Service-Disabled Veteran-Owned Small Business Program: Additional Improvements to Fraud Prevention Controls Are Needed
GAO-12-152R
Published: Oct 26, 2011. Publicly Released: Nov 30, 2011.
Skip to Highlights
Highlights
This report is in response to a request from congressional subcommittees to evaluate the design of the Department of Veterans Affairs (VA) fraud prevention controls within the Service-Disabled Veteran-Owned Small Business (SDVOSB) verification program instituted in response to Public Law 111-275. This work is part of our ongoing audit of the SDVOSB program governmentwide, which, in part, assesses the design of the three areas of a fraud prevention framework including preventive controls, detection and monitoring controls, and investigations and prosecutions. We will report the results of the larger audit at a later date..
In summary, VA's fraud prevention controls for the SDVOSB program have improved since Public Law 111-275 was enacted including steps taken since Congress' July 28, 2011 hearing; however, further enhancements would help to reduce the program's vulnerability to fraud, waste, and abuse. VA has made progress in implementing a valid verification program with preventive controls to deter ineligible firms from attempting to become verified. VA enhanced deterrents and developed controls to identify firms in its VetBiz database that did not meet SDVOSB eligibility requirements, resulting, according to VA, in over 1,800 ineligible firms being denied SDVOSB verification. However, even with the control enhancements, program weaknesses and vulnerabilities remain. While improvements in preventive controls have been significant, progress has been limited in the areas of detection and monitoring and investigations and prosecutions. VA's monitoring and detection efforts, which now include status protests and announced site visits, lacked periodic compliance reviews and formal processes for unannounced site visits. Moreover, while VA established a debarment committee and is conducting ongoing investigations of suspicious firms, it does not yet have specific criteria in place to implement legislation requiring debarment actions for firms that misrepresent their SDVOSB eligibility. Thus there has been limited actual debarment action against firms found to have misrepresented their SDVOSB status. To address identified vulnerabilities, we recommend that VA take 13 actions in the three areas of the fraud prevention framework--preventive controls, detection and monitoring, and investigations and prosecutions--to provide reasonable assurance that the contracting opportunities meant for our nation's service-disabled veteran entrepreneurs make it to the intended beneficiaries.
Recommendations
Recommendations for Executive Action
| Agency Affected | Recommendation | Status |
|---|---|---|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should improve VA's preventive controls to provide reasonable assurance that only eligible firms gain access to the VetBiz database. For example: provide regular fraud awareness training to Center for Veterans Enterprise (CVE) and VA contracting personnel. |
Closed – Implemented
In response to our recommendation, in October 2012 (fiscal year 2013), VA developed a learning and development strategic plan for 2012 - 2014. The strategic plan provides opportunities for ongoing staff education, training, and development. The strategic plan outlines the fraud education training available to CVE and VA contracting personnel. The training includes briefings provided by the Office of Inspector General (OIG) and staff meetings or monthly training sessions where staff discuss fraud. For example, in June 2012, VA OIG provided training to CVE personnel on procurement fraud, including the different types of fraud in the SDVOSB program. By providing regular training to CVE and VA contracting personnel, VA has taken an important step towards ensuring that only eligible SDVOSB firms are able to participate in the program.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should improve VA's preventive controls to provide reasonable assurance that only eligible firms gain access to the VetBiz database. For example: provide additional guidance and training to the VA contracting personnel on the use of the VetBiz website so that SDVOSB contracts are only awarded to verified firms. |
Closed – Implemented
In response to our recommendation, in December 2011, VA issued a memo to contracting personnel reiterating the need to verify firms eligibility both upon receipt of an offer and prior to award. In November 2011, VA offered training to the contracting personnel on the importance of eligibility verification. By providing guidance and training to VA contracting personnel on the importance of verifying firms eligibility, VA has taken an important step toward ensuring that SDVOSB contracts are only awarded to verified firms.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should improve VA's preventive controls to provide reasonable assurance that only eligible firms gain access to the VetBiz database. For example: establish formal procedures for VA staff to refer suspicious applications to the OIG and provide guidance on what type of cases to refer to the Office of Inspector General (OIG). |
Closed – Implemented
In response to our recommendation, in April 2012, VA issued guidelines outlining the procedures for VA staff to refer applicants that submitted false information or misrepresented their status to the VA OIG. In addition, from November 2011 through January 2012, VA provided training sessions to staff on the type of red flags that might show up during the application review. By establishing these procedures and providing staff this training, VA has taken important steps toward improving fraud prevention controls within the SDVOSB verification program.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should improve VA's preventive controls to provide reasonable assurance that only eligible firms gain access to the VetBiz database. For example: explore the feasibility of validating applicants' information with third parties, for example, requesting consent from SDVOSB applicants to validate tax information with the IRS to assess the accuracy of the information provided. |
Closed – Implemented
In response to our recommendation, VA has explored the feasibility of utilizing third parties such as Dun and Bradstreet to validate application information. By exploring the feasibility of validating applicants' information with third parties, VA has taken an important step toward improving fraud prevention controls within the SDVOSB verification program.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should improve VA's preventive controls to provide reasonable assurance that only eligible firms gain access to the VetBiz database. For example: formalize a process for conducting unannounced site visits to firms identified as high risk during the verification process. |
Closed – Implemented
In response to our recommendation, VA has formalized a process to conduct unannounced site visits to high-risk firms. Specifically, VA has issued procedures implementing a monthly process to select firms in the verification process for unannounced site visits. The procedures use risk-based factors to select a sample of 50 percent of firms identified as high-risk during the verification process. By formalizing a process for conducting unannounced site visits to firms identified as high-risk during the verification process, VA has taken an important step toward improving fraud prevention controls within the SDVOSB verification program.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should strengthen VA's detection and monitoring controls on verified SDVOSB firms. For example: develop and implement procedures for conducting unannounced site visits to contract performance locations and interviews with contracting officials to better assess whether verified companies comply with program rules after verification. |
Closed – Not Implemented
While VA initially concurred with the recommendation, the agency determined that it was not necessary to visit contractor performance locations or meet with contracting officers to determine eligibility, ownership and control. The Center for Veterans Enterprise (CVE) does not conduct unannounced site visits to contract performance locations or conduct interviews with contracting officials as a part of its site visit program. Site visits are conducted at the firms business address listed on their Vendor Information Pages profile. According to VA, CVE conducts approximately 1200 site visits annually which include a review of business documents to ensure eligibility with program rules. GAO continues to believe that VA should strengthen its detection and monitoring controls on verified SDVOSB firms through actions such as developing and implementing procedures for conducting unannounced site visits to contract performance locations and interviews with contracting officials. VA does not plan to take action on this recommendation and therefore GAO deems it closed as not implemented.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should strengthen VA's detection and monitoring controls on verified SDVOSB firms. For example: develop and implement a process for unannounced site visits to verified companies' offices to obtain greater effectiveness and consistency in the verification program. |
Closed – Implemented
In response to our recommendation, VA has formalized a process to conduct unannounced site visits to verified firms. Specifically, VA has implemented a process to select on a weekly basis, based on a combination of random and risk-based factors, verified firms to receive an unannounced site visit. By developing and implementing a process for unannounced site visits to verified firms, VA has taken an important step toward improving fraud prevention controls within the SDVOSB verification program.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should strengthen VA's detection and monitoring controls on verified SDVOSB firms. For example: develop procedures for risk-based periodic reviews of verified firms receiving contracts to assess compliance with North American Industry Classification System (NAICS) size standards and SDVOSB program rules. |
Closed – Implemented
In response to our work, VA issued revised procedures, effective February 2015, for its site visits to verified firms receiving contracts that include a checklist for assessing compliance with NAICS size standards and SDVOSB program rules. By developing and implementing a process for site visits to verified firms to assess compliance with NAICS size standards and SDVOSB program rules, VA has taken an important step toward improving fraud prevention controls within the SDVOSB verification program.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should strengthen VA's investigative and prosecutorial actions for firms violating SDVOSB program laws and regulations. For example: develop and implement specific processes and criteria for the Debarment Committee on compliance with the requirement in P.L. 109-461 to debar, for a reasonable period of time, firms and related parties that misrepresent their SDVOSB status. |
Closed – Implemented
In response to our recommendation and the new P.L. 111-154, in April 2015, VA issued new guidance to the Debarment and Suspension Committee to revise the debarment period to a minimum of five years, for the debarment to include all principals in the firm, among other things. By revising the debarment guidance, VA has taken an important step towards ensuring that firms that willfully and intentionally misrepresent the SDVOSDB status get debarred.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should strengthen VA's investigative and prosecutorial actions for firms violating SDVOSB program laws and regulations. For example: develop and implement specific procedures and criteria for staff to make referrals to VA's Debarment Committee and VA's OIG as a result of misrepresentations identified during initial verification and periodic reviews. |
Closed – Implemented
In response to our recommendation, VA updated its guidelines to show the procedures for VA staff to refer applicants who misrepresented their status in the application process or during the verification eligibility period to the VA OIG and Debarment Committee. Additionally, VA has sent 22 referrals to the VA OIG and Debarment Committee since July 2011. By establishing these procedures to make referrals to the Debarment Committee and VA OIG, VA has taken an important step toward improving fraud prevention controls within the SDVOSB verification program.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should strengthen VA's investigative and prosecutorial actions for firms violating SDVOSB program laws and regulations. For example: develop specific guidelines outlining the Debarment Committee's decision process to debar firms that misrepresent their SDVOSB status. |
Closed – Implemented
In response to our recommendation and the new P.L. 111-154, in May 2015, VA issued procedures for the Suspension and Debarment Committee to utilize when evaluating referrals based on allegations of willful and intentional misrepresentation of the SDVOSB status. Specifically, the additional guidance outlines additional causes for debarment, process for accepting a referral through the debarment decision, and the period or debarment. By revising the debarment guidance, VA has taken an important step towards ensuring that firms that misrepresent the SDVOSDB status get debarred.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should strengthen VA's investigative and prosecutorial actions for firms violating SDVOSB program laws and regulations. For example: develop procedures on removing SDVOSB contracts from ineligible firms. |
Closed – Implemented
In response to our recommendation, in October 2012 (fiscal year 2013), VA issued a policy to re-delegate the authority to approve or disapprove the continuation of a current contract from the Deputy Senior Procurement Executive to the Heath Contracting Activity (HCA). Since each respective HCA is responsible for the internal operations of their respective contracting activity, the determination of whether to continue contracts with ineligible firms will be delegated the HCAs. The policy also provides guidance when a firm has been debarred or suspended, or has a proposed debarment. Specifically, contractors shall not add new work, exercise options, or otherwise extend the duration of current contracts or orders among other things. By issuing a new policy to re-delegate the authority to the HCAs to remove contracts, VA has taken an important step towards ensuring that ineligible firms to continue to get SDVOSB contracts.
|
| Department of Veterans Affairs | To minimize the risk of fraud and abuse within VA's SDVOSB program, the Secretary of Veterans Affairs should strengthen VA's investigative and prosecutorial actions for firms violating SDVOSB program laws and regulations. For example: formalize procedures to advertise debarments and prosecutions. |
Closed – Not Implemented
While VA initially concurred with the recommendation, the agency believes that formalizing procedures to advertise debarments and prosecutions are not necessary because of existing formalized government-wide procedures that are mandated for Executive Branch agencies in the Federal Acquisition Regulation (FAR). Specifically, VA cited procedures found in FAR 9.404 (c) and (d), System for Award Management Exclusions (SAM) which lists the requirements for accessing SAM, entering exclusion records in SAM, and retaining suspension and debarment records; and FAR 9.405, Effect of Listing, which advises that agencies shall not solicit offers from, award contracts to, or consent to subcontracts with excluded parties unless the agency head determines that there is a compelling reason for such action. GAO continues to believe that VA should formalize procedures to advertise debarments and prosecutions to deter future fraud through maximizing the deterrent value of successful prosecutions and debarments. VA does not plan to take action on this recommendation and therefore GAO deems it closed as not implemented.
|
Full Report
Office of Public Affairs
Topics
Eligibility criteriaFraudInternal auditsInternal controlsMonitoringProgram abusesProgram evaluationService-disabled veteran-owned small businessVeterans benefitsPolicies and proceduresFraud, Waste and Abuse