[Senate Hearing 118-67]
[From the U.S. Government Publishing Office]
S. Hrg. 118-67
GAO'S 2023 HIGH RISK LIST: RECOMMENDATIONS
FOR REDUCING WASTE, FRAUD, AND ABUSE
=======================================================================
HEARING
BEFORE THE
COMMITTEE ON
HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS
UNITED STATES SENATE
ONE HUNDRED EIGHTEENTH CONGRESS
FIRST SESSION
__________
APRIL 20, 2023
__________
Available via the World Wide Web: http://www.govinfo.gov
Printed for the use of the
Committee on Homeland Security and Governmental Affairs
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]
U.S. GOVERNMENT PUBLISHING OFFICE
52-783 PDF WASHINGTON : 2023
-----------------------------------------------------------------------------------
COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS
GARY C. PETERS, Michigan, Chairman
THOMAS R. CARPER, Delaware RAND PAUL, Kentucky
MAGGIE HASSAN, New Hampshire RON JOHNSON, Wisconsin
KYRSTEN SINEMA, Arizona JAMES LANKFORD, Oklahoma
JACKY ROSEN, Nevada MITT ROMNEY, Utah
ALEX PADILLA, California RICK SCOTT, Florida
JON OSSOFF, Georgia JOSH HAWLEY, Missouri
RICHARD BLUMENTHAL, Connecticut ROGER MARSHALL, Kansas
David M. Weinberg, Staff Director
Zachary I. Schram, Chief Counsel
Lena C. Chang, Director of Governmental Affairs
Emily I. Manna, Professional Staff Member
Carter A. Hirschhorn, Research Assistant
William E. Henderson III, Minority Staff Director
Christina N. Salazar, Minority Chief Counsel
Quinton A. Brady, Minority Investigative Counsel
Andrew J. Hopkins, Minority Counsel
Laura W. Kilbride, Chief Clerk
Ashley A. Gonzalez, Hearing Clerk
C O N T E N T S
------
Opening statements:
Page
Senator Peters............................................... 1
Senator Paul................................................. 3
Senator Carper............................................... 12
Senator Lankford............................................. 15
Senator Rosen................................................ 18
Senator Hassan............................................... 20
Senator Scott................................................ 23
Senator Blumenthal........................................... 24
Senator Ossoff............................................... 28
Prepared statements:
Senator Peters............................................... 33
Senator Paul................................................. 36
WITNESSES
Thursday, April 20, 2023
Hon. Eugene L. Dodaro, Comptroller General of the United States,
U.S. Government Accountability Office
Testimony.................................................... 5
Prepared statement........................................... 38
APPENDIX
Senator Paul's chart............................................. 58
Responses to post-hearing questions for the Record:
Mr. Dodaro................................................... 59
GAO'S 2023 HIGH RISK LIST:
RECOMMENDATIONS FOR REDUCING WASTE, FRAUD, AND ABUSE
----------
Thursday, April 20, 2023
U.S. Senate,
Committee on Homeland Security
and Governmental Affairs,
Washington, DC.
The Committee met, pursuant to notice, at 10 a.m., in room
SD-562, Senate Dirksen Office Building, Hon. Gary Peters,
chairman of the committee, presiding.
Present: Senators Peters [presiding], Carper, Hassan,
Sinema, Rosen, Ossoff, Paul, Johnson, Lankford, Romney, Scott,
and Hawley.
OPENING STATEMENT OF SENATOR PETERS\1\
Chairman Peters. The Committee will come to order.
---------------------------------------------------------------------------
\1\ The prepared statement of Senator Peters appear in the Appendix
on page 33.
---------------------------------------------------------------------------
Today I would like to welcome Comptroller General Gene
Dodaro to the Committee, and thank you for your years of
service to the American people.
The Government Accountability Office (GAO) is an
independent, non-partisan ``congressional watchdog,'' charged
with examining how taxpayer dollars are spent and evaluating
whether government is working efficiently and effectively for
the American people.
For over 30 years, GAO has reported on ``high risk''
government programs and operations at the start of each
Congress. The High Risk List identifies government programs
that are vulnerable to fraud, waste, abuse, and mismanagement
or need reforms to improve them.
The High Risk List and GAO's important oversight work have
been vital resources for this Committee to identify problems
and work on bipartisan legislation to improve the way the
Federal Government works each and every day, and I hope we will
continue those efforts in this Congress.
Over the past 17 years, by addressing many of the concerns
highlighted on the High Risk List, Congress and Federal
agencies have saved hardworking Americans more than $675
billion in taxpayer dollars. I am grateful to GAO for their
efforts to identify these areas for improvement and for their
continued commitment to ensuring the government functions in
the best interest of taxpayers.
Just within the last two years, the Federal Government has
seen an estimated $100 billion in financial benefits due to
improvements in high-risk areas noted in GAO's 2021 High Risk
Report, and 16 out of 34 high-risk areas have made
improvements, the most since GAO began assessing high-risk
areas.
For example, a 2016 law that I authored, the Making
Electronic Government Accountable By Yielding Tangible
Efficiencies Act (MEGABYTE Act), which was based on a GAO
recommendation to improve software license management, has
saved taxpayers more than $450 million by reducing duplicative
software purchases. I have reintroduced bipartisan legislation
this Congress to continue building on that success by improving
how the Federal Government manages software purchases, and will
continue working to address other high-risk areas highlighted
in GAO's report.
This year, GAO has placed our nation's cybersecurity as one
of the top five high-risk areas that need significant
attention, and has issued more than 4,000 recommendations in
the cybersecurity domain since 2010.
Strengthening our nation's cybersecurity has been a top
priority for this Committee, and we moved several bills last
Congress that I authored to shore up our nation's cybersecurity
defenses, including legislation to require critical
infrastructure owners and operators to report when they have
been attacked or they have paid a ransom.
This is an important step toward safeguarding some of the
most frequent targets of cyberattacks, but it is clear we must
continue working to address this issue as the threats from
cyberattacks continue to grow.
GAO has also highlighted challenges with hiring skilled
cybersecurity and artificial intelligence (AI) experts to fill
roles in the Federal Government. If we are going to be truly
effective at strengthening our networks, leading the world in
these fast-growing areas, and protecting our national security,
then we must have qualified and dedicated cybersecurity,
information technology (IT), and AI experts working across the
Federal Government.
I have also authored legislation to address these skill
gaps to ensure we can fill these in-demand roles in the
cybersecurity and artificial intelligence fields, and will
continue working with my colleagues in a bipartisan way to
build a strong talent pipeline for the Federal Government.
The latest High Risk List also includes the need to address
toxic substances, including Per- and polyfluoroalkyl substances
(PFAS), also known as ``forever chemicals,'' that have
contaminated communities in Michigan as well as all across the
country.
These chemicals can be found in our food, air, water, and
consumer products, adversely affecting the health of millions
of Americans. PFAS exposure remains a serious issue, and the
Environmental Protection Agency (EPA) must be able to
accurately assess and monitor existing and emerging PFAS
substances to determine whether they pose a harm to human
health.
I have pressed for the EPA and other agencies to increase
cleanup efforts, and will continue conducting oversight to
ensure agencies are detecting and responding to this threat in
a timely manner.
Finally, this year's list includes pandemic preparedness
and response efforts. Last Congress, I released a report
detailing the findings from a two-year investigation into the
Federal Government's preparedness and initial response to the
Coronavirus Disease 2019 (COVID-19) pandemic. The investigation
revealed serious systemic failures in our nation's ability to
grapple with a pandemic of that scale, and my report made key
recommendations to ensure we are better prepared for the next
public health crisis. I will continue working on legislation to
address these shortcomings and strengthen our ability to deal
with future pandemics.
Mr. Dodaro, we appreciate you for your independent, non-
partisan work that you and all of the dedicated employees at
GAO have conducted and continue to conduct. I know last month,
the Partnership for Public Service named GAO the Best Place to
Work in the Federal Government for mid-sized agencies.
Congratulations on that, a great honor.
[Applause.]
I will add it was the third year in a row. Now that is
worthy of applause, three years in a row.
With all of that I look forward to our discussion here.
Ranking Member Paul, you are recognized for your opening
comments.
OPENING STATEMENT OF SENATOR PAUL\1\
Senator Paul. Thank you. This Committee is long overdue for
a hearing that focuses on the rampant waste, fraud, and abuse
in the Federal Government. We are faced with a $31 trillion
mountain of debt. Rather than attempt to get spending under
control, though, both parties continue to propose new spending
with no regard for the exploding debt or controlling the
already existing spending.
---------------------------------------------------------------------------
\1\ The prepared statement of Senator Paul appears in the Appendix
on page 36.
---------------------------------------------------------------------------
To make matters worse, everyone in Congress knows that the
plague of waste has infected just about every Federal agency.
But rather than take steps to restore fiscal health, Congress
buries its head in the sand, doles out more and more taxpayer
money every year to the Executive Branch with no strings
attached, crosses its fingers, and hopes the problem will fix
itself.
For years, I have documented outlandish spending in my
annual ``Waste Report,'' which exposes how the Federal
Government is misusing Americans' hard-earned tax dollars. My
most recent report uncovered over $482 billion in government
waste. For example, the National Institutes of Health (NIH)
spent more than $1.1 million to get mice drunk--apparently we
are not aware of what happens when you drink too much--$2.3
million to inject six-month-old beagle puppies with cocaine--
apparently there is not enough evidence of what happens to
humans on cocaine--$3 million to watch hamsters fight on
steroids.
This is the tip of the iceberg. This has been going on
since the 1970s. Many of you will remember the studies to
figure out what makes people happy. This stuff has been going
on forever, and yet the agency that funds a lot of this, the
National Science Foundation (NSF), we have doubled their budget
in the last two years, and we think, oh well, they will be much
better with waste and fraud with double the amount of money. It
is my opinion the only way you ever rein in waste and fraud is
give these agencies less money, and then they will be forced to
make do on less money.
Government watchdogs like the Government Accountability
Office were created to expose and combat waste, fraud, abuse,
and mismanagement in the Federal Government. Every two years,
GAO publishes its own report that helps call out government
misdeeds. The High Risk report is a compilation of government
failures and vulnerabilities. It spotlights agencies and
programs prone to waste, fraud, and abuse.
One issue prominently featured in GAO's most recent high-
risk report is the governmentwide problem with improper
payments. This has been listed in the past and is listed again
this year. For example, in 2022, GAO found Medicare made $46.8
billion in improper payments. Medicaid made $81 billion in
improper payments, which should really not come as a surprise
given the Medicaid program suspended enforcement of eligibility
reviews during the COVID-19 pandemic. This has not been talked
about much, but during the pandemic all the so-called rules for
looking at abuse just went out the window and they said, oh
well, everybody deserves Medicaid, everybody deserves food
stamps, and nobody came off any of these programs. We just
threw out all of the oversight of these programs, and as a
consequence, they are in some of the worst state that they have
been in in a long time.
If that was not bad enough, GAO looks at the substantial
levels of fraud that occurred in the Department of Labor's
(DOL) Unemployment Insurance (UI) program and says it is almost
impossible to even grapple with the problem because it is so
big and so opaque.
Like my own waste report, GAO also identified the
Department of Defense (DOD) as a consistent perpetrator of
waste, fraud, and abuse. Since 1995, GAO has identified
Department of Defense's financial management as ``high-risk.''
Unfortunately, not much has changed since then, other than DOD
receiving bigger and bigger checks every year. This is an
example of how this is really a bipartisan problem, Republicans
wanting unlimited checks for the Defense Department, Democrats
wanting unlimited checks for the social welfare. Everything
goes up and the oversight becomes less and less proficient or
profound.
Until the Department of Defense can properly account for
the money it spends, though, Congress can never effectively
conduct oversight of the department. The DOD has become a
behemoth of spending, and no one here ever questions it.
How does all this waste happen? A better question might be,
how does all this waste continue to happen and get worse all
the time? When I was a kid in the 1970s, William Proxmire, a
conservative Democrat, used to give his Golden Fleece Awards
for nonsensical government spending. But here we are, decades
later, still facing the same problems. There was one study that
they did in the last two years, I think it was over $1 million
to study if you take selfies of yourself smiling and you look
at these selfies later on in the day, whether or not you will
be happier.
The thing is, do you think that is going to get better if
we give the National Science Foundation more money? We doubled
their budget and they do more of this craziness, and every year
we point it out and every year gets worse because no one is
willing to call them on it and say, ``We are going to give you
less money next year unless you are better with spending the
money.''
The Chairman, GAO identified numerous instances of waste,
fraud, and abuse that Congress can easily address. I appreciate
GAO's work, but what is really needed is congressional will to
significantly reduce government waste and spending. The
American people deserve an accountable government that manages
their hard-earned dollars responsibly. Mr. Dodaro, thank you
for being here today. I look forward to hearing your testimony
and working with you to reduce the waste, fraud, and abuse
identified in your report.
Chairman Peters. Thank you, Ranking Member Paul.
It is the practice of the Homeland Security and
Governmental Affairs Committee (HSGAC) to swear in witnesses,
so Mr. Dodaro, and our subject matter experts, I think that may
becoming, there are a few that might be testifying in the
question and answer (Q&A) process, if you would please all rise
and raise your right hand.
Do you swear that the testimony that you will give before
this Committee will be the truth, the whole truth, and nothing
but the truth, so help you, God?
[Chorus of I dos.]
Chairman Peters. You may be seated.
Today's witness is Comptroller Gene Dodaro. Mr. Dodaro has
served as the Comptroller General of the U.S. Government
Accountability Office since 2010, following two years as the
Acting Comptroller General.
In his over 45 years of service at the GAO he has held a
number of leadership positions, including Chief Operating
Officer (COO) and head of GAO's Accounting and Information
Management Division.
Mr. Dodaro, welcome to the Committee once again. It is
always great to see you. We enjoy hearing your testimony and
enjoy working with you on these important issues. You may
proceed with your opening remarks.
TESTIMONY OF HON. EUGENE L. DODARO,\1\ COMPTROLLER GENERAL OF
THE UNITED STATES, U.S. GOVERNMENT ACCOUNTABILITY OFFICE
Mr. Dodaro. Thank you very much, Mr. Chairman, Ranking
Member Paul, Members of the Committee. It is a pleasure to be
here. I appreciate all the kind words about GAO. We enjoy
working with this Committee and other committees across the
Congress to make our government more accountable, efficient,
and effective.
---------------------------------------------------------------------------
\1\ The prepared statement of Hon. Dodaro appears in the Appendix
on page 38.
---------------------------------------------------------------------------
The basic story with this High-Risk Update is that there
has been good progress in certain areas due to Congressional
and Executive Branch actions, but there are still serious, very
consequential problems that need to be addressed--that need
greater attention from the Congress and the Executive Branch.
On the progress side, Mr. Chairman, you pointed out 16
areas improved, two to the point that we are removing them from
the list. The first is the Pension Benefit Guaranty Corporation
(PBGC) multiemployer pension program. Congress appropriated
funds. That program was projected to be insolvent in 2026. Now
the projected insolvency date has been pushed off several
decades. The single employer program has also improved
gradually and so PBGC projects a very low risk of insolvency
for either program for the next 15 years. We are going to take
them off the list. Now just because they come of the list, they
are not out of sight, so we will still continue to monitor what
is going on with those programs.
We are also removing the 2020 Census. They were able to
contain, for the first time, the growth in spending in the cost
of the census. They successfully deployed an internet response
option this last time, and they took all our recommendations
and those of the Department of Homeland Security (DHS) to bring
down cybersecurity risk to the census. We are taking them off.
Again, we will continue to watch whether or not risk builds up
toward the 2030 Census, and if so, we will add it back to the
list.
There has been progress in other areas. Congress provided
stable funding, at least for the next five years, to the
surface transportation area. It did not solve the problem long-
term so it is still on the list, but there was good progress.
Congress passed the Postal Service Reform Act that
eliminated some of the financial pressures on the U.S. Postal
Service (USPS). But the Postal Service business model is still
not viable in the future. It continues to lose money--and
remains on the list as well.
Congress passed legislation to support a number of programs
that seek to build in climate resilience up front, so our high-
risk area of limiting the Federal Government's fiscal exposure
by better managing and building resilience in up front was
addressed.
Congress has provided some additional resources to the
Internal Revenue Service (IRS), which deals with our high-risk
area of tax administration on that area.
So good progress. Congress is to be commended for all the
action that they have taken, as well as the Executive Branch,
in implementing some of these reforms.
We added three new areas to the High Risk List. One is the
Department of Health and Human Services (HHSs) leadership and
coordination in responding to public health emergencies. Over
the last decade we have seen failure after failure to be
adequately prepared, and most recently during the pandemic.
Roles and responsibilities need to be better clarified and
there needs to be better data--and better communication--that
is consistent and clear to the public. I fear we are not any
better prepared now for the next emergency than we were for the
last one. I wanted to put it on the list to highlight it, so
that it stays in the public eye and with the Congress and the
Administration.
We also added the Unemployment Insurance System. Here we
have estimated that at a minimum, there was $60 billion of
fraud. We are working on a higher-end estimate now. But due to
the significant fraud and improper payments--which was
occurring even before the pandemic, at a much less level--and
the need to reform the State IT systems. IT systems at the
State level are very archaic. They are not well positioned. The
program is not really designed to meet the modern needs of our
current evolving workforce.
We also are adding the management of the Federal prison
system. There have been problems in the Bureau of Prisons'
(BOP) staffing, which has led to some concerns about inmate and
staff safety, and about their efforts to evaluate programs that
are intended to help deal with the recidivism issue. Programs
have not been very well evaluated and improved in those areas.
Now I would like to highlight a few of the other areas
remaining on the list. One is cybersecurity. The Federal
Government is still not operating at a pace commensurate with
the evolving grave threat. This has been something I have been
focused on for many years now. The National Strategy just came
out, but there is not yet an implementation plan for the
strategy. They promised to produce one. It needs to identify
who is responsible for what, how much money is needed, and how
to measure performance and improvements in those areas.
Cybersecurity remains a grave threat to our economy and our
national security, and it needs to be better addressed.
Second is drug misuse. We added that to the High Risk List
a few years ago. The latest 12-month statistics show over
107,000 people died from overdoses. There have been problems
now not only with fentanyl and opioids but with xylazine, which
is a tranquilizer given to animals, being mixed with the
fentanyl, which is causing even more severe problems. We need a
national strategy--that needs to be completed and implemented
successfully. We need more coordination with State and local
governments, law enforcement, and health care providers--to
deal with this issue.
The last area I will mention is oversight--of medical
products and device. The Food and Drug Administration (FDA) is
still not in a good position to deal with potential drug
shortages in the economy, and to provide oversight over foreign
production of medical products. Whether it is pharmaceuticals
or medical devices, most of what is consumed in the United
States right now is produced in other countries. FDA has to
have more of an effective strategy for the global supply chain,
not just domestic production in the United States.
We are committed to continuing to work on these high-risk
areas, to make greater progress. They are all very important to
public health and safety, our national security, and can save
billions of additional dollars.
I thank you for the opportunity to be here. I look forward
to your questions.
Chairman Peters. Thank you, Mr. Dodaro. Thank you for the
testimony.
Federal cybersecurity has been on the High Risk List for
years, as you know, but as you have just testified to it
remains in need of significant attention. In many ways it is
becoming a bigger problem that requires even more attention
than in the past.
The Federal Information Security Modernization Act (FISMA),
for example, the Federal oversight, has not been updated in
almost a decade, and that was before Cybersecurity and
Infrastructure Security Agency (CISA) or the National Cyber
Director even existed, and yet we have not updated some key
pieces of legislation.
Last Congress, this Committee marked up legislation that I
wrote relating to FISMA, and it passed with unanimous support,
but it still has not gotten through the House. We are going to
continue to work to make that happen, and we are going to
continue to work in Congress in a bipartisan way to do that.
But my question for you, sir, is you have been sounding the
alarm on Federal cybersecurity for more than two decades now,
and as we continue to work on this issue what do you believe
are really the key things that we should be focusing on to make
these improvements, going forward?
Mr. Dodaro. There are four main areas and about 10 actions
that we believe are absolutely critical. One is the development
and successful execution of a national and global strategy to
deal with this issue. I mentioned the current status of that.
Supply chain issues need to be dealt with more effectively. We
have done quite a bit of work on those areas. We need a better
cyber workforce. There are not enough people in the workforce.
They are not always deployed in the Federal Government in the
greatest priorities.
We also need to get ahead of emerging technologies.
Artificial intelligence and quantum computing will dramatically
increase the cybersecurity concerns. Quantum computing can
break encryption methods that are currently being used. We need
to get prepared for these things ahead of time, which is why I
tried to raise this issue. I first put it on the list in 1997,
to try to get action.
Second, we have to get the Federal agencies to have more
comprehensive, effective security programs. Most of the Federal
agencies are rated by their Inspector Generals (IGs) as not
having effective IT programs. That is why FISMA reform is, in
fact, needed, and we look forward, hopefully, that it will
pass. We also need to have better incident responses when
things do happen, and they will happen, that the agencies need
to get on them right away, deal with them, limit the damage,
and do assessments going forward.
The third area, which I believe is one of the most
important, is critical infrastructure protection. I do not
think the Federal Government knows the preparedness of many of
these important sectors of our economy as much as they should,
in terms of the electricity grid, the communications networks,
the financial markets, and many other areas. There needs to be
much more partnership between the Federal Government and the
private sector in this area, if we are going to really have
successful activities. Right now it reminds me of the situation
before September 11, 2001 (9/11), where a lot of people had
information but it was not being shared with one another.
Last, privacy laws need to be desperately updated. The
Privacy Act was passed in 1974. There have been some minor
improvements with more recent legislation, but it really does
not meet the needs of the private sector or well serve the
American people.
Chairman Peters. I want to pick up on critical
infrastructure. In your report you noted that six out of the
nine sector risk management agencies need to better measure how
critical infrastructure entities are actually addressing the
cybersecurity risk, as you alluded to there in your last
answer. You have also recommended that CISA establish
milestones and timelines to help sector risk management
agencies carry out their responsibilities.
My question for you is, sir, in your view are sector risk
management agencies resourced and organized to handle their
responsibilities, or is there something else we should be
thinking about?
Mr. Dodaro. There needs to be more work to have them better
organized and resourced. On the resource side, it is
considered, in many cases, to be a corollary duty to their
normal responsibilities, so they are really not dedicated to
this effort. There is not a lot of focus on how to make
improvements and measure whether or not the efforts that they
are taking with the private sector are really improving the
profile in those areas.
Both on the organizational level and on the resource level
the government is not where it should be, if we really are
serious about managing the threat in this area and trying to
work cooperatively with the private sector. I know there is a
lot of reluctance to share information between the private
sector and the government. We need to overcome that if we are
going to, as a Nation, have a comprehensive approach. There
needs to be some compromise on requirements. I know there is
resistance to a lot of regulation, and I am not advocating
that, but we need to get more serious and have some more
compromises. Where there is a Federal regulatory role we should
use it properly.
Chairman Peters. Mr. Dodaro, the Toxic Substances Control
Act provides EPA with the authority to review chemicals already
in commerce, to keep the public safe, as you are well aware.
However, there are thousands of PFAS chemicals still in use
that have not yet been fully evaluated by the EPA.
In your opinion, what steps does the EPA need to take to
ensure that it can efficiently and effectively review PFAS
chemicals to keep the American public safe?
Mr. Dodaro. EPA has come up with a national testing
strategy, which is a good first step. They have also
established the first proposed rule for regulating certain
PFASs in drinking water, which is a good step forward. But our
observation is they are not resourced properly. They are way
behind, and they do not have both the type of technical people
in specialty areas as well as the quantity of people necessary
to deal with the proliferation of these chemicals throughout
our environment.
That has been the biggest area that has been a problem, and
I think Congress needs to focus on that. I am not advocating
giving them resources without accountability. They need to have
resources, but they need to produce and use those resources
effectively.
Chairman Peters. Thank you. I was happy to see that the
2020 Census was removed from GAO's High Risk List, and I
appreciate the work that the GAO did to provide key oversight
during that process. However, I think we should learn from some
of the problems that occurred in the last census, and it is
really critical that we do that. One item in particular was the
undercount of many populations, including in the city of
Detroit, and we need to address this problem going forward.
That has a significant impact on a local area, as you know. The
Bureau must incorporate lessons learned in the 2030 Census
planning process as it is ramping up.
I just quickly, in the time here, will you commit to
continuing the oversight of the Census Bureau? Even though it
is off this list it is still going to require some pretty close
oversight.
Mr. Dodaro. Absolutely. One of my earlier assignments at
GAO was looking at preparations for the 1990 Census, and we
have followed every decennial since, and we will continue to do
so.
Chairman Peters. Good. I appreciate that.
Ranking Member Paul, you are recognized for your questions.
Senator Paul. Thank you, and welcome. I am very impressed
with your work through the years, and continue to be amazed at
some of it. In fact, you are able to get information that we
are not able to get. We have such great resistance from
Executive Branch, of either party, that everything is hidden
from the people's representatives and from the people.
Recently you were commissioned to look at spending through
our agencies that has gone to China, and you found that there
was $48 million that you can locate so far that went to China.
But what was extraordinary, and still is extraordinary, I think
has not really fully been recognized, is that you actually
discovered that money was going from American universities and
being subcontracted to military research in China. People would
be kind of amazed that we are actually funding research in
China, since we have such an adversarial relationship, but we
are actually funding military research.
There is an Academy of Military Medical Sciences (AMMS),
and I think you publicly identified at least two of the
universities with subgrants there, Duke and UC Berkeley. We
have people thinking there may be as many six or seven other
universities that are subcontracting this--UC Davis, UTMB
Galveston, University of Wisconsin Madison, University of North
Carolina, and University of Minnesota--and I would like to hear
your response if you know any more about it, but also to look
into those, because I think there is a question of whether it
is being done appropriately, honestly, and actually, frankly,
legally.
Are you aware of any other universities that you can tell
us that are subcontracting grants to China?
Mr. Dodaro. Not offhand. I will talk to our team, and if we
do have something I will submit it for the record.
Part of the problem is there could be an award to a
university, and sub awards from the universities to different
areas, and it can go even a little further than that, and it is
hard to track the sub awards.
We are looking at that now. We are also looking at the
Federal Government's coordination of research in international
areas. We have a separate effort to look at that right now.
Senator Paul. In looking at these subcontracts are you
looking at whether or not they are obeying the law, the rules
as to how you are allowed to subcontract it? Do you look at the
False Claims Act, or are you looking at legality as well as
good policy?
Mr. Dodaro. We are looking at how the agencies are
structuring the awards, and what kind of requirements they
have. I have a little concern, in some of the preliminary
briefings I have heard, that the Federal Government is not
striking these agreements in a way that protects the Federal
Government's interests as appropriately as possible.
Senator Paul. Basically everything we know, we have learned
some from the GAO, and almost everything else we know is from
Freedom of Information Act (FOIA). The agencies will give us
nothing. Recently we voted unanimously to declassify all of the
COVID origins material, to give it to us. That does not mean
they will give it to us. We have been asking for declassified
information for two years and we get squat.
In fact, from Freedom of Information Act we have two people
at Defense Threat Reduction Agency (DTRA) and the Department of
Defense, they are talking to each other, and they are saying,
well, we are reviewing EcoHealth but it looks like EcoHealth is
doing things with dollars beyond the definition of what they
are supposed to be doing. The lead researcher at DTRA writes
back and says, ``We probably should change the wording because
if someone ever FOIAs that, that is not going to look good.''
Can you imagine these people?
They also have exchanges going back and forth saying,
``Senator Paul has requested this but he is doing it by himself
because we cannot get a Democrat to help us, and so we are not
going to give it to him.'' They actually are discussing that.
Anything you can do, I trust your honesty, your integrity,
and that you will try. We need your help, because government is
so out of control that we cannot get information.
We complain about the Chinese government. We cannot get
information from our own government. We now have unanimously
passed to declassify things, and they are still holding on to
all the information. They will not give it up. We are still
wrangling. We have not yet gotten one Democrat chairman to sign
one letter of request for records.
This is a real problem. The thing is I do not do this for
partisan reasons. My concern is there are people, scientists,
saying this, that the next pandemic that escapes from a lab
could kill as much as five percent, or even as much as 50
percent of the people on the planet. This is what we are
looking at. We can create monstrous super viruses and nobody
seems to care whether this came from a lab.
I appreciate what you are doing. I am very interested in
the other universities because they do gain-of-function
research. They have collaborated with China. But I am also
interested in the military aspect of this. People talk about
viruses having dual use. You can do it to look for vaccines.
Everybody wants a vaccine. But it also could be a weapon.
Everybody has always talked about dual use in this research,
but we typically, ostensibly, only worked with other countries
in the civilian area.
It boggles my mind that nobody seems to know that
universities--and you all discovered this, which is amazing--
that our universities are giving the money, subcontracting it
Academy of Military Medical Research, where the scientist there
has not the title of doctor but general and colonel in the
People's Liberation Army.
This is something that I can only encourage you. We will be
asking you also to do more of it, and we will try to get the
other side to agree to help us find out more information. But
we would like to encourage this.
I am sure you have a team that has been doing this, if you
would allow them to come and visit with us and talk more about
what they have. Because sometimes we read a conclusion, and
they might give us better ideas of things that we want to look
at as well.
Mr. Dodaro. Absolutely.
Senator Paul. I guess the main thing is to isolate in on
what are the rules for these things, whether people are obeying
the rules on the subcontracting. And just by not listing it,
that can be more than an oversight. That can be actually
obscuring where the money is going as well.
But I appreciate your work on it, and we would like to get
back with you further to talk about it, if we can talk to your
team individually. Thank you.
Mr. Dodaro. I am equally concerned about this issue, and we
will continue to focus on it, and to work with your staff.
Chairman Peters. Thank you, Ranking Member Paul.
Senator Carper, you are recognized for your questions.
OPENING STATEMENT OF SENATOR CARPER
Senator Carper. Thanks. This is one of my favorite days of
the year. I understand there are one or two people in the room
that actually work with you at GAO, and if there are a few that
work at GAO, the most popular place to work in the Federal
Government, raise your hand. Just convey to your colleagues our
heartfelt thanks for the great work that you do, and Gene, to
you for the extraordinary leadership you provided for a long
time.
My wife has an interesting sense of humor, and every year
when it is my birthday--she is a year or two younger than me--
every year when it is my birthday she will say to me, ``What do
you want on your tombstone? What kind of scripture? What kind
of songs do you want them to sing at your funeral?'' Finally I
just said, ``I have had enough. On my tombstone, this is what I
want.'' Thinking of all the years that I worked on postal
reform legislation, and with the Chairman, Rob Portman, Richard
Burr, and others. But anyway, thinking of the great work that
we did passing postal legislation, I said, ``Martha, I think I
would like to have on my tombstone, `Return to Sender.' ''
[Laughter.]
She did not even blink. She did not even smile. I thought
it was a pretty good line, and she said, ``If that is not
available what else would you like to have on your tombstone?''
I said, ``I would like to have 'He was deaf on improper
payments to dead people.' '' That would be pretty good, you
know? We worked on that one, and several of us worked on that
one, pretty hard for a long time.
But on a more serious note, I want to pause and address the
improper payments, something we talked about ad nauseum, but we
still need to continue to focus on it. Thank you and your folks
for your diligence in working with us.
I also am encouraged--we still have too many government
operations, too much to criticize and find fault with--but as
you reported to us, that we are making an improvement in a
number of areas and several of the key areas have actually been
taken off of the High Risk List, and we are happy about that.
As we have learned, payments made through the Paycheck
Protection Program (PPP), the Economic Injury Disaster Loan
(EIDL), program during the onset of the pandemic, resulted in
hundreds of millions of dollars in improper payments. While
this emergency relief, we know helped thousands of small
businesses, probably millions, across the country coped with
adverse economic conditions, these programs remain susceptible
to high levels of improper payments and fraud.
In the 116th Congress I worked with Senator Kennedy,
Senator Peters, Senator Paul, and others on this Committee to
pass legislation that would endeavor to stop making improper
payments to dead people, and require data-sharing among Federal
agencies to ensure that these payments are reduced and
eventually eliminated.
Question. Comptroller General, what suggestions does GAO
have for additional legislative improvements to further address
improper payments and fraud?
Mr. Dodaro. Yes. First, I recommended legislation for any
new Federal program that is created or where there is a major
increase in a program of $100 million or more, be automatically
designated susceptible to improper payments. Right now it could
be one or two years after the program is started before the
very first improper payment estimate is made. That is too late,
particularly in some of these emergency programs, the program
is over before estimates are made. The later you make these
estimates the less likely you are to recover the improper
payment.
Second, agencies should be required to have special
procedures in place and internal controls before emergency
spending, or major increases in spending. Right now we have
made that recommendation to the Office of Management and Budget
(OMB). Everybody in the Executive Branch thinks the normal
controls are enough. We do not. We think they need special
controls, and they know what they need to do. Because this is
where the push is to get the money out fast without having the
normal controls in place. You need some kind of tailored
controls, and you can do both. You can protect the government
and get the money out fast if you plan ahead and use those
experiences.
The last thing I would mention is that there needs to be a
permanent analytical capability within the inspector general
community. We had it during the Recovery Act days. It was
eliminated in 2015. I recommended that Congress make it
permanent. That did not happen. I am at it again. I would like
to see it made permanent. The IG community is supportive. They
can help prevent fraud and improper payments.
Senator Carper. Great. My staff and my colleagues have
heard me say, over and over and over again, everything I do, I
think everything we do, we can do better, and you have given us
three good ideas to how to do it, an even better job on
improper payments, especially to people who are no longer with
us.
The second area I wanted to pursue in my questions deals
with establishing a governmentwide cyber workforce plan. As
folks in this Committee know well, the cyber threat posed by
hostile nations and groups around the world cannot be
overstated. We continue to see cyber threat actors evolve and
advance their techniques in ways that pose a threat to
business, health care facilities, critical infrastructure, and
put at risk the financial and personal safety of our countrymen
and women.
Unfortunately, the cyber threat landscape is not getting
less volatile. It is actually getting more volatile.
Comptroller General, in your statement I believe you mentioned
that further action is needed in cyberspace when it comes to
establishing and effectively implementing a governmentwide
cyber workforce plan.
My question along those lines is, given that each Federal
agency's mission and size is so different from one another, how
best can we establish a governmentwide cyber workforce plan
that would address the needs of each department in an
appropriate way.
Mr. Dodaro. Yes. I am going to ask Nick Marinos, who is our
expert in the IT and cyber area, to respond, Senator.
Mr. Marinos. Yes, Senator. First, just to point out we have
heard from the White House that there are intentions to
establish the national strategy for cyber workforce in the
summer. What we would be looking for is, one, a push-back to
the agencies to continue to identify where they have gaps. Even
though we have seen some improvement in this area, there is no
comprehensive way for us to know whether each Federal agency
actually knows what it needs.
The second thing is that each agency then needs to focus on
not only recruiting and hiring but also retaining really highly
qualified staff. We know there is a shortage, not only within
the Federal Government--but across the Nation, and so it will
be important for them to leverage not only the tools that they
have right now but recent legislation that has called on
creative ways to try to generate ideas for how to keep Federal
Government employees actually staying within the Federal
Government.
Senator Carper. Great.
Mr. Dodaro. There are a couple of things I would add. One
is that there is a problem now between competition among
agencies for the same talent. I think a governmentwide plan can
help deal with that issue a bit because there is an unlevel
playing field. Some agencies have special hiring authorities
and pay; others do not. I think there needs to be a look at
that and whether that is rationalized properly.
The other thing is the Office of Personnel Management
(OPM). We have just issued a report recently saying Office of
Personnel Management does not have its own plan for improving
its workforce--and needs to. The human resource (HR) people in
the government, whether they are centralized in OPM or in
individual agencies, are not what we need in order to help
support the recruitment and hiring of cyber people.
I think this is also a cautionary tale that we need to get
ahead in artificial intelligence and quantum computing, because
there were really no qualification standards for cyber people
for a number of years, and so we were way behind the curve.
Senator Carper. Mr. Chairman, we have a saying in the Navy,
when people do extraordinary work, we use the phrase, ``Bravo
Zulu.'' I would just say to you, to both of you, to the folks
that are behind you from GAO and those that may be listening in
or watching, tuning in today, and those that are hard at work,
Bravo Zulu. Keep up the great job. Thanks so much.
Chairman Peters. Thank you, Senator Carper.
Senator Lankford, you are recognized for your questions.
OPENING STATEMENT OF SENATOR LANKFORD
Senator Lankford. Mr. Chairman, thank you. Gene, it is good
to see you again. Let me start with the same question we talk
about every year. You will know the rest of this question when
I start it. Taxpayers Right To Know. We have talked about it
year after year. It has obviously passed. Twenty million
dollars was given to OMB to go through the implementation. They
received that funding. They have said they are doing pilot
programs. They have also said they are coordinating with you on
the process.
Tell me how it is going for Taxpayers Right to Know. They
have the funding. They have the law. What is actually
happening?
Mr. Dodaro. Their current plan right now is to create an
interagency working group to leverage additional resources
needed and to get buy-in from the agencies because they are
going to need to do that. They are going to deploy resources
this summer and make a major push to try to begin developing an
inventory and having the pilot.
I am encouraged by that. It has taken them a while to get
to this point, so it may put them at a disadvantage in meeting
the 2025 date that has been established.
Senator Lankford. Or try anyway. Is your team at the table
in the conversations on setting the list, setting the
priorities, setting the program definitions? Because the
program definitions is a big part of this, and we have to get
that right at the beginning.
Mr. Dodaro. Yes. We have been playing an appropriate role,
protecting our independence, but also being a sounding board
and making suggestions to them. They are listening, and they
are adopting some of our suggestions.
We were the ones that were encouraging them to bring the
agencies in, not only for resources but to get buy-in.
Senator Lankford. Get the conversation.
Mr. Dodaro. Yes, absolutely.
Senator Lankford. Strategic human capital management has
been on your list since 2001. It remains on the list. This is
an issue that I talk about a lot. Our Committee has talked
about it a lot. Best I can tell there is about 105 hiring
authorities. When I asked the Chief Human Capitol Officers
(CHCOs) about it, about 20 of them are used more than 90
percent of the time. But every time I bring up direct hiring
authority, everyone has a conniption on it and thinks that will
never work or whatever it may be, except for the entities that
actually use it.
What is it going to take on the strategic human capital in
trying to be able to figure out, on the hiring side, just the
hiring portion of it, to be able to simplify this so it is
actually usable and it does not take 145 days to hire someone
at the IRS?
Mr. Dodaro. One of the government-wide shortages and
critical skill gaps is in the human resource people who
actually support and run the hiring efforts and activities.
There are problems at OPM itself, and there are problems in the
individual agencies. A lot of the human resource people were
trained over the years, going back to the civil service reform
days to be compliance oriented, to make sure you do not do
anything wrong in these areas, as opposed to what can I do to
be helpful, to help in these difficult areas.
We need to change that mindset, change that approach, and
get the right people in there to support them. Then I think
things will be a lot easier.
Senator Lankford. You and I have talked several times about
the census, and I know census has dropped off the list this
year. But one of the issues that I bring up consistently is the
IRS, every single year, touches every single person, basically,
across the country, or a vast majority of them. The census does
it every 10 years. But for whatever reason, census and IRS will
not talk to each other. There is some information-sharing
behind the scenes. But why could not the census, every 10
years, partner with the IRS, what they do every one year, and
add a couple of additional questions to your IRS filing, and
that also fulfills your census as well for that year, and then
for everyone else that does not do a filing to be able to then
go pursue those folks?
That seems too common sense to actually work in the Federal
Government, but I have been told for 10 years it will not work,
it will not work, it will not work. I have also asked why it
will not work, and no one can give me the answer why it will
not.
Mr. Dodaro. Yes. The only limitation I can see offhand of
why it would not work is the timing of it. The census is where
everybody is on one particular day, when they do the
measurement, and the IRS filings are a year later. You file one
year for the previous year.
Senator Lankford. Right.
Mr. Dodaro. There may be a timing issue there. But I will
look at it. I will have our team look at it, and there may be
ways to overcome that. But to me the timing would be the major
thing.
Senator Lankford. It is obviously because it goes door to
door, trying to be able to check on people. They get as close
as they can to one day. That one day could be April 15th. That
would be just a statutory thing for us to be able to say April
15th is the one date.
Mr. Dodaro. I will think about it. But you file on April
15th you are filing for the previous calendar year.
Senator Lankford. But you are filing where you are this
year, with your address, where you are this year on it, as
well. But let's talk about that at length----
Mr. Dodaro. OK.
Senator Lankford [continuing]. To be able to go from there.
There are a couple of things I actually want to bring up.
Can GAO do oversight on it. You have been in telework status
for three years now. You are in the process of coming back from
telework status. I look at your numbers typically in the past.
You are typically $145 to 1 of recovery. Well done. Spike the
football. But now in telework status you are at about $72 to 1.
Is that because of telework status or is that something else?
Mr. Dodaro. No, that is something else. We have been in
telework status for a decade. We have had expanded telework. We
have studied it. It has had no impact on our quality and
productivity of our work.
There were two factors that led to the 145, and one year we
had an all-time record of about $200 billion of savings.
Normally it is more of a $50 to $70 billion range. Then second,
during the pandemic, we spent a lot of time looking at the $4.6
trillion in pandemic spending, so that took us kind of off our
normal path.
But we are in pretty good shape and I think we will
continue to produce a great return on investment.
Senator Lankford. We do need to talk about telework,
because I am an advocate for remote work. I think that is a
possibility. But one of the things I always want to ask you is,
if you are doing remote work or telework and you are actually
somewhere else but you are getting paid at a higher rate as if
you are in Washington, DC, or San Francisco, or somewhere else,
there are some real inconsistencies there.
But I think there are some real opportunities. I call the
time of COVID the world's largest pilot program for telework,
and there are some real opportunities that I think we can do,
especially for spouses of military and others in the days
ahead.
Mr. Dodaro. Absolutely. Actually, we are in the process of
negotiating a remote work option with our union right now, and
the issue around pay is the most appropriate thing. I want to
make sure it is equitable but not out of line.
Senator Lankford. Yes. It is an appropriate conversation to
be able to have, based on where people live and work.
GAO, it is my understanding, has also put out a new style
guide for language in it, and I want to just bring this up. We
can have a longer conversation on this as well. But the style
guide is trying to be more inclusive in the language. I prefer
to use the term ``respectful'' in language rather than
``inclusive,'' and let me give you a reason why.
In the style guide it tells folks at GAO, when using
terminology like ``male'' and ``female'' that an agency uses or
that is written into law, GAO should state the source to not
give the impression that GAO endorses ``male'' and ``female.''
I am not sure that is a good idea because we are back to, if we
are going to be not offensive, we need to not be offensive to
everybody.
There are several other things, taking out terms like
``manmade'' or ``manpower'' or ``unmanned'' or not using the
term ``policeman.'' Not talking about a person whose gender
identity does not align with their sex assigned at birth
implies a much larger not only political issue but a societal
issue as well.
There are several things in the style guide that I look at
and I say, hey, I really need GAO to stay out of cultural
battles and to definitely not say if Congress writes a law that
says ``male'' and ``female'' GAO should basically apologize for
it and say, ``Hey, their word, not ours.'' There are some
concerns that are in this.
I would love to be able to have a conversation about how we
can keep GAO consistent with where we are both in law and not
trying to compete with Congress and trying to apologize that
Congress in errantly uses the word ``male'' and ``female.''
This will be a bigger issue that we can talk about at a
different time as well. But we need GAO to stay GAO. Can I just
say that?
Mr. Dodaro. I understand your point, and I would be happy
to talk to you about it.
Senator Lankford. Yes. I do not mind respectful language.
That is a good thing, to honor all people in the process. Thank
you.
Chairman Peters. Thank you, Senator Lankford.
Senator Rosen, you are recognized for your questions.
OPENING STATEMENT OF SENATOR ROSEN
Senator Rosen. Thank you, Chairman Peters. Thank you for
holding this hearing. Thank you for being here today, for all
the work that you have been doing.
I want to focus a little bit on government legacy IT. Once
again, this year's High Risk Report notes that the Federal
Government efforts to improve the management of IT acquisitions
and operations is a work in process. We know technology is
moving quickly. But while your report gives credit to OMB for
pushing agencies to implement IT reforms, it also states that
all five ratings for this particular goal remain unchanged
since 2017. Specifically, you cite 20 recommendations that have
still not been addressed at 14 agencies, including the
development of modernization plans for legacy IT systems.
As someone who began my career in computer programming,
writing code in Common Business-Oriented Language (COBOL),
Formula Translation (FORTRAN), Assembler, and others, it does
trouble me that so many of our Federal agencies continue to use
that legacy technology that in some cases has been around since
the 1980s, and it is based on coding language that virtually no
one works in anymore. This poses serious challenges when the
technology breaks or malfunctions. Maintenance is a huge part
of what you do, upgrade and maintenance. You can only patch it
so many times. I know this from personal experience.
I am concerned the Federal Government is still getting an
incomplete on this report card. Can you talk to me about the
importance of getting our IT systems modernized, streamlined,
forward-facing, and nimble in our ability to do all the things
that we have to do, and why are people still only partially
meeting their goals?
Mr. Dodaro. This has been a vexing problem that we have
been trying to push people on for a number of years. The
problems include poor security. A lot of these systems were not
built with security in them, so it is complicating our ability
in cybersecurity area. The cost is expensive. There were
efforts to try to replace them, but they often fail because of
lack of discipline with IT management issues.
One of the things is they are not forced to get off the
systems and commit to a date. We recommended that OMB do that,
and they have not implemented that recommendation. I think
Congress needs to step in here and try to require fixed dates,
because they just keep rolling these systems forward. It is not
good for taxpayer customer service issues as well.
Senator Rosen. I will tell you, none of it in the old code,
cybersecurity, I mean, there was a single mainframe. There was
just one point of entry. The world has changed now, and it does
leave us vulnerable.
I want to move on now to our cybersecurity strategy
overall, because since 1997, GAO has designated information
security, of course, it is high risk. We know it. Everyone
knows that. This year's High Risk Report calls for the
Administration to fully establish and implement a comprehensive
cybersecurity strategy and the implementation plans. Maybe we
should put those hard dates in there.
Last month, the Administration released the National
Cybersecurity Strategy. As the Administration executes the
National Cybersecurity Strategy, what should be the roles and
responsibilities of the individual Federal agencies to this
national strategy that, frankly, if we do not do, all of us, in
every single way, are vulnerable?
Mr. Dodaro. This is a critical area. They have committed to
try to clarify the roles and responsibilities. I will ask Nick
Marinos to elaborate a little bit.
Mr. Marinos. Yes, Senator. You raise a really important
point and one that we would expect to see within an
implementation plan, which is ultimately outlining not only
timeframes, outcomes that you want to have in mind, but also
who is going to ultimately be responsible for working together
and then being accountable for actually taking action on them.
Senator Rosen. Could you talk about duplicative programs,
because maybe we can share front ends. We can populate data
between agencies that everyone does not have to develop every
single thing. Maybe you could address that as well.
Mr. Marinos. Absolutely. The legislation that Congress has
recently passed not only to enact and create CISA but also to
empower CISA to be one of the key coordinating bodies,
especially across the Federal agencies when it comes to its own
cybersecurity, is an area that you would want to see within an
implementation plan, and likewise, with the creation of the
Office of the National Cyber Director, heading in the right
direction. We would want to see what role does the National
Cyber Director actually play in holding agencies accountable
for taking these actions.
Senator Rosen. Thank you. I am going to keep on this
because I think it is so important. It is something on the top
of everybody's mind, whether it is personal, professional, or
for the world, we see a lot going on. We need people to do this
work. We need programmers. We need engineers. We need
cybersecurity, just every kind of analyst that is involved all
along the chain. We have a huge workforce shortage, and this is
not just a challenge in this area but in others.
The report does state, and I am going to quote here,
``Federal agencies need to take additional actions to address
the Federal cybersecurity workforce shortage.'' What
practices--and either one of you can answer--should the Federal
agencies adopt to solve the cybersecurity workforce shortages?
I have a lot of opinions, but what measures, what should we be
putting in place to address this? Apprenticeships?
Certificates? Two-year? Four-year? All of the above? Maybe you
could elaborate on that a little bit.
Mr. Marinos. Yes, Senator. I think the important thing is
to be creative here, and we realize that if the Federal
Government is not the only game in town when it comes to
cybersecurity employment, it needs to be positioned in a way
that is going to have a lot of flexibility. As mentioned
earlier, we have seen hiring authorities, flexible hiring
authorities as one way for Federal agencies to take advantage
of it. In order to do so, the human resource employees need to
be aware and cognizant of how to leverage those flexibilities.
Likewise, the potential to use things like rotational
workforce or potentially even----
Senator Rosen. What about a reserve workforce? I have some
bills out there to create a cyber-reserve workforce to surge
up.
Mr. Marinos. It is a really viable option, and I know your
interests are particularly in DOD and DHS, two places that
obviously we need to see a very strong and well-capacitied
cyber workforce.
I think all options should be on the table because
ultimately the Federal Government is going to be a competitor
with its private sector partners and has to operate off of
different measures.
Senator Rosen. If we can include them to surge up, that is
a positive thing. Thank you.
Senator Blumenthal.
Senator Blumenthal [presiding.] On behalf of Chairman
Peters I recognize Senator Hassan.
OPENING STATEMENT OF SENATOR HASSAN
Senator Hassan. Thanks, Senator Blumenthal, and I want to
thank the Chair and the Ranking Member, and I want to thank
you, Mr. Dodaro, for your service and for being here and for
all the folks from the GAO who are here this morning and do
this work. Thank you for your work.
I want to start with a question and really drilling down on
technology issues. You are hearing about it all around the dais
this morning.
In 2023, the Federal Government is expected to spend more
than $100 billion on new and existing technology. GAO's High
Risk List makes two recommendations to help lower costs and
better manage technology purchases all across the government.
First GAO recommends that Congress consider giving the Federal
Chief Information Officer (CIO) greater responsibility to
address longstanding technology challenges. How could expanding
the role of the Federal CIO help curb excessive Federal
spending on technology, and what specific authority do you
believe the Federal CIO still needs?
Mr. Dodaro. I am going to ask Nick to respond to this,
Senator. But first, an historical perspective. I worked with
the Congress, and this Committee back in 1996, to create the
Clinger Cohen Act, to create Chief Information Officers in the
government. They were intended to have much greater
responsibilities than what has played out over the years.
Congress attempted to change this in 2014, with the Federal
Information Technology Acquisition Reform Act (FITARA), but
still the CIOs do not have all the authorities. Nick can give
the details.
Senator Hassan. Thank you.
Mr. Marinos. Senator, two quick thoughts. First, with
respect to the Federal CIO's own position. The reality is that
the Federal Government represents probably the biggest buyer of
technology within the Nation, and so it is important for us to
have a way to know that IT's money is being spent effectively.
Having a strong Federal CIO presence would allow that
individual to bring Federal agencies to the table, and CIOs and
leaders of agencies, to know not only are they spending money
wisely but they are leveraging buying power and we shared
services.
Then the other side of it is ultimately to hold CIOs
accountable, and Federal agency heads accountable toward those
CIOs as well. We continue to see Federal agencies improve in
aligning the CIO with agency leadership so that they can
actually have the ability to see across a Federal agency where
their IT dollars are being spent. It is a lot of money and does
require a stronger oversight.
Senator Hassan. Thank you for that, and you just referenced
quickly the importance of collaboration between the CIOs and
their agency leadership. But can you talk a little bit more
about why that collaboration is so important for reducing IT
costs and ensuring that agencies have the technology they need
to serve the American people?
Mr. Marinos. Certainly. We have seen, on the General
Service Administration (GSA) side has established a lot of
functions that allow agencies to leverage shared services,
which is one way to bring the costs down. But in order to
encourage agencies to actually leverage those available
services a Federal CIO could bring CIOs to the table and ensure
that they are ultimately using their buying power effectively.
Senator Hassan. OK. Thank you.
Mr. Dodaro. I think the other issue, Senator, in that case
is that a lot of the program managers who actually run the
programs have their own ideas on what they think they need
technology-wise, and sometimes it is not the most efficient
approach. You need a technical person to partner with the
program people, but they need to be supported by the agency
head. That communication needs to be there in order to make the
right decisions.
Senator Hassan. Absolutely. Let us talk a little bit more
about the National Cybersecurity Strategy, while we are at it.
For 25 years, the High Risk List has highlighted the importance
or cybersecurity as a matter of national security, affecting
not only government but individual schools and businesses, and
you have talked about that.
As you mentioned, last month the Biden administration
released the first-ever National Cybersecurity Strategy,
something that GAO has supported for years. What should be the
Federal Government's next step toward executing the National
Cybersecurity Strategy?
Mr. Marinos. Ultimately an implementation plan, Senator.
There are a lot of to-dos in that strategy, and we commend the
Administration for pursuing it. We have seen it align quite
closely to many of the actions that we have been calling for
over the years. But the rubber will meet the road, ultimately,
with implementation of those strategic goals.
You mentioned, the issues that we see, for example, in K-12
schools and the ransomware attacks that we see are only going
to be assisted by Federal Government agencies if we have better
coordination. We would want to see the implementation plan
reflect that coordination as well.
Senator Hassan. I will also urge them to look at
collaborating with the Center on Internet Security (CIS) more
effectively, because I think they are doing some pretty good
work too.
Mr. Dodaro, I want to move to a different topic, and thank
you for highlighting the substance misuse crisis in your
testimony. In 2022, New Hampshire had the highest death toll
from drug overdoses since 2017, and as of today, in 2023, 55
people in my small State have died from drug overdoses. Sadly,
these numbers reflect a national trend.
GAO found that expanded access to medication-assisted
treatment is critical to getting more people into recovery. I
am proud that my bipartisan bill with Senator Murkowski was
recently signed into law to expand the number of providers who
are able to prescribe this lifesaving treatment.
The High Risk List, however, points out that the Office of
National Drug Control Policy's (ONDCP) 2022 National Drug
Control Strategy did not identify resources needed to expand
the availability of medication-assisted treatment so that more
people can get it. Why is it important to identify financial,
personnel, or other resources needed to expand access to
medication-assisted treatment?
Mr. Dodaro. Actually, that is a very important issue. We
have looked at it in terms of both how Medicaid funds could be
used for that, as well as having additional supporting
assistance. But part of the problem we have had with the
strategy is it does not allocate resources appropriately so we
could measure the impact in that area. But it is very
important.
I will ask Jess Farb, who is the director of our health
care area, to address that more specifically.
Senator Hassan. Thank you.
Ms. Farb. Senator, I think in terms of what is expected in
the Office of National Drug Control Policy's Strategy, we are
looking to see metrics and goals that will measure the spending
that you are talking about, to make sure that there is the
correct amount of funds available to support this. It is
definitely a tool that is very important for recovery from drug
misuse. I wanted to also bring in my colleague, Charles
Johnson, as well, who is my partner in this.
Senator Hassan. Thank you.
Mr. Johnson. Thanks, Jess. Senator, one of the things we
did see absent from the strategy was they have goals set up but
they do not have the budget allocations over a five-year
period. What we have heard from the ONDCP is that they do not
disclose the President's budget over a five-year period.
But we will continue to look into this and work with them
to see if we can get them to think about that as well as
engaging with some of the key partners, other agencies
involved, as well as State and locals.
Senator Hassan. Thank you. I mean, one of our challenges,
now that we are allowing much more access to medication-
assisted treatment is to figure out how to make sure that it is
truly accessible and that pharmacies are participating as well.
I look forward to working with you on that. Thank you.
Senator Blumenthal. On behalf of Chairman Peters I
recognize Senator Scott.
OPENING STATEMENT OF SENATOR SCOTT
Senator Scott. Thank you, Chairman. Comptroller Dodaro, I
think you and your team do an unbelievable job. I think you are
a great Federal resource. I have been up here four years and
you have been unbelievably helpful in reviewing how government
works. I wanted to thank you and your entire team for what you
do.
The first question is how important is it that the Federal
Government have independent inspectors general?
Mr. Dodaro. I think it is absolutely essential.
Senator Scott. What would be some of the reasons why a
Federal agency should have one, an independent inspector
general?
Mr. Dodaro. There are two reasons. One is that they need to
have an investigative function in there. Many of them have
criminal investigators and other tools that can look at
misconduct with regard to the Federal employees in that area or
contractors or other areas. Some of these agencies are so large
that you need to have an independent audit function as well to
be able to provide information. They are structured so that
they report not only to the agency head but also to the
Congress. That was the way they were set up, and by and large
it has worked effectively over the years.
At GAO, we cannot cover the entire Federal Government with
the resources that Congress has given us, so we leverage the
IGs to make sure we do not duplicate what they do. They
arrange, for example, the annual financial audit, of the
agency's financial statements. We review the work. It is
usually done by an Intergovernmental Personnel Act (IPA), and
then we can use that to rely on and make our report on the
governmentwide financial statements.
Senator Scott. So the Federal Reserve has nearly a $9
trillion balance sheet, and I do not think there is any Federal
agency that has probably a $9 trillion balance sheet other than
the Federal Reserve. And they do not have an independent
inspector general. So do you think it would be appropriate for
them to be like, what is it, over 30 Federal agencies have
independent inspectors generals? Would that make sense?
Mr. Dodaro. Yes, I think that would make sense. When I
first became Acting Comptroller General I actually came to the
Congress and asked for a statutory inspector general at GAO, so
we have one there. I think it is important that the statutory
IGs have certain protections and notification requirements, et
cetera.
There is one agency that has a balance sheet higher than
that. Unfortunately, it is the Bureau of Public Debt. But in
any event, that is a side issue.
Senator Scott. You have written a lot about this, but I
watched, when I was Governor of Florida and we had the
hurricanes, and I watched how much fraud and abuse there was
with regard to a variety of things that FEMA would contract
for, or the Corps of Engineers. And one of the biggest is
debris cleanup. It is frustrating because you just see this
significant amount of waste.
So I have had a bill that would require, as an example, any
entity that is going to do debris cleanup, like counties and
cities have a pre-landfall contract and then enforce it. And
then we have way more review because, as you know, as I think
you all have written, the Federal Emergency Management
Administration (FEMA) cut back on a lot of their review of when
they pay.
I think with Hurricane Irma it was over $1 billion just in
debris cleanup. Do you think we ought to have some way to stop
all this fraud?
Mr. Dodaro. Absolutely. I think that debris removal is not
only expensive but it is the critical path to recovery. It is
the first thing that needs to be done. I think because of that
there are a lot of people who take advantage of that situation
because of the urgency and the dilemma facing people. Whenever
we have seen in emergencies, you saw that with the pandemic, it
brings out the best in human nature but it brings out a lot of
the fraudsters in those areas, and disaster relief is no
exception to that.
I think the bill that you and Senator Peters are working on
is a good step forward to help focus on that issue and put more
attention on it, as was the Advanced Contracting Act that this
Committee passed in 2020. But the proposed legislation builds
further on that.
Senator Scott. Another issue that came up while I was
Governor is national flood insurance. We have been three-plus
donor States since national flood insurance came in, and what I
watched while I was Governor is there is an unbelievable
increase in certain areas of rates. You would think, if you
were a donor State, of any amount but especially triple donor
State, you would not think you would see that.
How important is it for FEMA and the Federal Government to
do everything they can to help build a private flood insurance
program to reduce the risk of the National Flood Insurance
Program (NFIP)?
Mr. Dodaro. I think it is very important that that program
be reformed. It has been on our High Risk List as a separate
program since 2006 following Hurricanes Katrina and Rita. Right
now there is an over $20 billion debt that the program owes to
the Treasury, and that is after the Federal Government has
forgiven $16 billion in debt that was owed before. It is not
actuarially sound, and as a result, there are a lot of
inequities in the program that are hard to keep up to date.
Trying to have a private market for it, the question is
whether or not that could be structured in a way that would be
attractive to insurers, because they are going to charge
actuarially sound rates or they are not going to insure. The
Federal Government could provide more affordability assistance
to help people with the rates, as opposed to running the
program itself. I think that should be given serious
consideration.
Senator Scott. Thank you. First off, I will tell you, the
reports you guys put out are unbelievable. You guys do an
unbelievable job, your whole team does, so thank you for what
you do.
Mr. Dodaro. Thank you, Senator.
OPENING STATEMENT OF SENATOR BLUMENTHAL
Senator Blumenthal. Thank you, Senator Scott. I have a few
questions and then we may reach a conclusion.
I want to come back to an area that Senator Carper asked
about, on the Small Business Administration (SBA), and I want
to drill down a little bit on PPP and EIDL. I think the SBA did
vital work in dispensing $1.1 trillion very expeditiously, as
was required by the times, and we all, I think, realized that
there was also a good deal of waste and possibly even fraud.
In your view, is there still a need to look into and dig
down deeper into the way those programs were performed, both to
hold accountable the companies that may have received benefits
illegally, and also to learn some lessons, more broadly, about
these kinds of programs in the future? As much as we may
appreciate what SBA did, there were also a lot of companies,
small and medium-sized businesses that were denied these
benefits because the program ran out of money. It performed a
vital function, making money available, saving businesses, but
at the same time it became a target for waste and fraud, and
thereby denied some of the worthwhile businesses what they
needed and deserved.
On those two programs is there work still to be done?
Mr. Dodaro. Absolutely. I think your articulation of the
circumstances and what happened is exactly, precisely the way I
have seen it unfold, and we are working with SBA to try to have
them build in a better fraud risk framework in the first place.
We actually worked with the Congress back in 2016, to pass the
Fraud Reduction and Data Analytics Act, which required agencies
to implement GAO's best practices for how to prevent fraud in
the first place. SBA was slow to implement that, and therefore
it was not in place before the pandemic hit, when it should
have been. They were not well positioned to take on the
additional spending during that period of time.
The first fraud risk assessment that they did was after the
program was over, and that is not as helpful, obviously. They
need to have a better program in place. The Economic Injury
Disaster Loan Program is an ongoing program activity too, going
forward. Even though they built a special component on it, it
is there. Then there is the normal disaster loan program that
SBA has in place going forward. We are working with them to try
to get them to be better prepared.
I think another lesson learned is to not allow self-
certifications. That was a problem and that invited fraud in a
number of areas.
There are key lessons learned by digging deeper into the
programs, and I have made some additional recommendations to
the Congress as well about making sure agencies can focus on
and prevent fraud in the first place, because they do not
recover that much as a percent of the funds after it happens.
Senator Blumenthal. There is a lot of money still to be
recovered. Is that what you are saying?
Mr. Dodaro. Yes, there could be. Congress, for those two
programs, has passed an extension of the statute of limitations
so that the inspectors general can go further, and the
Department of Justice (DOJ), into criminal prosecutions, and I
think that is fine. The Administration has also recommended
doing that in the unemployment insurance area, and I think that
would be a good idea as well.
Senator Blumenthal. In your view, from what you have seen,
was there an awareness at the time that these loans, later
becoming grants, going out were going to the wrong people?
Mr. Dodaro. I tried to raise awareness that we needed to do
a better job checking about that, but SBA was not in the
mindset of hearing that, initially in the program. To their
point, there was enormous pressure to get the money out quickly
during that period of time, and I understood that. But when I
went in I offered, I talked to the SBA administrator at the
time, to help them design things.
We did that, if you recall, during the global financial
crisis when the Troubled Asset Review Program (TARP) was set
up. I worked with Secretary Paulson and his team. We helped
give advice on building internal controls in up front. That
program, while it was not popular, was effective, and you had
nowhere near the amount of fraud that you have in these
programs. But the SBA, in the original days of the creation of
that program, were too busy to focus on that. We have to get
this money out.
I think there were people who had concerns, us and the
inspector general, but we were not able to persuade them to
listen.
Senator Blumenthal. But they could have listened. In other
words, you can be busy getting money out and at the same time
impose some safeguards. I will tell you, just anecdotally, I
heard, during this time, because I was going to bat for small
businesses who needed money, and what I heard was, ``Oh, we
have run out of money.'' The small businesses would come to me
and say, ``We have heard X, Y, and Z company got millions of
dollars. They do not fit the criteria. What is going on here?
Can't you do something about it?'' They were coming down,
rightfully, on their elected representatives. If we were aware
of it, was not SBA, and could they not have done something.
Mr. Dodaro. Yes, they could have but did not.
Senator Blumenthal. I would like to follow up with you on
this issue because I think that the lessons that you are
learning should be more widely known throughout government.
This is an unfair question but I am going to ask it--of the
$1.1 trillion, do you have kind of a ballpark number on how
much was misdirected? I am using ``misdirected'' purposefully
because I do not want to say ``waste,'' I do not want to say
``fraud,'' but just went into the wrong hands?
Mr. Dodaro. Yes. I do not have that number for SBA and the
PPP program. In the unemployment insurance area, we have
estimated that at least $60 billion, at the low end, was
fraudulent. We are working on a higher-end estimate now. They
had an already existing methodology for estimating fraud in the
regular unemployment insurance program ahead of time, so we
have been able to use that as a basis to make an estimate. You
really did not have that in the SBA programs.
But we have information on the number of investigations and
prosecutions and the amount of recoveries. We are happy to
share with you and your team. I am happy to talk about this. We
are making more headway now with the current Administration on
this area, and they are taking that seriously.
But for three straight years now, the financial auditor of
SBA's financial statements has been unable to give an opinion
on their financial statements because of these problems. There
is a significant amount of issues here. That is why I have kept
them on the High Risk List until they get them resolved going
forward.
But there are definitely lessons to be learned that could
be more broadly applied, and hopefully used in the future. In
June I will have been in GAO 50 years, so what I have seen,
over the years, is the lessons fade in terms of when the next
crisis comes, and then the whole thing gets overcome by events
and people doing this.
Also, there has been an estimate at SBA for the PPP program
that there was $29 billion in improper payments that were made.
Now that does not mean they were fraudulent, but that tells you
some level of magnitude.
Senator Blumenthal. Some impropriety.
Mr. Dodaro. Yes.
Senator Blumenthal. Let me ask you, I am assuming, as a
former prosecutor, I was the U.S. Attorney in Connecticut for
four and half years and then I was State Attorney General for
about 20 years. But I am assuming there is still a lot of work
to be done in recovering that money. Am I correct?
Mr. Dodaro. That is correct. There is a Pandemic Response
Accountability Committee (PRAC) made up of the inspectors
general that is led by Michael Horowitz as the chair, who is
the Inspector General of the Justice Department. They are
focused on this. There are investigations ongoing both at Labor
and at the Small Business Administration, in addition to the IG
community. That is why they have asked for the extensions on
statute of limitations. They are working hard at it.
Senator Blumenthal. I would like to follow up with you, and
I will be contacting Mr. Horowitz as well, as not only a Member
of this Committee but also as the Chairman of the Permanent
Subcommittee on Investigations (PSI).
I do not know whether Senator Ossoff wants to ask his
questions now. I have a few more questions on a different
topic, if I may.
Senator Ossoff. Sure. I have not yet voted. Have you,
Senator Blumenthal? OK, then go right ahead. We will be
stragglers together.
Senator Blumenthal. Food safety, another area that is close
to your heart, I know, and close to mine as well. I have been a
strong advocate of a separate food safety agency. Right now, as
you well know, the authority is fractured in 15 different
agencies. There are 30 different Federal laws, and as a result
nobody is really doing enough and doing it quickly enough. I
think you are well aware with what happened with the infant
formula contamination. But it is just one example of how the
present system is failing.
Do you favor establishing a dedicated food safety agency?
Mr. Dodaro. That is obviously a policy issue for the
Congress. I think it is worthy of examination. It has been on
the High Risk List for a number of years. Initially, when we
put it on the list, we were pushing for a single food safety
agency, but we were getting no traction. We went with the next
best thing, which was a governmentwide plan with performance
measures, and a permanent working group on food safety issues,
which was in place years ago but had been abandoned. There was
not a formal coordination mechanism. There was not a
governmentwide plan. That is what our current recommendations
are.
What we said is if that does not happen Congress should
look at reorganization and creating a blue-ribbon commission to
look at that. But certainly that is one option that I think is
worthy of consideration, particularly on how stretched FDA is
with their responsibilities. With the drug area and the food
area, there is a lot on their plate.
Senator Blumenthal. They have a lot on their plate, and we
may not have success this session with the Food Safety
Administration Act, introduced last Congress by my colleague in
the House, Representative DeLauro, and here in the Senate by
Senator Durbin. I co-sponsored it and I have been a strong
advocate of it. The FDA could do more, and it has a lot of
different responsibilities. But I think the Nation needs to do
a lot more, and I welcome the opportunity to continue this
conversation with you.
Mr. Dodaro. Yes, I think it is very appropriate,
particularly given the imported areas of where we are bringing
food in. We still have a lot of good domestic production, but
in a lot of areas we are using a global supply chain. I think
that heightens, as it has on the drug side. It is equally
heightened on the food side.
Senator Blumenthal. Thank you. Thanks for your work and
your team's. I really appreciate you being here and your
contribution to our Nation. Thank you.
Mr. Dodaro. Thank you, Senator.
Senator Blumenthal. I will yield to Senator Ossoff and turn
the gavel over to him.
OPENING STATEMENT OF SENATOR OSSOFF
Senator Ossoff [presiding.] Thank you, Senator Blumenthal.
Comptroller General, nice to see you again. I want to thank you
and your team for the support that you have provided to several
investigations I have led over the last couple of years, in
particular the research and analysis that you produced
supporting the PSI bipartisan investigation into deaths in
custody in State and local facilities across the country, an
issue I know Senator Blumenthal is focused on as well.
I led an investigation last year into the Bureau of
Prisons, and introduced bipartisan legislation with Senator
Braun called the Federal Prisons Oversight Act, to establish
greater accountability and transparency within the BOP.
In the newly added section of the High Risk List titled
``Management of the Federal Prison System,'' you cite a
February 2021 report that you produced, which found BOP did not
have reliable methods for assessing its staffing levels. Can
you describe the methodology that you observed BOP using to
evaluate its staffing needs, and how and why it so inadequately
guides their staffing efforts?
Mr. Dodaro. Yes. I am going to ask my colleague, Charles
Johnson, who is head of that work. But what we noticed
initially that led to the conclusion, between 2017 and 2021,
their use of overtime went up over 100 percent, and that is
always an indication that you have kind of staffing challenge.
But Charles can explain the details.
Senator Ossoff. Sure. Thank you, Mr. Johnson.
Mr. Johnson. Yes, Senator. In addition to what the
Comptroller General just mentioned, not only did overtime go
up, it is continuing to go up, and there have been continued
gaps in their staffing as well. As a matter of fact, the data
we have in the report now we have recently gotten updates, as
of yesterday or this morning, and the numbers are continuing to
decline. They have a 15 percent gap in their authorized
staffing levels.
Also based on all the work we have done in the past couple
of years where we have looked at their efforts to calculate
staff, we did not see a good methodology in place. That is one
of the recommendations we had made, and we think the new
Director Peters is committed to looking into that issue. We
have had several meetings with her, including the Comptroller
General meeting with her. At the time we were meeting with her
she was in the process of doing strategic planning. She also is
looking to establish clear goals with respect to their staffing
needs, as well as other programs that they have.
Senator Ossoff. I think Director Peters has acknowledge
multiple times the negative impact of these staffing
challenges.
From your perspective, Mr. Johnson, what are those impacts,
the ramifications for the Administration of Federal Prisons?
Mr. Johnson. Some of the things we point out in our report,
she has acknowledged the safety and security of the inmates as
well as her own staff. As you know, some of the deaths in
custody work that you looked at and championed, and some of the
things we have looked at recently with respect to some of the
facilities, there has been a unit closed as result of the lack
of sufficient care in custody of some of the inmates, and
Director Peters herself has been responsible for the closure.
Senator Ossoff. Remaining on the subject or deaths in
custody, the bipartisan investigation that I led with Senator
Johnson detailed the failures of DOJ to account for deaths in
custody. GAO recommended, in March of this year, that BOP
collect and monitor participation data for unstructured
activities that incarcerated people participate in to earn
first-step time credits, but BOP did not concur with this
recommendation.
Given that participation in these programs can mean an
earlier release for offenders, good-time credits, can you
describe some of these programs and the difficulties BOP is
having with implementation?
Mr. Johnson. Yes. Part of the issue is that there is a not
a clear sort of criteria for what programs count. There are
some situations where inmates may be getting credit for just
sitting in their cell, which should be not part of the
criteria. In addition, there are inconsistencies that we found
at different facilities in terms of how time credits are being
allotted, or not given credit for certain time credits. Even
the inmates themselves do not know what they can do to get the
time credits.
Those are some of the things that we recommended that they
address as well, come up with clear guidance and criteria for
how you can obtain time credits.
Senator Ossoff. Did BOP communicate to you why they did not
concur with your recommendation that they collect and monitor
participation data?
Mr. Johnson. They did not see the need. They felt like what
they had in place was clear. Obviously, we wrote in our report
that we disagree, and we think it is something important that
they need to do, primarily so individuals incarcerated will
know what they can do to earn their time credits.
Mr. Dodaro. I plan to elevate this to what we consider a
priority recommendation that should be implemented. We are
going to continue to push for the implementation of this
recommendation. I think it is needed. Every year I write a
letter to every major department in the Federal Government, to
the head of the agency, in this case the Attorney General (AG),
and list what I think are priority open recommendations that
have not been implemented yet. This will be on the list for
this report.
I asked the same question, and that is not a satisfactory
answer, in my opinion.
Senator Ossoff. This Congress I am leading the Human Rights
Subcommittee of the Judiciary Committee alongside Senator
Blackburn. As I mentioned, GAO has provided, the last couple of
years, very robust support and prompt responses to my requests
for analysis at the Permanent Subcommittee on Investigations.
Comptroller General, will you duly and timely consider any
requests for further GAO work product that I may make in order
to advance investigations at the Human Rights Subcommittee?
Mr. Dodaro. Yes.
Senator Ossoff. Let us talk a little bit about some DOD
issues. Since 1990, when GAO first published the High Risk
List, DOD weapons system acquisition has been consistently
listed as a high-risk item, indicating the potential for fraud,
waste, abuse, and mismanagement. As the GAO report states, for
much of this period DOD weapons systems were, ``consistently
costing more, taking longer to develop, and performing at
lower-than-anticipated levels.''
In your view, is DOD negotiating effectively when it
engages in procurement, to get the best value for taxpayers?
How would you assess the work of the Director, Operational Test
& Evaluation (ODT&E) at evaluating the development of systems
that DOD is procuring, and do you have any other specific
recommendations for Congress whereby perhaps through the
National Defense Authorization Act (NDAA) we could improve
procurement practices at the Department?
Mr. Dodaro. Yes. First, with regard to prices, competition
is the key to getting the lowest price, as we have seen over
the years, and initially there is some competition in this
area, but quickly they go down to a single contractor. Now they
do have the ability to get price information from that
contractor, but also negotiate. But once you go down to a
single contractor you lose a lot of the value of competition.
That is part of the problem with the weapons systems.
What we have also said in that area is that they move
forward at times from research into development (R&D) and then
into production before the technologies are mature. There are
simultaneous things going on, and then that leads to costly
redesigns later on in the process.
What happens in the DOD, and particularly in the weapons
systems, is an enormous push to be on a par with or ahead of
our adversaries, and there is a military need for this, which
tends to override some of the normal practices you would use to
bring down costs, and not do simultaneous production while you
have not matured fully the technology. That is an issue.
We have made a number of recommendations to not go into
full production until they have matured the technologies. We
have raised that issue on the Joint Strike Fighter (JSF) and
other things over the years. That is definitely an issue.
We have constantly recommended leading practices for how to
manage these acquisitions over time, and we have seen some
improvements in some areas. But where there is that desire to
compete with China or Russia or whatever, sometimes the cost
takes a back seat.
Senator Ossoff. Where there are substantial cost overruns,
the Department still has substantial leverage in these
relationships. How could it better exert that leverage in order
to spare taxpayers the cost, whether either the program office
has not accurately projected costs or the producer has failed
to meet a budget?
Mr. Dodaro. Yes. A lot depends on how they structure the
contract in the first place. They have been trying to move in
some areas to a fixed-price structure, and if things go over
then the contractor eats some of the costs, versus the Federal
Government. But if they are on a cost-reimbursable contract, we
suggested they be careful in what type of contracts that they
struck over time.
But we have some additional recommendations. I will provide
them for the record in that area, because it is a pretty
complicated area.
Senator Ossoff. Thank you for your testimony today and the
service of your whole team to the Legislative Branch. You
really empower us to more effectively execute our oversight and
responsibility. We are grateful to you and your team.
The hearing record will remain open for 15 days, that is
until May 5th, at 5 p.m., for the submission of statements and
questions for the record. The hearing is adjourned. [Whereupon,
at 11:39 a.m., the hearing was adjourned.]
A P P E N D I X
----------
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
[all]