Federal Reports

Observations on the SEC’s Rulemaking Process, Report No. 588

Over the last 5 years, the U.S. Small Business Administration’s (SBA) has been unable to pass a financial audit, receiving disclaimers of opinion year after year. The independent public auditor has been unable to offer an opinion on the financial state of SBA because it has not received sufficient evidence to support a number of balances. We reviewed SBA’s history of disclaimers and material weaknesses from fiscal years 2020 to 2024, open recommendations, and SBA’s new strategy for addressing material weaknesses and obtaining a clean audit opinion.

SBA’s accounting deficiencies were primarily related to administering an unprecedented amount of disaster assistance aid and guaranteed loan funds to help eligible small business owners and entrepreneurs adversely affected by the pandemic. Over the course of 18 months, the agency delivered 22.1 million pandemic assistance loans and grants, totaling $1.2 trillion. To address the systemic financial reporting deficiencies, SBA launched its Financial Statement Audit Remediation Strategy in January 2025 to resolve the seven material weaknesses and 56 open audit recommendations.

We made four recommendations to enhance implementation of SBA’s financial statements remediation strategy. We recommended the Administrator appoint a senior executive to lead the effort and emphasize audit remediation priorities through consistent agencywide communication. We also recommended that the remediation strategy be incorporated into SBA’s next strategic plan and individual performance plans to ensure accountability. SBA management agreed with all four recommendations.

The independent public accounting firm of RMA Associates, LLC, under contract with the Office of Inspector General, audited the EAC’s information security program for fiscal year 2025 in support of the Federal Information Security Modernization Act of 2014 (FISMA). The objective was to determine whether the EAC implemented an effective information security program.

The Office of Inspector General (OIG) initiated this review based upon Office and Management Budget Circular A-50, which states that the resolution and follow-up of audit, inspection, and evaluation recommendations is an integral part of effective management and is a shared responsibility of agency management officials and auditors. Our objective was to review and summarize the Commission's open recommendations, identify any challenges to closing recommendations, and consider alternative actions for recommendations that may no longer be relevant due to changes in the Commission's policies and procedures. 

To accomplish our objective the OIG, analyzed the open recommendations from prior reports, reviewed applicable criteria related to the resolution of recommendations, and conducted interviews. The audit covered the period December 1, 2020, through August 31, 2025. The audit was performed in accordance with the U.S. Government Accountability Office’s Generally Accepted Government Auditing Standards. 

The Commission is working to modernize the AbilityOne Program, including implementing its new Cooperative Agreements with the Central Nonprofit Agencies (CNA) and updating its Program policies. As a result of the modernization efforts and updated agreements and policies, the OIG agreed to close 20 of the 55 open recommendations. Additionally, the Commission and the OIG have a renewed understanding that should improve communication and collaboration during future audits and closure process.

The OIG has no specific recommendations associated with this report.