This is the accessible text file for GAO report number GAO-07-834R 
entitled 'Improper Payments: Responses to Posthearing Questions Related 
to Agencies' Progress in Addressing Improper Payment and Recovery 
Auditing Requirements' which was released on May 30, 2007. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

May 30, 2007: 

The Honorable Thomas R. Carper: 
Chairman, Subcommittee on Federal Financial Management, Government 
Information, Federal Services, and International Security: 
Committee on Homeland Security and Governmental Affairs: 
United States Senate: 

Subject: Improper Payments: Responses to Posthearing Questions Related 
to Agencies' Progress in Addressing Improper Payment and Recovery 
Auditing Requirements: 

Dear Mr. Chairman: 

On March 29, 2007, we testified[Footnote 1] before your subcommittee at 
a hearing entitled, "Eliminating and Recovering Improper Payments." At 
the hearing, we discussed federal agencies' progress in addressing key 
requirements of the Improper Payments Information Act of 2002 
(IPIA)[Footnote 2] and Section 831 of the National Defense 
Authorization Act for Fiscal Year 2002, commonly known as the Recovery 
Auditing Act.[Footnote 3] Our review and testimony focused on (1) 
trends in agencies' reporting under IPIA from fiscal years 2004 through 
2006, (2) challenges in reporting improper payment information and 
improving internal control, and (3) agencies' reporting of recovery 
auditing efforts. 

This letter responds to your April 18, 2007, request to provide answers 
to follow-up questions relating to our March 29, 2007, testimony. The 
responses are based on work associated with previously issued GAO 
products (see Related GAO Products at the end of this report) and data 
reported in agencies' performance and accountability reports (PAR). 
Your questions, along with our responses, follow. 

1. In your written testimony, you state that over half of the programs 
reporting improper payment estimates also had reported management 
challenges, including internal control issues that may have a direct 
impact on improper payment issues. Could you provide us with an example 
of how internal control issues increase the risk that agencies will 
make improper payments? What guidelines are available or where can 
agencies go to learn how to manage improper payments and implement 
strong internal controls? 

Internal control is a major part of managing an organization. It 
comprises the plans, methods, and procedures used to meet missions, 
goals, and objectives that support performance-based management. 
Internal control serves as the first line of defense in safeguarding 
assets and preventing and detecting errors and fraud. Strong systems of 
internal control provide reasonable assurance that programs are 
operating as intended and are achieving expected outcomes. Generally, 
improper payments result from a lack of or an inadequate system of 
internal controls, but some result from program design issues. 

For fiscal year 2006, agency auditors reported numerous internal 
control weaknesses that could increase the risk of improper payments. 
For example, at the National Science Foundation (NSF), agency auditors 
identified two reportable conditions during their examination of the 
effectiveness of NSF's internal control over financial reporting. These 
reportable conditions related to oversight of grants and cooperative 
agreements and monitoring of contracts. For the first reportable 
condition, auditors found that NSF's monitoring process to ensure that 
expenditures were allowable, allocable, and reasonable under the terms 
of the grant award or agreement lacked oversight reviews for 286, or 
about 84 percent, of high-risk awards,[Footnote 4] totaling 
approximately $2.7 billion for fiscal year 2006. As such, NSF could not 
ensure that federal funds were properly spent on allowable costs 
benefiting NSF's research activities. The auditors recommended, among 
other things, that NSF management expand the coverage of review for its 
high-risk awards. 

Regarding the second reportable condition, the auditors reported that 
NSF did not have a comprehensive, risk-based system, including detailed 
policies and procedures, in place to oversee and monitor its contract 
awards totaling about $550 million for fiscal year 2006. This lack of 
appropriate contract oversight was evident during the auditor's review 
of NSF's largest contractor responsible for acquiring, maintaining, and 
performing a physical inventory of NSF's property, plant, and equipment 
(PP&E). The auditors reported that NSF did not perform any independent 
verification of the PP&E amounts reported by the contractor, and did 
not maintain copies of source documentation supporting the amounts 
included in the financial statements. The auditors recommended that NSF 
develop a more comprehensive, risk-based, internal management 
monitoring program to ensure that contractors use NSF funds consistent 
with the objectives of the contract, and that funds are protected from 
waste, fraud, or mismanagement. 

There are two key resources available to agencies for implementing 
strong internal control and managing improper payments. First, our 
Standards for Internal Control in the Federal Government[Footnote 5] 
provides an overall framework for entities to establish control for all 
aspects of their operations and a basis against which entities' control 
structures can be evaluated. Specifically, internal control provides 
reasonable assurance that an organization's objectives are achieved 
through (1) effective and efficient operations, (2) reliable financial 
reporting, and (3) compliance with laws and regulations. 

Second, our executive guide[Footnote 6] on strategies to manage 
improper payments focuses on internal control standards as they relate 
to reducing improper payments. The five components of internal control-
-control environment, risk assessment, control activities, information 
and communication, and monitoring--are defined in the executive guide 
in relation to improper payments as follows: 

* Control environment--creating a culture of accountability by 
establishing a positive and supportive attitude toward improvement and 
the achievement of established program outcomes. 

* Risk assessment--analyzing program operations to determine if risks 
exist and the nature and extent of the risks identified. 

* Control activities--taking actions to address identified risk areas 
and help ensure that management's decisions and plans are carried out 
and program objectives are met. 

* Information and communication--using and sharing relevant, reliable, 
and timely financial and nonfinancial information in managing 
activities related to improper payments. 

* Monitoring--tracking improvement initiatives over time, and 
identifying additional actions needed to further improve program 
efficiency and effectiveness. 

2. In your written testimony, you note that the Improper Payments 
Information Act does not include a requirement for auditors to assess 
agencies' compliance with the Act. Would there be any value in making 
this a requirement of agency auditors? 

As we stated in our testimony, IPIA does not include a separate 
reporting requirement for auditors to assess agencies' compliance with 
the act. However, where agencies' auditors have elected to test 
specific compliance with IPIA, their assessments have provided a 
valuable independent validation of agencies' efforts to implement the 
act. For example, we found that for the selected agencies we reviewed, 
some agencies' auditors reported problems relating to agencies' risk 
assessments, the definition of programs for IPIA purposes, sampling 
methodologies, lack of reporting for all risk-susceptible programs, and 
supporting documentation. 

Identification of any deficiencies in implementing IPIA helps agencies 
determine if risks exist, what those risks are, and the potential or 
actual effect of those risks on program operations. Independent 
assessments of these estimates would also enhance an agency's ability 
to identify sound performance measures, monitor progress against those 
measures, and help establish performance and results expectations. 
Finally, independent assessments of agencies' improper payments 
estimates would enable agencies and others with oversight and 
monitoring responsibilities to measure progress over time and determine 
whether further action is needed to minimize future improper payments. 

3. You have stated that certain methodologies used to estimate improper 
payments did not result in accurate estimates. Could you please explain 
what this means? What needs to be done to help ensure that amounts 
reported by agencies are accurate? 

As we reported in our testimony, the $42 billion total improper payment 
estimate reported by agencies for fiscal year 2006 may not reflect the 
full magnitude of total improper payments. We noted that agencies 
employed different sampling methodologies to estimate improper 
payments, including statistical sampling, nonstatistical sampling, or a 
combination of the two.[Footnote 7] The advantage of using statistical 
sampling is that sample results can be generalized to the entire 
population from which the sample was taken. Thus, a properly designed 
statistical sampling methodology provides a more accurate 
representation of the extent to which improper payments exist within a 
given program or activity. On the other hand, results of a 
nongeneralizable, or judgmental, sample may not be extrapolated beyond 
the sample transactions tested. For fiscal year 2006, we found that 
seven agencies did not use statistical sampling to estimate improper 
payments for nine programs totaling about $202 million, with program 
outlays exceeding $88 billion. Because the results of nongeneralizable 
sample selections cannot be extrapolated beyond the sampled items, the 
improper payment estimate for these programs would likely have been 
much greater had statistically valid methods been used. 

Agency statisticians should be engaged throughout the sampling process, 
from design of the sampling methodology to evaluation of the results. 
This is consistent with OMB's revised IPIA implementation 
guidance,[Footnote 8] which provides general steps that agencies should 
follow to obtain a statistically valid improper payment estimate. 
Specifically, OMB guidance emphasizes that most agencies will need to 
consult with a statistician to design an appropriate sample that 
considers payment universes with divergent dollar amounts, types of 
payments, or both, and samples that involve multiple stages of 
selection or stratification. Further, additional oversight of agencies' 
sampling methodologies could help ensure that amounts reported by 
agencies are accurate and, in turn, enable agencies to measure progress 
over time and determine whether further action is needed to minimize 
future improper payments. 

4. As you know, the Improper Payments Information Act requires 
agencies, with respect to any program or activity with estimated 
improper payments of more than $10 million, file a report along with 
their improper payments estimates that includes at least four things: 

a. a discussion of the causes of improper payments identified, actions 
taken to correct those causes, and results of the actions taken to 
address those causes; 

b. a statement of whether the agency has the information systems and 
other infrastructure it needs in order to reduce improper payments to 
minimal cost-effective levels; 

c. If the agency does not have such systems and infrastructure, a 
description of the resources the agency has requested in its budget 
submission to obtain the necessary information systems and 
infrastructure; and: 

d. a description of the steps the agency has taken to ensure that 
agency managers (including the agency head) are held accountable for 
reducing improper payments. 

Do you think these are the right things we should be asking agencies to 
report on? What, if anything, would you add or take away from the 
reporting requirements under the Act? 

The current IPIA reporting requirements increase the visibility over 
the governmentwide improper payments problem and transparency of 
agencies' efforts to address improper payments in their programs. 
Improper payments are a significant problem in the federal government 
and information on actions taken, and the results of those actions, is 
a critical element in the overall process of reducing improper 
payments. Prior to implementation of IPIA, we issued several 
reports[Footnote 9] on governmentwide improper payments. Our reviews 
showed that the type and amount of improper payment information 
reported were inconsistent across federal agencies, with few agencies 
publicly reporting the amounts of their improper payments or other 
information such as: 

 barriers to identifying or reducing improper payments, 

 targets and goals set for improvement, and: 

 progress in identifying, minimizing, and recovering improper 
payments. 

The act's reporting requirements coincide with our recommendations made 
prior to IPIA implementation that agencies take actions to estimate, 
reduce, and publicly report improper payments. Our prior 
recommendations and OMB's IPIA implementing guidance also provided that 
agencies (1) assign responsibility to a senior official for 
establishing policies and procedures for assessing agency and program 
risks of improper payments, and (2) establish improper payment goals or 
targets and measure performance against those goals to determine 
progress made and areas needing additional improvements. 

However, two additional areas that could provide enhanced transparency 
in agencies' improper payment reporting include (1) a reporting 
requirement concerning improper payment estimates by type of error and 
(2) information on agencies' efforts to recover improper payments in 
their risk-susceptible programs and activities. Currently, we found 
that only a few agencies report improper payment estimates by type of 
error or provide information on the recovery of improper payments made 
to program beneficiaries or grantees. Existing guidance to report 
recovery auditing information solely focuses on contract overpayments 
made to vendors in accordance with the Recovery Auditing Act. Agencies 
should consider performing cost-benefit analyses of a recovery auditing 
program before implementation to provide a baseline to help ensure that 
the cost of those activities to the organization is not greater than 
the potential benefit and then measure results periodically. 

Requiring the reporting of improper payment estimates by type of error 
would assist in the identification of the source and progress made to 
reduce those errors. For example, the Department of Housing and Urban 
Development (HUD) reports three types of error rates for its public 
housing/rental assistance programs--errors due to administrator subsidy 
determinations, tenant underreporting of income, and gross billing 
errors. With this level of detail, HUD has the information available to 
readily measure its progress in reducing improper payments related to 
these types of errors, and thus is in a better position to target 
corrective actions. Other agencies categorized errors as to cause, but 
did not report an estimate for each category. For example, the 
Department of Transportation categorized its errors into various 
types---such as data entry errors, unallowable charges, and materials 
received not in accordance with contract terms--but did not report an 
estimate for each category. We also realize that agencies may use other 
reporting methods to provide a detailed breakout of their improper 
payment estimates. Although not included as part of its PAR reporting, 
the Department of Health and Human Services (HHS) reports improper 
payment estimates for its Medicare Fee-for-Service program by type of 
error, individual contractor, and geographical region and makes this 
information publicly available on its Web site.[Footnote 10] 

Another area that agencies could be required to report on as part of 
their IPIA reporting includes the results of their efforts to recover 
improper payments in their risk-susceptible programs and activities. 
Generally, agencies' recovery auditing efforts target contract 
overpayments as required by the Recovery Auditing Act. These 
requirements are only applicable for agencies that enter into contracts 
with a total value in excess of $500 million in a given fiscal year. 
Agencies currently have no requirement under IPIA to report on any 
recovery efforts for improper payments made to program beneficiaries or 
grantees. Reporting this type of information would provide additional 
accountability mechanisms for agencies to recover taxpayer funds and 
provide Congress additional insight on challenges agencies face in 
recovering improperly paid funds. 

5. As you know, there has been significant debate over OMB's definition 
of the phrase "significant improper payments." How this phrase is 
defined is important because it determines which programs and 
activities - all of which likely have some level of improper payment - 
actually report the payment errors they make. Do you think there is 
some way to define "significant improper payments" that gives us more 
transparency without imposing an unacceptable administrative burden on 
OMB and the agencies? 

We reported[Footnote 11] in November 2006 that OMB's implementation of 
IPIA's general criteria to identify risk-susceptible programs limits 
the disclosure and transparency of governmentwide improper payments. 
This limitation does not further the objectives of IPIA, as programs 
that do not meet OMB's criteria of exceeding $10 million and 2.5 
percent of program payments are excluded from agencies' improper 
payment reporting. For example, one agency identified three programs 
with estimated improper payments exceeding $10 million, but because the 
estimates did not exceed 2.5 percent of program outlays, they were not 
included in the governmentwide improper payments total. In that report, 
we recommended that Congress consider amending existing IPIA provisions 
to define specific criteria, such as a minimum dollar threshold, 
agencies should use to identify which programs and activities are 
susceptible to significant improper payments. 

In response[Footnote 12] to posthearing questions related to our 
December 5, 2006, testimony,[Footnote 13] we included suggested 
language for amending IPIA for better transparency and disclosure of 
improper payments reporting. The suggested language would amend IPIA to 
define, for purposes of identifying what programs or activities are 
susceptible to improper payments, the term "significant" to mean 
"annual improper payments under a program or activity that exceed $10 
million." This amendment would be consistent with the threshold 
currently identified in IPIA that requires additional reporting for 
those agencies with estimates of more than $10 million. 

6. As you know, current recovery audit requirements only apply to 
overpayments made to agencies' contractors. I suspect that there are a 
number of other areas, however, that would benefit from this kind of 
audit work. Do you think it would be appropriate and useful for 
Congress to require that a broader range of agency payments be 
subjected to recovery auditing? 

Subjecting a broader range of agency payments to recovery auditing or 
collection procedures may provide useful information to Congress as 
part of its decision-making and oversight responsibilities. Currently, 
IPIA does not include a reporting requirement on agencies' efforts to 
recover improper payments made to program beneficiaries or grantees. 
However, existing legislation, such as the Debt Collection Improvement 
Act of 1996 (DCIA)[Footnote 14] and program-specific legislation, 
provides mechanisms that agencies can utilize to recoup improper 
payments. 

For example, the Social Security Administration (SSA) reported in its 
fiscal year 2006 PAR that it had collected $2.3 billion in program 
debt. SSA's internal collection techniques include benefit withholding 
and billing to recipients with subsequent follow-up. In addition, SSA 
uses external collection techniques authorized by DCIA including the 
Treasury Offset Program,[Footnote 15] credit bureau reporting, and 
administrative wage garnishment[Footnote 16] to recoup improper 
payments. DCIA requires that agencies refer eligible debts that an 
agency has been unable to collect and remain delinquent more than 180 
days to the Department of the Treasury for payment offset or for cross- 
servicing. Cross-servicing involves such actions as locating debtors, 
issuing demand letters, and referring debts to private collection 
agencies. 

In another example, HHS under section 306 of the Medicare Prescription 
Drug, Improvement, and Modernization Act of 2003,[Footnote 17] was 
given authority to conduct a project to demonstrate the use of recovery 
audit contractors in identifying improper payments and recouping 
overpayments for Medicare in the Medicare Fee-for-Service program. HHS 
reported in its fiscal year 2006 PAR that it initiated this 3-year 
project in March 2005 in the three states with the highest Medicare 
utilization rates. HHS reported that it provided the recovery audit 
contractors about $167 billion of claims submitted between fiscal years 
2002 and 2005 for review. Of the $167 billion, HHS reported that it is 
working on recovering $224 million in claims payments determined to be 
improper. 

As we previously reported and testified before this 
subcommittee,[Footnote 18] recovery auditing is a method that agencies 
can use to recoup detected improper payments. While we support the use 
of recovery auditing and annual reporting of this information, 
effective internal control serves as the first line of defense in 
safeguarding assets and preventing and detecting errors and fraud. 
Given the large volume and complexity of federal payments and 
historically low recovery rates for certain programs, it is much more 
efficient to pay bills and provide benefits properly in the first 
place. Aside from minimizing overpayments, preventing improper payments 
increases public confidence in the administration of benefit programs 
and avoids the difficulties associated with the "pay and chase" aspects 
of recovering improper payments. Without strong preventive controls, 
agencies' internal control activities over disbursements will not be 
effective in reducing the risk of improper payments. 

7. You note in your written testimony that 18 agencies have reported on 
their recovery audit efforts and have used a variety of methods to do 
that auditing work. Some conducted in-house recovery audits, others 
contracted out their recovery audit services, and still others used 
both in-house and private sector auditors. Do you have any sense of 
whether contractor or in-house recovery is more effective? 

Beginning with fiscal year 2004, OMB required that applicable agencies 
publicly report on their recovery auditing efforts as part of the PAR 
reporting of improper payment information. As we reported in our March 
2007 testimony, the number of agencies reporting recovery auditing 
information, including the dollar amounts identified for recovery and 
actually recovered, had increased from fiscal year 2004 to 2006. We 
also reported that agencies conducted in-house recovery audits, 
contracted out their recovery audit services, or used a combination of 
the two methods. However, we have not analyzed the relative 
effectiveness of the different types of methods agencies used to 
recover overpayments. 

We are sending a copy of this report to the Director of the Office of 
Management and Budget, and other interested parties. This report is 
also available on GAO's home page at http://www.gao.gov. Should you 
have any questions on matters discussed in this report or need 
additional information, please contact me at (202) 512-9095 or at 
williamsm1@gao.gov. Contact points for our Offices of Congressional 
Relations and Public Affairs may be found on the last page of this 
report. Major contributors to this report include Carla Lewis, 
Assistant Director; Francine DelVecchio; Christina Quattrociocchi; 
Heather Rasmussen; Donell Ries; and Viny Talwar. 

Sincerely yours, 

Signed by: 
McCoy Williams: 
Director, Financial Management and Assurance: 

Related GAO Products: 

Improper Payments: Agencies' Efforts to Address Improper Payment and 
Recovery Auditing Requirements Continue. GAO-07-635T. Washington, D.C.: 
March 29, 2007. 

Improper Payments: Posthearing Responses on a December 5, 2006, Hearing 
to Assess the Improper Payments Information Act of 2002. GAO-07-533R. 
Washington, D.C.: February 27, 2007. 

Improper Payments: Incomplete Reporting under the Improper Payments 
Information Act Masks the Extent of the Problem. GAO-07-254T. 
Washington, D.C.: December 5, 2006. 

Improper Payments: Agencies' Fiscal Year 2005 Reporting under the 
Improper Payments Information Act Remains Incomplete. GAO-07- 92. 
Washington, D.C.: November 14, 2006. 

Improper Payments: Posthearing Questions Related to Agencies Meeting 
the Requirements of the Improper Payments Information Act of 2002. GAO- 
06-1067R. Washington, D.C.: September 6, 2006. 

Improper Payments: Federal and State Coordination Needed to Report 
National Improper Payment Estimates on Federal Programs. GAO-06-347. 
Washington, D.C.: April 14, 2006. 

Financial Management: Challenges Continue in Meeting Requirements of 
the Improper Payments Information Act. GAO-06-581T. Washington, D.C.: 
April 5, 2006. 

Financial Management: Challenges Remain in Meeting Requirements of the 
Improper Payments Information Act. GAO-06-482T. Washington, D.C.: March 
9, 2006. 

Financial Management: Challenges in Meeting Governmentwide Improper 
Payment Requirements. GAO-05-907T. Washington, D.C.: July 20, 2005. 

Financial Management: Challenges in Meeting Requirements of the 
Improper Payments Information Act. GAO-05-605T. Washington, D.C.: July 
12, 2005. 

Financial Management: Challenges in Meeting Requirements of the 
Improper Payments Information Act. GAO-05-417. Washington, D.C.: March 
31, 2005. 

Financial Management: Fiscal Year 2003 Performance and Accountability 
Reports Provide Limited Information on Governmentwide Improper 
Payments. GAO-04-631T. Washington, D.C.: April 15, 2004. 

Financial Management: Status of the Governmentwide Efforts to Address 
Improper Payment Problems. GAO-04-99. Washington, D.C.: October 17, 
2003. 

Financial Management: Effective Implementation of the Improper Payments 
Information Act of 2002 Is Key to Reducing the Government's Improper 
Payments. GAO-03-991T. Washington, D.C.: July 14, 2003. 

Financial Management: Challenges Remain in Addressing the Government's 
Improper Payments. GAO-03-750T. Washington, D.C.: May 13, 2003. 

Financial Management: Coordinated Approach Needed to Address the 
Government's Improper Payments Problems. GAO-02-749. Washington, D.C.: 
August 9, 2002. 

Financial Management: Improper Payments Reported in Fiscal Year 2000 
Financial Statements. GAO-02-131R. Washington, D.C.: November 2, 2001. 

Executive Guide: Strategies to Manage Improper Payments, Learning From 
Public and Private Sector Organizations. GAO-02-69G. Washington, D.C.: 
October 2001. 

Financial Management: Billions in Improper Payments Continue to Require 
Attention. GAO-01-44. Washington, D.C.: October 27, 2000. 

Financial Management: Improper Payments Reported in Fiscal Year 1999 
Financial Statements. GAO/AIMD-00-261R. Washington, D.C.: July 27, 
2000. 

Financial Management: Increased Attention Needed to Prevent Billions in 
Improper Payments. GAO/AIMD-00-10. Washington, D.C.: October 29, 1999. 

(195115): 

FOOTNOTES 

[1] GAO, Improper Payments: Agencies' Efforts to Address Improper 
Payment and Recovery Auditing Requirements Continue, GAO-07-635T 
(Washington, D.C.: Mar. 29, 2007). 

[2] Pub. L. No. 107-300, 116 Stat. 2350 (Nov. 26, 2002). 

[3] National Defense Authorization Act for Fiscal Year 2002, Pub. L. 
No. 107-107, div. A, title VIII,  831, 115 Stat. 1012, 1186 (Dec. 28, 
2001) (codified at 31 U.S.C.  3561-3567). 

[4] NSF procedures require that awards are assessed as high, medium, or 
low risk based on objective factors. The procedures also require that 
institutions with high-risk awards receive a more detailed level of 
review such as site visits on a cyclical basis every 4 or 5 years. 

[5] GAO, Standards for Internal Control in the Federal Government, GAO/ 
AIMD-00-21.3.1 (Washington, D.C.: November 1999). 

[6] GAO, Strategies to Manage Improper Payments: Learning From Public 
and Private Sector Organizations, GAO-02-69G (Washington, D.C.: October 
2001). 

[7] The Office of Management and Budget's (OMB) implementing guidance 
requires that agencies generally use a statistical sample to estimate 
improper payments. Agencies may also use an alternative sampling 
approach provided they obtain OMB approval prior to implementation. 

[8] OMB Memorandum M-06-23, "Issuance of Appendix C to OMB Circular No. 
A-123" (Aug. 10, 2006). 

[9] See the Related GAO Products list at the end of this report. 

[10] See the Comprehensive Error Rate Testing (CERT) reports at 
http://www.cms.hhs.gov/CERT/. 

[11] GAO, Improper Payments: Agencies' Fiscal Year 2005 Reporting under 
the Improper Payments Information Act Remains Incomplete, GAO-07-92 
(Washington, D.C.: Nov. 14, 2006). 

[12] GAO, Improper Payments: Posthearing Responses on a December 5, 
2006, Hearing to Assess the Improper Payments Information Act of 2002, 
GAO-07-533R (Washington, D.C.: Feb. 27, 2007). 

[13] GAO, Improper Payments: Incomplete Reporting under the Improper 
Payments Information Act Masks the Extent of the Problem, GAO-07-254T 
(Washington, D.C.: Dec. 5, 2006). 

[14] Pub. L. No. 104-134, 110 Stat. 1321, 1321-358 (April 26, 1996) 

[15] This program includes the offset of certain benefit payments, 
vendor payments, and tax refunds. 

[16] This is a process in which a federal agency orders an employer to 
withhold amounts each payday from an employee who owes a debt to the 
agency. In turn, the employer pays the withheld amount to the agency. 

[17] Pub. L. No. 108-173, 117 Stat. 2066, 2256 (Dec. 8, 2003). 

[18] GAO-07-92 and GAO-07-635T.

GAO's Mission: 

The Government Accountability Office, the audit, evaluation and 
investigative arm of Congress, exists to support Congress in meeting 
its constitutional responsibilities and to help improve the performance 
and accountability of the federal government for the American people. 
GAO examines the use of public funds; evaluates federal programs and 
policies; and provides analyses, recommendations, and other assistance 
to help Congress make informed oversight, policy, and funding 
decisions. GAO's commitment to good government is reflected in its core 
values of accountability, integrity, and reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through GAO's Web site (www.gao.gov). Each weekday, GAO posts 
newly released reports, testimony, and correspondence on its Web site. 
To have GAO e-mail you a list of newly posted products every afternoon, 
go to www.gao.gov and select "Subscribe to Updates." 

Order by Mail or Phone: 

The first copy of each printed report is free. Additional copies are $2 
each. A check or money order should be made out to the Superintendent 
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or 
more copies mailed to a single address are discounted 25 percent. 
Orders should be sent to: 

U.S. Government Accountability Office 441 G Street NW, Room LM 
Washington, D.C. 20548: 

To order by Phone: Voice: (202) 512-6000 TDD: (202) 512-2537 Fax: (202) 
512-6061: 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail: fraudnet@gao.gov 
Automated answering system: (800) 424-5454 or (202) 512-7470: 

Congressional Relations: 

Gloria Jarmon, Managing Director, JarmonG@gao.gov (202) 512-4400 U.S. 
Government Accountability Office, 441 G Street NW, Room 7125 
Washington, D.C. 20548: 

Public Affairs: 

Paul Anderson, Managing Director, AndersonP1@gao.gov (202) 512-4800 
U.S. Government Accountability Office, 441 G Street NW, Room 7149 
Washington, D.C. 20548: