Federal Reports

We issued this to determine whether the Social Security Administration (SSA) processed Appeals Council remands as a priority workload.

We issued this to determine whether the Social Security Administration (SSA) processed returned Old-Age, Survivors and Disability Insurance (OASDI) benefits according to policy.

The VA Office of Inspector General (OIG) conducted this audit to determine if the Beneficiary Fiduciary Field System (BFFS) had the necessary controls to protect data integrity and safeguard protected information. The BFFS is the information technology system for VA’s Fiduciary Program that handles benefit payments for veterans and other beneficiaries who, due to injury, disease, or age, are unable to manage their financial affairs and are thus vulnerable to fraud or abuse. In 2017, fiduciaries received about $3.1 billion in payments on behalf of more than 211,000 beneficiaries. The OIG found the BFFS lacked sufficient controls to ensure privacy of sensitive data and prevent fraud and misuse. Specifically, the OIG found VA’s Office of Information and Technology inappropriately set the security risk level for BFFS at moderate instead of high. Risk managers did not follow established standards and did not consider whether information for beneficiaries and fiduciaries stored in the system’s database was sufficiently protected. The OIG also found more than 1,600 BFFS users had nationwide access to data, including records not needed for their duties. The Veterans Benefits Administration (VBA) does not have a review process for access privileges, and officials did not fully enable audit logs. When combined, this created an unnecessary risk that unauthorized access to sensitive information would go undetected. Finally, the OIG found VBA did not fully separate duties during the field examination report submission process, potentially allowing sensitive information to be changed without approval or documentation. The OIG made four recommendations, including reevaluating the risk determination for the BFFS, improving controls over end-user access levels, fully enabling audit logs to accurately and comprehensively track access to system records, and improving separation of duties issues.

The VA Office of Inspector General (OIG) conducted reviews of each of the three Veterans Health Administration (VHA) Regional Procurement Offices (RPOs) to assess the use of sole-source procedures when awarding service contracts valued at more than $700,000 in fiscal year (FY) 2017. A sole-source contract is awarded without full and open competition. The Federal Acquisition Regulation states, with a few exceptions, that a contracting officer will not negotiate sole-source contracts without a written justification and appropriate approvals. The lack of approval violates the Federal Acquisition Regulation, and without competition the government could pay more and be more susceptible to fraud. The OIG reviewed 18 sole-source contracts awarded by RPO Central valued at about $77 million to determine whether proper justification had been filed and approval obtained. The OIG found that a contracting officer did not obtain the required approval for an ambulance service contract worth about $2.2 million because he did not understand the procedures. The same contracting officer also unnecessarily limited competition on the same contract by failing to plan for the procurement in advance. The new sole-source contract was awarded based on compelling urgency, even though RPO Central officials knew for several years that they would need to open a new competition when the existing contract expired. When contracting officers violate federal regulation by failing to obtain the required approval for sole-source contracts, they exceed their authority and this could result in the termination of their warrant, which is their authority to enter into, administer, or terminate contracts. Because the RPO Central contracting officer exceeded his authority on the ambulance service contract, the $2.2 million cost was not fully justified. The OIG recommended VHA ensure awareness of approval procedures for sole-source contracts and ensure adequate time is allotted for soliciting and awarding recurring services competitively.