Department of Energy:

Use of Leading Practices Could Help Manage the Risk of Fraud and Other Improper Payments

GAO-17-235: Published: Mar 30, 2017. Publicly Released: May 1, 2017.

Additional Materials:

Contact:

David C. Trimble
(202) 512-3841
trimbled@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

DOE's inadequate management and oversight of its contractors led us to designate its contract management as a High Risk area. For example, in November 2016, DOE contractors constructing a nuclear waste treatment plant agreed to pay a combined $125 million to settle a lawsuit alleging, among other things, that a contractor improperly used federal funds for lobbying purposes.

We found that DOE does not use leading practices for managing fraud risks—such as data analytics—that can help agencies detect fraudulent spending or other improper payments.

We made six recommendations aimed at reducing DOE's risk of fraud and improper payments.

 

Photo of the Department of Energy building

Photo of the Department of Energy building

Additional Materials:

Contact:

David C. Trimble
(202) 512-3841
trimbled@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

The Department of Energy (DOE) manages the risk of fraud and improper payments through its internal controls program, which includes, among other things, prepayment invoice reviews and post payment audits. However, several challenges limit the effectiveness of this approach. For example, DOE does not have a department-wide invoice review policy or well-documented procedures at five of the six sites with invoice review responsibilities. Consequently, DOE has no assurance that control activities at these sites are operating as intended. Time constraints also limit the effectiveness of invoice reviews. For example, some invoices can have numerous associated transactions and the reviews must be completed within a limited time frame before payment, which may be as short as 10 days.

DOE's approach to managing fraud risk does not incorporate leading practices such as creating a dedicated antifraud entity to lead fraud risk management activities; conducting regular fraud risk assessments that are tailored to the program; developing and documenting a strategy to mitigate assessed fraud risks; or designing and implementing specific control activities, such as data analytic activities, to prevent and detect fraud. By not implementing leading practices, DOE is missing an opportunity to organize and focus its resources in a way that would allow it to mitigate the likelihood and impact of fraud. Moreover, the Fraud Reduction and Data Analytics Act of 2015 establishes requirements aimed at improving federal agencies' controls and procedures for assessing and mitigating fraud risks through the use of data analytics. The legislation also directs the Office of Management and Budget (OMB) to, among other things, establish implementation guidelines that incorporate fraud risk management leading practices. DOE officials told GAO that they plan to meet the requirements of the act but should not be expected to implement private industry leading practices prior to the issuance of OMB guidance. Incorporating leading practices could also help DOE more effectively implement the act's requirements once OMB guidance is available.

It is not possible to fully employ data analytics as a tool to identify potential indicators of fraud or other improper payments at DOE because of limitations in contractor-maintained cost data. Much of the cost data maintained by the two DOE contractors GAO selected for data analytic purposes could not be used because these data did not include a complete universe of transactions that was reconcilable with amounts billed to DOE or did not contain details necessary to determine the nature of costs charged to DOE. Because DOE does not require its contractors to maintain sufficiently detailed transaction-level cost data that are reconcilable with amounts charged to DOE, it is not well positioned to employ data analytics as a fraud detection tool. Effective fraud risk managers collect and analyze data and identify fraud trends and use them to improve fraud risk management activities, according to leading practices that GAO has previously identified. Without the detailed data necessary to conduct such analysis, DOE is missing an opportunity to develop, refine, and improve its experience with data analytic tools and techniques, and better position itself to meet the requirements of the Fraud Reduction and Data Analytics Act.

Why GAO Did This Study

Over the past decade, incidents of fraud by DOE contractors have occurred. From 2003 through 2008, employees of one contractor at DOE's Hanford site in Washington state made hundreds of fraudulent purchases and solicited and received kickbacks. In another case, Hanford contractors agreed to pay a combined $125 million to settle disputed claims regarding federal dollars spent on nonnuclear-compliant parts. To help federal program managers combat fraud, in July 2015, GAO issued leading practices for managing fraud risks.

GAO was asked to review DOE's processes, programs, and practices for managing its risk of fraud. This report examines (1) DOE's approach to managing its risk of fraud and other improper payments and challenges, if any, that may limit the effectiveness of this approach; (2) the extent to which DOE's approach incorporates leading practices; and (3) the application of data analytics in identifying potential indicators of fraud or other improper payments associated with selected DOE contracts.

What GAO Recommends

GAO is making six recommendations, including that DOE establish invoice review policies and procedures, employ leading practices such as data analytics to help manage fraud risk, and require that its contractors maintain sufficiently detailed cost data for reconciling with amounts charged. DOE generally concurred with five of GAO's six recommendations but did not agree to require contractors to maintain detailed data. GAO continues to believe that the recommendation is valid, as discussed in the report.

For more information, contact David C. Trimble at (202) 512-3841 or trimbled@gao.gov.

Recommendations for Executive Action

  1. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To allow DOE management to effectively monitor invoice reviews and have assurance that this control activity is operating as intended, the Secretary of Energy should establish a DOE-wide invoice review policy that includes requirements for sites to establish well-documented invoice review operating procedures.

    Agency Affected: Department of Energy

  2. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including creating a structure with a dedicated entity within DOE to design and oversee fraud risk management activities.

    Agency Affected: Department of Energy

  3. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including conducting fraud risk assessments that are tailored to each program and use the assessments to develop a fraud risk profile

    Agency Affected: Department of Energy

  4. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including developing and documenting an antifraud strategy that describes the programs' approaches for addressing the prioritized fraud risks identified during the fraud risk assessment.

    Agency Affected: Department of Energy

  5. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including designing and implementing specific control activities, including fraud awareness training and data analytics, to prevent and detect fraud and other improper payments.

    Agency Affected: Department of Energy

  6. Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

    Recommendation: To help ensure that necessary data are available to employ data analytics as a tool to perform contractor cost-surveillance activities, the Secretary of Energy should require contractors to maintain sufficiently detailed transaction-level cost data that are reconcilable with amounts charged to the government, including (1) cost data that, at a minimum, represent a full data population and (2) the details necessary to determine the nature of each cost transaction, with such identifiers as transaction date, dollar amount, item or service description, and transaction codes to indicate the type of cost represented (e.g., construction materials, property lease, and office supplies).

    Agency Affected: Department of Energy

 

Explore the full database of GAO's Open Recommendations »

May 26, 2017

May 25, 2017

May 24, 2017

May 17, 2017

May 3, 2017

May 1, 2017

Apr 26, 2017

Apr 11, 2017

Mar 16, 2017

Mar 15, 2017

Looking for more? Browse all our products here