unauthorized access (including attackers or intruders) and to safeguard 
personnel working in those facilities.\10\ In recent years, the 
Department has developed new tools to identify and track physical 
security deficiencies overseas; however, the Department needs to take 
additional action. For example, OIG concluded in a December 2015 report 
that, until the Department fully implements OIG's recommendations 
intended to improve the process to request and prioritize physical 
security needs, it will be unable to identify and address all physical 
security-related deficiencies. Further, without taking such steps, the 
Department will be unable to make informed funding decisions based on a 
comprehensive list of physical security needs.\11\
---------------------------------------------------------------------------
    \10\ OIG, Compliance Follow-up Audit of the Process to Request and 
Prioritize Physical Security-Related Activities at Overseas Posts (AUD-
ACF-16-20, December 2015).
    \11\ Ibid.
---------------------------------------------------------------------------
    Conducting oversight to protect people and facilities is one of our 
most important functions. Consequently, we will continue to coordinate 
with the Department to bring security deficiencies and areas for 
improvement to its attention and offer recommendations to address these 
critical vulnerabilities. By conducting both our statutorily mandated 
inspections and targeted audits and evaluations, OIG helps safeguard 
the lives of people who work in or visit our posts abroad.
Information security and management
    The Department depends on information systems and electronic data 
to carry out essential functions that are critical to its mission. The 
Department is entrusted with sensitive information, both classified and 
unclassified. The security of these systems is vital to protecting 
national and economic security, public safety, and the flow of 
commerce.\12\ According to the Office of Management and Budget, the 
Department has spent several billion dollars in the past 5 years on 
software tools, IT equipment, and professional expertise. However, 
given the complexity and sensitivity of the Department's IT apparatus 
and the security breaches it has experienced, IT security and 
management continues to be a significant management challenge.
---------------------------------------------------------------------------
    \12\ OIG, Audit of the Department of State Information Security 
Program (AUD-IT-16-16, November 2015).
---------------------------------------------------------------------------
    In FY 2016, OIG reported significant weaknesses in the Department's 
cybersecurity incident response and reporting program.\13\ The 
Department's efforts to respond to incidents (including denial-of-
service, malicious code, and unauthorized access) showed that it had 
not complied with its own information security policies in more than 55 
percent of the incidents that OIG reviewed.
---------------------------------------------------------------------------
    \13\ OIG, Management Assistance Report: Department of State 
Incident Response and Reporting Program (AUD-IT-16-26, February 2016).
---------------------------------------------------------------------------
    OIG also found network user account management to be another 
cybersecurity vulnerability. In its management assistance report on the 
Department's Active Directory (AD), OIG determined that 74 percent of 
more than 2,500 inactive accounts were inactive for more than 1 year, 
and the remaining accounts were inactive for greater than 90 days.\14\ 
This is a critical issue because, if an unneeded account remains 
active, an intruder could gain access to sensitive information that 
could compromise the integrity of the Department's network and cause 
widespread damage across its IT infrastructure. This problem exists, in 
part, because the Department does not have a centralized process for AD 
account management. This issue is exacerbated by the fact that, as we 
also reported, the Department's Chief Information Officer, the head of 
the Bureau of Information Resource Management (IRM), is not properly 
positioned within the organization to ensure that the Department's 
information security program is effective.
---------------------------------------------------------------------------
    \14\ OIG, Management Assistance Report: Inactive Accounts within 
the Department of State's Active Directory (AUD-IT-16-37, June 2016).
---------------------------------------------------------------------------
    As in prior years, OIG's annual assessment of the Department's 
Information Security Program identified numerous control weaknesses 
that significantly affected program effectiveness and increased the 
Department's vulnerability to cyberattacks and threats.\15\ OIG has 
reported that the Department lacks effective risk management for all 
phases of the system development lifecycle.\16\ These problems persist. 
For example, in the October 2015 inspection of IRM's Vendor Management 
Office (VMO), OIG found that VMO did not consistently implement the 
system that provides the framework for integrating IT project 
schedules. This inconsistency led to inadequate bureau coordination, 
incomplete project data, and limited visibility on projects, 
activities, and risk.
---------------------------------------------------------------------------
    \15\ OIG, Audit of the Department of State Information Security 
Program (AUD-IT-16-16, November 2015).
    \16\ OIG, Inspection of the Bureau of Information Resource 
Management, Operations, Vendor Management Office (ISP- I-16-03, October 
2015).
---------------------------------------------------------------------------
    Finally, on a related point, the last time I testified before this 
Subcommittee, I described OIG's vulnerable IT network as a major 
challenge. Vulnerabilities in the Department's unclassified network 
directly affected OIG's IT infrastructure, which was part of the same 
network. I testified that the fact that the contents of our 
unclassified network could be easily accessed and potentially 
compromised placed our independence at unnecessary risk and did not 
reflect best practices within the IG community. I am pleased to report 
that OIG recently established its own independent IT network to 
mitigate these risks.
Oversight of contracts and grants
    OIG has focused on oversight of contracts and grants, an area where 
the Department spends substantial resources. The Department's 
obligations in FY 2016 included approximately $15.4 billion for 
contracted services and $18.4 billion in grants and fixed charges.\17\ 
As it did the last time I testified, the Department faces continuing 
challenges managing its contracts, grants, and cooperative agreements, 
particularly as these vehicles become increasingly complex. The 
Department needs to ensure that contractors and grantees are properly 
selected, work is properly conducted and monitored, objectives of the 
grant or contract are achieved, and costs are effectively contained. As 
with ensuring the safety of its personnel, management of grants and 
contracts is especially challenging in conflict areas, which present 
unique obstacles to effective oversight.
---------------------------------------------------------------------------
    \17\ USASpending, , accessed on November 21, 
2016.
---------------------------------------------------------------------------
    Although the Department has addressed some problems, weaknesses 
continue to occur in other areas. In FY 2016, OIG issued several 
management assistance reports addressing the Department's oversight of 
contracts and grants, and OIG's Office of Investigations opened more 
than 30 cases related to contract and procurement fraud.
    During FY 2016, OIG identified issues with effective management of 
high-value, critical contracts. In several reviews, inspectors and 
auditors noted that routine contract management tasks, such as 
validating performance metrics to assess contractor performance, 
maintaining complete and accurate procurement files, conducting proper 
invoice review, and modifying contracts, failed to comply with 
Department guidance and Federal regulations.
    Audits of contracts in Iraq revealed millions of dollars in 
questioned and unsupported costs and unallowable fees. For example, an 
audit of task orders awarded under the Operations and Maintenance 
Support Services contract found that Department officials did not 
prepare comprehensive planning documents, formally assign oversight 
personnel, or ensure that oversight personnel adequately documented the 
contractor's performance. As a result, the Department had no basis to 
hold the contractor accountable for identified weak performance. In 
addition, the Department did not comply with statutory and Department 
requirements for timely agreement on contract terms, specifications, 
and the price of the task orders, resulting in the contractor being 
paid more than $500,000 in unallowable fees.\18\
---------------------------------------------------------------------------
    \18\ OIG, Audit of Task Orders for the Union III Compound Awarded 
Under the Operations and Maintenance Support Services (AUD-MERO-16-41, 
July 2016).
---------------------------------------------------------------------------
    With regard to grants, OIG audits and inspections identified the 
need for improved management and monitoring of grantees. For example, 
in an audit of the Bureau of Political-Military Affairs (PM) 
grantees,\19\ OIG reported that $2.8 million of $15.8 million in grant 
expenditures were unsupported or unallowable, as defined by Federal 
policies. OIG reported that these questioned costs occurred, in part, 
because PM's grant monitoring process was not designed to prevent or 
detect unallowable and unsupported costs. In particular, PM did not 
independently verify that all award recipients had sufficient financial 
management controls in place to prevent unsupported and unallowable 
costs.
---------------------------------------------------------------------------
    \19\ OIG, Audit of the Bureau of Political-Military Affairs Federal 
Assistance Awards (AUD-SI-16-49, September 2016).
---------------------------------------------------------------------------
    Finally, OIG's inspection of the Bureau of Democracy, Human Rights, 
and Labor (DRL) programs in Iraq noted the challenges the Department 
faces in managing grants in conflict areas. All 12 grants that were 
active between October and November 2015 (with a total award value of 
more than $42 million) had the necessary monitoring plans, performance 
indicators, and risk assessment or contingency plans.\20\ However, 
given security restrictions, neither DRL employees nor Embassy Baghdad 
employees had conducted site visits to Iraq grant recipients since 
2013. Instead, DRL relied on local contractors to visit grant recipient 
sites.
---------------------------------------------------------------------------
    \20\ OIG, Evaluation of Bureau of Democracy, Human Rights, and 
Labor Iraq Programs in Support of Line of Effort 1 of the President's 
Counter-ISIL Strategy (ISP-16-09, March 2016).
---------------------------------------------------------------------------
                       ii. continuing initiatives
    Nineteen months ago, I described several new initiatives. These 
initiatives are no longer ``new''; rather, they are an integral part of 
our day-to-day work processes.
    First, I earlier testified that OIG had begun making use of 
management assistance reports and management alerts to bring specific 
issues to the attention of Department and BBG management quickly and 
without waiting for the conclusion of longer-term audits or 
inspections. Since I last spoke with you, OIG has issued four 
management alerts,\21\ which I personally sign, and twenty-five 
management assistance reports.\22\ These reports are an important part 
of our oversight efforts.
---------------------------------------------------------------------------
    \21\ OIG, Management Alert: Hazardous Electrical Current in Office 
and Residential Buildings Presents Life, Health, and Safety Risks at 
U.S. Embassy Kabul, Afghanistan (MA-16-01, April 2016); OIG, Management 
Alert: Evacuation of Embassy Tripoli (MA-15-02, July 2015); OIG, 
Management Alert: Broadcasting Board of Governors Significant 
Management Weaknesses (MA-15-01, May 2015); OIG, Management Alert: 
Information Security in the Worldwide Refugee Admissions Processing 
System (MA-17-03, December 2016).
    \22\ See, e.g., OIG, Management Assistance Report: Mandatory 
Disclosure Language in Department of State Grants and Assistance 
Agreements (INV-15-02, December 2015); OIG, Management Assistance 
Report: Contract Management--Lessons Learned From Embassy Kabul, 
Afghanistan, Operations and Maintenance Contract (AUD-MERO-17-04, 
October 2016).
---------------------------------------------------------------------------
    Next, in April 2015, I discussed the role of the Office of 
Evaluations and Special Projects (ESP), which was established in 2014. 
I am pleased to report that ESP has issued nine reports and two 
management alerts and continues to focus on systemic issues. In 
addition, this office has continued to expand our efforts to meet the 
requirements of the Whistleblower Protection Enhancement Act of 2012 
and related statutes. In particular, the office's whistleblower 
ombudsman has expanded our outreach and provided extensive information 
to Department and BBG employees, grantees, and contractors. ESP also is 
responsible for conducting investigations of allegations of 
administrative misconduct, as well as retaliation, under the pilot 
program for contractor and grantee employee whistleblowers and has 
issued eight reports under this program.
    Finally, our work in connection with overseas contingency 
operations is now an established, well-integrated part of OIG's overall 
work. I am the Associate Inspector General for the overseas contingency 
operations in Afghanistan (Operation Freedom Sentinel) and Iraq 
(Operation Inherent Resolve), and our staff is working closely with the 
Department of Defense and USAID OIGs to oversee those operations. Since 
I last spoke before this Subcommittee, I have appointed an assistant 
inspector general who is responsible for overseeing the work of our OCO 
staff.
    Besides working with the other agencies with oversight 
responsibility, this staff coordinates closely with OIG's offices of 
audit and inspections to make the most effective and efficient use of 
resources. To date, our major oversight efforts have focused on 
auditing and evaluating bureaus and embassies that engage or support 
counter-ISIL activities. We have also emphasized contract and grant 
monitoring in contingency and high-threat environments. In addition, we 
issued a ``Lessons Learned'' guide for program managers at the 
Department of State operating in critical and high-threat environments. 
During FY 2016, OIG issued 31 oversight products related to OCOs, and 
we currently have more than 30 ongoing projects.
                            iii. challenges
    Unlike other OIGs, my office is not always afforded the opportunity 
to investigate allegations of criminal or serious administrative 
misconduct by Department employees. Department components, including 
the Bureau of Diplomatic Security (DS), are not required to notify OIG 
of such allegations that come to their attention. For example, current 
Department rules provide that certain allegations against chiefs of 
mission shall be referred for investigation to OIG or DS. That guidance 
further states that ``[in] exceptional circumstances, the Under 
Secretary for Management may designate an individual or individuals to 
conduct the investigation.'' \23\ Thus, DS or the Under Secretary may 
initiate an investigation without notifying us or providing us with the 
opportunity to evaluate the matter independently and become involved, 
if appropriate.
---------------------------------------------------------------------------
    \23\ Foreign Affairs Manual 4322.2.
---------------------------------------------------------------------------
    Accordingly, OIG cannot undertake effective, independent 
assessments and investigations of these matters as envisioned by the IG 
Act.
    We have been negotiating with the Department for at least two years 
to address these limitations on our ability to conduct oversight, but 
the problem persists. Although the Department has begun providing OIG 
with some information, the process for doing so has not been 
formalized, and the information is provided to us selectively. That 
being said, I want to acknowledge and thank both Chairman Perdue and 
Ranking Member Kaine for sponsoring legislation that would address this 
limitation.\24\ Unfortunately, the need for a legislative fix remains. 
I welcome your continued support as this Congress ends and the new 
Congress begins next year.
---------------------------------------------------------------------------
    \24\ Improving Department of State Oversight Act of 2015, S.1527, 
114th Congress (2015).
---------------------------------------------------------------------------
                               iv. impact
    OIG embraces our mission to protect people and information, 
although these efforts rarely result in a monetary return on 
investment. At the same time, through our audits, evaluations, 
inspections, and investigations, OIG returns real value to U.S. 
taxpayers. Since my arrival three years ago, we have issued 317 
reports, which included audits of annual financial statements, 
procurement activities, and funds management. During this same period, 
we identified more than $300 million in taxpayer funds that could be 
put to better use and questioned costs.
    Additionally, our criminal, civil, and administrative 
investigations resulted in the imposition or identification of more 
than $82 million in fines, restitution, recoveries, and other monetary 
results.
    OIG also provides important non-financial benefits. By helping the 
Department improve its security, OIG's work helps safeguard the lives 
of people who work in or visit our posts abroad. Success in this area 
is not reflected in our financial statistics, but our security work is 
a source of immense pride because its employees are, of course, the 
Department's most valuable assets.
    Our oversight provides other non-monetary benefits as well. These 
include our health and safety work, our investigations that help ensure 
that Department employees conduct themselves appropriately, and our 
work to strengthen the integrity of the programs, operations, and 
resources that are at the foundation of the Department's ability to 
help preserve our national security. Indeed, the work of our talented 
staff in reviewing security and leadership at our overseas and domestic 
posts has significant and positive effects on the lives and well-being 
of employees throughout the Department. That is what motivates our 
employees, many of whom are on the road or serve overseas for extended 
periods, sometimes at high-threat posts.
    In conclusion, I want to thank Chairman Perdue, Ranking Member 
Kaine, and the other members of the subcommittee here today for the 
opportunity to testify. I also want to emphasize that OIG's 
accomplishments are a credit to the talented and committed staff that I 
have had the privilege to lead, and I also want to take this moment to 
thank them for their hard work. I take my statutory requirement to keep 
the Congress fully and currently informed seriously, and I appreciate 
your interest in our work and for providing me the opportunity to 
articulate the challenges faced by my office. I look forward to your 
questions.

                               __________


       Responses to Additional Questions for the Record Submitted
                  to Steve A. Linick by Senator Perdue


    Question.  Thank you again for your recent report on major 
management and performance challenges for the State Department, and for 
briefly outlining a few of the highlights in your testimony. Though we 
discussed a few of these challenges and recommendations during the 
hearing, please outline your top three issues in more detail.

    Answer. The three most significant issues are protection of 
personnel and property overseas, information security, and management 
of grants and contracts.
    With respect to protection of personnel and property, we have 
focused particularly on physical security deficiencies and health and 
safety matters. We have found that systemic issues in the Department of 
State (Department) contribute to these concerns. In particular, we have 
emphasized the Department's inability to track physical security 
deficiencies and a lack of coordination between the Bureau of Overseas 
Buildings Operations and the Bureau of Diplomatic Security.
    With respect to information security, although the Department has 
spent billions of dollars in this area, we have found a number of 
recurring weaknesses. For example, the Department has not consistently 
disabled inactive email accounts; it also has unreliable inventories of 
systems that include personally identifiable information, ineffective 
incident reporting, and duplicative IT investments. As a general 
matter, these issues are associated with the lack of a holistic 
management approach and the failure to adopt a risk management strategy 
to identify, assess, respond to, and monitor risks. More specifically, 
these particular technology issues are associated with the Department's 
failure to position its Chief Information Officer to effectively 
oversee implementation of information security programs.
    Finally, with respect to management of contracts and grants, we 
have also found persistent problems. In our reviews of contracting 
issues, we have found incomplete files, a lack of invoice review, 
acceptance of goods and services that do not meet standards, and 
ineffective planning.
    As to grants, we particularly see insufficient performance 
monitoring and insufficient focus on sustainability. Like the other 
challenges, these problems are connected to a lack of emphasis on 
program management and accountability. These particular problems are 
also caused by inadequate staffing and training, especially with 
respect to oversight of complex, high-value contracts and grants.
    We note that all three of these problems are amplified in overseas 
contingency operations (OCO) and other conflict environments because of 
the Department's heavy reliance on high-cost, contracted support; the 
constant turnover of personnel in those locations; and unique oversight 
difficulties caused by heightened safety and security concerns.


    Question.  Outside of your reports, what hindrances do you see to 
better management and operations?

    Answer. As a general matter, the Department needs to place more 
emphasis on overall program management. In addition, the Department 
needs to improve mechanisms for accountability. For example, as 
described in my written testimony and in response to the previous 
question, the Department's Chief Information Officer is not properly 
positioned to ensure that the Department's information security program 
is effective.


    Question.  Are there inherent cultural challenges that lead to 
these management issues?

    Answer. The Department's overall organization and assignment 
processes are not structured to promote effective project management. 
For example, many Foreign Service personnel are assigned management of 
contracts and grants as a collateral duty and do not receive training 
necessary for effective performance of their duties. In addition, most 
Foreign Service employees rotate in and out of posts frequently, and 
some assignments are as short as one year. As a result, many large 
grants and contracts have multiple employees overseeing them, which 
leads to a lack of both continuity and accountability.


    Question.  You have been in your post for about 3 years now. Could 
you discuss in further detail how you have reformed your office since 
being confirmed?

    Answer. Internally, I have ensured that the office is focused on 
our people-making sure that our personnel have a proper work 
environment and appropriate systems to work effectively. For example, 
as I testified, as of August 2016, OIG migrated to an independent IT 
system that is separate from the Department's network. I have also 
worked to improve our management systems, especially with respect to 
supporting technology; quality assurance processes; and office culture. 
In addition, I implemented leadership training beyond that required by 
the Department, and we have provided ``360'' feedback for supervisors.
    Externally, we are working to identify and address the highest 
risks to the Department, while, at the same time, maintaining our own 
independence and effectiveness. For example, we use management 
assistance reports and management alerts to bring specific issues to 
the Department's attention quickly, without waiting for the conclusion 
of longer-term audits or inspections. We have also shifted to a risk-
based system for our inspections to ensure that we target our limited 
resources for the greatest effect. Similarly, we have adopted a 
strategic planning initiative to help us prioritize our work so that we 
use our resources efficiently. Finally, we created the Office of 
Evaluations and Special Projects in 2014 to address congressional 
requests, special assignments, whistleblower claims, and administrative 
misconduct.
    In efforts closely tied to these external reforms, I have ensured 
that our OCO oversight work is fully integrated into OIG's overall 
mission. In particular, in collaboration with the inspectors general of 
the Department of Defense and the U.S. Agency for International 
Development, I have added personnel to fulfill our obligations under 
the Lead Inspector General for Overseas Contingency Operations (LIG-
OCO) oversight structure required by 2013 amendments to the Inspector 
General Act. Through these coordinated efforts, we provide LIG-OCO 
oversight of Operation Inherent Resolve in Iraq and Syria and Operation 
Freedom's Sentinel in Afghanistan.


    Question.  What challenges did you face in ensuring proper 
oversight of your respective agencies, and how have you worked to 
address those challenges?

    Answer. We have faced two primary challenges in ensuring proper 
oversight.
    First, my office has not been consistently afforded the opportunity 
to investigate allegations of criminal or serious administrative 
misconduct by Department employees. This occurred because Department 
components were not required to refer such allegations to OIG. This 
issue was addressed through recent legislation sponsored by Chairman 
Perdue and Ranking Member Kaine and signed by the President in December 
2016.
    Second, our own hiring authorities do not adequately address the 
unique needs of this OIG and do not allow us to use some of the 
individuals we hire most effectively.\1\ Specifically, our office is 
required to inspect every embassy and post around the world and to 
assess, among other issues, how our ambassadors and other senior 
officials advance U.S. foreign policy goals. To accomplish this unique 
mission, we rely heavily on retired Foreign Service annuitants who have 
subject matter expertise necessary to conduct such inspections. In 
practical terms, however, Foreign Service annuitants generally cannot 
work more than 1,040 hours during each service year without incurring a 
reduction in their annuities. This, in turn, limits OIG's ability to 
adequately staff its inspections, train its Foreign Service annuitants, 
and maintain continuity of operations.
---------------------------------------------------------------------------
    \1\ Until recently, we were also limited in our ability to hire 
employees from the Special Inspector General for Iraq Reconstruction 
(SIGIR), even though these individuals have unique expertise conducting 
oversight in conflict zones, which is the subject of much of our work. 
The Department of State Authorities Act, Fiscal Year 2017 addressed 
this issue by granting competitive hiring status to certain SIGIR 
employees. This language has already been beneficial.


    Question.  How can we help you improve your oversight? Are there 
any reforms you are seeking that need a change in law to achieve? 
Please include any that we may have discussed during the hearing as 
well as any we did not have a chance to discuss.
    Congress can amend the Foreign Service Act so that OIG itself has 
the authority to waive a reduction in a retired Foreign Service 
officer's annuity if OIG hires such an annuitant on a full-time basis. 
(Currently, OIG must request such a waiver from the Secretary, who must 
make certain determinations specified in the Act.) This would address 
the limitations described in the response to question 2(a) above.\2\
---------------------------------------------------------------------------
    \2\ In addition, because OIG lacks the ability to enforce 
compliance with its recommendations, it is helpful when Congress 
addresses the need to implement particular recommendations through 
legislation or similar action. See, e.g., H.R. Rep. 114-154, at 12-13 
(2016) (recommending deferral of funding for the Bureau of Conflict and 
Stabilization Operations ``until such time as the OIG confirms that the 
Bureau has resolved all fundamental issues involving the Bureau's 
mission, the extent of its overlap with other bureaus, and interagency 
partners, and staff size and organization identified in both the OIG's 
March 2014 inspection report of the Bureau and the subsequent 
compliance follow-up review''); 161 Cong. Rec. H10413 (Dec. 17, 2015) 
(statement of Rep. Rogers) (directing Secretary of State to submit a 
report to the ``Committees on Appropriations describing the actions 
taken by the Department to address the findings detailed in the Office 
of Inspector General's Report ISP-1-15-35A'').


    Question.  In your testimony before this committee in one of our 
first hearings last year, you brought to light some serious issues and 
challenges the State Department Office of the Inspector General (OIG) 
faces, preventing your office from being as effective as you'd like to 
---------------------------------------------------------------------------
be.

   Can you provide a more in depth update on the issue of 
        independence of the State Department OIG and integrity of 
        investigations?

    Answer. With respect to independence, in last year's testimony, I 
described OIG's IT system as a major challenge. Previously, our network 
was connected to the Department's systems, and vulnerabilities in the 
Department's unclassified network directly affected us. In August 2016, 
we migrated to our own IT system. This improves both our independence 
and the integrity of our investigations by ensuring that Department 
personnel cannot access our documents and materials.
    With respect to integrity of investigations, as noted in response 
to question 2(a), we have not consistently been able to oversee 
misconduct cases effectively. This is because Department components 
were not required to refer allegations of misconduct by senior 
officials to OIG, an approach that was inconsistent with the practices 
of other agencies and inspectors general. However, as also noted in 
response to the previous question, legislation passed and signed by the 
President in December 2016 addresses this important issue.


    Question.  During our hearing, we discussed some serious problems 
with management weaknesses at the State Department pertaining to 
keeping of all federal records--including personal emails--to meet both 
Department policy and federal regulations.

   Could you discuss some of the recommendations you've made 
        to the State Department on this front?

    Answer. In our May 2016 report addressing email records management 
and cybersecurity requirements, we made eight recommendations. Seven of 
these recommendations are resolved but remain open. This means that the 
Department has agreed with the recommendations but has not fully 
implemented corrective action. Two notable resolved but open 
recommendations are that the Department should: (1) continue to issue 
periodic, regular notices reminding employees that use of personal 
email accounts is discouraged and that these reminders should include 
examples of the limited circumstances where such use is appropriate and 
instruct employees how to preserve records when using personal email 
accounts; and (2) develop an administrative penalty framework for 
violations of the Department's guidance on recordkeeping and use of 
authorized information systems. We also recommended that the Department 
develop a quality assurance plan to identify and address 
vulnerabilities in the records preservation process, including lack of 
oversight and broad inaccessibility of electronic records. The quality 
assurance plan was issued in December, and this recommendation has been 
closed.

   Do you think it would be wise for the next administration 
        to avoid the use of personal email accounts for official 
        business?

    Answer. As we explained in our May 2016 report, Department guidance 
that has been in place since 2014 discourages employees from using 
personal email for official business except in ``very limited 
circumstances when it becomes necessary to do so.'' The Department 
further instructs employees that, in those limited circumstances, 
messages covering official business sent from or received in a personal 
account must be forwarded to the employee's official Department email 
account so that they can be retained in accordance with the 
Department's policies. Our report recommended that the Department 
clarify and give specific examples of the types of limited 
circumstances in which such use would be permissible.


    Question.  You also recently published findings and recommendations 
on the State Department's classification policies and compliance with 
Executive Order 13526, the executive order pertaining to the handling 
of classified national security information. You found that most of the 
State Department employees have not taken the training required by EO 
13526 on how to handle classified information.

   What are your priority findings and recommendations from 
        this report?

    Answer. In addition to finding that employees had not taken 
training, we found that the Department had not implemented the sanction 
provision in the Executive Order that suspends an individual's 
classification authority until training is completed. We recommended 
that the Department develop and disseminate guidance explaining how 
bureaus should monitor and enforce the mandatory classification 
training requirements for Department employees. We also recommended 
that the Department develop guidance explaining when contractors should 
take the relevant course.

   How should the new leadership at the State Department 
        prioritize this issue?

    Answer. These recommendations are resolved but remain open, meaning 
that the Department has agreed with the recommendation but has not 
fully implemented corrective action. It will be important for new 
leadership to ensure that all Department components follow through on 
these recommendations and comply with the classification requirements 
set forth in Executive Order 13526.


    Question.  We also discussed how to best address potential 
conflicts of interest at the State Department going forward. As I 
mentioned during the hearing, I am particularly concerned by the use of 
the Special Government Employee (SGE) status, which allows these 
employees to collect salaries from public and private entities that 
operate in the same domain simultaneously. We have seen examples in the 
press over the past year of how State employees were able to work at 
organizations funded by governments receiving foreign aid from the 
United States while maintaining their role at our own State Department.

   While I know your office has not done any direct work on 
        this issue of conflict of interest and use of special 
        government employees at State to date, are there other 
        investigations currently ongoing on this issue that you are 
        aware of?

   Did you consider conducting an investigation into 
        interactions between the Clinton Foundation and State 
        Department employees?

    Answer. Our Office of Investigations handles matters involving 
Department employees with alleged conflicts of interest, but I cannot 
appropriately discuss whether we have contemplated or initiated any 
particular investigation.


    Question.  You included in your testimony that the State Department 
still has major shortcomings on implementing your recommendations 
regarding physical security requirements, emergency planning, and 
health and safety hazards. That seems like a very serious issue to me, 
and yet it appears that many of the physical security issues are repeat 
recommendations.

   How receptive has State been to your recommendations on 
        physical security and keeping those serving at posts abroad 
        safe?

    Answer. The Department has taken substantial steps to improve the 
physical security of its employees and has accepted many of our 
recommendations in this area. However, there are still weaknesses to be 
addressed, and, over the years, many of the physical security issues 
have led to repeat recommendations. To give one example, as I noted 
during my testimony, we concluded that 40 percent of the 
recommendations made by the Benghazi Accountability Review Board (ARB) 
were repeat recommendations that spanned decades and multiple 
administrations. Those recommendations had not been implemented because 
of a lack of involvement by high-level Department leadership; instead, 
many decisions were pushed down to the bureau level. To the 
Department's credit, it recently amended the Foreign Affairs Manual to 
ensure that responsibility for implementation of ARB recommendations 
resides at the Deputy Secretary level. It will be important for new 
leadership to ensure that the most senior officials in the Department 
follow through on implementation of ARB recommendations and address 
repeat recommendations.
    OIG has also found that weaknesses in the Department's efforts to 
address physical security are exacerbated by its failure to implement 
critical recommendations issued in a March 2014 OIG report. In that 
report, OIG recommended, among other things, that the Department 
complete physical security surveys and construct a security deficiency 
database, both of which are intended to improve the Department's 
processes to request resolution of physical security needs and to 
prioritize those needs. OIG concluded in a December 2015 compliance 
follow-up report that, until the Department fully implements the March 
2014 recommendations, it will be unable to identify and address all 
physical security-related deficiencies. Further, without taking such 
steps, the Department will be unable to make informed funding decisions 
based on a comprehensive, prioritized list of physical security needs.

   What barriers have been identified to implementing these 
        recommendations?

    Answer. In March 2014, we issued recommendations to improve the 
process to request funds for physical security. In response, the 
Department has developed new tools, including a new physical security 
survey instrument and a deficiencies database, to identify and track 
physical security deficiencies. However, our December 2015 compliance 
follow-up report found that the Department had not fully implemented 
these tools. For example, only 143 physical surveys (covering about 10 
percent of the Department's facilities) had been completed, and none 
had been entered into the deficiencies database that the Department 
established in April 2015. The Department reported that all surveys 
would be completed and entered into the database by the end of fiscal 
year 2016, in line with its 3-year reporting cycle. However, in 
response to the follow-up report, the Department reported that, as of 
September 30, 2016, it had completed only 50 percent of the required 
physical security surveys within that reporting cycle. OIG has 
requested that the Department provide the date it expects the remaining 
surveys to be completed and the actions it has taken and will take to 
ensure that all survey reports are completed as soon as possible. 
Without a populated database, the Department cannot take action on two 
other recommendations related to prioritizing all deficiencies and 
developing and issuing a Long-Range Physical Security Plan.


    Question.  Last year, we discussed the issue of the five-year 
inspection requirement for embassies.

   Are you seeing any improvements in your ability to inspect 
        embassies closer to their required schedule?

    Answer. The new risk-based model, tested in fiscal year 2016, is 
being fully implemented this year. In fiscal year 2017, we expect to 
shift resources to higher-risk inspections. As we work through 
implementation of this new model, we hope to conduct our inspections 
more quickly, efficiently, and effectively.
    We expect that an inspection of a low-risk post may be 4-5 days 
shorter than a medium- or high-risk post and conducted with a smaller 
team. However, we plan to inspect only one or two low-risk posts per 
cycle; the other posts will be medium- or high-risk posts or our large 
missions. The risk model will allow us to re-direct resources--both 
time and personnel--to those higher-risk posts that warrant increased 
oversight. We also plan on conducting subject-specific inspections in 
fiscal year 2017, which will focus on a single high-risk area (e.g., 
security) or program. Such inspections are not new, but we anticipate 
making them a more routine part of the inspection schedule.

   Do you have the resources you need to inspect all posts 
        overseas in addition to the rest of your very important 
        oversight mandate?

    Answer. Use of a risk-based model will help us direct more 
resources to higher-risk posts, but, even with that model, we continue 
to lack the necessary resources to meet the mandated five-year 
schedule.


    Question.  A common theme among both of your reports and 
testimonies was the challenges we face in administering aid and 
programs in non-permissive environments--places like Iraq, Syria, and 
Afghanistan.

   What challenges do you face? Do you have to rely on 
        partners to gain access to certain sites?

    Answer. The challenges that we face in overseeing aid and programs 
in non-permissive environments are similar to the challenges the 
Department itself faces. Security issues in those areas make it 
difficult, if not impossible, to travel and conduct oversight or 
monitoring. OIG does not generally rely on non-governmental partners to 
obtain access to those sites, but we sometimes require assistance from 
U.S. Government law enforcement personnel, military personnel, and post 
personnel or from host country partners. In addition, we sometimes 
compensate for our inability to travel to particular locations by 
meeting with grantees in third countries or by meeting with contractors 
at an embassy. OIG has auditors and special agents on the ground in 
Kabul, Islamabad, and Baghdad, in close proximity to contracting 
officer representatives, contractors, and program managers.

   Are you seeing greater access issues for investigation, as 
        well as greater oversight challenges at State, as our forces 
        draw down in Afghanistan?

    Answer. Generally, in unstable areas with security concerns, it is 
more difficult for us to conduct oversight work because our movement is 
limited. This is an issue in Afghanistan, but it is not unique to 
Afghanistan.


    Question.  You've highlighted in your testimony the challenge of 
providing adequate oversight of contracts and grants overseas. In your 
testimony, you state that while State has focused efforts on improving 
management of contracts and grants, that the Department is still forced 
to rely heavily on contractors and grantees, especially in conflict 
areas, and that your office continues to find instances of insufficient 
oversight. In particular, your office continues to find that State 
partners fail to do risk assessment, especially in conflict areas.

   As State and USAID continue to prioritize the local 
        ownership and involvement that comes with contracts and grants, 
        what recommendations do you have for them to improve the 
        design, management, and oversight of these programs?

    Answer. As a general matter, we have identified oversight 
deficiencies related to a lack of performance monitoring. In 
particular, we have identified a lack of site visits, inadequate 
internal controls, and over-reliance on easily measured ``outputs'' to 
measure program success. We have also identified problems in ensuring 
that these programs are sustainable in the long-term. Our 
recommendations have focused on specific flaws (such as a lack of on-
site monitoring) as well as the need to improve performance 
measurements and coordination with other entities, both inside and 
outside the Department.

   How receptive has State been to these recommendations?

    Answer. The Department has made efforts to improve contracts and 
grants monitoring, but we continue to identify deficiencies, 
particularly with respect to program management. As noted previously, 
some of these flaws relate to systemic issues within the Department, 
namely, the lack of contracting and grant expertise, short rotations, 
and a general lack of focus on accountability for grant and contract 
oversight and performance.


    Question.  In your testimony, you state that your office was 
particularly concerned with the absence of mitigating action plans for 
high-risk areas concerning oversight of contractor operations, and that 
this is an issue your office has raised repeatedly having issued four 
reports in the last two years identifying these problems.

   Can you give us a more detailed update on how State has 
        gone about implementing these recommendations?

    Answer. Our September 2016 audit report\3\ specifically addressed 
this issue. We recommended that the Department develop a process to 
ensure that risk mitigation plans for each high-risk area identified in 
a risk assessment has a specific mitigation action; we also recommended 
that the Department develop controls to ensure that each risk 
mitigation plan includes measurable milestones for implementation and a 
process for monitoring, measuring, and documenting progress in 
mitigating or reducing risk. The Department concurred with both 
recommendations and stated that it is in the process of implementing 
them. We will continue to monitor that implementation.
---------------------------------------------------------------------------
    \3\ Additional Actions Are Needed To Fully Comply with Section 846 
Of The National Defense Authorization Act for Fiscal Year 2013 
Concerning Critical Environment Contracting (AUD-MERO-16-50, Sept. 
2016).

   What's hindering State from implementing your repeated 
---------------------------------------------------------------------------
        recommendations?

    Answer. The issues that have hindered the Department's effective 
oversight of contractor risk in high-risk areas relate to the same 
issues noted previously. In particular, there is often insufficient 
staffing; inadequate training, particularly for high-value contracts; 
and little emphasis on program management and accountability.

   How would you recommend changing the design of State's 
        management and oversight plan for these high risk areas?

    Answer. Our recommendations regarding risk mitigation plans for 
contractors operating in critical environments provided specific 
recommendations to assist the Department in monitoring and measuring 
risk mitigation.


    Question.  We discussed briefly GAO's report from July of this year 
which highlighted the fact that of those implementers sampled, less 
than half had not performed a risk assessment for fraud and loss in 
Syrian assistance projects. This same report also discussed the finding 
that U.S.-funded humanitarian assistance projects in Syria are prone to 
more elevated risks than programs funded by other nations.

   Given this information, and given that fraud and loss are 
        the two categories for which you have the highest numbers of 
        reported complaints, do you feel that a risk assessment for 
        fraud and loss should be a requirement for any implementer 
        distributing U.S. foreign aid? Why or why not?

    Answer. Our primary recommendation with respect to foreign 
assistance is that the Department establish a system to track and 
manage that assistance. Risk assessments for fraud and loss may be 
helpful, and we believe that consistent application of existing risk 
assessment processes would improve outcomes. However, we also believe 
that an important preliminary step is ensuring that the Department can 
accurately identify the amount of taxpayer funds that are being 
provided in foreign assistance. Without this basic information, the 
Department cannot effectively coordinate with other agencies and 
organizations, cannot provide accurate information to the Office of 
Management and Budget, and cannot ensure that foreign assistance is 
appropriately monitored and accounted for.


                               __________

             Prepared Statement of Hon. Ann Calvaresi Barr

    Chairman Perdue, Ranking Member Kaine, and members of the 
subcommittee, thank you for inviting me to take part in this important 
hearing to help inform the next administration and the incoming 
Congress on the current challenges in providing U.S. foreign 
assistance. As you know, since the U.S. Agency for International 
Development (USAID) was established in 1961, successive Congresses and 
administrations have consistently supported the United States' 
continued leadership in international engagement, reinforcing financial 
and security interests and building and strengthening ties around the 
world.
    As Inspector General, I am charged with leading the independent 
oversight of up to $15 billion spent annually on foreign assistance 
provided through USAID, the Millennium Challenge Corporation (MCC),\1\ 
the U.S. African Development Foundation (USADF),\3\ the Inter-American 
Foundation (IAF),\3\ and the Overseas Private Investment Corporation 
(OPIC).\4\ Today, I will focus on USAID and the major management 
challenges the Agency faces in carrying out its mission. I will also 
highlight OIG's numerous initiatives and reforms for advancing my 
vision for a high-performing organization--one that provides 
comprehensive, timely, and risk-based assessments of USAID programs and 
operations, and keeps Congress informed of our work on USAID and the 
other foreign assistance entities we oversee.
---------------------------------------------------------------------------
    \1\ Created in 2004, MCC competitively selects countries that 
demonstrate commitment to good governance, economic freedom, and 
investment in citizens, and provides them with large-scale grants to 
fund projects that promote sustainable economic growth, open markets, 
and improved living standards.
    \2\ Created in 1980, USADF provides small development grants to 
underserved and marginalized populations in conflict and post-conflict 
areas in Africa.
    \3\ Created in 1969, IAF provides small development grants directly 
to grassroots and nongovernment organizations in Latin America and the 
Caribbean.
    \4\ Created in 1971 as the U.S. Government's development finance 
institution, OPIC mobilizes private capital to help solve critical 
development challenges abroad.
---------------------------------------------------------------------------
                                summary
    The complex and frequently inhospitable environments USAID works in 
create major challenges for the Agency in carrying out its mission. 
Among these challenges, we identified five that need particular 
attention in fiscal year 2017. These challenges stem largely from the 
complexities in coordinating and implementing foreign assistance 
efforts jointly with multiple and diverse stakeholders; a lack of local 
capacity and qualified personnel to execute USAID-funded projects; and 
weak project design, monitoring, and internal controls. Weaknesses in 
these areas limit the impact of USAID projects or derail them before 
they began; leave programs vulnerable to fraud, waste, and abuse; or 
both. The magnitude of our investigations related to humanitarian 
assistance programs in Syria demonstrate the extent to which USAID 
programs can be vulnerable to exploitation. Our investigations exposed 
fraud schemes involving collusion between vendors and implementers, 
product substitution, inflated billing, and false claims. While USAID 
has suspended several implementing partner programs, vendors, and 
individuals, these abuses raise serious concerns about implementers' 
contracting processes and USAID's oversight of them.
    To provide the level of oversight needed to help USAID address 
these complex challenges, OIG has capitalized on opportunities I 
identified to improve our operations--with independence as our 
grounding principle. Since I was sworn in a year ago, OIG has 
significantly advanced my vision for a high-performing organization. 
That vision begins with how we scope and execute our work. In addition 
to auditing and investigating individual USAID programs and projects, 
we are now targeting weaknesses that cut across USAID and the other 
entities we oversee in areas such as human capital management and 
training; vetting implementers of USAID programs; coordination among U. 
S. Government agencies; and efforts to strengthen financial and 
information technology management. This crosscutting work will provide 
solutions that link headquarters-based strategies to field-level 
implementation. To better position my staff to carry out this work, I 
have launched a number of initiatives, some of which have already been 
completed.


   First, I added more rigor to how we prioritize our work and 
        coordinate with oversight partners. Our new audit and 
        investigation plans assess risk, follow high-dollar 
        initiatives, and account for stakeholders' informational and 
        decision-making needs, while providing the flexibility to pivot 
        to emerging oversight needs.

   Second, I called for multidiscipline teams comprising audit 
        and investigations staff from headquarters and the field, as 
        well as technical experts such as methodologists, writers, and 
        information technology specialists. To provide for controlled 
        engagement of these cross-cutting teams, I consolidated 11 
        overseas offices to 4 hub offices, with heads of audit, 
        investigation, and management involved in every aspect of their 
        units.

   Third, I have taken steps to revitalize our workforce. 
        Notably, I recruited new leaders to strengthen OIG's executive 
        team, elevated performance standards, and commissioned a review 
        to identify the training and resources staff need to succeed. 
        To help ensure these steps take root, I am holding OIG 
        executives, managers, and supervisors accountable for workplace 
        inclusivity and excellence.

   Finally, I have taken action to solidify our independence. 
        Within weeks after my confirmation, I established a cooperation 
        memorandum with the USAID Administrator to formalize OIG's 
        authority, and we are working to take back responsibility for 
        assessing actions taken to address our recommendations. We 
        continue to develop and implement major reforms, including 
        revisiting audit and investigation policies and procedures, to 
        provide reliable and meaningful oversight, while being good 
        stewards of taxpayer dollars.
                               background
    With the passage of the Foreign Assistance Act and the 
establishment of USAID 55 years ago, the United States solidified its 
bipartisan commitment to address basic human needs and advance the 
rights of the world's most disenfranchised people, and thereby 
encourage adoption of our Nation's core values.\5\ While U.S. foreign 
assistance remains rooted in humanitarianism, it has evolved over the 
decades to emphasize development, economic stability, and 
sustainability. Today, professionals work around the world to help 
promote democracy and free markets, while aiding individuals and 
nations struggling to recover from natural disasters and health crises, 
rebuild after years of conflict and war, and achieve freedom and 
dignity.
---------------------------------------------------------------------------
    \5\ Public Law 87-195, September 1961.
---------------------------------------------------------------------------
    USAID is the principal U.S. agency for providing development 
assistance to countries around the world: USAID programs aim to support 
economic growth, combat the spread of disease, promote democratic 
reform, and address food insecurity. The agency also provides 
assistance to countries working to alleviate poverty, and recovering 
from disaster or periods of conflict. USAID undertakes development and 
humanitarian assistance activities to expand stable, free societies and 
create markets and trade partners for the United States. Headquartered 
in Washington, D.C., with missions around the world, USAID works with 
private voluntary organizations, indigenous organizations, 
universities, the private sector, international agencies, foreign 
governments, and other U.S. Government agencies.
    My office provides independent oversight of USAID operations and 
programs, as well those of MCC, USADF, IAF, and OPIC. With an amendment 
to the Inspector General Act in 2013, my OIG also provides joint 
oversight of overseas contingency operations. Currently, we partner 
with the Departments of State and Defense OIGs on Operation Inherent 
Resolve (OIR), the operation dedicated to countering the terrorist 
threat posed by the Islamic State of Iraq and the Levant in Iraq, 
Syria, and the surrounding region.
    We currently have 275 staff working at headquarters in Washington, 
D.C., and throughout the world. Our fiscal year 2016 base appropriation 
was $66 million.\6\
---------------------------------------------------------------------------
    \6\ In addition to base appropriations, OIG draws on other sources 
of funding, which include supplemental appropriations, prior year 
balances, and reimbursements from the agencies we oversee to fully 
support our work.
---------------------------------------------------------------------------
             top management challenges usaid confronts in 
                implementing its programs and operations
    USAID frequently works in environments affected by conflict or 
civil unrest, natural disasters, or disease. These inhospitable 
environments create major challenges, including protecting overseas 
agency personnel and accessing project locales for monitoring. Local 
laws and restrictions, political repression, corruption, and travel 
constraints create additional challenges, including coordinating and 
communicating with implementing partners and other stakeholders to 
formulate and execute projects.
    Given the dollars and programs that are at stake, our office 
provides continued oversight of USAID and other U.S. foreign assistance 
operations to identify opportunities and make recommendations for 
improvement. As required by law, we report each November on the top 
management challenges facing the agencies we oversee.\7\ USAID has 
taken many actions to respond to our recommendations, as well as other 
constructive actions to achieve its mission. However, we identified 
five top management challenges for USAID in fiscal year 2017. These 
challenges stem largely from the complexities in coordinating and 
implementing foreign assistance efforts jointly with multiple and 
diverse stakeholders; a lack of local capacity and qualified personnel 
to execute USAID-funded projects; and weak project design, monitoring, 
and internal controls.
---------------------------------------------------------------------------
    \7\ Reports Consolidation Act of 2000, Public Law 106-531.
---------------------------------------------------------------------------
Developing strategies to work effectively in nonpermissive and 
        contingency environments
    USAID acknowledges that working in nonpermissive and overseas 
contingency environments-- environments characterized by conflict, 
government instability, or cataclysmic natural events--is one of its 
longest-standing operational challenges. Challenges include finding 
qualified contractors and grantees willing to work in dangerous 
environments, protecting overseas agency personnel, and gaining access 
to project locales for appropriate monitoring.
    USAID's Office of Transition Initiatives notes that the ``nature of 
these environments requires flexible responses and iterative processes 
adapted to specific country contexts.'' \8\ For example, to compensate 
for the drawdown of U.S. Armed Forces and reductions in USAID staff in 
Afghanistan, USAID planned to use multitiered monitoring to leverage 
data and observations from U.S. and Afghan Government sources, other 
donors, USAID partners, beneficiaries, and contractors hired to monitor 
activities. However, as we reported in December 2015, USAID/Afghanistan 
could only demonstrate that 1 of the 127 awards made between January 
2013 and September 2014 used multitiered monitoring.\9\ The mission's 
limited use of multitiered monitoring was largely due to insufficient 
guidance and monitoring plans, as well as a lack of systems for 
collecting and using data.
---------------------------------------------------------------------------
    \8\ Office of Transition Initiatives, ``Lessons Learned: Monitoring 
and Evaluation in Complex, High-Threat Environments,'' April 2010.
    \9\ ``Audit of USAID/Afghanistan's Strategy for Monitoring and 
Evaluating Programs Throughout Afghanistan,'' Report No. F-30616-001-P, 
December 10, 2015.
---------------------------------------------------------------------------
    Moreover, relying on ad hoc approaches to design, implement, and 
monitor programs in environments designated as nonpermissive can leave 
programs vulnerable to fraud, waste, and abuse. For example, in 
Afghanistan, we found cases of contract steering, contractor 
overbilling and overcharging, bribe solicitation, fraudulent hiring 
practices by contractors, and embezzlement by a contractor employee. 
Our investigations in Nigeria similarly demonstrate program risks in 
nonpermissive environments. One investigation and subsequent OIG audit 
determined that more than a third of a $17 million award for an AIDS-
related health-care program was diverted for personal use or 
misdirected from the project. The magnitude of our investigations 
related to humanitarian assistance programs in Syria provide a case 
study of the extent to which USAID programs can be vulnerable to 
exploitation. As we testified in July, our investigations exposed fraud 
schemes involving collusion between vendors and implementers' 
procurement and logistics staff.\10\ We also identified product 
substitution schemes (food and nonfood items), inflated billing, and 
false claims. While USAID has suspended several implementing partner 
programs, vendors, and individuals, these abuses raise serious concerns 
about implementers' contracting processes, including using less than 
full and open competition; the rigor and timeliness of their responses 
to allegations of fraud; and their logistics, quality control, and 
monitoring procedures. They also raise questions about USAID's 
oversight of implementers and their progress.
---------------------------------------------------------------------------
    \10\ Statement before the Committee on Foreign Affairs Subcommittee 
on the Middle East and North Africa, United States House of 
Representatives, ``Fraud Investigations Expose Weaknesses in Syria 
Humanitarian Aid Programs,'' July 14, 2016.
---------------------------------------------------------------------------
    To help USAID and its implementing partners combat fraud in 
nonpermissive environments, our Office of Investigations developed a 
quick reference guide that covers internal control deficiencies, fraud 
indicators, and best practices for preventing fraud. The guide was 
designed for the Middle East humanitarian response but is useful for 
USAID programs in other regions. While the guide has already proven to 
be an effective tool, assuring stakeholders that programs are not 
susceptible to fraud and waste will remain a challenge for USAID until 
oversight gaps have been identified and closed.
Strengthening local capacity and sustainability while ensuring adequate 
        oversight of USAID funds
    To better ensure local partners can sustain USAID-supported 
development projects, the Agency calls for investing in communities 
that have a stake in continuing activities and services after USAID 
involvement ends, building the skills of local stakeholders, and 
ensuring public- or private-sector participation and financial backing. 
While sustainability has been a precept of development programs since 
the enactment of the Foreign Assistance Act in 1961, the ability of 
some host countries to sustain USAID programs remains uncertain. 
Consider the following examples:


   As we reported in 2016, 5 of 19 USAID-funded road 
        construction projects in the West Bank show signs of 
        deterioration. A mission-commissioned study found that due to 
        competing budget priorities, the Palestinian Authority did not 
        allocate funds from fuel-tax revenue to support road 
        maintenance. Consequently, USAID-funded road projects will not 
        be fully sustainable until the authority dedicates tax revenue 
        to maintain these critical civic resources.

   Under the terms of its contract with USAID, Haiti's health 
        ministry was expected to assume some costs for a health 
        services project. However, the project lacked a plan to 
        transfer responsibility for paying health worker salaries at 80 
        health-care facilities from USAID to other sources after the 
        project ends. Contractor officials assumed that because the 
        Haitian Government could not pay the salaries, USAID or other 
        donors would continue to pay them.


    USAID's Local Solutions initiative, a reform strategy under USAID 
Forward, has not always met expectations.\11\ The Local Solutions 
initiative aims to promote country ownership and sustainability of 
development outcomes by providing program funding directly to partner 
governments and local organizations. However, securing host country 
commitment to sustain USAID's investment, vetting local capacity to 
manage funds in accordance with U.S. regulations, and planning and 
monitoring have presented major challenges in missions' implementation 
of the initiative. Take the following examples:
---------------------------------------------------------------------------
    \11\ In 2010, USAID launched USAID Forward, a series of reforms to 
focus on results, promote sustainable development, and scale up 
innovative solutions.


   USAID/Paraguay implemented a program through a local 
        organization to strengthen the internal management and 
        government systems of select public institutions. However, the 
        mission failed to ascertain in its preaward survey that the 
        organization lacked sufficient financial and managerial 
        capacity to manage USAID funds, assess results, or track 
---------------------------------------------------------------------------
        program progress--ultimately putting $24.4 million at risk.

   Our investigations of local implementers revealed risks 
        consistent with our audit findings. Most of the cases we 
        surveyed involved allegations of inappropriate or fraudulent 
        actions taken by senior or key staff, pointing to a propensity 
        for weak corporate governance. We also found that local 
        implementers typically failed to self-disclose fraud to the 
        Agency or OIG.


    The U.S. Government Accountability Office (GAO) pointed out that 
USAID relied primarily on a single indicator--funds obligated--to 
measure Local Solutions' progress, not what these investments 
yielded.\12\ Without more robust indicators, such as risk assessments 
and program monitoring, GAO found that USAID cannot determine the 
status of activities prior to and following the obligation of funds. 
Further, while USAID has laid some groundwork for evaluating the Local 
Solutions initiative, the Agency has not demonstrated it has the means 
to determine the extent to which missions are conducting performance 
evaluations to assess the effectiveness of programs implemented through 
local organizations.
---------------------------------------------------------------------------
    \12\ U.S. Government Accountability Office, FOREIGN AID: USAID Has 
Increased Funding to Partner-Country Organizations but Could Better 
Track Progress (GAO-14-355), April 16, 2014.
---------------------------------------------------------------------------
Reconciling interagency priorities to advance international development
    In carrying out contingency and other operations that require 
coordination with multiple U.S. Government agencies, USAID employees 
are sometimes unclear as to how to balance USAID's development 
priorities with other agencies' priorities and to manage additional 
layers of review.
    This was the case with the implementation of the Enhanced 
Partnership with Pakistan Act (EPPA) of 2009, which authorized $7.5 
billion over 5 years for civilian assistance. The State Department has 
the lead role in assistance activities in Pakistan, giving it 
responsibility for budget and project decisions.\13\ As we reported in 
September 2016, USAID/Pakistan has struggled to reconcile its long-term 
development objectives with State's diplomatic aims. At the outset, 
USAID/Pakistan followed State's strategy, which lacked long-term 
development goals. In 2013, the mission implemented a formal strategy 
that linked activities to a long-term development goal but lacked 
indicators to measure progress. The strategy also focused on repairing 
and upgrading Pakistan's energy infrastructure--mirroring State's focus 
on energy as key to long-term growth--but not on other priority areas, 
such as health, education, and economic growth.
---------------------------------------------------------------------------
    \13\ Department of State, ``2010 Quadrennial Diplomacy and 
Development Review: Leading Through Civilian Power.''
---------------------------------------------------------------------------
    The difficulties USAID and State have confronted in implementing 
EPPA revealed a trend. For a previous audit of USAID and State's 
response to the protest movements across the Middle East, known as the 
Arab Spring, we surveyed 70 USAID employees working on programs in 
Egypt, Tunisia, Libya, and Yemen to identify the challenges they faced. 
According to surveyed staff, the State Department's increased influence 
over USAID programs after the Arab Spring added a layer of review that 
slowed operations and strained USAID resources, as employees had to 
dedicate additional time to building consensus and gaining external 
parties' approval.
    As a result of our EPPA audit, we recommended that USAID institute 
an interagency forum to better ensure its development goals are taken 
into account in countries where State takes the lead. In response, 
USAID's Administrator has engaged State Department leadership to 
discuss solutions, including better reconciling any conflicting 
interests at the beginning of planning and programming, to help USAID 
and State pursue their respective objectives simultaneously. We also 
recommended that USAID formalize its policy to clearly define its roles 
and responsibilities for designing and implementing development 
programs when it is subject to State Department control in critical 
priority countries.
Improving program design and contractor and grantee monitoring
    Poor design can limit the impact of USAID projects or derailed them 
before they begin. For example, contract flaws, such as a lack of clear 
deliverables, complicated the implementation of an $88 million 
agricultural program in Haiti. In addition, a procurement design issue 
resulted in a lengthy award approval process and difficulties in 
implementing emergency programs to address food shortages caused by 
quarantines, border closures, and a depleted farm workforce delayed 
USAID's Ebola response in Guinea, Liberia, and Sierra Leone-- the 
countries most affected by the outbreak in West Africa. In both cases, 
insufficient or inexperienced staff contributed to the programs' poor 
designs.
    Performance monitoring of contractors and grantees has been 
undermined by persistent weaknesses in collected and reported data. For 
example, in September 2016, we reported that our prior audits of USAID 
missions in Egypt, Jordan, and West Bank and Gaza between fiscal years 
2011 and 2013 consistently found instances of unreliable data. We also 
reported that these missions did not adequately develop or use internal 
controls--policies, procedures, systems, or other tools--to ensure 
quality data, monitoring, and evaluation. The weaknesses stemmed from 
staffing shortages, lack of employee training, and managers' lack of 
enforcement, as well as from frequently shifting budgets and 
priorities.
    Our audit and investigation work also points to a need for USAID to 
provide more rigorous monitoring to identify contractors and grantees 
who take advantage of weak internal controls to commit fraud, waste, or 
abuse. For example, our investigations uncovered fraud in two USAID 
health programs. In one case, a West African was charged with 
defrauding a USAID-supported antimalaria program of more than $12 
million in funds intended for insecticide-treated nets. To curb such 
fraud, our office set up malaria hotline campaigns in three countries, 
which have led to joint operations with the host nations' law 
enforcement and seizures, arrests, and prosecutions. In the second 
case, a USAID employee shared sensitive procurement information with a 
favored candidate for a $55 million cooperative agreement. As a result 
of our investigation, USAID stopped the procurement process that 
prevented the agreement from being improperly awarded.
Meeting governmentwide financial and information management 
        requirements
    Longstanding internal control weaknesses have limited USAID's 
ability to meet some of the Federal Government's financial management 
requirements--established to better ensure agencies are effective 
stewards of Government resources. Some reported weaknesses relate to 
reconciling transactions between USAID and other Federal agencies--
which are typically recorded in different accounting periods or use 
different methodologies. Treasury reported that as of September 30, 
2016, USAID had more than $3 billion in unreconciled transactions with 
other agencies. Although USAID has increased its efforts and 
continually researches intragovernmental activity to resolve 
unreconciled amounts, differences persist. Reconciling differences 
between USAID's Fund Balance with Treasury account and the Department 
of Treasury's records has also been problematic. As of September 30, 
2016, the net difference between USAID's general ledger and the amount 
in Treasury's records was approximately $195 million-- $141 million of 
which cannot be explained.
    USAID has taken great strides in implementing the complex 
requirements of the Federal Information Security Modernization Act of 
2014 (FISMA) and removing significant deficiencies.\14\ However, 
concerns remain. Notably, the USAID chief information officer (CIO) 
reported to the assistant administrator for the Bureau of Management--
not directly to the agency Administrator or Deputy Administrator, as 
required. As a result, the CIO may have limited authority in ensuring 
information technology projects and actions are funded, tracked, and 
prioritized at a level commensurate with the direction and goals of the 
Agency as a whole. In addition, USAID did not maintain the appropriate 
segregation of duties. Specifically, one staff member carries out the 
roles of both the deputy CIO and the chief information security 
officer. As a result, the individual not only performs security control 
activities but reviews those activities for compliance with FISMA, 
calling into question the independence of USAID's FISMA compliance 
reviews.
---------------------------------------------------------------------------
    \14\ The Federal Information Security Modernization Act of 2014 
(Public Law No. 113-283) updated and largely supersedes the Federal 
Information Security Management Act of 2002 (Public Law No. 107-347, 
Title III) but retains many of the requirements for Federal agencies' 
information security programs previously set by the 2002 law.
---------------------------------------------------------------------------
    Finally, USAID's classification policy does not meet Federal 
requirements for establishing a uniform system for classifying, 
safeguarding, and declassifying national security information.\15\ We 
found systemic noncompliance related to security education and 
training, classification markings and guidance, and reporting of 
program activities and results.
---------------------------------------------------------------------------
    \15\ Executive Order 13526 (2009).
---------------------------------------------------------------------------
        oig reforms and initiatives for achieving greater impact
    OIG's portfolio of work helps ensure USAID and the other entities 
we oversee not only meet their mission objectives but achieve the 
highest return on taxpayer investment--a standard our office continues 
to model. For every dollar we spent in fiscal year 2016, we identified 
more than 3 dollars in questioned costs, funds put to better use, and 
investigative savings and recoveries. While I am proud of these 
accomplishments, we can improve our operations to achieve greater 
returns on investment, have a more profound impact on agency outcomes, 
and keep Congress and other stakeholders fully informed.
    Since I was sworn in as Inspector General a year ago, I have taken 
a comprehensive and critical look at our operations and identified 
opportunities to improve how we work--with independence as our 
grounding principle. In just 1 year, OIG has significantly advanced my 
vision for a high-performing organization.
    That vision begins with how we scope and execute our work. While 
auditing and investigating individual USAID programs and projects 
around the world can yield findings that demand action and help 
individual missions improve their operations, this approach does not 
always get at the systemic causes of the problems we uncover. 
Therefore, we are targeting our work to identify weaknesses that cut 
across USAID, MCC, USADF, IAF, and OPIC in areas such as human capital 
management and training and vetting implementers of USAID programs; 
coordination among implementers; and efforts to strengthen financial 
and information technology management. By looking across programs and 
projects and all the agencies we oversee, our work will have greater 
impact at the agency level and provide solutions that link 
headquarters-based strategies to field-level implementation.
    A number of completed and ongoing initiatives that I have launched 
will better position OIG staff to carry out this oversight. First, we 
have added more rigor to how we prioritize our work and coordinate with 
oversight partners. Our new audit and investigation plans assess risk, 
follow high-dollar and crosscutting initiatives, and account for 
stakeholders' informational and decision-making needs. For example, our 
ongoing audit of the Power Africa program will determine whether 
projects in this complex program--which requires extensive coordination 
among USAID, MCC, OPIC, USADF, and other Federal components; multiple 
African governments; and private industry--are on track to achieve the 
program's goal to greatly expand access to electricity in sub-Saharan 
Africa by providing at least 60 million new households and businesses 
with on- and off-grid power solutions.
    At the same time, our plans provide the flexibility to pivot to 
emerging oversight needs. Our global health work provides examples. 
Notably, we have identified lessons learned from USAID's response to 
the Ebola outbreak to help inform and readily assess USAID's 
preparedness to respond to future public health emergencies, such as 
the Zika virus in Central and South America. Similarly, to provide 
comprehensive oversight of USAID's recent award of a $9.5 billion 
global health supply chain program for purchasing and distributing 
life-saving medicine and health supplies, we continued our ``Make a 
Difference'' campaign, establishing confidential hotlines for reporting 
fraud; joined an interagency Malaria Drug Theft Task Force; and 
conducted targeted outreach.\16\ These initiatives have yielded 
significant results. For example, our investigations led to the seizure 
of stolen USAID-funded antimalarial medications from 8 of the 17 
locations in Malawi that were searched, and the arrest, conviction, and 
sentencing of 6 individuals. Our investigations work has also brought 
to light vulnerabilities in the security of other supplies, including 
HIV/AIDS test kits.
---------------------------------------------------------------------------
    \16\ Our agents have provided fraud awareness training to 142 prime 
implementer and subcontractor staff in Washington, D.C., and 
approximately 160 procurement and supply management project staff in 
Nigeria, and conducted risk analysis meetings, addressing 
vulnerabilities in financial and operational accountability, with USAID 
and the prime implementer.
---------------------------------------------------------------------------
    Joint oversight of initiatives such as OIR also demands upfront 
planning and ongoing coordination. Therefore, in stepping up our 
scrutiny of OIR and other initiatives that involve multiple agencies, 
we continue to expand collaborative efforts with our oversight 
partners. Over a third of one USAID office's implementers responding to 
the Syria crisis also receive State Department funding,\17\ so we are 
working with State OIG to provide fraud awareness briefings to 
implementers\18\ and are currently conducting three joint 
investigations. We are also collaborating with our oversight 
counterparts at other bilateral donors and public international 
organizations through the Syria Investigations Working Group, which OIG 
stood up in October 2015. Programmatic and budgetary overlaps of USAID, 
U.N. agencies, and public international organizations are associated 
with potential vulnerabilities and are investigative interests. Public 
international organizations, such as the United Nations World Food 
Programme, collectively receive about 40 percent of USAID's budget for 
the humanitarian response in Syria. To date, we have sent 32 referrals 
to group members and foreign law enforcement offices.
---------------------------------------------------------------------------
    \17\ USAID Office of Foreign Disaster Assistance.
    \18\ USAID OIG and State OIG have provided 5 joint fraud awareness 
presentations to 83 implementer staff in Jordan to help combat fraud in 
Syria.
---------------------------------------------------------------------------
    Second, OIG teams now include staff from across our organization to 
facilitate and encourage coordination between audit and investigation 
as well as headquarters and the field. To support these cross-cutting 
teams, I reorganized our office, consolidating 11 largely independent 
overseas offices to 4 strategically located hub offices,\19\ which 
allows for controlled engagement, with heads of audit, investigation, 
and management involved in every aspect of their units. I also 
realigned our management structure to enable us to better target our 
oversight on foreign assistance activities susceptible to fraud, waste, 
and abuse, and on programs and functions that present the most 
challenges to plan and implement. For example, our investigations 
raised questions about USAID's oversight of funds provided to public 
international organizations, prompting us to conduct an audit looking 
at how USAID assesses risks prior to award, mitigates any risks during 
implementation, and monitors public international organization 
programs. The realignment also builds in inclusivity and employee 
engagement in decision making and obtain buy in.
---------------------------------------------------------------------------
    \19\ Central/South America, Eastern Europe/Middle East, Asia, and 
Africa.
---------------------------------------------------------------------------
    Third, I have instituted a number of actions to revitalize our 
greatest asset--human capital. Within the first few months of my tenure 
as Inspector General, I recruited new leaders to strengthen OIG's 
executive team and established high standards for myself and our 
leaders, providing them the training and tools they need to succeed, 
including 360 feedback and coaching. To make the most of our investment 
in employee development, we started a top-down review of staff skill 
levels and capabilities. OIG is also elevating performance standards 
across the board and holding OIG executives, managers, and supervisors 
accountable for workplace inclusivity, civility, and improved 
performance. These measures have paid quick dividends, as our leaders 
and front-line staff have already proven that they have the capacity 
and drive to meet the standards. Ensuring our staff receive fair and 
reasonable compensation for their work is also paramount. To that end, 
I am seeking to align our system of pay for Foreign Service 
investigators with that of the rest of the Federal law enforcement 
community to provide for a level playing field in recruiting and 
retaining these dedicated professionals.
    I am also standing up a Quality Assurance Team to continuously 
monitor the execution of our work and ensure it and our corresponding 
policies and procedures meet the highest standards set by law and 
regulations, the accountability community, and our office. To further 
build quality into our work, I hired a communication manager to 
establish a writing team that fully participates in audit engagements, 
bringing unique critical thinking skills in developing high-impact 
reports; a training director to improve employee development processes; 
and a business process engineer to analyze and revise as needed our 
policies, processes, and procedures. We have already begun to institute 
new streamlined processes for developing more robust and responsive 
audit reports and cleared a backlog of our investigative cases.
    Finally, our work and the processes we employ must be completely 
independent. Within weeks after my confirmation, I established a 
cooperation memorandum with the USAID Administrator to formalize OIG's 
authority to have full access to the documentation and people our 
auditors and investigators need to carry out our mission. To further 
solidify our independence, we have plans under way to reverse a 
longstanding practice and take back responsibility for assessing 
actions taken to address our recommendations and determining whether 
these actions are timely and meet our intent. I am also seeking 
clarification regarding our audit authority over OPIC. Because OIG does 
not have full authority to oversee OPIC programs and operations, we 
currently conduct audit and other activities under an annual agreement 
that has been subject to negotiation, limitations, and delays. This 
middle ground is untenable. Therefore, we are looking to engage with 
Congress and other stakeholders to find a more permanent solution that 
aligns with the Inspector General Act.
    Our ongoing and planned audits and investigations will help USAID 
address the challenges we identified and link the Agency's strategic 
goals with their tactical implementation. During fiscal year 2017, we 
will continue to develop and implement major reforms to ensure our 
dedicated workforce at headquarters and around the world have the 
policies, processes, training, technologies, and other tools needed to 
provide reliable and meaningful oversight and, more importantly, to be 
good stewards of taxpayer dollars. I am confident that we will enter 
the next fiscal year in a position to make these reforms standard 
business practices that will last for years to come.
    I am as passionate about our oversight role today as I was when I 
first began working in the accountability community 3 decades ago. I 
remain committed to ensuring that USAID and the other foreign 
assistance entities we oversee prudently use every dollar they get. 
Given the environment and risk that foreign assistance programs work 
in, this is no easy task, but it makes our work--along with this 
Subcommittee's oversight and commitment--even more compelling and 
needed to ensure we get it right.
    This concludes my prepared statement. I will be happy to answer any 
questions you may have for me at this time.

                               __________

      Responses to Additional Questions for the Record Submitted 
                to Ann Calvaresi Barr by Senator Perdue


    Question.  Thank you again for your recent report on major 
management and performance challenges for USAID, and for briefly 
outlining a few of the highlights in your testimony. Though we 
discussed a few of these challenges and recommendations during the 
hearing, please outline your top three issues in more detail.

   Outside of your reports, what hindrances do you see to 
        better management and operations?

   Are there inherent cultural challenges that lead to these 
        management issues? What will the incoming administration need 
        to be aware of/take on in that regard?

    Answer. Our November 15, 2016, report identified five top 
management challenges for USAID.\1\ Foremost among these are (1) 
improving program design and contractor and grantee monitoring; (2) 
strengthening local capacity and sustainability while ensuring adequate 
oversight of USAID funds, and (3) reconciling interagency priorities to 
advance international development. These challenges are exacerbated by 
nonpermissive environments and lack of effective information technology 
and financial management systems.
---------------------------------------------------------------------------
    \1\ Statement on Top Management Challenges for USAID and MCC Fiscal 
Year 2017 (Nov. 15, 2016).

   Sound design, monitoring, and evaluation are critical to the 
        successful implementation of foreign assistance programs. 
        Effective design helps ensure programs have the resources 
        needed to achieve objectives, while program monitoring and 
        evaluation help implementers and missions identify and address 
        fraud and other risks that prevent programs from achieving 
        desired results. Our audit work revealed persistent weaknesses 
        in design in Egypt, Jordan, and the West Bank. Similarly, our 
        investigations revealed widespread corruption in cross-border 
        programs in Syria and other parts of the world, which point to 
        lack of adequate monitoring of implementers by U.S. officials. 
        Particularly, significant shortcomings in internal controls 
        around procurements and aid distribution by WFP in the Syria 
        program bring into question whether USAID is doing enough to 
        ensure U.S. taxpayer funds being spent through Public 
        International Organizations (PIOs) are adequately protected. 
        Ultimately, shortcomings in USAID's program design and 
        monitoring have weakened its ability to ensure programs have 
        the resources needed to achieve objectives and identify and 
---------------------------------------------------------------------------
        address fraud and other program risks.

   USAID invests in development projects that it expects can be 
        supported locally and have a lasting impact. However, our work 
        consistently points to concerns about the level of assurance 
        USAID has in achieving sustainability in its programs. Efforts 
        under USAID's Local Solutions initiative, a reform strategy 
        under USAID Forward, have similarly fallen short of 
        expectations. Our reports have identified challenges in 
        missions' implementation of the initiative. Until the Agency 
        fully assesses the capacity of host countries or government and 
        local entities and enhances oversight, USAID funds will remain 
        at risk.

   Contingency operations and other foreign assistance efforts require 
        coordination with multiple U.S. Government agencies. However, 
        USAID's development priorities do not always align with other 
        agencies' priorities, making it difficult for USAID to achieve 
        its core development mission. In particular, coordination with 
        the State Department, which leads multiagency operations that 
        respond to diplomatic and security crises, has presented 
        challenges to USAID's project planning and execution. Despite 
        broad interagency guidance on State's role in politically 
        sensitive environments, USAID employees are sometimes unclear 
        as to how to manage additional layers of review, respond to 
        changing priorities, and balance short-term and long-term 
        priorities. Our work in countries such as Egypt, Tunisia, 
        Libya, Yemen, and Pakistan underscore the need for 
        reconciliation of competing priorities.


    USAID's culture is a major barrier to addressing these challenges--
notably, the Agency's reliance on its implementing partners, which has, 
in some cases, extended to program oversight. This practice ignores the 
most basic internal control and sets USAID up for unsatisfactory 
outcomes. We have made numerous recommendations that call for more 
robust monitoring and oversight, including conducting more frequent 
site visits to vendors and warehouses to verify product quality before 
cross-border shipment, greater use of pre-award assessments of 
implementers, greater use of approval thresholds and condition 
precedents prior to release of funds, and assessments of implementer's 
accounting and procurement systems.


    Question.  You have only been in your post for about one year now, 
but I know you have done significant work to begin to implement reforms 
in your office. Could you discuss in further detail how you have 
reformed your office since being confirmed?

  What challenges did you face in ensuring proper oversight of 
        your respective agencies, and how have you worked to address 
        those challenges?

  How can we help you improve your oversight? Are there any 
        reforms you're seeking that need a change in law to achieve? 
        Please include any that we may have discussed during the 
        hearing as well as any we did not have a chance to discuss.

    Answer. The reforms I have implemented--which were grounded in my 
30 years of working in the accountability community--cut across our 
entire operations and encompasses our people, processes, and work. My 
assessment included individual meetings with all overseas staff, both 
U.S. direct hire staff and Foreign Service Nationals, as well as 
meetings with staff in Washington. Through these meetings, I gained a 
stronger appreciation for the challenges they face, particularly as it 
relates to foreign work environments. The actions that I have taken and 
the reforms that have been implemented, are under way, or planned will 
better position OIG staff to address these challenges. For example:

   To strengthen my leadership bench, I filled five Senior Executive 
        Service positions with the talent and expertise needed to lead 
        our core functions--audit, investigations, and management. We 
        are now working to develop new strategic plans and performance 
        measures.

   I called for more transparency and open communication to strengthen 
        leadership engagement with staff and encourage more robust 
        dialogue on our work, especially in areas where there is 
        professional disagreement.

   To prioritize, add rigor to, and achieve efficiencies in our work, 
        I called for cross-cutting teams that would leverage staff 
        knowledge and skills across our various offices. To support 
        this new model, I consolidated 11 largely independent overseas 
        offices to 4 strategically located hub offices,\2\ breaking 
        down OIG's historically stove-piped organization. The new 
        structure, coupled with more centralized planning, has already 
        improved collaboration by bringing together key players, and 
        facilitating leadership and staff buy-in at the start of an 
        audit or investigation and the messaging of the results. 
        Moreover, the hub structure will result in work that links 
        USAID headquarters-based strategies to field-level 
        implementation.
---------------------------------------------------------------------------
    \2\ OIG's hub offices currently oversee one of the following 
regions each: Latin American and the Caribbean, Eastern Europe, 
Eurasia, and the Middle East, Africa, and Asia. Satellite offices in 
these regions provide targeted oversight in targeted countries and/or 
programs: Haiti, Senegal, Uganda, Egypt, West Bank and Gaza program, 
and Pakistan.

   To further help staff excel under this new model, I hired a Quality 
        Assurance Director charged with continuously assessing our 
        policies to ensure they thoroughly reflect oversight 
        accountability standards and best practices and support the 
        highest quality of work. I also hired a Communications Officer 
        to enhance the quality of all of our written communications and 
        set the course for developing audit and investigation messages. 
        I am currently working to bring on board a Process Improvement 
        Director, who will continually assess our business operations 
        and policies, and recommend changes that reflect the practices 
---------------------------------------------------------------------------
        of leading professional service organizations.

   To ensure staff have the knowledge and skills needed to effectively 
        conduct their work and combat program fraud, waste, and abuse, 
        I hired a Training Director to design a disciplined 
        professional development program--a program that aligns core 
        training to each job series and position, and supports 
        individual development plans. I have also initiated a 
        comprehensive review of our performance standards to ensure 
        that they promote and hold staff accountable for performance 
        and results and accurately reflect key mission goals and key 
        work impacts.

   In addition to formal training, I am providing staff other 
        development opportunities. For example, in January, we will 
        launch a Communities of Practice--information sharing sessions 
        on topics of interest to staff and that align with our work, 
        mission and goals. Also in January, I will begin hosting 
        regular Leadership Brown Bags for GS-14s and above and Foreign 
        Service equivalents, and Leadership Development Exchanges for 
        GS-13s and below and Foreign Service equivalents to discuss 
        organizational topics including performance, leadership, and 
        professional development. These forums not only provide 
        additional opportunities for me to engage with my staff on 
        topics they identify as key to their roles, development, and 
        overall career, they will further cultivate a strong community 
        within OIG.


    I have also taken action to ensure our full independence--the 
foundation of any OIG. Shortly after my confirmation, I took action to 
develop a cooperation memorandum with the USAID Administrator to 
reaffirm OIG's authority to have full access to the documentation and 
people our auditors and investigators need to carry out our mission. 
The memorandum was signed by USAID Administrator Gayle Smith in 
February 2016 which she released to all USAID staff, underscoring our 
authority and access rights. In addition, I tasked a team to change the 
way we track audit recommendations. Historically, the agencies we audit 
have been responsible for closing out our recommendations. We are 
taking back this responsibility. By independently determining what 
actions meet the intent of our recommendations and when those actions 
satisfy our recommendations, we can keep agencies on track and, most 
importantly, ensure the problems we identified have been addressed.
    Finally, as I briefly mentioned during my testimony,\3\ one 
challenge that I face concerns my oversight responsibility for the 
Overseas Private Investment Corporation (OPIC). Each year during 
appropriations deliberations, OIG and OPIC negotiate and sign an 
interagency agreement to identify the types of oversight to be 
performed in the upcoming fiscal year. This situation is untenable. 
Effective oversight of OPIC demands a fully independent IG with full IG 
Act authorities, including audit rights and a funding mechanism that 
supports OIG oversight activities and is not subject to negotiation 
with OPIC management. Several options have been proposed in recent 
years, and I encourage Committee members to work toward a permanent 
solution for OPIC oversight that provides the full authorities that 
should be vested in an OIG.
---------------------------------------------------------------------------
    \3\ USAID Top Management Challenges and OIG Initiatives, Statement 
of the Honorable Ann Calvaresi Barr before the Senate Committee on 
Foreign Relations, Subcommittee on State Department and USAID 
International Operations, and Bilateral International Development 
(December 8, 2016.


    Question.  You noted in your testimony and during the hearing that 
aligning USAID IG's system of pay for Foreign Service investigators 
with that of the rest of the Federal law enforcement community is your 
---------------------------------------------------------------------------
top legislative priority.

  Could you discuss further the current discrepancy, why it 
        exists, and what we need to do to fix it?

    Answer. Providing compensation to OIG's Foreign Service criminal 
investigators that is consistent with Law Enforcement Availability Pay 
(LEAP)--compensation provided to Civil Service criminal investigators 
across the Federal Government--has been one of our greatest personnel-
related challenges. In particular, LEAP provides a premium for 
additional hours worked, allowing Civil Service criminal investigators 
to earn up to $160,300 per year while assigned domestically and up to 
$155,489 per year while assigned overseas. \4\ Because LEAP does not 
apply to Foreign Service criminal investigators, my predecessors have 
relied on a special differential to compensate these employees for 
additional time worked and extra availability to work. However, the 
IG's authority to cap these special differentials at an amount 
commensurate with LEAP pay caps recently came under question. Absent 
such authority, some of our most senior Foreign Service criminal 
investigators would have earned in excess of $200,000 per year.
---------------------------------------------------------------------------
    \4\ Both of these amounts are expected to increase in the coming 
weeks in line with an anticipated government-wide pay increase in early 
January 2017.
---------------------------------------------------------------------------
    With the recent enactment of the Department of State Authorities 
Act, Fiscal Year 2017 (Public Law 114-323), this longstanding issue is 
now resolved. Without this authority, my ability to attract, hire, and 
retain a stable, well-qualified investigative workforce would have been 
impaired. I sincerely appreciate the Subcommittee's attention to this 
matter, as well as the full Committee's continuing support.


    Question.  During the hearing, we briefly discussed how you have 
begun to work on USAID's policies and compliance with Executive Order 
13526, the executive order pertaining to the handling of classified 
national security information.


  Can you discuss at greater length what your office has done 
        to investigate IT security and handling of classified 
        information at USAID?

  How should the new leadership at USAID prioritize this 
        issue?


    Answer. Our most recent audit of USAID's compliance with the 
Federal Information Security Modernization Act (FISMA) determined that 
the agency has taken appropriate steps to resolve a longstanding 
deficiency related to inadequate security plans and control testing for 
its enterprise risk management system process.\5\
---------------------------------------------------------------------------
    \5\ USAID Has Implemented Controls in Support of FISMA, but 
Improvements are Needed; Report No. A-000-17-001-C (Oct. 27, 2016).
---------------------------------------------------------------------------
    Despite this progress, we reported earlier this year that USAID's 
organizational structure continues to put its information systems at 
risk. Specifically, we found that the USAID chief information officer 
(CIO) reported to the assistant administrator for the Bureau of 
Management--not directly to the agency Administrator or Deputy 
Administrator, as required by law. As a result, the CIO may have 
limited authority in ensuring information technology projects and 
actions are funded, tracked, and prioritized at a level commensurate 
with the direction and goals of the Agency as a whole. In addition, one 
officer performs security control activities and reviews activities for 
complying with FISMA--roles and responsibilities typically associated 
with a chief information security officer and a deputy CIO, 
respectively-calling into question the independence of USAID's FISMA 
compliance reviews.
    Given the increasingly sophisticated and widespread hacking of 
Federal systems, USAID must be ever-vigilant in promoting effective 
cyber security, particularly when it comes to protecting classified 
information. In the wrong hands, such information can be used to 
threaten U.S. interests, personnel, or activities. Earlier this year, 
we reported on deficiencies in USAID's compliance with Executive Order 
13526, Classified National Security Information, and related National 
Archives and Records Administration (NARA) regulations.\6\ Overall, we 
found that agencywide attention was needed to correct deficiencies 
related to program management, security training, classification, and 
reporting program activities and results to NARA's Information Security 
Oversight Office. To address these weaknesses, USAID committed to 
developing and implementing a comprehensive corrective action plan. 
Completing this action plan should be a major focus area for incoming 
USAID leadership.
---------------------------------------------------------------------------
    \6\ USAID's Implementation of Executive Order 13526, Classified 
National Security Information, Needs Significant Improvement; Report 
No. 9-000-16-001-P (Sept. 30, 2016).


    Question.  I was glad to have the opportunity to discuss the 
challenges we face in administering aid and programs in non-permissive 
environments--particularly in Syria. Your office has identified corrupt 
practices in a number of cross-border aid programs to Syria that were 
---------------------------------------------------------------------------
operating from Turkey.


  Could you discuss further your findings, and how they were 
        used to make changes in the way we implement life-saving 
        humanitarian assistance to civilians in Syria?

  Given this aid is taking place in non-permissive 
        environments, how does your team gain access to conduct 
        oversight?

  What challenges do you face? Do you have to rely on partners 
        to gain access to certain sites?

  Are you seeing greater access issues for investigations, as 
        well as greater oversight challenges at USAID, as our forces 
        draw down in Afghanistan?


    Answer. The fraud schemes uncovered by our investigators during 
unannounced visits to warehouses in Turkey and Jordan demonstrate the 
complexities in overseeing U.S. aid programs in nonpermissive areas and 
the vulnerabilities oversight gaps create. These schemes include 
collusion, bribery, and product substitution. Yet oversight of the 
cross-border programs, which involved 33 awards totaling more than $337 
million, fell under the responsibility of four USAID employees deployed 
to Turkey and Iraq.
    In Afghanistan, as in Syria, it is difficult to get approval to 
access certain areas. However, our investigations work in Afghanistan 
revealed a number of procurement weaknesses that diminish USAID's 
command over the programs it funds, including a lack of fair and open 
competition, insufficient US. Government monitoring, infrequent site 
visits to vendors, a lack of risk assessments of vendors, and a lack of 
approval thresholds for contracts and grants, and questionable 
segregation of duties. Our audits also found questionable costs. To 
provide more rigorous oversight of programs in Afghanistan, USAID 
designed a multitier monitoring plan to leverage data from multiple 
sources, such as the host government, donors, beneficiaries, and third-
parties. However, as we reported, the system as designed was only used 
in 1 of 127 awards.
    In response to our investigative findings, USAID is implementing 
third-party monitoring to reduce reliance on implementer self-
reporting, requiring all employees to attend OIG training on common 
fraud schemes and fraud indicators, and increasing site visits to 
include unannounced site visits to vendors and warehouses. In addition, 
USAID's Office of Foreign Disaster Assistance (OFDA) hired a compliance 
officer to prevent future fraud and institute better monitoring and 
evaluation practices in close coordination with our Office of 
Investigations. Continued vigilance and follow-through on these and 
other new initiatives will be critical to protecting USAID's 
investments in the conflict areas such as Syria and Afghanistan.
    One area that presents unique oversight challenges for USAID 
involves PIOs--which collectively receive about 40 percent of USAID's 
budget for the humanitarian response in Syria--due to USAID's limited 
authority to oversee these organizations. To identify opportunities 
where USAID can better ensure due diligence in monitoring despite these 
limitations, we are examining how USAID assesses and mitigates risks 
before it awards funds to a PIO and identifies vulnerabilities 
associated with relying on PIOs to provide U.S. foreign assistance.
    We remain committed to providing oversight in Syria and 
Afghanistan--despite the decreasing number of areas our investigators 
are permitted to go. Our efforts aim to provide the greatest return on 
investment, such as training agency and implementer personnel and 
beneficiaries on program risks and fraud indicators. We also maintain 
dialogue with OFDA and USAID's Office of Food for Peace on 
strengthening future awards and programs, and are coordinating with 
international donors, including PIOs, which have access to areas where 
OIG staff and other U.S. Government personnel are not permitted. 
Information shared among bilateral donors, PIOs, and our investigators 
through the Syria Investigations Working Group that we established 
further strengthens oversight and helps inform our work to stop fraud. 
Our region- and country-specific fraud awareness campaigns and hotlines 
also help close oversight gaps. For example, working with Transparency 
International--Pakistan, we stood up the Pakistan Anti-Fraud Hotline, 
which has provided us a number of leads into alleged fraud, including 
bribery, collusion, and theft. For instance, we have received over 
7,000 complaints that have led to cases being opened, programs being 
terminated, numerous employee terminations and savings and recoveries 
in the millions. The malaria campaign and hotlines we set up in 
Nigeria, Malawi, and Benin have similarly prompted individuals to 
contact OIG with allegations of fraud such as theft, diversion, and 
resale of U.S. Government-funded antimalarial commodities. Globally, 
illicit proceeds from the sale of stolen or falsified antimalarial 
medicine total more than $60 million a year.
    Finally, OIG developed "Fraud Prevention and Compliance--A Pocket 
Guide for the Middle East Crisis Humanitarian Response'' \7\ to assist 
the Agency with monitoring its implementing partners in the response to 
the humanitarian crisis in Syria and Iraq. The guide addresses trends 
identified in our investigative experiences and meetings with USAID 
implementing partners across the region, and provides a quick reference 
to detect weaknesses in internal controls and common fraud schemes.
---------------------------------------------------------------------------
    \7\ OIG USAID, Fraud Prevention and Compliance: A Pocket Guide for 
the Middle East Humanitarian Crisis; August 1, 2016, 3rd edition.


    Question.  I also appreciated our discussion of the challenge of 
providing adequate oversight of contracts and grants overseas. As State 
and USAID continue to prioritize the local ownership and involvement 
that comes with contracts and grants, what recommendations do you have 
for USAID to improve the design, management, and oversight of these 
---------------------------------------------------------------------------
programs?


  How receptive has USAID been to these recommendations?

  Are there any immediate steps you can take when you find 
        such fraud in addition to the IG-created hotline and law 
        enforcement partnership?


    Answer. Whether USAID works with U.S.-based contractors or non 
U.S.-based nongovernmental organizations (NGO), the deliberative 
decision making process should be the same when designing and managing 
awards and deciding on the degree of monitoring and evaluation 
necessary to protect U.S. interests. Poor design can limit the impact 
of USAID projects or derail them before they begin.
    However, USAID has been challenged to develop and maintain a fully 
equipped, fully trained workforce to design, manage, and oversee its 
development portfolios. With Foreign Service Officers' relatively short 
overseas tours of duty (between 1 and 4 years), USAID has relied on 
contractors and outside organizations to implement and maintain 
progress on development projects. USAID also relies heavily on local 
foreign nationals, who often stay at missions for years, to function as 
repositories for institutional knowledge, giving them significant 
influence in the delivery of U.S. foreign assistance. Moreover, 
frequent turnover can limit the effectiveness of U.S. direct hire 
employees, who are ultimately charged with ensuring program 
achievements and curbing opportunities for fraud.
    Our audits have also shown that some programs are at risk because 
USAID has not adequately secured host country commitment to sustain the 
gains made through the initial U.S. investment. For example, continued 
operations at 80 health care facilities in Haiti were at risk because 
USAID lacked a plan to transfer responsibility for health workers' 
salaries at these facilities. Similarly, the host government lacked 
funds to maintain deteriorating USAID-funded roads in the West Bank and 
Gaza.
    Despite such outcomes, USAID lacks a robust pre-award process to 
clearly identify local implementers who do not have the institutional 
capacity to meet the administrative requirements for managing Federal 
funds. For example, USAID Paraguay failed to determine in its preaward 
survey that a local organization did not have sufficient capacity to 
manage USAID funds, assess results, or track the progress of a $24 
million program intended to strengthen the internal management and 
government systems of select public institutions. USAID may elect to 
work with implementers that carry some level of risk. However, in some 
cases, USAID does not include conditions in the awards to minimize this 
risk, such as provisions requiring the implementer to take corrective 
actions before funds are disbursed. Even when such provisions have been 
put in place, it has been the tendency to not adequately monitor and 
enforce them. Ensuring that USAID staff routinely monitor and know the 
types of questions to ask and observations to make to detect potential 
losses and fraud is critical in overseeing high-risk implementers, 
especially those working in countries with high rates of corruption.
    Regarding agency receptiveness to OIG recommendations, our audits 
have traditionally focused on activities and projects, and our 
recommendations have, accordingly, been made to USAID mission directors 
and other unit heads. These managers tend to be receptive and take the 
actions we recommended for remedying the problems we identified. As 
part of the reforms I am making, we are moving to an approach that 
focuses our oversight of development programs at a more strategic level 
to have a more far reaching impact across the agency and its programs 
worldwide. As such, our recommendations will be issued more broadly to 
bureau and agency leadership, I anticipate that reception at this level 
will be similar.
    In addition to our training, hotlines, and other outreach efforts, 
we regularly meet with USAID officials to bring audit recommendations 
and investigation concerns to the Agency for action. Our coordination 
with international donors and internal agency integrity working groups 
serve to further deter fraud, waste, and abuse.


    Question.  We discussed how U.S.-funded humanitarian assistance 
projects in Syria are prone to more elevated risks than programs funded 
by other nations.


  Given this information, and given that fraud and loss are 
        the two categories for which you have the highest numbers of 
        reported complaints, do you feel that a risk assessment for 
        fraud and loss should be a requirement for any implementer 
        distributing United States foreign aid? Why or why not?

  Is it in fact the case that State and USAID do not require 
        implementing partners to conduct a fraud risk assessment before 
        pitching and implementing risk controls?

  Do you agree with GAO's recommendation that a fraud risk 
        assessment should be required for all USAID partnerships in 
        Syria?

  Is this fraud risk assessment something that has come up in 
        any of your past ongoing investigations or reports?


    Answer. In providing aid and assistance in Syria and similar 
nonpermissive environments, USAID assumes some measure of risk in each 
contract and grant it awards. While risk cannot entirely be eliminated 
in these environments, the risk of fraud can be mitigated through 
quality control procedures in contractual language of awards with 
implementers. For any project conducted in a nonpermissive environment, 
implementers should include in their proposal submission a detailed 
mitigation plan for addressing known fraud vulnerabilities and risks.
    Other measures include third-party monitoring, training for 
Agreement and Contracting Officer Representatives (AOR/COR) that 
improves their capacity to question implementer self-reporting, 
workforce assessments to determine the right AOR/COR-to-award ratio, 
increased involvement of financial management specialists in monitoring 
and evaluation planning, mandated AOR/COR visits to project sites and 
allowing technical experts to conduct vendor and implementer warehouse 
visits, and deploying AORs/CORs during contingency operations.
    OIG agrees with the Government Accountability Office recommendation 
that a fraud risk assessment should be required for all USAID 
partnerships in Syria. Subsequent to the problems our investigators 
uncovered with implementers in Syria, OFDA took steps to improve its 
solicitation process and now requires implementers to address fraud 
risks in their proposal submission and to sign a Fraud Mitigation Self-
Certification Checklist as part of its submission.
    We see OFDA's actions as positive steps, but we have yet to assess 
their impact. Looking ahead, we will continue to consider the 
effectiveness of the measures both USAID and implementers employ to 
guard against fraud, including the role fraud risk assessments play in 
delivering aid in Syria. In particular, we are committed to continuing 
to be an effective partner with the Departments of State and Defense 
OIGs to carry out our Lead IG responsibilities for Operation Inherent 
Resolve (OIR), the operation to counter the Islamic State of Iraq and 
the Levant in Iraq, Syria, and the surrounding region. Joint oversight 
of initiatives such as Lead IG oversight of OIR demands upfront 
planning and ongoing coordination. Therefore, in stepping up our 
scrutiny of programs under OIR and other initiatives that involve 
multiple Federal agencies, we continue to expand collaborative efforts 
with our oversight partners, including a joint audit planning session 
that occurred in November 2016 and another planned for this coming 
February. Our quick reference fraud prevention guide can also assist 
Disaster Assistance Response Teams detect lapses in internal controls, 
such as implementing partners' failure to conduct a fraud risk 
assessment.


    Question.  You identified that many operations overseas involve 
multiple United States government agencies, and that sometimes USAID 
priorities and goals don't match up with those of other agencies. Can 
you discuss in more detail your findings on where interagency 
strategies haven't linked up, and what are your recommendations to the 
next administration for ensuring these conflicts do not occur?

    Answer. USAID coordinates with other U.S. foreign assistance 
agencies on a number of cross-cutting U.S. Government initiatives like 
Feed the Future, Power Africa, the President's Emergency Plan for AIDS 
Relief (PEPFAR), and the Central America Regional Security Initiative 
(CARSI), and in some cases assumes a lead role in advancing U.S. 
Government efforts. OIG has prioritized oversight of such initiatives 
and, based on recent work, identified areas in which USAID can work to 
improve interagency coordination and implementation of U.S. Government 
development initiatives overseas.
    A key concern we identified relates to the interagency relationship 
between the Department of State and USAID, especially in cases where 
USAID uses Economic Support Funds (ESF) to support aid and assistance 
programs for promoting economic or political stability in areas where 
the United States has special interests. While USAID is responsible for 
administering ESF programs, State is responsible for policy direction 
and justification of these programs, creating additional challenges in 
countries where USAID portfolios are funded mainly through ESF--like 
those in the Middle East and Central and South Asia--and State's focus 
is on diplomacy rather than development goals.
    This State-USAID dynamic has a profound effect on missions' ability 
to effectively follow USAID guidance on designing and implementing 
developmentally sound projects. We have also reported that 
infrastructure projects under this model lacked sustainability and 
failed to fully realize intended results. For example, our audit of 
USAID's implementation of programs funded under the Enhanced 
Partnership with Pakistan Act of 2009, Public Law 111-73, revealed that 
State's responsibility for budget and project decisions made it 
difficult for USAID/Pakistan to reconcile its long-term development 
objectives with State's shorter-term priorities. \8\ In general, State 
focused on stabilization and energy programs, while USAID focused on 
other priority areas, such as health, education, and economic growth. 
In response to our recommendation that USAID institute an interagency 
forum to better present its development perspective for State-led 
operations, USAID's administrator engaged State leadership to discuss 
solutions that allow both agencies to pursue their objectives 
simultaneously, including reconciling interests at the beginning of 
planning and programming development assistance. It will fall on the 
next administrator to ensure this forum is put into place and used 
effectively.
---------------------------------------------------------------------------
    \8\ Competing Priorities Have Complicated USAID/Pakistan's Efforts 
To Achieve Long-Term Development Under EPPA; Report No. G-391-16-003-P 
(Sept. 15, 2016)
---------------------------------------------------------------------------
    We have also suggested USAID needs to provide alternative 
development strategies on how it should adapt its project design 
process in politically sensitive transition environments. In 
politically sensitive environments when program decisions are made by 
other federal entities, USAID needs clear guidance on how to modify its 
design and implementation process to fit the circumstances. We 
recommended that USAID improve guidance on how to increase the 
flexibility of implementing mechanisms, especially in the case where 
expedited implementation is critical.
    Finally, we have a robust portfolio of ongoing or planned audits 
that will further assess USAID's efforts to work with other agencies to 
achieve U.S. developmental goals. For example, our ongoing audit of the 
Power Africa initiative will determine whether projects under this 
complex program--which requires extensive coordination between USAID, 
the Millennium Challenge Corporation, the Overseas Private Investment 
Corporation, and the United States African Development Foundation, and 
other Federal components; multiple African governments; and private 
industry--are on track to achieve the initiative's goal to greatly 
expand access to electricity in sub-Saharan Africa by providing at 
least 60 million new households and businesses with on- and off-grid 
power solutions. We also are planning to undertake work on CARSI, a 
major U.S. Government initiative in Central America. In addition, each 
year, we develop and implement our Joint Plan for Oversight of Foreign 
Assistance to Combat HIV/AIDS, Tuberculosis, and Malaria with the OIGs 
for State and the U.S. Department of Health and Human Services.\9\ 
Audits under the plan, including one on PEPFAR's Site Improvement 
Through Monitoring System, are aimed at ensuring, among other things, 
that proper coordination is taking place in implementation of PEPFAR 
programs throughout the world.
---------------------------------------------------------------------------
    \9\ OIG, USAID, DOS, DHHS, Fiscal Year 2017 Coordinated Oversight 
Plan of Foreign Assistance to Combat HIV/AIDS, Tuberculosis, and 
Malaria; August 2016.


    Question.  As I mentioned during the hearing, I appreciate the goal 
that USAID has to ensure that communities have a stake in continuing 
activities and services after USAID involvement ends, which then builds 
the skills of local stakeholders. Your testimony and insights were 
particularly insightful on where the implementation of this concept 
falls short.
  In greater depth, please discuss what steps does USAID need 
        to take as they develop these kinds of projects to ensure local 
        sustainability and ownership once the U.S. involvement ends?


    Answer. USAID's development policy promotes the achievement of 
sustainable results. To help sustain development gains after agency 
programs end, USAID's program development guidance calls for investing 
in communities that have a stake in continuing activities and services, 
building the skills of local stakeholders, and ensuring public- or 
private-sector participation and financial backing. Further, USAID's 
Local Solutions initiative has explicitly sought to promote country 
ownership and sustainability of development outcomes by providing 
program funding directly to host country governments and local 
organizations--those typically based in the country receiving U.S. 
development assistance. As it undertakes development work worldwide, 
USAID often works directly with host country governments in 
implementing its programs. In these cases, it is imperative that USAID 
secures the host country's commitment and assess its ability to support 
and sustain the initial investment. For such projects, the host country 
must possess the technical and financial capacity to effectively 
maintain and utilize USAID-funded projects.
    USAID's efforts to ensure sustainability, including programs under 
Local Solutions, however, have sometimes fallen short of expectations. 
In my hearing I spoke of our audit work on a West Bank and Gaza 
construction program and noted the inability of the local government to 
maintain the program's results.\10\ Additional audit reports also 
identified shortcomings in USAID missions' implementation of activities 
using local government and NGO implementers in countries such as 
Pakistan and Paraguay.\11\
---------------------------------------------------------------------------
    \10\ Audit of USAID/West Bank and Gaza Construction Programs; 
Report No. 8-294-16-001-P (Feb. 22, 2016).
    \11\ Competing Priorities Have Complicated USAID/Pakistan's Efforts 
to Achieve Long-Term Development Under EPPA; Report No G-391-16-003-P 
(Sept. 8, 2016); Audit of USAID/Paraguay's Democracy and Governance 
Program; Report No. 1-526-16-004-P (Jan. 21, 2016).
---------------------------------------------------------------------------
    Based on our work to date, before USAID makes any decisions to 
transfer funds to a local organization, it is incumbent for it to be 
certain that the recipient organization has adequate procurement and 
accounting systems to manage United States funds in accordance with 
applicable regulations. This calls for an effective pre-award 
assessment process and for USAID to mitigate any risks identified 
before disbursing funds. OIG's oversight coverage of USAID's use of 
local organizations has systemically identified this as a problem.
    Equally critical is for USAID to have a robust post award follow-up 
process to hold local organizations accountable to correct deficiencies 
identified during the pre-award assessments. Where USAID enters into an 
arrangement where it identified a lack of implementer capacity or other 
weaknesses that could enable fraud during the pre-award assessment, 
then USAID must as part of its program design incorporate the 
appropriate measures to guarantee that resources will be made available 
to continuously monitor and evaluate the implementer's progress and 
internal controls. Again, OIG's oversight work addressing programs that 
rely on local implementers has shown that these critical steps have 
been lacking, a condition that can enable fraud, waste, and abuse and 
lead to under achievement of development goals.
    OIG is currently taking a strategic look at USAID's Local Solutions 
initiative to assess whether its efforts are working to strengthen 
local capacity, enhance and promote country ownership, and increase 
sustainability. We anticipate issuing this report in the coming year.


    Question.  As we discussed during the hearing, the GAO has 
identified a lack of parity in the information that State and USAID 
share on ForeignAssistance.gov, the centralized public source of 
information on U.S. foreign aid and assistance online.


  Can you discuss whether your office is involved in analyzing 
        these efforts to ensure that USAID is sharing pertinent 
        information with ForeignAssistance.gov, as was mandated by 
        Congress?

  Could you discuss any findings regarding tracking and 
        managing foreign assistance funds?

  Do you have any recommendations for USAID for managing 
        information and improving transparency of how taxpayer funds 
        are spent on our efforts abroad?
    Answer. Historically, audits have frequently reported problems with 
data quality and reliability and these issues have been included in our 
report of top management challenges over the last several years. 
Weaknesses in data with quality and reliability problems that support 
performance results can negatively impact foreign assistance decisions.
    For example, we reported that USAID/West Bank and Gaza's financial 
reporting was not accurate when reporting against foreign assistance 
program areas\12\. U.S. Government agencies use the same State 
Department framework for planning and reporting on their foreign 
assistance program areas, for example, education or health. The 
framework involves coding expenses to indicate which objective and 
related program areas foreign assistance funding is supporting. We 
conducted an audit to determine if USAID/West Bank and Gaza, which 
budgeted $1.1 billion for fiscal years 2012 to 2014, was accurately and 
consistently reporting which funds went to which areas and the impact 
of the mission's spending. We found that, although the mission's budget 
reporting was accurate; reporting on obligations and disbursements to 
the program level was not. Further, we identified reporting problems 
with performance information for 9 of 31 projects active during the 
three fiscal years. We also recommended that the USAID/West Bank and 
Gaza mission verify that each project's financial information aligns 
with performance indicators. USAID took final action on this 
recommendation.
---------------------------------------------------------------------------
    \12\ USAID/West Bank and Gaza's Financial Reporting Should Be 
Clearer on Use and Results of Foreign Assistance Spending; Reporting 
No. 8-294-17-001-P; (Nov. 18, 2016)
---------------------------------------------------------------------------
    With regards to transparency and accuracy of data, our office is 
currently assessing USAID's readiness to comply with the Digital 
Accountability and Transparency Act of 2014 (DATA Act), which seeks to 
make federal spending more accessible, searchable, and reliable. 
Beginning next year, we are prepared to assess USAID's compliance with 
the DATA Act to promote more accurate and transparent reporting of 
USAID spending, which may lead to what is shared with the public via 
ForeignAssistance.gov. This work will make appropriate recommendations 
for better managing information and improving transparency of how 
taxpayer funds are spent.


    Question.  You also noted in your testimony that USAID often has 
unreconciled transactions with other federal agencies, and has an issue 
with reconciling their fund balance with the Treasury's records.

  What does USAID need to do to get back on track here? As we 
        discussed, we need all of our federal agencies to have records 
        that ultimately match up to the Treasury.


    Answer. The U.S. Government has established strict financial 
management requirements to better ensure agencies are effective 
stewards of Federal resources. We continue to reinforce the importance 
of effective financial management and reporting systems through its 
audits of USAID's compliance with these governmentwide requirements. We 
assess USAID's controls most directly through our annual audits of 
USAID financial statements, including our most recent audit for Fiscal 
Years 2016 and 2015, issued November 15, 2016, which continued to note 
the deficiencies cited above.\13\ The persistence of these deficiencies 
informed one of five management challenges facing USAID in fiscal year 
2017: Meeting Governmentwide Financial and Information Management 
Requirements. We have identified these deficiencies in past years, 
making both long-standing areas in which USAID must improve its 
financial management and accounting systems and practices.
---------------------------------------------------------------------------
    \13\ Audit of USAID's Financial Statement for Fiscal Years 2016 and 
2015, Report No. 0-000-17-001-C, November 15, 2016
---------------------------------------------------------------------------
    USAID has made progress reconciling its Fund Balance With Treasury 
account (FBWT) with the balance reported by the U.S. Department of the 
Treasury (Treasury). However, at the close of fiscal year 2016, these 
differences totaled $195 million, of which $141 million was 
unexplained, and we consider USAID's inability to reconcile these items 
as a material weakness. As we reported, these differences persist 
because USAID has not reconciled its FBWT account with Treasury's fund 
balance on a monthly basis, thereby resolving identified differences in 
a timely manner. Instead, USAID simply adjusted its FBWT account to 
agree with Treasury's fund balance. In making a recommendation that 
USAID's Chief Financial Officer address this weakness we urged USAID to 
institutionalize the monthly reconciliation of the FBWT account. 
Further, a process USAID initiated in fiscal year 2014 to coordinate 
with Treasury and the Office of Management and Budget (OMB) to resolve 
these differences has not been completed. USAID will need to follow 
through on its plans to work with Treasury and OMB to resolve this 
issue.
    With respect to USAID unreconciled transactions with other 
agencies, we reported that USAID has over $3 billion in such 
transactions as of September 30, 2016. USAID was required to reconcile 
$596 million of the total amount under OMB Circular A-136, but has made 
little progress. While USAID is likely to address timing differences, 
one cause of USAID's unreconciled transactions, differences resulting 
from accounting errors for example, will require a special effort and 
greater resources. These are significant deficiencies, and we will 
continue to closely watch USAID's actions to correct them. 
Additionally, we have ongoing and planned audits on USAID's compliance 
with Data Act and FITARA requirements and efforts to reduce improper 
payments.