Federal Reports

We contracted with the independent public accounting firm of CliftonLarsonAllen LLP (CLA) to audit the financial statements of FHA as of and for the fiscal years ended September 30, 2021 and 2020, and to provide reports on FHA’s 1) internal control over financial reporting; and 2) compliance with laws, regulations, contracts, and grant agreements in its financial reporting.  Our contract with CLA required that the audit be performed in accordance with U.S. generally accepted government auditing standards, Office of Management and Budget audit requirements, and the Financial Audit Manual of the U.S. Government Accountability Office and the Council of the Inspectors General on Integrity and Efficiency.

In its audit of FHA, CLA reported:

• The consolidated financial statements as of and for the fiscal year ended September 30, 2021, are presented fairly, in all material respects, in accordance with U.S. generally accepted accounting principles.
• One material weakness and one significant deficiency in internal control over financial reporting, based on the limited procedures that it performed.
• A material weakness existed related to FHA controls over financial accounting and reporting.
• A significant deficiency existed related to FHA econometric modeling activities used to estimate the agency’s loan guarantee liability.
• No reportable noncompliance issues for fiscal year 2021 with provisions of applicable laws, regulations, contracts, and grant agreements tested and no other matters.

This report, along with the audited financial statements, is included in FHA’s Annual Management Report, which is available at https://www.hud.gov/program_offices/housing/hsgrroom/fhaamr

The Office of the Inspector General is required by the Federal Information Security Modernization Act of 2014 (FISMA) to conduct an annual independent evaluation that determines the effectiveness of the information security program (ISP) and practices of its respective agency. To that end, the Office of Inspector General engaged the independent public accounting firm McConnell & Jones LLP (M&J) to conduct the annual evaluation and complete the FY 2021 IG FISMA Reporting Metrics. The objective of the evaluation was to assess the effectiveness of the Commission’s security program and practices across key functional areas, as of September 30, 2021. The evaluators determined that although the Commission took positive steps to implement policies, procedures and strategies, there are existing improvement opportunities. Specifically, the Commission remediated seven of the nine prior year recommendations leading to their closure at the end of FY 2021. Furthermore, the overall assessment of the Commission’s FY 2021 information security program was deemed effective because the tested, calculated, and assessed maturity levels across the functional and domain areas received an overall rating of effective. However, the evaluators identified two new findings with two corresponding recommendations.

The Fiscal Year 2022 Oversight Plan reflects the priority work that the OIG believes is necessary to keep the EPA, the CSB, and Congress fully informed about issues relating to the administration of Agency programs and operations. It is also important to note that our planning efforts are not static and that the projects included herein may be modified throughout the year as challenges and risks for the EPA and the CSB evolve and emerge.When originally issued on December 14, 2021, this document counted Audit of EPA’s Integrated Risk Information System Configuration-Management and Access-Control Compliance as an ongoing rather than a planned project. We updated the document on December 16, 2021, to accurately reflect the status of the project. This correction changed the number of planned projects for the EPA to 43 and ongoing projects for the EPA to 24.

The Office of Community Care, part of the Veterans Health Administration (VHA), manages programs that allow veterans to receive medical care from non VA providers. This audit evaluated whether VHA paid for non-VA acupuncture and chiropractic care that was not authorized or supported by medical documentation. The audit team also assessed whether VHA followed guidance for reauthorizing the care.The team found that VHA paid for care that was not authorized, including for more visits than allowed and for treatments not allowed by standards for care. For example, some acupuncturists billed for more than two rounds of needle insertions when only two rounds were allowed. VA’s automated system for processing claims did not prohibit unauthorized visits or unallowable treatments in claims submitted by non-VA providers.Further, VHA paid acupuncture and chiropractic claims that lacked appropriate supporting medical documentation. The unsupported payments persisted because VHA staff did not retroactively review documentation samples for deficiencies. The audit team estimated that improper payments for acupuncture and chiropractic care amounted to about $136.7 million during fiscal years 2018 and 2019.The audit team also found that VHA did not always follow guidance when reauthorizing acupuncture and chiropractic care. Not documenting assessments of prior treatments before authorizing additional care may interfere with veterans’ treatment.The OIG made six recommendations to the under secretary for health related to adding automated payment system controls, auditing the payment process, retrospectively auditing non-VA medical documentation, making continuing education material related to medical documentation available to non-VA providers, following the Office of Community Care’s Field Guidebook, and documenting clinical justification for non-VA care.

The OIG conducted this review to determine the risk of the Veterans Health Administration (VHA) improperly paying community care providers for evaluation and management services not supported by medical documentation.The review team found that some providers are billing VA at a significantly higher rate for high-level evaluation and management services than their peers in the same specialty. The team determined that in fiscal year (FY) 2020, more than 37,900 non-VA providers billed and were paid for significantly more high-level evaluation and management codes than were all providers in that specialty on average. These non-VA providers received about $39.1 million (13 percent) of the approximately $303.6 million paid for all non-VA evaluation and management services.Additionally, some providers billed separately for evaluation and management services during periods when the global surgery package was in effect. This package is supposed to cover all surgery-related services for a set period. The review team identified more than 45,600 providers who were paid about $37.8 million in FY 2020 for these evaluation and management services.Improper payments were not easy to detect because VHA staff did not retrospectively audit medical documentation as required. Additionally, the OIG found no evidence that VHA or contractors trained non VA providers on documenting evaluation and management services, similar to how VA providers are trained. The OIG determined VHA risked overpaying for evaluation and management services by about $19.9 million in FY 2020.The OIG made two recommendations to the under secretary for health related to (1) reviewing medical documentation for evaluation and management services billed by non-VA providers and then developing processes to act on the results of those reviews; and (2) ensuring non-VA providers receive current and future continuing education materials on proper medical documentation for evaluation and management services.

Semiannual Report to Congress: April 1, 2021, through September 30, 2021