Telecommunications: FCC Should Assess the Design of the E-rate Program's Internal Control Structure
GAO-10-908
Published: Sep 29, 2010. Publicly Released: Oct 29, 2010.
Skip to Highlights
Highlights
Since 1998, the Federal Communications Commission's (FCC) Schools and Libraries Universal Service Support Mechanism--commonly known as the "E-rate" program--has been a significant federal source of technology funding for schools and libraries. FCC designated the Universal Service Administrative Company (USAC) to administer the program. As requested, GAO examined the system of internal controls in place to safeguard E-rate program resources. This report discusses (1) the internal controls FCC and USAC have established and (2) whether the design of E-rate's internal control structure appropriately considers program risks. GAO reviewed the program's key internal controls, risk assessments, and policies and procedures; assessed the design of the internal control structure against federal standards for internal control; and interviewed FCC and USAC officials.
Recommendations
Recommendations for Executive Action
| Agency Affected | Recommendation | Status |
|---|---|---|
| Federal Communications Commission | To improve internal controls over the E-rate program, the Federal Communications Commission should, based on the findings of the risk assessment, conduct a thorough examination of the overall design of E-rate's internal control structure to ensure that the procedures and administrative resources related to internal controls are aligned to provide reasonable assurance that program risks are appropriately targeted and addressed. | Since 1998, the Federal Communications Commission's (FCC) Schools and Libraries Universal Support Mechanism, known as the E-rate program, has been a significant federal source of technology funding for schools and libraries. The Universal Service Administration Company (USAC) is the administrator of the E-rate program. In 2010, GAO found the design of the E-rate program's internal control structure may not appropriately consider program risks. For example, USAC's application review process incorporates multiple types and levels of reviews, but it was not clear whether this design was effectively and efficiently targeting resources to risks. In addition, GAO found no controls in place to... periodically check the accuracy of USAC's automated invoice review process, again making it unclear whether resources were appropriately aligned with risks. While USAC has expanded and adjusted its internal control procedures, it had never conducted a robust risk assessment of the E-rate program's core processes. Without an overall risk assessment, FCC and USAC might not know how to appropriately balance their resources to better target risks and best ensure that the program fulfills its overall goal of providing technology funding to schools and libraries. Therefore, GAO recommended that FCC use the findings of a risk assessment of the E-rate program to conduct a thorough examination of the overall design of E-rate's internal control structure to ensure that the procedures and administrative resources related to internal controls are aligned to provide reasonable assurance that program risks are appropriately targeted and addressed. In 2017, we confirmed that, in response to our recommendation, and after having hired a contractor to conduct a robust risk assessment of the E-rate program, FCC worked with USAC to consider the findings of the risk assessment and examine the overall design of E-rate's internal control structure. Their examination of the risk assessment resulted in the USAC Corrective Action Plan for Schools & Libraries Risk Assessment, which specifies steps to improve internal controls. Recommended program changes include, for example, that USAC provide more robust, step-by-step training materials on its website for both applicants and service providers to use; that USAC maintain a relatively fixed E-rate application window that is the same year to year; that USAC and FCC create a clear and standalone escalation procedures document to allow E-rate application reviewers to escalate questions or inquiries about complex eligibility or cost allocation decisions; and that USAC and its subcontractors create a robust and strategic succession planning program to prepare the next level of review managers. The Corrective Action Plan lists over a hundred recommended actions and links them to specific tasks or larger efforts to implement them, such as a Business Process Reengineering effort being conducted by a consulting firm contractor for USAC. As a result of this examination of the E-rate program's internal control structure, FCC should be able to make changes to the overall design of the E-rate program's internal control structure that will allow it to better target and address program risks.
View More |
| Federal Communications Commission | To improve internal controls over the E-rate program, the Federal Communications Commission should implement a systematic approach to assess internal controls that appropriately considers the results of beneficiary audits and that is supported by a documented and approved set of policies and procedures. | Since 1998, the Federal Communications Commission's (FCC) Schools and Libraries Universal Services Support Mechanism, known as the E-rate program, has been a significant federal source of technology funding for schools and libraries. In 2010, GAO determined that FCC and the Universal Service Administration Company (USAC) (the program administrator) had used the results of beneficiary audits to identify and report beneficiary noncompliance with E-rate program rules. However, we found that FCC and USAC had not effectively used the information gained from beneficiary audits to assess and modify the E-rate program's internal controls. For example, although FCC and USAC had taken actions to...
|
| Federal Communications Commission | To improve internal controls over the E-rate program, the Federal Communications Commission should develop policies and procedures to periodically monitor the internal control structure of the E-rate program, including evaluating the costs and benefits of internal controls, to provide continued reasonable assurance that program risks are targeted and addressed. | Since 1998, the Federal Communications Commission's (FCC) Schools and Libraries Universal Support Mechanism, known as the E-rate program, has been a significant federal source of technology funding for schools and libraries. The Universal Service Administration Company (USAC) is the administrator of the E-rate program. In 2010, GAO found the design of the E-rate program's internal control structure may not appropriately consider program risks. For example, USAC's application review process incorporates multiple types and levels of reviews, but it was not clear whether this design was effectively and efficiently targeting resources to risks. In addition, GAO found no controls in place to...
|
| Federal Communications Commission | To improve internal controls over the E-rate program, the Federal Communications Commission should conduct a robust risk assessment of the E-rate program. | In 2010, we found that the Federal Communications Commission (FCC) had taken steps to revise the E-rate program's internal controls to address problems they had identified as well as concerns raised by external auditors and others. However, we found that FCC's actions regarding internal controls generally tended to be reactive rather than proactive, and that FCC had not conducted a robust risk assessment of the E-rate program's design and core activities and functions. We found the E-rate program's internal control structure to be a product of accretion and not clearly targeted to reasonably and effectively address programmatic risks. Therefore, we recommended that FCC conduct a robust...
|
Full Report
Public Inquiries
Topics
Auditing standardsBeneficiariesE-rateEligibility determinationsFund auditsInternal auditsInternal controlsMonitoringProgram managementQuality assuranceRisk assessmentRisk managementSchool management and organizationTelecommunicationsPolicies and proceduresProgram goals or objectives