OIG: NASA’s Compliance with the Improper Payments Information Act for Fiscal Year 2016
WHY WE PERFORMED THIS REVIEW
Each year the Federal Government makes billions of dollars in improper payments to individuals, organizations, and contractors. In fiscal year 2016, the estimated amount of improper payments Government-wide reached $144.3 billion – an increase of approximately $7.6 billion from the prior year’s estimate.
The Improper Payments Information Act of 2002 (IPIA) requires the heads of Federal agencies annually to identify programs and activities susceptible to improper payments, estimate the amount of improper payments made by their agencies, and report information about those payments. In addition, agency Inspectors General are required annually to evaluate whether their agencies comply with the IPIA requirements.
Our overall objective in this review was to determine whether NASA complied with the requirements of IPIA in fiscal year 2016. We also evaluated the completeness and accuracy of the Agency’s IPIA reporting and its implementation of recommendations made in our prior IPIA reports. To conduct this review, we examined applicable laws and regulations, interviewed Agency personnel, and reviewed NASA’s Agency Financial Report and supporting documentation.
WHAT WE FOUND
NASA met all applicable OMB criteria and complied with IPIA for fiscal year 2016. However, we identified several areas for improvement in the Agency’s risk assessment process. For example, the vast majority of NASA’s risk conditions are not rated on program-specific responses. Moreover, one of the few risk conditions that is program-specific and provides independent information on the effectiveness of controls within NASA’s payment process, “External Monitoring,” was assigned the least weight in computation of overall risk. Additionally, we found NASA’s review of external reports insufficient; the scoring criteria for certain risk conditions unreasonable; and several instances in which there was little or no correlation between the question, response, and/or scoring criteria. Finally, several risk factors were either not used properly, excluded, or unnecessary. These issues may have impacted the results of the Agency’s risk assessment and resulted in a different outcome regarding susceptibility to significant improper payments.
Consistent with our findings in prior years, NASA continued to limit its annual payment recapture audits to fixed-price contracts and exclude cost-type contracts, grants, and cooperative agreements. Also similar to prior years, we found lacking NASA’s documentation of its reasons for this decision.
Although NASA included the required information on recapture audit efforts in its financial report for fiscal year 2016, we noted inaccuracies in the tables reporting overpayments recaptured both within and outside that audit process. Additionally, not all overpayments recaptured outside of its recapture audits were reported. We noted similar errors in NASA’s reporting over the past 5 years and believe these types of inaccuracies and incomplete reporting continue because of the Office of the Chief Financial Officer’s failure to implement a comprehensive process to obtain recapture data, summarize the transactions, and review the results reported by various NASA offices, as well as report the total amounts in the financial report.
WHAT WE RECOMMENDED
In addition to the recommendations communicated in prior years’ audits that remain open, we recommended the Chief Financial Officer: (1) revise the weighted percentages judgmentally assigned to risk conditions to increase the weight for External Monitoring and decrease the weights for those conditions essentially treated as static, (2) revise the Agency’s rationale to better reflect each risk condition’s impact on the risk of significant improper payments, (3) revisit the description of the scoring criteria for all risk factors, particularly the risk factors under the External Monitoring and Materiality of Disbursements risk conditions, to ensure the criteria for each level is a fair representation of the risk, (4) utilize the Agency’s financial management system and, if needed, the corresponding reporting tool to identify the program(s) associated with procurement vehicles referenced in reports, (5) eliminate the practice of disregarding report results if a specific program is not identified; instead, consider the risk of improper payments to all programs that could be impacted by the risk, (6) consult with the issuer of a report to discuss recommendations if there are questions regarding potential duplication, (7) review and revise risk factors, as appropriate, to ensure there is a direct correlation between the question and scoring criteria, responses address the risk being assessed, and questions are not duplicated, (8) reconsider inclusion of the two additional risk factors related to OMB-designated programs and Hurricane Sandy funding since statutes stipulate that such programs are susceptible to significant improper payments, and (9) revisit the risk factor and scoring criteria under the Materiality of Disbursements risk condition to ensure the volume of payments made annually is properly considered as intended by OMB.
In response to a draft of this report, NASA management concurred or partially concurred with eight of nine recommendations and described corrective actions the Agency will take. Our recommendation to revise the weighted percentages for risk conditions remains unresolved pending further discussion with Agency officials.
