Federal Reports

Observations on the SEC’s Rulemaking Process, Report No. 588

Over the last 5 years, the U.S. Small Business Administration’s (SBA) has been unable to pass a financial audit, receiving disclaimers of opinion year after year. The independent public auditor has been unable to offer an opinion on the financial state of SBA because it has not received sufficient evidence to support a number of balances. We reviewed SBA’s history of disclaimers and material weaknesses from fiscal years 2020 to 2024, open recommendations, and SBA’s new strategy for addressing material weaknesses and obtaining a clean audit opinion.

SBA’s accounting deficiencies were primarily related to administering an unprecedented amount of disaster assistance aid and guaranteed loan funds to help eligible small business owners and entrepreneurs adversely affected by the pandemic. Over the course of 18 months, the agency delivered 22.1 million pandemic assistance loans and grants, totaling $1.2 trillion. To address the systemic financial reporting deficiencies, SBA launched its Financial Statement Audit Remediation Strategy in January 2025 to resolve the seven material weaknesses and 56 open audit recommendations.

We made four recommendations to enhance implementation of SBA’s financial statements remediation strategy. We recommended the Administrator appoint a senior executive to lead the effort and emphasize audit remediation priorities through consistent agencywide communication. We also recommended that the remediation strategy be incorporated into SBA’s next strategic plan and individual performance plans to ensure accountability. SBA management agreed with all four recommendations.

Under a contract monitored by this office, the Office of the Inspector General engaged Castro, an independent public accounting firm, to perform the Fiscal Year 2025 Independent Evaluation of the Smithsonian Institution’s Information Security Program. 
 

Smithsonian Enterprises (SE) oversees the majority of the revenue-generating operations of the Smithsonian Institution
(Smithsonian). It is an essential source of unrestricted funds— monies without donor-imposed or legal restrictions on their use. SE provides unrestricted funds to the Smithsonian through the operation of revenue-generating activities.
In SE's fiscal year (FY) 2023, SE generated $150.8 million in net revenue, including more than $63 million from 32 retail stores, approximately $10.7 million of which were cash transactions.

OIG made four recommendations for Smithsonian Enterprises management to improve compliance with policies and procedures related to document retention, audits over cash management, system access for separated employees, and discounts. Management concurred with all four recommendations.

The OIG received a hotline allegation that the Veterans Service Center manager at the Philadelphia VA Regional Benefit Office permitted a senior veterans service representative (VSR) to “blindly” approve hundreds of rating decisions for disability benefits claims each day without conducting the required reviews. The OIG team substantiated the allegation. From at least fiscal year 2022 through 2024, this senior VSR authorized about 85,300 claims—about 19 times the national average. The senior VSR spent an average of 4.7 minutes reviewing each claim authorized during this three-year period, versus a national average of about 21 minutes. The OIG obtained data showing that the senior VSR rarely opened necessary documents to verify claim information prior to authorization. The senior VSR contributed more than 35 percent each year toward the regional office’s claims completions goal, a metric that is part of regional office executive directors’ performance standards.

Based on the results of a statistical sample of 32 rating decisions that the senior VSR authorized from January 1, 2024, through June 30, 2024, the team estimated that approximately 13,200 decisions (84 percent) had at least one error. Some of the errors likely occurred because the senior VSR did not open and review the necessary documents. Monetary impact errors resulted in an estimated $2.2 million in improper payments during this period.

Officials from the regional office, the Northeast District, and the central office were aware of the Philadelphia senior VSR’s unusually high authorization rate. However, they overlooked opportunities to strengthen internal controls and effectively respond to the associated risks. The OIG recommended the under secretary for benefits review the errors the OIG team identified, correct these errors, and evaluate the effectiveness of controls for authorization rate outliers.

The Office of Inspector General (OIG) initiated this review based upon Office and Management Budget Circular A-50, which states that the resolution and follow-up of audit, inspection, and evaluation recommendations is an integral part of effective management and is a shared responsibility of agency management officials and auditors. Our objective was to review and summarize the Commission's open recommendations, identify any challenges to closing recommendations, and consider alternative actions for recommendations that may no longer be relevant due to changes in the Commission's policies and procedures. 

To accomplish our objective the OIG, analyzed the open recommendations from prior reports, reviewed applicable criteria related to the resolution of recommendations, and conducted interviews. The audit covered the period December 1, 2020, through August 31, 2025. The audit was performed in accordance with the U.S. Government Accountability Office’s Generally Accepted Government Auditing Standards. 

The Commission is working to modernize the AbilityOne Program, including implementing its new Cooperative Agreements with the Central Nonprofit Agencies (CNA) and updating its Program policies. As a result of the modernization efforts and updated agreements and policies, the OIG agreed to close 20 of the 55 open recommendations. Additionally, the Commission and the OIG have a renewed understanding that should improve communication and collaboration during future audits and closure process.

The OIG has no specific recommendations associated with this report.