Federal Reports

OIG evaluated Rural Development’s administration and oversight of the Rural Housing Service’s Uniform Residential Loan Application Information Technology Project.

The USDA OIG's Office of Analytics and Innovation has developed a second version of Broadband: A Data Stroll in partnership with the U.S. Department of Commerce OIG and the Federal Communications Commission OIG. 

We performed an audit of the costs billed to the Tennessee Valley Authority (TVA) by Burns & McDonnell Engineering Company, Inc (B&M) under Contract No. 15388 for engineering services.  Our audit objectives were to determine if (1) costs were billed in accordance with the contract terms, (2) the reasonableness of TVA’s process for evaluating and awarding proposed fixed price tasks issued under the contract, and (3) tasks were issued using the most cost-efficient pricing methodology.  Our audit scope included about $20.12 million in costs paid by TVA under Contract No. 15388 between September 25, 2020, and December 31, 2023.  This included approximately $19.97 million for fixed price projects and $156,136 for cost-reimbursable projects.  Our audit primarily focused on fixed price projects under the contract.  In summary, we determined:

• B&M did not provide credits to TVA for unearned fee, resulting in an overbilling of $16,854. 
• TVA did not evaluate fee for all tasks greater than $50,000 as required by the contract. 
• There were inconsistent guidelines regarding when competition was required and, as a result, TVA routinely direct-assigned fixed price tasks to B&M.  Without adequate competition between the contract partners on fixed price tasks, TVA is less able to ensure it is paying a fair fixed price amount.
• The use of fixed price compensation terms for tasks caused TVA to pay at least $644,550 more than it would have if the tasks had been issued under cost‑reimbursable payment terms.  Additionally, we estimated TVA could potentially avoid up to $2.52 million in future costs by issuing tasks under cost-reimbursable payment terms for the remaining contract spend.

This Office of Inspector General (OIG) Healthcare Facility Inspection program report describes the results of a focused evaluation of the care provided at the VA Southern Oregon Healthcare System in White City. 

This evaluation focused on five key content domains:
   •    Culture
   •    Environment of care
   •    Patient safety
   •    Primary care
   •    Veteran-centered safety net

The OIG issued one recommendation for improvement in one domain:
   1.    Environment of care
   •    Relocate papers and folders outside of examination rooms or secure them in protective coverings

This Office of Inspector General (OIG) Care in the Community healthcare inspection program report describes the results of a focused evaluation of community care processes at eight VA Desert Pacific Healthcare Veterans Integrated Service Network (VISN) 22 medical facilities with a community care program. 

This evaluation focused on four domains:
   •    Leadership and Administration of Community Care
   •    Community Care Diagnostic Imaging Results
   •    Administratively Closed Community Care Consults
   •    Community Care Provider Requests for Additional Services

The OIG issued 12 recommendations for improvement in the four domains:
   •    Leadership and Administration of Community Care
     o    Community oversight councils functioning according to charters
     o    Completing the operating model staffing tool reassessment
     o    Entering patient safety events in the Joint Patient Safety Reporting system
     o    Briefing patient safety trends, lessons learned, and corrective actions
     o    Scanning community care documents into the electronic health record
   •    Community Care Diagnostic Imaging Results
     o    Attaching diagnostic imaging results to the Community Care Consult Result note
     o    Using the significant findings alert for abnormal results
   •    Administratively Closed Community Care Consults
     o    Making two attempts to obtain medical documents after administrative closure
   •    Community Care Provider Requests for Additional Services
     o    Processing requests
     o    Incorporating requests in the electronic health record
     o    Verifying providers’ signatures on forms
     o    Sending denial letters to community providers

A Train Attendant based in New York City was terminated on January16, 2025, after his administrative hearing. Our investigation found that the employee violated company policy by sexually harassing a woman on an Amtrak train from Albany to Syracuse, New York, on April 26, 2024. During our interview with the employee, he admitted to his actions. He is ineligible for rehire.

The Office of Inspector General (OIG) is issuing this management advisory to bring attention to concerns regarding SBA’s use of hold codes for potentially fraudulent Paycheck Protection Program (PPP) loans referred by lenders. 

Opportunities exist for SBA to enhance its handling of lender-referred PPP loans suspected of fraud or illegal activity and its process for capturing these loans to ensure they are promptly flagged to mitigate fraud risk and financial loss. SBA’s Office of Credit Risk Management (OCRM) established a project for lenders to refer PPP loans suspected of fraud or illegal activity; however, we found that SBA did not flag all suspicious loans referred by lenders with a hold code 50 or capture all the loans in its summary workbook. 

SBA did not flag all PPP loans referred by lenders as suspected of fraud or illegal activity because OCRM wanted to validate the referred loan information with lenders first and this delayed response for flagging the loans was inconsistent with SBA’s established procedures and how other program offices handled lender referrals. Flagging a suspicious loan triggers a targeted review during both forgiveness and post-forgiveness examinations, providing an opportunity to mitigate improper payment due to fraud. To maximize this opportunity, SBA should immediately flag and review all suspicious loans referred by lenders and establish procedures to ensure all referred loans are captured in OCRM’s summary workbook.

Implementing our recommendations will enhance program integrity and mitigate fraud risk and financial loss by ensuring only eligible applicants receive program funding and that opportunities are identified to recover fraudulent or ill-gotten funds. SBA management partially agreed with four recommendations and agreed with one recommendation.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

This Office of Inspector General (OIG) Healthcare Facility Inspection program report describes the results of a focused evaluation of the care provided at the VA Poplar Bluff Health Care System in Missouri. 

This evaluation focused on five key content domains:
   •    Culture
   •    Environment of care
   •    Patient safety
   •    Primary care
   •    Veteran-centered safety net

The OIG issued four recommendations for improvement in three domains:
   1.    Culture
   •    Key leadership turnover
   •    Interactions with local union leaders
   2.    Environment of care
   •    Nonoperational security camaras
   3.    Primary care
   •    Primary care team staffing

To learn how communities across the nation responded to the pandemic, we initiated a multi-part review of six communities—two cities, two rural counties, and two Tribal reservations. This report is the fourth community-specific report and focuses on our work in Marion County, Georgia, where we previously identified that recipients, including city government, small businesses, and individuals, received almost $39 million from 27 pandemic relief programs and subprograms. This report provides a closer look at six pandemic programs and subprograms provided to Marion County by six federal departments.

The Tennessee Valley Authority (TVA) currently operates 29 power-generating hydro plants and one pumped-storage plant.  Between June 1, 2022, and May 31, 2024, employees at TVA’s hydro plants were paid a total of $71.7 million.  Of this $71.7 million, $15.1 million (21 percent) was paid for 187,579 hours of overtime to 243 employees. 

To help manage the effects of fatigue, TVA Safety Procedure 18.018, Fatigue Management, establishes “. . . a process to provide reasonable assurance that the effects of fatigue and degraded alertness do not impact an individual’s ability to safely and competently perform their duties.” Due to the high number of overtime hours worked at some of TVA’s hydro plants, we performed an evaluation to assess TVA’s management of overtime at hydro plants.

We determined significant amounts of overtime were worked at some hydro plants.  Specifically, we determined 58 percent (108,796 hours) of the 187,579 hours of overtime was worked at 5 of the 30 hydro plants.  The overtime worked was the equivalent of 24 full-time employees.  We also determined some employees worked significant amounts of overtime.  There were 30 instances where employees worked over 1,000 hours of overtime in a single year and 2 employees worked approximately 2,000 hours of overtime in a single year.  Additionally, we determined that TVA may not be accurately capturing the effects of fatigue because (1) fatigue evaluations are not being performed and (2) fatigue data is not being trended as required by the Fatigue Management procedure.

The Tennessee Valley Authority (TVA) currently operates 101 natural gas- and fuel oil-fired generators at 18 sites.  During 2020, we performed an evaluation of overtime worked at TVA gas plants and found a significant amount of overtime was being worked by employees at some plants.  In response to that evaluation, TVA hired additional full-time employees at some gas plants.  However, overtime worked at gas plants has continued to increase since our previous evaluation.  Specifically, between June 1, 2022, and May 31, 2024, employees at TVA’s gas plants were paid a total of $119.75 million.  Of this $119.75 million, $33.6 million (28 percent) was paid for 369,218 hours of overtime to 360 employees.

To help manage the effects of fatigue, TVA Safety Procedure 18.018, Fatigue Management, establishes “. . . a process to provide reasonable assurance that the effects of fatigue and degraded alertness do not impact an individual’s ability to safely and competently perform their duties.”  Due to the high number of overtime hours worked at some gas plants and the potential impact on fatigue management, we performed an evaluation to assess TVA’s management of overtime at gas plants.

We determined significant amounts of overtime were worked by employees at some gas plants.  Specifically, we determined 73 percent (269,586 hours) of the 369,218 hours of overtime was performed at 7 of 18 plants between June 1, 2022, and May 31, 2024.  The overtime worked was the equivalent of 61 full-time employees.  We also determined some employees worked significant amounts of overtime.  There were 109 instances where employees worked over 1,000 hours of overtime in a single year, including three with over 1,800 hours. Additionally, we determined that TVA may not be accurately capturing the effects of fatigue because (1) fatigue evaluations are not being performed and (2) fatigue data is not being trended as required by the Fatigue Management procedure.

We found that an oil and gas company used natural gas from a Federal lease to power cryptocurrency mining operations without authorization. 

The Cybersecurity and Infrastructure Security Agency (CISA) did not implement effective controls for the selected High Value Asset (HVA) system per Federal and departmental requirements. CISA developed policies and procedures to reduce risks to sensitive information stored on the selected HVA system. However, we identified security deficiencies in two of eight security and privacy controls required by the National Institute of Standards and Technology pertaining to:
•
access controls; and
•
awareness and training.
These deficiencies occurred because CISA did not have effective continuous monitoring of the selected HVA system. Without effective controls, CISA could not be assured that sensitive information stored and processed by the selected HVA system was protected and secured.

The PACT Act prompted a rush of new toxic exposure claims and required VA to both immediately train staff on reviewing the claims and provide training at least annually. VBA’s Compensation Service and Pension and Fiduciary Service created mandatory training courses and released them to employees through VA’s online training platform starting on September 20, 2022. The OIG conducted this review to assess VBA’s development and implementation of PACT Act training to prepare staff to process claims beginning January 1, 2023.

The review team determined the online courses contained accurate information and addressed their stated objectives. The team also found the delivery method was appropriate and confirmed both that end-of-course surveys were completed by claims processors and that each course included end-of-course test assessments. However, the team discovered VBA did not have summary reports created in FY 2023 analyzing the results of surveys and assessments and detailing training effectiveness. Although VBA later completed some of the summary reports, it never completed others—in part because no deadlines had been set for submitting them. Reasons for not completing summary reports varied from focusing on other priorities and management being under the false impression the work had already been completed.

By failing to complete timely summary reports of the effectiveness of its PACT Act training, VBA could not act on the recommendations they might have contained to improve training, which could have improved the accuracy of PACT Act claims processing. The OIG recommended completing the missing reports, requiring summary reports to evaluate all levels of training and providing feedback to training staff, and requiring reports to be completed by established deadlines.

This Office of Inspector General (OIG) Healthcare Facility Inspection program report describes the results of a focused evaluation of the care provided at Fargo VA Health Care System in North Dakota. 

This evaluation focused on five key content domains:
   •    Culture
   •    Environment of care
   •    Patient safety
   •    Primary care
   •    Veteran-centered safety net

The OIG issued no recommendations.

The Tennessee Valley Authority (TVA) Nuclear organization has a vision to be the top nuclear fleet by the end of fiscal year 2025 and an initiative to sustain top quartile performance.  Selection of suppliers responsible for maintenance or system upgrades within TVA’s nuclear fleet can affect TVA’s ability to maintain top quartile performance and achieve TVA Nuclear’s vision.  Two departments essential for making supplier selections are each plant’s respective Site Projects group and TVA’s Supply Chain (SC) organization.  Through soliciting vendors and evaluating vendor bids, these departments are responsible for obtaining the best value to TVA.  Because of the importance of supplier selections, we initiated an evaluation of solicitation and bid evaluation activities for Sequoyah Nuclear Plant (SQN).  The objective of our evaluation was to determine if solicitation and bid evaluation processes were performed in accordance with TVA’s policies and procedures for electrical, maintenance, and modifications services contracts at SQN. 

The Office of the Inspector General determined solicitation and bid evaluation processes were not performed in accordance with TVA’s policies and procedures for electrical, maintenance, and modifications project implementation at SQN as follows:

• Solicitations were not performed in compliance with TVA procedures.  Specifically, (1) requirements related to direct awarding of projects were not followed, (2) SC was not always involved in the solicitation process, and (3) adequate information (such as technical specifications, commercial pricing terms, and answers to bidders’ questions) was not always provided to vendors.
• Bid evaluation procedures were not always followed.  Specifically, (1) SC was not always involved in the commercial evaluations and (2) independent estimates were not always obtained to assess the reasonableness of vendor proposals. 
• Ineffective bid evaluation practices resulted in an inadequate bid evaluation and evaluation scoring that was based on incorrect or inadequate criteria.

The U.S. Government Publishing Office (GPO), Office of the Inspector General (OIG), investigated an allegation of time and attendance fraud involving a GPO employee, including claims that the employee was ineligible for telework.

In early 2021, AmeriCorps received $1 billion in supplemental funding under the American Rescue Plan (ARP) primarily to award grants in support of its programs. These funds were to remain available until September 30, 2024. On June 3, 2023, however, Congress rescinded all unobligated AmeriCorps ARP program funds. As part of our oversight of ARP funds, the AmeriCorps Office of Inspector General (AmeriCorps OIG) identified more than 100 Notices of Grant Award involving ARP funds issued after June 3, 2023. Although AmeriCorps’ position is that these grants could still be awarded because they were obligated prior to the recission when the CEO certified the award package containing the grants, the certification dates were not recorded in AmeriCorps’ systems or clearly articulated in its policies and procedures, resulting in AmeriCorps’ inability to accurately determine the status of funds. Our review also determined that Federal appropriation law, relevant precedent, and AmeriCorps’ own accounting treatment of when grant funds are obligated raise concerns that more than $144 million in ARP funds are at risk of having been obligated after they were rescinded by Congress. This alert highlights the need for AmeriCorps to seek a formal opinion from the Government Accountability Office (GAO) regarding whether AmeriCorps obligated rescinded ARP funds and to improve its policies, documentation, and recording of all key steps in its grant award process.

This report presents the results of our audit of the U.S. Postal Service’s Fiscal Year 2024 Officers’ Travel and Representation Expenses (Report Number 24-058-R25).

We audited WSFR grants awarded by FWS to the North Carolina Wildlife Resources Commission to ensure compliance and cost allowability.

This Office of Inspector General (OIG) Healthcare Facility Inspection program report describes the results of a focused evaluation of the care provided at the VA Western New York Healthcare System in Buffalo. 

This evaluation focused on five key content domains:
   •    Culture
   •    Environment of care
   •    Patient safety
   •    Primary care
   •    Veteran-centered safety net

The OIG issued no recommendations.

The VA Office of Inspector General (OIG) Vet Center Inspection Program provides a focused evaluation of aspects of the quality of care delivered throughout the Readjustment Counseling Service (RCS).

This inspection evaluated four review areas within Pacific District 5 including leadership stability, morbidity and mortality reviews, high risk suicide flag (HRSF) SharePoint site, and safety plans.

In the leadership stability review, the OIG found Associate District Directors for Counseling provided extended coverage for vet center director vacant positions, which limited their ability to provide effective oversight. In the morbidity and mortality review, the OIG identified that, based on active policy at the time of the inspection, district leaders did not complete timely, required reviews following notification of suicides and homicides. The OIG did not conduct the HRSF SharePoint site review due to concerns with data accuracy. In April 2024, the OIG made a recommendation to the RCS Chief Officer related to HRSF SharePoint site functionality. The recommendation remained open at the time of the inspection; therefore, the OIG will continue to monitor progress to closure and did not make a new recommendation. In the safety plan review, the OIG found vet center staff noncompliant with completing and providing safety plans to clients.

The OIG issued five recommendations for improvement.

This Office of Inspector General (OIG) Healthcare Facility Inspection program report describes the results of a focused evaluation of the care provided at the VA Chillicothe Healthcare System in Ohio. 

This evaluation focused on five key content domains:
   •    Culture
   •    Environment of care
   •    Patient safety
   •    Primary care
   •    Veteran-centered safety net
 

The OIG issued two recommendations for improvement in two domains:
1.    Environment of care
   •    Procedures for cleaning equipment and monitoring separation of clean and dirty storage items
2.    Primary care
   •    Leaders incorporate feedback from staff and include them in process improvement projects

This report presents the results of our audit of Topeka Sorting and Delivery Center’s preparedness to utilize electric vehicles in delivery operations.

Kearney determined that the Commission’s FY 2024 information security program was not in compliance with FISMA legislation, OMB guidance, and applicable NIST special publications.

The FISMA evaluation report includes seven findings and offers 27 recommendations to improve the effectiveness of FCC’s information security program controls. Of the 27 recommendations issued, 21 are either repeats or updates from prior FISMA evaluations, and six address new deficiencies identified in FY 2024. 

For our audit on National Oceanic and Atmospheric Administration’s (NOAA’s) National Weather Service (NWS) hurricane forecast and warning performance, our audit objective was to assess NWS progress toward improving hurricane forecasts and warnings.
We found that NWS has made progress improving tropical cyclone track and intensity forecasts since the Weather Act became law in 2017. Notably, NWS also extended its tropical weather outlook product, which provides tropical cyclone formation forecasts, by two days (from 5 to 7 days), made advancements in hurricane modeling, developed new means for communicating storm surge, and has taken early steps to incorporate social and behavioral science into its risk communications. However, we also found: I. National Hurricane Center has not extended tropical cyclone warnings and excludes performance measures that could help it better focus improvements on high-impact storms; II. National Hurricane Center has not ensured optimal usage of hurricane hunter aircraft; and III. NOAA’s Hurricane Forecast Improvement Program is insufficient to meet the Weather Act’s hurricane forecast and warning goal.

KPMG audited DOI’s financial statements and found one material weakness and one significant deficiency in financial reporting internal controls.

The objective of this inspection was to determine whether the FCA had included required provisions of the WPEA in applicable nondisclosure policies, forms, agreements, and related documents.

The Postal Reorganization Act of 1970 requires annual audits of the U.S. Postal Service’s financial statements. The Postal Accountability and Enhancement Act of 2006 requires the Postal Service to comply with Section 404 of the Sarbanes-Oxley Act. This section requires the Postal Service to report the scope and adequacy of its internal control structure and procedures and assess the effectiveness.

The U.S. Postal Service Board of Governors contracted with an independent public accounting (IPA) firm to express opinions on the Postal Service’s fiscal year 2024 financial statements and internal controls over financial reporting (an integrated audit). The IPA firm maintained overall responsibility for testing and reviewing significant Postal Service accounts, processes, and internal controls.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

The Office of Inspector General received an anonymous complaint alleging that: (1) Department of Energy Headquarters’ Sensitive Compartmented Information Facilities (SCIF) in the Forrestal Building have been out of compliance with U.S. Intelligence Community requirements; (2) the Office of Intelligence and Counterintelligence (DOE-IN) authorized a contractor employee to procure a contract for a congressionally directed review of DOE-IN’s Counterintelligence (CI) Program, which may have been a conflict-of-interest violation; and (3) DOE-IN has contractor employees conducting inspections of DOE-IN’s CI Program.

We initiated this inspection to determine the facts and circumstances regarding the alleged management concerns at DOE-IN.

We substantiated the allegation that Department Headquarters’ SCIFs in the Forrestal Building did not meet U.S. Intelligence Community requirements. Specifically, we found that SCIF reaccreditations, technical security reviews, and self-assessments were not conducted for some SCIFs occupied by DOE-IN. These issues occurred, in part, because DOE-IN did not develop and implement a formal corrective action plan with a strategic approach to improve SCIF compliance at Department Headquarters, including the necessary resources to implement the corrective action plan. To its credit, we noted that DOE-IN began making progress in calendar year 2023. In addition, we did not substantiate the allegation that DOE-IN authorized a contractor employee to procure a contract for a congressionally directed review of DOE-IN’s CI Program; therefore, we did not substantiate the allegation that there was a conflict-of-interest violation. Further, while we substantiated the allegation that DOE-IN has contractor employees conducting inspections of DOE-IN’s CI Program, we determined that the use of contractor personnel to conduct these inspections is not against DOE-IN policy. DOE-IN leadership approves the selection of the lead inspector and provides Federal oversight for CI Program inspections.

Noncompliance with U.S. Intelligence Community security requirements, which ensure that critical safeguards are fully implemented, may result in degradation of the security posture for SCIFs, potentially exposing highly classified national security information.

To address the issues identified in this report, we have made two recommendations that, if fully implemented, should help ensure that the Department maintains its Headquarters’ SCIFs in compliance with U.S. Intelligence Community requirements.

Savannah River Nuclear Solutions, LLC (SRNS) operates the Savannah River Site under a management and operating (M&O) contract which contains provisions and requirements governing the purchase of services from contractor-affiliated sources such as parent companies (i.e., corporate reachback).

We conducted this audit to determine whether: (1) SRNS’ use of corporate reachback at the Savannah River Site was in compliance with its M&O contract provisions and requirements governing the use of corporate reachback; and (2) the overall costs incurred for these activities were reasonable, allocable, and allowable.

We found that SRNS did not comply with its M&O contract requirements to use competition in purchasing services from contractor-affiliated sources; therefore, we are questioning the costs incurred for numerous corporate reachback activities as unallowable.

The issues we identified occurred, in part, because of the Department of Energy’s lack of oversight in ensuring SRNS followed the M&O contract requirements to: (1) sufficiently document the special expertise for each seconded corporate reachback acquisition when not using competition; and (2) sufficiently document the reasonableness of the costs incurred.

This report contains five recommendations that, if fully implemented, should help ensure SRNS follows its M&O contract requirements to use competition when purchasing services from a contractor-affiliated source. Although management concurred with our recommendations, we consider the action taken to address our recommendations unresponsive to the underlying concerns that prompted the recommendations.

An Amtrak Director based in New York City used his company-issued computer for personal business on company time. Those activities included visiting clothing, apparel, and design websites, excessively watching non-work related YouTube videos and visiting other personal-use websites. The employee was terminated on December 26, 2024, and he is not eligible for rehire.

OIG reviewed the Rural Business-Cooperative Service’s internal controls over the Meat and Poultry Processing Expansion Program grant recipients’ use of funds.

An Amtrak customer service representative based in Miami, Florida, signed a civil settlement agreement on December 21, 2024, with the U.S. Attorney’s Office, Southern District of Florida. The employee agreed to pay $48,000 in restitution and penalties related to the fraudulent receipt of two pandemic related loans. The employee applied for and received an Economic Injury Disaster Loan in the amount of $30,500 and a Paycheck Protection Program loan in the amount of $12,522.50. The loan applications contained false statements and information to qualify for the loans. As a result, the employee received Coronavirus Aid, Relief, and Economic Security Act funds to which he was not entitled.