Strengthening Risk Assessments to Adequately Determine Susceptibility to Improper Payments

What Needs to Be Done | Key Reports

Across the federal government, improper payments have been identified, to varying degrees, in a variety of programs and activities. Using a systematic process (also known as a risk assessment) to annually review and identify those programs and activities that are susceptible to improper payments is the first step in addressing the requirements of the Improper Payments Information Act of 2002 (IPIA).

Highlights of GAO-07-92 (PDF), Highlights of GAO-02-69G (PDF)

  • GAO's work on a governmentwide basis and at the agency level has raised questions about the results of agencies' risk assessments. Through its implementation guidance, OMB provides that agencies annually perform risk assessments but offers limited information on how to conduct an appropriately designed risk assessment, thus, allowing agencies broad flexibility for determining a methodology to meet IPIA requirements.

    Highlights of GAO-08-438T (PDF), Highlights of GAO-07-92 (PDF)

  • Congress is currently considering amendments to IPIA that would change the frequency of when an agency is to conduct a risk assessment—from annually to at least once every 3 fiscal years.
  • If IPIA amendments are enacted, the next administration should ensure that agencies have available the tools and resources needed to implement a comprehensive review and analysis of program operations and payment activities to determine if risks exist, what those risks are, and the potential or actual effect of those risks on an agency's operations.

    Highlights of GAO-07-92 (PDF)

  • In addition, close attention and direction would be needed during the interim years to ensure agencies continued to make progress to further enhance program integrity initiatives and reduce improper payments.
  • With OMB's leadership, developing such a framework would begin the process to effectively identify and target high-risk areas within a program and better position agencies as they determine which control activities to implement to reduce risks and ultimately reduce fraud and errors.

    Highlights of GAO-07-92 (PDF)

^ Back to topWhat Needs to Be Done

To help further the progress toward meeting the goals of the Improper Payments Information Act and ensuring the integrity of payments, OMB should expand its IPIA implementing guidance to describe in greater detail

Highlights of GAO-07-92 (PDF)

  • factors that agencies should consider when conducting their annual risk assessments, such as program complexity, operational changes, findings from investigative reports, and financial statement and performance audit reports; and
  • factors agencies should use when reporting improper payments in their performance and accountability reports (PAR), such as (1) provide a baseline of what agencies should include when reporting on causes, corrective actions, and manager accountability; and (2) require that applicable agencies cite the specific law or regulation in their PARs when describing statutory barriers that may limit the agencies' corrective actions for reducing improper payments.

^ Back to topKey Reports

Improper Payments

Responses to Posthearing Questions Related to Status of Agencies' Efforts to Address Improper Payment and Recovery Auditing Requirements
GAO-08-819R, Jun 20, 2008

Improper Payments

Status of Agencies' Efforts to Address Improper Payment and Recovery Auditing Requirements
GAO-08-438T, Jan 31, 2008

Improper Payments

Agencies' Fiscal Year 2005 Reporting under the Improper Payments Information Act Remains Incomplete
GAO-07-92, Nov 14, 2006

Strategies to Manage Improper Payments

Learning From Public and Private Sector Organizations (Supersedes GAO-01-703G)
GAO-02-69G, Oct 1, 2001
More Reports More Results Toggle
GAO Contact
portrait of Kay L Daly

Kay L. Daly

Director, Financial Management and Assurance

dalykl@gao.gov

(202) 512-9095