This is the accessible text file for GAO report number GAO-07-418T entitled 'Hurricanes Katrina and Rita Disaster Relief: Prevention Is the Key to Minimizing Fraud, Waste, and Abuse in Recovery Efforts' which was released on January 29, 2007. This text file was formatted by the U.S. Government Accountability Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. Testimony: Before the Committee on Homeland Security and Governmental Affairs, U.S. Senate: United States Government Accountability Office: GAO: For Release on Delivery Expected at 10:00 a.m. EST: Monday, January 29, 2007: Hurricanes Katrina And Rita Disaster Relief: Prevention Is the Key to Minimizing Fraud, Waste, and Abuse in Recovery Efforts: Statement of Gregory Kutz, Managing Director: Forensic Audits and Special Investigations: GAO-07-418T: GAO Highlights: Highlights of GAO-07-418T, a testimony before the Committee on Homeland Security and Governmental Affairs, U.S. Senate Why GAO Did This Study: Hurricanes Katrina and Rita destroyed homes and displaced millions of individuals. While federal and state governments continue to respond to this disaster, GAO has identified significant control weaknesses—specifically in the Federal Emergency Management Agency (FEMA)‘s Individuals and Households Program (IHP) and in Department of Homeland Security (DHS)’s purchase card program—resulting in significant fraud, waste, and abuse. In response to the numerous recommendations GAO made, DHS and FEMA have reported on numerous actions taken to address our recommendations. Lessons learned from GAO’s prior work can serve as a framework for an effective fraud prevention system for federal and state governments as they consider spending billions more on disaster recovery. These lessons are particularly important because funding that is lost to fraud, waste, and abuse reduces the amount of money that could be delivered to victims in need. Today’s testimony will (1) describe key findings from past GAO work and (2) use the results from that work and GAO’s other experiences to discuss the importance of an effective fraud, waste and abuse prevention program. What GAO Found: Prior GAO audit and investigative work on FEMA’s controls over IHP payments and DHS’s controls over purchase cards emphasizes one fundamental concept—that fraud prevention is the most effective and efficient means of minimizing fraud, waste, and abuse. GAO estimates that FEMA made about 16 percent or almost $1 billion dollars in improper and potentially fraudulent IHP payments to registrants who applied using invalid information, illustrating what can happen when fraud prevention controls are ineffective. For example, GAO found that FEMA made payments based on bogus damaged addresses, false identities, and identities belonging to federal and state prisoners. These findings highlight the need for effective controls over all types of recovery disbursements. With effective planning, relief agencies should not have to make a choice between speedy delivery of disaster recovery assistance and effective fraud prevention. Finally, GAO’s findings of significant control weaknesses in DHS’s purchase card program leading to fraud, waste, and abuse further underline the need for an effective framework for fraud prevention, monitoring, and detection as shown below. Figure: Program Designed to Minimize Fraud, Waste, and Abuse: [See PDF for Image] Source: GAO. [End of Figure] Our work on disaster assistance programs in particular show that preventive controls should be designed to include, at a minimum, a requirement that data used in decision making is validated against other government or third-party sources to determine accuracy. Inspections and physical validation should also be conducted whenever possible to confirm information prior to payment. System edit checks should also be used to identify problems before payments are made. Finally, providing training on fraud awareness is important in stopping fraud before it gets into any type of recovery program. Fraud detection and monitoring is also critical, although more costly and less effective than preventive controls. Key elements of detection include data mining for fraudulent information and performing reviews to establish the accountability of property and funds. The final element of a fraud prevention program is the collection of identified improper payments and the aggressive investigation and prosecution of individuals who commit fraud as a preventive measure for future disasters. These elements are most costly, and collecting money after it has been disbursed is far less effective than up front prevention—FEMA has collected only $7 million of the estimated $1 billion in potential improper and fraudulent IHP payments. [Hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-418T]. To view the full product, including the scope and methodology, click on the link above. For more information, contact Gregory Kutz at (202) 512- 7455 or kutzg@gao.gov. [End of Section] Chairman and Members of the Committee: Thank you for the opportunity to discuss the fraud prevention lessons learned as a result of the fraud, waste, and abuse that occurred as part of the overall hurricanes Katrina and Rita recovery efforts. Making landfall in August 2005, Hurricane Katrina was the costliest hurricane, and one of the deadliest, in U.S. history. In May 2006, this committee reported that Hurricane Katrina was responsible for over $150 billion in damages and over 1,500 deaths, with thousands more reported missing. Hurricane Katrina devastated much of the Gulf Coast; the storm surge caused major or catastrophic damage along the coastlines of Alabama, Louisiana, and Mississippi. About 80 percent of New Orleans was flooded when levees protecting the city broke, and ultimately Hurricane Katrina affected 90,000 square miles. Hurricane Rita caused further devastation, making landfall on the Gulf Coast in September 2005, causing an estimated $9.4 billion in damages and killing seven people. These two hurricanes posed numerous, unprecedented challenges for the federal government and state and local governments in the Gulf Coast region. For example, the Federal Emergency Management Agency (FEMA) received far more applications for housing and "other needs" assistance, and awarded more grant money in 2005-2006 for Hurricanes Katrina and Rita than for all of the hurricanes that resulted in a disaster declaration in 2004 (Ivan, Charley, Frances, and Jeanne) and 2003 (Isabel and Claudette) combined.[Footnote 1] The recovery effort in the Gulf Coast region in response to the two hurricanes is unprecedented and will, over time, require an even more substantial amount of funding. Testimonies we delivered on February 13, June 14, and December 6, 2006,[Footnote 2] identified significant fraud, waste, and abuse in just one of the programs FEMA uses to provide disaster recovery assistance--the Individuals and Households Program (IHP). As of October 2006, FEMA reported to Congress that it had delivered approximately $7 billion in IHP aid for hurricanes Katrina and Rita. Areas we have highlighted related to FEMA's IHP program included our estimate of $600 million to $1.4 billion of payments FEMA disbursed based on invalid registrations made through February of 2006. These improper and potentially fraudulent payments arose from breakdowns in preventive controls that failed to identify bogus registrations made using information such as invalid Social Security numbers and bogus damaged addresses. Numerous other areas of internal control weaknesses resulted in additional fraud, waste, and abuse. For example, we have identified duplicate claims for hurricanes Katrina and Rita, payments to nonqualified aliens, improper use of the government purchase cards, and missing or stolen government computers, printers, and other items. Our testimony before this committee on July 19, 2006,[Footnote 3] identified additional examples of fraud, waste and abuse related to the use of Department of Homeland Security (DHS) purchase cards for response and recovery efforts. Based on these findings, we have made recommendations to FEMA and DHS to develop effective systems and controls to minimize fraud, waste, and abuse. In response to our recommendations FEMA and DHS have identified numerous actions they have taken to address our recommendations, and improve internal controls. Crucial internal controls and control weaknesses we identified during our work on the IHP program, and requirements in the Comptroller General's Standards for Internal Control in the Federal Government,[Footnote 4] are directly relatable to controls over disaster recovery assistance efforts. Lessons learned from our findings of fraud, waste, and abuse related to Katrina and Rita can serve as a lesson for federal and state governments as they consider spending substantial sums--estimated to be billions of additional dollars--on Katrina and Rita recovery efforts and for future disaster recovery spending beyond Katrina and Rita. Identifying and adopting these lessons are crucial because disaster assistance and recovery funds that is lost to fraud, waste, and abuse reduce the amount of money that could be delivered to alleviate the pain, suffering, and needs of legitimate victims of disasters. Further, fiscal challenges facing federal and state governments only increase the need for pressure on agencies to best ensure that available disaster relief funding is spent as efficiently and effectively as possible. My testimony today will (1) summarize the key findings of fraud, waste, and abuse from our past work related to hurricanes Katrina and Rita recovery efforts and (2) use the results from that work and GAO's other experiences to discuss the importance of an effective fraud, waste, and abuse prevention program. To address our objectives, we reviewed prior findings from GAO audits of hurricane Katrina and Rita relief efforts. We also reviewed applicable guidance on internal control standards from the Comptroller General's Standards for Internal Controls in the Federal Government.[Footnote 5] We conducted our audit work in accordance with generally accepted government auditing standards and conducted investigative work in accordance with standards prescribed by the President's Council on Integrity and Efficiency. Summary: Findings from our prior work on FEMA's IHP payments and DHS's purchase card program show that fraud, waste, and abuse related to hurricanes Katrina and Rita disaster assistance are significant. Due to the need to provide assistance quickly and expedite purchases, programs without effective fraud prevention controls can end up losing millions or potentially billions of dollars to fraud, waste, and abuse. For example, for the FEMA IHP program alone, we estimate that through February 2006, FEMA made about 16 percent, or $1 billion, in improper and potentially fraudulent payments to registrants who used invalid information to apply for disaster assistance. Subsequent findings showed additional improper and potentially fraudulent payments for IHP and acquisitions made using DHS purchase cards. The following are some examples from our work related to the hurricane Katrina and Rita recovery efforts that are symptomatic of an ineffective fraud, waste, and abuse prevention program. * Millions of dollars paid to individuals who used bogus damaged property addresses, invalid Social Security numbers, or duplicate registrations. * Millions of dollars in payments to thousands of registrants who used Social Security numbers that had never been issued or belonged to deceased individuals. * Millions of dollars paid on over 1,000 registrations containing the names and Social Security numbers of individuals incarcerated in federal or state prisons during the hurricanes. * FEMA provided thousands of registrants rental assistance money while at the same time providing rent-free housing in hotels, apartments, and FEMA trailers. * FEMA provided about $20 million dollars in potentially duplicate payments to individuals who registered and received assistance twice, for both hurricanes Katrina and Rita, using the same Social Security number and damaged address. * Several million dollars worth of IHP payments were made to ineligible nonqualified aliens. * Several payments made of fictitious registrations that GAO submitted using bogus identities and addresses. * A year after DHS used the purchase cards to pay for items intended to assist in providing disaster relief, 34 percent of these items could not be located and are presumed lost or stolen. These examples highlight lessons learned with respect to the importance of federal and state governments establishing effective prevention programs in order to minimize such fraud, waste, and abuse. An effective program would include fraud prevention controls, fraud detection, monitoring adherence to controls throughout the entire program life, collection of improper payments, and aggressive prosecution of individuals committing fraud. These controls are crucial whether dealing with programs to provide housing and other needs assistance, or other recovery efforts. With effective planning, relief agencies should not have to make a choice between speedy delivery of disaster recovery assistance and effective fraud prevention. The results of audit work on FEMA's IHP payments and DHS purchase card controls serve to emphasize the fundamental concept that fraud prevention is the most effective and efficient means to minimize fraud, waste, and abuse. Preventive controls should be designed to include, at a minimum, a requirement that application data be validated against other government or third-party sources to determine whether registrants provided accurate information on their identity and place of residence. Further, such preventive controls should include physical verification, edit checks to identify problem registrants and claims (e.g., duplicates) before payments are made, and training on fraud awareness and potential fraud schemes for all key government and contractor personnel. Although more costly and less effective than preventive controls, fraud detection and monitoring is also a necessary element of an effective overall fraud prevention program. Key elements of an effective detection process include data-mining for fraudulent and suspicious registrants and reviews to establish the accountability of property and funds. Our investigations into lost or stolen items bought for relief efforts show the importance of establishing and maintaining accountability over assets easily converted to personal use, such as laptop computers. Another element of an effective fraud prevention program is the collection of identified improper payments and the aggressive investigation and prosecution of individuals who committed fraud against the federal government. While our evidence shows that collection actions after money has gone out the door are far less effective than up front preventive controls, the deterrent value of prosecuting those who commit fraud sends the message that the government will not tolerate individuals stealing assistance money and serves as a preventive measure for future disasters. In addition, lessons learned from investigations and prosecutions should be used to improve up front fraud prevention controls as well. Prior Findings of Fraud, Waste, and Abuse: Audit work we performed on FEMA's IHP payments and DHS's purchase card program identified widespread fraud, waste, and abuse. Findings from these audits and our related investigations show the result of ineffective preventive controls. As shown by our IHP work, ineffective preventive controls can result in hundreds of millions or potentially billions of dollars in improper and fraudulent payments. In addition, our work on DHS purchase cards showed that control weaknesses in government purchasing programs can also result in fraud, waste, and abuse. Between February and December 2006, we testified on three different occasions that potentially improper and fraudulent activities related to the IHP program are significant. Our February 2006 testimony[Footnote 6] focused on control weaknesses that resulted in FEMA making thousands of Expedited Assistance[Footnote 7] (EA) payments that were based on bogus registration data. Specifically, we found that FEMA made millions of dollars in payments on registrations containing Social Security numbers that had never been issued or belonged to deceased individuals. In addition, we also found that numerous registrations we selected for investigation contained bogus damaged address. We also successfully submitted fictitious registrations and received payments using bogus identities and addresses. Our second testimony in June 2006[Footnote 8] discussed breakdowns in internal controls, in particular the lack of controls designed to prevent bogus registrations. These breakdowns resulted in an estimated 16 percent or $1 billion in payments made through February 2006 based on invalid registrations. The statistical sample testing used to reach this estimate found payments made on registrations that contained invalid identities, bogus addresses, addresses which the registrant did not live in at the time of the disaster, and duplicate registrations. Our data mining also found that FEMA paid millions of dollars on over 1,000 registrations containing the names and Social Security numbers of individuals incarcerated in federal or state prisons during the hurricanes, and paid millions of dollars in IHP payments to individuals who claimed a Post Office box as their damaged physical address in order to receive assistance. In our December 2006 testimony[Footnote 9] we found additional instances of IHP fraud, waste, and abuse, including duplicate housing assistance provided to thousands of individuals living in FEMA-provided housing. Specifically FEMA paid registrants rental assistance money while at the same time providing rent-free housing in apartments and FEMA trailers. We also found that FEMA provided about $20 million dollars in potentially duplicate payments to individuals who registered and received assistance twice using the same Social Security number and damaged address. These individuals registered once for Hurricane Katrina and then again for Hurricane Rita using the same Social Security number and damaged address. FEMA also paid several million more dollars worth of IHP payments to registrants who were ineligible nonqualified aliens. Based on data we received from several universities in the area, we identified that FEMA made IHP payments to more than 500 ineligible foreign students, despite receiving, in some cases, evidence clearly showing that they were not eligible for IHP benefits. The December 2006 testimony also pointed to the small amount of money that FEMA had been able to collect from improper payments as of November 2006. Specifically, in contrast to the $1 billion in potentially improper and/or fraudulent payments we estimated through February 2006, FEMA had detected, as of November 2006, about $290 million in improper payments, and had collected only $7 million. Our work on DHS purchase card controls found weak accountability over FEMA computers, printers, Global Positioning System (GPS) units, and other items bought for hurricane relief efforts using government purchase cards. Thirty-four percent of items obtained with purchase cards that we investigated could not be located and are thus presumed lost or stolen. As of October 2006, more than 40 computers, 10 printers, 20 GPS units, and 2 flat-bottom boats are missing. In addition, 18 other flat-bottom boats purchased by FEMA were in its possession, but FEMA did not own title to any of them. Based on these findings, and the findings on the IHP program, we have made recommendations to FEMA to develop effective systems and controls to minimize the opportunity for fraud, waste, and abuse in the future. FEMA has generally concurred with most of our recommendations and has reported on actions to improve prevention of fraud, waste, and abuse for the future. Framework for Fraud Prevention, Detection, and Prosecution: The results of our work serve to emphasize the overall lesson learned that fraud prevention is the most effective and efficient means to minimize fraud, waste, and abuse. It also demonstrates that the establishment of effective fraud prevention controls over the registration and payment process, fraud detection and monitoring adherence to those controls, and the aggressive pursuit and prosecution of individuals committing fraud are crucial elements of an effective fraud prevention program over any assistance programs with defined eligibility criteria, including disaster assistance programs. The very nature of the government's need to quickly provide assistance to individuals adversely affected by disasters makes assistance payments more vulnerable to applicants attempting to obtain benefits that they are not entitled to receive. However, it is because of these known vulnerabilities that federal and state governments need to have effective controls in place to minimize the opportunities for individuals to defraud the government. Figure 1 provides an overview of how preventive controls help to screen out the majority of fraud, waste, and abuse, and how detection controls and prosecution can help to further minimize the extent to which a program is vulnerable to fraud. Figure 1: Program Designed to Minimize Fraud, Waste, and Abuse: [See PDF for image] Source: GAO. [End of figure] The Importance of Fraud, Waste, and Abuse Prevention to Katrina and Rita Recovery Efforts: Preventive controls are a key element on an effective fraud prevention program and are also described in the Standards for Internal Control in the Federal Government.[Footnote 10] The most crucial element of effective fraud prevention controls is a focus on substantially diminishing the opportunity for fraudulent access into the system through front-end controls. Preventive controls should be designed to include, at a minimum, a requirement for data validation, system edit controls, and fraud awareness training. Finally, prior to implementing any new preventive controls, and well in advance of any disaster, agencies must adequately field test the new controls to ensure that controls are operating as intended and that legitimate victims are not denied benefits. Fraud prevention can be achieved by requiring that registrants provide information in a uniform format, and validating these data against other government or third-party sources to determine whether registrants provided accurate information on their identity and place of residence. Effective fraud prevention controls require that agencies enter into data-sharing arrangements with organizations to perform validation. In the current environment, agencies have at their disposal a large number of data sources that they can use to validate the identity and address of registrants. However, our work related to FEMA's management of the IHP program for hurricanes Katrina and Rita found that its limited--or sometimes nonexistent--use of a third-party validation process left disaster assistance programs vulnerable to substantial fraud. For example, FEMA's failure to implement preventive controls to validate the identity of individuals who applied using the telephone resulted in FEMA making millions of dollars in payments to individuals who used Social Security numbers that had never been issued or belonged to deceased individuals. Another method of data validation is through physical inspection of the disaster damage prior to payment. While physical inspections in a timely manner may not be possible to prevent all fraudulent and improper payments, our work found that FEMA continued to make payments without a valid physical inspection of our undercover registration's bogus addresses, months after the hurricanes had occurred. System edit checks designed to identify problem registrants and claims (e.g., duplicates) before payments are made are also a crucial lesson learned with respect to ensuring that obviously false or duplicate information is not used to receive disaster relief payments. System edit checks are most effective if performed before distribution of a payment. Edit checks should include ensuring that (1) the same Social Security number was not used on multiple registrations and (2) the registrant provides a verifiable physical address on which the disaster damage is based. In the case of FEMA's IHP program, ineffective edit checks resulted in millions paid to registrants who claimed the same damages twice, once for Hurricane Katrina and once for Hurricane Rita, and registrants who submitted multiple registrations using the same name, Social Security number, or address. Ineffective edit checks also resulted in payments being made based on obviously false data, including payments of millions of dollars to individuals who used a Post Office box as their damaged physical address in order to receive assistance. Beyond validation and edits, lessons learned show that other controls, including a well-trained work force that is aware of the potential for fraud, can help prevent fraud. Fraud awareness training with frontline personnel--specifically on the potential for fraud within the program and the likely types of fraud they could encounter--is crucial to stopping fraud before it gains access into the program. In addition, when implementing any new controls, it is important to field test all systems prior to putting them in place. On top of reducing the risk of untested controls allowing substantial fraud, field testing also helps to ensure that new controls do not improperly deny benefits to valid registrants. A safety net for those registrants who are wrongly denied disaster relief due to preventive controls should always be in place to ensure they receive assistance. Detection and Monitoring Help Assure that Funds Are Used for Disaster Recovery: Even with effective preventive controls, there is substantial residual risk that fraudulent and improper disaster relief payments can occur. Our work has shown that agencies must continue their efforts to monitor fraud and improper payment vulnerabilities in the execution of disaster relief programs, even if these efforts are more costly and less effective than preventive controls. Detection and monitoring efforts are addressed in the Standards for Internal Control in the Federal Government and include data-mining for fraudulent and suspicious transactions and reviews to establish the accountability of funds. Also, control weaknesses identified through detection and monitoring should be used to make improvements to preventive controls to reduce the risk for fraud, waste, and abuse in the future. The data-mining we performed to search for anomalies in registrant data and purchase card transactions show how important constant monitoring and detection can be. Through data-mining, we found rental assistance payments to individuals who were residing in FEMA-provided hotel rooms, trailers, and apartments and payments to ineligible, nonqualified aliens. We found examples of multiple registrations citing the same address or bank accounts, and numerous residents in a damaged apartment building all relocating to the same location, which may also suggest fraud. By comparing applicant data in FEMA's own databases, we identified duplicate applications submitted for both Katrina and Rita, but intended to cover the same damage to the same residence. By comparing recipient data against federal and state prisoners' databases, we identified instances where prisoners had fraudulently registered for and received disaster relief payments while incarcerated. Our examples illustrate that data-mining efforts should be done in a manner that uses creative solutions to search for potential fraud using all available data sources. To the extent that data-mining identifies systematic fraud, intelligence should be fed back into the fraud prevention process so that for future disasters the fraud is detected and prevented before money is disbursed. Depending on the type of assistance provided and the means in which the assistance was distributed, it can be important for an agency to monitor the use of disaster relief funds. Our review of FEMA's IHP program found that while the vast majority of debit card transactions that were not withdrawn as cash appeared to have been used for disaster- related needs, we did find a number of purchases for nondisaster items such as football tickets, alcohol, massage parlor services, and adult videos. In addition, our review of items bought with DHS purchase cards found that many items bought for use in disaster relief were lost or stolen. By monitoring these types of uses, agencies may be able to ensure that disaster funds are used to help mitigate losses and not used for inappropriate items or services. Collection Efforts, Investigations, and Prosecutions Are Far Less Effective than Up Front Fraud Prevention: Another element of a fraud prevention program is the collection of improper payments and the aggressive investigation and prosecution of individuals who committed fraud against the government. These back-end controls are often the most costly and less effective means of reducing losses to fraud, waste, and abuse. However, the deterrent value of prosecuting those who commit fraud sends the message that the government will not tolerate individuals stealing assistance money, and thus serving as a preventive measure for future disasters. Our experience is that investigations and prosecutions are a necessary part of an overall fraud prevention and deterrence program, but should be a last resort when all other controls have failed. For hurricanes Katrina and Rita, the Justice Department has set up the Katrina Fraud Task Force, which has successfully investigated and prosecuted numerous individuals who received assistance fraudulently from FEMA. In December 2006, we testified to the difficulty of collecting on improper payments after they have been disbursed. Specifically, in contrast to the $1 billion we estimated to be improper and potentially fraudulent payments--an estimate derived from statistical sampling-- FEMA determined that it had overpaid nearly 60,000 registrants about $290 million as of November 2006. These overpayments, which FEMA refers to as recoupments, represent the improper payments that FEMA reported it had detected and for which it had issued collection letters. Although FEMA had identified about $290 million in overpayments, as of late 2006, FEMA stated that it had only collected nearly $7 million. The small amount of money that FEMA had collected on overpayments related to hurricanes Katrina and Rita further emphasizes the need for preventing fraud, waste, and abuse prior to payments going out the door. Lessons learned from our prior work show that, while investigations and prosecutions can be the most visible means to deal with individuals intent on perpetrating fraud schemes, they are also the most costly and should not be used in place of other more effective preventive controls. Still, by successfully prosecuting such individuals, agencies can deter others who are thinking of taking advantage of the inherent vulnerabilities in disaster relief programs. We have already referred thousands of cases we have identified as potentially improper and fraudulent to the Katrina Fraud Task force for further investigation and expect to refer others for additional investigation and possible prosecution. Conclusions: Our Katrina and Rita work to date has shown that there are at least tens of thousands of individuals that took advantage of the opportunity to commit fraud against the federal government. Our work shows that for one FEMA individual assistance program alone it is likely that over $1 billion has been lost to fraudulent and improper payments. With potentially billions of dollars of additional spending likely for Katrina and Rita recovery, state and federal agencies should implement lessons learned with respect to the importance of effective fraud, waste, and abuse prevention programs. With effective planning, relief agencies should not have to make a choice between speedy delivery of assistance and effective fraud prevention. Going forward, FEMA and other agencies involved in disaster recovery efforts must work hard to develop and institute effective controls that will ensure victims are provided assistance as quickly as possible while also minimizing fraud, waste, and abuse. Chairman and Members of the Committee, this concludes my statement. I would be pleased to answer any questions that you or other Members of the Committee have at this time. Contacts: For further information about this testimony, please contact Gregory Kutz at (202) 512-7455 or kutzg@gao.gov. Contact points for our Offices of Congressional Relations and Public Affairs may be found on the last page of this testimony. FOOTNOTES [1] GAO, Hurricanes Katrina and Rita: Unprecedented Challenges Exposed the Individuals and Households Program to Fraud and Abuse; Actions Needed to Reduce Such Problems in Future, GAO-06-1013 (Washington, D.C.: Sept. 27, 2006). [2] GAO, Expedited Assistance for Victims of Hurricanes Katrina and Rita: FEMA's Control Weaknesses Exposed the Government to Significant Fraud and Abuse, GAO-06-403T (Washington, D.C.: Feb. 13, 2006); GAO, Hurricanes Katrina and Rita Disaster Relief: Improper and Potentially Fraudulent Individual Assistance Payments Estimated to Be Between $600 Million and $1.4 Billion, GAO-06-844T (Washington, D.C.: June 14, 2006); GAO, Hurricanes Katrina and Rita Disaster Relief: Continued Findings of Fraud, Waste, and Abuse, GAO-07-252T (Washington, D.C.: Dec. 6, 2006). [3] GAO, Purchase Cards: Control Weaknesses Leave DHS Highly Vulnerable to Fraudulent, Improper, and Abusive Activity, GAO-06-957T (Washington, D.C.: July 19, 2006). This work was performed jointly with the DHS Office of Inspector General. [4] The Federal Managers' Financial Integrity Act of 1982 (FMFIA) required that GAO issue standards for internal control in government resulting in the issuance of Internal Control: Standards for Internal Control in the Federal Government, GAO/AIMD-98-21.3.1 (Washington, D.C.: Nov. 1999). [5] GAO/AIMD-98-21.3.1. [6] GAO-06-403T. [7] Because of the tremendous devastation caused by hurricanes Katrina and Rita, FEMA activated expedited assistance to provide fast track money--in the form of $2,000 in expedited assistance payments--to eligible disaster victims to help with immediate, emergency needs for food, shelter, clothing, and personal necessities. [8] GAO-06-844T. [9] GAO-07-252T. [10] GAO/AIMD-98-21.3.1. GAO's Mission: The Government Accountability Office, the audit, evaluation and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony: The fastest and easiest way to obtain copies of GAO documents at no cost is through GAO's Web site (www.gao.gov). Each weekday, GAO posts newly released reports, testimony, and correspondence on its Web site. To have GAO e-mail you a list of newly posted products every afternoon, go to www.gao.gov and select "Subscribe to Updates." Order by Mail or Phone: The first copy of each printed report is free. Additional copies are $2 each. A check or money order should be made out to the Superintendent of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a single address are discounted 25 percent. Orders should be sent to: U.S. Government Accountability Office 441 G Street NW, Room LM Washington, D.C. 20548: To order by Phone: Voice: (202) 512-6000 TDD: (202) 512-2537 Fax: (202) 512-6061: To Report Fraud, Waste, and Abuse in Federal Programs: Contact: Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail: fraudnet@gao.gov Automated answering system: (800) 424-5454 or (202) 512-7470: Congressional Relations: Gloria Jarmon, Managing Director, JarmonG@gao.gov (202) 512-4400 U.S. Government Accountability Office, 441 G Street NW, Room 7125 Washington, D.C. 20548: Public Affairs: Paul Anderson, Managing Director, AndersonP1@gao.gov (202) 512-4800 U.S. Government Accountability Office, 441 G Street NW, Room 7149 Washington, D.C. 20548: