Improper Payments:

Improvements Needed to Ensure Reliability and Accuracy in DOE's Risk Assessments and Reporting

GAO-20-442: Published: Jun 17, 2020. Publicly Released: Jun 17, 2020.

Additional Materials:

Contact:

Allison B. Bawden
(202) 512-3841
bawdena@gao.gov

 

Beryl H. Davis
(202) 512-2623
davisbh@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

The Department of Energy (DOE) reported that it made about $36 million in improper payments—payments that shouldn’t have been made or were made in the incorrect amount—in FY 2018. But millions more dollars in FY 2018 improper payments could still be found, for example, through audits of contractors that won’t be finished until years later.

DOE doesn’t always track information to determine whether improper payments identified at a later date would increase its annual total to over $100 million—the threshold for additional reporting requirements.

We recommended that DOE track and disclose such information.

smashed piggy bank

smashed piggy bank

Additional Materials:

Contact:

Allison B. Bawden
(202) 512-3841
bawdena@gao.gov

 

Beryl H. Davis
(202) 512-2623
davisbh@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

The improper payments amounts that the Department of Energy (DOE) reported in its annual agency financial reports (AFR) for fiscal years 2015 through 2019 may not be accurate or complete. Agencies with programs that are susceptible to significant improper payments—including those with more than $100 million of improper payments in a year—are required to report statistically valid estimates of their improper payments. DOE determined these requirements did not apply, but optionally reported information on actual improper payments it made and identified in the prior year. For example, in its fiscal year 2019 AFR, DOE reported fiscal year 2018 improper payments—such as those made to contractors for unallowable costs—totaling about $36 million, less than 0.1 percent of its outlays. However, DOE did not disclose that these amounts do not include improper payments identified through reviews, audits, and investigations completed several years after it issues its AFR (see figure). For example, as of September 2019, DOE had not audited $23.8 billion of its $38.5 billion in fiscal year 2018 outlays. Such audits may increase the improper payments in a year by millions of dollars. For example, based on a 2017 audit, DOE identified $34 million in fiscal year 2010 improper payments. DOE does not always track information on the year improper payments were made that would allow it to determine whether improper payments identified later would increase the total to more than $100 million. By tracking and disclosing such information, DOE could better inform Congress, the public, and others about whether it exceeded the $100 million threshold and should be subject to additional reporting requirements.

Department of Energy's Fiscal Year 2018 Improper Payments

High01_5_v7_103415

Note: Segments of the bar are not sized to scale and do not represent the amount of improper payments.

DOE determined that its risk of significant improper payments was low in its fiscal year 2018 risk assessment. However, GAO found that the risk assessment may not provide a reasonable basis for DOE's determination. DOE did not provide sufficient documentation to support that it considered the known lag in identifying improper payments as an inherent risk, nor did it provide sufficient documentation to support its rationale for the scale it used to score risk factors or for weighting risk ratings of payment reporting sites. For example, a payment site processing $3 million of outlays had the same weight in the overall assessment as a payment site processing $5.7 billion of outlays. As a result, DOE cannot demonstrate that its low-risk determination is reasonable and that its risk assessment process produces reliable results.

Why GAO Did This Study

Improper payments—payments that should not have been made or were made in an incorrect amount—are a significant problem in the federal government. Agencies are required to perform risk assessments to identify programs that are susceptible to significant improper payments.

House Report 115-697 included a provision for GAO to review DOE's system for tracking improper payments. This report examines the extent to which (1) the amounts reported in DOE's AFRs for fiscal years 2015 through 2019 were accurate and complete, and (2) its fiscal year 2018 risk assessment provided a reasonable basis for its risk determination. GAO reviewed DOE's improper payment reporting for fiscal years 2015 through 2019 and its fiscal year 2018 risk assessment, and reviewed documents and interviewed officials from 10 of 48 reporting sites selected to provide a range of sites and about half of fiscal year 2018 reported improper payments.

What GAO Recommends

GAO is making nine recommendations to DOE, including to track and disclose information on improper payments identified later and determine whether these payments exceeded $100 million in any year, and to revise its risk assessment process to ensure the process has a reasonable basis and reliable results. DOE agreed with six of the recommendations, but did not agree with three recommendations, including to revise its risk assessment process. GAO maintains that the recommended actions are valid.

For more information, contact Allison B. Bawden at (202) 512-3841, bawdena@gao.gov or Beryl H. Davis at (202) 512-2623, davisbh@gao.gov.

Recommendations for Executive Action

  1. Status: Open

    Comments: DOE agreed with the recommendation and said that it plans to clarify and adjust its current and future guidance to its payment reporting sites to require that the sites (1) develop and maintain procedures to support implementation of its payment integrity requirements for identifying, tracking, and reporting improper payments, and (2) require payment reporting sites to certify that the procedures have been developed and implemented. We will monitor and report on DOE's progress in implementing these planned actions.

    Recommendation: The Office of the Chief Financial Officer should require payment reporting sites to document their procedures for identifying, tracking, and reporting improper payments to ensure they provide consistent and comparable information about their improper payments over time. (Recommendation 1)

    Agency Affected: Department of Energy

  2. Status: Open

    Comments: DOE agreed with the recommendation and said that it will (1) take measures to strengthen and enhance the existing payment integrity monitoring and quality assurance program by conducting period payment reporting site visits and (2) establish a payment integrity working group to identify best practices for incorporation into DOE processes. We will monitor and report on DOE's progress in implementing these planned actions.

    Recommendation: The Office of the Chief Financial Officer should develop a monitoring process to ensure that payment reporting sites document and implement procedures that will enable them to correctly identify and report improper payments to the OCFO. (Recommendation 2)

    Agency Affected: Department of Energy

  3. Status: Open

    Comments: DOE agreed with the recommendation and said they plan to develop and implement processes and procedures for tracking questioned costs to resolution. We will monitor and report on DOE's progress in implementing these planned actions.

    Recommendation: The Office of the Chief Financial Officer should require payment reporting sites to document policies for tracking questioned costs to resolution. (Recommendation 3)

    Agency Affected: Department of Energy

  4. Status: Open

    Comments: DOE agreed with the recommendation and said it will conduct annual look-back analyses to the extent possible to determine if prior year reporting exceeded the $100 million threshold, and therefore could be subject to additional reporting requirements. We will monitor and report on DOE's progress in implementing these planned actions.

    Recommendation: The Office of the Chief Financial Officer should track information on the year the payment occurred for all improper payments, regardless of when they are identified, and determine and disclose in DOE's AFR whether the department's total annual improper payments exceeded $100 million in any given year. (Recommendation 4)

    Agency Affected: Department of Energy

  5. Status: Open

    Comments: DOE agreed with the recommendation and said it will revise and enhance procedures defining the OCFO quality assurance process to (1) define the criteria for assessing the adequacy of payment reporting sites' justifications, and (2) review the payment reporting sites' justifications against the criteria defined. We will monitor and report on DOE's progress in implementing these planned actions.

    Recommendation: The Office of the Chief Financial Officer should clarify guidance to (1) define the factors for assessing adequacy of payment reporting sites' justifications that conducting recapture audits would not be cost-effective, and (2) require that the Office of the Chief Financial Officer review the sufficiency of these justifications against the criteria defined. (Recommendation 5)

    Agency Affected: Department of Energy

  6. Status: Open

    Comments: DOE disagreed with the recommendation, stating in its comments that it has an ongoing Fraud Risk Management Working Group and that officials have developed a Fraud Risk Management and Data Analytics Implementation Plan to strengthen DOE's capability to prevent, identify, and recover improper payments and fraud. However, DOE's plan is still in draft form and, according to DOE's technical comments, they will not begin using data analytics until fiscal year 2021. In addition, DOE said that existing payment recapture activities to identify and recover improper payments are sufficient. However, as we discuss in the report, DOE determined that it does not need to conduct payment recapture audits based on justifications submitted by the reporting sites. We continue to believe that by evaluating whether it could identify enough additional improper payments to make payment recapture audits cost-effective, such as by performing audits at a limited number of sites, DOE would have an opportunity to identify and recover additional improper payments or have better information to justify that payment recapture audits are not cost-effective. We plan to monitor DOE actions related to this recommendation.

    Recommendation: The Office of the Chief Financial Officer should evaluate whether payment reporting sites could identify enough additional improper payments through payment recapture audits to make those audits cost-effective, such as by performing audits at selected sites. (Recommendation 6)

    Agency Affected: Department of Energy

  7. Status: Open

    Comments: DOE did not agree with the recommendation to develop and document the rationale for the scale used to score risk factors and weighting of payment sites, stating that its risk assessment evaluates the volume and dollar amount of payments by payment category, payments subject to manual controls, and fluctuations in volume and dollar amounts. However, we are recommending that the OCFO document the weighting of all its risk factors, including its decision to consider as equal the risks identified by all sites-regardless of the dollar amount of outlays. We continue to believe that, because DOE did not properly document how it developed and considered risk factors during its fiscal year 2018 risk assessment, it cannot ensure that the process produces a reliable assessment of whether DOE is susceptible to significant improper payments. Regarding the consideration of inherent risk, DOE said that the Payment Integrity Risk Assessment directs payment reporting sites to consider inherent risk as part of DOE's Internal Control Program. However, even if none of the sites identifies the known lag in identifying improper payments as a risk, based on our review of DOE's Agency Financial Reports, this lag is a risk to DOE as a whole. Therefore, we continue to believe that DOE should document in its risk assessment process its consideration of the known lag in identifying improper payments. We plan to monitor DOE actions related to this recommendation.

    Recommendation: The Office of the Chief Financial Officer should revise DOE's department-level process for conducting improper payment risk assessments to include (1) developing and documenting the rationale for the variable scale used to score risk factors and weighting of the payment reporting sites; and (2) documenting DOE's consideration of the inherent risk associated with the lag in identifying certain improper payments subsequent to the fiscal year they occurred to ensure that the process results in a reliable assessment of whether the department is susceptible to significant improper payments. (Recommendation 7)

    Agency Affected: Department of Energy

  8. Status: Open

    Comments: DOE did not agree with the recommendation, stating that sufficient processes are in place for ensuring the accuracy of payment reporting sites' risk assessments. DOE also stated that OCFO's Payment Integrity Guidance instructs payment reporting sites to maintain detailed information supporting risk assessments. However, as we discuss in the report, 5 of the 10 sites we reviewed did not provide sufficient explanation or documentation supporting their ratings for several of the risk factors. We continue to believe that by developing, documenting, and implementing policies and procedures to require the OCFO to review documentation supporting payment site risk assessments, DOE would enhance its ability to adequately monitor its decentralized improper payment risk assessment process and help ensure that individual payment reporting sites accurately score their risk factors, leading DOE to obtain a more accurate and reliable assessment of its overall risk of susceptibility to improper payments. We plan to monitor DOE actions related to this recommendation.

    Recommendation: The Office of the Chief Financial Officer should revise DOE's department-level policies and procedures for reviewing risk assessments submitted by payment reporting sites to require a review and approval of the documentation supporting these assessments to help ensure the accuracy of the sites' assessments. (Recommendation 8)

    Agency Affected: Department of Energy

  9. Status: Open

    Comments: DOE agreed with the recommendation and said that itwill clarify the quality assurance process for the payment reporting sites' ratings; however, DOE will not override the individual payment sites' risk determinations. Instead, DOE plans to work as needed with payment reporting site officials to determine the appropriate risk ratings. We will monitor and report on DOE's progress in implementing these actions.

    Recommendation: The Office of the Chief Financial Officer should revise DOE's department-level policies and procedures for conducting improper payment risk assessments to define the process for overriding a payment reporting site's risk determination, when appropriate. (Recommendation 9)

    Agency Affected: Department of Energy

 

Explore the full database of GAO's Open Recommendations »

Oct 13, 2020

Oct 7, 2020

Sep 30, 2020

Sep 9, 2020

Aug 25, 2020

Aug 6, 2020

Jun 10, 2020

Jun 8, 2020

May 21, 2020

Looking for more? Browse all our products here