Export-Import Bank: Additional Documentation about Stakeholder Roles and Clarity about Fraud Risks Would Strengthen Antifraud Efforts

What GAO Found

The Export-Import Bank of the United States (EXIM) has designed and implemented an antifraud strategy and collaborated with stakeholders to ensure its implementation, but the strategy is missing key elements. EXIM's strategy includes specific control activities to prevent and detect fraud in accordance with leading practices, which reflect the types and impacts of fraud (see figure).

Types and Impacts of Potential Fraud at Export-Import Bank of the United States

Further, EXIM identified risks that remained even after being mitigated by existing control activities that exceed its risk appetite. For those residual risks, EXIM identified and documented how the agency will respond to them, which better positions EXIM to prevent fraud risks that exceed its appetite. However, EXIM did not link these residual risks to its antifraud strategy. As described in fraud risk management leading practices, doing so helps program managers focus their activities. Without these linkages, EXIM cannot be assured that it is adequately addressing risks in a dynamic risk environment or that its approach addresses the fraud risks it identified and prioritized. EXIM also works with outside stakeholders, such as lenders and export credit insurance partners, to process transactions that that carry EXIM's guarantees. However, EXIM did not document these external stakeholders' roles and responsibilities for fraud controls in the strategy to ensure that all parties, including outside lenders and export credit insurance partners, understand their fraud-related responsibilities.

EXIM has established responsibilities and designed and implemented control activities to address its antifraud requirement, as required by its reauthorizing legislation. GAO also reviewed EXIM 2020-2021 transaction data to determine if EXIM had appropriately denied applications by parties convicted of EXIM-related fraud or corruption charges. GAO's analysis did not identify any relevant convicted parties within the EXIM transaction data.

Why GAO Did This Study

EXIM's mission is to support American jobs by facilitating the export of U.S. goods and services. Taxpayers could be responsible for losses arising from EXIM's operations, including losses due to fraud. The 2019 legislation reauthorizing EXIM included an antifraud requirement. Specifically, the legislation stated that EXIM shall deny an application for assistance if an individual has been convicted of an act of fraud or corruption in connection with an application for support from EXIM in the prior 5 years.

Since 2015, GAO has been mandated by law to periodically review EXIM's antifraud controls. This report assesses the extent to which EXIM has (1) designed and implemented an antifraud strategy and collaborated with stakeholders to ensure its implementation; and (2) established responsibilities and designed and implemented control activities to address its antifraud requirement as required by legislation. GAO assessed EXIM's activities against leading practices, reviewed EXIM documentation, and interviewed EXIM managers. GAO also reviewed EXIM transactions from January 1, 2020, to December 31, 2021—the most recent data available when GAO began its work.