Improper Payments: Status of Agencies' Efforts to Address
Improper Payment and Recovery Auditing Requirements (31-JAN-08,
GAO-08-438T).
The federal government is accountable for how its agencies and
grantees spend hundreds of billions of taxpayer dollars and is
responsible for safeguarding those funds against improper
payments and recouping those funds when improper payments occur.
The Congress enacted the Improper Payments Information Act of
2002 (IPIA) and section 831 of the National Defense Authorization
Act for Fiscal Year 2002, commonly known as the Recovery Auditing
Act, to address these issues. GAO was asked to testify on
agencies' efforts to eliminate and recover improper payments.
Specifically, GAO focused on (1) progress made in agencies'
implementation and reporting under IPIA for fiscal year 2007, (2)
major challenges that continue to hinder full reporting of
improper payment information, and (3) agencies' efforts to report
on recovery auditing and recoup contract overpayments. This
testimony is based in part on a recently issued report
(GAO-08-377R) in addition to a further review and analysis of
improper payment and recovery auditing information reported in
agencies' fiscal year 2007 performance and accountability reports
(PAR) or annual reports. The Office of Management and Budget
(OMB) provided technical comments which GAO incorporated as
appropriate.
-------------------------Indexing Terms-------------------------
REPORTNUM: GAO-08-438T
ACCNO: A80331
TITLE: Improper Payments: Status of Agencies' Efforts to Address
Improper Payment and Recovery Auditing Requirements
DATE: 01/31/2008
SUBJECT: Accountability
Data integrity
Erroneous payments
Executive agencies
Federal/state relations
Financial management
Financial statements
Medicaid
Payments
Performance measures
Program evaluation
Program management
Reporting requirements
State-administered programs
Executive agency oversight
Transparency
******************************************************************
** This file contains an ASCII representation of the text of a **
** GAO Product. **
** **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced. Tables are included, but **
** may not resemble those in the printed version. **
** **
** Please see the PDF (Portable Document Format) file, when **
** available, for a complete electronic file of the printed **
** document's contents. **
** **
******************************************************************
GAO-08-438T
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to [email protected].
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Before the Subcommittee on Federal Financial Management, Government
Information, Federal Services, and International Security, Committee on
Homeland Security and Governmental Affairs, U.S. Senate:
United States Government Accountability Office:
GAO:
For Release on Delivery Expected at 2:30 p.m. EST:
Thursday, January 31, 2008:
Improper Payments:
Status of Agencies' Efforts to Address Improper Payment and Recovery
Auditing Requirements:
Statement of McCoy Williams, Managing Director Financial Management and
Assurance:
Improper Payments:
GAO-08-438T:
GAO Highlights:
Highlights of GAO-08-438T, a testimony before the Subcommittee on
Federal Financial Management, Government Information, Federal Services,
and International Security, Committee on Homeland Security and
Governmental Affairs, U.S. Senate
Why GAO Did This Study:
The federal government is accountable for how its agencies and grantees
spend hundreds of billions of taxpayer dollars and is responsible for
safeguarding those funds against improper payments and recouping those
funds when improper payments occur. The Congress enacted the Improper
Payments Information Act of 2002 (IPIA) and section 831 of the National
Defense Authorization Act for Fiscal Year 2002, commonly known as the
Recovery Auditing Act, to address these issues.
GAO was asked to testify on agencies� efforts to eliminate and recover
improper payments. Specifically, GAO focused on (1) progress made in
agencies� implementation and reporting under IPIA for fiscal year 2007,
(2) major challenges that continue to hinder full reporting of improper
payment information, and (3) agencies� efforts to report on recovery
auditing and recoup contract overpayments. This testimony is based in
part on a recently issued report (GAO-08-377R) in addition to a further
review and analysis of improper payment and recovery auditing
information reported in agencies� fiscal year 2007 performance and
accountability reports (PAR) or annual reports. The Office of
Management and Budget (OMB) provided technical comments which GAO
incorporated as appropriate.
What GAO Found:
While agencies have made progress, GAO identified ongoing challenges in
key areas related to IPIA and recovery auditing implementation and
reporting.
* Progress made in agencies� implementation and reporting under IPIA.
Agencies reported improper payment estimates of about $55 billion in
their fiscal year 2007 PARs or annual reports, an increase from the
almost $41 billion reported in fiscal year 2006. The reported increase
was primarily attributable to a component of the Medicaid program
reporting improper payments for the first time totaling about $13
billion, which GAO viewed as a positive step to improve transparency
over the full magnitude of improper payments. The $55 billion estimate
consists of 21 agencies reporting for 78 programs, including 19 agency
programs or activities reporting for the first time in fiscal year
2007. Further, select agency programs that first reported an error rate
in fiscal year 2004 reported an overall decrease in their error rate
estimates when compared to fiscal year 2007. OMB noted that further
reductions in error rates are expected as agencies take steps to
address payment errors resulting from insufficient or no documentation.
* Challenges with IPIA implementation. Not all agencies reported
conducting risk assessments of all of their programs and activities as
required under IPIA. Further, agencies have not estimated for 14 risk-
susceptible programs with outlays totaling about $170 billion.
Additionally, in some instances, agencies did not measure improper
payments for a 12-month period as generally required by OMB�s
implementing guidance, nor did the estimates reflect improper payments
for the entire program. Four agency auditors reported noncompliance
issues with IPIA regarding risk assessments, sampling methodologies,
corrective actions, recovery of improper payments, and inadequate
documentation. Agencies also reported that statutory or regulatory
barriers may limit corrective actions to reduce improper payments.
Lastly, agencies continue to face challenges in the implementation or
design of internal controls to identify and prevent improper payments.
Specifically, over half of agencies� Offices of Inspectors General
identified management or performance challenges that could increase the
risk of improper payments.
* Agencies� efforts to report recovery auditing information continue.
In total, 21 agencies reported identifying about $121 million in
improper payments in fiscal year 2007 for recovery and actually
recovering about $87 million, a decrease of about $217 million when
compared to the reported amount identified for recovery in the prior
year. Most of the decrease can be attributed to the Department of
Defense�s decision to stop reporting voluntary refunds. GAO noted that
few agencies reported on corrective action plans to address the root
causes of contract payment errors. Also, two agencies reported that
conducting recovery audits was not cost beneficial. All but two
agencies reported they contracted out recovery audit services,
conducted in-house recovery audits, or both. The other two were silent
on this on matter.
To view the full product, including the scope and methodology, click on
[hyperlink, http://www.GAO-08-438T]. For more information, contact
McCoy Williams at (202) 512-2600 or [email protected].
[End of section]
Mr. Chairman and Members of the Subcommittee:
Thank you for the opportunity to be here today to discuss the
governmentwide problem of improper payments in federal programs and
activities and executive branch agencies' efforts to address key
requirements of the Improper Payments Information Act of 2002
(IPIA)[Footnote 1] and section 831 of the National Defense
Authorization Act for Fiscal Year 2002, commonly known as the Recovery
Auditing Act.[Footnote 2] Since fiscal year 2000, we have issued a
number of reports and testimonies aimed at raising the level of
attention given to improper payments. Most recently, at the
Subcommittee's request, we provided a report[Footnote 3] on summary
data and preliminary analysis of the improper payment estimates
reported by federal executive branch agencies in their fiscal year 2007
performance and accountability reports (PAR) or annual reports. Our
work over the past several years has demonstrated that improper
payments are a long-standing, widespread, and significant problem in
the federal government. IPIA has increased visibility over improper
payments[Footnote 4] by requiring executive branch agency heads, using
guidance from the Office of Management and Budget (OMB),[Footnote 5] to
identify programs and activities susceptible to significant improper
payments,[Footnote 6] estimate amounts improperly paid, and report on
the amounts of improper payments and their actions to reduce them.
Similarly, the Recovery Auditing Act provides an impetus for applicable
agencies to systematically identify and recover contract overpayments.
This act requires, among others things, that all executive branch
agencies entering into contracts with a total value exceeding $500
million in a fiscal year have cost-effective programs for identifying
errors in paying contractors and for recovering amounts erroneously
paid. As the steward of taxpayer dollars, the federal government is
accountable for how its agencies and grantees annually spend hundreds
of billions of taxpayer dollars and is responsible for safeguarding
those funds against improper payments as well as having mechanisms in
place to recoup those funds when improper payments occur.
OMB has played a key role in the oversight of the governmentwide
improper payments problem. In 2005, OMB established Eliminating
Improper Payments as a new program-specific initiative under the
President's Management Agenda (PMA). This separate PMA program
initiative is intended to help to ensure that agency managers are held
accountable for meeting the goals of IPIA and are, therefore,
dedicating the necessary attention and resources to meeting IPIA
requirements. OMB continues its commitment to address governmentwide
improper payments by working with agencies to establish corrective
action plans and address their root causes. OMB also annually reports
on agencies' efforts to address IPIA and Recovery Auditing Act
requirements.
Today, my testimony will focus on three key areas:
* progress made in agencies' implementation and reporting under IPIA
for fiscal year 2007,
* several major challenges that continue to hinder full reporting of
improper payment information, and:
* agencies' reporting of recovery auditing efforts to recoup contract
overpayments.
This testimony is based on our review of available fiscal year 2007
improper payment information reported by 35 federal executive branch
agencies that OMB and the Department of the Treasury (Treasury)
determined to be significant to the U.S. government's consolidated
financial statements. We also added 4 additional executive branch
agencies included in the consolidated financial statements, increasing
our universe of review to 39 executive branch agencies (agencies). (See
app. I for a list of the 39 agencies.)
We reviewed improper payment information reported for 35[Footnote 7] of
the 39 agencies' fiscal year 2007 PARs or annual reports. We also
reviewed OMB guidance on implementation of IPIA and the Recovery
Auditing Act. In addition, we reviewed agency Office of Inspector
General (OIG) reports on management challenges to identify internal
control weaknesses and program integrity issues for agency programs
reporting improper payment estimates for fiscal year 2007. We did not
independently validate the data that agencies reported in their PARs or
annual reports. However, we are providing agency-reported data as
descriptive information that will inform interested parties about the
magnitude of reported governmentwide improper payments and amounts
recouped through recovery audits and other improper payment-related
information. We believe the data to be sufficiently reliable for this
purpose. We provided information on the major findings discussed in
this statement to OMB. OMB provided technical comments that we
incorporated as appropriate.
We conducted this performance audit from December 2007 to January 2008
in accordance with generally accepted government auditing standards.
Those standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on our audit objectives. We believe that
the evidence obtained provides a reasonable basis for our findings and
conclusions based on our audit objectives.
Progress Made to Estimate and Reduce Improper Payments:
Agencies reported improper payment estimates of almost $55 billion in
their fiscal year 2007 PARs or annual reports, an increase from the
fiscal year 2006 estimate of about $41 billion.[Footnote 8] The
reported increase was primarily attributable to a component of the
Medicaid program reporting improper payment estimates for the first
time totaling about $13 billion for fiscal year 2007, which we view as
a positive step to improve transparency over the full magnitude of
improper payments. The $55 billion estimate consists of 78 programs in
21 agencies (see app. II for further details) and represents about 2
percent of total fiscal year 2007 federal executive branch agencies'
government outlays of almost $2.8 trillion. In addition, the $55
billion largely consists of improper payments made in eight programs,
as shown in figure 1. Collectively, the eight programs account for
about $48 billion or approximately 88 percent of the total estimate.
Figure 1: Fiscal Year 2007 Improper Payment Estimates by Program
(Dollars in Billions):
This figure is a pie chart showing fiscal year 2007 improper payment
estimates by program.
Medicaid: $12.9;
Earned Income Tax Credit: $11.4;
Medicare fee-for-service: $10.8;
Other: $6.7;
Supplemental Security Income: $4.1;
Unemployment Insurance: $3.2;
Old Age Survivors' Insurance: $2.5;
Food Stamp Program: $1.8;
National School Lunch Program: $1.4.
[See PDF for image]
Source: GAO analysis of agencies' fiscal year 2007 PARs or annual
reports.
[End of figure]
Also, of the total improper payment estimate of $55 billion, we
identified 19 programs and activities[Footnote 9] that estimated
improper payments for the first time in their fiscal year 2007 PARs,
totaling about $16 billion. Of these 19 programs, we identified 6--
including Medicaid--that had been required to report selected improper
payment information for several years prior to the passage of
IPIA.[Footnote 10] In total, these 6 programs represented $14.8
billion, or 94 percent, of the approximately $16 billion in newly
reported programs. We view these agencies' efforts as a positive step
toward measuring improper payments and continuing progress in meeting
the goals of IPIA.
Likewise, agencies continued to report that they had made progress to
reduce improper payments in their programs and activities. Since
initial IPIA implementation, we noted that 39 agency programs reported
improper payment estimated error rates[Footnote 11] for each of the 4
fiscal years--2004 through 2007. Of the 39, 23 programs, or about 59
percent had reduced error rates when comparing each program's fiscal
year 2007 error rate to the initial or baseline error rate reported for
fiscal year 2004. In a separate analysis, we found that the number of
programs with error rate reductions totaled 34 when comparing fiscal
year 2007 error rates to the prior year rates. For example, the error
rate of the U.S. Department of Agriculture's (USDA) Marketing
Assistance Loan program decreased from 20.3 percent in fiscal year 2006
to 7.5 percent in fiscal year 2007, a reduction of 12.8 percent. As we
testified before this Subcommittee,[Footnote 12] USDA's high error rate
for the Marketing Assistance Loan program reported in its fiscal year
2006 PAR resulted from improvements in how it measured its improper
payments. However, in its fiscal year 2007 PAR, USDA reported that a
large percentage of fiscal year 2006 improper payments were caused by
noncompliance with administrative procedures and that corrective
actions had been taken to reduce the instance of improper payments.
Reported examples of corrective actions taken included implementing
policies related to processing payments, conducting more frequent
external audits of program effectiveness, and making the delivery of
services consistent across county offices.
OMB noted that further reductions in agency program estimated error
rates are expected as agencies take steps to address payment errors
attributed to insufficient or lack of documentation. OMB's implementing
guidance requires agencies to discuss in their PAR the portion of
payment errors attributable to insufficient or lack of documentation,
if applicable. We identified 25 programs from 10 agencies that
attributed a portion of their payment errors to insufficient or no
documentation. However, only 8 of these programs--all reported by USDA-
-cited what portion of the error rate resulted from insufficient or no
documentation. The other agencies only reported that these types of
errors contributed to the cause for the improper payments in the
remaining 17 programs. For example, the Department of State (State)
reported that there was insufficient documentation to support
eligibility for the grantee of an award, but did not cite a rate for
this type of error. Similarly, the Federal Communications Commission
(FCC) reported that lack of documentation was a significant concern of
the auditors' review of program payments, but did not report the
affected portion of the error rate.
Because agencies for 17 of the 25 agency programs that attributed some
of their payment errors to insufficient or no documentation did not
report the portion of payment errors attributable to these problems, we
could not readily determine the extent to which such errors contributed
to the total improper payment estimate of $55 billion. Yet, we found
that 25 of the 78 programs reporting improper payment estimates, or 32
percent, identified insufficient or no documentation errors as a cause
of their improper payments. OMB anticipates that errors attributable to
insufficient or no documentation will decrease significantly once
agencies correct the root cause. From our review, we noted that 22 of
the 25 agency programs reported corrective action plans to address
errors due to insufficient or no documentation. Examples of these
efforts included development of policies on documentation retention,
updating processing procedures, and training for providers on the
importance of supporting documentation.
Challenges Continue with IPIA Implementation:
While agencies have shown progress, major challenges remain in meeting
the goals of IPIA and ultimately improving the integrity of payments.
Specifically, some agencies have not yet reported estimates for all
risk-susceptible programs, the total improper payment estimate does not
yet reflect the full scope of improper payments across executive branch
agencies, noncompliance issues continue to exist, reported statutory or
regulatory barriers limit agencies' ability to reduce improper
payments, and agencies continue to face challenges in the
implementation or design of internal controls to identify and prevent
improper payments.
Risk Assessments:
IPIA requires agencies to annually review all of their programs and
activities to identify those that may be susceptible to significant
improper payments. Yet, in our review, we found that not all agencies
reported conducting risk assessments. We also noted that four
agencies[Footnote 13] reported that they did not conduct a risk
assessment of all of their programs and activities because OMB guidance
allows agency programs deemed not risk-susceptible to conduct a risk
assessment generally every 3 years. As we have previously
reported,[Footnote 14] this is inconsistent with the express terms of
IPIA, which require that agencies annually review all of their programs
and activities. However, OMB guidance does state that if a program
experiences a significant change in legislation, a significant increase
in funding level, or both, agencies are required to reassess the
program's risk susceptibility during the next annual cycle, even if it
is less than 3 years from the last assessment. In its fiscal year 2007
PAR, the Department of the Interior (Interior) reported that it did not
perform a risk assessment because the results of previous risk
assessments demonstrated that Interior was at low risk for making
improper payments. As a result, the agency reported that the next risk
assessment would be completed in fiscal year 2009. HHS reported that it
had last completed risk assessments in fiscal year 2006 in which HHS
did not identify any new high-risk programs in its fiscal year 2006
risk assessment work. HHS reported that OMB's implementing guidance
requires risk assessments once every 3 years and as a result, HHS did
not perform risk assessments during fiscal year 2007.[Footnote 15]
We also identified three additional agencies[Footnote 16] that reported
they were not required to conduct a risk assessment for specific
programs that OMB had previously designated as risk-susceptible prior
to IPIA implementation. These agencies determined that those programs
had continued to demonstrate over a 2-year period a low-risk level for
susceptibility to improper payments and thus, OMB had granted them
relief from improper payments reporting. According to their PARs, the
next risk assessments for the Environmental Protection Agency's (EPA)
Clean Water and Drinking Water State Revolving Funds and Department of
Veterans Affairs (VA) Insurance programs will be conducted in fiscal
years 2010 and 2009, respectively. The Department of Housing and Urban
Development (HUD) reported that it will conduct an annual risk
assessment of its Community Development and Block Grant (CDBG) program;
however, because it reported over 2 consecutive years[Footnote 17]
error rates of less than $10 million for this program, OMB granted it
relief from annual improper payment reporting and it did not report an
estimate in its fiscal year 2007 PAR.
OMB reported that, in aggregate, agencies have assessed risk and
measured nearly 86 percent of all high-risk outlays and that agencies
were focusing their resources on programs with the highest risk levels
of improper payments. While we agree that, as a practical matter, a
comprehensive risk assessment may not be warranted for programs with
minimal outlays or potentially low-risk programs and activities, an
appropriately designed risk assessment should be performed annually as
it is required of agencies to comply with IPIA. As we previously
reported,[Footnote 18] OMB guidance provides that agencies annually
perform risk assessments of their programs and activities, but offers
limited information on how to conduct an appropriately designed risk
assessment, thus allowing agencies broad flexibility for determining a
methodology to meet IPIA requirements. As such, the level and extent to
which agencies conduct their risk assessments can vary. This is evident
in our recent work on selected agencies' IPIA implementation, in which
we raised significant concerns regarding their risk assessment
activities, as highlighted in the following examples:
* In September 2007, we reported[Footnote 19] that for fiscal year
2006, the Department of Homeland Security (DHS) did not perform a risk
assessment on approximately $13 billion of its more than $29 billion in
disbursements subject to IPIA. Also, DHS only tested programs with
disbursements greater than $100 million and did not perform a
qualitative risk assessment of all program operations, such as an
assessment of internal controls, oversight and monitoring activities,
and results from external audits.
* In November 2007, we reported[Footnote 20] that for fiscal years 2004
through 2006, neither the United States Agency for International
Development (USAID) nor the National Aeronautics and Space
Administration (NASA) had developed a systematic process to (1)
identify risks that exist in their payment activities or (2) evaluate
the results of their payment stream reviews, such as weighting and
scoring the effectiveness of existing internal control over payments
made and results from external audits. Furthermore, both USAID and NASA
maintained insufficient or no risk assessment documentation to support
their conclusions that no programs or activities were susceptible to
significant improper payments.
* In December 2007, we reported[Footnote 21] that the Department of
Defense's (DOD) travel payment data used to assess the program's risk
of significant improper payments only included payments processed by
the Defense Travel System (DTS)--approximately 10 percent of the $8.5
billion of the department's travel obligations reported for fiscal year
2006. Further, the travel data excluded the largest user of DTS, the
Army, which would likely have increased DOD's travel improper payment
estimate of $8 million by over $4 million.[Footnote 22] In its fiscal
year 2007 PAR, DOD reported that the agency is implementing a sampling
and review process for Army travel payments processed through its
Integrated Automated Travel System in fiscal year 2008 to meet improper
payment reporting requirements.
Although we have identified significant deficiencies in the risk
assessment methodology used to address IPIA requirements at the four
agencies mentioned above, not all agencies have been subjected to an
independent review. Therefore, the extent to which the results of the
agencies' risk assessments can be relied on may not be fully known. We
have previously recommended that OMB expand its implementing guidance
to describe in greater detail factors that agencies should consider
when conducting their annual risk assessments, such as program
complexity, operational changes, findings from investigative reports,
and financial statement and performance audit reports. OMB agreed with
this recommendation and stated that it has taken steps to address
implementing it. Specifically, OMB stated that it had included factors
to be considered in agency risk assessments in its revised
implementation guidance for IPIA.
Improper Payment Estimates:
Our review found that not all agencies have developed improper payment
estimates for all of the programs and activities they identified as
susceptible to significant improper payments. As shown in table 1, the
fiscal year 2007 total improper payment estimate of $55 billion did not
include any amounts for 14 programs, with fiscal year 2007 outlays
totaling about $170 billion.
Table 1: Risk-Susceptible Programs That Did Not Report Improper Payment
Estimates for Fiscal Year 2007:
1;
Agency--program: Department of Health and Human Services--Child Care
and Development Fund[A];
Fiscal year 2007 outlays (dollars in billions): $ 4.9;
Target date for reporting improper payment estimate: 2008.
2;
Agency--program: Department of Health and Human Services--Medicare
Advantage;
Fiscal year 2007 outlays (dollars in billions): 75.1;
Target date for reporting improper payment estimate: Did not report
target date.
3;
Agency--program: Department of Health and Human Services--Medicare
Prescription Drug Benefit;
Fiscal year 2007 outlays (dollars in billions): 49.3;
Target date for reporting improper payment estimate: Did not report
target date.
4;
Agency--program: Department of Health and Human Services--State
Children's Health Insurance Program[A];
Fiscal year 2007 outlays (dollars in billions): 6.3;
Target date for reporting improper payment estimate: 2008.
5;
Agency--program: Department of Health and Human Services--Temporary
Assistance for Needy Families[A];
Fiscal year 2007 outlays (dollars in billions): 17.3;
Target date for reporting improper payment estimate: 2008.
6;
Agency--program: Department of Homeland Security--Federal Emergency
Management Agency--Assistance to Firefighters Grants;
Fiscal year 2007 outlays (dollars in billions): 0.5;
Target date for reporting improper payment estimate: 2008.
7;
Agency--program: Department of Homeland Security--Federal Emergency
Management Agency--Homeland Security Grant Program;
Fiscal year 2007 outlays (dollars in billions): 0.8;
Target date for reporting improper payment estimate: 2008.
8;
Agency--program: Department of Homeland Security--Federal Emergency
Management Agency--Infrastructure Protection Program;
Fiscal year 2007 outlays (dollars in billions): 0.12;
Target date for reporting improper payment estimate: 2008.
9;
Agency--program: Department of Homeland Security--Federal Emergency
Management Agency--National Flood Insurance Program;
Fiscal year 2007 outlays (dollars in billions): 1.5;
Target date for reporting improper payment estimate: 2008.
10;
Agency--program: Department of Homeland Security--Federal Emergency
Management Agency--Public Assistance Programs;
Fiscal year 2007 outlays (dollars in billions): 5.1;
Target date for reporting improper payment estimate: 2008.
11;
Agency--program: Department of Homeland Security--Immigration and
Customs Enforcement--Detention and Removal Operations;
Fiscal year 2007 outlays (dollars in billions): 1.2;
Target date for reporting improper payment estimate: 2008.
12;
Agency--program: Department of Homeland Security--Immigration and
Customs Enforcement--Investigations;
Fiscal year 2007 outlays (dollars in billions): 1.1;
Target date for reporting improper payment estimate: 2008.
13;
Agency--program: Department of Homeland Security--Transportation
Security Administration--Aviation Security--Payroll;
Fiscal year 2007 outlays (dollars in billions): 2.9;
Target date for reporting improper payment estimate: 2008.
14;
Agency--program: Department of Homeland Security--United States Coast
Guard--Military Payroll;
Fiscal year 2007 outlays (dollars in billions): 3.5;
Target date for reporting improper payment estimate: 2008.
Total;
Fiscal year 2007 outlays (dollars in billions): $ 169.6;
Target date for reporting improper payment estimate: [Empty].
Source: GAO's analysis of agencies' fiscal year 2007 PARs or annual
reports.
[A] OMB required program to submit improper payment information prior
to governmentwide IPIA reporting requirements. See footnote 10 of this
testimony for a detailed description.
[End of table]
A majority of these programs represent newly identified risk-
susceptible programs reported by DHS. The identification of these
programs as risk-susceptible is a positive step toward addressing IPIA
requirements. We also found, however, that three Department of Health
and Human Services (HHS) programs had not reported improper payment
estimates for fiscal year 2007, even though OMB had required these and
other programs to report selected improper payment information for
several years before passage of IPIA.[Footnote 23] After the enactment
of IPIA, OMB's implementing guidance required that these programs
continue to report improper payment information under IPIA.
Since IPIA implementation, HHS has reported on its various improper
payment pilot activities to show that efforts were underway to fully
address IPIA reporting requirements. For fiscal year 2007, HHS reported
that pilot reviews were conducted in various states for the Temporary
Assistance for Needy Families and Child Care and Development Fund
programs and that estimated improper payment rates for these programs
would be reported in fiscal year 2008. Further, HHS reported that it
also expects to report a comprehensive improper payment estimate rate
for the State Children's Health Insurance Program that will encompass
its fee-for-service, managed care, and eligibility components. We
recognize that measuring improper payments for these state-
administered[Footnote 24] programs and designing and implementing
actions to reduce or eliminate them are not simple tasks, particularly
for grant programs that rely on administration efforts at the state
level. Consequently, as we previously reported in April 2006,[Footnote
25] communication, coordination, and cooperation among federal agencies
and the states will be critical factors in estimating national improper
payment rates and meeting IPIA reporting requirements for state-
administered programs.
Further, we found a few instances where estimates were not based on a
12-month reporting period. For example, HHS's Medicaid program is the
largest of the programs constituting the total improper payment
estimate, with an estimate of about $13 billion for fiscal year 2007.
Reporting for the first time, the Medicaid program estimate is based on
6 months of fee-for-service claims processed by the states rather than
a complete fiscal year. Generally, OMB guidance requires that a 12-
month period be used to generate improper payment estimates as it more
fully characterizes the extent of improper payments within a program
for any given year. In its PAR, HHS reported that it is completing its
review of the remaining 6 months and will report an annual Medicaid fee-
for-service error rate, based on a full fiscal year 2006 fee-for-
service claims, in its fiscal year 2008 PAR.[Footnote 26]
We also found instances where agencies' estimates encompassed only one
component of a particular program. For example, USDA identified two
types of errors related to its Supplemental Nutrition Program for
Women, Infants, and Children--vendor payment errors and certification
errors. However, as part of its IPIA reporting, USDA only reported on
improper payments resulting from vendor payment errors. For
certification errors, USDA reported that it plans to use results from
the 2008 decennial income verification study to provide a nationally
representative estimate and will report the error rate in fiscal year
2009.
The extent to which other agencies used a period of review less than 12
months or estimated for only a component of their program is unknown,
as most of the agencies reporting estimates did not provide this level
of information in their PARs. As agencies continue to enhance their
measurement process and report on additional program components, it is
likely the total improper payment estimate will increase.
Lastly, we noted that while agencies reported improper payment
estimates for their various programs and activities, only five
agencies--consisting of nine programs--reported to some degree the
amount of actual improper payments they expect to recover and how they
will go about recovering them as part of their IPIA reporting. OMB
guidance states that for program improper payment estimates exceeding
$10 million, agencies must address this IPIA reporting requirement in
their PARs. We would also point out that this separate reporting
requirement is distinct and different from the recovery auditing
reporting requirements OMB has outlined in its guidance for agencies to
address in their PAR reporting. We discuss the Recovery Auditing Act
and OMB reporting requirements later in this statement.
We found that of the 78 programs with improper payments estimates, 47
reported improper payment estimates exceeding $10 million. Of this
universe, only 9 agency programs reported on recovery of improper
payments under IPIA. Of the 9, 6 programs reported on both aspects of
the requirement--expected or actual recovery amount and how they will
recover them. The remaining 3 programs reported a recovery amount but
did not discuss how they recovered the amount, or their future plans
for recovering the funds. For example, DHS reported that for its
Individuals and Households program it had collected $18 million of
Hurricane Katrina payments identified as improper during its payment
sample testing, but did not report on its recovery method. In contrast,
the Railroad Retirement Board (RRB) reported it had recovered $104.5
million for fiscal years 2003 to 2006 in Retirement and Survivors
Benefits program receivables. RRB reported that its collection program
is in full compliance with the Debt Collection Improvement Act of 1996
and recoveries are made through a variety of mechanisms. These include
the offset of future benefits, reclamation from the financial
institution of benefits erroneously paid after the death of a
beneficiary, and direct payments from debtors. RRB also reported that
fraudulent payments are referred to the OIG for prosecution through the
Department of Justice (Justice). As agencies continue to enhance their
IPIA reporting, full and reasonable disclosures regarding actual
improper payments and actions to recover those payments will provide
needed transparency of this issue and address the American public's
increasing demands for accountability over taxpayer funds.
Noncompliance Issues with IPIA:
For fiscal year 2007, a limited number of agency auditors reported on
compliance issues with IPIA as part of their financial statement audit,
although such reporting is not specifically required by IPIA.
Specifically, auditors for 5 of the 39 agencies[Footnote 27] included
in our scope reported assessing the agencies' compliance with IPIA. Of
the 5, agency auditors for all except USAID reported noncompliance
issues related to the key requirements of the act, including risk
assessments, sampling methodologies, implementing corrective actions,
recovering improper payments, and inadequate documentation. Fiscal year
2007 reflected the fourth year that auditors for HHS and DHS reported
noncompliance issues with IPIA, including not estimating for all risk-
susceptible programs and deficiencies related to sampling and testing
of transactions. Agency auditors at the Department of Transportation
(Transportation) and DOD reported noncompliance with IPIA for a second
year. For fiscal year 2007, Transportation auditors reported that they
had not received sufficient documentation by the time of PAR issuance
to determine if the department's sampling plan was statistically valid.
The auditors for DOD reported for fiscal year 2007, that the department
was still in the process of developing procedures to identify improper
payments and that its efforts to manage recovery audit contracts had
been largely unsuccessful.
As we previously testified before this Subcommittee,[Footnote 28]
separate assessments conducted by agency auditors provided a valuable
independent validation of agencies' efforts to implement the act.
Independent assessments would also enhance an agency's ability to
identify sound performance measures, monitor progress against those
measures, and help establish performance and results expectations.
Without this type of validation or other types of reviews performed by
GAO and agency OIGs, it is difficult to determine the magnitude of
deficiencies that may exist in agencies' IPIA implementation efforts.
Statutory or Regulatory Barriers:
As previously mentioned, for fiscal year 2007, 21 agencies reported
improper payment estimates for 78 programs totaling $55 billion for
fiscal year 2007. Of the 21 agencies, 16 reported improper payment
estimates that exceeded $10 million for one or more programs, and
therefore, under OMB guidance, were required to report on various
elements as part of their plan to reduce improper payments, including
any statutory or regulatory barrier that may limit the agencies'
corrective actions in reducing improper payments. Of the 16 agencies
required to report on any statutory or regulatory barriers,[Footnote
29] 14 agencies reported on whether they had such barriers which may
limit corrective actions in reducing improper payments. The remaining 2
agencies[Footnote 30] did not address whether any statutory or
regulatory barriers existed. We further noted that of the 14 agencies
that addressed statutory or regulatory barriers, 9 identified such
barriers that may limit corrective actions to reduce improper payments.
The remaining 5 agencies[Footnote 31] reported that they either had no
existing statutory or regulatory barriers or were unaware of any at
this time.
Agencies cited various barriers that restricted their ability to better
manage their programs against improper payments. For example, the
Office of Personnel Management's (OPM) Retirement Program (Civil
Service Retirement System and Federal Employees Retirement System)
reported in its fiscal year 2007 PAR that it faces regulatory barriers
that restrict its ability to recover improper payments. For instance,
once OPM learns of the death of an annuitant, it requests that Treasury
reclaim all posthumously issued payments from the deceased's bank
account. When there is insufficient money in the account, OPM would
like to seek collection from the individual who last withdrew money
from the account. According to OPM, based on current law[Footnote 32]
and Treasury's regulations, financial institutions are barred from
providing OPM with the information necessary to recover these improper
payments. The law and regulations have specifically exempted the Social
Security Administration (SSA), RRB, and VA from this prohibition, but
not OPM. Further, OPM reported that this situation has a substantial
impact on its ability to prevent and recover improper payments. OPM has
determined that the current law will need to be amended to overcome
this prohibition and Treasury has drafted legislative language to
address this issue.
The Department of Education (Education) reported that the ability to
perform data matching between Federal Student Aid applications and tax
return data would substantially reduce improper payments in the Pell
Grant program, as the large majority of errors are the result of
misreporting of income and related data fields. However, according to
OMB, Section 6103(c) of the Internal Revenue Code, concerning
confidentiality of tax return information, precludes data matching with
regard to grants by Education. In its January 2007 annual
report[Footnote 33] on improper payments, OMB reported that the
President's Fiscal Year 2008 Budget contained a series of reforms that
are necessary to achieve greater program integrity and payment
accuracy, including a proposal to facilitate data matching of Pell
grant program data. This report indicates that, through administrative
changes, Education and the Internal Revenue Service intend to implement
a process to verify students' (and their parents') income, tax, and
certain household information appearing on their tax return that they
provided as part of their application for federal student aid.
Management Challenges:
Agencies continue to face challenges in the implementation or design of
internal controls to identify and prevent improper payments. Over half
of the agencies' OIG identified management or performance challenges
that could increase the risk of improper payments, including challenges
related to internal controls. In addition, several OIGs identified
instances where agencies needed to improve their oversight of grantees
receiving federal funds. For example, in its fiscal year 2007 PAR,
Education's OIG reported that its recent investigations continued to
uncover problems, including inadequate attention to improper payments
and failure to identify and take corrective action to detect and
prevent fraudulent activities by grantees. The Small Business
Administration's (SBA) OIG included a management challenge related to
the agency's controls over the section 7(a) loan guaranty purchase
process. The OIG reported that the majority of the loans made under the
program are made with little or no review by SBA prior to loan approval
because SBA has delegated most of the credit decisions to lenders
originating these loans. SBA's review of lender requests for guaranty
purchases on defaulted loans is, therefore, the agency's primary tool
for assessing lender compliance on individual loans and protecting SBA
from making erroneous purchase payments. However, OIG audits of early
defaulted loans and SBA's guaranty purchase process have shown that
reviews made by the National Guaranty Purchase Center have not
consistently detected lender failures to administer loans in full
compliance with SBA requirements and prudent lending practices,
resulting in improper payments.
Management challenges were also found in agency programs that did not
estimate improper payments in their fiscal year 2007 PAR. The National
Science Foundation (NSF) OIG found that NSF did not have a
comprehensive, risk-based system to oversee and monitor contract awards
and ensure that the requirements of each contract were being met. In
another example, Treasury's OIG identified erroneous and improper
payments as a major management challenge and reported that some tax
credits, such as the Education Credit, provide opportunities for abuse
in income tax claims. Related to this issue, Treasury's independent
auditor reported that weaknesses in controls over the collection of tax
revenues owed to the federal government and over the issuance of tax
refunds resulted in lost revenue to the federal government and
potentially billions of dollars in improper payments, which the
auditors classified as a material weakness.
Agencies' Efforts to Report Recovery Auditing Information Continue:
Section 831 of the National Defense Authorization Act for Fiscal Year
2002 provides an impetus for applicable agencies to systematically
identify and recover contract overpayments. The act requires that
agencies that enter into contracts with a total value in excess of $500
million in a fiscal year carry out a cost-effective program for
identifying and recovering amounts erroneously paid to contractors. The
law authorizes federal agencies to retain recovered funds to cover in-
house administrative costs as well as to pay contractors, such as
collection agencies. Any residual recoveries, net of these program
costs, shall be credited back to the original appropriation from which
the improper payment was made, subject to restrictions as described in
the legislation.
The techniques used in recovery auditing offer the opportunity for
identifying weaknesses in agency internal controls, which can be
modified or upgraded to be more effective in preventing improper
payments before they occur for subsequent contract outlays. However, we
would like to emphasize that effective internal control calls for a
sound, ongoing invoice review and approval process as the first line of
defense in preventing unallowable contract costs. Given the large
volume and complexity of federal payments and historically low recovery
rates for certain programs, it is much more efficient and effective to
pay bills properly in the first place. Prevention is always preferred
to detection and collection. Aside from minimizing overpayments,
preventing improper payments increases public confidence in the
administration of programs and avoids the difficulties associated with
the "pay and chase" aspects of recovering improper payments. Without
strong preventive controls, agencies' internal control activities over
payments to contractors will not be effective in reducing the risk of
improper payments.
Beginning in fiscal year 2004, OMB required that applicable agencies
publicly report on their recovery auditing[Footnote 34] efforts as part
of their PAR reporting of improper payment information. Agencies are
required to discuss any contract types excluded from review and
justification for doing so. Agencies are also required to report, in
table format, various amounts related to contracts subject to review
and actually reviewed, contract amounts identified for recovery and
actually recovered and prior year amounts. In addition, agencies are to
discuss the following: a general description and evaluation of the
steps taken to carry out a recovery auditing program,[Footnote 35] a
corrective action plan to address root causes of payment error, and a
general description and evaluation of any management improvement
program.
For fiscal year 2007, agencies reported reviewing about $329 billion in
contract payments to vendors under recovery audit programs. From these
reviews, agencies reported identifying about $121 million in improper
payments for recovery and actually recovering about $87 million, or an
estimated overall rate of recovery of approximately 72 percent, as
shown in table 2.
Table 2: Agency Reported Improper Payment Amounts Identified and
Recovered for Fiscal Years 2006 and 2007:
1;
Department or agency: Agency for International Development;
Fiscal year 2006: Agency-reported amount identified for recovery:
$17,100,000;
Fiscal year 2006: Agency-reported amount recovered: $17,090,000;
Fiscal year 2007: Agency-reported amount identified for recovery:
$4,010,000;
Fiscal year 2007: Agency-reported amount recovered: $4,000,000.
2;
Department or agency: Department of Agriculture;
Fiscal year 2006: Agency-reported amount identified for recovery:
379,000;
Fiscal year 2006: Agency-reported amount recovered: 538,000[A];
Fiscal year 2007: Agency-reported amount identified for recovery:
206,000;
Fiscal year 2007: Agency-reported amount recovered: 146,000.
3;
Department or agency: Department of Commerce;
Fiscal year 2006: Agency-reported amount identified for recovery:
96,000;
Fiscal year 2006: Agency-reported amount recovered: 96,000;
Fiscal year 2007: Agency-reported amount identified for recovery: 0[B];
Fiscal year 2007: Agency-reported amount recovered: 0[B].
4;
Department or agency: Department of Defense;
Fiscal year 2006: Agency-reported amount identified for recovery:
195,300,000;
Fiscal year 2006: Agency-reported amount recovered: 137,900,000;
Fiscal year 2007: Agency-reported amount identified for recovery:
24,600,000;
Fiscal year 2007: Agency-reported amount recovered: 19,600,000.
5;
Department or agency: Department of Education;
Fiscal year 2006: Agency-reported amount identified for recovery: did
not report;
Fiscal year 2006: Agency-reported amount recovered: did not report;
Fiscal year 2007: Agency-reported amount identified for recovery:
1,500[C];
Fiscal year 2007: Agency-reported amount recovered: did not report[C].
6;
Department or agency: Department of Energy;
Fiscal year 2006: Agency-reported amount identified for recovery:
11,900,000;
Fiscal year 2006: Agency-reported amount recovered: 10,300,000;
Fiscal year 2007: Agency-reported amount identified for recovery:
15,000,000;
Fiscal year 2007: Agency-reported amount recovered: 10,000,000.
7;
Department or agency: Environmental Protection Agency;
Fiscal year 2006: Agency-reported amount identified for recovery:
1,102,000;
Fiscal year 2006: Agency-reported amount recovered: 406,500[D];
Fiscal year 2007: Agency-reported amount identified for recovery:
241,800;
Fiscal year 2007: Agency-reported amount recovered: 65,300.
8;
Department or agency: General Services Administration;
Fiscal year 2006: Agency-reported amount identified for recovery:
46,721,742;
Fiscal year 2006: Agency-reported amount recovered: 45,917,920;
Fiscal year 2007: Agency-reported amount identified for recovery:
11,200,000;
Fiscal year 2007: Agency-reported amount recovered: 9,400,000.
9;
Department or agency: Department of Health and Human Services;
Fiscal year 2006: Agency-reported amount identified for recovery:
1,600,000[E];
Fiscal year 2006: Agency-reported amount recovered: 40,000[E];
Fiscal year 2007: Agency-reported amount identified for recovery:
635,728;
Fiscal year 2007: Agency-reported amount recovered: 19,549.
10;
Department or agency: Department of Homeland Security;
Fiscal year 2006: Agency-reported amount identified for recovery: did
not report;
Fiscal year 2006: Agency-reported amount recovered: did not report;
Fiscal year 2007: Agency-reported amount identified for recovery:
1,836,000[F];
Fiscal year 2007: Agency-reported amount recovered: 1,213,000[F].
11;
Department or agency: Department of Housing and Urban Development;
Fiscal year 2006: Agency-reported amount identified for recovery:
reported not cost beneficial;
Fiscal year 2006: Agency-reported amount recovered: reported not cost
beneficial;
Fiscal year 2007: Agency-reported amount identified for recovery:
reported not cost beneficial[G];
Fiscal year 2007: Agency-reported amount recovered: reported not cost
beneficial[G].
12;
Department or agency: Department of the Interior;
Fiscal year 2006: Agency-reported amount identified for recovery:
4,407,345;
Fiscal year 2006: Agency-reported amount recovered: 505,743;
Fiscal year 2007: Agency-reported amount identified for recovery:
428,332;
Fiscal year 2007: Agency-reported amount recovered: 421,337.
13;
Department or agency: Department of Justice;
Fiscal year 2006: Agency-reported amount identified for recovery:
1,851,709;
Fiscal year 2006: Agency-reported amount recovered: 1,734,421;
Fiscal year 2007: Agency-reported amount identified for recovery:
4,241,765;
Fiscal year 2007: Agency-reported amount recovered: 3,777,628.
14;
Department or agency: Department of Labor;
Fiscal year 2006: Agency-reported amount identified for recovery:
reported not cost beneficial;
Fiscal year 2006: Agency-reported amount recovered: reported not cost
beneficial;
Fiscal year 2007: Agency-reported amount identified for recovery:
reported not cost beneficial[G];
Fiscal year 2007: Agency-reported amount recovered: reported not cost
beneficial[G].
15;
Department or agency: National Aeronautics and Space Administration;
Fiscal year 2006: Agency-reported amount identified for recovery:
256,255;
Fiscal year 2006: Agency-reported amount recovered: 139,420;
Fiscal year 2007: Agency-reported amount identified for recovery: did
not report[H];
Fiscal year 2007: Agency-reported amount recovered: did not report[H].
16;
Department or agency: Social Security Administration;
Fiscal year 2006: Agency-reported amount identified for recovery:
178,000;
Fiscal year 2006: Agency-reported amount recovered: 178,000;
Fiscal year 2007: Agency-reported amount identified for recovery:
1,712,000[I];
Fiscal year 2007: Agency-reported amount recovered: 1,712,000[I].
17;
Department or agency: Department of State;
Fiscal year 2006: Agency-reported amount identified for recovery:
2,397,200;
Fiscal year 2006: Agency-reported amount recovered: 2,276,700;
Fiscal year 2007: Agency-reported amount identified for recovery:
5,353,615;
Fiscal year 2007: Agency-reported amount recovered: 4,900,338.
18;
Department or agency: Tennessee Valley Authority;
Fiscal year 2006: Agency-reported amount identified for recovery:
6,793,581;
Fiscal year 2006: Agency-reported amount recovered: 1,202,651;
Fiscal year 2007: Agency-reported amount identified for recovery:
6,605,111;
Fiscal year 2007: 2,715,183.
19;
Department or agency: Department of Transportation;
Fiscal year 2006: Agency-reported amount identified for recovery:
6,450,993;
Fiscal year 2006: Agency-reported amount recovered: 45,109;
Fiscal year 2007: Agency-reported amount identified for recovery:
6,546,901;
Fiscal year 2007: Agency-reported amount recovered: 1,217,525.
20;
Department or agency: Department of the Treasury;
Fiscal year 2006: Agency-reported amount identified for recovery:
2,305,424;
Fiscal year 2006: Agency-reported amount recovered: 1,442,708;
Fiscal year 2007: Agency-reported amount identified for recovery:
843,230;
Fiscal year 2007: Agency-reported amount recovered: 821,667.
21;
Department or agency: Department of Veterans Affairs;
Fiscal year 2006: Agency-reported amount identified for recovery:
39,155,454;
Fiscal year 2006: Agency-reported amount recovered: 30,378,423;
Fiscal year 2007: Agency-reported amount identified for recovery:
37,740,000;
Fiscal year 2007: Agency-reported amount recovered: 27,000,000.
Total;
Fiscal year 2006: Agency-reported amount identified for recovery:
$337,994,703;
Fiscal year 2006: Agency-reported amount recovered: $250,191,595;
Fiscal year 2007: Agency-reported amount identified for recovery:
$121,201,982;
Fiscal year 2007: Agency-reported amount recovered: $87,009,527.
Source: GAO analysis and agencies' fiscal year 2006 and 2007 PARs.
[A] According to USDA, amount recovered in fiscal year 2006 includes
some recoveries identified in fiscal year 2005.
[B] The Department of Commerce recovery audit was for its National
Oceanic and Atmospheric Administration bureau only. The recovery
auditors did not identify any overpayments during the audit.
[C] Education reported that the contractor's review of fiscal year 2006
contract invoices found no more than $1,500 in potential recoveries.
[D] EPA reported recovered amounts for fiscal year 2006 in its fiscal
year 2007 PAR.
[E] We obtained these amounts from OMB.
[F] DHS reported that OMB granted it relief from recovery auditing for
one of its components, Customs and Border Protection (CBP); however,
the request was granted after DHS performed audit recovery work during
prior years. The total agency-reported amount includes an amount
recovered for CBP in fiscal year 2007.
[G] The Departments of Housing and Urban Development and Labor reported
that recovery auditing efforts were not cost beneficial in fiscal years
2005, 2006, and 2007.
[H] NASA plans to report on its recovery audit results in fiscal year
2008.
[I] SSA amounts reported are based on SSA's review of administrative
contractor payments.
[End of table]
We found that the number of agencies reporting recovery audit
information remained the same when compared to the prior year. However,
the fiscal year 2007 dollar amounts identified for recovery
significantly decreased by about $217 million from fiscal year 2006. We
noted that a significant decrease in DOD's fiscal year 2007 reporting
of amounts identified for recovery and amounts recovered from the prior
year contributed to the overall decrease. For example, for fiscal year
2006 DOD reported $195.3 million for contract overpayments identified
for recovery. This amount decreased sharply to $24.6 million for fiscal
year 2007. Similarly, DOD reported recovering $137.9 million for fiscal
year 2006 compared to just $19.6 million for fiscal year 2007.
According to OMB, the significant decrease in DOD's reported amounts
resulted from the department's exclusion of voluntary refunds of
contract payments at the recommendation of a DOD OIG audit[Footnote 36]
since the voluntary refunds did not originate from recovery audit
efforts.
In addition, we noted that agencies used different types of resources
to carry out their recovery audit programs. Of the 21 agencies
reporting recovery auditing information for fiscal year 2007, 9
reported they contracted out their recovery audit services, 3 conducted
in-house recovery audits, 5 reported using both in-house and recovery
audit contractors, and two were silent. The remaining 2 agencies--HUD
and Labor--did not conduct recovery audits as they reported it was not
cost beneficial.
HUD reported in its fiscal year 2007 PAR that current internal controls
over its contract payment and contract close-out processes were
adequate to reduce the risks of overpayments. HUD further reported on
continued initiatives such as strengthening its fund control processes.
Therefore, HUD concluded that a recovery auditing program would not be
cost beneficial and was not warranted. Likewise, Labor reported that
its sampling and testing of nonpayroll costs, consisting of department
expenses including contract payments related to the operation and
administration of programs' and headquarters' activities for the
current and prior fiscal years found no improper payments in its
contract payments. Based on these results, Labor decided that a
recovery auditing program was not warranted in fiscal year 2007.
However, Labor reported that it plans to implement a recovery auditing
program for contract payments in fiscal year 2008, and will report its
recovery audit actions, costs, and amounts recovered on an annual
basis.
From our review of the PARs, we found that agencies' reporting of the
various recovery auditing reporting elements[Footnote 37] was limited.
For example, agencies generally provided some information on steps to
carry out a recovery audit program. However, less than half, or 8
agencies reported on their corrective action plans to address root
causes of contract payment errors. For example, the Department of
Energy (Energy) reported that it established a policy that prescribes
requirements for identifying overpayments to contractors and
establishes reporting standards to track the status of recoveries.
However, Energy did not report on corrective actions to address the
root causes of contract overpayments.
We also found that three agencies--Department of Commerce (Commerce),
Justice, and SSA--reported on justifications for certain contracts that
were excluded from their recovery audit review. For example, Commerce
reported that travel payments, bankcards/purchase cards, all
procurement vehicles with other federal agencies, and government bills
of lading were excluded from its review, as the costs for recovery
audit activities would likely exceed the benefits of a recovery audit.
Justice reported that certain payments at foreign offices were excluded
as they were processed by the Department of State. Lastly, SSA reported
that it excluded cost-type contracts that either (1) had not been
completed where payments are interim, provisional, or otherwise subject
to further adjustment by the government in accordance with the terms
and conditions of the contract, or (2) were completed, subjected to
final contract audit, and prior to final payment of the contractor's
final voucher, all prior interim payments were accounted for and
reconciled.
Concluding Observations:
In closing, we recognize that measuring improper payments and designing
and implementing actions to reduce them are not simple tasks or easily
accomplished. Further, while internal control should be maintained as
the front-line of defense against improper payments, recovery auditing
holds promise as a cost-effective means of identifying contractor
overpayments. We are pleased that agencies are identifying and
reporting on more risk-susceptible programs and have reported that
overall program error rates have decreased since IPIA implementation.
Yet we also note that deficiencies continued to be identified regarding
agencies' efforts to comply with IPIA based on independent assessments
conducted by agency auditors or from past GAO reviews. As agencies
continue to strengthen their program integrity efforts and recovery
audit reviews, fulfilling the requirements of IPIA and the Recovery
Auditing Act will require sustained attention to implementation and
oversight to monitor whether desired results are being achieved.
Mr. Chairman, this concludes my statement. I would be pleased to
respond to any questions that you or other members of the Subcommittee
may have.
Contact and Acknowledgments:
For more information regarding this testimony, please contact McCoy
Williams, Managing Director, Financial Management and Assurance, at
(202) 512-2600 or by e-mail at [email protected]. Contact points for
our Offices of Congressional Relations and Public Affairs may be found
on the last page of this testimony. Individuals making key
contributions to this testimony included Carla Lewis, Assistant
Director; Gabrielle Fagan; Neeraj Goswami; Mary Osorno; Christina
Quattrociocchi; Donell Ries; and Viny Talwar.
[End of section]
Appendix I: Agencies and Related Programs Included in Our Review of
Fiscal Year 2007 Performance and Accountability Reports and Annual
Reports:
[See PDF for image]
Source: GAO's analysis of cited agencies' fiscal year 2007 performance
and accountability reports and annual reports.
[A] Agency PAR or annual report was not available as of the end of
fieldwork.
[End of table]
[End of section]
Appendix II: Improper Payment Estimates Reported in Agency Fiscal Year
2006 and 2007 Performance and Accountability Reports or Annual Reports:
[See PDF for image]
Source: GAO's analysis of cited agencies' fiscal year 2006 and fiscal
year 2007 performance and accountability reports or annual reports.
[A] Agency did not report an annual improper payment estimate or error
rate.
[B] Agency reported that it had no programs or activities susceptible
to significant improper payments.
[C] Fiscal year 2006 estimate or error rate was updated to the revised
estimate or error rate reported in the fiscal year 2007 PAR or annual
report.
[D] Agency error rate was less than one percent or error rate rounded
to zero for purposes of this testimony.
[E] Agency combined with the program above.
[F] Agency did not address improper payments or IPIA in its PAR or
annual report for fiscal year 2006, fiscal year 2007, or both.
[G] Fiscal year 2007 was the first year this agency was included in our
scope of review.
[H] Agency PAR or annual report was not available as of the end of
fieldwork.
[I] Agency reported that it would estimate improper payments in the
future for this program. See table 1 of this testimony.
[J] Agency reported program no longer susceptible to significant
improper payments.
[K] Agency reported that the annual improper payment amount or error
rate was zero.
[End of table]
[End of section]
Footnotes:
[1] Pub. L. No. 107-300, 116 Stat. 2350 (Nov. 26, 2002).
[2] National Defense Authorization Act for Fiscal Year 2002, Pub. L.
No. 107-107, div. A, title VIII, � 831, 115 Stat. 1012, 1186 (Dec. 28,
2001) (codified at 31 U.S.C. �� 3561-3567).
[3] GAO, Improper Payments: Federal Executive Branch Agencies' Fiscal
Year 2007 Improper Payment Estimate Reporting, GAO-08-377R (Washington,
D.C.: Jan. 23, 2008).
[4] IPIA defines improper payments as any payment that should not have
been made or that was made in an incorrect amount (including
overpayments and underpayments) under statutory, contractual,
administrative, or other legally applicable requirements. It includes
any payment to an ineligible recipient, any payment for an ineligible
service, any duplicate payment, payments for services not received, and
any payment that does not account for credit for applicable discounts.
[5] OMB, Circular No. A-123, Appendix C, Requirements for Effective
Measurement and Remediation of Improper Payments (Aug. 10, 2006).
[6] OMB's guidance defines significant improper payments as those in
any particular program that exceed both 2.5 percent of program payments
and $10 million annually.
[7] Four of the agencies had not issued their annual reports as of the
end of our fieldwork.
[8] In their fiscal year 2007 PARs or annual reports, certain federal
agencies updated their fiscal year 2006 improper payment estimates to
reflect changes since issuance of their fiscal year 2006 PARs or annual
reports. These updates decreased the governmentwide improper payment
estimate for fiscal year 2006 from $42 billion to $41 billion.
[9] Of the 19 programs, 5 reported an improper payment estimate of zero
for fiscal year 2007.
[10] Prior to the governmentwide IPIA reporting requirements beginning
with fiscal year 2004, former section 57 of OMB Circular No. A-11
required certain agencies to submit similar information, including
estimated improper payment target rates, target rates for future
reductions in these payments, the types and causes of these payments,
and variances from the targets and goals established. In addition,
these agencies were to provide a description and assessment of the
current methods for measuring the rate of improper payments and the
quality of data resulting from these methods.
[11] Reported error rates reflect the rate of error as a percentage of
total program outlays. The error rates are based on estimates and not
actual findings of error.
[12] GAO, Improper Payments: Agencies' Efforts to Address Improper
Payment and Recovery Auditing Requirements Continue, GAO-07-635T
(Washington, D.C.: Mar. 29, 2007).
[13] The four agencies are the General Services Administration,
Department of Health and Human Services, Department of the Interior,
and National Science Foundation.
[14] GAO, Improper Payments: Weaknesses in USAID's and NASA's
Implementation of the Improper Payments Information Act and Recovery
Auditing, GAO-08-77 (Washington, D.C.: Nov. 9, 2007).
[15] OMB officials stated that HHS has identified about 93 percent of
its total outlays as high-risk.
[16] The three agencies are the Environmental Protection Agency,
Department of Housing and Urban Development, and Department of Veterans
Affairs.
[17] In its fiscal year 2006 PAR, HUD reported an error rate for the
first time for its CDBG program for fiscal years 2003, 2004, and 2005.
[18] GAO, Improper Payments: Agencies' Fiscal Year 2005 Reporting under
the Improper Payments Information Act Remains Incomplete, GAO-07-92
(Washington, D.C.: Nov. 14, 2006) and GAO-08-77.
[19] GAO, Department of Homeland Security: Challenges in Implementing
the Improper Payments Information Act and Recovering Improper Payments,
GAO-07-913 (Washington, D.C.: Sept. 19, 2007).
[20] GAO-08-77.
[21] GAO, DOD Travel Improper Payments: Fiscal Year 2006 Reporting Was
Incomplete and Planned Improvement Efforts Face Challenges, GAO-08-16
(Washington, D.C.: Dec. 14, 2007).
[22] In its fiscal year 2007 PAR, DOD restated its fiscal year 2006
estimate for travel pay from $8 million to $29.4 million. DOD reported
that the restatement was made to primarily include travel payments made
outside of DTS.
[23] See footnote 10.
[24] The term state-administered refers to federal programs that are
managed on a day-to-day basis at the state level to carry out program
objectives.
[25] GAO, Improper Payments: Federal and State Coordination Needed to
Report National Improper Payment Estimates on Federal Programs, GAO-06-
347 (Washington, D.C.: Apr. 14, 2006).
[26] OMB officials added that HHS also plans to report an estimate on
its fiscal year 2007 fee-for-service claims data.
[27] The five agencies are USAID and the Departments of Defense,
Homeland Security, Health and Human Services, and Transportation.
[28] GAO-07-635T.
[29] The regulatory barriers reported represent governmentwide
regulations that the agency has no authority to modify.
[30] The two agencies are the Department of Energy and the Department
of Housing and Urban Development.
[31] The five agencies are the Department of Defense, Federal
Communication Commission, Department of Homeland Security, Railroad
Retirement Board, and Department of Transportation.
[32] Generally, the Right to Financial Privacy Act of 1978, Pub. L. No.
95-630, title XI, 92 Stat. 3641, 3697-3710 (Nov. 10, 1978) (codified,
as amended, at 12 U.S.C. � 3401-3422), requires financial institutions
to obtain permission from their customers to disclose financial
information. According to OPM, this requirement in effect bars OPM from
obtaining posthumous payments information, preventing recovery of
improper payments.
[33] Office of Management and Budget, Improving the Accuracy and
Integrity of Federal Payments, (Washington, D.C.: Jan. 31, 2007).
[34] Recovery auditing is a method that agencies can use to recoup
detected improper payments. Recovery auditing is a detective control to
help determine whether contractor costs were proper. Specifically, it
focuses on the identification of erroneous invoices, discounts offered
but not received, improper late penalty payments, incorrect shipping
costs, and multiple payments for single invoices. Recovery auditing can
be conducted in-house or contracted out to recovery audit firms.
[35] OMB defines a recovery audit program as an agency's overall plan
for the performance of recovery audits and recovery activities. The
head of an agency will determine the manner and combination of recovery
audits and activities that are expected to yield the most cost-
effective recovery audit program. The program should include a
management improvement program. A management improvement program is an
agencywide program to address the flaws in an agency's internal
controls over contractor payments discovered during the course of
implementing a recovery audit program, or other control activities over
contractor payments.
[36] Department of Defense, Office of Inspector General, Identification
and Reporting of Improper Payments Through Recovery Auditing, D-2007-
110 (Arlington, Va.: July 9, 2007).
[37] Select reporting elements listed in OMB guidance that we reviewed
include (1) a general description of steps to carry out a recovery
auditing program, (2) a corrective action plan to address root causes
of payment error, (3) a description and justification of the classes of
contracts excluded from the auditing review by the agency head, and (4)
a general description and evaluation of any management improvement
program.
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "Subscribe to Updates."
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. Government Accountability Office:
441 G Street NW, Room LM:
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: [email protected]:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Gloria Jarmon, Managing Director, [email protected]:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, [email protected]:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548:
*** End of document. ***