This is the accessible text file for GAO report number GAO-05-693R 
entitled 'Management Report: Opportunities for Improvements in SEC's 
Internal Controls and Accounting Procedures' which was released on 
August 12, 2005. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

August 12, 2005: 

Margaret J. Carpenter:
Associate Executive Director:
Office of Financial Management:
U.S. Securities and Exchange Commission: 

Subject: Management Report: Opportunities for Improvements in SEC's 
Internal Controls and Accounting Procedures: 

Dear Ms. Carpenter: 

In May 2005, we issued our report expressing an opinion on the 
Securities and Exchange Commission's (SEC) fiscal year 2004 financial 
statements and an opinion on SEC's internal control as of September 30, 
2004.[Footnote 1] We also reported on the results of our tests of SEC's 
compliance with selected provisions of laws and regulations during 
fiscal year 2004. Our report on SEC's fiscal year 2004 financial 
statements identified reportable conditions in the internal controls 
over financial reporting that we considered to be material 
weaknesses.[Footnote 2] These weaknesses related to SEC's controls over 
(1) recording and reporting disgorgements[Footnote 3] and 
penalties,[Footnote 4] (2) information security, and (3) preparing 
financial statements and related disclosures. We issued two separate 
reports providing recommendations to address those weaknesses.[Footnote 
5]

The purpose of this report is to provide recommendations for those 
issues identified during our audit that, although not material in 
relation to the financial statements, we believe warrant management's 
attention. We are making 16 recommendations in this report for 
strengthening SEC's accounting procedures and internal controls in the 
following 12 areas: 

* maintaining detailed subsidiary ledgers and records to support 
delivered and undelivered orders transactions;

* segregation of duties and controls over cash receipts;

* verifying that all fee-bearing filings recorded in the Electronic 
Data Gathering, Analysis, and Retrieval (EDGAR) system are recognized 
as revenue in the general ledger;

* management review of the Fund Balance with Treasury (FBWT) 
reconciliation;

* review process to ensure that apportionments are accurately entered 
into the general ledger;

* evaluation of equipment or property leases to determine if they meet 
the capitalization criteria required by generally accepted accounting 
principles;

* review of the final processed payroll data entered into the Federal 
Personnel and Payroll System (FPPS) by the National Business Center 
(NBC) for active employees;

* documented policies and procedures governing the payroll process;

* documentation and review of the effectiveness of corrective actions 
relating to audit recommendations addressing weaknesses reported under 
the Federal Managers' Financial Integrity Act of 1982 (FMFIA);

* charging expenditures to the proper Budget Object Class (BOC) codes;

* referral of eligible delinquent debt that was over 180 days due to 
Treasury, as required by the Debt Collection Improvement Act (DCIA); 
and: 

* establishing and documenting property and equipment capitalization 
thresholds. 

Our recommendations follow at the end of our discussion of each of 
these issues in the following sections. These recommendations are 
intended to bring SEC into conformance with the internal control 
standards that federal agencies are required to follow.[Footnote 6] In 
its comments reprinted in enclosure I, SEC described actions completed, 
ongoing, and planned to address each of these issues. Further details 
on our scope and methodology are included in our report on the results 
of our audit of the 2004 financial statements and are reproduced in 
enclosure II. We conducted our audit in accordance with U.S. generally 
accepted government auditing standards. 

Recording Undelivered and Delivered Orders: 

SEC was initially unable to provide auditable detail for the fiscal 
year 2004 opening balances of undelivered and delivered orders recorded 
in the general ledger. After extensive time and effort, SEC compiled 
schedules of transactions. However, those schedules did not reconcile 
to the related amounts recorded in the general ledger, and SEC staff 
could not readily explain the differences. Similar problems occurred 
with the ending balance for the amounts of delivered orders recorded in 
the general ledger as of September 30, 2004. Through much time and 
effort on the part of SEC and GAO staff, we were ultimately able to 
audit the amounts pertaining to SEC's undelivered and delivered orders. 
However, GAO's Standards for Internal Control in the Federal Government 
require that the documentation of transactions should be complete, 
accurate, and sufficient to facilitate the tracing of transactions and 
related information from authorization and initiation through 
processing and recording. In addition, documentation should be readily 
available for examination. Such documentation is necessary to enable 
management's review of the related transactions. 

Recommendation: 

1. We recommend that SEC maintain subsidiary schedules and 
documentation supporting all delivered and undelivered orders 
transactions and related amounts recorded in the general ledger. The 
documentation should be at a detailed level sufficient to facilitate 
management review and the external audit process. 

Segregation of Duties and Controls over Cash Receipts: 

SEC does not have proper segregation of duties or controls over cash 
receipts. Checks paid to SEC for disgorgements and other activities are 
opened either by an individual in the mail room, who does not log in 
the checks but forwards them to the Office of Financial Management 
(OFM), or by two accounting technicians in OFM who manually log in the 
checks and forward them and the log to the Supervisory Accounting 
Analyst. The Supervisory Accounting Analyst has incompatible duties 
regarding cash receipts by having custody of the checks, control over 
the original daily cash receipts log, and access to the general ledger. 
Furthermore, SEC does not reconcile the cash receipts log to the 
documentation supporting the deposit amount in the general ledger. 
According to GAO's Standards for Internal Control in the Federal 
Government, key duties and responsibilities need to be divided or 
segregated between different people to reduce the risk of error or 
fraud. This should include separating the responsibilities for 
authorizing transactions, processing and recording transactions, 
reviewing the transactions, and handling any related assets so that no 
one individual controls all key aspects of a transaction or event. In 
addition, periodic reconciliations should be performed to ensure 
accountability over the assets. Because one individual performs 
incompatible duties over cash receipts, which could result in checks 
never being recorded into the general ledger, coupled with the lack of 
the receipts' reconciliation with the deposit amounts, there is a risk 
of error or fraud concerning cash receipts. 

Recommendations: 

2. We recommend that SEC take the following two actions: 

3. Separate key responsibilities over the handling and recording of 
cash receipts so that no one individual handles all key aspects 
concerning the receipts. 

Periodically reconcile the cash receipts log to the documentation 
supporting the deposit amount in the general ledger. 

Recording Filing Fee Revenue: 

SEC uses the Internet-based EDGAR system to collect, validate, index, 
and accept the submissions of forms filed by SEC-registered companies. 
EDGAR, along with the Fee Momentum module in EDGAR, recognizes revenue 
when filings are submitted and completed, and transfers this 
information to the general ledger through a nightly batch file. 
However, SEC does not perform a comparison or reconciliation between 
successfully completed filings in EDGAR and the amount recognized as 
revenue in the general ledger. During our testing of filing fee 
revenue, we identified a difference of approximately $154 million 
between the successful fee-bearing filings recorded in EDGAR of about 
$390 million and the revenue for filing fees recorded in the general 
ledger of about $236 million. This balance of $154 million had been 
recorded by SEC as transaction fee revenue in the general ledger. SEC 
corrected the difference after we brought the matter to its attention. 
Statement of Federal Financial Accounting Standards (SFFAS) No. 7, 
Accounting for Revenue and Other Financing Sources, states that revenue 
should be recognized when earned, which, for filing fees, is when a 
company's equity or debt offering has been successfully completed. 
Consistent with GAO's Standards for Internal Control in the Federal 
Government, SEC's internal controls should provide reasonable assurance 
that its financial transactions are recorded properly and accurately. 
Without controls over the recording of filing fees, there is a risk 
that revenue amounts will be misstated. 

Recommendations: 

We recommend that SEC take the following two actions: 

4. Perform periodic reconciliations of successful fee-bearing filings 
in EDGAR and revenue recorded in the general ledger. 

5. Develop for this reconciliation process written policies and 
procedures that address the maintenance of documentation supporting the 
general ledger balances. 

Fund Balance with Treasury Reconciliation: 

SEC performs monthly reconciliations of its FBWT as required. While 
management has stated that reviews of the FBWT reconciliations are 
performed by a management official, there is no evidence of such 
review. GAO's Standards for Internal Control in the Federal Government 
requires agencies to establish controls to enforce adherence to 
requirements, such as FBWT reconciliations, and to create and maintain 
records providing evidence that these controls are executed. The lack 
of such evidence increases the risk that the reviews are not being 
performed, thereby increasing the risk of the untimely detection of 
errors in related account balances. 

Recommendation: 

6. We recommend that SEC management document its review of the monthly 
FBWT reconciliation to help ensure the timeliness of these 
reconciliations and the accuracy and validity of adjustments resulting 
from these reconciliations. At a minimum, reviewers should sign and 
date the reviewed documents and provide any comments that may be 
appropriate in the event that their reviews identified problems or 
raised questions. 

Reviewing Apportionment Entries: 

The Antideficiency Act prohibits agencies from obligating appropriated 
funds in excess of what the Office of Management and Budget (OMB) has 
apportioned. SEC budget analysts record apportionment amounts from 
Standard Form (SF)-132, Apportionment and Reapportionment Schedule, 
approved by OMB in the general ledger; however, there is no supervisory 
or management review of these entries. GAO's Standards for Internal 
Control in the Federal Government requires agencies to implement 
internal control procedures to ensure the accurate and timely recording 
of transactions and events. Without a review process to ensure that 
apportionments are accurately entered into the general ledger, there is 
a risk that apportionments will not be accurately recorded and that 
obligations will be tracked against an inaccurate apportionment limit. 

Recommendation: 

7. We recommend that appropriate SEC management officials review 
recorded apportionment amounts to provide assurance over the accuracy 
of these amounts. The review should be evidenced in some manner, such 
as a signature and date. 

Accounting for Property and Equipment Leases: 

During our audit, we found that SEC was not properly accounting for its 
equipment or property leases. SFFAS No. 6, Accounting for Property, 
Plant, and Equipment, requires management to determine if leases meet 
the criteria for recognition as capital leases. If a lease meets any 
one of the criteria, the cost of the property or equipment should be 
capitalized and an equal amount should be recognized as a liability for 
the capital lease at its inception. This standard also requires 
depreciation expense to be recognized to allocate the cost of the 
property or equipment over its estimated useful life. Financial 
Accounting Standards Board (FASB) Standard No. 13, Accounting for 
Leases, requires assets acquired under capital leases to be depreciated 
over the lease term, rather than the asset's useful life, if the lease 
meets either the lease term or the present value of the minimum lease 
payments criteria. For fiscal year 2004, we found that SEC expensed the 
lease payments for one of its properties when the lease should have 
been capitalized and depreciated. We also found two contracts for 
leasing equipment that SEC recorded as purchases of equipment. Our 
evaluation determined that these equipment leases were properly 
capitalized, but the related capital lease liability was not recorded. 
In addition, depreciation expense was incorrectly calculated for these 
leases, since these leases did not meet the lease term or the present 
value of minimum lease payments criteria and the equipment was 
depreciated over the assets' useful life rather than over the related 
lease terms. As a result of these errors, leases were not properly 
accounted for in the financial statements or related disclosures. 

Recommendations: 

We recommend that SEC take the following two actions: 

8. Review all existing leases for property and equipment to determine 
if they should be capitalized or expensed and make any necessary 
adjustments to the related general ledger balances. 

9. Develop policies and procedures to properly account for future 
property and equipment leases on an ongoing basis. 

Review Federal Personnel and Payroll System Data: 

SEC payroll reports and transactions are created and managed under 
contract by the NBC at the Department of the Interior (DOI) through 
FPPS. On a biweekly basis, FPPS generates the Personnel Alphabetic 
Employee List, which shows all active employees for each pay period. 
The Personnel Alphabetic Employee List is used for budgeting purposes 
by SEC's Planning and Budget Office in OFM. FPPS also generates the 
Organizational Employee Report, listing all active employees within 
each SEC division and office. However, SEC does not maintain an 
independent database of its payroll information or perform tests to 
verify the information in FPPS. The Organizational Employee Report is 
sent to all SEC divisions and offices, but there is no documentation or 
other indication that the divisions and offices review the 
Organizational Employee Report to determine if it accurately reflects 
the current active employees, new hires, and recent terminations. 
Neither SEC's Office of Human Resources and Administrative Services nor 
OFM receives positive assurance from the divisions and offices that the 
employees listed on the Organizational Employee Report are currently 
active employees, thus offering no assurances that newly hired staff 
will be paid timely or that pay for departing staff will be stopped. 

According to OMB Circular A-127, Financial Management Systems, an 
agency should review and test all aspects of the time and attendance 
(T&A) systems' processing procedures and controls with sufficient 
scope, depth, and frequency to reasonably ensure that key procedures 
and controls are effective in meeting legal and other requirements, and 
that data integrity is maintained. Without the review of final- 
processed payroll data, there is a risk that inaccurate or unauthorized 
transactions, such as those noted above, could occur, or that 
fictitious employees could be entered into FPPS, resulting in erroneous 
or fraudulent payments by SEC. Concerns over payroll data integrity are 
compounded in the service auditor's report for FPPS, which found that 
application security controls over FPPS were not operating with 
sufficient effectiveness to reasonably ensure that access to FPPS is 
restricted to properly authorized NBC Payroll Operations personnel and 
that incompatible duties within Payroll Operations are properly 
segregated in the system.[Footnote 7] Since SEC does not evidence a 
review of the active employees listed on the Organizational Employee 
Report by the divisions and offices or perform other checks and 
reconciling procedures between FPPS data and SEC records, management 
does not have assurance regarding the accuracy of the active employee 
information in FPPS. 

Recommendation: 

10. We recommend that SEC periodically reconcile its active employees 
to FPPS. To do this, consideration should be given to maintaining an 
independent database of active employees and other payroll-related 
information, wherein active employee data could be readily compared 
with and reconciled to FPPS-generated payroll records. This 
reconciliation should be documented. 

Payroll Processing Policies and Procedures: 

During our audit, we noted that SEC had only one trained individual who 
performed the payroll file processing and reconciliation procedures 
each pay period. These unwritten procedures consist of uploading and 
reformatting information received from DOI into the general ledger, 
comparing data in the general ledger with the Payroll Operations 
Division Report generated by DOI for accuracy and completeness, 
researching any errors, verifying payroll expenses by SEC organization 
code, making necessary corrections to the data, recording the payroll 
disbursement in the general ledger, and reconciling the Treasury 
Statement of Transactions (SF-224) with the general ledger. Also during 
our audit, we did not find evidence of supervisory review of the 
payroll file processing and reconciliation procedures. Per OMB Circular 
A-127, Financial Management Systems, an agency should have clearly 
written and communicated policies and procedures setting forth the 
responsibilities of employees, timekeepers, supervisors, and others 
regarding recording, examining, approving, and reporting on T&A 
information. By having only one person trained in the payroll process 
and not having documented policies and procedures governing the 
process, there is a risk that the necessary reconciliation will not be 
performed correctly or timely in the absence of the one individual who 
is knowledgeable of the required procedure. Furthermore, the lack of 
supervisory review of the payroll process increases the risk that 
errors could occur and not be detected in a timely manner. 

Recommendations: 

We recommend that SEC take the following two actions: 

11. Develop written policies and procedures governing the payroll 
processing and reconciliation procedures, which would include 
requirements for documenting supervisory review of the performance of 
the payroll procedures performed during each pay period. 

12. Train other individuals to perform this function. 

Closing Recommendations to Address FMFIA Weaknesses: 

In fulfilling the reporting requirements of the Federal Managers' 
Financial Integrity Act of 1982, SEC reports to the President of the 
United States on whether the agency's management controls are adequate 
and effective and are achieving their intended objectives in accordance 
with the standards prescribed by the Comptroller General's Standards 
for Internal Control in the Federal Government. SEC's FMFIA report to 
the President is largely based on the knowledge of the operations and 
evaluations conducted by SEC staff and the certification of management 
controls by appropriate SEC officials. However, during our 2004 
financial statement audit, we found that weaknesses relating to the 
accountability of property and internal controls over disgorgement 
funds, which were cited in the fiscal year 2002 FMFIA report, still 
existed even though SEC's fiscal year 2003 FMFIA report indicated that 
the recommendations to address the related weaknesses were resolved. 
According to GAO's Standards for Internal Control in the Federal 
Government, the resolution of audit recommendations is completed only 
after action has been taken that (1) corrects identified deficiencies, 
(2) produces improvements, or (3) demonstrates that the findings and 
recommendations do not warrant management's action. In addition, the 
standards state that records, which provide evidence of the execution 
of such activities, and appropriate documentation should be maintained. 
SEC's policies and procedures do not require documented support for the 
resolution of audit issues before they are closed in SEC's tracking 
system. Without adequate documentation or review of the adequacy and 
the effectiveness of corrective actions, there is a risk that previous 
audit findings continue to exist as problems after SEC has considered 
audit findings to be closed. 

Recommendation: 

13. We recommend that SEC require documented support and review of 
SEC's corrective actions to provide evidence that actions taken in 
response to audit recommendations fully correct identified deficiencies 
prior to closing out the audit issues in the tracking system. 

Charging Expenditures to BOC Codes: 

SEC records obligations and prepares its annual budget on the basis of 
budget object class codes. Object classes are categories in a 
classification system that present obligations by the items or services 
purchased by the federal government. According to 31 U.S.C. 1104(b), 
the President's budget is required to present obligations by object 
class for each account. During our testing of nonpayroll expenditures, 
we noted several incidences in which SEC did not properly or 
consistently record the expenditures to the appropriate BOC code and 
noted incidences for which we could not determine whether the correct 
BOC code was charged because of a lack of detailed support for the 
expenditures. For example, for one of the contracts we reviewed, we 
noted that detailed records were not maintained for the expenditures 
related to the contract. While it appeared appropriate for the 
obligation for this contract to be recorded in several BOC codes 
because of the broad scope of work being performed under the contract, 
SEC did not obtain sufficient detail on the expenditures to determine 
how they should be allocated among the BOC codes. Therefore, SEC 
charged the entire expenditure to one BOC code. On the other hand, for 
some contracts, SEC allocated the expenditures among the BOC codes but 
was not able to support the reason why the allocations were made. 

Without sufficient detailed supporting records, the actual amount of 
expenditures within each BOC code cannot be accurately determined, thus 
increasing the risk that management does not have reliable information 
for decision making. In addition, the lack of written policies and 
procedures regarding recording expenditures to the proper BOC codes 
increases the risk of inconsistently recorded expenditures. 

Recommendation: 

14. We recommend that SEC develop policies and procedures to help 
ensure that expenditures (1) are recorded in the proper BOC code on the 
basis of the nature of the expenditure and (2) are properly allocated 
across BOC codes as appropriate. 

Timely Referral of Delinquent Debt: 

DCIA requires agencies to refer eligible debts that are delinquent over 
180 days to Treasury for collection. Our test of SEC's compliance with 
DCIA disclosed $285,626 in eligible debt that was over 180 days old but 
had not been referred to Treasury as of September 30, 2004. While this 
matter was not material to SEC's fiscal year 2004 financial statements, 
timely referral of delinquent debts as DCIA requires would improve 
opportunities to collect such debt. 

Recommendation: 

15. We recommend that SEC refer eligible debt that is delinquent over 
180 days to Treasury as required by DCIA. 

Property and Equipment Capitalization Threshold: 

SEC does not have an analytical basis or other documented support for 
the selection of its capitalization thresholds for property and 
equipment. FASB requires that entities establish appropriate 
capitalization thresholds by considering the entities' financial and 
operational conditions, that the thresholds be consistently applied, 
and that they be disclosed in the financial reports. The establishment 
of a capitalization threshold policy must be supported by a detailed 
analysis anchored by the two fundamental principles of matching and 
materiality. Inappropriate or excessive capitalization thresholds have 
a significant impact on financial reporting and related oversight 
issues, and may not comply with SFFAS No. 6 requirements to capitalize 
all items that meet certain characteristics. 

Recommendation: 

16. We recommend that SEC review its property and equipment 
capitalization thresholds and document the analysis used to select the 
capitalization thresholds. 

Agency Comments: 

In written and oral comments provided to GAO on a draft of this report, 
SEC indicated that it is taking, or has planned, actions pertaining to 
the issues identified in this report. SEC's written comments are 
reprinted in enclosure I of this report. 

This report is intended for use by SEC management and the SEC Inspector 
General. We are sending copies of this report to the Chairmen and 
Ranking Members of the Senate Committee on Banking, Housing, and Urban 
Affairs; the Senate Committee on Homeland Security and Governmental 
Affairs; the House Committee on Financial Services; the House Committee 
on Government Reform; and other interested parties. In addition, this 
report will be available at no charge on GAO's Web site at 
http://www.gao.gov. 

We acknowledge and appreciate the cooperation and assistance provided 
by SEC management and staff during our audit of SEC's fiscal year 2004 
financial statements. If you have any questions about this report or 
need assistance in addressing these issues, please contact me at (202) 
512-9471 or franzelj@gao.gov. Contact points for our Offices of 
Congressional Relations and Public Affairs may be found on the last 
page of this report. 

Sincerely yours,

Signed by: 

Jeanette M. Franzel: 
Director: 
Financial Management and Assurance: 

Enclosures - 2: 

Enclosure I: Comments from the Securities and Exchange Commission: 

Securities and Exchange Commission: 

Office of Financial Management: 

August 5, 2005: 

Jeanette M. Franzel: 
Director:
Financial Management and Assurance: 
U.S. General Accountability Office: 
441 G Street, NW:
Washington, D.C. 20548: 

Subject: Comments on Management Report: Opportunities for Improvements 
in SEC's Internal Controls and Accounting Procedures: 

Dear Ms. Franzel: 

Thank you for the opportunity to review and comment on the Government 
Accountability Office's (GAO) draft report entitled "Management Report: 
Opportunities for Improvements in SEC's Internal Controls and 
Accounting Procedures." The purpose of this report is for the GAO to 
provide recommendations to the SEC on those issues identified during 
the 2004 financial statement audit that, although not material in 
relation to the financial statements, GAO believes warrant management's 
attention. Following are comments provided by the SEC's Office of 
Financial Management with concurrence from the Executive Director. 
These comments have been and may be supplemented by oral comments 
provided directly to your staff. 

Recording Undelivered and Delivered Orders: 

GAO Recommendation: 

We recommend that SEC maintain subsidiary schedules and documentation 
supporting all delivered and undelivered orders transactions and 
related amounts recorded in the general ledger. The documentation 
should be at a detailed level sufficient to facilitate management 
review and the external audit process. 

SEC Comments: 

SEC recognizes the need for these schedules and documentation and 
continues to work toward producing them on a timely periodic basis. 

Segregation of Duties and Controls over Cash Receipts: 

GAO Recommendation: 

We recommend that SEC take the following two actions: 

* separate key responsibilities over the handling and recording of cash 
receipts so that no one individual handles all key aspects concerning 
the receipts, and 

* periodically reconcile the cash receipts log to the documentation 
supporting the deposit amount in the general ledger. 

SEC Comments: 

SEC is reviewing the supervisory accounting analyst's responsibilities 
in order to assure that duties for handling and recording cash receipts 
are appropriately segregated. SEC has added staff resources to the 
Office of Financial Management, which will facilitate the periodic 
reconciliation of the cash receipts log to the general ledger. Both 
elements of this recommendation will be implemented prior to the end of 
the fiscal year. 

Recording Filing Fee Revenue: 

GAO Recommendation: 

We recommend that SEC take the following two actions: 

* perform periodic reconciliations of successful fee-bearing filings in 
EDGAR and revenue recorded in the general ledger, and: 

* develop written policies and procedures for this reconciliation 
process that address the maintenance of documentation supporting the 
general ledger balances. 

SEC Comments: 

SEC is currently performing reconciliations of such filings and revenue 
on a monthly basis. The procedures for these reconciliations will be 
documented. 

Fund Balance with Treasury Reconciliation: 

GAO Recommendation: 

We recommend that SEC management document its review of the monthly 
FBWT reconciliation to help ensure the timeliness of these 
reconciliations and the accuracy and validity of adjustments resulting 
from these reconciliations. At a minimum, reviewers should sign and 
date the reviewed documents and provide any comments that may be 
appropriate in the event that their reviews identified problems or 
raised questions. 

SEC Comments: 

As GAO indicates, SEC performs monthly reconciliations of its FBWT. 
Managerial review of the reconciliations will be more adequately 
documented. 

Reviewing Apportionment Entries: 

GAO Recommendation: 

We recommend that appropriate SEC management officials review recorded 
amounts for apportionment amounts to provide assurance over the 
accuracy of these amounts. The review should be evidenced in some 
manner such as a signature and date. 

SEC Comments: 

The Assistant Director - Budget and Planning reviews printed reports to 
assure the accuracy of amounts entered into the accounting system. 
Henceforth, those reviews will be documented more fully. 

Accounting for Property and Equipment Leases: 

GAO Recommendation: 

We recommend that SEC take the following two actions: 

* review all existing leases for property and equipment to determine if 
they should be capitalized or expensed and make any necessary 
adjustments to the related general ledger balances, and: 

* develop policies and procedures to properly account for future 
property and equipment leases on an ongoing basis. 

SEC Comments: 

SEC staff agreed previously with the GAO staff that we would review all 
new leases for property to determine if they should be capitalized or 
expensed. The policies will be reviewed and revised as appropriate and 
procedures will be better documented. 

Review Federal Personnel and Payroll System Data: 

GAO Recommendation: 

We recommend that SEC periodically reconcile its active employees to 
FPPS. To do this, consideration should be given to maintaining an 
independent database of active employees and other payroll-related 
information, wherein active employee data could be readily compared and 
reconciled to the FPPS-generated payroll records. This reconciliation 
should be documented. 

SEC Comments: 

The Office of Human Resources is reviewing this recommendation and will 
develop a strategy for implementing it in fiscal 2006. 

Payroll Processing Policies and Procedures: 

GAO Recommendation: 

We recommend that SEC take the following two actions: 

* develop written policies and procedures governing the payroll 
processing and reconciliation procedures, which would include 
requirements for documenting supervisory review of the performance of 
the payroll procedures performed during each pay period, and: 

* train other individuals to perform this function. 

SEC Comments: 

SEC will complete the written procedures on the payroll processing and 
reconciliation. A supervisor in the Office of Financial Management is 
currently training new staff to perform this function. 

Closing Recommendations to Address FMFIA Weaknesses: 

GAO Recommendation: 

We recommend that SEC require documented support and review of SEC's 
corrective actions to provide evidence that actions taken in response 
to audit recommendations fully correct identified deficiencies prior to 
closing out the audit issues in the tracking system. 

SEC Comments: 

The Audit Follow-up Program will require more extensive documentation 
and review before closing material audit recommendations and continue 
our current procedure for non-material recommendations. Please note 
that the SEC's audit follow-up procedures were reviewed by the agency's 
Office of Inspector General in 2000. During the audit, the OIG examined 
relevant documentation and reviewed follow-up actions for a sample of 
eight audits. The OIG found that overall, the audit follow-up 
procedures were efficient and effective and complied with OMB Circular 
A-50. (See "Audit Follow-up Procedures," Audit 325 (Sept. 22, 2000)). 
In addition, the IG's report noted that the Audit Follow-up Program 
staff consults with the OIG before closing controversial audit 
recommendations. 

Charging Expenditures to BOC Codes: 

GAO Recommendation: 

We recommend that SEC develop policies and procedures to help ensure 
that expenditures (1) are recorded in the proper BOC code on the basis 
of the nature of the expenditure, and (2) are properly allocated across 
BOC codes as appropriate. 

SEC Comments: 

A review has shown that SEC written policies and controls are adequate 
in this area. We have taken action to improve staff compliance with 
these policies and procedures. 

Timely Referral of Delinquent Debt: 

GAO Recommendation: 

We recommend that SEC refer eligible debt delinquent over 180 days old 
to Treasury as required by DCIA. 

SEC Comments: 

This recommendation is consistent with SEC policies and procedures. SEC 
staff will complete a review of all delinquent debt prior to the end of 
the fiscal year to assure that all debts are being managed consistent 
with the policies. 

Property and Equipment Capitalization Threshold: 

GAO Recommendation: 

We recommend that SEC review its property and equipment capitalization 
thresholds and document the analysis used to select the capitalization 
thresholds. 

SEC Comments: 

SEC has discussed this recommendation with GAO staff and plans to 
complete the analysis. 

We appreciate the opportunity to comment on the draft report. If you or 
your staff has any questions, I would be pleased to answer them at your 
convenience. 

Sincerely,

Signed by: 

Margaret J. Carpenter: 

Associate Executive Director, Finance: 

[End of section] 

Enclosure II: Details on Audit Scope and Methodology: 

To fulfill our responsibilities as auditor of the financial statements 
of the Securities and Exchange Commission (SEC), we did the following: 

* examined, on a test basis, evidence supporting the amounts and 
disclosure in the financial statements;

* assessed the accounting principles used and significant estimates 
made by management;

* evaluated the overall presentation of the financial statements;

* obtained an understanding of internal controls related to financial 
reporting and compliance with laws and regulations;

* obtained an understanding of the recording, processing, and 
summarizing of performance measures as reported in Management's 
Discussion and Analysis;

* tested relevant internal controls over financial reporting and 
compliance, and evaluated the design and operating effectiveness of 
internal controls;

* considered SEC's process for evaluating and reporting on internal 
control and financial management systems under the Federal Managers' 
Financial Integrity Act of 1982; and: 

* tested compliance with selected provisions of the following laws and 
regulations: the Securities Exchange Act of 1934, as amended; the 
Securities Act of 1933, as amended; the Antideficiency Act; laws 
governing the pay and allowance system for SEC employees; and the 
Prompt Payment Act. We performed our audit from February 2004 to 
February 2005 in accordance with U.S. generally accepted government 
auditing standards. 

(194506): 

FOOTNOTES

[1] GAO, Financial Audit: SEC's Fiscal Year 2004 Financial Statements, 
GAO-05-244 (Washington, D.C.: May 26, 2005). 

[2] A material weakness is a condition in which the design or operation 
of one or more of the internal control components does not reduce, to a 
relatively low level, the risk that errors, fraud, or noncompliance in 
amounts that would be material to the financial statements may occur 
and not be detected promptly by employees in the normal course of their 
duties. 

[3] A disgorgement is the repayment of illegally earned profits. 

[4] A penalty is a monetary sum that is to be paid by the registrant to 
SEC as a result of a security law violation. 

[5] GAO, Material Internal Control Issues Reported in the SEC's Fiscal 
Year 2004 Financial Statement Audit Report, GAO-05-691R (Washington, 
D.C.: Aug. 27, 2005), and GAO, Information Security: Securities and 
Exchange Commission Needs to Address Weak Controls over Financial and 
Sensitive Data, GAO-05-262 (Washington, D.C.: Mar. 23, 2005). 

[6] GAO, Standards for Internal Control in the Federal Government, GAO/ 
AIMD-00-21.3.1 (Washington, D.C.: November 1999). 

[7] KPMG, Federal Personnel and Payroll System General Mainframe 
Information Technology and Payroll Operations Controls: Third-Party 
Report on Controls Placed in Operation and Test of Operating 
Effectiveness (SAS 70) for the Period October 1, 2000-September 30, 
2003 (Washington, D.C.: October 2003).