Mr. Chairman, Members of the Committee, I am Dr. Michael A. Friedman, Lead
Deputy Commissioner for Food and Drugs. With me today, are Robert J. Byrd,
Deputy Commissioner for Management and Systems (OMS) and Dr. Kathryn C.
Zoon, Director, Center for Biologics Evaluation and Research (CBER). We
appreciate the opportunity to discuss the Food and Drug Administration's
(FDA or the Agency) management and procurement policies and practices in
general, and specifically as they relate to CBER. Effective use and
management of the limited public health resources available to the Agency
always must be one of our priorities. We fully appreciate the Committee's
and the public's interest in knowing that the funds we are provided are
spent prudently, and that our management, financial and accounting systems
incorporate adequate precautions against waste, fraud and abuse.
Approximately a year ago, the Committee initiated an investigation of FDA's
management practices, focusing specifically on information and procurement
systems at CBER. During the course of this investigation, the Agency has
responded to ten letters from the Chairman and dozens of follow-up
inquiries from Committee staff requesting documents and information related
to this investigation. The most recent of these letters was received March
11, 1998. In addition to the thousands of pages of documents the Agency has
produced, a number of Agency employees have been interviewed, although no
Agency representative has been at those interviews. On Friday, March 20,
just over one week ago, Committee staff presented the Agency a somewhat
detailed, 20 page summary of findings and allegations. These findings and
allegations generally related to the Agency's property management system,
and financial and accounting controls related to the use of Agency credit
cards and blanket purchase agreements. Many of the findings in the staff
summary previously had been presented to the Agency in the course of
ongoing Department-wide oversight or had been identified by the Agency
through its own oversight activities. As such, the staff's findings as they
relate to these reports/items are not new to the Agency and, in fact, have
been or are being addressed. There are many allegations presented in the
summary, however, that go beyond prior official findings. In most cases
these allegations are accounts of incidents or actions which occurred
during the day-to-day conduct of the Agency's business, and which staff
suggests are evidence that the Agency's management systems are deficient.
It should be noted that during the course of the year long investigation
the Agency never was consulted regarding the propriety of the actions which
the staff thought questionable or whether improper actions had been
identified and addressed previously by the Agency. Such consultation
ordinarily is an important element of any audit of financial practices and
systems.
We have not had the opportunity to completely analyze these allegations
point-by-point. Our review of the points raised, however, does confirm that
for the most part the Agency's efforts to identify weaknesses have been
effective. We are committed to ensuring that proper systems of management
controls are in place to safeguard the integrity of our programs. As will
be described in more detail below, while we have not fixed everything, our
efforts are directed to strengthening and improving these systems. We would
welcome the opportunity to work with the Committee in this regard. My
testimony will address generally the two broad areas identified in the
Committee staff summary, focusing on the systems we have in place and any
changes/improvements that are being made.
OVERVIEW
Before we address our specific policies and practices, let me describe the
scope of what is being managed. With an annual budget in Fiscal Year (FY)
1997 of just about one billion dollars, approximately 9,100 employees work
to protect, promote and enhance the health of the American people. Of that
one billion, approximately 64 percent is for salaries and benefits and 8
percent for rental payments and buildings and facilities, leaving 28 for
other operating expenses. Other operating expenses include travel and
transportation, supplies and equipment, and contract services. During FY97,
the total amount obligated for capitalized equipment was $6.3 million or
.63 percent (less than one percent) of FDA's FY97 budget. In addition, the
Agency manages extensive property and equipment assets, which had a net
book value of $162,722,645 as of September 30, 1997. Of this amount, $34.9
million is the total net book value of capitalized equipment.
The Agency is organized into six Centers and a field staff that is located
in six Regions, 21 District Offices, 17 District Laboratories, and more
than 130 Resident Posts. Agency headquarters and five of the six Centers,
with approximately 65 percent of the Agency's employees, are located in
approximately 40 buildings at 16 locations in the Washington, D.C.
metropolitan area.
ACCOUNTABILITY SYSTEMS
The Office of Management and Systems (OMS), headed by a Deputy Commissioner
who reports directly to the Commissioner, is responsible for effectively
managing the Agency's resources. This responsibility encompasses
facilities, acquisitions, central services and supplies, budget and
finance, human resources management services, information resources, and
planning and evaluation. OMS coordinates Agency use of resources, develops
program and planning responsibilities, and ensures implementation of policy
directives set forth by government-wide initiatives, including: Federal
Managers Financial Integrity Act, Chief Financial Officers Act, Government
Performance Results Act, Government Management Reform Act, Federal
Acquisition Reform Act, Information Technology Management Reform Act, and
Executive Orders. Many of these initiatives incorporate annual reporting
requirements, which serve as mechanisms to improve accounting and financial
management review. In particular, the Federal Managers' Financial Integrity
Act (FMFIA) of 1982 requires Federal agencies to develop and maintain
systems for assessing, correcting, and reporting on management controls in
order to improve accountability and effectiveness.
While OMS coordinates and ultimately is responsible for the Agency's fiscal
health, the day-to-day budget functions and operations have been delegated
to the Centers to manage. Within each Center is an Office of Management,
headed by an Executive Officer, who reports directly to the Center Director
and who is responsible for managing all aspects of the Center's budget. In
1995, a "bottom up" approach was initiated that assigned responsibility to
each Center for developing the "Letter of Assurance" statement and
documenting all significant FMFIA accomplishments for the year. This
approach allows the Centers more flexibility to make management decisions
that best fit that particular Center's mission and provides Centers direct
oversight responsibility for how their resources are managed, within
general Agency guidelines.
The Agency and the Centers continuously strive to assess the adequacy and
to improve the effectiveness of their systems and procedures to protect
against waste, fraud, and abuse. There are numerous examples, including two
of the specific matters referenced in the staff summary, where instances of
procurement system improprieties have been identified, investigated and
acted upon as a result of the existing management/fiscal controls under
which procurements are made.
In addition to the required annual reporting and management tools
established pursuant to the laws referenced above, there are additional
oversight tools that assist the Agency in assuring our management systems
are healthy. These tools include audits done by outside entities such as
the General Accounting Office (GAO) or the Office of the Inspector General
(OIG). While there have not been recent GAO investigations specific to the
Agency's financial or property management, there have been three recent OIG
audits of specific interest to the Committee:
- "Report on the Financial Statement Audit of the Food and Drug
Administration for Fiscal Year 1996," June 1997;
- "Compliance with the Prompt Payment Act by the Food and Drug
Administration," May 1997; and,
- "Review of the Food and Drug Administration's Internal Controls Over Its
Purchase Card Activities," March 1998.
"Report on the Financial Statement Audit of the Food and Drug
Administration for Fiscal Year 1996"
The Government Management Reform Act (GMRA) of 1994 requires executive
agencies to have agency-wide audited financial statements beginning with
FY96. This audit by Gardiner, Kamya & Associates, P.C., on behalf of the
OIG, U.S. Department of Health and Human Services (HHS), was conducted to comply
with GMRA.
As reported in Section II, Overview of the Report: The Food and Drug
Administration (FDA) had prepared and submitted audited financial
statements covering its commercial type entities, as required by the CFO
Act, for FYs 1991 to 1994. For FY 1995, FDA prepared its first entity-wide
financial statements, even though it was not required by law or subject to
audit. Included as part of this annual report are FDA's FY 1996 audited
financial statements. The completion of these statements reflects FDA's
compliance with GMRA and its commitment to instilling effective and
efficient financial management practices within its program and
operations.1
In the review, the OIG specifically looked at FDA's compliance with FMFIA,
which compliance was characterized favorably: The FDA continues to strive
to comply with the effective and efficient management of all program areas
and has made substantial progress in implementing FMFIA. Proper measures
have been taken to ensure that systems of management control are in place
to help financial managers achieve desired results and safeguard the
integrity of their programs. A new "bottom's up" reporting mechanism was
instituted during FY 1995 to allow all levels of management throughout FDA
to become involved in the process. As such, the Agency will be in a better
position to identify weaknesses and move aggressively to correct them. This
includes implementation of safeguards to prevent waste, fraud and
mismanagement of Agency resources. The new approach supports streamlining
efforts, delegates authority and accountability deeper in the organization
and ensures that controls benefit rather than encumber FDA management.2
The audit identified one "material weakness"3 and two "reportable
conditions"4. The material weakness identified was a $36.4 million
discrepancy between the general ledger, which documents the
orders/payments, and the subsidiary ledger for property, which documents
the property in inventory. This discrepancy was due to the fact the two
ledgers were not reconciled, not that $36.4 million in property was
missing. The reportable conditions related to the financial accounting for
property, plant, and equipment, which contributed to the material weakness.
FDA developed a comprehensive Corrective Action Plan specifically to
address the material weakness, the reportable conditions, and the
underlying deficiencies in the Agency's property management systems and
procedures. The objective of this plan is to reduce and ultimately to
eliminate the discrepancy and to put in place systems to ensure such
conditions do not reoccur. As of March 27, 1998, we believe we have
accounted for 95 percent of our total property inventory, and the process
of reconciliation is continuing.
Due to weaknesses identified in our property inventory system, an
Agency-wide wall-to-wall inventory was initiated in FY97. As a part of this
effort, CBER retrained all CBER Personal Property Custodial Officers (PCOs)
and an inventory review of all CBER accountable property was conducted by a
CBER contractor in conjunction with CBER's PCOs. This review included
scanning all bar coded property and bar coding property not previously bar
coded. The results of this inventory are being provided to the Agency's
Office of Facilities, Acquisitions, and Contract Services (OFACS), to enter
the data into the Agency's inventory system.
This review is the first phase of the Agency-wide inventory being
conducted. The Agency is nearing the end of the laborious process of
reconciling the data gathered from each Center with Agency records. The end
result, which should be completed by the end of this month, will be a
wall-to-wall inventory of all Agency accountable property. This inventory
will then be used as the baseline for future, and routine inventory audits
and reports.
In addition, an Agency-wide working group was established in June 1997 to
consider issues pertaining to personal property management, specifically:
1) authority, responsibility and accountability; 2) centralization,
decentralization and integration; 3) revision of the Staff Manual Guide and
the Property Custodial Officer Handbook; 4) identification of "best
practices" to implement; and, 5) follow-up on the corrective actions taken
and planned by the Centers and ORA in response to an April 1995 Alternative
Management Control Review. In November 1997, the working group released its
draft recommendations, including proposed duties and responsibilities for
designated officials with authority to manage the Agency's personal
property program. Upon completion of the wall-to-wall inventory, the
working group will prepare an action plan to achieve full implementation by
September 30, 1998 of corrections and improvements to the property
management system.
As the Committee and independent auditors have pointed out, our inventory
systems have been less than comprehensive. These are just two examples of
efforts that are underway to complete a comprehensive inventory of property
and to correct previously ineffective methods for ensuring accountability
of our property.
"Compliance with the Prompt Payment Act by the Food and Drug
Administration"
The objective of this HHS/OIG audit was to determine whether FDA is in
compliance with the Prompt Payment Act. The OIG found the Agency did not
meet OMB's performance standards and made recommendations for improving our
process of making payments, of reporting on progress and problems, and of
assessing the reliability of our payment process.
Overall, the Agency concurred with the OIG's recommendations and, to date,
we have made changes in our payment structure to ensure the integrity of
the payment process. These changes include instituting a random audit of
documentation prior to payment and a Quality Control program that will be
in place for the third quarter of this fiscal year.
"Review of the Food and Drug Administration's Internal Controls Over Its
Purchase Card Activities"
Last year the OIG conducted an audit of executive agencies' use and
management of purchase cards (IMPAC or Bankcard). The objective was to
determine if agencies had designed and implemented adequate controls over
purchase card activities.
It might be of interest to the Committee to know that the FDA
IMPAC/Bankcard program started in FY89 on a test basis in the Center for
Devices and Radiological Health with a total of 24 card holders. After a
complete review of the program by OFACS and Office of Financial Management
(O.F.M.) to determine the effectiveness of the program, it was expanded
Agency-wide. This expansion was started in FY95. Since that time, the
program has grown to include 1147 cardholders and 309 approving officials.
In FY97, FDA did 47,161 actions via the IMPAC card and saved nearly $4
million in administrative costs over doing individual purchase orders.
The OIG review was not the first review or management assessment related to
Bankcard use. For instance, during FY96 CBER's Office of Management, in
conjunction with OFACS, conducted training sessions on the Bankcard Manual
Policies and Procedures to ensure center-wide consistency and compliance
with procedures and regulations. In addition, the Agency's OFM. and OFACS
conducted periodic audits of FDA Bankcard Program cardholder's records. The
periodic reviews consisted of randomly selecting one month out of the
period covered. Once the month was chosen, 20 percent of all active
cardholders in Headquarters were selected randomly for review. Findings
were documented, and corrective action was taken on each discrepancy found.
Since FY96, periodic audits have continued. During FY97, CBER conducted a
management assessment with 25 IMPAC cardholders, including an evaluation of
guidance compliance, security practices, and one-on-one training of
cardholders. Of the 25 cardholders, one cardholder did not keep his/her
card and files in a secure area and one cardholder did not keep his/her
files in a secure area. Training was provided to both cardholders
identified, and both informed their Policy Coordinators when their locks
had been installed. Training also was provided to any other cardholder who
may have had questions regarding IMPAC procedures and policies.
In addition, OMS/OFACS conducted several evaluations related to IMPAC
cards:
- Internal audits of the IMPAC Bankcard program at Headquarters. These
audits identified concerns in recordkeeping, and corrective steps were
taken. For example, each cardholder would be counseled in proper use of the
card and documentation and reporting requirements. In addition, Executive
Management Staff reviewed the specific concerns, reviewed the SOP and
internal processes to improve practices and ensure accountability,
continued to perform internal audits, and used the monthly Newsletter as a
means to disseminate reminders and guidance in using the bankcard.
- Evaluation of "Automated IMPAC Management System (AIMS)" pilot program.
The system was intended to allow the Office of Financial Management to
better reconcile credit card purchase statements and check for abuse. This
pilot for a software system proved to be insufficient to meet the intended
need. The pilot, however, did have value in that it helped us identify the
elements such a program should have.
- Review of grants and cooperative agreements, as set forth in the Grants
Management System Review Guide. No significant errors were found.
The March 2, 1998 report from the OIG stated: Generally, we found that FDA
followed general guidelines provided by the General Services Administration
(GSA) for the use of credit cards and designed and implemented adequate
management controls over their use in its headquarters operations . . .The
Division of Accounting (DOA) and the Agency Program Coordinator conduct
oversight reviews of the credit card operation. On a monthly basis, they
select a random number of 20 percent of the cardholders and conduct reviews
of the acquisition files of the selected cardholders. The reviews are
focused on assessing the adequacy of the documentation and compliance with
published procedures, as well as on identifying unauthorized purchases, and
evidence of improper order splitting. In case of impropriety, FDA starts
administrative actions, including criminal prosecution or disciplinary
action, as appropriate.5
The OIG recommended that the Agency fully evaluate the adequacy of the
controls over the purchase card program as certain basic controls, such as
separation of duties, inherently are missing in the purchase card system.
FDA concurred with the recommendation and OMS has established a team to
review the internal controls each Center/Office has in place. Specifically,
the team will evaluate the adequacy and effectiveness of compensating
controls over its purchase card activities. They will conduct interviews
and surveys to determine: 1) the compensating controls each Center/Office
has in place; 2) the adequacy of the documentation kept by approving
officials to support their monthly reviews of the controls; and, 3) the
frequency and methods of communication between card holders and their
approving officials. The evaluating team will begin with CBER and the
target date for completion is early June 1998.
COMPUTER EQUIPMENT PROCUREMENT AND MANAGEMENT
Most of the concerns raised in the staff summary involving computer
equipment purchases relate to the larger issues of property management and
financial controls on purchases. Over the past 5 years the Agency's
information technology needs and inventory have expanded commensurate with
the evolution of such technology and with the necessity to support the
Agency's work through effective utilization of such technology. Much of
this occurred with implementation of the Prescription Drug User Fee Act of
1992 (PDUFA). The Agency could meet the performance goals contemplated with
the legislation only through effective adoption and use of state-of-the-art
information technology, and PDUFA provided the funding through which such
technology could be acquired.
Several years of experience under PDUFA brought the realization that there
was a need to strengthen and focus the Agency's information technology
program. In 1996, the Agency established the position of Chief Information
Officer (CIO) in the OMS. The CIO is responsible for establishing a
comprehensive Agency-level information technology policy consistent with
the Information Technology Management Reform Act of 1996. One of the first
projects undertaken by the CIO was development and promulgation of an
Agency-wide policy for information technology purchases. That policy
retains sufficient delegation authority to the Centers to allow for
satisfaction of center program needs, while ensuring that information
technology purchases are accomplished in the most cost effective manner and
with sufficient management controls to minimize waste, fraud, and abuse.
Additionally, as of January 1998, CBER has established a position of CIO
for the Center, to serve as the liaison between the Center and the Agency's
CIO.
CONCLUSION
Mr. Chairman, the Agency has been faced with many difficult challenges. We
have experienced significant budget and personnel reductions, we are facing
the fiscal challenge of implementing the many requirements of the FDA
Modernization Act, and we are looking toward anticipated costs of meeting
the Year 2000 needs.
In the face of a workload growing at the annual rate of 12 percent for the
last 4 years, FDA has boosted the efficiency of its application reviews by
17 percent over the same time frame. FDA's improved performance has been
recognized by such outside groups as Harvard University's Kennedy School of
Government, the Ford Foundation, and the Council in Excellence in
Government, which gave FDA the prestigious Innovations in Government Award
last Fall.
We have focused our attention on how we maintain our charge of protecting
and promoting the public health while meeting or preparing for the
budgetary challenges ahead. We have not, however, lost sight of the
managerial and fiscal responsibilities and accountabilites we have to the
American public. There is no question that the property management system
needs to be strengthened. Optimizing that system has been and will continue
to be a substantial undertaking, which must be completed expeditiously.
I again want to assure the Committee of our willingness to address
managerial and fiscal deficiencies where they exist, and to assist the
Committee in its assessment of the adequacy of our systems. As you know, we
take our public health mission very seriously. We equally take seriously,
our obligation to fiscal responsibility so as to maintain the public's
trust. Accountability and transparency in the process benefits us all.
I would be happy to take any questions the Committee might have.
1. "Report on the Financial Statement Audit of the Food and Drug
Administration for Fiscal Year 1996", Department of Health and Human
Services, Office of the Inspector General, June 1997, page II-1.
2. Id., pages II - 4-5.
3. "....a condition in which the design or operation of one or more of the
internal control structure elements does not reduce to a relatively low
level the risk that errors or irregularities in amounts that would be
material in relation to the financial statements being audited, or material
to a performance indicator or aggregation of related performances
indicators, may occur and not be detected within a timely period by
employees in the normal course of performing their assigned functions.,"
Id., pages I-5.
4. "Reportable conditions involve matters...relating to significant
deficiencies in the design or operation of the internal control structure
over financial reporting that...could adversely affect [an agency's]
ability to ensure that the objectives of the internal control structure as
previously defined are being achieved.," Id., page. I-5.
5. Review of the Food and Drug Administration's Internal Controls Over Its
Purchase Card Activities," U.S. Department of Health and Human Services, Office
of the Inspector General, March 1998, page 1.