Department of Homeland Security: Challenges in Implementing the Improper Payments Information Act and Recovering Improper Payments

GAO-07-913 September 19, 2007
Highlights Page (PDF)   Full Report (PDF, 53 pages)   Accessible Text   Recommendations (HTML)

Summary

The federal government is accountable for how its agencies and grantees spend more than $2 trillion of taxpayer dollars and is responsible for safeguarding those funds against improper payments as well as for recouping those funds when improper payments occur. The Congress enacted the Improper Payments Information Act of 2002 (IPIA) and the Recovery Auditing Act to address these issues. Fiscal year 2006 marked the third year that agencies were required to report improper payment and recovery audit information in their Performance and Accountability Reports. The Department of Homeland Security (DHS) reported limited information during these 3 years. GAO was asked to (1) determine the extent to which DHS has implemented the requirements of IPIA, (2) identify actions DHS has under way to improve IPIA compliance and reporting, and (3) determine what efforts DHS has in place to recover improper payments. To accomplish this, GAO analyzed DHS's internal guidance and action plans, and reviewed information reported in its Performance and Accountability Reports.

DHS has made some progress in implementing IPIA requirements, but much more work remains for the agency to become compliant with IPIA. For example, while DHS has made progress in identifying its programs, for fiscal year 2006, the agency did not perform the required first step--a risk assessment--on approximately $13 billion of its more than $29 billion in disbursements subject to IPIA. Until DHS fully assesses its programs, the potential magnitude of improper payments is unknown. For the remaining $16 billion, DHS determined that two programs-- Individuals and Households Program (IHP) assistance payments and disaster-related vendor payments--were at high risk for issuing improper payments and reported related estimates. For the $13 billion for which no risk assessment was performed, DHS has encountered challenges with IPIA implementation. Of this amount, over $6 billion relates to payments for grant programs. Developing a plan to assess risk and potentially test grant payments is important given that the DHS Office of Inspector General, GAO, and other auditors have identified weaknesses in grant programs. This will allow DHS to gain a better understanding of its risk for improper payments and potentially reduce future improper payments. DHS has actions under way to improve IPIA reporting and compliance, but does not plan to be fully compliant in fiscal year 2007. DHS has prepared a plan to address its noncompliance with IPIA, which included updating its guidance to focus on program identification and risk assessments to build a foundation for a sustainable IPIA program. In addition, DHS has developed plans to reduce improper payments related to its two identified high-risk programs. However, until DHS fully completes the required risk assessments for all of its programs and then estimates for risk-susceptible programs, it is not known whether other programs have significant improper payments that also need to be addressed. In addition, DHS's efforts to recover improper payments could be improved. According to DHS, four of its components meet the criteria for recovery auditing as specified in the Recovery Auditing Act. These four components make at least $4 billion of contractor payments each fiscal year. DHS encountered problems that kept it from reporting on recovery audit efforts during fiscal year 2006 for three of the four components, and did not perform recovery auditing at the fourth component. In March 2007, DHS revised its guidance to clarify what is expected; however, ongoing oversight will be necessary to monitor the components' progress. In addition, DHS has reported limited information on its efforts to recover specific improper payments identified during its testing of high-risk programs. Although DHS is not currently required to do so, reporting this information would provide a more complete picture of the agency's actions to recover payments that it has identified as being improper.



Recommendations

Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Implemented" or "Not implemented" based on our follow up work.

Director:
Team:
Phone:
McCoy Williams
Government Accountability Office: Financial Management and Assurance
(202) 516-6906


Recommendations for Executive Action


Recommendation: To help improve its efforts to implement IPIA and recover improper payments, the Secretary of Homeland Security should direct the Chief Financial Officer to maintain oversight and control over critical milestones identified in the DHS corrective action plan for IPIA compliance so that DHS components stay on track, specifically in regard to identifying programs and performing risk assessments and any related testing.

Agency Affected: Department of Homeland Security

Status: In process

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Recommendation: To help improve its efforts to implement IPIA and recover improper payments, the Secretary of Homeland Security should direct the Chief Financial Officer to require all applicable components to determine and document how they plan to assess their grant programs to determine whether they are at high risk for issuing significant improper payments, and, if necessary, test these grant programs.

Agency Affected: Department of Homeland Security

Status: In process

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Recommendation: To help improve its efforts to implement IPIA and recover improper payments, the Secretary of Homeland Security should direct the Chief Financial Officer to provide oversight and monitor the progress of all applicable DHS components to successfully perform and report on their recovery auditing efforts.

Agency Affected: Department of Homeland Security

Status: In process

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Recommendation: To help improve its efforts to implement IPIA and recover improper payments, the Secretary of Homeland Security should direct the Chief Financial Officer to, similar to the required reporting on efforts to recover improper payments made to contractors under the Recovery Auditing Act, develop procedures for reporting in its annual Performance and Accountability Reports on the results of yearly efforts to recover any other known improper payments identified under IPIA, by the DHS Office of the Inspector General, or other external auditors.

Agency Affected: Department of Homeland Security

Status: In process

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.