Federal Reports

The Defense Nuclear Facilities Safety Board (DNFSB) Office of the Inspector General (OIG) conducted this audit because (1) the OIG last audited the DNFSB’s Freedom of Information Act (FOIA) program in 2014; and, (2) the FOIA Improvement Act of 2016 changed processes, roles, and responsibilities concerning federal agency FOIA programs.The Defense Nuclear Facilities Safety Board’s FOIA request processing and communications are sometimes untimely, inconsistent with FOIA requirements, or insufficient to apprise requesters of the reasons for the agency’s decision. Due to outdated information, agency FOIA decisions may conflict with statutory requirements or be inconsistent with statutory requirements.Agency processes must be documented and have adequate controls to ensure data reliability. However, FOIA program records and information are often missing or erroneous. This occurs because the DNFSB lacks controls for its FOIA request management tool, and also lacks an electronic records repository system. As a result, the agency’s FOIA program knowledge management and public reporting could be compromised.The time and materials service contract used for FOIA program support identifies FOIA-specific terms, but some terms were not met. This occurred because the Contracting Officer’s Representative (COR) was relatively inexperienced and inadequately supported, and the agency’s FOIA program staff did not adequately communicate with the COR. This is important because time and materials contracts are considered high-risk, and thus require enhanced oversight by experienced program staff.This report makes eight recommendations intended to improve and strengthen the agency’s FOIA program.

The U.S. Postal Service’s mission is to provide timely, reliable, secure, and affordable mail and package delivery to more than 160 million residential and business addresses across the country. The U.S. Postal Service Office of Inspector General (OIG) reviews delivery operations at facilities across the country and provides management with timely feedback in furtherance of this mission.

The U.S. Postal Service’s mission is to provide timely, reliable, secure, and affordable mail and package delivery to more than 160 million residential and business addresses across the country. The U.S. Postal Service Office of Inspector General (OIG) reviews delivery operations at facilities across the country and provides management with timely feedback in furtherance of this mission.

The U.S. Postal Service’s mission is to provide timely, reliable, secure, and affordable mail and package delivery to more than 160 million residential and business addresses across the country. The U.S. Postal Service Office of Inspector General (OIG) reviews delivery operations at facilities across the country and provides management with timely feedback in furtherance of this mission.

The U.S. Postal Service needs effective and productive operations to fulfill its mission of providing prompt, reliable, and affordable mail service to the American public. It has a vast transportation network that moves mail and equipment among about 330 processing facilities and 31,100 post offices, stations, and branches. The Postal Service is transforming its processing and logistics networks to become scalable, reliable, visible, efficient, automated, and digitally integrated. This includes modernizing operating plans and aligning the workforce; leveraging emerging technologies to provide world-class visibility and tracking of mail and packages in near real time; and optimizing the surface and air transportation network. The U.S. Postal Service Office of Inspector General (OIG) reviews the efficiency of mail processing operations at facilities across the country and provides management with timely feedback to further the Postal Service’s mission.

The independent public accounting firm of Brown & Company CPAs and Management Consultants, PLLC, under contract with the Office of Inspector General, audited Help America Vote Act (HAVA) grants administered by the New Jersey Department of State, totaling $39.52 million. This included federal funds, state matching funds, and interest earned on the Election Security and Coronavirus Aid, Relief, and Economic Security (CARES) Act grants.

We found BOR did not effectively design and implement internal controls that ensure the CVP’s cost allocation and ratesetting processes are accurate.

The Mississippi State Department of Health, or MSDH, did not consistently enforce the Safe Drinking Water Act or provide adequate oversight for the Jackson public water system. The MSDH does not have implementation procedures for its compliance and enforcement program. Consequently, the MSDH did not take formal enforcement actions to compel Jackson to comply with the Safe Drinking Water Act. The EPA was unaware of the extent of issues at Jackson until it conducted an on-site inspection of the system in February 2020. The findings of the inspection prompted the EPA to use its enforcement authorities. The EPA may have taken action sooner had the MSDH conveyed information timely and accurately.

We reviewed the Puerto Rico Department of Housing’s (PRDOH) Electrical Power System Enhancements and Improvements programs to provide (1) background and funding information, (2) an update on the status of the programs and their progress, and (3) other relevant program information for interested stakeholders including Congress and the public. The U.S. Department of Housing and Urban Development (HUD) provided its grantee, PRDOH, $1.93 billion in Community Development Block Grant Disaster Recovery funds for enhanced and improved electrical power systems in areas impacted by Hurricanes Irma and Maria. PRDOH budgeted most of its $1.93 billion disaster recovery funds for its two main electrical grid programs: (1) $500 million for the Energy Grid Rehabilitation and Reconstruction Cost Share Program (ER1), and (2) $1.3 billion for the Electrical Power Reliability and Resilience Program (ER2). PRDOH launched both the ER1 and ER2 electrical grid programs in 2023, and both programs are in their early implementation stages. As of July 12, 2024, PRDOH had spent less than 1 percent of its total budget for both programs ($179,760 of $1.93 billion). For ER1, PRDOH is working with its partners, Central Office for Recovery, Reconstruction, and Resilience (COR3) and the Puerto Rico Electric Power Authority (PREPA). For ER2, PRDOH opened and closed its competitive application process and expects to award funds by the end of 2024. In addition, on August 5, 2024, it announced 20 ER2 projects and expects to finalize the selection and award of the remaining strategic projects by the end of the first quarter of 2025. PRDOH requested from HUD an extension to use grant funds for both programs until May 2033, which is nearly 5 years after the original August 2028 deadline and 15 years after Congress appropriated funds for electrical grid needs in Puerto Rico. As part of our ongoing strategic planning, we will periodically evaluate the status of both the ER1 and ER2 programs to determine how far along they are with their respective timelines, any challenges encountered, and any significant risks that may warrant additional work by HUD OIG.

The report summarizes the OIG’s follow-up evaluation of the FTC’s progress on, and effectiveness of, changes that the agency implemented in its Redress Program following the OIG’s March 4, 2020, report Audit of Federal Trade Commission Redress Process Controls. We narrowed our audit objective to focus specifically on the Redress Program’s effectiveness of contractor oversight and program data management.

We performed this review to determine whether the Burlington Community School District (Burlington) expended Elementary and Secondary School Emergency Relief (ESSER) grant funds for allowable purposes in accordance with applicable requirements. We determined that all the ESSER expenditures we reviewed for Burlington were allowable and in accordance with applicable requirements. We also found that Burlington complied with key Federal procurement requirements, including those covering the procurement methods to be followed and contract cost, price, and provisions, when procuring the goods or services associated with each ESSER expenditure we reviewed. Because we identified no exceptions, our report does not include recommendations.

In January 2024, we conducted onsite, unannounced inspections atfour U.S. Customs and Border Protection (CBP) facilities in the DelRio area, specifically three U.S. Border Patrol (Border Patrol)facilities and one Office of Field Operations (OFO) port of entry(POE).

We audited the U.S. Department of Housing and Urban Development (HUD), Office of Multifamily Housing Programs’ efforts to address multifamily mortgage application processing delays. When applications for these loans are delayed, it slows the production and availability of affordable multifamily housing units. During the COVID-19 pandemic, HUD took action to eliminate a backlog of over 500 applications waiting to be assigned to underwriters for review. We did this audit to assess HUD’s efforts for receiving and screening applications and assigning them to underwriters.HUD took steps to address delays in assigning applications to underwriters, but its methods and systems could be improved to help it manage applications and future challenges. HUD used several methods to address delays, including implementing (1) a nationwide queue, (2) an application completeness screening, (3) priority application processing, (4) use of contract underwriters, (5) workload sharing, and (6) an option to bypass initial feasibility reviews for certain applications (one-step processing). Although HUD eliminated the nationwide queue in November 2022, it was unable to transition successfully to a state-of-the-art processing platform. As a result, HUD still uses multiple systems, email, and other manual methods to process applications. We found this creates a future risk that HUD cannot process applications as quickly and effectively as possible. With a more integrated system and a plan for which methods will be used when applications exceed underwriter capacity, HUD can more easily identify, monitor, and address processing delays; evaluate its performance and processes; and manage future challenges, such as fluctuations in application volume. We recommend that HUD enhance its system for receiving, processing, and assigning applications in several important ways. These include tracking applications and capturing application intake, screening, and status, including key dates; capturing data on the type of underwriter used; developing a portal for receiving documents and communicating with lenders; and generating Federal Housing Administration (FHA) loan numbers. Further, we recommend that HUD update its policies and procedures to include methods that will be used when applications exceed underwriter capacity, align intake and screening processes, and explain when timeframes will be enforced. Last, we recommend that HUD issue an industry wide letter to reinforce how intake, screening, and enforcement of timeframes will be handled.

Michael Holder, an Amtrak assignment clerk based in Chicago, Illinois, pleaded guilty on June 5, 2024, in U.S. District Court, Northern District of Indiana, to two counts of Wire Fraud related to the fraudulent receipt of benefits under the Coronavirus Aid, Relief, and Economic Security Act. Our investigation found that Holder provided false and fictitious information to support an Economic Injury Disaster Loan application to the Small Business Administration. Further, Holder provided false and fictitious information to a financial institution to support a Paycheck Protection Program loan. Holder obtained a total of $30,833 to support his purported personally owned business. Holder will be sentenced at a future date.

Artemis IV will be the first flight of NASA’s more powerful heavy-lift rocket—the Space Launch System Block 1B. However, Block 1B development efforts have encountered multiple issues including Boeing’s ineffective quality management and inexperienced workforce, continued cost increases and schedule delays, and the delayed establishment of a cost and schedule baseline.

VA provides dental care to a wide range of eligible veterans. Those eligible can be referred to the community for this care if they do not live near a Veterans Health Administration (VHA) facility, are expected to experience lengthy wait times for an appointment, or community care is in their best medical interest.In fiscal year (FY) 2022, VA provided dental care to about 607,000 veterans and referred 186,500 veterans to the community, where they received care from non-VA dentists. Between FY 2018 and FY 2022, VA and community dental care costs have increased 65 percent and 173 percent, respectively. VA is required to pay for dental care in the community only when VA dentists provide authorization for the specific dental procedures to be performed. The VA Office of Inspector General (OIG) conducted this audit to determine the extent to which VHA may be paying for unauthorized community care dental procedures.The team estimated that between FY 2022 and FY 2025 VA will improperly pay $325.5 million for 847,800 unauthorized dental procedures performed by community dentists. This includes $139.1 million that the OIG estimated has already been paid in FY 2022 and FY 2023 and another $186.4 million that VA will pay in FY 2024 and FY 2025 if it does not reduce payments for unauthorized procedures. The unauthorized dental procedures fell within three categories: major changes to veterans’ treatment plans, minor changes to treatment plans that exceeded VHA’s maximum allowed amount during a rolling 12 month period, and referrals that did not specify the authorized dental procedure codes as required.To help VA address these improper payments, the OIG made five recommendations to the under secretary for health related to strengthening prepayment adjudication and postpayment review processes, as well as ensuring preauthorization requirements are followed.

Objective: To determine whether the Social Security Administration properly identified, expedited, and processed disability applications that qualified as a priority case.

ePostage is an electronic postage program that provides small merchants a convenient way to print labels, pay postage, and drop off packages at a post office rather than designated facilities for large customers. The Postal Service collected billions in ePostage revenue in fiscal year 2023, and future program growth aligns with its Delivering for America goals to serve small and medium businesses. Effective ePostage management to verify correct postage and enforce program requirements is critical for the Postal Service to protect revenue and operations and meet its planned goals.

The Office of the Inspector General determined the Cumberland Energy Solution project complied with most elements of scope management and the bid process. However, we identified certain areas under each process that need improvement to help mitigate potential Tennessee Valley Authority (TVA) risk. In summary:• TVA’s Cybersecurity, a business unit under TVA’s Technology and Innovation business unit, was not included as a stakeholder throughout the project. • TVA did not adequately mitigate risks related to the use of equipment from nondesignated countries. Specifically,- Cybersecurity concerns related to the use of equipment from a nondesignated country had not been evaluated. - Some procurements were not evaluated for compliance with the Trade Agreements Act.• The Cumberland Energy Solution project risk register could be improved related to (1) project staffing and (2) gas pipeline construction. • TVA’s contract pricing strategies may cause TVA to pay inflated costs.

The Office of the Inspector General performed an audit to determine if TVA manages access to nonpublic critical and sensitive information in accordance with TVA information management policy. Our scope was limited to TVA’s SharePoint® sites as of March 19, 2024. We determined TVA’s management of access to nonpublic critical and sensitive information could be improved. In addition, we determined TVA was not providing SharePoint® site owners with appropriate training to properly manage access to TVA nonpublic critical and sensitive information. This report, specifically identifies Microsoft, a nongovernmental organization/business entity. Pursuant to the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023, Pub. L. No. 117-263 §5274, any such organization may submit a written response to the report within 30 days, clarifying or providing additional context for each instance within the report in which the organization is specifically identified. Any response provided for that purpose will be appended to the final, published report. If you have any questions about this process, please contact Jeffrey McKenzie at (865) 633-7374 or jtmckenzie@tvaoig.gov within 30 days of publication.

Objective: To determine whether the Social Security Administration has adequate controls in place that are functioning as intended to properly prevent unauthorized access and use of Business Services Online services.

During the week of April 1, 2024, we performed a self-initiated audit at the Tallahassee Processing and Distribution Facility (P&DF) and three delivery units serviced by the P&DF. The delivery units included the Lake Jackson, Leon, and Westside Stations located in Tallahassee, FL.We issued individual reports for the three delivery units and the P&DF. We issued another report summarizing the results of our audits at all three delivery units with specific recommendations for management to address.

This compendium focuses on a total of 90 recommendations to the EPA that remained unimplemented-79 open and 11 unresolved-as of May 31, 2024. The 90 recommendations we address in this compendium represent $74.5 million in potential cost savings. The compendium includes 17 open or unresolved recommendations that the OIG deemed high priority, as well as 53 open recommendations that are at least three years old or will be by their scheduled completion date. This year we provide a separate analysis of the five unresolved OIG recommendations made to the U.S. Chemical Safety and Hazard Investigation Board as of May 31, 2024.

The U.S. Postal Service implemented Freight Auction (FA) in October 2021 to solicit bids to transport mail on an “as needed” basis with the flexibility to schedule trips without requiring contractual changes. The FA program supports the Delivering for America vision with the goal to improve financial sustainability and service performance. Implementation of FA provides the Postal Service the opportunity to use the spot freight market to get competitive market pricing on surface trips and improve trailer utilization. The Postal Service spent about $159.5 million and $385.2 million for fiscal years (FY) 2022 and 2023, respectively, for FA trips.

The Office of Inspector General is issuing this inspection report to assess the U.S. Small Business Administration’s (SBA) processing of Coronavirus Disease 2019 (COVID-19) Economic Injury Disaster Loan (EIDL) reconsideration requests.SBA began accepting COVID-19 EIDL applications on March 12, 2020, and continued to accept them through December 31, 2021, when the COVID-19 EIDL program ended. COVID-19 EIDL applicants who were not approved for a loan could request the agency reconsider their loan application, initiating the reconsideration process.We found SBA generally processed reconsideration requests timely and accurately. The agency approved and funded 77 of the 83 (or 93 percent) sampled COVID-19 EIDL reconsideration requests within 30 days of receiving all documents needed for processing. We also determined SBA processed 71 of the 83 (or 86 percent) sampled reconsideration requests accurately.We recommended SBA recover funds provided to ineligible applicants. The agency agreed with our recommendation and intends to recover funds through the normal repayment and collection processes.

We audited the City and County of Honolulu’s Department of Budget and Fiscal Services’ and Department of Community Services’ (City) fraud risk management practices for its Emergency Solutions Grants Coronavirus Aid, Relief, and Economic Security Act (ESG CARES Act) program with the objective of assessing the maturity of the City’s fraud risk management framework that encompasses control activities to prevent, detect, and respond to fraud. Fraudulent activity in the ESG CARES Act program can lead to significant financial losses; reputational damage to the grantee and the U.S. Department of Housing and Urban Development (HUD); breach of fiduciary duty; and, most importantly, loss of funding for individuals and families who are homeless or receiving homeless assistance or other homelessness prevention activities. Robust antifraud activities will help ensure that pandemic grant funds are put toward their intended uses and that funds are spent effectively and assets are safeguarded. HUD relies on its grantees to detect and prevent fraud, waste, and abuse.Congress provided $4 billion for the ESG CARES Act program, which represented a 1,379 percent increase to the regular 2020 annual ESG appropriation. Given the influx of fundings, we initiated a series of audits examining ESG CARES Act grantees’ fraud risk management practices and evaluating whether selected ESG CARES Act grantees are adequately prepared to prevent, detect, and respond to fraud. We selected the City to audit because it was authorized more than $25 million in ESG CARES Act program funds, a 3,640 percent funding increase from its formula ESG allocation for fiscal year 2020. Large influxes of funding on an emergency basis can pose additional challenges for grantees that must also ensure adequate controls over the funding. The City did not adequately develop a fraud risk management framework for the ESG CARES Act program to prevent, detect, and respond to fraud. The City’s approach to fraud risk management was reactive, not proactive, and it did not institute robust antifraud practices resulting in the lowest maturity level (ad hoc) for organizations’ antifraud initiatives. The City had implemented some specific fraud controls and activities but did not implement best practices, including (1) establish a dedicated antifraud component to design and oversee fraud risk management activities, (2) promote fraud awareness throughout its departments, (3) perform a fraud risk assessment or develop a process to regularly conduct such assessments, (4) consider the use of data analytic tools to identify potential fraud, (5) have a dedicated hotline for external entities to report fraud for the ESG CARES Act program, or (6) have a process to evaluate the effectives of fraud risk management activities. This condition occurred because the City was not aware of significant fraudulent activity for the program and HUD did not require a fraud risk management framework. As a result, the $25.6 million allocated to the City for the ESG CARES Act program is at an increased risk of fraud.We recommend that HUD instruct the City to (1) improve or enhance its antifraud efforts for the ESG program and incorporate fraud risk management practices that are consistent with fraud risk management best practices and (2) obtain training or technical assistance as needed on the implementation of fraud risk management best practices.

Objective: To determine whether the Social Security Administration’s Enterprise Risk Management program complies with Office of Management and Budget Circular No. A-123, Management’s Responsibility for Enterprise Risk Management and Internal Control.

To combat money laundering in the United States, Congress enacted a series of laws, collectively referred to as the Bank Secrecy Act (BSA), requiring financial institutions in the U.S. to assist government agencies in detecting and preventing money laundering and other financial crimes. The BSA requires financial institutions to create “paper trails” by keeping records and filing reports on certain transactions to the U.S. Department of the Treasury’s Financial Crimes Enforcement Network.The BSA’s reporting and recordkeeping provisions apply to banks, savings and loans, and credit unions as well as other financial institutions, including money services businesses (MSBs). The Postal Service is classified as a MSB as it sells money orders, conducts Sure Money wire transfers (an electronic money transfer service), and sells gift cards. The BSA requires all MSBs to establish and maintain an effective written anti-money laundering program.

We concluded that the EPA achieved an overall maturity level of Level 3, Consistently Implemented, for the five security functions and nine domains outlined in the Office of Management and Budget's FY 2023 - 2024 Inspector General Federal Information Security Modernization Act of 2014 (FISMA) Reporting Metrics. This means that the EPA consistently implemented its information security policies and procedures, but quantitative and qualitative effectiveness measures are lacking. We identified that the EPA had deficiencies in three areas.

Evaluation of the FLRA's Compliance with the Federal Information Modernization Act of 2014 for Fiscal Year 2024

Our objective was to evaluate the effectiveness of the Defense Intelligence Agency’s (DIA’s) overall information security program based on DIA’s implementation of the Federal Information Security Modernization Act. We issued our results in a classified report on August 2, 2024.

The Federal Information Security Modernization Act (FISMA) requires OIGs to annually assess the effectiveness of the agency’s information security program. Each independent evaluation must include a test of the effectiveness of information security policies, procedures, and practices of a representative subset of the agency’s information systems and an assessment of the effectiveness of the information security policies, procedures, and practices of the agency. For FY 2024, the auditors determined that the Department’s overall IT security program and practices are effective as eight out of the nine FISMA domains met the requirements needed to operate at a Level 4 maturity rating (Managed and Measurable) or higher. The auditors also identified a total of six conditions across the nine FISMA domains indicating potential areas of improvement for the Department.

The Postal Reorganization Act (PRA) of 1970 entrusted the Postal Service with a mission to provide trusted and affordable universal service to the American public. Congress established the U.S. Postal Service as an independent agency that receives the vast majority of its funding through revenue from postage. It is supported by the longstanding mailbox and mail delivery monopolies rather than from congressional appropriations. Over the last few decades, however, the steady decline of mail volume, the substantial liability of health and retirement benefit programs and, recently, an increasingly competitive package market have strained USPS’s financial sustainability.

We audited the California Department of Housing and Community Development (HCD) with the objective of evaluating HCD’s fraud risk management practices for its Emergency Solutions Grants Coronavirus Aid, Relief, and Economic Security Act (ESG CARES Act) program and assessing the maturity of its efforts to prevent, detect, and respond to fraud. Fraudulent activity in the ESG CARES Act program can lead to significant financial losses, reputational damage to the grantee and the U.S. Department of Housing and Urban Development (HUD), breach of fiduciary duty, and most importantly, loss of funding assistance to intended beneficiaries. A robust antifraud program will help ensure that pandemic grant funds are put toward their intended uses, funds are spent effectively, and assets are safeguarded. Congress provided $4 billion for the ESG CARES Act program, which represented a 1,379 percent increase to the regular 2020 annual ESG appropriation. Given the influx of funding, we initiated a series of audits examining ESG CARES Act grantees’ fraud risk management practices and evaluating whether selected ESG CARES Act grantees are adequately prepared to prevent, detect, and respond to fraud. HCD was selected because it was authorized more than $319.5 million in ESG CARES Act program funds, a 2,505 percent funding increase from its formula ESG allocation for fiscal year 2020. HCD was not adequately prepared to prevent, detect, and respond to fraud due to the lack of focus it placed on fraud risks and establishing a robust fraud risk management framework. Although HCD established a departmentwide enterprise risk management (ERM) framework, it was not robust enough to proactively identify fraud risks, and it was not developed with leading industry standards and best practices.[1] This deficiency resulted in the lowest desired maturity goal state – ad hoc – for the organization’s antifraud initiatives. HCD noted that it had limited resources to implement additional fraud risk measures. Further, HCD believed that it was not necessary to create a separate fraud risk management framework or build upon its existing ERM framework to incorporate fraud risk management practices. HCD’s management is responsible for managing fraud risk, including assessing the potential of fraud, and designing and implementing strategies to mitigate fraud risks. Because it placed little emphasis on identifying fraud risks under its ERM framework and did not improve its antifraud practices to rise to a higher fraud risk management maturity level, it put more than $319.5 million in ESG CARES Act funds at an increased risk of fraud. Although a well-designed fraud risk management framework is not infallible regarding fraud and risks of fraud, it is a powerful tool that can enhance management decision making, strengthen HCD’s reputation, and reinforce its commitment to safeguard HUD funding with regulators and the public. We recommend that HUD instruct HCD to (1) establish a separate fraud risk management framework or evaluate and build upon its ERM framework by incorporating fraud risk management practices and (2) obtain training or technical assistance on the implementation of fraud risk management practices. Chief Financial Officers Council’s Antifraud Playbook; the U.S. Government Accountability Office’s (GAO) Standards for Internal Control in the Federal Government, also known as the Green Book; and GAO’s A Framework for Managing Fraud Risks in Federal Programs

The independent public accounting firm of Brown & Company CPAs and Management Consultants, PLLC, under contract with the Office of Inspector General, audited Help America Vote Act (HAVA) grants administered by the Iowa Secretary of State, totaling $18.28 million. This included federal funds, state matching funds, and interest earned on the Election Security and Coronavirus Aid, Relief, and Economic Security (CARES) Act grants.

The VA Office of Inspector General (OIG) conducted an inspection to assess allegations regarding staff's failure to follow informed consent and against medical advice (AMA) discharge processes and that staff held a patient on the locked mental health unit involuntarily for 48 hours at the VA Southern Nevada Healthcare System (facility) in Las Vegas. The OIG identified a related concern regarding alignment of a medical center policy (MCP) with Nevada state law and Veterans Health Administration requirements.The patient presented to the Emergency Department requesting assistance with substance withdrawal and was admitted to the locked inpatient mental health unit for management of withdrawal symptoms. The OIG substantiated that staff, lacking a standardized process to follow, failed to have the required informed consent discussion to inform the patient that the unit is locked and treats patients with mental health conditions.Upon admission, the patient complained of the restrictive environment and behavior of fellow patients. After verbally requesting an AMA discharge, the patient agreed to remain. The next day, the patient completed a written AMA request and, in accordance with facility policy, was discharged within 24 hours of the request. However, Nevada law states that any patient voluntarily admitted must be released immediately after filing a written request for discharge.The OIG determined that although staff did not hold the patient involuntarily for 48 hours and followed their AMA discharge policy as written, the policy was inconsistent with state law.The OIG found the Facility Director failed to assign responsibility for ensuring the policy adhered to state laws, as required. This failure provided a gap, which may have led to the MCP not aligning with state law.The OIG made seven recommendations to the Facility Director related to the informed consent discussion process, MCP development process, and staff education on MCPs.

This is the audit of the NEA's information technology systems security. Due to security concerns, this report is not published on the internet. You can obtain a copy of this report through a freedom of information act request at the following link: https://www.arts.gov/freedom-information-act-guide.

The Office of Inspector General (OIG) evaluated concerns related to Veterans Integrated Service Network (VISN) 10 staff’s care and treatment coordination for a patient who died. The OIG reviewed the sufficiency of Veterans Health Administration (VHA) leaders’ actions prior to and following notification of the patient’s death.VA Ann Arbor Health Care System (Ann Arbor VA) staff adequately considered a posttraumatic stress disorder diagnosis and assessment for the patient and screened for toxic exposure and traumatic brain injury. However, inpatient mental health providers failed to sufficiently address the patient’s mental health condition, treatment needs, and discharge care coordination.Due to absence of documentation, the OIG was unable to determine whether a Battle Creek VA Medical Center (Battle Creek VA) staff member inaccurately verified the patient’s treatment eligibility status. Battle Creek VA staff responded appropriately to non-VA staff’s inpatient mental health unit inquiries regarding the patient’s transfer request; however, the transfer was not considered due to unavailability of beds. Battle Creek VA leaders implemented recommendations from a workgroup to improve transfer coordination.A Battle Creek VA residential treatment standard operating procedure was inconsistent with the VHA requirement to allow self-referral or non-VA agency referral. VHA leaders responded within 24 hours when notified of the patient’s transfer request and took actions to identify the patient’s treatment needs and options. VISN 10 leaders established an Interagency Reconciliation Council (IRC); however, the IRC lacked defined objectives and processes to monitor outcome progress.The OIG made one recommendation to the Ann Arbor VA Director to review the patient’s care; four recommendations to the Battle Creek VA Director regarding eligibility verification procedures, transfer coordination, and the residential treatment standard operating procedure; and one recommendation to the VISN 10 Director related to the IRC’s identification of clearly defined objectives and processes to monitor progress.

To learn how communities across the nation responded to the pandemic during the first 18 months, we initiated a multi-part review of six communities—two cities, two rural counties, and two Tribal reservations. This report is the second community-specific report and focuses on our work in Coeur d’Alene, Idaho, where we previously identified that recipients, including city government, small businesses, and individuals, received almost $314 million from 45 pandemic relief programs and subprograms. This report provides a closer look at eight pandemic programs and subprograms provided to Coeur d’Alene by seven federal departments.

The OIG evaluated concerns at the Michael E. DeBakey VA Medical Center (facility) regarding staff’s failure to arrange an evidence-based psychotherapy (EBP) referral for a patient assigned a high risk for suicide patient record flag (high-risk flag). The OIG reviewed concerns that staff did not adequately conduct lethal means safety planning or provide required high-risk flag management for the patient.Although the patient was receiving psychiatric care, the OIG found that staff failed to provide in-person EBP until over a year after the patient’s request, inconsistent with Veterans Health Administration (VHA) requirements. The OIG also found that staff did not offer the patient equipment to participate in virtual sessions or consistently document attempts to contact the patient as required.It was determined that a psychologist and psychiatrist did not sufficiently address the patient’s access to lethal means. Given the patient’s firearm access and past suicidal behavior, the OIG would have expected the psychologist to address the patient’s potential to obtain ammunition and document a discussion of risk reduction strategies. The OIG found that the psychiatrist did not document evaluation of the patient’s access to ammunition.Following high-risk flag initiation, staff did not meet with the patient, document suicide risk assessment, or update or review the patient’s safety plan, as required. Inconsistent with a VHA requirement, an Office of Mental Health and Suicide Prevention leader reported that homeless program staff are not expected to review or update safety plans during high-risk flag follow-up appointments. The OIG made one recommendation to the Under Secretary for Health to clarify requirements for suicide risk assessment completion and safety plan reviews and five recommendations to the Facility Director related to EBP consult management, timely scheduling, and documentation; VA-issued devices; lethal means safety; and high-risk flag follow-up.

The objective of our audit was to determine whether FSA was effectively implementing the Fostering Undergraduate Talent by Unlocking Resources for Education (FUTURE) Act and the FAFSA Simplification Act provisions pertaining to Federal Tax Information (FTI) through the Student Aid and Borrower Eligibility Reform Initiative (SABER) initiative. Our audit covered December 19, 2019 (when the FUTURE Act was enacted) through May 31, 2023. We found that FSA did not effectively implement the FUTURE Act and the FAFSA Simplification Act provisions pertaining to FTI through the SABER initiative. Overall, FSA did not effectively perform implementation activities for the four FTI-related SABER systems that we reviewed in accordance with some of the processes for monitoring project costs and budgets, monitoring contracts, and managing risks that FSA established as part of an effective systems implementation framework because it did not always perform key steps or could not provide sufficient evidence to support completion of such key steps. Specifically, these key steps pertained to FSA’s establishing and monitoring of the systems’ costs and budgets, its performance oversight of the contractors responsible for implementing the systems, and its management of the risks, decisions, and issues pertaining to the systems’ implementation. For the Internal Revenue System (IRS) Publication 1075 “Tax Information Security Guidelines for Federal, State, and Local Agencies” security requirements that the IRS required FSA to implement prior to allowing the transfer of FTI to FSA systems, we found that FSA established and followed a plan to ensure that the security requirements were implemented. Additionally, we found that FSA adhered to its change management process for two FTI systems for which we tested a sample of one contract modification for each.

We assessed the Nancy Grace Roman Space Telescope project, a NASA observatory designed to explore dark energy, exoplanets, and infrared astrophysics, to determine if NASA is managing the risks and mitigating future challenges with the Roman telescope while meeting its cost, schedule, and technological goals.

Objective: To determine whether the Social Security Administration took corrective action to address the finding and recommendation in our September 2016 report, Numident Death Information Not Included on the Death Master File.

Objectives: To determine the validity of payments issued under cross-referred Social Security numbers and whether death information input in one Numident record was also input in cross-referred Numident record(s).

What We Looked At In 2017, the Southeastern Pennsylvania Transportation Authority (SEPTA) awarded a $138 million contract to the state-owned China Railway Rolling Stock MA Corporation (CRRC MA) for 45 passenger railcars. In 2022, three then-ranking Members of the House Transportation and Infrastructure Committee asked our office to examine the Federal Transit Administration’s (FTA) oversight of (1) SEPTA’s certification of CRRC MA’s adherence to FTA’s Buy America requirements and (2) SEPTA’s calculation of the total value of foreign components for determining compliance with FTA’s Buy America requirements. As such, our objective was to assess FTA’s oversight of SEPTA’s compliance with Buy America standards for its rolling stock contract with CRRC MA. What We Found Weaknesses in FTA’s Buy America guidance hindered its oversight of SEPTA’s compliance with Buy America rolling stock requirements. Specifically, FTA does not require recipients to retain supporting documentation for pre-award audits or to verify suppliers’ Buy America information, nor does FTA have regulations to address domestic shipping costs. Without clear guidance, FTA could not rely on SEPTA to provide oversight of rolling stock procurements and risks that recipients miscalculate domestic content costs—raising concerns about whether FTA’s Buy America rules are being met. In December 2022, FTA initiated an enhanced compliance review of SEPTA to verify compliance with Buy America rolling stock standards, but the Agency faced challenges in obtaining sufficient data from both SEPTA and CRRC MA. Although FTA suspended funds for the CRRC MA contract, the absence of policy on when to initiate an enhanced Buy America compliance review and take corrective action limits the Agency’s ability to address delays or compliance issues on future FTA-funded projects.Our Recommendations We made eight recommendations to improve FTA’s oversight of SEPTA’s compliance with Buy America rolling stock requirements and FTA’s oversight of future rolling stock procurements. FTA concurred with recommendations 1 through 6. FTA partially concurred with recommendations 7 and 8 and provided alternative actions that meet the intent of our recommendations. We consider all recommendations resolved but open pending completion of planned actions. 

While the EPA followed six of the seven requirements to select recipients of Clean School Bus Program funds, the Agency did not have sufficient internal controls in place to ensure that it selected recipients with eligible school buses. Additionally, the EPA did not provide oversight to verify that applicants requesting funds specifically for zero-emission school buses have school districts with suitable local conditions for these types of buses.

Sean Langston, a former Amtrak supervisor based in Philadelphia, Pennsylvania, pleaded guilty and was sentenced for his role in a wide-ranging pandemic fraud scheme on July 30, 2024, in Chester County, Pennsylvania State Court. Langston was sentenced to 6 months in prison, 6 months home incarceration and was ordered to pay restitution in the amount of $295,418. Our investigation found that Langston fraudulently applied for and received two Economic Injury Disaster loans and a Paycheck Protection Program loan totaling $268,487.The employee was previously terminated for falsely claiming and accepting payment for regular pay, overtime pay, and compensatory time for days he did not work and for using his company-owned vehicle for unauthorized purposes during work hours, including personal business.

Objects orbiting Earth such as satellites and debris continue to increase in number, making space contested and congested. Preventing collisions is crucial to protecting the safety of space activities and assets.In June 2018, the White House issued Space Policy Directive-3, National Space Traffic Management Policy (SPD‑3), acknowledging that the number of space objects was increasing while the activity and architecture to ensure space safety, including existing traffic management activities, was becoming inadequate.Currently, the Department of Defense (DOD) is providing basic space situational awareness data and potential collision notifications to space operators. SPD‑3 directs the transfer of certain responsibilities for providing data and services from DOD to the Department of Commerce, specifically to the National Oceanic and Atmospheric Administration’s (NOAA’s) Office of Space Commerce (OSC), which is responsible for the coordination of space-related issues, programs, and initiatives within the Department.Our audit objective was to assess OSC’s progress in providing space situational awareness data and space traffic management services in accordance with SPD-3. We found that (1) OSC is behind schedule in providing basic space situational awareness data and services and (2) a new approach to space traffic management is not yet defined and remains a distant goal.We made five recommendations to help OSC develop a realistic program timeline and meet its SPD-3 responsibilities.