Regional Multilateral Development Banks: External Audit Reporting
Could Be Expanded (14-DEC-01, GAO-02-27).			 
								 
:								
Multilateral Development Banks (MDBs) provide financial support  
to promote social and economic progress in developing countries  
and the countries of central and eastern Europe and the former	 
Soviet Union. Under the Foreign Operations, Export Financing, and
Related Programs Appropriations Act of 2001, the United States is
providing  $1.3 billion to support the MDBs, with $460 million	 
going to the regional development banks and $840 million going to
the World Bank Group. All of the MDBs GAO reviewed have received 
unqualified or "clean" opinions on their external audits. The	 
MDBs' financial statements show their financial position at a	 
point in time and the financial results of operations and cash	 
flows for a given fiscal year. However none of the MDBs GAO	 
reviewed are required to report on their internal control over	 
financial reporting, lending operations, or compliance with their
governing charters or policies. In addition, the regional MDBs'  
external financial statement audits are not intended to, and do  
not, provide assurance about internal controls over the MDBs'	 
lending operations and whether funds are spent for intended	 
purposes. Most of the regional MDBs that GAO looked at have	 
developed anti-corruption strategies that recognize the 	 
importance of strong internal control systems. Each of the	 
regional MDBs GAO studied has established internal audit	 
functions as part of their control environment. 		 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-02-27						        
    ACCNO:   A02571						        
  TITLE:     Regional Multilateral Development Banks: External Audit  
Reporting Could Be Expanded					 
     DATE:   12/14/2001 
  SUBJECT:   Developing countries				 
	     Federal aid to foreign countries			 
	     Bank examination					 
	     Reporting requirements				 
	     Financial statement audits 			 
	     Accounting standards				 
	     Internal controls					 
	     Strategic planning 				 
	     African Development Bank Group			 
	     Asian Development Bank				 
	     European Bank for Reconstruction and		 
	     Development					                                                                 
	     Inter-American Development Bank			 
	     Multilateral Development Banks			 
	     African Development Fund				 
	     Asian Development Fund				 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Testimony.                                               **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-02-27
     
A

Report to Congressional Committees

December 2001 REGIONAL MULTILATERAL DEVELOPMENT BANKS

External Audit Reporting Could Be Expanded

GAO- 02- 27

a

GAO United States General Accounting Office

Page i GAO- 02- 27 Regional MDBs Letter 1

Results in Brief 2 Scope and Methodology 5 Background 7 MDB External Audits
Could Be Enhanced by Reporting on Internal

Control and Compliance 12 Importance of Internal Control Standards and
Reporting

Worldwide 21 Audit Committees Are Key to Strengthening MDB Accountability 26
Conclusions 28 Recommendations for Executive Action 30 Agency Comments and
Our Evaluation 30

Appendix I Transparency International?s 2001 Corruption Perception Index 35

Appendix II Summary of World Bank?s Implementation of the COSO Internal
Control Framework as of April 2000 37 Management Controls Components 37
World Bank Implementation Schedule 38

Appendix III Sample External Auditor?s Report on Internal Control Over
Financial Reporting 40

Independent Auditor?s Report 40

Appendix IV Comments From the Department of the Treasury 41

Tables

Table 1: Regional MDB Groups? Lending Arms and Functions 10 Table 2: U. S.
Resources Provided to Regional MDBs Through

December 31, 2000 11 Table 3: Regional MDB Operational Lending Arms? Bases
of

Accounting and Auditing Standards 12 Contents

Page ii GAO- 02- 27 Regional MDBs Figures

Figure 1: MDBs? Flow of Government Funding and External Audit Reporting 14
Figure 2: Regional MDBs as Financial Intermediaries 17 Figure 3: Audit
Committee Accountability Relationship 27 Figure 4: Countries Included in
Transparency International?s 2001

CPI 36

Abbreviations

AfDB African Development Bank AfDF African Development Fund AsDB Asian
Development Bank AsDF Asian Development Fund ASB Auditing Standards Board
COSO Committee of Sponsoring Organizations of the Treadway

Commission CPI Corruption Perception Index EBRD European Bank for
Reconstruction and Development FDICIA Federal Deposit Insurance Corporation
Improvement Act

of 1991 IAS International Accounting Standards IDB Inter- American
Development Bank IIC Inter- American Investment Corporation INTOSAI
International Organization of Supreme Audit Institutions ISA International
Standards on Auditing MDB Multilateral Development Bank SAS Statement on
Auditing Standard U. S. GAAP U. S. Generally Accepted Accounting Principles
U. S. GAAS U. S. Generally Accepted Auditing Standards

Page 1 GAO- 02- 27 Regional MDBs

December 14, 2001 Congressional Committees Multilateral Development Banks
(MDBs) were established to provide financial support for projects and
programs designed to promote social and economic progress in developing
countries and the countries of central and eastern Europe and the former
Soviet Union. Under the Fiscal Year 2001 Foreign Operations, Export
Financing, and Related Programs Appropriations Act (Public Law 106- 429),
the United States is providing approximately $1.3 billion to support the
missions of the MDBs, with about $460 million going to the regional
development banks and about $840 million going to the World Bank Group. 1
Section 803( a) of the act provides that we report annually on the
sufficiency of audits of the financial operations of each MDB conducted by
the persons or entities outside the bank.

We will be issuing a series of reports in response to the reporting
requirements in Public Law 106- 429. The first in this series was

Multilateral Development Banks: Profiles of Selected Multilateral
Development Banks. 2 As agreed with your offices, this second report
provides our assessment of the external financial statement audit reporting
process for the following four regional MDB groups:

 African Development Bank Group,

 Asian Development Bank,

 European Bank for Reconstruction and Development, and

 Inter- American Development Bank. Financial statement audits and the
related assurance provided by external auditors are important for MDBs
because MDBs

 operate in countries where transparency and accountability are ranked
among the lowest in the world,

 are multilateral entities not subject to oversight by any single national
government, and

1 Public Law 106- 429 states that these funds are available to the MDBs
until expended. 2 See GAO- 01- 665, May 2001.

United States General Accounting Office Washington, DC 20548

Page 2 GAO- 02- 27 Regional MDBs

 have missions that emphasize distributing funds for development, which
need to be balanced with accountability for the use of those funds.

As agreed, this report addresses the following two specific areas related to
the external financial statement audit process:

1. the extent to which these MDB groups are obtaining assurance from the
external auditors on internal control 3 over financial reporting, lending
operations, and compliance with key provisions of their charters and
policies in conjunction with their financial statement audits and

2. whether these MDB groups have audit committees in place to provide
oversight of external financial statement audits and the MDBs? internal
control.

We have begun similar work at the World Bank Group and will report on that
work at a later date.

All of the MDBs we reviewed have received unqualified or ?clean? audit
opinions on the external audits of their financial statements. The MDBs used
widely accepted accounting standards to prepare their financial statements,
except in cases where special purpose statements were called for. 4 Large
international certified public accounting firms, using widely accepted
auditing standards, performed these audits. The audits cover the MDBs?
financial statements showing the MDBs? financial position at a point in time
and the financial results of operations and cash flows for a given fiscal
year. However, none of the MDBs in our review are required to engage, nor
have they engaged, their external auditors to report on their internal
control over financial reporting, lending operations, or compliance with
their governing charters or policies.

3 Internal control comprises the plans, methods, and procedures used to meet
missions, goals, and objectives and, in doing so, supports performance-
based management. Internal control also serves as the first line of defense
in safeguarding assets and preventing and detecting errors and fraud. In
short, internal control, which is synonymous with management control, helps
program managers achieve desired results.

4 The African Development Fund and the Inter- American Development Bank?s
Fund for Special Operations prepared Special Purpose financial statements to
comply with the Agreements Establishing the Funds. Results in Brief

Page 3 GAO- 02- 27 Regional MDBs

In addition, the regional MDBs? external financial statement audits are not
intended to and do not provide specific assurance about the internal control
over the MDBs? lending operations and whether the MDBs? funds are being
spent for their intended development purposes. At the same time, for the
regional MDB groups included in this report, their charters state that they
are to take the necessary measures to ensure that the proceeds of any loan
made, guaranteed, or participated in by them are used only for the purposes
for which the loan was granted.

Most of the regional MDBs that we looked at have developed anticorruption
strategies that state that they recognize the importance of strong internal
control systems. They acknowledge that a strong control environment within
the regional MDBs and borrowing country institutions is critical for
effectively implementing the regional MDBs? systems of project management
control. We also found that each of the regional MDBs included in this
report has established internal audit functions that are part of their
control environment.

The regional MDBs operate in a difficult and challenging environment in
countries where transparency (openness) and accountability are often
lacking, and corruption- broadly defined as the abuse of public office for
private gain- sometimes flourishes. Within that environment, the regional
MDBs face a dual mandate of providing development assistance and exercising
their fiduciary responsibility, which includes ensuring that corruption is
minimized in the projects they finance. The regional MDBs are unique
entities. They are multilateral, international institutions with some
commercial objectives and goals, as well as social advancement and human
development goals that are often characteristic of government entities.
These international financial organizations have a mission of economic
growth and poverty reduction in their borrowing countries. Because of their
multilateral, international focus, they do not have direct accountability to
a single national electorate, but their members exercise daily control over
their activities through the executive boards of the MDBs.

Member countries provide funding for the MDBs? mission- the economic
development and social progress of their regional borrowing members. Member
countries currently do not have audit assurance provided by an external
auditor?s attestation on the controls over the use of their contributed
funds or whether those funds were used for their intended development
purpose.

Page 4 GAO- 02- 27 Regional MDBs

Given the control environment in borrowing countries, MDBs and member
countries could benefit from the assurance and transparency provided by
additional examination and reporting by external auditors through the MDBs?
annual financial statement audit process, in the area of internal control
over lending operations and internal control over compliance with key
provisions of bank charters and policies. A structured, disciplined process
for establishing, monitoring, and reporting on internal control is critical
to providing reasonable assurance over the reliability of an entity?s
financial reporting; its operations; and its compliance with regulations,
charters, or policies. An external auditor?s attestation report on internal
control could provide an assessment of the effectiveness of the MDB?s
internal control over lending and compliance and the MDB?s processes in
place designed to provide MDB management with assurance. The external
auditor?s assessment could also consider the role and activities of the
internal audit function in the MDB?s internal control.

The audit committee, a subgroup of the board of directors at the MDBs, is a
key part of the structured, disciplined process for providing assurance. One
of the functions of the regional MDB audit committees is to understand the
adequacy of the banks? internal control. Regional MDBs? audit committees
have the authority, through the contracting process, to expand the external
reporting for their MDBs and thus strengthen MDB accountability and
transparency and enhance member country assurance that funds are spent as
intended. All of the regional MDBs in our review have set up audit
committees to provide oversight of external financial statement audits and
communicate audit results to the boards of directors. Information we
reviewed indicated that the audit committees are active components of the
MDBs? internal governance structure in overseeing the external auditors and
communicating to the boards of directors.

To provide additional accountability, transparency, and assurance over the
regional MDB groups? lending operations and ensure that project funds are
spent as intended, we are making recommendations to the Secretary of the
Treasury- who is responsible for the federal government?s interactions with
the MDBs- to instruct the U. S. Executive Directors of the four regional
MDBs included in this report to take the lead in working with other
Executive Directors to develop a policy requiring these MDBs and their audit
committees to adopt a phased approach to enhance the external audit function
and reporting by (1) engaging an external auditor to report on internal
control over financial reporting in conjunction with their financial
statement audits or through separate engagements, (2) developing a plan to
engage the external auditor to report on internal control over lending
operations and internal control over compliance with

Page 5 GAO- 02- 27 Regional MDBs

key provisions of bank charters and policies and report on the progress made
annually, and (3) reporting the results of the external auditor?s reports
and management?s progress reports to the MDBs and their member countries
annually. We are calling for a phased approach in recognition that
significant time and effort could be needed to thoroughly document, audit,
and report on MDBs? lending operations and compliance controls.

In written comments, the Department of the Treasury acknowledged the
importance of establishing and maintaining an effective control environment
at the regional MDBs, but questioned the cost- effectiveness of expanding
the existing scope of the external auditors? engagements to provide the
requisite assurances that regional MDB internal control is operating
effectively. Treasury also stated that in its view, the entity is in a
better position to assess internal control than the external auditor. As
discussed in the ?Agency Comments and Our Evaluation? section of this
report, we do not agree with some of Treasury?s comments. Our
recommendations would increase accountability and transparency to member
governments by providing an independent third party assessment of the MDBs?
internal controls. Increased assurance through external auditor attestation
would provide a comprehensive, independent assessment of the effectiveness
of the MDBs? control over lending operations and help ensure that project
funds are spent as intended. We view such additional assurance as especially
important due to the risky control environment in the countries where the
MDBs operate. The department?s comments are reprinted in their entirety in
appendix IV.

Public Law 106- 429, Appendix A, Title VIII, identifies 10 MDBs to be
included in the scope of our work. As agreed with your offices, this report
focuses on external audits of four regional MDB groups 5 and related
entities: 6

 African Development Bank Group

 African Development Bank (AfDB) 5 For purposes of this report, each of the
four regional MDBs listed, along with any related entity, is referred to as
a group. See table 1 for a discussion of these entities and their functions.

6 We have added the following concessional lending arms to the scope of our
work: the Asian Development Bank?s Asian Development Fund and the Inter-
American Development Bank?s Fund for Special Operations. Both of these
concessional lending arms are integral parts of their affiliated bank and
are not separate legal entities. Scope and

Methodology

Page 6 GAO- 02- 27 Regional MDBs

 African Development Fund (AfDF)

 Asian Development Bank (AsDB)

 Ordinary Capital Resources (OCR)

 Asian Development Fund (AsDF)

 European Bank for Reconstruction and Development (EBRD)

 Inter- American Development Bank (IDB)

 Ordinary Capital (OC)

 Fund for Special Operations (FSO)

 Inter- American Investment Corporation (IIC) The 4 MDB groups included in
our scope include 6 of the 10 MDBs listed in Public Law 106- 429: AfDB,
AfDF, AsDB, EBRD, IDB, and IIC. As agreed, we focused our work on the
regional MDBs because of congressional interest in these regional banks. In
subsequent work we will address the four remaining MDBs listed in the law:
the International Bank for Reconstruction and Development, International
Development Association, International Finance Corporation, and the
Multilateral Investment Guaranty Agency- which are all part of the World
Bank Group.

Our objectives were to determine (1) the extent to which these MDB groups
are obtaining assurance from the external auditors on internal control over
financial reporting, lending operations, and compliance with key provisions
of their charters and policies in conjunction with their financial statement
audits and (2) whether these MDB groups have audit committees in place to
provide oversight of external financial statement audits and the MDBs?
internal control. To meet our objectives, we held meetings and interviews
with Department of the Treasury officials, including the U. S. Executive
Director for the Inter- American Development Bank. We also

 reviewed the regional MDBs? 1997 through 2000 audited financial statements
and auditors? opinions on the financial statements and identified the
accounting and auditing standards used by each MDB,

 analyzed and compiled information from the regional MDBs? annual reports
and their audited financial statements,

 analyzed the external audit reports to determine the extent of the
external auditors? reporting on internal control and compliance in
conjunction with the financial statement audits,

 reviewed the banks? terms of reference (charters) to identify the scope of
their audit committees? oversight and compared them to relevant guidance on
widely accepted internal control frameworks and principles on banking
supervision,

Page 7 GAO- 02- 27 Regional MDBs

 obtained information from the U. S. Executive Directors of each MDB group
on the MDBs? audit committees, external audits, and the extent of external
auditor reporting on internal control and compliance,

 reviewed widely accepted internal control frameworks, such as the

Guidelines for Internal Control Standards developed by the International
Organization of Supreme Audit Institutions, and

 discussed various options for external auditor reporting with
representatives from three international accounting firms that were
responsible for some of the MDB audits.

MDBs are multilateral, international entities, and the United States, as an
individual member country, generally does not have audit authority over
their operations. As such, it was not part of our scope to evaluate whether
the regional MDBs have implemented internal control, nor did we evaluate the
quality of the external auditors? work on the financial statement audits. It
was not part of our scope to determine whether the audit committee members
were independent of the regional MDBs they served, nor did we evaluate other
components of the regional MDBs? internal governance structure.

We conducted our work in Washington, D. C., from April through October 2001
in accordance with generally accepted government auditing standards. On
November 30, 2001, we received comments from the Department of the Treasury,
which are reproduced in their entirety in appendix IV. In addition, the
department also provided a number of suggested technical changes to our
report, which we incorporated as appropriate.

MDBs are multilateral, international entities that finance economic and
social development projects and programs in developing countries and
countries of central and eastern Europe and the former Soviet Union.
National governments are the shareholders- referred to as members- of the
MDBs. 7 MDB members include developing countries that borrow from the MDB as
well as industrialized member countries. 8 All members,

7 The European Bank for Reconstruction and Development has two members, the
European Investment Bank and the European Community, that are not country
governments and the Asian Development Bank has one member, Hong Kong, that
is not a country government.

8 Member countries that borrow from MDBs are generally low- and middle-
income countries in need of social or economic development. Background

Page 8 GAO- 02- 27 Regional MDBs

including borrowing members, contribute to the capital of the MDBs and
participate in oversight and in the setting of operating policies through
their participation on the boards of governors and executive boards. The
MDBs provide development assistance in the form of loans, equity
investments, loan and equity guarantees, and technical assistance. The
primary vehicle of development assistance is direct lending. In 2000, the
regional MDBs included in this report approved about $16.3 billion of
development assistance consisting of loans, loan guarantees, and equity
investments for economic and social development.

The regional MDBs? lending activities can be grouped primarily into the
following two types: market- based lending and concessional lending.
Operations of regional MDBs that provide loans with market- based rates are
financed primarily through borrowings from world capital markets, members?
paid- in capital, and retained earnings. Members also provide support
through subscriptions of callable capital. 9 Because of the significant
proportion of callable capital that is subscribed by members with strong
credit ratings, including the United States, MDBs are able to use callable
capital as backing to obtain more favorable financing terms when borrowing
from world capital markets than would otherwise be available without the
callable capital. To date there has never been a call on this capital for
any of the MDBs included in this report.

The lending arms of the regional MDBs that provide concessional loans to the
poorest of the developing countries- those meeting certain eligibility
requirements- are financed through contributions from member countries and
borrower repayments of outstanding loans. These loans are called

?concessional? because they are provided with below- market interest rates
and extended repayment terms. Due to the nature of concessional lending and
the credit risks 10 of borrower countries, the concessional lending arms do
not have callable capital subscriptions and do not borrow from world capital
markets to finance their operations. Unlike the market- based lending arms
of the MDBs, which borrow from world capital markets to fund lending,
concessional lending arms rely on capital replenishments or

9 Callable capital is a form of capital that is subscribed by members and
resembles promissory notes from members to honor MDB debts if the MDB cannot
otherwise meet its obligations through its other available resources.

10 Credit risk refers to the risk of default by a borrower or guarantor that
may result from nonperformance under the terms of lending agreements.

Page 9 GAO- 02- 27 Regional MDBs

periodic contributions by members in addition to repayments from loans in
order to continue lending operations.

An MDB?s activities are overseen through a board of governors, with a
governor from each member country. In general, a board of governors is
responsible for admitting new members, authorizing agreements for
cooperation with other international organizations, making decisions about
the board of executive directors, approving the MDB?s financial statements,
determining the reserves and the distribution of profits, and making
decisions about the scope of MDB operations. Each MDB also has a board of
executive directors, which is responsible for, among other things,
overseeing the bank?s daily operations, ensuring the implementation of the
decisions of the board of governors, and approving the budget of the bank.
The MDB?s own management and staff of international civil servants carry out
the MDB?s daily operations.

The four regional MDB groups included in this report are referred to as
regional MDBs because they focus their activities on a particular region.
The regional MDBs? memberships consist of developing or borrowing countries
within a particular region of the world plus industrialized and other member
countries located throughout the world. All members participate in oversight
and the setting of operating policies of the MDBs through their
participation on the executive boards and boards of governors. See table 1
for a discussion of the regional MDBs and their functions.

Page 10 GAO- 02- 27 Regional MDBs

Table 1: Regional MDB Groups? Lending Arms and Functions

The African Development Bank Group includes the following two entities,
which serve the development needs of Africa.

 The African Development Bank provides market- based loans, equity
investments, loan guarantees, and technical assistance to the public and
private sectors.

 The African Development Fund is the concessional lending arm that provides
loans and technical assistance to the bank?s poorer members.

The Asian Development Bank includes the following two operational lending
arms, which serve the development needs of Asia and the Pacific region.

 The Asian Development Bank?s Ordinary Capital Resources

provides market- based loans, equity investments, and loan guarantees to the
public and private sectors and it provides technical assistance to middle-
income countries and creditworthy poorer countries.

 The Asian Development Fund is the concessional lending arm that provides
loans and technical assistance to the bank?s poorer members. The European
Bank for Reconstruction and Development

serves countries in central and eastern Europe and the former Soviet Union.
It provides development assistance through marketbased loans, co- financing,
loan guarantees, and equity investments for public and private sector
projects, as well as technical assistance through its technical cooperation
fund.

The Inter- American Development Bank includes the following three lending
arms, which serve the development needs of Latin America and the Caribbean.

 The Inter- American Development Bank?s Ordinary Capital

provides market- based loans, guarantees, and technical assistance to the
public and private sectors

 The Inter- American Development Bank?s Fund for Special Operations is the
concessional lending arm that provides loans and technical assistance to the
bank?s poorer members.

 The Inter- American Investment Corporation is the InterAmerican
Development Bank group?s entity that provides loans, equity investments, and
technical assistance to small and midsize private enterprises.

The United States is a member of all the regional MDBs discussed in this
report, contributing significant amounts to support the missions of the MDBs
and subscribing to a significant amount of the MDBs? callable capital. The
Congress appropriates funds for the United States? contributions and capital
subscriptions to the MDBs. In fiscal year 2001, the Congress appropriated
about $239 million for the regional MDBs included in this report. During
fiscal year 2001, the Congress also approved $221 million of new
subscriptions to callable capital for those regional MDBs. The Department of
the Treasury oversees the United States? interests in the regional MDBs. See
table 2 for a summary of U. S. resources provided to the regional MDBs
through December 31, 2000.

Page 11 GAO- 02- 27 Regional MDBs

Table 2: U. S. Resources Provided to Regional MDBs Through December 31, 2000

Dollars in millions

Regional MDBs U. S. paid- in

capital or contributions U. S. callable

capital

African Development Bank Group African Development Bank $150 $1,699 African
Development Fund 1,603 Asian Development Bank Asian Development Bank -
Ordinary Capital Resources 504 6,691 Asian Development Fund 2,725 European
Bank for Reconstruction and Development 489 1,372 Inter- American
Development Bank

Ordinary Capital 1, 303 29,007 Fund for Special Operations 4,806 Inter-
American Investment Corporation 176 a Total

$11,756 $38,769

a The majority of this amount was a receivable at December 31, 2000.

In 2000, the regional MDBs we reviewed approved about $16.3 billion of
development assistance 11 consisting of loans, loan guarantees, and equity
investments for economic and social development. Asia and the Pacific region
received the largest portion of this development assistance, about $5.8
billion, while the Latin American and Caribbean region received
approximately $5.4 billion, Africa received about $2.6 billion, and Europe
and Central Asia received about $2.5 billion. Loans with market- based
interest rates, equity investments, and loan guarantees accounted for about
$12.9 billion of the total financial support provided by these MDBs during
2000, while concessional lending amounted to about $3.4 billion.

All of the regional MDBs we reviewed have annual financial statement audits.
The regional MDBs? external auditors are international certified public
accounting firms that were contracted by the MDBs to audit the MDBs?
financial statements. All of the regional MDBs included in our report
received unqualified or ?clean? audit opinions on their financial statements
for the 4 most recent years.

11 These amounts are based on the MDBs? annual reports and MDB- reported
approvals during fiscal year 2000.

Page 12 GAO- 02- 27 Regional MDBs

MDBs prepare their financial statements to comply with different bases of
accounting. The MDBs present their financial statements using U. S.
generally accepted accounting principles (U. S. GAAP) or international
accounting standards (IAS), as shown in table 3. Due to the special nature
and organization of the concessional lending arms of the MDBs, some of these
entities prepare special- purpose financial statements that are meant to
show the sources and uses of resources and to comply with accounting
standards specific to the affiliate?s operations. The African Development
Fund and the Inter- American Development Bank?s Fund for Special Operations,
both concessional lending arms, prepared special- purpose financial
statements in 2000.

Table 3: Regional MDB Operational Lending Arms? Bases of Accounting and
Auditing Standards Regional MDBs Accounting standards used to prepare

financial statements Auditing standards used to perform audit work

African Development Bank International Accounting Standards (IAS)
International Standards on Auditing (ISA) African Development Fund Special
Purpose Financial Statements ISA Asian Development Bank- Ordinary Capital
Resources U. S. Generally Accepted Accounting

Principles (U. S. GAAP) U. S. Generally Accepted Auditing Standards (U. S.
GAAS)

Asian Development Fund U. S. GAAP U. S. GAAS European Bank for
Reconstruction and Development IAS ISA

Inter- American Development Bank- Ordinary Capital U. S. GAAP U. S. GAAS
Inter- American Development Bank- Fund for Special Operations Special
Purpose Financial Statements U. S. GAAS Inter- American Investment
Corporation U. S. GAAP U. S. GAAS

Agreements establishing the MDBs we reviewed call for external auditors to
examine the banks? financial operations. The external auditors for the MDBs
included in our review conduct audits and prepare financial statement audit
reports based on the international standards on auditing (ISA) or U. S.
generally accepted auditing standards (U. S. GAAS). These standards require
independent auditors to obtain a sufficient understanding of internal
control to plan the audit and determine the nature, timing, and extent of
tests to be performed. As part of an audit, the auditors are to communicate
to the audit committee any internal control material weaknesses and
reportable conditions that come to their attention during the course of
their work. A frequent practice is for the auditors to issue a written
document known as a management letter to communicate these weaknesses. The
management letter, however, only MDB External Audits

Could Be Enhanced by Reporting on Internal Control and Compliance

Page 13 GAO- 02- 27 Regional MDBs

addresses issues detected as part of the financial statement audit work, and
it is not meant to be a comprehensive attestation on the sufficiency of an
entity?s internal control. In order to obtain such assurance, the regional
MDBs could engage their auditors to add this work to their annual audit or
to perform a separate attestation engagement.

To date, none of the regional MDBs are required to engage, nor have they
engaged, their external auditors to report on the MDBs? internal control and
compliance with key provisions of bank charters and policies. All of the
charter agreements establishing the regional MDBs require them to take the
necessary measures to ensure that the proceeds of any loan made, guaranteed,
or participated in by them are used only for the purposes for which the loan
was granted and with due attention to considerations of economy and
efficiency. However, the charters do not contain requirements for an
external auditor?s report on the regional MDBs? internal control over these
key objectives and requirements. In addition, the supporting documents
provided to us by the regional MDB U. S. Executive Directors regarding the
scope of audit services did not contain any requirements for the external
auditor to provide a comprehensive report on internal control or compliance
matters. Because the regional MDBs operate in a difficult and risky control
environment, the member countries that provide financial backing and
contributions to the MDBs could benefit from additional external audit
assurance over the MDBs? internal control over lending operations and
internal control over compliance with key provisions of their charters.

The MDBs? external financial statement audits provide assurance over the
MDBs? reported financial position at a point in time and the financial
results of its operations and cash flows for a given fiscal year. After the
MDBs make loans to member countries, it is at the project and program levels
where the money is ultimately spent by the borrowers for development
purposes. The MDBs? external financial statement audits do not specifically
cover the use of funding at the project and program levels, once the MDB has
lent funds to borrowers for development purposes. The MDBs? external
financial statement audits also do not provide and are not intended to
provide specific assurance about the internal control over the MDBs? lending
operations and whether the funds are spent for their intended purposes.

A key control over the lending process at one of the regional MDBs is that
as a condition of the loan, the MDB requires each project or program to
receive audits from either the member government or an accounting firm.
Financial Statement Audit

Coverage of MDBs

Page 14 GAO- 02- 27 Regional MDBs

The MDBs? financial statement audits are currently not designed to report on
the results of the project and program level audits, or their effectiveness
as a control in the lending process. However, the external auditor could be
engaged to provide a report on the MDBs? internal control over lending
operations and internal control over compliance with key provisions of the
charters- if requested by the regional MDB. Figure 1 shows the relationship
of the MDBs? flow of government funding with their external audit and
reporting.

Figure 1: MDBs? Flow of Government Funding and External Audit Reporting

Note: This figure refers only to government funding; the role of private
sector funding is shown in figure 2.

Source: GAO analysis based on our review of MDB documents and discussions
with representatives of the international financial and audit communities.

Standards and guidance for financial statement audits do not require the
auditor to provide an opinion on the effectiveness of internal control when

External financial statement audit reporting

Audits performed by

member government

or private sector auditors

Projects and programs in member countries Member

governments Multilateral Development

Banks Education Technical assistance

Health Infrastructure

$ $ Disbursements to borrowers/ end- users below this line are in the hands
of member governments,

private contractors, or both. These disbursement are not specifically
covered by the MDBs' financial statement audit processes. External

audit process Agriculture

Page 15 GAO- 02- 27 Regional MDBs

performing a financial statement audit. Financial statement audits are not
intended to provide a basis for the evaluation of the overall quality of the
entity?s system of internal control. Therefore, in a typical financial
statement audit, many controls designed to ensure the reliability of
financial reporting, effectiveness and efficiency of operations, and
compliance with key provisions of bank charters may not be tested.

For financial statement audits, the International Federation of Accountants
and the U. S. ? Auditing Standards Board (ASB) generally have similar audit
requirements for internal control. It is important to note, however, that
the standards for financial statement audits described below do not require
the auditor to comprehensively review and report on internal control when
performing external audits of financial statements.

 International Standard on Auditing (ISA) 400, Risk Assessments and
Internal Control, calls for the auditor to obtain an understanding of the
accounting and internal control systems sufficient to plan the financial
statement audit and develop an effective audit approach. In the audit of
financial statements, the auditor is concerned with those policies and
procedures within the accounting and internal control systems that are
relevant to the financial statements. As such, a financial statement audit
is not intended to provide explicit assurance that the entity?s funds were
used for their intended purposes, or that management controls are in place
to ensure the effective and efficient use of the funds. The auditor should
make management aware, however, as soon as practical and at an appropriate
level of responsibility, of any material weaknesses in the design or
operation of the accounting and internal control systems that have come to
the auditor?s attention during the course of the financial statement audit.
In addition, ISA 260, Communication of Audit Matters with Those Charged with
Governance, states that the auditor should promptly communicate audit
matters of governance interest arising from the audit of financial
statements with those charged with governance of an entity.

 The ASB?s Statement on Auditing Standard (SAS) No. 55, as amended by SAS
No. 78, Consideration of Internal Control in a Financial Statement Audit,
also requires the auditor, in all financial statement audits, to obtain a
sufficient understanding of a company?s internal control to assist in
planning and performing the audit. The ASB has also issued guidance for
auditors to use in identifying and reporting certain internal control
deficiencies noted during an audit of financial statements. These matters,
termed ?reportable conditions,? are matters noted during the course of the
financial statement audit that the auditor feels should be reported to the
Standards for Financial

Statement Audits

Page 16 GAO- 02- 27 Regional MDBs

audit committee or its equivalent because they represent significant
deficiencies that could adversely affect the organization?s ability to
produce reliable financial statements.

Although current financial statement auditing standards established in the
private sector do not require the auditor to report on internal control and
compliance when performing a financial statement audit, the auditor can be
engaged to provide a level of assurance on control and compliance in what is
referred to as an attestation engagement. Attestation standards apply
whenever an independent auditor has been engaged to provide assurance or
report on a subject matter that is the responsibility of another party. For
example, the regional MDB management would evaluate the effectiveness of its
internal control and make an assertion about its effectiveness. In turn, the
external auditor attests, or provides assurance on, the MDBs? internal
control or MDB management?s assertion about internal control. Attestation
services can cover internal control over financial reporting, operations,
and compliance with laws, regulations, or key policies. Internal control
reporting by external auditors is quickly becoming not only a best practice
but also a commonly implemented practice around the world.

The regional MDBs operate in a difficult and challenging environment in
countries where transparency and accountability are often lacking, and
corruption sometimes flourishes. In fact, concerns about corruption have
intensified in recent years as international financial donors have become
increasingly aware that corruption may undermine development by deterring
investment and growth and exacerbating poverty. Levels of perceived
corruption vary from country to country, as shown in appendix I. Within this
challenging environment, the regional MDBs must satisfy their dual mandate
of providing development assistance and exercising their fiduciary
responsibility. At the same time, MDBs must ensure that corruption is
minimized in the projects they finance.

As shown in figure 2, the MDBs? operations are funded through member
countries? paid- in capital and borrowing from capital markets, backed by
members? pledges of callable capital. Regional MDBs provide loans with
market- based interest rates and loans on concessional terms. For example,
the Asian Development Bank group uses its Ordinary Capital Resources for
market- based lending and its Asian Development Fund for concessional
lending. Figure 2 shows graphically how each arm serves as a financial
intermediary, obtaining funds from world capital markets and member
governments and providing loans to borrowers. Member Countries Could

Benefit From Additional Assurance Provided by an External Auditor?s
Attestation Over Internal Control

Page 17 GAO- 02- 27 Regional MDBs

Figure 2: Regional MDBs as Financial Intermediaries

Source: GAO analysis based on our review of MDB documents and discussions
with representatives of the international financial and audit communities.

Operations of MDBs that provide loans with market- based rates are financed
primarily through borrowings from world capital markets, members? paid- in
capital, and retained earnings. Their borrowings from world capital markets
are at favorable terms because they have high credit ratings, based on their
record of obtaining repayment on the loans they make to borrowers and on the
backing provided by member countries?

Sources of funds Callable capital

(Credit enhancement) Paid- in capital and contributions

Purchase Principal and interest payments MDB debt

Loans Payment of

principal and interest on market terms

Repayment of loans on concessional terms Loans

Users of funds

Projects and programs in member countries Capital

markets $ $ $ $

$ Concessional

lending arm Market- based

lending arm Education Technical assistance

Health Infrastructure

Member governments

Multilateral Development Banks

Disbursements to borrowers/ end- users below this line are in the hands of
member governments, private contractors, or both. These disbursement are not
specifically

covered by the MDBs' financial statement audit processes. Agriculture

Page 18 GAO- 02- 27 Regional MDBs

subscriptions to callable capital. To date, there has never been a need for
the MDBs that are the subject of this report to make a call on their
callable capital.

The concessional lending arms, which do not borrow from world capital
markets, rely on capital replenishments by members in order to continue
lending operations. Unlike the market- based lending arms of the MDBs, the
concessional lending arms need such replenishments because they have very
long repayment terms and are lending to the less developed countries with
high credit risk.

As of December 31, 2000, regional MDBs had outstanding loans of $116
billion. Concessional loans comprised 26 percent, $30 billion dollars, of
that total. The total of concessional loans for the MDBs we reviewed is
considerable. At the same time, concessional loans are exposed to the
following three types of risk:

 First, due to conditions in concessional lending countries, which are
among the poorest countries in the world, MDBs are exposed to considerable
country 12 and credit risks.

 Second, concessional loans are designed to aid the needs of developing
countries, some of which are perceived to have the worst corruption problems
in the world. See appendix I.

 Third, because concessional lenders rely on contributions from members,
they are not subject to the same market discipline and monitoring that come
into play when borrowing from world capital markets to fund lending
activities.

Moreover, even for the market- based lending MDBs, the discipline and
monitoring that derive from their borrowing in the capital markets is not
sufficient assurance to member countries that the MDBs have adequate
controls over their lending operations or that controls are adequate to
ensure that funds are used for the purpose for which the loan was granted.
Capital- market investors are primarily interested in the financial
soundness of the debt issuer. The assurance they receive from high credit
ratings and the MDBs? satisfactory record of obtaining loan repayments
satisfies their needs.

12 Country risks refer to risks associated with the economic, social, and
political environments of the borrower?s home country.

Page 19 GAO- 02- 27 Regional MDBs

Given this control environment, MDBs and member countries could benefit from
the assurance and transparency provided by additional reporting on the part
of external auditors on the MDBs? assertions on internal control, especially
in the area of internal control over lending operations and internal control
over compliance with key provisions of bank charters and policies. A
structured, disciplined process for establishing, monitoring, and reporting
on internal control is critical to providing reasonable assurance over the
reliability of an entity?s financial reporting, the effectiveness and
efficiency of its operations, and its compliance with laws, regulations,
charters, or policies.

Increased assurance through external auditor attestation and reporting to
member countries on internal control would provide additional assurance and
transparency to member country governments regarding the internal control
over MDBs? financial reporting, lending operations, and the use of their
funds. The external auditor?s assessment could also consider the role and
activities of the internal audit function in the MDBs? internal control.
Such reporting could be based on a structured and widely accepted framework
and include the auditor?s examination and conclusions regarding management?s
evaluation and assertion over the effectiveness of control in the following
areas:

1. Reliability of financial reporting: financial reporting controls are the
policies and procedures that pertain to an entity?s ability to record,
process, summarize, and report financial data consistent with the assertions
in the financial statements.

2. Effectiveness and efficiency of operations: Operations controls relate to
managing the entity?s business and include policies and procedures to carry
out organizational objectives, such as economy, efficiency, and
effectiveness of operations.

3. Compliance with applicable provisions of the MDBs? charters and policies:
Compliance controls are the policies and procedures management uses to
comply with specified provisions of the MDBs? charters and policies.

In order for the MDBs? external auditors to report on controls over
financial reporting, lending operations, and compliance, it will be
necessary to adopt a phased- in approach. According to our work, reporting
on internal control over financial reporting should be a relatively
straightforward step for the MDBs to take because their external auditors
are already performing financial statement audits; thus, the inclusion of

Page 20 GAO- 02- 27 Regional MDBs

internal control over financial reporting would be a natural addition. For
example, the Federal Reserve Board in the United States has recently
undergone this process and was able to report externally on internal control
over financial operations by its third year.

While reporting externally on internal control over lending operations and
use of funds is vital to MDB accountability, it is a more complex process
that could take longer to implement. Before the external auditor can conduct
its review, we believe that significant issues need to be addressed to lay
the foundation for the internal control review. For example, while internal
control frameworks, such as those recognized by the International
Organization of Supreme Audit Institutions (INTOSAI), 13 are available,
internal control criteria for the MDBs will need to be specified and adopted
by the MDBs. The MDBs could work together in developing specified criteria
that can be used as a benchmark for implementing internal control and
subsequently defining, measuring, and assessing the reasonableness of
internal control over lending operations and compliance. The MDBs?
management and audit committees, along with their external auditors, would
play an important role in defining the specific criteria in terms of
applicability, significance, and materiality.

Another important issue we believe needs to be addressed by the key players
would be to identify the key charter provisions to be included in a review
of compliance controls and to define what would constitute

?substantial? compliance with those key provisions of bank charters. After
these significant issues are addressed, MDB management would be able to
comprehensively document and assess the specific controls identified as
material and applicable and subsequently provide its assertions on the
effectiveness of those controls. Finally, the external auditor would then
report on the reasonableness of management?s assertions related to the
relevant lending operations and compliance controls.

We recognize that resolving these significant issues and developing this
additional audit function could take several more years, which is why it is
imperative that the MDBs begin phasing in a strategy as soon as possible. We
also recognize that the costs of undertaking this effort may be considerable
for the regional MDBs. However, the amount of funds at risk is also
considerable.

13 INTOSAI is the professional organization of national audit offices, also
known as supreme audit institutions, in countries that belong to the United
Nations or its specialized agencies.

Page 21 GAO- 02- 27 Regional MDBs

Effective internal control is critical in providing reasonable assurance
over the reliability of financial reporting, effectiveness and efficiency of
operations, and compliance with laws and regulations. Furthermore, expanded
reporting on internal control is becoming a widely accepted standard of
reporting. As discussed in the following sections, a broad range of
standard- setting organizations from around the world has issued guidance
supporting the establishment, assessment, and reporting on internal control.

 Bank regulators from a range of countries have endorsed the importance of
internal control, sound management, and independent audits. In 1997, bank
regulators from 19 industrial and developing countries, with input from an
additional 9 countries, developed Core Principles for Effective Banking
Supervision. 15 These principles, published by the Basel Committee,
identified 25 basic principles that need to be put in place for a
supervisory system to be effective. A number of the principles address the
importance of internal control and the audit function. For example, the
principles call for

 policies and procedures not only for the granting of loans but also for
the ongoing management of loans;

 internal controls, including independent internal audit activities; and

 external audit and compliance functions, to test adherence to these
controls as well as applicable laws and regulations.

 INTOSAI also recognizes the importance of effective internal control. In
June 1992, INTOSAI issued its Guidelines for Internal Control Standards

and defined an internal control structure as the plans of an organization,
including management?s attitude, methods, procedures, and other measures
that provide reasonable assurance that an organization is achieving the
following general objectives:

 promoting orderly, economical, efficient, and effective operations and
quality products and services consistent with the organization?s mission;

14 Although the term standards is used throughout this report, it is
understood that these standards are guidelines and that each MDB retains the
authority to require the standards? use. They reflect a ?best practices?
consensus among the countries or regions that developed them.

15 Basel Committee on Banking Supervision, September 1997. The committee
consists of bank supervisors from the Group of Ten countries: Belgium,
Canada, France, Germany, Italy, Japan, Luxembourg, Netherlands, Sweden,
Switzerland, United Kingdom, and the United States. (? Group of Ten? now
includes more than 10 countries, but retained its original name.) Importance
of

Internal Control Standards 14 and Reporting Worldwide

Page 22 GAO- 02- 27 Regional MDBs

 safeguarding resources against loss due to waste, abuse, mismanagement,
errors, fraud, and other irregularities;

 adhering to laws, regulations, and management directives; and

 developing and maintaining reliable financial and management data and
fairly disclosing the data in timely reports.

In this guidance, INTOSAI prescribes the internal control standards that
form a framework for an internal control structure that meets the above
objectives. Upon issuance of its guidance, INTOSAI?s Internal Control
Standards Committee called for supreme audit institutions to encourage and
support the establishment of internal controls. This would encompass (a)
management understanding its responsibilities for implementing and
monitoring the control structures and (b) auditing those structures to
assure that controls are adequate to achieve the desired result. INTOSAI
member countries have reported to the INTOSAI Internal Control Standards
Committee that they have achieved a wide range of positive results.

 In 1992, the United Kingdom Committee on Financial Aspects of Corporate
Governance published its study on corporate governance. A principal
underlying motivation for the study was the perceived low level of
confidence in financial reporting and the inability of external auditors to
provide safeguards needed by the private and public sector financial
statement users. Under the United Kingdom?s Principles of Good Governance
and Code of Best Practices (the Combined Code), a narrative statement from
management on how it applied the principles of good governance and whether
it has complied throughout the accounting period with the Combined Code?s
provisions is required. The external auditor then is required to report on
whether the entity complied with the specified provisions of the Combined
Code.

 In the United States, the Committee of Sponsoring Organizations of the
Treadway Commission 16 (COSO) was formed to support the implementation of
the recommendations by the National Commission on Fraudulent Financial
Reporting, commonly referred to as the Treadway Commission. The Treadway
Commission issued its report in 1987 recommending that the sponsoring
organizations cooperate in developing additional, integrated guidance on
internal control to provide a common

16 COSO is a private sector initiative sponsored by the American Institute
of Certified Public Accountants, the American Accounting Association, the
Institute of Internal Auditors, the Institute of Management Accountants, and
the Financial Executives Institute.

Page 23 GAO- 02- 27 Regional MDBs

reference point that entities can use to assess the quality of their
internal control systems. In 1992, COSO issued its report on internal
control,

Internal Control- Integrated Framework. This framework is designed to assist
management in assessing its internal control system against an established
standard to help identify basic weaknesses in operation, financial
reporting, and legal/ regulatory compliance controls and take action to
strengthen them. In 1994, COSO also issued an addendum,

Reporting to External Parties, that addresses reporting guidelines where
reports of internal control are issued in annual reports to shareholders. In
a previous report, we reported that the World Bank had adopted a COSO
framework. 17 An excerpt of this report is provided in appendix II.

 The U. S. Congress recognized the link between weak internal control and
past failures of financial institutions when it enacted the Federal Deposit
Insurance Corporation Improvement Act of 1991 (FDICIA). FDICIA requires the
management of an insured depository institution to state its responsibility
for establishing and maintaining an adequate internal control structure and
procedures for financial reporting. FDICIA also requires management to
report on the effectiveness of this internal control system and an
independent external auditor to attest to management?s assertions on
internal control in a separate report. As implemented, management?s report
on internal control and the auditor?s related attestation includes control
over safeguarding of assets. Further, FDICIA requires large institutions to
have independent audit committees and establishes a reporting link between
the audit committee and the external auditor.

 The General Accounting Office issues standards for internal control in the
federal government as required by 31 U. S. C. 3512 (c), commonly referred to
as the Federal Managers? Financial Integrity Act of 1982. The Standards for
Internal Control in the Federal Government 18 provide the overall framework
for establishing and maintaining internal control and for identifying and
addressing major performance and management challenges and areas at greatest
risk of fraud, waste, abuse, and mismanagement. According to these
standards, internal control should provide reasonable assurance that the
objectives of the agency are being achieved in the following categories:

 reliability of financial reporting, 17 See World Bank: Management Controls
Stronger, but Challenges in Fighting Corruption Remain (GAO/ NSIAD- 00- 73,
April 6, 2000). 18 See GAO/ AIMD- 00- 21. 3. 1, and GAO- 01- 1008G, issued
November 1999 and August 2001, respectively.

Page 24 GAO- 02- 27 Regional MDBs

 effectiveness and efficiency of operations, including the use of the
entities? resources, and

 compliance with applicable laws and regulations. See appendix III for a
sample report on internal control over financial reporting.

The MDBs have stated that internal control plays an integral role in
providing assurance in the use of MDB funds. In addition to providing
reasonable assurance over the use of public funds, MDBs have stated that
effective internal control assists management and helps to ensure corporate
accountability over the reliability of financial reporting, the
effectiveness and efficiency of operations, and compliance with laws and
regulations for any entity.

Based on our review of the regional MDBs? Web sites, most of the regional
MDBs that we reviewed have developed anti- corruption strategies that state
that they recognize the importance of strong internal control systems. The
regional MDBs have made public their anti- corruption concerns and
strategies in their annual reports and Web sites. They acknowledge that a
strong control environment within the regional MDBs and borrowing country
institutions is critical for effectively implementing the regional MDBs?
systems of project management control.

In its 2000 annual report, AfDB stated that the main objective of financial
control is to ensure a strong internal control framework within the AfDB?s
overall processes involving financial risk, including payment processes and
related computer systems. According to the AfDB, financial control also
seeks to ensure that all disbursements of loans approved by the Bank comply
with its rules, regulations, and processes. Similarly, according to its
stated policy, AsDB has developed an anti- corruption policy that is
designed to ensure that the fundamental building blocks for transparent,
predictable, and accountable administration are in place. According to the
AsDB, these building blocks include ?? transparent procurement practices;
effective internal control systems; and a well- functioning independent
audit office.? 19 In another example, EBRD has stated in its 2000 annual
report that its financial management aims to ?? ensure transparency and
accountability at all levels and support effective

19 AsDB?s Anticorruption Policy, June 1998. MDBs Emphasize the

Importance of Internal Control

Page 25 GAO- 02- 27 Regional MDBs

corporate governance.? Finally, IDB has reported that a ?simultaneous

systemic effort will be undertaken to? minimize the risk of corruption in
the allocation, commitment and disbursement of the Bank?s resources in its
lending program and ensure that Bank operations are designed so as to be
executed with transparency and within the framework of a proper control
environment?.? 20

We also found that each regional MDB has established an internal audit staff
that is part of their organizational structure?s control environment.
Generally, the internal auditors are responsible for providing analyses,
evaluations, assurances, and recommendations on MDB operations to audit
committees, boards of directors, and others with equivalent authority and
responsibility. Standards established by the Institute of Internal Auditors
21 specify that internal auditing is an independent, 22 objective assurance
and consulting activity designed to add value and improve an organization?s
operations. It helps an organization accomplish its objectives by bringing a
systematic, disciplined approach to evaluate and improve the effectiveness
of risk management, control, and governance processes.

While internal auditors do provide a level of assurance over operations and
financial reporting to management, the responsibility to provide an audit
opinion on the financial statements rests solely with the external auditor.
The external auditor follows relevant auditing standards in rendering an
audit opinion. The external auditor brings to management and the boards of
directors a unique independent and objective view and contributes to an
entity?s achievement of its financial reporting objectives, as well as other
objectives. While the external auditor has sole responsibility for the audit
report and for determining the nature, timing, and extent of audit
procedures, much of the work of the internal audit department can be useful
to support the external auditor in the audit of

20 Strengthening a Systemic Framework Against Corruption for the IDB,
February 2001. 21 Standards for the Professional Practice of Internal
Auditing, 2001. 22 The Institute of Internal Auditors? Standards for the
Professional Practice of Internal Auditing defines internal auditing as an
independent appraisal function and requires internal auditors to be
independent of the activities they audit. This concept of independence is
different from the independence the external auditor maintains under the
American Institute of Certified Public Accountants? Code of Professional
Conduct, which does not regard internal auditors as independent of their
employing entity. To be recognized as independent, the Code of Professional
Conduct, among other things, requires that the external auditor be free from
any interest in the client and its management.

Page 26 GAO- 02- 27 Regional MDBs

the financial statements. This same relationship holds true for reporting on
internal control; the internal auditor provides internal assurance to
management, while the external auditor provides an opinion, or attestation,
following relevant standards. The external auditor?s assessment could
consider the role and activities of the internal audit function in an MDB?s
internal control.

Audit committees are established components of the control environment that
strengthen the internal governance structure of an organization. An
effective audit committee facilitates the successful performance of the
board of directors? oversight responsibilities for financial operations. An
effective audit committee also normally oversees the internal and external
auditors and communicates with them on the results of their audit work to
facilitate fraud prevention and reliable financial reporting. As shown in
figure 3, an audit committee- made up of a subcommittee of the board of
directors- can establish an MDB?s accountability relationship with its
external auditor, board of directors, and internal parties, which could
result in information openly flowing to member countries and the general
public. Audit Committees Are

Key to Strengthening MDB Accountability

Page 27 GAO- 02- 27 Regional MDBs

Figure 3: Audit Committee Accountability Relationship

Source: Adapted from The Audit Committee Handbook, 3rd edition, Louis
Braiotta, Jr., ï¿½ 1999 John Wiliey & Sons, Inc. Reprinted by permission of
John Wiley & Sons, Inc.

In a recent report, the Blue Ribbon Committee panel listed a diligent and
knowledgeable audit committee membership as one of the best practices aimed
at making audit committees more effective. 23 For the four regional MDBs in
our review, information provided to us on the audit committee members?
education and job experiences indicated that generally the audit committee
members have accounting or related financial management expertise.
Qualifications in accounting or financial management are an important factor
in audit committees? effectiveness in fulfilling their governance
responsibilities.

23 Report and Recommendations of the Blue Ribbon Committee on Improving the
Effectiveness of Corporate Audit Committees, February 1999. The panel was
created in 1998 and drawn from various U. S. constituencies of the financial
community to make recommendations on strengthening the role of audit
committees in overseeing the corporate financial reporting process.

Member government The general

public Audit committee

Internal auditors

Chief executive

officer External

Internal Independent

auditors Chief financial

officer Board of

directors

Page 28 GAO- 02- 27 Regional MDBs

Another Blue Ribbon Committee best practice is the audit committee?s key
role in monitoring the component parts of the audit process. Information
provided to us indicated that the MDB audit committees were involved with
the external auditors throughout the audit process. For the MDBs included in
this report, the audit committee oversight activity generally included
integral steps such as selecting the external auditor, monitoring the
progress and the results of the audit, and communicating with the auditors.
Documentation provided to us indicated that communication with the external
auditor was regular and included discussions on issues such as internal
control deficiencies noted during the course of the audit and the
appropriateness of accounting principles and financial reporting.

The United Kingdom?s Combined Code addresses the role of corporate audit
committees in a manner consistent with the Blue Ribbon Committee report.
Among other things, the Combined Code requires all listed companies to
establish an audit committee with a formal written terms of reference. This
is a list of functions that audit committees are to perform to satisfy
themselves that banks? financial reporting and internal control are adequate
and efficient. The Combined Code also recommends that a majority of the
audit committee members be independent of management and free from any
business or other relationship that could materially interfere with the
exercise of their independent judgment.

According to the terms of reference, a key function of the regional MDB
audit committees is to understand the adequacy of the banks? internal
control. Although the information provided to us indicated that the regional
MDB audit committees were actively involved with the external auditors, the
committees have not engaged the external auditors to report on internal
control or compliance in conjunction with their financial statement audits.
A main function of the audit committee is to contract for the audits and
determine the scope of the auditors? work and the reports to be submitted by
the auditors. In that respect, the audit committees have the authority to
expand and strengthen the MDBs? financial statement audit reporting
processes by requiring the external auditors to report on internal control
and compliance, since none of the MDBs? external auditors are currently
engaged to report on these matters.

While the traditional role of the external audit function is to express an
independent opinion on an entity?s financial statements, this role has
increasingly been expanded to include reviews of internal control.
Worldwide, countries and institutions are recognizing the importance of
providing independent, external assessments on not only financial
Conclusions

Page 29 GAO- 02- 27 Regional MDBs

reporting, but also on internal control over an entity?s operations and
internal control over compliance with laws and regulations or key policies.

Because MDBs are funded with public resources and are semigovernmental in
nature, member countries that provide the MDBs? financial support and
backing would benefit from assurance provided by an external auditor over
the MDBs? controls and whether funds are being used as intended. This
reporting could enhance the accountability and transparency of the MDBs by
providing an additional level of assurance over what was spent, how it was
spent, and what resources remain to be utilized. Such reporting would also
provide information about the effectiveness of the MDBs? control over
lending operations and use of funds.

External audits of MDBs? financial statements, along with external
examinations of internal control over financial reporting, lending
operations, and compliance with key bank charters and policies, and the
reporting of the results of those audits to member countries, could help to
provide this accountability and transparency. This type of transparency and
accountability is especially important given the operating risks inherent in
how funds are used in the MDBs? activities and the fact that the MDBs rely
on member countries? financial contributions and backing to obtain funding
for their operations. Because each of the MDBs included in this report has
established internal audit functions, an external auditor?s assessment of
internal control could also consider the activities of the MDBs? internal
auditors.

Regional MDBs? audit committees are in a prime position to expand the
external reporting for their MDBs and thus strengthen MDB accountability and
enhance member country assurance that funds are spent as intended. Such
assurance would be provided while relying on the MDBs? own governance
systems and respecting the multilateral nature of the MDBs.

Reaching the above level of assurance will take time. While the MDBs we
looked at should generally be able to obtain an external auditor?s report on
internal control over financial reporting within a short time frame- say 2
to 3 years- their ability to have an external auditor report on internal
control over lending operations and internal control over compliance with
key charter requirements will require a longer- term effort. It will take
time for the MDBs to develop the resources and expertise needed to provide
the accountability and assurance called for in our recommendations.

Page 30 GAO- 02- 27 Regional MDBs

To (1) provide additional accountability, transparency, and assurance over
the regional MDB groups? lending operations and (2) ensure that project
funds are spent as intended, we recommend that the Secretary of the Treasury
instruct the U. S. Executive Directors of the four regional MDB groups
included in this report to take the lead in working with the other Executive
Directors to develop a policy requiring these MDBs and their audit
committees to adopt a phased approach to enhance the current external audits
of their financial operations, as follows.

 Engage the external auditors to report on the MDBs? internal control over
financial reporting in conjunction with their financial statement audits or
in a separate engagement.

 Develop a plan, and report annually on the progress, to engage the
external auditors to report on the MDBs? internal control over lending
operations and internal control over compliance with key provisions of bank
charters and policies.

 Provide the results of the external auditors? reports and management?s
progress reports to the MDBs and their member countries annually.

Our recommendations are intended to be implemented in phases. Reporting on
the internal control over financial reliability should be possible in the
near term for the regional banks, because they already issue annual audited
financial statements. We recognize, however, that more effort and time will
be required to identify, implement, and evaluate the applicable internal
control criteria for lending operations and compliance with key charter
provisions prior to engaging the external auditor to report on management?s
assertions in those areas.

In its comments on a draft of this report the Department of the Treasury
acknowledged that establishing and maintaining an effective control
environment is essential for the regional MDBs, especially given the unique
nature of these multilateral institutions. Even though Treasury stated that
it strongly supports oversight mechanisms to help assure increasingly
productive development assistance of the regional MDBs, it questioned the
cost- effectiveness of expanding the existing scope of the external
auditors? engagements to provide the requisite assurances that regional MDB
internal controls are operating effectively. Treasury officials also stated
their belief that internal entities within the MDB corporate governance
structure are in a better position than an external auditor to assess the
effectiveness of MDB controls. Recommendations for

Executive Action Agency Comments and Our Evaluation

Page 31 GAO- 02- 27 Regional MDBs

Treasury also stated that, in its opinion, our draft report documents the
sufficiency of the MDBs? current external audits. However, the major focus
of our report was to emphasize that given the control environment in
borrowing countries, MDBs and member countries would benefit from the
assurance and transparency provided by independent examination and reporting
by external auditors in the area of internal control over lending operations
and internal control over compliance with key provisions of bank charters
and policies. Our report provides information about the results of the
external financial statement audits at the MDBs and makes clear that by
design the objective of a financial statement audit is not to provide
assurance to member countries that project funds are used as intended. Our
report notes that, although the regional MDBs have received clean opinions
on their financial statements, the current financial statement audits cover
only the MDBs? financial position at a point in time and the financial
results of operations and cash flows for a given fiscal year. The financial
statement audits are not intended to and do not provide specific assurance
about the effectiveness of the MDBs? internal control over lending
operations and compliance with bank charters and key policies. MDB project
and program funds are used in countries where the level of perceived
corruption is often high.

Treasury also described, for illustrative purposes, the processes used by
IDB for lending oversight and the role of the IDB?s Auditor General and the
board of directors in providing oversight. Treasury also stated its belief
that the internal entities within the MDBs? own internal governance
structure are better placed than the external auditors to assess internal
control of the institutions and to ensure that programs of the banks are
effective and efficient as called for in their charters. We acknowledge the
importance of the MDB?s own internal processes as a critical aspect of
internal control, and MDB management?s responsibility for establishing and
implementing an effective system of internal control. However, until the
effectiveness of the regional MDBs? internal control is subject to review by
an independent third party, member countries will not have a comprehensive
independent assessment of the effectiveness of the controls. The MDBs?
accountability, transparency, and assurance over internal control could be
enhanced through expanded external audit processes whereby (1) management
provides assertions to the external auditors that the controls are operating
effectively, and (2) the external auditor provides an attestation to the
effectiveness of the controls through its independent testing procedures.

Treasury questioned the cost- effectiveness of expanding the external
auditors? engagements to include reporting on internal control over

Page 32 GAO- 02- 27 Regional MDBs

lending operations. We recognize that expanding the scope of the auditors?
work will involve time and effort and, therefore, we recommended a phased
approach. However, the amount of MDB funds at risk is considerable. The
enhanced reporting is designed to provide additional accountability and
transparency over the regional MDB groups? lending operations and provide
reasonable assurance that project funds are spent as intended. External
auditor attestation and reporting to member countries on internal control
would provide additional assurance and transparency to member country
governments regarding the control over MDBs? financial reporting, lending
operations, and the use of their funds. The external audit function brings
to management and the boards of director a unique, independent, and
comprehensive view that provides assurances to offset the risks and
perceived corruption in the countries receiving regional MDB funds. The
department?s comments are reprinted in their entirety in appendix IV.

We are sending copies of this report to the Secretary of the Treasury, the
presidents of the regional MDBs, and other interested parties. Copies will
be made available to others upon request.

Please contact Jeanette Franzel, Acting Director, at (202) 512- 9406 or by
email at franzelj@ gao. gov if you or your staffs have any questions
concerning this report. Key contributors to this report were Darryl Chang,
Bronwyn Hughes, Meg Mills, Charles Norfleet, Julie Phillips, and John
Treanor.

Jeffrey C. Steinhoff Managing Director Financial Management and Assurance

Page 33 GAO- 02- 27 Regional MDBs Congressional Committees

The Honorable Joseph R. Biden, Jr. Chairman The Honorable Jesse Helms
Ranking Minority Member Committee on Foreign Relations United States Senate

The Honorable Robert C. Byrd Chairman The Honorable Ted Stevens Ranking
Minority Member Committee on Appropriations United States Senate

The Honorable Patrick J. Leahy Chairman The Honorable Mitch McConnell
Ranking Minority Member Subcommittee on Foreign Operations Committee on
Appropriations United States Senate

The Honorable Michael G. Oxley Chairman The Honorable John J. LaFalce
Ranking Minority Member Committee on Financial Services House of
Representatives

The Honorable Doug Bereuter Chairman The Honorable Bernard Sanders Ranking
Minority Member Subcommittee on International Monetary

Policy and Trade Committee on Financial Services House of Representatives

Page 34 GAO- 02- 27 Regional MDBs

The Honorable C. W. Bill Young Chairman The Honorable David Obey Ranking
Minority Member Committee on Appropriations House of Representatives

The Honorable Jim Kolbe Chairman The Honorable Nita M. Lowey Ranking
Minority Member Subcommittee for Foreign Operations, Export

Financing, and Related Programs Committee on Appropriations House of
Representatives

Appendix I: Transparency International?s 2001 Corruption Perception Index

Page 35 GAO- 02- 27 Regional MDBs

Transparency International is an organization dedicated to curbing both
international and national corruption. Transparency International launched
its Corruption Perception Index (CPI) in 1995. The CPI is a collection of
polls, drawing on 14 surveys from 7 independent institutions for its 2001
results. The surveys reflect the perceptions of business people, academics,
and country analysts. No country has been included in the CPI without
results from a minimum of 3 surveys undertaken over the past 3 years. For
this reason, not all countries with high levels of corruption may have been
included.

The CPIs show that the regional MDBs function in environments that are
perceived to have high levels of corruption, underscoring the importance of
internal control over lending operations and compliance within the MDBs that
are providing loans to those countries. According to Transparency
International, the world?s poorest countries are the greatest victims of
corruption. Their survey results also register very high levels of perceived
corruption in the countries in transition, in particular the countries of
central and eastern Europe and the former Soviet Union.

Figure 4 includes all the countries covered by Transparency International.
We have also added countries that were among the MDBs? five largest
borrowers of all lending arms as of December 31, 2000, that were not
included in the Transparency International CPI and indicate that CPIs for
these countries are not available. Appendix I: Transparency International?s

2001 Corruption Perception Index

Appendix I: Transparency International?s 2001 Corruption Perception Index

Page 36 GAO- 02- 27 Regional MDBs

Figure 4: Countries Included in Transparency International?s 2001 CPI

Country CPI Country CPI Country CPI

Nigeria 1.0 Bangladesh 0.4 Turkey 3.6 Uganda 1.9 Indonesia 1.9 Greece 4.2
Kenya 2.0 Pakistan 2.3 Jordan 4.9 Cameroon 2.0 Vietnam 2.6 Italy 5.5
Tanzania 2.2 India 2.7 Taiwan 5.9 Cote d'Ivoire 2.4 Uzbekistan 2.7 Portugal
6.3 Zambia 2.6 Kazakhstan 2.7 Belgium 6.6 Zimbabwe 2.9 Philippines 2.9
France 6.7 Senegal 2.9 Thailand 3.2 Spain 7.0 Malawi 3.2 China 3.5 Japan 7.1
Ghana 3.4 South Korea 4.2 Germany 7.4 Egypt 3.6 Malaysia 5.0 Ireland 7.5
Mauritius 4.5 Sri Lanka N/Av USA 7.6 South Africa 4.8 Nepal N/Av Israel 7.6
Tunisia 5.3 Austria 7.8 Namibia 5.4 Hong Kong 7.9 Botswana 6.0 United
Kingdom 8.3 Morocco N/Av Switzerland 8.4 Algeria N/Av Australia 8.5 Ethiopia
N/Av Country CPI Norway 8.6 Mali N/Av Azerbaijan 2.0 Luxembourg 8.7

Ukraine 2.1 Netherlands 8.8 Russia 2.3 Canada 8.9 Romania 2.8 Sweden 9.0
Moldova 3.1 Singapore 9.2

Country CPI Latvia 3.4 Iceland 9.2 Bolivia 2.0 Slovak Republic 3.7 New
Zealand 9.4 Ecuador 2.3 Czech Republic 3.9 Denmark 9.5 Nicaragua 2.4 Croatia
3.9 Finland 9.9 Honduras 2.7 Bulgaria 3.9 Venezuela 2.8 Poland 4.1 Guatemala
2.9 Lithuania 4.8 Dom.Rep. 3.1 Slovenia 5.2 Argentina 3.5 Hungary 5.3 El
Salvador 3.6 Estonia 5.6 Panama 3.7 Mexico 3.7 Colombia 3.8 Brazil 4.0 Peru
4.1 N/Av = Data is not available Costa Rica 4.5 Uruguay 5.1 Trin. & Tob. 5.3
0 10 Chile 7.5

Corrupt Transparent Corruption Perception Index

Inter-American Development

Bank European Bank for

Reconstruction and Development African

Development Bank Group Asian Development

Bank Other Nations Included in the 2001 CPI

Appendix II: Summary of World Bank?s Implementation of the COSO Internal
Control Framework as of April 2000

Page 37 GAO- 02- 27 Regional MDBs

In 1995, the World Bank adopted the Committee of Sponsoring Organizations of
the Treadway Commission (COSO) framework to establish a common definition of
management controls for all Bank units and a standard against which unit
managers and auditors can assess and measure progress in improving
management controls. Audit organizations around the world use this
framework, referred to as Internal Control- Integrated Framework, as a
standard in evaluating management controls.

The COSO framework emphasizes accountability and ownership of controls at
all levels. Under this model, the effectiveness of a management control
system is measured by its capacity to provide reasonable assurance to the
Executive Board of Directors and management regarding the achievement of
their objectives in the following three categories:

 effectiveness and efficiency of operations,

 reliability of financial reporting, and

 compliance with applicable laws and regulations. Under COSO, management
control is defined as consisting of five interrelated components that form
the criteria for effective control. The five components are used as the
criteria to evaluate the strengths and weaknesses of the controls and to
identify what actions can be taken to improve controls. All five components
must be present and effective in order for management to have the reasonable
assurance needed. These components include the following:

Control Environment. An organization should establish a positive control
environment, that is, one with a structure, discipline, and climate
conducive to sound management controls. Factors that significantly affect
the control environment include the integrity and ethical values of
management and staff, the competence of personnel, the way the agency is
organized, the manner in which management assigns authority and
responsibility, and the attention and direction provided by oversight
groups.

1 This appendix originally appeared as an appendix in GAO/ NSIAD- 00- 73,
issued in April 2000, and has not been updated since that date. Appendix II:
Summary of World Bank?s

Implementation of the COSO Internal Control Framework as of April 2000 1

Management Controls Components

Appendix II: Summary of World Bank?s Implementation of the COSO Internal
Control Framework as of April 2000

Page 38 GAO- 02- 27 Regional MDBs

Risk Assessment. An organization should properly identify, analyze and
manage the possible risks involved in meeting organizational objectives.

Control activities. An organization should establish control activities
consisting of policies, procedures, techniques, and mechanisms that ensure
that management directives are being carried out to meet organization
objectives. They include approvals, authorizations, verifications, and
reviews of operating performance.

Monitoring. An organization should continually monitor and evaluate all
aspects of management control to assess the quality of performance over
time. Serious management control deficiencies should be reported to higher
levels, including top management and the Board of Directors.

Information and communication. An organization should identify, capture, and
communicate information in a form and time frame that enable people to carry
out their responsibilities.

In 1995, the Bank established a 5- year timeline to ensure that, by the end
of fiscal year 2000, management will be able to express assurance that
adequate controls are in place, not only for financial reporting purposes,
but also for efficiency and effectiveness of operations. The Office of
Controller made a commitment to

 meet the COSO standards for control effectiveness across the Bank?s major
operational areas;

 extend the COSO standards for prudential controls to nonfinance
organizational units in the Bank in fiscal year 1997;

 assert that both the International Bank for Reconstruction and Development
and the International Development Association have maintained effective
controls over financial reporting as of June 30, 1997, and obtain the
external auditor?s agreement;

 expand the application of the COSO framework so that issues of
organizational efficiency and effectiveness are brought to light; and

 become an institution in which Bank management and staff will have the
ability and process in place to analyze the effectiveness of internal
controls for their areas of responsibility.

In order to meet these goals, the Office of Controller adopted the Control
Self- Assessment methodology for assessing controls based on the COSO
framework. This approach uses the staff from various Bank units to World
Bank

Implementation Schedule

Appendix II: Summary of World Bank?s Implementation of the COSO Internal
Control Framework as of April 2000

Page 39 GAO- 02- 27 Regional MDBs

 review the business unit?s objectives, key processes supporting the stated
objectives, associated risks, and mitigating controls; under normal
circumstances, testing of key controls and documentation of testing is
required;

 hold workshops to (1) analyze obstacles and strengths that affect the
organization?s ability to achieve key business objectives and (2) decide
upon an approach to address issues arising from the process;

 identify reportable conditions requiring control enhancements together
with the results of the control self- assessment workshop in the business
unit?s action plan; and

 obtain representation letters from all the Bank?s senior managers
acknowledging their responsibility for effective controls and confirming
that they have maintained an effective system of management control.

World Bank initiated the control self- assessment methodology during fiscal
year 1996. Bank management has issued a series of reports to the Audit
Committee of the Executive Board on the Bank?s progress made in implementing
the COSO management control framework. The Internal Audit Division also
issued annual reports starting in 1998 providing independent observations
and findings on internal controls in the Bank based on prior audits and the
control self- assessment workshops. In 1999, the Bank concluded that it met
the COSO criteria for effective internal control over financial reporting
for the International Bank for Reconstruction and Development and the
International Development Association. The Bank?s external auditor examined
management?s assertions and concluded that it was fairly stated, in all
material respects. Bank management has not made an assertion regarding the
adequacy of internal controls over operations.

Appendix III: Sample External Auditor?s Report on Internal Control Over
Financial Reporting

Page 40 GAO- 02- 27 Regional MDBs

Audit Committee: We have examined management?s assertion included in the
accompanying Management?s report that (entity) maintained an effective
internal control over financial reporting as of (date). (Entity?s)
management is responsible for maintaining effective internal control over
financial reporting. Our responsibility is to express an opinion on the
effectiveness of internal control based on our examination.

Our examination was made in accordance with standards established by the
(name of standard setter) and, accordingly, included obtaining an
understanding of the internal control over financial reporting, testing and
evaluating the design and operating effectiveness of internal control, and
such other procedures as we considered necessary in the circumstances. We
believe that our examination provides a reasonable basis for our opinion.

Because of inherent limitations in any internal control, misstatements due
to errors or irregularities may occur and not be detected. Also, projections
of any evaluation of the internal control over financial reporting to future
periods are subject to the risk that the internal control may become
inadequate because of changes in conditions, or that the degree of
compliance with the policies or procedures may deteriorate.

In our opinion, management?s assertion that (entity) maintained an effective
internal control over financial reporting as of (date) is fairly stated, 1
in all material respects, based upon criteria established in the (widely
accepted internal control framework selected by the entity as criteria for
its own internal control assessment program).

External Auditor?s signature Date

1 The independent auditor should modify the report when management?s
assertions are not fairly stated. Appendix III: Sample External Auditor?s

Report on Internal Control Over Financial Reporting

Independent Auditor?s Report

Appendix IV: Comments From the Department of the Treasury

Page 41 GAO- 02- 27 Regional MDBs

Appendix IV: Comments From the Department of the Treasury

Appendix IV: Comments From the Department of the Treasury

Page 42 GAO- 02- 27 Regional MDBs

Appendix IV: Comments From the Department of the Treasury

Page 43 GAO- 02- 27 Regional MDBs

Appendix IV: Comments From the Department of the Treasury

Page 44 GAO- 02- 27 Regional MDBs

Appendix IV: Comments From the Department of the Treasury

Page 45 GAO- 02- 27 Regional MDBs (194033)

The General Accounting Office, the investigative arm of Congress, exists to
support Congress in meeting its constitutional responsibilities and to help
improve the performance and accountability of the federal government for the
American people. GAO examines the use of public funds; evaluates federal
programs and policies; and provides analyses, recommendations, and other
assistance to help Congress make informed oversight, policy, and funding
decisions. GAO?s commitment to good government is reflected in its core
values of accountability, integrity, and reliability.

The fastest and easiest way to obtain copies of GAO documents is through the
Internet. GAO?s Web site (www. gao. gov) contains abstracts and full- text
files of current reports and testimony and an expanding archive of older
products. The Web site features a search engine to help you locate documents
using key words and phrases. You can print these documents in their
entirety, including charts and other graphics.

Each day, GAO issues a list of newly released reports, testimony, and
correspondence. GAO posts this list, known as ?Today?s Reports,? on its Web
site daily. The list contains links to the full- text document files. To
have GAO E- mail this list to you every afternoon, go to our home page and
complete the easy- to- use electronic order form found under ?To Order GAO
Products.?

The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent of
Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more
copies mailed to a single address are discounted 25 percent. Orders should
be sent to:

U. S. General Accounting Office P. O. Box 37050 Washington, D. C. 20013

To order by phone: Voice: (202) 512- 6000 TDD: (202) 512- 2537 Fax: (202)
512- 6061

GAO Building Room 1100, 700 4th Street, NW (corner of 4th and G Streets, NW)
Washington, D. C. 20013

Contact: Web site: www. gao. gov/ fraudnet/ fraudnet. htm, E- mail:
fraudnet@ gao. gov, or 1- 800- 424- 5454 (automated answering system).

Jeff Nelligan, Managing Director, NelliganJ@ gao. gov (202) 512- 4800 U. S.
General Accounting Office, 441 G. Street NW, Room 7149, Washington, D. C.
20548 GAO?s Mission

Obtaining Copies of GAO Reports and Testimony

Order by Mail or Phone Visit GAO?s Document Distribution Center

To Report Fraud, Waste, and Abuse in Federal Programs

Public Affairs
*** End of document. ***