The Export-Import Bank of the United States supports American jobs by facilitating U.S. exports. It offers loans, loan guarantees, and other help to U.S. companies that cannot obtain private financing for their deals. It may assume risks that the private sector won't, including risk of losses due to fraud.
The bank has adopted antifraud practices as required by law.
We reviewed its 2020-2021 transactions to see if it denied applications from parties with fraud or corruption charges. We found no convicted parties among applicants.
Our recommendations address ways the bank could improve its responses to evolving risks of fraud and more.
What GAO Found
The Export-Import Bank of the United States (EXIM) has designed and implemented an antifraud strategy and collaborated with stakeholders to ensure its implementation, but the strategy is missing key elements. EXIM's strategy includes specific control activities to prevent and detect fraud in accordance with leading practices, which reflect the types and impacts of fraud (see figure).
Types and Impacts of Potential Fraud at Export-Import Bank of the United States
Further, EXIM identified risks that remained even after being mitigated by existing control activities that exceed its risk appetite. For those residual risks, EXIM identified and documented how the agency will respond to them, which better positions EXIM to prevent fraud risks that exceed its appetite. However, EXIM did not link these residual risks to its antifraud strategy. As described in fraud risk management leading practices, doing so helps program managers focus their activities. Without these linkages, EXIM cannot be assured that it is adequately addressing risks in a dynamic risk environment or that its approach addresses the fraud risks it identified and prioritized. EXIM also works with outside stakeholders, such as lenders and export credit insurance partners, to process transactions that that carry EXIM's guarantees. However, EXIM did not document these external stakeholders' roles and responsibilities for fraud controls in the strategy to ensure that all parties, including outside lenders and export credit insurance partners, understand their fraud-related responsibilities.
EXIM has established responsibilities and designed and implemented control activities to address its antifraud requirement, as required by its reauthorizing legislation. GAO also reviewed EXIM 2020-2021 transaction data to determine if EXIM had appropriately denied applications by parties convicted of EXIM-related fraud or corruption charges. GAO's analysis did not identify any relevant convicted parties within the EXIM transaction data.
Why GAO Did This Study
EXIM's mission is to support American jobs by facilitating the export of U.S. goods and services. Taxpayers could be responsible for losses arising from EXIM's operations, including losses due to fraud. The 2019 legislation reauthorizing EXIM included an antifraud requirement. Specifically, the legislation stated that EXIM shall deny an application for assistance if an individual has been convicted of an act of fraud or corruption in connection with an application for support from EXIM in the prior 5 years.
Since 2015, GAO has been mandated by law to periodically review EXIM's antifraud controls. This report assesses the extent to which EXIM has (1) designed and implemented an antifraud strategy and collaborated with stakeholders to ensure its implementation; and (2) established responsibilities and designed and implemented control activities to address its antifraud requirement as required by legislation. GAO assessed EXIM's activities against leading practices, reviewed EXIM documentation, and interviewed EXIM managers. GAO also reviewed EXIM transactions from January 1, 2020, to December 31, 2021—the most recent data available when GAO began its work.
GAO is making two recommendations to EXIM to (1) demonstrate links to its highest residual fraud risks within its antifraud strategy, and (2) document the roles and responsibilities of the external partners responsible for fraud controls. EXIM agreed with GAO's recommendations.
Recommendations for Executive Action
|Export-Import Bank of the United States||EXIM's Chair and President should update its antifraud strategy to demonstrate links to its highest internal and external residual fraud risks outlined in its fraud risk profile to its antifraud strategy. (Recommendation 1)|
|Export-Import Bank of the United States||EXIM's Chair and President should update its antifraud strategy to document the roles and responsibilities of the external parties, specifically delegated authority lending (DAL) and Export Credit Insurance (ECI) partners, responsible for fraud controls. (Recommendation 2)|