Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Subject Term: Fraud

    24 publications with a total of 71 open recommendations including 8 priority recommendations
    Director: Rebecca Gambler
    Phone: (202) 512-8777

    6 open recommendations
    Recommendation: To better assess whether RSCs are meeting USRAP objectives, the Assistant Secretary of State for Population, Refugees, and Migration should develop outcome-based indicators, as required by State policy.

    Agency: Department of State: Bureau of Population, Refugees and Migration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To better assess whether RSCs are meeting USRAP objectives, the Assistant Secretary of State for Population, Refugees, and Migration should monitor RSC performance against such indicators on a regular basis.

    Agency: Department of State: Bureau of Population, Refugees and Migration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To better ensure that USCIS officers effectively adjudicate applications for refugee status, the Director of USCIS should develop and implement a plan to deploy officers with national security expertise on circuit rides.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To better ensure that USCIS officers effectively adjudicate applications for refugee status, the Director of USCIS should conduct regular quality assurance assessments of refugee application adjudications across USCIS's Refugee Affairs Division and International Operations Division.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: USCIS provided documentation that U.S. Citizenship and Immigration Services (USCIS) officials conducted a quality assurance assessment of refugee adjudications in July 2017 and has plans to conduct an additional quality assurance assessment in January or February 2018. To fully address this recommendation, USCIS should demonstrate a continued commitment to conducting regular quality assurance assessments of refugee application adjudications.
    Recommendation: To provide reasonable assurance that USRAP applicant fraud prevention and detection controls are adequate and effectively implemented, the Secretaries of Homeland Security and State should conduct regular joint assessments of applicant fraud risk across USRAP.

    Agency: Department of Homeland Security
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To provide reasonable assurance that USRAP applicant fraud prevention and detection controls are adequate and effectively implemented, the Secretaries of Homeland Security and State should conduct regular joint assessments of applicant fraud risk across USRAP.

    Agency: Department of State
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Melito, Thomas
    Phone: (202) 512-9601

    3 open recommendations
    Recommendation: To support efforts to reduce staff fraud at RSCs, the Secretary of State should direct the Bureau of Population, Refugees, and Migration to actively pursue efforts to ensure that RSCs comply with required, applicable measures in the Program Integrity Guidelines.

    Agency: Department of State
    Status: Open

    Comments: The State Department concurred with our recommendation and agreed with GAO's assessment that these measures will support efforts to reduce staff fraud at Resettlement Support Centers (RSC). According to State officials, the Bureau of Population, Refugees, and Migration (PRM) has developed new guidance to enhance monitoring of RSCs. They explained that a new monitoring and evaluation framework serves as the foundational document for this guidance, which has incorporated and formalized PRM's existing RSC monitoring practices and established further requirements to address gaps identified by internal and external evaluative processes. According to the officials, the framework outlines roles, responsibilities, and tools for program officers and refugee coordinators. These responsibilities include formalizing and expanding monitoring of RSC compliance with the Program Integrity Guidelines. When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To better identify risks from RSC staff fraud, the Secretary of State should direct the Bureau of Population, Refugees, and Migration to update guidance, such as the Program Integrity Guidelines, to require each RSC to conduct regular staff fraud risk assessments that are tailored to each RSC's specific operations.

    Agency: Department of State
    Status: Open

    Comments: The State Department concurred with our recommendation and agreed with GAO's assessment that this requirement would strengthen Resettlement Support Centers' (RSCs) ability to identify risks of staff fraud. When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure that control activities are designed to mitigate identified RSC staff fraud risks, the Secretary of State should direct the Bureau of Population, Refugees, and Migration to regularly review RSC staff fraud risk assessments and use them to examine the suitability of existing staff fraud controls and revise controls as appropriate.

    Agency: Department of State
    Status: Open

    Comments: The State Department concurred with our recommendation and agreed with GAO's assessment that this would help ensure that control activities are designed to mitigate identified Resettlement Support Centers (RSC) staff fraud risks. When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Zina Merritt
    Phone: (202) 512-5257

    4 open recommendations
    Recommendation: To enhance the department's transfer of its excess controlled property, and to strengthen LESO program internal controls for the application and enrollment of federal agencies, the Under Secretary of Defense for Acquisition, Technology and Logistics should direct the Director of DLA to review and revise policy or procedures for verifying and approving federal agency applications and enrollment. For example, such steps could include LESO supervisory approval for all federal agency applications; confirmation of the application with designated points of contact at the headquarters of participating federal agencies; or visiting the location of the applying federal law enforcement agency.

    Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the department's transfer of its excess controlled property, and to help ensure controlled property is picked up by authorized individuals, the Under Secretary of Defense for Acquisition, Technology and Logistics should direct the Director of DLA to ensure compliance that on-site officials responsible for the transfer of items at Disposition Services' sites request and verify valid identification of the individual(s) authorized to pick up allocated property from the LESO program.

    Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the department's transfer of its excess controlled property, and to help ensure the accurate quantity of approved items is transferred, the Under Secretary of Defense for Acquisition, Technology and Logistics should direct the Director of DLA to issue guidance that requires DLA Disposition Services on-site officials to verify the type and quantity of approved items against the actual items being transferred prior to removal from the sites.

    Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To enhance the department's transfer of its excess controlled property, and to strengthen LESO program internal controls, the Undersecretary of Defense for Acquisition, Technology, and Logistics should direct the Director of DLA to conduct a fraud risk assessment to design and implement a strategy with specific internal control activities to mitigate assessed fraud risks for all stages relating to LESO's transfer of excess controlled property to law enforcement agencies, consistent with leading practices provided in GAO's Fraud Risk Framework.

    Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Seto Bagdoyan
    Phone: (202) 512-6722

    4 open recommendations
    Recommendation: The Commissioner (or Acting Commissioner) of SSA should direct the OAFP to lead a comprehensive fraud risk assessment that is consistent with leading practices, and develop a plan for regularly updating the assessment.

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Commissioner (or Acting Commissioner) of SSA should direct the OAFP to develop, document, and implement an antifraud strategy that is aligned to its assessed fraud risks.

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Commissioner (or Acting Commissioner) of SSA should direct the OAFP to work with components responsible for implementing antifraud initiatives to develop outcome-oriented metrics, including baselines and goals, where appropriate for antifraud activities.

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Commissioner (or Acting Commissioner) of SSA should direct the OAFP to review progress toward meeting goals on a regular basis, and recommend that the NAFC make changes to control activities or take other corrective actions on any initiatives that are not meeting goals.

    Agency: Social Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Lawrance Evans
    Phone: (202) 512-8678

    5 open recommendations
    Recommendation: In the event that Congress again requires an agency to provide affected individuals with identity theft insurance in response to a breach of sensitive personal data, Congress should consider permitting the agency to determine the appropriate level of that insurance.

    Agency: Congress
    Status: Open

    Comments: When we determine what steps the Congress has taken, we will provide updated information.
    Recommendation: The Director of the Office of Management and Budget should, to the extent feasible, conduct an analysis of the effectiveness of the various identity theft services relative to alternatives, and revise OMB's guidance to federal agencies in light of this analysis.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the Office of Management and Budget should explore options to address the risk of duplication in federal agencies' provision of identity theft services in response to data breaches, and take action if viable options are identified.

    Agency: Executive Office of the President: Office of Management and Budget
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the Office of Personnel Management should incorporate criteria and procedures for determining whether to offer identity theft services into the agency's data-breach-response policy.

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: The Director of the Office of Personnel Management should implement procedures that provide reasonable assurance that significant decisions on the use of identity theft services are appropriately documented.

    Agency: Office of Personnel Management
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: David C. Trimble
    Phone: (202) 512-3841

    6 open recommendations
    Recommendation: To allow DOE management to effectively monitor invoice reviews and have assurance that this control activity is operating as intended, the Secretary of Energy should establish a DOE-wide invoice review policy that includes requirements for sites to establish well-documented invoice review operating procedures.

    Agency: Department of Energy
    Status: Open

    Comments: DOE stated that it already has an established, detailed DOE-wide invoice review policy provided in DOE's Financial Management Handbook and in the DOE Acquisition Guide, and that they are updating the Financial Management Handbook to include additional procedures to address intra-governmental payment and collection transactions that they believe will allow the recommendation to be closed by September 30, 2017. However, DOE officials with the office of the CFO at DOE headquarters previously told us that they do not have department-wide invoice review policies and procedures, and that CFOs and contracting officials in DOE field offices are responsible to develop their own invoice review policies and procedures. In addition, we reviewed the Financial Management Handbook and the Acquisition Guide and found that these documents do not contain the detail necessary to serve as an invoice review policy. We will continue to review DOE's implementation of this recommendation to determine whether its actions meet the intent of the recommendation.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including creating a structure with a dedicated entity within DOE to design and oversee fraud risk management activities.

    Agency: Department of Energy
    Status: Open

    Comments: DOE considers this recommendation to be closed without corrective action. Instead of establishing a dedicated entity within DOE to design and oversee fraud risk management activities, DOE will rely on the existing Office of Financial Policy and Internal Controls and on the DOE Office of Inspector General (OIG)to design and oversee financial fraud risk management activities. We disagree that reliance on these offices meets best practices because neither office is solely dedicated to designing or overseeing fraud risk management activities. Furthermore, according the best practices in GAO's Fraud Risk Framework, the dedicated entity should not be the OIG.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including conducting fraud risk assessments that are tailored to each program and use the assessments to develop a fraud risk profile

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with the substance of the recommendation; however they consider the recommendation to be closed without corrective action because its risk assessments meet the requirements of the Improper Payments Elimination and Recovery Improvement Act of 2012, as reported by the Office of Inspector General (OIG), and because it has implemented updates to OMB Circular A-123 that added requirements related to managing fraud risk and adherence to GAO's Fraud Risk Framework. However, we found that DOE has not conducted fraud risk assessments that are tailored to its programs and therefore do not allow the department to create a fraud risk profile. We also found that, although DOE updated its internal control assessment tools with a list of fraud risks as required by OMB Circular A-123, the list of risks were the same for all DOE sites and were not tailored to the sites' different programs.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including developing and documenting an antifraud strategy that describes the programs' approaches for addressing the prioritized fraud risks identified during the fraud risk assessment.

    Agency: Department of Energy
    Status: Open

    Comments: DOE concurred with this recommendation but considers the recommendation closed without corrective action because DOE has implemented the updated OMB Circular A-123 and because DOE's anti-fraud strategy is imbedded in the DOE internal control program. However, DOE officials told us that they have not developed or documented a DOE-wide antifraud strategy or directed individual programs to develop program-specific strategies. Furthermore, DOE's implementation of OMB Circular A-123 included adding a list of potential risks to their internal control assessment tool that were the same for all DOE sites and were not tailored to the sites' different programs.
    Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including designing and implementing specific control activities, including fraud awareness training and data analytics, to prevent and detect fraud and other improper payments.

    Agency: Department of Energy
    Status: Open

    Comments: DOE believes that they are either implementing or have already implemented this recommendation and considers the recommendation closed without additional action. Specifically, DOE stated that the Office of Inspector General (OIG) already provides fraud awareness training and that the OIG provided expanded fraud risk training on June 12, 2017 through a CFO-hosted webinar. However, of the 10 field offices responsible for overseeing contractor costs, none required employees responsible for overseeing contractor costs to attend fraud awareness training.
    Recommendation: To help ensure that necessary data are available to employ data analytics as a tool to perform contractor cost-surveillance activities, the Secretary of Energy should require contractors to maintain sufficiently detailed transaction-level cost data that are reconcilable with amounts charged to the government, including (1) cost data that, at a minimum, represent a full data population and (2) the details necessary to determine the nature of each cost transaction, with such identifiers as transaction date, dollar amount, item or service description, and transaction codes to indicate the type of cost represented (e.g., construction materials, property lease, and office supplies).

    Agency: Department of Energy
    Status: Open

    Comments: DOE did not agree to implement this recommendation because they believe that the recommendation establishes agency-specific requirements for DOE contractors that are more prescriptive than current federal requirements. DOE states that they plan to evaluate the merits of government-wide guidance for applying data-analytics to contract costs only if an OMB working group--established as a requirement of the Fraud Reduction and Data Analytics Act of 2015 to promote interagency coordination on fraud reduction and data analytics--requires them to do so. However, the purpose of the working group is to share fraud management best practices. It is not an implementing body and agencies do not need its permission before proceeding with fraud risk reduction efforts.
    Director: Jessica Lucas-Judy
    Phone: (202) 512-9110

    3 open recommendations
    Recommendation: The Commissioner of Internal Revenue should develop and maintain an online dashboard to display customer service standards and performance information such that it is easily accessible and improves the transparency of its taxpayer service.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In April 2017, IRS reported that it is evaluating the data that it can make available online. IRS also indicated that it will include the service standards that taxpayers should expect when interacting with IRS. IRS expects to make this information available online by February 2018.
    Recommendation: The Commissioner of Internal Revenue should review its document retrieval and scanning processes to identify potential training or guidance needs or other potential efficiencies.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In April 2017, IRS reported that it issued guidance to employees in February 2017 reminding them to follow IRS procedures that require thorough research of information contained in IRS systems before requesting a hard copy of documents from file storage or archives. However, IRS has not completed a review of its document retrieval and scanning processes to identify potential efficiencies. Without this review, IRS is missing potential opportunities to retrieve and scan the documents that employees require in a timely manner.
    Recommendation: The Commissioner of Internal Revenue should revise IRS's notices to IDT refund fraud victims to include information such as (1) whether any dependents were claimed on the fraudulent return, (2) to the extent possible, if those dependents match any of those the taxpayer claimed the same tax year, and (3) how to request a redacted copy of the fraudulent return.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In April 2017, IRS reported that it will revise its notices to victims of identity theft to include information that will advise them to protect the personally identifiable information of their dependents. The notice will also direct them to revised information and guidance on irs.gov. IRS expects to complete the revisions by July 2018.
    Director: Kay E. Brown
    Phone: (202) 512-7215

    2 open recommendations
    including 1 priority recommendation
    Recommendation: The Secretary of Agriculture should take additional steps to collect and disseminate information on promising practices that could help improve data matching processes among state SNAP agencies, including broad and timely dissemination of information on results of recent relevant pilots or demonstrations.

    Agency: Department of Agriculture
    Status: Open
    Priority recommendation

    Comments: The U.S. Department of Agriculture's (USDA) Food and Nutrition Service (FNS) agreed with this recommendation. The agency noted it is moving in this direction and would build on current efforts to address them. GAO will monitor these efforts and consider closing the recommendation when these efforts have been completed.
    Recommendation: The Secretary of Agriculture should work with the Department of Health and Human Services (as appropriate) to analyze spending and understand data needs for SNAP across federal and state contracts and in relation to other programs as FNS explores ways to potentially reduce the costs of using commercial data services.

    Agency: Department of Agriculture
    Status: Open

    Comments: The U.S. Department of Agriculture's (USDA) Food and Nutrition Service (FNS) agreed with this recommendation. The agency noted it has been moving in this general direction and would build on current efforts to address it. GAO will monitor these efforts and consider closing the recommendation when these efforts have been completed.
    Director: Seto Bagdoyan
    Phone: (202) 512-6722

    1 open recommendations
    Recommendation: To strengthen USCIS's EB-5 Program fraud risk management, the Director of USCIS should develop a fraud risk profile that aligns with leading practices identified in GAO's Fraud Risk Framework.

    Agency: Department of Homeland Security: United States Citizenship and Immigration Services
    Status: Open

    Comments: In November 2016, Department of Homeland Security's (DHS) U.S. Citizenship and Immigration Services (USCIS)stated that the program would implement GAO's recommendation to develop a fraud risk profile and anticipated completion by September 30, 2017. In April 2017, USCIS provided an update including supporting documentation which reported that USCIS had contracted with an outside consultant to, among other things, develop a fraud risk profile that aligns with leading practices identified in GAO's Fraud Risk Framework. According to its response, USCIS expected to complete development of the profile by September 30, 2017.
    Director: Thomas Melito
    Phone: (202) 512-9601

    5 open recommendations
    including 5 priority recommendations
    Recommendation: To improve the financial oversight of U.S. programs to provide humanitarian assistance to people inside Syria, the USAID Administrator should update guidance to require non-governmental organizations to conduct risk assessments addressing the risk of fraud.

    Agency: United States Agency for International Development
    Status: Open
    Priority recommendation

    Comments: USAID concurred with our recommendation; however, as of April 2017, it has yet to fully implement this recommendation. In December 2016, the Office of Food for Peace updated its annual program statement to include language requiring organizations to complete an analysis of risks related to fraud, corruption, and mismanagement, with relevant mitigation measures. However, the Office of U.S. Foreign Disaster Assistance (OFDA) has yet to officially update its guidance, although USAID has previously noted that OFDA will require all organizations seeking funding to address fraud risks and submit a detailed mitigation plan in their proposal package. We will continue to update the status of this recommendation as we receive information.
    Recommendation: To improve the financial oversight of U.S. programs to provide humanitarian assistance to people inside Syria, the USAID Administrator should use risk assessments submitted by implementing partners to inform USAID oversight activities, for example, using information from assessments to ensure that control activities for programs are designed to mitigate identified risks.

    Agency: United States Agency for International Development
    Status: Open
    Priority recommendation

    Comments: USAID concurred with our recommendation, stating that they plan to tailor their oversight activities to mitigate risks identified in the fraud risk mitigation plans that organizations will submit as part of their funding proposal packages in the future. In addition, USAID noted that it planned to hire a compliance officer by October 2016 to manage fraud mitigation and other compliance issues for OFDA and FFP's Syria and Iraq portfolios. However, as of April 2017, USAID has yet to fill this position. We will continue to track the status of this recommendation.
    Recommendation: To improve the financial oversight of U.S. programs to provide humanitarian assistance to people inside Syria, the USAID Administrator should ensure that field monitors in Syria are trained on assessing and identifying potential fraud risks.

    Agency: United States Agency for International Development
    Status: Open
    Priority recommendation

    Comments: USAID concurred with our recommendation, but has yet to implement this recommendation, as of April 2017. USAID has previously stated that it would work to provide the third-party monitoring organization with information specific to the Syria context that identifies methods to detect fraud. USAID also stated that it would work with the third-party monitoring organization to ensure that data collectors are trained on fraud risks and methods for identifying fraud. We will continue to track the status of this recommendation.
    Recommendation: To improve the financial oversight of U.S. programs to provide humanitarian assistance to people inside Syria, the USAID Administrator should instruct the third party monitoring organization monitoring Office of U.S. Foreign Disaster Assistance programs in Syria to modify the site visit forms to include specific guidance for documenting incidents of potential fraud.

    Agency: United States Agency for International Development
    Status: Open
    Priority recommendation

    Comments: USAID concurred with this recommendation, stating that it would seek to have site visit forms revised to include indications of fraud, waste, and abuse. However, as of April 2017, USAID has yet to implement the recommendation. We will continue to track the status of this recommendation.
    Recommendation: To ensure that State has a comprehensive understanding of the risks facing its implementing partners providing humanitarian assistance to people inside Syria, the Secretary of State should include in its voluntary contribution agreements with implementing partners a requirement that the partner conduct risk assessments addressing the risk of fraud.

    Agency: Department of State
    Status: Open
    Priority recommendation

    Comments: State concurred with GAO?s recommendation and has taken steps to implement it since our report. For example, in March 2017, State officials informed GAO that it began including this requirement in all of its 2017 voluntary contribution award letters to public international organizations. For one of the three public international organizations under consideration in our report, State provided GAO with an award letter including the updated language. According to Bureau of Population, Refugees, and Migration officials, the Bureau has not yet completed voluntary contributions for the other two public international organizations conducting activities inside Syria. We will continue to track relevant Bureau funding agreements to ensure that future awards to fund activities inside Syria contain similar language on fraud risk assessments.
    Director: James R. McTigue, Jr.
    Phone: (202) 512-9110

    4 open recommendations
    Recommendation: To further deter noncompliance in the Taxpayer Protection Program, the Commissioner of Internal Revenue should, in accordance with Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) e-authentication guidance, conduct an updated risk assessment to identify new or ongoing risks for TPP's online and phone authentication options, including documentation of time frames for conducting the assessment

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As of March 2017, IRS is taking steps to assess the risks of TPP authentication options, as GAO recommended in its May 2016 report. In November 2016, IRS reported that it will implement the recommendation by October 2017. According to IRS, the agency assessed the e-authentication risk for the TPP web application based on OMB and NIST guidance. Based on the results of these assessments, the agency stated that officials are working to improve the level of assurance for the web application. In the interim, IRS reported that taxpayers will authenticate their identities by phone or in-person until the TPP web application has been sufficiently updated. In March 2017, officials stated that they recently completed a risk assessment for TPP's phone and in-person authentication. Additionally, according to officials, IRS has implemented a new authentication process for TPP's phone authentication that began in February 2017. GAO requested documentation on IRS's risk assessment and authentication process. Once GAO receives and reviews documentation of these actions, it will determine the extent to which IRS has implemented the recommendation. Conducting an updated risk assessment for TPP in accordance with e-authentication and risk management standards, enabled IRS to identify appropriate opportunities to strengthen TPP authentication and prevent IDT fraudsters from passing and potentially receiving millions of dollars in refunds. In addition, strengthening TPP could improve IRS's return on investment by ensuring that efforts to flag fraudulent returns result in fewer refunds paid to IDT fraudsters.
    Recommendation: To further deter noncompliance in the Taxpayer Protection Program, the Commissioner of Internal Revenue should, in accordance with OMB and NIST e-authentication guidance, implement appropriate actions to mitigate risks identified in the assessment.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As of March 2017, IRS is taking steps to assess the risks of TPP authentication options, as GAO recommended in its May 2016 report. In November 2016, IRS reported that it will implement the recommendation by October 2017. According to IRS, the agency assessed the e-authentication risk for the TPP web application based on OMB and NIST guidance. Based on the results of these assessments, the agency stated that officials are working to improve the level of assurance for the web application. In the interim, IRS reported that taxpayers will authenticate their identities by phone or in-person until the TPP web application has been sufficiently updated. In March 2017, officials stated that they recently completed a risk assessment for TPP's phone and in-person authentication. Additionally, according to officials, IRS has implemented a new authentication process for TPP's phone authentication that began in February 2017. GAO requested documentation on IRS's risk assessment and authentication process. Once GAO receives and reviews documentation of these actions, it will determine the extent to which IRS has implemented the recommendation. Conducting an updated risk assessment for TPP in accordance with e-authentication and risk management standards, enabled IRS to identify appropriate opportunities to strengthen TPP authentication and prevent IDT fraudsters from passing and potentially receiving millions of dollars in refunds. In addition, strengthening TPP could improve IRS's return on investment by ensuring that efforts to flag fraudulent returns result in fewer refunds paid to IDT fraudsters.
    Recommendation: To improve the quality of the Taxonomy's IDT refund fraud estimates, the Commissioner of Internal Revenue should remove refund thresholds from criteria used to develop IRS's refunds-paid estimates.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In August 2016, IRS reported that the agency removed the lower limit threshold from the modeling dataset in March 2016, which will expand the population of returns considered for the 2015 Filing Season Taxonomy refund fraud estimates. Further, the agency noted that, to mitigate other thresholds, other returns receive manual reviews. GAO will analyze the 2015 Filing Season Taxonomy estimates, when available, to determine the extent to which GAO's recommendation has been implemented.
    Recommendation: To improve the quality of the Taxonomy's IDT refund fraud estimates, the Commissioner of Internal Revenue should utilize return-level data--where available--to reduce overcounting and improve the quality and accuracy of the refunds-prevented estimates.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: In August 2016, IRS reported that the agency did not agree with GAO's recommendation and noted that the agency does not think that adopting a different methodology for Taxonomy estimates is an effective use of agency resources. According to IRS, the agency established the Global Identity Theft Report (Global Report) as a standardized report that uses return-level data for most of the identity theft protected categories and summary data elsewhere. Further, IRS reported that the agency will continue to improve the Global Report, which will flow into the Taxonomy. However, as we reported in May 2016, by using the Global Report to calculate Taxonomy estimates for refunds prevent, IRS may have overestimated the refunds protected or recovered. For example, electronically filed returns that are rejected are overcounted because the same return can be rejected multiple times. Additionally, IRS already has a count of known and potential identity theft returns in its modeling dataset that the agency could use to help calculate the refunds protected estimates. GAO will analyze the 2015 Filing Season Taxonomy estimates, when available, to determine the extent to which GAO's recommendation has been implemented.
    Director: bertonid@gao.gov
    Phone: (202) 512-7215

    8 open recommendations
    including 1 priority recommendation
    Recommendation: To ensure effective and appropriate recovery of DI overpayments and administration of penalties and sanctions, the Acting Commissioner of the Social Security Administration should clarify its policy for assessing the reasonableness of expenses used in determining beneficiaries' repayment amounts to help ensure that withholding plans are consistently established across the agency and accurately reflect individuals' ability to pay.

    Agency: Social Security Administration
    Status: Open

    Comments: As a result of the Bipartisan Budget Act of 2015, SSA gained the ability to use the Access to Financial Information (AFI) system to verify information about the assets of beneficiaries. In February 2017, the agency reported it is continuing to work on clarifying its policy for assessing the reasonableness of expenses used in determining repayment amounts, including guidance on using the new AFI process. As part of this effort, SSA is also reviewing the Internal Revenue Service's (IRS) Collection Financial Standards and determining whether it can incorporate these or similar standards in its policies for determining reasonable repayment amounts. We will continue to track SSA's efforts to clarify its policies, including efforts to incorporate IRS standards.
    Recommendation: To ensure effective and appropriate recovery of DI overpayments and administration of penalties and sanctions, the Acting Commissioner of the Social Security Administration should improve oversight of DI benefit withholding agreements to ensure that they are completed appropriately. This could include requiring supervisory review of repayment plans or sampling plans as part of a quality control process, and requiring that supporting documentation for all withholding plans be retained to enable the agency to perform such oversight.

    Agency: Social Security Administration
    Status: Open

    Comments: SSA agreed with this recommendation, but does not believe that it is necessary to conduct supervisory reviews. As of February 2017, SSA reported that it is exploring system, policy, and training opportunities to better ensure staff appropriately complete benefit withholding agreements. We will continue to track SSA's efforts to improve oversight in this area.
    Recommendation: To ensure effective and appropriate recovery of DI overpayments and administration of penalties and sanctions, the Acting Commissioner of the Social Security Administration should explore the feasibility of using additional methods to independently verify financial information provided by beneficiaries to ensure that complete and reliable information is used when determining repayment amounts. These additional tools could include those already being used by the agency for other purposes.

    Agency: Social Security Administration
    Status: Open

    Comments: According to SSA, Section 834 of the Bipartisan Budget Act of 2015 gave the agency the authority to use the Access to Financial Information system as part of the agency's waiver determination process. SSA reported that, as of February 2017, it also considered using the National Directory of New Hires Query for verifying an overpaid beneficiary's financial information, but preliminarily determined that the information in this system would be of limited value since it is a quarterly report of past earnings. SSA states that it continues to explore other options to verify financial information such as The Work Number and the Interstate Benefit Inquiry. We will monitor SSA's efforts to explore additional options for verifying financial information.
    Recommendation: To ensure effective and appropriate recovery of DI overpayments and administration of penalties and sanctions, the Acting Commissioner of the Social Security Administration should adjust the minimum withholding rate to 10 percent of monthly DI benefits to allow quicker recovery of debt.

    Agency: Social Security Administration
    Status: Open
    Priority recommendation

    Comments: SSA agreed with this recommendation and as of April 2017, it estimated that this would result in an additional $213 million in collections over a 5-year period. The fiscal year 2017 President's budget submission contained a legislative proposal to make this change, but has not yet been enacted. In April 2017, the agency reported that, in the third quarter of fiscal year 2017, it intends to resubmit a regulatory change to establish the minimum withholding rate to 10 percent in the event that its legislative proposal is not included in the fiscal year 2017 budget.
    Recommendation: To ensure effective and appropriate recovery of DI overpayments and administration of penalties and sanctions, the Acting Commissioner of the Social Security Administration should consider adjusting monthly withholding amounts according to cost of living adjustments or charging interest on debts being collected by withholding benefits. Should SSA determine that it is necessary to do so, it could pursue legislative authority to use recovery tools that it is currently unable to use.

    Agency: Social Security Administration
    Status: Open

    Comments: As of February 2017, SSA continued to disagree with this recommendation. For debt subject to benefit withholding, which is not considered delinquent debt, SSA asserted that these measures would not have a significant effect on the amount of debt recovered, especially compared to the option of changing the minimum withholding rate to 10 percent of monthly benefits. For delinquent debt, SSA stated charging interest on debts would require substantial changes to multiple systems that affect its overpayment businesses processes, and would require extensive training to its employees. We continue to believe there is merit in further consideration of these measures. While SSA reported it has studied the potential changes needed to charge interest on debt, without further consideration of, for example, the costs and benefits of charging interest or adjusting withholding amounts according to cost of living adjustments, SSA cannot know the extent to which these options would improve debt recovery efforts or help protect the value of debts against the effects of inflation, which can be substantial given that withholding plans can take decades to complete.
    Recommendation: To ensure effective and appropriate recovery of DI overpayments and administration of penalties and sanctions, the Acting Commissioner of the Social Security Administration should pursue additional debt collection tools for collecting delinquent penalties. This includes taking steps to implement tools within its existing authority and exploring the use of those not within its authority, and seeking legislative authority if necessary.

    Agency: Social Security Administration
    Status: Open

    Comments: In June 2016, SSA reported that: it had drafted regulations to use existing external debt collection tools for penalties, was developing a legislative proposal to allow the use of additional debt collection tools such as Federal salary offset and credit bureau reporting, and had started planning for a multi-activity, multi-year administrative sanctions project. In February 2017, SSA reported that, as part of its administrative sanctions project, the agency revised policy guidance on factors significant to OCIG's civil monetary penalty determinations. We will track SSA's progress in applying new tools to collecting penalties.
    Recommendation: To ensure effective and appropriate recovery of DI overpayments and administration of penalties and sanctions, the Acting Commissioner of the Social Security Administration should take steps to collect complete, accurate, and timely data on, and thereby improve its ability to track civil monetary penalties and their disposition.

    Agency: Social Security Administration
    Status: Open

    Comments: As of February 2017, SSA reported that it is developing a workload tracking tool for penalties to provide accurate management information on cases. SSA expects to implement this tool by September 2017, and have the first full year of management information available in fiscal year 2018. We will close this recommendation once SSA implements and begins using this tool.
    Recommendation: To ensure effective and appropriate recovery of DI overpayments and administration of penalties and sanctions, the Acting Commissioner of the Social Security Administration should take steps to collect complete, accurate, and timely data on, and thereby improve its ability to track administrative sanctions and their disposition.

    Agency: Social Security Administration
    Status: Open

    Comments: As of February 2017, SSA reported that it has been developing a new workload tracking tool for administrative sanctions. The first phase of this tool was implemented in December 2016 and allows SSA to track administrative sanction cases throughout the development process. The second phase, expected to be implemented by September 2017, will provide SSA with management information on sanctions cases. We will continue to monitor SSA's process in developing this tool. We will close this recommendation once the tool is implemented.
    Director: Carolyn L. Yocom
    Phone: (202) 512-7114

    1 open recommendations
    Recommendation: To ensure states have appropriate and current guidance to assist them in designing and administering Medicaid NEMT, the Secretary of HHS should direct CMS to assess current Medicaid NEMT guidance and update that guidance as needed.

    Agency: Department of Health and Human Services
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Seto J. Bagdoyan
    Phone: (202) 512-6722

    1 open recommendations
    Recommendation: To further improve efforts to limit improper payments, including fraud, in the Medicaid program, the Acting Administrator of CMS should provide guidance to states on the availability of automated information through Medicare's enrollment database--the Provider Enrollment, Chain and Ownership System (PECOS)--and full access to all pertinent PECOS information, such as ownership information, to help screen Medicaid providers more efficiently and effectively.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: HHS considers this recommendation closed because they provide states with training and direct access to PECOS on an ongoing basis. Additionally, CMS also makes Medicare Enrollment data available to states through custom data extracts. We do not consider this action sufficient to close the recommendation, to provide states information on the availability of automated information through PECOS. For example, custom extracts do not constitute automated information containing all information in PECOS states need to screen providers in Medicaid. Additionally, the states the we interviewed for our study were not aware that custom extracts were available. CMS should provide guidance to state Medicaid programs that this information is available until fully automated access to PECOS is available. We reached out to CMS about the status of this recommendation. As of May 2017, we have not received a response. We will continue to monitor progress on this recommendation.
    Director: Mctigue Jr, James R
    Phone: (202) 512-7968

    2 open recommendations
    Recommendation: To improve the reliability of Taxonomy estimates for future filing seasons, the Commissioner of Internal Revenue should follow relevant best practices outlined in the GAO Cost Guide by documenting the underlying analysis justifying cost-influencing assumptions.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As of April 2017, IRS has taken steps to update its methodology for calculating and reporting its Taxonomy estimates. IRS provided GAO with updated Taxonomy estimates for 2015; GAO is reviewing these estimates to determine the extent to which IRS has implemented GAO's recommendation.
    Recommendation: To improve the reliability of Taxonomy estimates for future filing seasons, the Commissioner of Internal Revenue should follow relevant best practices outlined in the GAO Cost Guide by reporting the inherent imprecision and uncertainty of the estimates. For example, IRS could provide a range of values for its Taxonomy estimates.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As of April 2017, IRS has taken steps to update its methodology for calculating and reporting its Taxonomy estimates. IRS provided GAO with updated Taxonomy estimates for 2015; GAO is reviewing these estimates to determine the extent to which IRS has implemented GAO's recommendation.
    Director: Seto J. Bagdoyan
    Phone: (202) 512-6722

    2 open recommendations
    Recommendation: To help FEMA prevent improper payments, the Administrator of FEMA should assess the cost and feasibility of addressing limitations in FEMA's control for identifying duplicate information in applications in high-risk data fields--such as SSN, bank-account information, address, and phone number--that may currently allow individuals or households to improperly receive multiple payments, and if determined to be costbeneficial take steps to address the system design limitation.

    Agency: Department of Homeland Security: Directorate of Emergency Preparedness and Response: Federal Emergency Management Agency
    Status: Open

    Comments: In April 2017, FEMA reported that the agency had reviewed its software system's controls for identifying duplicate SSNs, bank account, address, and phone information. FEMA reported that it would be cost effective and feasible to improve its software system's controls for identifying duplicate address information, and the agency expects to deploy these system changes in the summer of 2017. FEMA also reported that, based on its review of the cases GAO referred to FEMA, errors in SSN and bank account information were related to human casework processing rather than software system limitations. Consequently, FEMA reported that it was reviewing and updating its casework training, guidance, and quality control documentation. We will continue to monitor FEMA's efforts to implement this recommendation.
    Recommendation: To help FEMA prevent improper payments, the Administrator of FEMA should collaborate with SSA to assess the cost and feasibility of checking recipient SSNs against the Enumeration Verification System and the full death file to more accurately identify recipients who used Social Security numbers (SSNs) that were ineligible or belonged to likely deceased individuals, document the results of this assessment, and if determined to be cost-beneficial take steps to implement a partnership to use SSA data.

    Agency: Department of Homeland Security: Directorate of Emergency Preparedness and Response: Federal Emergency Management Agency
    Status: Open

    Comments: In April 2017, FEMA reported that the agency completed a cost estimate for system changes needed to include a direct data exchange with SSA. FEMA further reported that the agency was continuing to explore alternative means of conducting a direct data exchange that would help FEMA verify if an SSN belongs to a deceased person. We will continue to monitor FEMA's progress in implementing this recommendation.
    Director: Kay E. Brown
    Phone: (202) 512-7215

    2 open recommendations
    Recommendation: To better ensure that WIC participants are aware of the prohibition against selling WIC formula, and to assist states' efforts to prevent and address online formula sales, the Secretary of Agriculture should direct the Administrator of FNS to require state agencies to articulate their procedures for identifying attempted sales of WIC food benefits in their WIC state plans and analyze the information to ascertain the national extent of state efforts.

    Agency: Department of Agriculture
    Status: Open

    Comments: USDA agreed with this recommendation and reported that in April 2015 the agency revised the guidance for WIC state plans to include policies on informing participants that the sale of WIC benefits is a program violation. As part of that document, state agencies were required to report/articulate their policies and procedures for identifying and monitoring online sales of WIC benefits. In October 2015, USDA contracted a study to determine 1) the national extent of WIC state agency policies and procedures intended to prevent, monitor, and take administrative action related to online sales of WIC infant formula; and 2) effective preventative, monitoring, and investigative approaches to address the online sale of WIC infant formula. USDA reported that a narrative state plan report, based on the contractor's review of 2016 and 2017 state plans, is expected to be completed by the end of FY 2017. GAO will close this recommendation once USDA has issued its report.
    Recommendation: To better ensure that WIC participants are aware of the prohibition against selling WIC formula, and to assist states' efforts to prevent and address online formula sales, the Secretary of Agriculture should direct the Administrator of FNS to collect information to help assess the national extent of attempted online sales of WIC formula benefits and determine cost-effective techniques states can use to monitor online classified advertisements.

    Agency: Department of Agriculture
    Status: Open

    Comments: USDA agreed with this recommendation and reported that it would explore options for using available resources to assess the extent of online sales of WIC formula and to identify and share best practices, cost-effective techniques, or new approaches with state agencies to use in monitoring online advertisements. In October 2015, USDA contracted a case study analysis of two state agencies in order to provide examples of prevention, monitoring, investigation, and sanctioning practices related to the online sale of WIC infant formula. As part of this study, the contractor sought to identify cost-effective techniques State agencies can use to monitor sales of WIC infant formula. USDA reported that the Case Study Analysis Report is expected to be completed by the end of FY 2017, and after it is completed, USDA will work to disseminate the study results to state agencies. GAO supports these efforts and will close this recommendation when the study is completed, providing the study identifies cost-effective techniques states can use to monitor online sales of infant formula.
    Director: Daniel Bertoni
    Phone: (202) 512-7215

    3 open recommendations
    including 1 priority recommendation
    Recommendation: To improve the ability of the agency to detect and prevent potential physician-assisted fraud, and to address potential disincentives for staff to detect and prevent physician-assisted fraud, SSA should review the standards used to assess DDS performance; and develop and distribute promising practices to incentivize staff to better balance the goal of processing claims promptly with the equally important goal of identifying and reporting evidence of potential fraud.

    Agency: Social Security Administration
    Status: Open

    Comments: SSA partially agreed with this recommendation, citing that their employees take their stewardship responsibilities seriously and that field office and disability determination services (DDS) employees are the agency's first and best line of defense against fraud. In 2016, the agency reported that it was working with experts in its OIG and Office of Anti-Fraud Programs to develop and disseminate promising practices on identifying and reporting fraud. We will close this recommendation once SSA takes steps to review its standards for assessing DDS performance and disseminates the best practices it is developing.
    Recommendation: To improve the ability of the agency to detect and prevent potential physician-assisted fraud, and to address the potential risks associated with medical evidence submitted by sanctioned physicians, SSA should evaluate the threat posed by this information and, if warranted, consider changes to its policies and procedures.

    Agency: Social Security Administration
    Status: Open

    Comments: As of 2016, SSA reported that it was pursuing several options to address the potential risks of medical evidence submitted by sanctioned physicians. This included determining how it could use licensure information from the List of Excluded Individuals and Entities. SSA stated that it believes the best opportunity to further evaluate the possible review of the license statuses of medical evidence providers is in conjunction with the implementation of the National Vendor File, part of the national Disability Case Processing System, which is under development. In addition, SSA reported it had drafted two Social Security Rulings to define fraud and to provide processes for disregarding evidence and making redeterminations in disability claims when there is reason to believe that fraudulent evidence was provided. We will close this recommendation once SSA articulates a strategy for using license status information in the vendor file and it finalizes its rulings.
    Recommendation: To improve the ability of the agency to detect and prevent potential physician-assisted fraud, and to help ensure new initiatives that use analytics to identify potential fraud schemes are successful, SSA should develop an implementation plan that identifies both short- and long-term actions, including: (1) timeframes for implementation; (2) resources and staffing needs; (3) data requirements, e.g., the collection of unique medical provider information; (4) how technology improvement will be integrated into existing technology improvements such as the Disability Case Processing System and National Vendor File; and (5) how different initiatives will interact and support each other.

    Agency: Social Security Administration
    Status: Open
    Priority recommendation

    Comments: Since fiscal year 2015, SSA has taken several steps that will help the agency to combat fraud, waste, and abuse. SSA established the Office of Anti-Fraud Programs to provide centralized oversight and accountability for the agency's initiatives, which, in consultation with the Office of the Inspector General and other SSA components, will lead the development of SSA's anti-fraud initiatives and activities. This includes efforts to mitigate fraud through data analytics that utilize SSA's existing data systems. SSA developed a strategic plan for fiscal years 2016-2018 to guide its anti-fraud efforts that includes the use of data analytics. However, this plan does not specifically address actions to combat potential physician-assisted fraud. As of April 2017, SSA stated that it continued to develop a fraud management strategy that is consistent with the leading practices identified in GAO's report. Once the strategy is complete, SSA plans to conduct a fraud risk assessment on its major lines of business, beginning with the disability program in fiscal year 2017. We will continue to monitor SSA's progress to identify and prevent fraud schemes that include physicians.
    Director: Kay E. Brown
    Phone: (202) 512-7215

    2 open recommendations
    Recommendation: The Secretary of Agriculture should direct the Administrator of FNS to establish additional guidance to help states analyze SNAP transaction data to better identify SNAP recipient households receiving replacement cards that are potentially engaging in trafficking, and assess whether the use of replacement card benefit periods may better focus this analysis on high-risk households potentially engaged in trafficking.

    Agency: Department of Agriculture
    Status: Open

    Comments: FNS officials reported that, in September 2013, they awarded a contract to provide expert business consultation and technical assistance in the area of recipient fraud prevention and detection to 7 states. The purpose of the contract was to improve how effectively recipients suspected of trafficking SNAP benefits were identified and investigated, including the use of predictive analytics involving transaction and replacement card data to uncover potential recipient trafficking. As of August 2017, FNS officials reported that they have completed studies in 10 states, helping the states build predictive analytics models that incorporate use of replacement card data to better identify SNAP recipient trafficking. FNS officials report that the models have demonstrated a significant improvement in state effectiveness. FNS officials also report that, in the fourth quarter of fiscal year 2016, the agency conducted a training program for state technical staff to teach them how to build predictive models that incorporate the use of replacement card data. In addition, FNS officials report that the agency is currently developing a SNAP Fraud Framework to provide guidance to states on improving fraud prevention and detection, including the use of excessive card replacements and other data sources, as potential indicators of fraud. FNS tentatively anticipates releasing the framework by the end of calendar year 2017. GAO will monitor these efforts and await information, including related technical assistance materials and documentation, on how these activities are used to guide states' efforts to use transaction and replacement card data to better focus on high-risk households for potential investigation.
    Recommendation: The Secretary of Agriculture should direct the Administrator of FNS to reassess the effectiveness of the current guidance and tools recommended to states for monitoring e-commerce and social media websites, and use this information to enhance the effectiveness of the current guidance and tools.

    Agency: Department of Agriculture
    Status: Open

    Comments: FNS officials reported that, in 2016, the agency conducted additional analysis to evaluate states' current use of social media in their detection of SNAP trafficking and develop a proof of concept for the use of market-leading tools to assist states in more efficient monitoring. Based on the information gained through this analysis, FNS officials reported in August 2017 that a draft of the social media guidance is currently in FNS clearance and is expected to be released by the end of the calendar year. GAO will await the issuance of this guidance.
    Director: James R. White
    Phone: (202) 512-9110

    3 open recommendations
    Recommendation: Congress should consider providing the Secretary of the Treasury with the regulatory authority to lower the threshold for electronic filing of W-2s from 250 returns annually to between 5 to 10 returns, as appropriate.

    Agency: Congress
    Status: Open

    Comments: As of March 2017, no legislative action identified. Lowering the threshold would help IRS prevent identity theft refund fraud by enhancing its ability to verify the employment information reported on tax returns before issuing refunds. Additionally, lowering the threshold would reduce the Social Security Administration's administrative costs of processing W-2 information.
    Recommendation: To provide timely, accurate, and actionable feedback to all relevant lead-generating third parties, the Commissioner of Internal Revenue should provide aggregated information on (1) the success of external party leads in identifying suspicious returns and (2) emerging trends (pursuant to section 6103 restrictions).

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As of March 2017, IRS had taken steps to address GAO's August 2014 recommendation, including developing timeliness metrics for managing leads and holding six feedback sessions with financial institutions participating in the External Leads Program, but had not provided GAO with documentation that the agency is providing meaningful feedback to external parties. In November 2015, IRS reported that it had developed a database to track leads submitted by financial institutions and the results of those leads. IRS also stated that it had held six sessions with financial institutions to provide feedback on external leads provided to IRS. These quarterly feedback sessions contained various types of information, including overall statistics for the External Leads Program, individual statistics tailored to a specific external party, and solicitations for how to improve the program. In December 2015, IRS officials stated that the agency sent a customer satisfaction survey asking financial institutions for feedback on the external leads process and was considering other ways to provide feedback to financial institutions. In August 2016, an industry group representing financial institutions reported that IRS had not begun providing meaningful feedback to financial institutions that are providing leads to IRS. In March 2017, IRS officials told us they were holding more frequent, monthly, feedback sessions with financial institutions. GAO will follow up with financial institutions to understand the extent to which IRS's feedback has been timely and is actionable. Without accurate, timely, and actionable feedback, the more than 600 external parties participating in the External Leads Program do not know if the leads they provide to IRS are useful and they may not be able to assess their success in identifying IDT refund fraud or improve their detection tools.
    Recommendation: To provide timely, accurate, and actionable feedback to all relevant lead-generating third parties, the Commissioner of Internal Revenue should develop a set of metrics to track external leads by the submitting third party.

    Agency: Department of the Treasury: Internal Revenue Service
    Status: Open

    Comments: As of March 2017, IRS had taken steps to address GAO's August 2014 recommendation, including developing timeliness metrics for managing leads and holding six feedback sessions with financial institutions participating in the External Leads Program, but had not provided GAO with documentation that the agency is providing meaningful feedback to external parties. In November 2015, IRS reported that it had developed a database to track leads submitted by financial institutions and the results of those leads. IRS also stated that it had held six sessions with financial institutions to provide feedback on external leads provided to IRS. These quarterly feedback sessions contained various types of information, including overall statistics for the External Leads Program, individual statistics tailored to a specific external party, and solicitations for how to improve the program. In December 2015, IRS officials stated that the agency sent a customer satisfaction survey asking financial institutions for feedback on the external leads process and was considering other ways to provide feedback to financial institutions. In August 2016, an industry group representing financial institutions reported that IRS had not begun providing meaningful feedback to financial institutions that are providing leads to IRS. In March 2017, IRS officials told us they were holding more frequent, monthly, feedback sessions with financial institutions. GAO will follow up with financial institutions to understand the extent to which IRS's feedback has been timely and is actionable. Without accurate, timely, and actionable feedback, the more than 600 external parties participating in the External Leads Program do not know if the leads they provide to IRS are useful and they may not be able to assess their success in identifying IDT refund fraud or improve their detection tools.
    Director: Bagdoyan, Seto J
    Phone: (202) 512-4749

    1 open recommendations
    Recommendation: Congress should consider granting Labor the additional authority it is seeking to access wage data to help verify claimants' reported income and help ensure the proper payment of benefits.

    Agency: Congress
    Status: Open

    Comments: No legislation introduced as of February 2017. The Workers' Compensation Reform Act of 2015 (S. 2051, title V) was introduced in the 114th Congress. It would have allowed DOL to access wage data, as GAO suggested in April 2013, from the National Directory of New Hires to improve the integrity of the Federal Employees' Compensation Act program, among other actions. If introduced in the 115th Congress and enacted, this legislation could help to prevent and detect improper payments in the Federal Employees' Compensation Act program.
    Director: Caldwell, Stephen L
    Phone: (202) 512-9610

    1 open recommendations
    Recommendation: To facilitate better agency understanding of the potential need and feasibility of expanding electronic verification of seafarers, to improve data collection and sharing, and to comply with the Inflation Adjustment Act, the Secretary of Homeland Security should direct the Commandant of the Coast Guard and Commissioner of CBP to jointly establish an interagency process for sharing and reconciling records of absconder and deserter incidents occurring at U.S. seaports.

    Agency: Department of Homeland Security
    Status: Open

    Comments: The Department of Homeland Security (DHS) concurred and stated that U.S. Customs and Border Protection (CBP) and the Coast Guard would begin to assess the appropriate offices within each component involved in the review and to establish a working group to evaluate the current reporting process within each component, and between CBP and Coast Guard. Further, DHS noted that it was working to co-locate the Coast Guard's ICC Coastwatch and CBP's National Targeting Center-Passenger and that this would help to eliminate many of the absconder-and deserter- reporting inconsistencies GAO identified between Coast Guard and CBP. In January 2013, CBP and Coast Guard officials reported that they had studied the CBP and Coast Guard data and found that multiple factors had likely contributed to the data variances, including differences in definitions for absconders/deserters among CBP and Coast Guard field units, and the method in which field units had recorded and reported absconder and deserter incidents. Officials reported that the two agencies were planning to develop an interagency memorandum of agreement (MOA) with field guidance for reporting absconder and deserter incidents. Officials reported that they expected to finalize and implement the MOA and field guidance by November 30, 2013. In July 2014, CBP described a new process in place for interagency data reconciliation, reporting that this action was taken in lieu of previously discussed plans to develop an interagency MOU. In December 2015, CBP reported that it expected to complete the effort by March 2016. In March 2016, CBP report that it expected to complete the effort by September 2016. CBP officials reported that the Coast Guard and CBP determined that the absconder data variances were caused by the agencies using different reporting criteria. Officials reported that the two agencies were preparing a memo and guidance to issue to field units by August 31, 2016. Officials reported that the recommendation would be fully implemented by September 30, 2016. In September 2016, CBP reported that it expected to implement the effort by December 31, 2016. In December 2016, CBP reported that the agency had drafted a memo to coincide with new Coast Guard procedure for conducting asymmetric migration vetting and deconfliction. CBP was also working to require all ports of entry to report all maritime asymmetric migration events directly to Coastwatch or a Targeting Framework event. However, on October 18, 2016, the DHS Deputy Secretary issued Department Policy Regarding Investigative Data and Event Deconfliction Policy Directive 045-04 that sets forth DHS policy for investigative data and event deconfliction and the use of related deconfliction systems in the course of certain law enforcement activity. As a result of the newly published Directive, DHS requires that CBP develop and implement related policy, by January 17, 2017. The policy directive requires DHS components to develop a policy applicable to components having equities in Investigative Data and Event Deconfliction. The policy will focus on more effective coordination of investigative activity to ensure officer safety by identifying links between ongoing criminal investigations. The Policy also requires that CBP components, at a minimum, conduct deconfliction thru the Deconfliction and Information Coordination Endeavor, Regional Information Sharing Systems Officer Safety Event Deconfliction System, Secure Automated Fast Event Tracking Network or Case Explorer systems. CBP and Coast Guard are now looking at a directive which makes it a port responsibility to deconflict case related information. The timeline for drafting and finalizing that directive is January 2017. Because of this change in direction, CBP and Coast Guard are requesting an extension to March 31, 2017 to finalize and disseminate the new policy.
    Director: Aronovitz, Leslie G
    Phone: (312)220-7767

    1 open recommendations
    Recommendation: The Administrator of CMS should require the PSCs to develop thresholds for unexplained increases in billing--and use them to develop automated prepayment controls as one component of their manual medical review strategies.

    Agency: Department of Health and Human Services: Centers for Medicare and Medicaid Services
    Status: Open

    Comments: Despite progress in identifying potentially improper groups of claims by provider, CMS has not developed thresholds for unexplained increases in billing by providers and used them to develop automated prepayment controls, as GAO recommended in January 2007. CMS took action in July 2011 to improve Medicare payment accuracy by introducing predictive analytics to help identify patterns of potentially improper claims and has some other prepayment controls in place. Specifically, the Small Business Jobs Act of 2010 requires CMS to use predictive modeling and other analytic techniques?known as predictive analytic technologies?to identify improper claims and prevent improper payments under the Medicare fee-for-service program. CMS is streaming every Medicare fee-for-service claim through a predictive modeling technology system, known as the Fraud Prevention System (FPS), prior to payment. The FPS uses a series of algorithms to identify potentially fraudulent claims. As each claim streams through the FPS, the system builds profiles of providers, networks, and billing patterns. Using these profiles, CMS estimates a claim's likelihood of being fraudulent and prioritizes providers with the most suspicious groups of claims for further investigation. CMS also has other prepayment controls in place, for example, to identify duplicate billing. As of December 2015, CMS did have algorithms in FPS to flag providers with unexpected increases in billings for investigation. CMS also instituted prepayment controls that can deny a claim before payment, however these controls are related to Medicare coverage requirements and do not address the issue of large increases in provider billing. Prepayment controls can suspend claims processing or deny claims before claims are paid, which would provide a greater assurance that Medicare funds are not going to potentially fraudulent providers. As of August 2016, HHS officials reported that they have not implemented this recommendation. GAO considers it to be open. We will update the status of this recommendation when we receive additional information.
    Director: Goldstein, Mark L
    Phone: (202)512-3000

    1 open recommendations
    Recommendation: Given the critical importance of telecommunications technologies to schools and libraries, the Chairman of the Federal Communications Commission should direct FCC staff to establish performance goals and measures for the E-rate program that are consistent with the Government Performance and Results Act. FCC should use the resulting performance data to develop analyses of the actual impact of E-rate funding and to determine areas for improved program operations.

    Agency: Federal Communications Commission
    Status: Open

    Comments: In an August 2007 order, FCC adopted two performance measures for the E-rate program, one for Internet connectivity and the other for application processing. The order did not include specific E-rate program goals, although FCC said in this order that it anticipated adopting performance goals as it and USAC gained experience with the performance measures. While FCC's efforts to develop performance measures have the potential to eventually produce better information than is currently available on E-rate program performance, these measures fall short when compared to the key characteristics of successful performance measures and FCC still has not established program goals. FCC says it is still working on developing goals and performance measures for the Universal Service programs.