Federal Reports

This Risk Advisory is to report our concerns regarding control weaknesses within the MyPBAweb application. The suggestions contained in this Risk Advisory do not constitute formal auditrecommendations.

Statement of John Roth, Inspector General Department of Homeland Security, before the Committee on Oversight and Government Reform U.S. House of Representatives concerning, “Recommendations and Reforms from the Inspectors General"

The Office of Inspector General issued the audit of the financial statements of the Single-Employer and Multiemployer Program Funds administered by the Pension Benefit Guaranty Corporation (PBGC) as of and for the years ended September 30, 2017 and 2016 finding:1. The financial statements were presented fairly, in all material respects, in conformity with accounting principles generally accepted in the United States of America. This is the 25th consecutive unmodified financial statement audit opinion.2. PBGC maintained, in all material respects, effective internal control over financial reporting as of September 30, 2017. Specifically:(a) Serious internal control weaknesses in PBGC’s programs and operations include three significant deficiencies: (i) Controls over the Present Value of Future Benefit (PVFB) Liability, (ii) Present Value of Nonrecoverable Future Financial Assistance (PV NFFA), and (iii) Access Controls and Configuration Management).(b) PBGC strengthened its control environment by implementing management practices to mitigate control deficiencies reported in previous years. Further, management improved its current business processes to address specific financial reporting and information technology control deficiencies.3. Instances of noncompliance or other matters that are required to be reported in accordance with Government Auditing Standards.(a) Potential Antideficiency Violation: PBGC maintains operating leases for all office site locations and its COOP site. However, PBGC did not record its full contractual obligation under all of the multiyear lease arrangements. We reported this as a potential violation in our FY 2016 Independent Auditor’s Report. In FY 2017, PBGC general counsel reported the violation to the Office of Management and Budget and is currently awaiting a decision.

Report on the Railroad Retirement Board's Financial Statements

We issued a disclaimer of opinion on the consolidated financial statements of the Corporation for National and Community Service (CNCS) as of September 30, 2017 and for the year then ended. Key audit findings were:• CNCS was unable to provide adequate evidential matter to support a significant number of transactions and account balances due to inadequate processes and controls to support transactions and estimates, and incomplete records to support transactions in accordance with generally accepted accounting principles. Auditors were unable to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion (disclaimer);• Four material weaknesses (Financial Reporting; Trust Fund Unpaid Obligations; Trust Service Award Liability Model; Grants Accrual Payable and Advance) and one significant deficiency (Information Technology Security Controls) in CNCS’s internal control over financial reporting;• No instances of noncompliance with applicable provisions of laws, regulations, contracts, and grant agreements.Had the scope of the auditors’ work been sufficient to enable them to express an opinion on the CNCS consolidated financial statements, other material weaknesses or significant deficiencies, or noncompliance or other matters may have been identified and reported.

We issued a disclaimer of opinion on the audit the National Service Trust Fund financial statements (Trust financial statements) as of September 30, 2017 and for the year then ended. CNCS was unable to provide adequate evidential matter to support a significant number of transactions and account balances due to inadequate processes and controls to support transactions and estimates, and incomplete records to support transactions in accordance with generally accepted accounting principles. Auditors were unable to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion (disclaimer).

As required by law, the Department of Transportation (DOT) Office of Inspector General reports annually on DOT's most significant challenges to meeting its mission. We considered several criteria in identifying ten DOT’s top management challenges for fiscal year 2018, including their impact on safety, documented vulnerabilities, large dollar implications, and the ability of the Department to effect change.

We contracted with the independent public accounting firm, CliftonLarsonAllen LLP (CLA), to audit VA’s financial statements as of September 30, 2017 and 2016, and for the fiscal years (FY) then ended. This audit is an annual requirement of the Chief Financial Officers Act of 1990. CLA provided an unmodified opinion on VA’s financial statements for FYs 2017 and 2016. With respect to internal control, CLA identified six material weaknesses: compensation, pension, burial, and education actuarial estimates; community care obligations, reconciliations, and accrued expenses; financial reporting; loan guarantee liability; Chief Financial Officer organizational structure; and information technology security controls. CLA further identified one significant deficiency: procurement, undelivered orders, accrued expenses, and reconciliations. CLA also reported VA’s substantial noncompliance with Federal financial management systems requirements and the United States Standard General Ledger at the transaction level under the Federal Financial Management Improvement Act (FFMIA). They noted improvements were needed in complying with the Federal Managers’ Financial Integrity Act. They cited instances of noncompliance with Title 38 United States Code §5315 pertaining to the charging of interest and administrative costs; noncompliance with Title 38 United States Code §3733 pertaining to the vendee loan program; and one violation of the Antideficiency Act, as reported to CLA by VA, which has been reported to Congress. VA is in the process of reporting five other violations. They also noted noncompliance with the Improper Payments Elimination and Recovery Act for FY 2016, as reported by the Office of Inspector General. CLA made recommendations for addressing each of the material weaknesses and significant deficiency. CLA is responsible for its audit report dated November 15, 2017 and the conclusions expressed in it.