Federal Reports

Our Objective(s) To evaluate FHWA's construction quality assurance oversight activities. Specifically, we assessed: (1) the 52 FHWA Divisions' oversight of State Department of Transportation (State DOT) construction quality assurance programs, (2) FHWA Headquarters' construction quality assurance reviews, and (3) FHWA's dissemination of construction quality assurance information on the Agency's public website.
Why This Audit We conducted this audit because of increased funding, rising prices, supply chain challenges, and construction workforce shortages amplifying the importance of FHWA's oversight to ensure the quality of construction materials and workmanship on Federal-aid highway projects.
What We Found FHWA's divisions do not effectively oversee State DOTs' construction quality assurance programs.FHWA's Divisions could not demonstrate that they fully approved all their State DOTs' construction quality assurance programs as required for projects on the National Highway System. The Divisions also lack guidance from Headquarters on how to review State DOTs' program implementation. Further, FHWA Headquarters has not provided sufficient guidance to the Divisions on how to adequately oversee certifications of project materials and construction inspections. Furthermore, the guidance on how to oversee certifications of project materials lacks detail and the guidance to oversee construction inspections was outdated.
FHWA Headquarters' reviews of State DOTs' construction quality assurance programs do not fully address compliance and fraud risk.FHWA Headquarters conducts two reviews of State DOT construction quality assurance programs-one that assesses State DOT practices and compliance, and one that evaluates programs' effectiveness and how they minimize risk for fraud, waste, and abuse. However, the first does not fully address all regulatory requirements for the programs and the second does not address how the programs help minimize risk for waste, fraud, and abuse.
FHWA's public webpages on construction quality assurance contain outdated and incomplete information.For instance, FHWA's Policy and Guidance Center website, the central source of policy and guidance documents, has two webpages on construction quality assurance. However, neither includes all relevant documents.
Recommendations We made 13 recommendations to improve FHWA's oversight of State DOTs' quality assurance programs.

Our Objective(s)To determine whether (1) Moss Adams LLP's work complied with the Single Audit Act of 1984, as amended, the Office of Management and Budget's Uniform Guidance and the extent to which we could rely on the auditor's work on the U.S. Department of Transportation's (DOT) major program, and (2) the Port of Portland's reporting package complied with the reporting requirements of the Uniform Guidance.
Why This AuditDuring the fiscal year that ended on June 30, 2022, the Port of Portland (Port) expended approximately $28.6 million from a DOT program. Moss Adams determined that DOT's major program was FAA's Airport Improvement Program. We performed a quality control review on the single audit conducted by Moss Adams to ensure compliance with all Federal laws and regulations.
What We FoundReview of Audit Work

Moss Adams complied with the requirements of the Single Audit Act, the Office of Management and Budget's Uniform Guidance, and DOT's major program.
We found nothing to indicate that Moss Adams' opinion on DOT's major program was inappropriate or unreliable.
We identified a deficiency in Moss Adams' audit work that requires a correction in future audits.

Review of Reporting Package

We did not identify any deficiencies that required correction and resubmission of the Port's reporting package.

Rating We assigned Moss Adams an overall rating of Pass with Deficiencies.

We did not identify any instances of Commission employees signing a non-disclosure agreement with the U.S. AbilityOne Commission.

The Office of Inspector General (OIG) is issuing this Evaluation report to assess the Small Business Administration’s process for awarding Small Business Lending Company (SBLC) licenses and its compliance with licensing procedures.

An SBLC is a non-depository lending institution that is licensed and authorized by SBA to make loans pursuant to Section 7(a) of the Small Business Act and to intermediaries in SBA's Microloan Program.  In 1981, SBA imposed a moratorium on licensing new SBLCs and lifted the moratorium in 2023, opening the application period for three new SBLC licenses.  The three new SBLC licenses were issued to lenders focused on underserved markets, including small businesses in native, rural, and low-income communities.

SBA complied with its licensing procedures when it awarded three new SBLC licenses in fiscal year 2024. These procedures included an evaluation of qualitative factors required in the SBLC application and a comprehensive assessment of other factors that gauged each applicant’s strengths and limitations, such as historical performance measures and the applicant’s affiliation with lenders or lender service providers previously sanctioned by SBA. The application evaluation process also included reviews by different personnel across multiple SBA offices. In addition, we reviewed applications for the three awarded licenses and determined they contained all the information SBA required. As a result, we made no recommendations.
 

This management advisory highlights the risks associated with DOI awarding grants to the Illinois Department of Natural Resources.

KPMG LLP’s (KPMG) report on its financial statement audit of the National Credit Union Administration’s (NCUA) financial statements, which includes the Share Insurance Fund, the Operating Fund, the Central Liquidity Facility, and the Community Development Revolving Loan Fund, as of and for the years ended December 31, 2024, and 2023. The NCUA prepared financial statements in accordance with the Office of Management and Budget (OMB) Circular No. A-136 Revised, Financial Reporting Requirements, and subjected them to audit. Under a contract monitored by the NCUA OIG, KPMG, an independent certified public accounting firm, performed an audit of NCUA’s financial statements as of December 31, 2024. The contract required that the audit be performed in accordance with generally accepted government auditing standards issued by the Comptroller General of the United States, OMB audit guidance, and the Government Accountability Office/President's Council on Integrity and Efficiency Financial Audit Manual. KPMG’s audit report for 2024 includes: (1) an opinion on the financial statements, (2) conclusions on internal control over financial reporting, and (3) a section addressing compliance and other matters. In its audit of the NCUA, KPMG found:• The financial statements were fairly presented, in all material respects, in conformity with U.S. generally accepted accounting principles,• There were no deficiencies in internal control identified as material weaknesses or significant deficiencies and• No instances of reportable noncompliance with laws and regulations it tested or other matters that are required to be reported under Government Auditing Standards or OMB guidance.

The VA Office of Inspector General (OIG) conducted a healthcare inspection to assess clinic cancellation practices at a VA Northern Indiana Healthcare System (system) mental health clinic in Fort Wayne, Indiana. 

The OIG found that mental health leaders and a social work supervisor used a standard clinical disposition process to address the needs of a social work mental health provider’s (the provider’s) patients and transition patients to alternate appointments or treatment following the provider’s sudden resignation. Mental health leaders and a social work supervisor completed the clinical disposition process before advanced medical support assistants canceled patients’ previously scheduled appointment(s) with the provider. Upon review of the electronic health records and patient safety data, the OIG did not identify any concerns or adverse outcomes related to the cancellations.

The OIG concluded that the chief of mental health and the chief of social work did not notify the Chief of Staff (COS) to seek approval for urgent cancellations of the provider’s clinic as required by the system clinic cancellation policy. Ultimately, due to mental health and social work leaders’ communication failures, the COS could not approve the clinic cancellations or assess the need for, and potential allocation of, resources; nor did it allow for COS evaluation of the potential patient impact.

An additional concern was identified regarding the system’s failure to include social work providers assigned to mental health clinics during the system-initiated review of short notice clinic cancellations.

The OIG made two recommendations to the System Director to (1) evaluate the system clinic cancellation policy and COS notification of urgent clinic cancellations and to (2) include social work mental health provider data in the system review of short notice clinical cancellations within mental health clinics.

The VA Office of Inspector General (OIG) conducted this inspection to assess the oversight and stewardship of funds by the VA Tampa Healthcare System. This inspection assessed four financial activities and administrative processes to determine whether appropriate controls and oversight were in place: use of managerial cost accounting information, open obligations oversight, purchase card use and oversight, and supply chain management operations.

The OIG found the healthcare system could use managerial cost accounting information more effectively to help spend more efficiently and improve its performance measurement process for identifying and correcting cost inaccuracies.

The healthcare system did not always perform monthly reviews and deobligate funds no longer needed. The healthcare system appeared to use funds from the wrong fiscal year to pay for services, which may have violated the “bona fide needs” rule. The OIG estimated $6.3 million in open obligations was invalid due to the healthcare system’s lack of monthly follow-up and reconciliations and found that an estimated $5.9 million in invalid obligations should have been deobligated for better use.

The healthcare system did not always process purchase card transactions in accordance with VA policy. The OIG found violations involving a lack of prior approvals, supporting documentation, and segregation of duties.

Furthermore, the healthcare system did not meet the days-of-stock-on-hand metric or maintain accurate supply chain data. Officials also did not fulfill their duties to ensure that Medical Surgical Prime Vendor (MSPV) ordering officers and a facility contracting officer’s representative were nominated and delegated to ensure the MSPV program achieved its goals and objectives and effectively safeguarded the government’s interests and resources.

The OIG made 12 recommendations for improvement to the healthcare system director. The recommendations address issues that, if left unattended, may eventually interfere with financial efficiency practices and the strong stewardship of VA resources.

Congress enacted section 117 of the Higher Education Act, as amended, (Section 117) mandating financial transparency of institutions of higher education (institution) through required reporting of gifts from and contracts with a foreign source. Applicable institutions must file a disclosure report by one of the two annual reporting deadlines, January 31 or July 31, whichever is sooner, once the reporting obligation has been triggered. Section 117 helps to raise awareness of potential foreign influence on college campuses which could help stakeholders assess, detect, and respond to potential threats to U.S. academic and research pursuits, free speech on campuses, and national security. We conducted an inspection to evaluate FSA’s oversight of institutions’ reporting of foreign gifts and contracts under Section 117. To answer our objective, we reviewed FSA’s oversight activities, along with FSA’s monitoring plan, policies, and procedures related to its oversight of institutional reporting under Section 117. We also determined if FSA is accurately posting the data it receives from institutions. We found that FSA’s oversight of institutions’ reporting of foreign gifts and contracts under Section 117 needs improvement. Specifically, FSA’s oversight activities are limited to reviewing whistleblower tips, Department of Education news bulletins, and other media reports for potential institutional noncompliance with Section 117 and providing technical assistance to institutions. FSA does not have any monitoring plans, policies, or procedures in place for its oversight of Section 117 reporting. Additionally, we found that FSA is accurately posting the data it receives from institutions through its Section 117 reporting portal onto its public-facing website; however, FSA could improve its Section 117 reporting portal to assist in identifying and reducing data input errors.

Our Objective(s)To perform a quality control review (QCR) of Allmond & Company, LLC's (Allmond), management letter related to the audit of STB's financial statements for fiscal years ended September 30, 2024, and September 30, 2023. We reviewed Allmond's management letter, dated November 6, 2024, and related documentation.
About This ReportWe contracted with the independent public accounting firm Allmond to audit STB's financial statements. Allmond also issued a management letter discussing internal control matters that Allmond was not required to include in its audit report.
What We FoundThe independent auditor, Allmond, found seven internal control matters in STB's operations.

STB does not have agency-specific written policies and procedures for processing personnel actions.
STB does not enforce existing policies that require employees to submit, and supervisors to approve, leave requests for annual leave used.
STB does not perform a full review of accountable property and does not update inventory listings when items are issued or reassigned to employees.
STB does not have a procedure to validate upward and downward adjustment activity in the general ledger and to make the necessary corrections to ensure that both the upward and downward adjustment balances are accurate.
STB does not have procedures to ensure that employees' annual leave balances are correct and that carryover balances comply with laws and regulations.
STB expensed a portion of capitalized equipment in error.
STB taxed Federal Employees Health Benefits premiums in error.

Our QCR disclosed no instances in which Allmond did not comply, in all material respects, with U.S. generally accepted Government auditing standards.
RecommendationsWe agree with Allmond's 13 recommendations to help strengthen STB's internal controls.

Our Objective(s)To perform a quality control review (QCR) of KPMG LLP's management letter related to the audit of the Federal Aviation Administration's (FAA) consolidated financial statements as of and for the fiscal years ended September 30, 2024, and September 30, 2023. We reviewed KPMG's management letter, dated November 27, 2024, and related documentation.
About This ReportWe contracted with the independent public accounting firm KPMG to audit FAA's consolidated financial statements. KPMG also issued a management letter discussing internal control matters that KPMG was not required to include in its audit report.
What We FoundThe independent auditor, KPMG, found 12 internal control matters in FAA's management of operations. Two of the matters are related to DOT's internal controls and, although they affect FAA's control environment, FAA is not required to take corrective actions. The remaining 10 internal control matters are weaknesses in FAA's:

procurement system separation of users,
procurement system new user and recertification processes,
timely recording of procurement
accounting for costs incurred in projects with both construction and operating
and accuracy of intragovernmental lease payments
over the timely deobligation of grant undelivered orders,
calculation of non-letter of intent and additional Infrastructure Investment and Jobs Act grant accruals, and
Headquarters review of manual journal vouchers.
In addition, documentation weaknesses exist in the Enterprise Services Center's review of FAA journal entries, and
FAA has an insufficient number of personnel to support the annual recertification of payroll system users.

Our QCR disclosed no instances in which KPMG did not comply, in all material respects, with U.S. generally accepted Government auditing standards.
RecommendationsWe agree with KPMG's 15 recommendations to strengthen FAA's information technology and service organization system, business process, and manual journal voucher controls.

Our Objective(s)To determine whether DOT has established and implemented effective controls to secure and manage its mobile devices. As part of our review of DOT's mobile device management, we also assessed DOT's processes for maintaining an inventory of mobile devices and monitoring the costs of their use.
Why This AuditMany Federal employees use mobile devices, including smart phones to access their agencies' networks and systems, including those that process sensitive information. However, these devices can leave sensitive data vulnerable to cybersecurity threats and malicious software. Given increased use of mobile devices by DOT personnel and the cybersecurity risks associated with this use, we initiated this audit.
What We FoundDOT is taking steps to secure its mobile devices but has not yet implemented sufficient controls to effectively secure and manage all devices.

DOT's Office of the Chief Information Officer (OCIO), the Federal Aviation Administration (FAA), the U.S. Merchant Marine Academy (USMMA), and the Office of Inspector General (OIG) have begun implementing user and device authentication and data protection controls for their use of mobile devices. However, FAA and USMMA have not rapidly adopted software updates to ensure mobile operating systems are configured securely.
FAA and USMMA do not always restrict the use of mobile applications and do not have effective policies and procedures to manage and secure their mobile devices. In addition, OCIO and USMMA have not addressed security control weaknesses for their mobile device management solutions.

FAA has not maintained accurate inventories, and DOT OCIO and FAA have not ensured efficient spending for mobile devices.

Maintaining accurate inventories and monitoring spending are keys to efficient mobile device management. However, FAA did not maintain accurate inventories of its mobile devices. We found 157 personally owned mobile devices that had been granted access to FAA's network resources that FAA did not report to OIG when we took inventory.
DOT OCIO and FAA did not have effective controls in place to ensure efficient spending on mobile devices and services. We identified that FAA and OCIO were spending money on many mobile devices with zero usage, resulting in our identification of up to $422,838.45 for FAA and up to $203,884.19 for OCIO in funds that could be put to better use.

RecommendationsWe made 6 recommendations to improve DOT's process for managing and securing mobile devices within DOT's enterprise.

Our Objective(s)To inform FHWA's guidance for preventing and detecting anticompetitive practices. Specifically, we (1) assessed competition in procurement for Federal-aid highway projects using statistical methods, (2) provided estimates of the effects on contract costs when certain anticompetitive practices occur, and (3) identified opportunities to improve FHWA's guidance for preventing and detecting anticompetitive practices.
Why This AuditFederal law generally requires States to award contracts for Federal-aid highway projects through competitive bidding. However, concerns about anticompetitive bidding practices in highway procurements have existed for decades. Because of the importance of competition in highway procurement and the low number of studies that have attempted to assess it, we undertook this audit.
What We FoundOur analyses found significant indications of potential complementary bidding on highway procurements.

At least a third of the contracts we analyzed using machine learning in Florida, Georgia, North Carolina, New Jersey, Pennsylvania, and South Carolina were potentially affected by complementary bidding.
Our conservative, econometric method also flagged significant potential complementary bidding in most States we examined, affirming the machine learning results.

Contracts identified as potentially affected by complementary bidding had higher costs, but separate analysis of firms in flagged pairs found limited evidence of their affecting costs.

We estimated that the costs of flagged contracts ranged from an average of 5.2 percent to 10.2 percent higher, depending on the State, than for comparable potentially competitive contracts.
Cumulatively, these estimated cost increases amount to $1.19 billion (in 2021 dollars), or a 6.9 percent cost increase in the Federal-aid highway contracts flagged by our analyses across the six States.

While FHWA has improved its guidance for preventing anticompetitive practices, our analysis shows a more systematic approach to detection is needed.

FHWA's guidance during our review period did not adequately support State DOTs' prevention or identification of anticompetitive practices.
Although improved, FHWA's current guidance continues to lack explicit direction for frequent, regular, and systematic analysis.

RecommendationsWe made 1 recommendation to improve State DOTs' capabilities to detect and mitigate anticompetitive bidding.

EPA guidance generally addresses IIJA Drinking Water State Revolving Fund, or DWSRF, emerging contaminants provisions. These provisions include focusing on projects that address per- and polyfluoroalkyl substances, or PFAS. However, the EPA's guidance does not detail allowable ranking and funding levels of non-PFAS projects. Further, the EPA guidance does not adequately describe how to process transfers between different state revolving funds.

Without adequate guidance, states may inconsistently process transfers between their state revolving funds.

This report presents the results of our audit of the Efficiency of Operations at the Macon Local Processing Center.

This Office of Inspector General (OIG) Healthcare Facility Inspection program report describes the results of a focused evaluation of the care provided at the VA Salem Healthcare System in Virginia. 

This evaluation focused on five key content domains:
   •    Culture
   •    Environment of care
   •    Patient safety
   •    Primary care
   •    Veteran-centered safety net

The OIG issued two recommendations for improvement in one domain:
1.    Environment of care
   •    Mitigating the impact of construction on patient care in the Emergency Department
   •    Ensuring the toxic exposure screening navigators verify data to track veterans waiting for secondary screenings and address any backlog

This report presents the results of our audit of delivery operations and property conditions at the Warner Robins Main Post Office in Warner Robins, GA.

This report presents the results of our audit of delivery operations and property conditions at the Zebulon Branch, Macon, GA.

This report presents the results of our audit of delivery operations and property conditions at the Gray Main Post Office in Gray, GA.

This report presents the results of our audit of delivery operations and property conditions at the Perry Administrative Post Office in Perry, GA.

Williams, Adley & Company-DC, LLP (Williams Adley), under contract with the Department of Homeland Security Office of Inspector General, concluded that DHS complied with applicable statutes, regulations, and policies governing grants and contracts awarded by any means other than full and open competition in fiscal year 2024. During that year, DHS awarded 27 noncompetitive grants worth approximately $22 million and 374 noncompetitive contracts worth approximately $2.3 billion through means other than full and open competition.

(U) The objective of this joint audit was to determine
whether the Coast Guard implemented cybersecurity
controls to protect Coast Guard systems operating
on the Department of Defense (DoD) Information
Network (DODIN) in accordance with applicable
cybersecurity requirements. The Coast Guard
must comply with DoD cybersecurity requirements
because its systems operate on the DODIN.
The Coast Guard’s roles and responsibilities for
operating its systems on the DODIN are set forth in
a series of memorandums between the DoD and the
Department of Homeland Security (DHS).

VBA’s Fiduciary Program protects vulnerable individuals unable to manage their own VA benefits due to injury, disease, infirmities, or age. The program appoints and oversees fiduciaries to manage those payments. Each beneficiary must have a record in the Veterans Benefits Management System–Fiduciary (VBMS-Fid), the fiduciary program’s case management system, so staff can assess beneficiaries’ well being and prevent misuse of those funds. The OIG conducted this review to determine whether VBA had procedures to ensure beneficiaries’ records were created and that staff oversaw fiduciaries as required.

The OIG found VBA did not create VBMS-Fid records for 311 beneficiaries deemed incompetent from June 10, 2003, to June 30, 2023, and who had received about $24.5 million in VA compensation and pension benefits without oversight. Although this was less than 1 percent of all FY 2023 beneficiaries, their risk of harm was significant because the program was not monitoring their financial, physical, or mental well-being. This lapse occurred primarily because records did not migrate to VMBS-Fid from legacy systems or staff did not manually create the records.

Overall, the program failed to oversee these beneficiaries because it lacked controls to identify when they did not have an electronic fiduciary record. Beneficiaries with fiduciaries whose records did not migrate to VBMS-Fid were supervised by fiduciaries who were acting without program oversight for more than three years, and beneficiaries who never had a record established received no oversight—some for potentially as long as 15 years. If there had been a monitoring system, the program could have identified the 311 beneficiaries and placed them under the program’s protection.

VBA implemented the OIG’s three recommendations to establish records for the 311 beneficiaries, resume oversight activities to assess the well being of beneficiaries and the use of funds, and implement controls to flag beneficiaries without records.

This report presents the results of our audit of Retail and Customer Service Operations Efficiency.

Texas properly expended IIJA orphaned well initial grant funds and fulfilled program goals.

The EPA did not consistently manage its Sewer Overflow and Stormwater Reuse Municipal Grants, or OSG, Program in accordance with some applicable laws, regulations, policies, and guidance. We found that, as of January 10, 2024, the EPA had not awarded approximately $20 million, or about 18 percent, of the approximately $110 million allocated to states within the OSG Program for fiscal years 2020 through 2022. In addition, the EPA failed to meet its statutory requirement to submit a report to Congress, provided insufficient justification on required merit review worksheets, and allowed a cost share to be imposed on a grant that should have been exempt because the communities to benefit were rural or financially distressed.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

We identified risks associated with a contractor BIE hired to assist in resolving inaccuracies in BIE’s facility management system.

Guilty Plea in Hacking of the SEC’s X Account

The independent public accounting firm of Allmond & Company, LLC, under contract with the Office of Inspector General, audited the EAC’s administration of travel for fiscal year 2023 and the first two quarters and one month of fiscal year 2024. The objective of the audit was to determine if the EAC’s travel administration process was in compliance with the provisions outlined in the Federal Travel Regulation. Auditors also reviewed the corrective actions taken to address the deficiencies noted in a July 2007 OIG audit report.

The FTC OIG conducted this audit to assess the effectiveness of the Consumer Response Center's (CRC) current practices and procedures related to recording and responding to consumer reports and inquiries.

The U.S. Department of Housing and Urban Development’s (HUD) development of requirements documents is a collaboration across HUD program offices.  The Office of the Chief Procurement Officer (OCPO) is responsible for obtaining all goods and services required by HUD efficiently and in the most cost-effective manner possible, while program offices are responsible for preparing the requirements documents and submitting an actionable requisition to OCPO.  Once OCPO receives the requisition package, OCPO reviews the requirements documents in the package for any errors or disconnects between tasks and deliverables.  When the requisition package is considered actionable, OCPO accepts the requirements documents and moves the package forward for solicitation.

HUD has processes to facilitate collaboration during the development of requirements documents, including the Acquisition Liaison Unit (ALU), the Integrated Project Team (IPT), and the Integrated Acquisition Team (IAT).  The ALU and the IAT are led by OCPO.  The ALU provides support to program offices by providing contracting expertise when program offices are developing requirements documents.  The IAT promotes effective and timely collaboration between stakeholders early in the acquisition planning process.  The IPT, which is led by program offices, also brings together all stakeholders in the early stages of developing the requirement to ensure that the requirements are defined early in the acquisition life cycle.  

Even though HUD has processes for the development of requirements documents, the acquisition workforce across HUD faces common challenges.  The four challenges most frequently mentioned by both OCPO and program office staff members are related to requirements documents processes, collaboration, roles and responsibilities, and the capacity of OCPO.  Process-related challenges refer to processes used to complete requirements documents, including the ALU, IPT, and IAT.  Collaboration-related challenges include references to a lack of engagement.  Challenges related to roles and responsibilities were cited with mentions of confusion or friction about roles and responsibilities of personnel involved in developing requirements documents.  Challenges related to the capacity of OCPO refer to turnover, understaffing, and bandwidth of OCPO staff.  

We provided HUD with three recommendations to improve requirements documents processes and requirement documents roles and responsibilities. 

The Office of the Inspector General contracted with Castro & Company, LLC to evaluate the effectiveness ofthe Smithsonian's information security program in fiscal year 2024.  For Fiscal year 2024, Castro found that the Smithsonian Institution’s Information security program was effective overall because it was operating at a managed and measurable level (Level 4) in all five cybersecurity functions (Identify, Protect, Detect, Respond, and Recover).
 

Castro noted Smithsonian continues to make improvements to their information security program.  Castro made six recommendations to improve Smithsonian’s configuration management.  Management concurred with all six recommendations.

The National Credit Union Administration (NCUA) Office of Inspector General (OIG) conducted this self-initiated audit to assess the NCUA’s compliance with its examiner-in-charge rotation policy and procedures. The objectives of our audit were to determine whether the NCUA: (1) rotated examiners-in-charge in the regions and the Office of National Examinations and Supervision (ONES) in accordance with established requirements, (2) adequately maintained all written approved exceptions to the rotation policy, and (3) assigned examiners-in-charge to perform examinations of federal credit unions or federally insured state-chartered credit unions in accordance with established grade level requirements. The scope of our audit covered the period from January 1, 2015, through December 31, 2022. However, due to timing, we expanded our scope for some examinations to determine whether rotation of examiners-in-charge occurred as prescribed by the National Supervision Policy Manual (NSPM) or the ONES’ office practices, when applicable.

An Amtrak passenger conductor based in Sacramento, California, resigned from his position on February 5, 2025, while under investigation. Our investigation found that the former employee violated company policies by engaging in outside employment while on a personal leave of absence from Amtrak.

Our Objective(s)To (1) evaluate surface transportation Operating Administrations' processes for identifying positions needed to implement new and expanded Infrastructure Investment and Jobs Act (IIJA) programs and (2) report on those Operating Administrations' progress toward addressing identified IIJA staffing needs. Why This AuditIn 2022, the U.S. Department of Transportation (DOT) established a goal to hire more than 1,400 employees in its surface transportation Operating Administrations and the Office of the Secretary of Transportation (OST) to respond to identified IIJA-related surface transportation workforce needs between fiscal years 2022 and 2026. Successful IIJA program implementation relies in part on DOT maintaining the needed, appropriately skilled workforce. Accordingly, we initiated this audit to assess DOT's estimation of its workforce needs. What We FoundSurface transportation Operating Administrations and OST can improve planning processes and better incorporate data-analytic methods for estimating IIJA workforce needs. Despite a requirement to plan for and manage workforce needs and update hiring goals, most Operating Administrations and OST did not document policies and procedures for estimating IIJA workforce needs or for updating ongoing hiring estimates. Further, Federal regulations require Federal agencies to use comprehensive data-analytic methods for workforce planning. However, two Operating Administrations and OST did not employ such methods. Surface transportation Operating Administrations and OST reported filling most IIJA target positions, but DOT's hiring metrics do not accurately reflect onboard workforce capability. As of May 2024, DOT reported filling 1,204 new IIJA positions. Surface transportation Operating Administrations and OST initially set a goal to hire 1,403 employees by the end of fiscal year 2026. As of September 2024, several Operating Administrations and OST had adjusted their targets, bringing the total new-hire target to 1,638. DOT tracks and reports to the Office of Personnel Management the number of selections it has made for those positions. However, these data may not accurately reflect whether new positions are currently filled or whether DOT has advanced its progress in meeting its IIJA workforce capacity goals because the number of reported selections includes all individuals who received an employment offer-even if those individuals are not yet working, subsequently leave the Agency after starting employment, or transfer internally from a non-IIJA position. RecommendationsWe made 2 recommendations to improve DOT's processes for estimating its workforce needs.