Improper Payments: Improvements Needed to Ensure Reliability and Accuracy in DOE's Risk Assessments and Reporting
The Department of Energy (DOE) reported that it made about $36 million in improper payments—payments that shouldn’t have been made or were made in the incorrect amount—in FY 2018. But millions more dollars in FY 2018 improper payments could still be found, for example, through audits of contractors that won’t be finished until years later.
DOE doesn’t always track information to determine whether improper payments identified at a later date would increase its annual total to over $100 million—the threshold for additional reporting requirements.
We recommended that DOE track and disclose such information.
smashed piggy bank
What GAO Found
The improper payments amounts that the Department of Energy (DOE) reported in its annual agency financial reports (AFR) for fiscal years 2015 through 2019 may not be accurate or complete. Agencies with programs that are susceptible to significant improper payments—including those with more than $100 million of improper payments in a year—are required to report statistically valid estimates of their improper payments. DOE determined these requirements did not apply, but optionally reported information on actual improper payments it made and identified in the prior year. For example, in its fiscal year 2019 AFR, DOE reported fiscal year 2018 improper payments—such as those made to contractors for unallowable costs—totaling about $36 million, less than 0.1 percent of its outlays. However, DOE did not disclose that these amounts do not include improper payments identified through reviews, audits, and investigations completed several years after it issues its AFR (see figure). For example, as of September 2019, DOE had not audited $23.8 billion of its $38.5 billion in fiscal year 2018 outlays. Such audits may increase the improper payments in a year by millions of dollars. For example, based on a 2017 audit, DOE identified $34 million in fiscal year 2010 improper payments. DOE does not always track information on the year improper payments were made that would allow it to determine whether improper payments identified later would increase the total to more than $100 million. By tracking and disclosing such information, DOE could better inform Congress, the public, and others about whether it exceeded the $100 million threshold and should be subject to additional reporting requirements.
Department of Energy's Fiscal Year 2018 Improper Payments
Note: Segments of the bar are not sized to scale and do not represent the amount of improper payments.
DOE determined that its risk of significant improper payments was low in its fiscal year 2018 risk assessment. However, GAO found that the risk assessment may not provide a reasonable basis for DOE's determination. DOE did not provide sufficient documentation to support that it considered the known lag in identifying improper payments as an inherent risk, nor did it provide sufficient documentation to support its rationale for the scale it used to score risk factors or for weighting risk ratings of payment reporting sites. For example, a payment site processing $3 million of outlays had the same weight in the overall assessment as a payment site processing $5.7 billion of outlays. As a result, DOE cannot demonstrate that its low-risk determination is reasonable and that its risk assessment process produces reliable results.
Why GAO Did This Study
Improper payments—payments that should not have been made or were made in an incorrect amount—are a significant problem in the federal government. Agencies are required to perform risk assessments to identify programs that are susceptible to significant improper payments.
House Report 115-697 included a provision for GAO to review DOE's system for tracking improper payments. This report examines the extent to which (1) the amounts reported in DOE's AFRs for fiscal years 2015 through 2019 were accurate and complete, and (2) its fiscal year 2018 risk assessment provided a reasonable basis for its risk determination. GAO reviewed DOE's improper payment reporting for fiscal years 2015 through 2019 and its fiscal year 2018 risk assessment, and reviewed documents and interviewed officials from 10 of 48 reporting sites selected to provide a range of sites and about half of fiscal year 2018 reported improper payments.
Recommendations
GAO is making nine recommendations to DOE, including to track and disclose information on improper payments identified later and determine whether these payments exceeded $100 million in any year, and to revise its risk assessment process to ensure the process has a reasonable basis and reliable results. DOE agreed with six of the recommendations, but did not agree with three recommendations, including to revise its risk assessment process. GAO maintains that the recommended actions are valid.
Recommendations for Executive Action
| Agency Affected | Recommendation | Status |
|---|---|---|
| Department of Energy | The Office of the Chief Financial Officer should require payment reporting sites to document their procedures for identifying, tracking, and reporting improper payments to ensure they provide consistent and comparable information about their improper payments over time. (Recommendation 1) |
DOE agreed with the recommendation. DOE updated its fiscal year 2020 payment integrity reporting guidance, issued in July 2020, to require contractors and sites to certify that they have developed and implemented procedures for implementing payment integrity requirements. Additionally, DOE established a working group to research and analyze improved methodologies to ensure sites provide consistent and comparable data.
|
| Department of Energy | The Office of the Chief Financial Officer should develop a monitoring process to ensure that payment reporting sites document and implement procedures that will enable them to correctly identify and report improper payments to the OCFO. (Recommendation 2) |
DOE agreed with the recommendation. In 2021, DOE incorporated a detailed review of improper payments programs, plans, and procedures into its site visit procedures. Through fiscal year 2022, DOE had performed two such visits--Oak Ridge National Laboratory and the Office of Science's Consolidated Service Center in Chicago.
|
| Department of Energy | The Office of the Chief Financial Officer should require payment reporting sites to document policies for tracking questioned costs to resolution. (Recommendation 3) |
DOE agreed with the recommendation. DOE established a working group to develop a process to track questioned costs to resolution. The working group was expected to complete its work in late 2021 and report on its results in 2022. We requested additional information on the activities of the working group; as of January 2023, we have not received additional information.
|
| Department of Energy |
Priority Rec.
The Office of the Chief Financial Officer should track information on the year the payment occurred for all improper payments, regardless of when they are identified, and determine and disclose in DOE's AFR whether the department's total annual improper payments exceeded $100 million in any given year. (Recommendation 4) |
DOE agreed with the recommendation. In 2021, DOE assessed its improper payments identified in fiscal years 2015 through 2019 to determine the years that those improper payments occurred. Based on this analysis, DOE determined that its improper payments did not exceed $100 million in any given year from fiscal year 2006 to present. Additionally, in 2021, DOE started tracking the year that improper payments occurred--in addition to the year they are identified--which should allow DOE to better assess whether its improper payments exceed $100 million in any given year.
|
| Department of Energy | The Office of the Chief Financial Officer should clarify guidance to (1) define the factors for assessing adequacy of payment reporting sites' justifications that conducting recapture audits would not be cost-effective, and (2) require that the Office of the Chief Financial Officer review the sufficiency of these justifications against the criteria defined. (Recommendation 5) |
DOE agreed with the recommendation. DOE revised its annual Payment Integrity Guidance and training concerning the justification criteria and enhanced OCFO's quality assurance process for site submissions and justifications for its fiscal year 2020 report. Although the updated guidance and training states that justifications must include sufficient detail to support the justification, DOE has not defined how it is assessing the adequacy of these justifications. Additionally, in the sample justification that DOE provided as an example of the quality assurance process used to review the justifications, the reviewer noted that the justification was not sufficient because it did not show the minimal amounts of identified improper payments. As of January 2023, DOE had not taken additional steps to address this recommendation. We continue to believe that a lack of identified improper payments is not an adequate justification for not performing payment recapture audits.
|
| Department of Energy | The Office of the Chief Financial Officer should evaluate whether payment reporting sites could identify enough additional improper payments through payment recapture audits to make those audits cost-effective, such as by performing audits at selected sites. (Recommendation 6) |
DOE disagreed with the recommendation. In January 2023, DOE officials stated that they believe DOE's Internal Control and Payment Integrity programs and subcontractor audits adequately identify and recapture improper payments, and do not see the need for an additional analysis. We recognize that payment recapture audits may not be cost effective for DOE. However, we continue to believe that by evaluating whether it could identify enough additional improper payments to make payment recapture audits cost-effective, such as by performing audits at a limited number of sites, DOE would have an opportunity to identify and recover additional improper payments or have better information to justify that payment recapture audits are not cost-effective.
|
| Department of Energy | The Office of the Chief Financial Officer should revise DOE's department-level process for conducting improper payment risk assessments to include (1) developing and documenting the rationale for the variable scale used to score risk factors and weighting of the payment reporting sites; and (2) documenting DOE's consideration of the inherent risk associated with the lag in identifying certain improper payments subsequent to the fiscal year they occurred to ensure that the process results in a reliable assessment of whether the department is susceptible to significant improper payments. (Recommendation 7) |
DOE did not agree with the recommendation. DOE revised its risk assessment template for its fiscal year 2021 assessment and included documentation of the variable scale for risk factors and the weighting of those factors. Regarding the consideration of inherent risk, DOE updated its Payment Integrity Reporting Guidance for fiscal year 2021, including the risk assessment template, to include consideration of unknown payments, which are those that have not been determined to be allowable or improper.
|
| Department of Energy | The Office of the Chief Financial Officer should revise DOE's department-level policies and procedures for reviewing risk assessments submitted by payment reporting sites to require a review and approval of the documentation supporting these assessments to help ensure the accuracy of the sites' assessments. (Recommendation 8) |
DOE did not agree with the recommendation. As of March 2021, DOE reiterated its position that sufficient processes are in place for ensuring the accuracy of payment reporting sites' risk assessments. DOE also stated that OCFO's Payment Integrity Guidance instructs payment reporting sites to maintain detailed information supporting risk assessments. However, as we discuss in the report, 5 of the 10 sites we reviewed did not provide sufficient explanation or documentation supporting their ratings for several of the risk factors. In December 2021, DOE officials said that the Office of the Chief Financial Officer uses a quality assurance checklist to track needed revisions to the assessment. However, this process focuses on the completion of the documentation, as opposed to reviewing supporting documentation for the accuracy of the information. As of January 2023, DOE has not taken additional actions on this recommendation. We continue to believe that by developing, documenting, and implementing policies and procedures to require the OCFO to review documentation supporting payment site risk assessments, DOE would enhance its ability to adequately monitor its decentralized improper payment risk assessment process and help ensure that individual payment reporting sites accurately score their risk factors, leading DOE to obtain a more accurate and reliable assessment of its overall risk of susceptibility to improper payments.
|
| Department of Energy | The Office of the Chief Financial Officer should revise DOE's department-level policies and procedures for conducting improper payment risk assessments to define the process for overriding a payment reporting site's risk determination, when appropriate. (Recommendation 9) |
DOE agreed with the recommendation. DOE officials revised the department's risk assessment template used for fiscal year 2021 so that it is no longer subjective or based on the site's judgement. Instead, the template includes questions about the specifics of the site's operations, including program history, complexity, volume, program changes, inherent risk, deficiencies, internal controls, oversight, and data systems. The responses to these questions are used to calculate the risk for each payment category using an automated spreadsheet. According to DOE officials, they do not override a site's determination; rather, they work with sites to determine the correct rating.
|