Federal Reports

The U.S. Postal Service’s mission is to provide timely, reliable, secure, and affordable mail and package delivery to more than 160 million residential and business addresses across the country. The U.S. Postal Service Office of Inspector General (OIG) reviews delivery operations at facilities across the country and provides management with timely feedback in furtherance of this mission.

The U.S. Postal Service’s mission is to provide timely, reliable, secure, and affordable mail and package delivery to more than 160 million residential and business addresses across the country. The U.S. Postal Service Office of Inspector General (OIG) reviews delivery operations at facilities across the country and provides management with timely feedback in furtherance of this mission.

The U.S. Postal Service needs effective and productive operations to fulfill its mission of providing prompt, reliable, and affordable mail service to the American public. It has a vast transportation network that moves mail and equipment among about 315 processing facilities and 31,200 post offices, stations, and branches. The Postal Service is transforming its processing and logistics networks to become more scalable, reliable, visible, efficient, automated, and digitally integrated. This includes modernizing operating plans and aligning the workforce; leveraging emerging technologies to provide world-class visibility and tracking of mail and packages in near real time; and optimizing the surface and air transportation network. The U.S. Postal Service Office of Inspector General (OIG) reviews the efficiency of mail processing operations at facilities across the country and provides management with timely feedback to further the Postal Service’s mission.

Our Objective(s)To (1) determine whether MARAD has implemented an information management system for the SAPR Program that complies with NDAA requirements and (2) assess the system's cybersecurity and privacy controls.
Why This AuditThe 2023 National Defense Authorization Act (NDAA) required MARAD to establish for the U.S. Merchant Marine Academy's (USMMA) Sexual Assault Prevention and Response (SAPR) Program an information management system (IMS) for sexual assault and sexual harassment claims, and for the Office of Inspector General to conduct a cybersecurity audit of the system.
What We FoundMARAD has not established an information management system for USMMA's SAPR Program that complies with NDAA requirements.

Instead of acquiring a new IMS, USMMA uses a spreadsheet system for the SAPR Program.
USMMA officials acknowledge that this spreadsheet system does not meet the Academy's needs.
The SAPR Program tracks and maintains most but not all required information in its spreadsheet system.
The program also has not implemented a process to update the records of acquitted individuals in its spreadsheet system.

The SAPR Program's spreadsheet system lacks sufficient cybersecurity and privacy controls.

The program's spreadsheet system lacks the cybersecurity controls required by the National Institute of Standards and Technology and the Department of Transportation's Cybersecurity Compendium to properly secure and protect the confidentiality, integrity, and availability of the program's sensitive data and information.
MARAD's Privacy Officer has not analyzed the spreadsheet system to determine what privacy protections should be implemented to protect personally identifiable information stored in the system.

Recommendations We have made four recommendations to improve MARAD's oversight of USMMA's Sexual Assault Prevention and Response Program.

The EPA did not monitor bus deployment status and recipient use of over $836 million of 2022 Clean School Bus, or CSB, Program rebates, despite the Agency stating it would do so in the 2022 Clean School Bus (CSB) Rebates Program Guide. As of June 2024, only 22, or 6.1 percent, of the 360 schools that received rebates in 2022 had completed their rebate closeouts. At the time of this audit, we found that ten, or 59 percent, of the 17 schools we reviewed are in the process of installing the infrastructure necessary to operate the new clean buses and may not meet the program closeout deadline of October 2024. Additionally, the EPA did not provide guidance to recipients on how funds should be managed. We found that, contrary to multiple OIG briefings on strategies to reduce fraud risk, the EPA allowed recipients to keep CSB funds in accounts with other funds or earn interest on rebate funds while they wait to pay the final invoices, which increases the risk of program funds and interest earned being used for other purposes.

During the reporting period, the Office of Audits completed and published the Fiscal Year (FY) 2023 and FY 2024 Federal Information Security Modernization Act (FISMA) audits and the Payment Integrity Information Act audit; the latter two were completed by independent public accountants (IPAs) overseen by the Office of Audits. Additionally, the audit team began work on the following audits: FY 2024 CFTC Financial Statements; FY 2024 CFTC Customer Protection Fund Financial Statements; CFTC’s Compliance with the Government Charge Card Act; and CFTC’s Enterprise Risk Management Program. The audit team is also working with the Council of Inspectors General on Financial Oversight (CIGFO) in its review of the effectiveness and internal operations of the Financial Stability Oversight Council (FSOC) designation of nonbank financial companies. In addition, we established the Office Evaluations and initiated an evaluation into the CFTC’s non-disclosure policies, forms, and agreements to assess compliance with the Whistleblower Protection Enhancement Act of 2012.

Dependency and Indemnity Compensation is a monthly benefit paid to eligible survivors of service members who died in the line of duty or as a result of a service related injury or illness. Under the PACT Act, survivors with previously denied claims may be newly eligible for Dependency and Indemnity Compensation related to toxic exposure. These survivors may reapply for benefits and might receive retroactive payments dating back to the original date of entitlement. The OIG conducted this review to assess the accuracy of VBA’s processing of Dependency and Indemnity Compensation claims reopened under the PACT Act.

The OIG team reviewed two statistical samples of claims that were reopened under the PACT Act after having previously been denied. One set were claims that, after being reprocessed, were again denied; the other set were claims that were granted after being reprocessed. Both sets involved claims completed from January 1 through July 31, 2023. The OIG found that pension management center staff generally denied these claims appropriately; however, there were some inaccuracies when claims were granted. Errors stemmed from unclear guidance on how to reevaluate claims and from a lack of information system enhancements and resulted in a projected $33.1 million in underpayments to survivors. The OIG made three recommendations to correct errors and improve the claims process.

We audited WSFR grants awarded by FWS to the North Carolina Department of Environmental Quality, Division of Marine Fisheries to ensure compliance and cost allowability.

The PACT Act significantly expanded veterans’ eligibility for disabilities that VA presumes are related to exposure to toxic substances. The VA Office of Inspector General (OIG) conducted this review to determine whether Veterans Benefits Administration (VBA) staff processed PACT Act claims for presumptive disabilities in accordance with applicable laws and procedures before denying them.

This report highlights that claims processors sometimes requested unwarranted examinations, which delayed claims processing and burdened veterans, or the processors did not return examinations for clarification when there was insufficient or conflicting information. Claims processors also sometimes requested medical opinions to determine service connection for disabilities the PACT Act presumed to be connected to service. These errors resulted in unnecessary payments for examinations and medical opinions, as well as underpayments to veterans. Additional errors had the potential to affect veterans’ benefits, such as when claims processors prematurely based decisions on inadequate or inconsistent examination results before denying veterans’ claims.

The OIG team also identified errors in claims processing that, while correctly denying service connection, resulted in an estimated $1.4 million in unnecessary costs for unwarranted examinations and medical opinions in the six-month review period. Underpayments were also identified totaling about $56,700 for two veterans’ claims during the same period who were improperly denied service connection. The team also found an estimated minimum of 870 potential errors that could affect veterans’ benefits. The OIG acknowledges that VBA has taken steps to address these kinds of errors for examinations, but that work is ongoing.

VBA concurred with the OIG’s two recommendations to update the claims processing manual to clarify when examinations and medical opinions are needed and to continue to develop tools to aid claims processors in determining when they are needed and to evaluate their effectiveness.

We audited the Federal Housing Administration (FHA), Office of Asset Sales’ U.S. Department of Housing and Urban Development (HUD)‐Held Vacant Loan Sales (HVLS) program. The audit objective was to assess the extent to which HUD tracks and measures its loan sales’ program success and its achievement of mission outcomes as they relate to the Affordable Housing Action Plan. HUD did not have adequate information to measure its loan sales’ program success as it relates to the affordable housing initiatives. HUD does not require third-party purchasers to report their identifying information, nor does it require them to report their final use of purchased properties, resulting in incomplete program outcome data. There were inconsistencies in the sales outcome reports provided by purchasers to HUD; and purchasers across HVLS sales did not provide sufficient documentation to support their reported uses of the mortgage loans and underlying properties. Postsale reporting is critical because HUD uses it to ensure that purchasers comply with the program requirements. However, because of inadequate measurement information, we were not able to determine HUD’s success rate in achieving mission objectives. With better postsale reporting, HUD can better assess whether the HVLS program outcomes are furthering HUD’s goals to promote affordable housing, expand opportunities for home ownership, and revitalize communities.

This report summarizes EPA Office of Inspector General work and accomplishments from April 1, 2024, through September 30, 2024.

According to Tennessee Valley Authority (TVA) Standard Programs and Processes 26.003, Community Contributions, TVA helps enable a better quality of life in the communities it serves (1) through its work in energy, the environment, and economic development and (2) by supporting educational and community goals. Much of TVA’s giving activity supporting educational and community goals is administered under formally established programs, including the Community Contributions and Community Care Fund programs. In addition, individual TVA organizations may initiate giving-related expenditures outside these programs at their discretion. During calendar years 2022 and 2023, TVA had approximately $30.5 million in expenditures identified as contributions, donations, and grants in TVA’s general ledger.

Due to large dollar expenditures made during calendar years 2022 and 2023, we performed an audit of TVA’s expenditures for contributions, donations, and grants. Our audit objective was to determine if the expenditures were made in compliance with TVA policies and procedures.

We determined Community Contributions program transactions were not consistently reviewed and approved in accordance with TVA Standard Programs and Processes 26.003 requirements. We also determined there is no guidance addressing administration of the Community Care Fund program and contribution-related expenditures made by individual TVA organizations outside TVA’s formal giving programs. In addition, we found instances where unrelated general expenditures made outside of TVA’s formal giving programs were misclassified as contribution-related expenditures in the general ledger.

This report summarizes the oversight work performed by EAC OIG during the 6-month period ended September 30, 2024.

NGA OIG Fall Semiannual Report to Congress, 1 April - 30 September 2024

This report provides an overview of the work of the Office of Inspector General during the period of April 1, 2024 through September 30, 2024.

At the request of the Office of National Drug Control Policy (ONDCP) , OIG reviewed Rural Development's (RD) contributions to the National Drug Control Strategy.

The FEC OIG's Semiannual Report to Congress for the period April 1, 2024 - September 30, 2024.

To see our report, click on the link below

The Tennessee Valley Authority (TVA) performs an annual cost of service study that, according to Commercial Energy Solutions Standard Programs and Processes 21.7.3, Cost of Service, “is used to estimate the cost to TVA of serving particular classes of customers and to compare that cost to the estimated revenue derived from those classes. The analysis may be used to derive, evaluate, initiate, or justify rate actions.”

Due to the importance of fairly recovering costs to serve TVA customers through rate design, we performed an audit of TVA’s fiscal year (FY) 2023 cost of service study. Our audit objectives were to determine if TVA’s cost of service study was (1) performed in accordance with policies and procedures and (2) designed to accurately consider all revenue and costs to serve each customer classification.

We determined TVA’s FY 2023 cost of service study was performed in accordance with TVA policies and procedures; however, we noted the detailed internal procedure had not been recently updated to reflect organizational changes. Additionally, we identified an area where the cost of service study design could more accurately reflect the costs to serve each customer classification.

I am pleased to submit the Amtrak Office of Inspector General (OIG) Semiannual Report to the United States Congress for the six months ending September 30, 2024, which summarizes our independent and objective reviews and investigations related to Amtrak’s programs and operations. During this reporting period, our work continued to focus on areas in which Amtrak can improve the effectiveness and efficiency of its operations as well as ongoing efforts to detect and prevent fraud, waste, and abuse.

Our Semiannual Report to Congress covering the period April 1, 2024, to September 30, 2024, features highlights of the OIG’s audit and investigations accomplishments during the past 6 months.

This statutory report presents the activities and accomplishments of the OIG from April 1, 2024, through September 30, 2024. The audits, investigations, and related work highlighted in the report are products of our mission to identify and stop fraud, waste, and abuse; and promote accountability, efficiency, and effectiveness through our oversight of the U.S. Department of Education’s programs and operations.

This semiannual report informs Congress of the Peace Corps Office of Inspector General's work from April 1, 2024, through September 30, 2024.

Read our latest report to Congress highlighting the OIG’s successful work from April 1, 2024, to September 30, 2024.

Fiscal Year 2024 Independent Evaluation of the SEC’s Implementation of the FISMA of 2014, Report No. 584

The Inspector General Act of 1978 requires the Inspector General to prepare semiannual reports summarizing the activities of the Office of Inspector General for the preceding six-month period. The semiannual reports are intended to keep the Secretary and Congress fully informed of significant findings, progress the Agency has made, and recommendations for improvement.

At the request of the Tennessee Valley Authority (TVA) Supply Chain, we examined the contractor’s cost proposal for work in connection with the validation phase of TVA’s Small Modular Reactor and Clinch River Nuclear project. Our examination objective was to determine if the cost proposal was fairly stated for a planned contract with expenditures up to $25 million.

In our opinion, the cost proposal was overstated. Specifically, the proposed total markup rate for recovery of indirect costs was overstated compared to recent actual costs. We estimated TVA could avoid approximately $2.02 million over the planned $25 million by negotiating revised markup rates to more accurately reflect the contractor’s recent actual costs for 2022 and 2023. Subsequently, the contractor stated it would prefer to use its 2024 provisional total markup rate, which was lower than recent actual costs for 2022 and 2023. We estimated TVA could save an additional $473,000 by negotiating for the 2024 provisional total markup rate for a total cost avoidance of $2.49 million over the potential $25 million contract spend. In addition, we identified opportunities to clarify the draft contract language.

At the request of the Tennessee Valley Authority’s (TVA) Supply Chain, we examined the cost proposal submitted by a company for engineering and construction services in connection with the validation phase of TVA’s Small Modular Reactor and Clinch River Nuclear project. Our examination objective was to determine if the company’s cost proposal was fairly stated for a contract with expenditures up to $25 million.

In our opinion, the company’s cost proposal was overstated. Specifically, the proposed hourly indirect cost recovery rates for the company’s overhead costs and technology costs were overstated compared to recent actual costs. We estimated TVA could avoid approximately $749,000 over the potential $25 million contract by negotiating reduced hourly indirect cost recovery rates to more accurately reflect the company’s recent actual costs. In addition, we also noted some opportunities to clarify the draft contract language.

Our Objective(s)To determine whether security weaknesses exist in FHWA's information technology (IT) infrastructure that could lead to the compromise of the Agency's IT systems and data. Specifically, we reviewed FHWA's (1) adherence to cybersecurity policies and (2) compliance with the Rules of Engagement (ROE) and its cybersecurity incident response procedures.
Why This AuditFHWA's information systems support mission processes that aid in grant management, infrastructure inspections, inventory management, and research and development. Protecting these systems and the information stored in them prevents unauthorized access and compromise. This audit is the fourth in a series of reviews to determine whether the U.S. Department of Transportation (DOT) has the security controls in place to protect its networks and information systems from unauthorized access.
What We FoundDOT's lack of adherence to cybersecurity policies allowed the Office of Inspector General (OIG) to gain unauthorized access into FHWA's network.

FHWA and DOT's Office of the Chief Information Officer (OCIO) do not remediate vulnerabilities in FHWA's IT infrastructure according to policy.
OCIO had not implemented the required network boundary protection controls, which allowed us to access the Federal Aviation Administration's intranet site and sensitive proprietary data. FHWA did not replace default credentials in FHWA information systems, which allowed us to access network printers and sensitive information.
We also used open-source tools to crack and utilize weak and known passwords to compromise and penetrate FHWA IT infrastructure and gain access to two FHWA servers and an OCIO server.

DOT and FHWA officials did not consult with OIG in accordance with the ROE and did not fully follow DOT's incident response procedures, which prevented us from completing testing activities.

After we gained unauthorized access to three of DOT's servers, DOT disconnected one and started decommissioning the other two without consulting with OIG, as required by the ROE. According to DOT officials, FHWA and OCIO technicians did not notify OIG because they did not recognize OIG as the source of scanning and other intrusion attempts.
However, had DOT followed its incident response procedures, it could have identified OIG as an intruder and notified us they were aware of our intrusion so that we could consult and then complete further testing. As a result of these actions, we were unable to determine whether FHWA IT infrastructure is at risk of being further compromised.

RecommendationsWe have made eight recommendations to improve OCIO's IT security posture providing IT shared services to FHWA's IT infrastructure.
Unresolved Recommendations: Two
Note: This report has been marked Controlled Unclassified Information (CUI) in coordination with the U.S. Department of Transportation to protect sensitive information exempt from public disclosure under the Freedom of Information Act, 5 U.S.C. 552. Relevant portions of this public version of the report have been redacted.

The National Security Agency (NSA) Office of the Inspector General (OIG) released its Semiannual Report (SAR) to Congress summarizing the OIG’s oversight work during the second half of Fiscal Year 2024.

The SAR covers a wide range of audits, evaluations, inspections, and investigations completed during the reporting period. As required by the Inspector General Act of 1978 (as amended), the SAR was transmitted to Congress on 22 November 2024.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

An Amtrak carman journeyman based in Sanford, Florida, resigned from his position on November 22, 2024, prior to the completion of his administrative hearing. Our investigation found that the former employee violated company policies by misusing military leave on 38 different occasions. Our investigation found that the former employee submitted little or no documentation to support his use of military leave, and we identified only four instances when he did provide documentation.

Each year, the U.S. Postal Service experiences an increase in package volume during peak mailing season — Thanksgiving through New Year’s Eve — which can significantly strain the Postal Service’s processing and distribution networks. To help handle this increase, the Postal Service creates peak season initiatives. These initiatives are meant to help the Postal Service have the right amount of personnel, resources, and package capacity throughout its processing, transportation, and delivery networks to address weather and increased volume conditions in facilities.

OIG reviewed the security controls of industrial control systems – programmable systems and devices that interact with the physical environment – at three USDA agencies.

GAO OIG Semiannual Report to Congress - April 1, 2024, through September 30, 2024

Akheem Currie, a former Amtrak passenger engineer who worked aboard Maryland Area Rail Commuter (MARC) trains, was sentenced for second degree assault and fourth degree sex offense in Maryland Circuit Court for Baltimore City on November 21, 2024. On June 27, 2024, a jury for the Circuit Court found Currie guilty of Assault in the Second Degree and Sex Offense in the Fourth Degree. Currie allowed a female passenger onto a MARC train without a ticket and subsequently assaulted her by inappropriately touching and kissing her. Currie received a five-year sentence (suspended, all but time served), and was placed on three years of probation. Additionally, he must submit to a mental health evaluation and treatment and register as a sex offender for 15 years. Currie was terminated October 31, 2024, after his administrative hearing at the company and is not eligible for rehire.

The U.S. Government Publishing Office (GPO), Office of the Inspector General (OIG), completed an investigation into the misuse of an official GPO vehicle.