Summary

On January 31, 2008, we testified before Congress' subcommittee at a hearing entitled, "Eliminating Agency Payment Errors." At the hearing, we discussed federal agencies' progress in addressing key requirements of the Improper Payments Information Act of 2002 (IPIA) and Section 831 of the National Defense Authorization Act for Fiscal Year 2002, commonly known as the Recovery Auditing Act. Our review and testimony focused on (1) progress made in agencies' implementation and reporting under IPIA for fiscal year 2007, (2) remaining challenges with IPIA implementation, and (3) agencies' efforts to report recovery auditing information. This report responds to your March 13, 2008, request to provide answers to follow-up questions relating to our January 31, 2008, testimony. (1) What kinds of changes should be made to the Single Audit Act, which already requires recipients to have proper systems of internal control to ensure front-end compliance with Federal requirements that would assist in identification and reduction of improper payments? The FY 2007 Audit Report on the Consolidated Financial Statement indicates that the Federal government's inability to determine the extent to which improper payments occur is one of the major government-wide material weaknesses that led to GAO's adverse opinion on internal control. (2) Did this compliance issue translate to reportable conditions or limitations in opinions on financial statements at the individual departments? Are CFO Act financial statement internal control and substantive audit tests of disbursements as stringent as they need to be? The expansion of government-wide systems for third party data matches across government programs sounds like an important program integrity improvement and potential cost savings initiative. (3) How can we ensure that all agencies across government are pursuing automated data checks across agencies and programs whose data they are reliant upon wherever this makes sense? How can we provide access to necessary data across government to improve program integrity over payments without requiring new authority on a case by case basis? The role of the certifying officers at disbursing agencies provides the last line of defense in preventing many improper payments. Under Treasury regulation, certifying officers at disbursing agencies must certify that payments are legal, proper, and correct at disbursement. (4) Are these personnel provided the necessary tools to perform their jobs including proper training and authority? Are they ever pressured to release questionable payments to maintain productivity levels and thus sacrificing quality for quantity due to competing agency demands? What can Congress and Office of Management and Budget (OMB) do to strengthen their role across government? (5) Is agency management doing enough to hold people accountable for program integrity? Is success in setting improper payments reduction targets and meeting those targets a factor in managers' performance evaluations or pay and bonus determinations? Should we have government-wide performance standards for proper payment goals and expectations? Are agencies being aggressive enough with their reduction targets? There has been some debate in the subcommittee about whether the reporting threshold in the Improper Payments Information Act should be lower. (6) Can GAO explain for Congress what you do to ensure that programs that are not reporting improper payments are still doing all they can to improve program integrity?

(1) We have not performed an analysis to determine whether any changes should be made to the Single Audit Act to specifically assist in the identification and reduction of improper payments for state-administered federal programs. However, preventing, identifying, and reporting improper payments are primarily management's responsibility. (2) The federal government's inability to determine the extent to which improper payments occur has not directly contributed to the audit opinion on an individual agency's financial statements. The primary purpose of a financial statement audit is to provide reasonable assurance through an opinion (or disclaim an opinion) about whether an entity's financial statements are presented fairly in all material respects in conformity with generally accepted accounting principles (GAAP). The existence of improper payments does not directly affect the auditor's opinion on financial statements. (3) When effectively implemented, data sharing can be particularly useful in confirming initial or continuing eligibility of participants in benefit programs and in identifying improper payments that have already been made. For example, for the Department of Labor's Unemployment Insurance Program, states are coordinating with HHS to use the National Directory of New Hires database. The Office of Personnel Management also has data matching programs with the Departments of Defense, Labor, and Veterans Affairs, and with the Social Security Administration to verify recipient eligibility for its retirement program. (4) Certifying officers play a significant role in the accountability for public funds. A certifying officer is a government officer or employee whose job is or includes certifying vouchers, including voucher schedules or invoices used as vouchers, for payment by disbursing officers. By federal law, certifying officers are responsible for (1) the correctness of the facts in the certificate, voucher, and supporting documentation; (2) the correctness of computations on the voucher; and (3) the legality of a proposed payment under the appropriation or fund involved. The law also provides that a certifying officer is personally, financially accountable for the amount of any "illegal, improper, or incorrect" payment resulting from his or her inaccurate or misleading certification, as well as for any payment prohibited by law or which does not represent a legal obligation of the appropriation or fund involved. (5) Our review of agencies' fiscal year 2007 IPIA reporting did not include an in-depth analysis of the steps an agency has taken or plans to take to ensure manager accountability for reducing improper payments, set governmentwide performance standards for proper payment goals and expectations, or establish agency-reported error rate targets for reducing improper payments. However, we can offer some general observations based on our PAR reviews and previously reported work. As part of agencies' fiscal year 2007 IPIA reporting, eight agencies reported that the responsibility for improper payments was included in management's performance appraisals, they had established performance measures to address this issue, accountability existed through legislation governing certifying and disbursing officers, or a combination of these actions. (6) In a March 12, 2008, letter, we provided Congress' subcommittee general observations as well as some suggestions on the provisions introduced to amend IPIA and recovery auditing requirements under Section 831 of the National Defense Authorization Act for Fiscal Year 2002. Our letter addressed several key issues, including (1) identification of susceptible programs and activities and risk assessments, (2) improper payment reporting, (3) recovery auditing, and (4) internal control requirements.