Federal Reports

The independent public accounting firm of Brown & Company CPAs and Management Consultants, PLLC, under contract with OIG, audited Help America Vote Act (HAVA) grants administered by the Tennessee Secretary of State, totaling $34.64 million.

The OIG conducted this review to determine to what extent VBA identified veterans potentially eligible for prior disability claim readjudication and retroactive benefits under the National Defense Authorization Act (NDAA) and identified two missed populations. Of the approximately 86,894 veterans in the first dataset with NDAA diseases in their VHA medical records, about 36,125 were entitled to approximately $836.8 million in unpaid benefits. A VA senior management advisor stated VHA records were not involved in readjudication determinations because VBA did not have ready access to VHA diagnosis data. For the second dataset identified through Camp Lejeune service records, the OIG reviewed claims for 226 veterans and estimated 102 were entitled to about $7.5 million in benefits. VA concurred with two of the OIG’s three recommendations to improve methodologies for identifying eligible veterans and to send outreach letters, improve claims processors’ identification of claims possibly warranting readjudication, and update procedures to include veterans’ medical records.Nehmer v. US Department of Veterans Affairs was a 1986 class-action lawsuit in which Vietnam veterans and their survivors alleged VA had improperly denied their compensation claims for service-connected disabilities caused by herbicide exposure during military service. In 1991, VA was required to readjudicate claims filed by Vietnam veterans. When regulations add new presumptive diseases of service connection, VA must search its records to find eligible claimants and award benefits, without requiring action by the claimant. The 2021 NDAA added three diseases (bladder cancer, hypothyroidism, and parkinsonism) that carry presumptive service connection due to herbicide exposure during the Vietnam War. In 2021, VBA stated VA would review claims for Nehmer eligibility from approximately 70,000 veterans and survivors in its implementation of the NDAA, and additional veterans might be identified through other document reviews. This review highlights deficiencies in fully identifying affected veterans.

The Federal Emergency Management Agency’s (FEMA) Region IV has a process for identifying and evaluating single sites damaged by multiple disasters, which it followed in administering Public Assistance in fiscal year 2022 for three federally declared weather-related events in Kentucky. Specifically, Region IV uses a geographic information system tool (the tool) that incorporates historical information and allows FEMA to create and maintain a visual electronic record, or representation, of prior weather damage. This tool ensured damages were being claimed or attributed to the applicable declaration. The visual representation produced by the tool can be used throughout various phases of the Public Assistance grant program process, including preliminary damage assessment, site inspection, project worksheet (or project) formulation, and eligibility review.

This report contains information about recommendations from the OIG's audits, evaluations, reviews, and other reports that the OIG had not closed as of the specified date because it had not determined that the Department of Justice (DOJ) or a non-DOJ federal agency had fully implemented them. The list omits information that DOJ determined to be limited official use or classified, and therefore unsuitable for public release.The status of each recommendation was accurate as of the specified date and is subject to change. Specifically, a recommendation identified as not closed as of the specified date may subsequently have been closed.

To manage its aging fleet while supporting financial and environmental sustainability strategies from its 10-year Delivering for America plan, the Postal Service is investing $9.6 billion to electrify its delivery vehicles and install related charging infrastructure at hundreds of facilities. As $3 billion of this investment stems from congressional funds, it is essential for the Postal Service to capture cost savings as it executes its strategies to further strengthen the financial sustainability of this critical public service. Accordingly, the Postal Service has opportunities to leverage a wide range of financial incentives (from government agencies, utility companies, and carbon markets) that encourage the transition to electric vehicles.

We found a BIE employee violated Federal ethics laws and regulations by owning and operating a personal business that received BIA contracts.

The objective of the audit was to determine whether and to what extent the staffing shortfalls in the Office of Contracting Policy impacted the ability to manage and administer the contract administration process.

The objective of the audit was to determine the extent to which the services provided by third-party organizations align with the terms of existing service agreements.

This report presents the results of our audit of Accuracy of Reported Service Performance.

The Department of State (DoS) issues nonimmigrant visas to individuals seeking entry into the United States on a temporary basis for tourism, medical treatment, business, temporary work, study, or other reasons. In 2020, due to the COVID-19 pandemic, and to address staffing limitations and visa backlogs, Dos and the Department of Homeland Security agreed to expand DoS' authorities to waive requirements to conduct consular interviews and collect fingerprints for some individuals seeking nonimmigrant visas. According to Dos, from calendar years 2020 through 2023, it granted nonimmigrant visas to approximately 7.1 million individuals without conducting in-person consular interviews. Dos also did not collect fingerprints for an unknown number of visas during the same period. In December 2023, Dos and OHS agreed to expand the categories of visas and applicants whose consular interviews could be waived beginning on January 1, 2024. The fingerprint waiver program ended in December 2023. During our ongoing audit of U.S. Customs and Border Protection's (CBP} Screening of Visa Holders That Received Waivers from Department of State (24-011-AU D-CBP), we found that CBP Office of Field Operations (OFO) port directors at some U.S. ports of entry had not been aware of the interview and fingerprint waiver program.

Review of the FLRA’s Privacy and Data Security Policies, Procedures, and Practices for FY 2024

The Office of Investigations initiated an investigation in June 2021 based on concerns from the EPA Office of Wastewater Management that Grandview, Washington, acquired construction materials for a CWSRF project that may have been falsely advertised on a Canadian manufacturing company’s website as following AIS requirements. We determined that Grandview made every effort to comply with the AIS requirements; however, there is a question as to whether the Canadian company’s manhole products complied with AIS requirements. We identified a concern regarding the ambiguity of AIS requirements for PVC components being used in CWSRF projects.

The objective of the audit was to determine if data generated to monitor and report on program growth and program employment is reliable, available, and accessible by the Commission to better inform decision-making and ensure achievement of strategic objectives.

We determined whether the Natural Resources Conservation Service (NRCS) timely submitted a spend plan for Watershed and Flood Prevention Operations (WFPO) funds and accurately reported Infrastructure Investment and Jobs Act (IIJA) data to the public, and we determined the methodology NRCS used for selecting projects for funding.

Management Advisory Memorandum Regarding Interagency Agreements and Whistleblowing Rights

An Amtrak foreman based in Chicago, Illinois, was terminated from employment on June 25, 2024, following an administrative hearing. Our investigation found that the employee violated company policies by falsely reporting in the company’s Work Management System that required safety inspections had been completed for the stairs on three Venture Cars in Chicago. As a result, these cars, which should have been taken out of service, were put into service the following morning. Once we determined the required safety inspections were not completed, we notified management, and the inspections of the cars were completed.

The VA Office of Inspector General (OIG) conducted a healthcare inspection to review how facility leaders’ actions may have impacted intensive care unit (ICU) coverage, patient care, and resident education at the VA Eastern Colorado Health Care System in Aurora (facility).The OIG was unable to determine whether facility leaders implemented surgical ICU changes without adequate planning in April 2022. However, the OIG found that the subsequent lack of ICU provider coverage for surgical patients adversely affected the provision of cardiothoracic (CT) surgical services. CT surgeries were paused from September 2022 through August 2023 and the newly appointed Chief of Staff failed to notify VA Central Office through the Veterans Integrated Service Network (VISN) of the pause. The OIG substantiated that leaders’ actions to change the medical ICU from an open to a closed model were made without adequate planning and input from service and section leaders and staff. The OIG substantiated that the sudden implementation of a closed ICU model resulted in a lack of ICU resident supervision and an ineffective teaching environment for residents. The OIG did not substantiate that the medical ICU model change resulted in patient harm; however, the OIG identified a deficiency in the facility’s completion of a root cause analysis.The OIG made one recommendation to the Under Secretary for Health to evaluate the VISN leaders lack of awareness of the CT surgical pause; three recommendations to the VISN Director related to CT surgeries, facility high reliability organization implementation, and residents’ education needs; and two recommendations to the Facility Director related to call escalation and root cause analysis training.

The VA Office of Inspector General (OIG) conducted an inspection to assess allegations that senior leaders failed to practice high reliability organization (HRO) principles and created a culture of fear at the VA Eastern Colorado Health Care System (facility) in Aurora.The OIG substantiated the allegations and found key senior leaders created an environment where a significant number of clinical and administrative leaders and frontline staff, from a multitude of service lines, felt psychologically unsafe, deeply disrespected, and dismissed, and feared that speaking up or offering a difference of opinion would result in reprisal. Further, the OIG substantiated that following the addition of two key senior leaders to the peer review committee (PRC) in 2023, the culture of the committee changed to an environment perceived by six members, as well as non-PRC service leaders and staff, to be psychologically unsafe and punitive. When learning of concerns, key senior leaders missed opportunities to understand concerns and make efforts to foster a psychologically safe environment.The OIG substantiated that mid-level leadership had been eroded and three key senior leaders held a monopoly of control. The OIG found leadership instability at the service level, with many clinical service and section-level resignations and extended vacancies. Further, numerous former leaders left facility employment citing that a psychologically unsafe work environment was a major factor in their decision to leave. Despite these losses, key senior leaders did not seek or utilize employee exit survey data to identify and address employee retention challenges.Turnover in VISN leadership positions and ineffective communication contributed to the VISN Director’s lack of awareness regarding the extent of the staffing and culture challenges at the facility. The OIG made two recommendations to the Under Secretary for Health, four recommendations to the VISN Director, and one recommendation to the Facility Director.

The objective of our evaluation was to assess USPTO’s actions in response to the exposure of domicile addresses to determine whether USPTO complied with federal and U.S. Department of Commerce (the Department) information technology (IT) security standards.We found that USPTO mishandled the required reporting and notification to the affected trademark filers after domicile addresses had been exposed for 3 years. We also found that USPTO leadership allowed domicile addresses to remain publicly accessible after they were aware of the exposure, risking unauthorized disclosures in violation of the Privacy Act. Additionally, USPTO did not report that additional sensitive PII was exposed during the incident or notify the affected filers that additional data had been exposed. Lastly, the Department’s Chief Privacy Officer (CPO) did not assist USPTO in responding to this incident because of a lapse in the Department reporting process. See appendix B for a timeline of the events discussed in our findings.USPTO’s exposure of trademark filer data may not only reduce public confidence, but also may have equipped bad actors with additional data that could be used to defraud trademark holders. Bad actors could aggregate the pieces of exposed data to convincingly create official-looking USPTO correspondence or impersonate a filer’s attorney. Despite these risks, USPTO leadership did not comply with federal, departmental, and USPTO incident response reporting requirements and knowingly allowed domicile addresses to remain publicly accessible during incident mitigation. USPTO must improve its efforts in safeguarding trademark filers’ personal data to rebuild public trust and honor trademark holders’ privacy.

While the U.S. Postal Service is viewed by the American people as one of the most trusted government organizations, it has suffered a history of financial net losses dating back to 2007. The Postal Service sought to address these challenges through its 10-year strategic plan, Delivering for America (DFA); published in March 2021. The DFA plan calls for over $40 billion in capital investments and calculates projected savings through initiatives that include $24 billion in revenue improvements, $34 billion in management cost savings, $44 billion in regulatory changes, and $58 billion in legislative and administrative actions.

The report summarizes the PRAC’s work during the first half of Fiscal Year 2024 and updates Congress on our efforts to promote transparency and ensure coordinated oversight of more than $5 trillion in pandemic relief. It also highlights the success of the PRAC’s Pandemic Analytics Center of Excellence (PACE), demonstrating the value of the data analytics platform as a good-government initiative that should transition from fighting pandemic-related fraud to preventing and curbing waste in other government spending programs.

During a recent audit of VHA’s personnel suitability program, the VA OIG received a whistleblower complaint alleging that untrained human resources officials from Veterans Integrated Service Network 20 (VISN 20) were overturning pre screening determinations. The complaint included an example in which a candidate who was initially found unsuitable was subsequently advanced for hiring. The complainant later provided four additional examples of candidates initially found unsuitable for employment due to patterns of potentially disqualifying conduct, such as domestic violence and driving under the influence of alcohol. This memorandum outlines VISN 20’s pre-screening process, relevant requirements, and the OIG’s findings to raise VHA leaders’ awareness of risks associated with the inconsistent vetting process. The OIG team determined that VISN 20 human resources officials reversed an adjudicator’s unfavorable pre screening determination in two of the five instances described in the complainant’s documents, but these actions alone did not violate VA policy. The team confirmed that these officials did not complete required adjudicator training for staff reviewing suitability determinations. There were also inconsistencies in managing and monitoring the pre screening process. Lack of national guidance for the pre screening process allowed regional human resources offices to develop their own methods. Variations in approach, supervision, and accountability and the lack of a robust monitoring program can increase risks to VA and veterans. In its comments to the memorandum, VHA reported taking action to establish decision-making roles and improve the review process for suitability coordinators.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

Amtrak (the company) contracted with the independent public accounting firm of Ernst& Young LLP to audit its consolidated financial statements as of and for the fiscal year then ended, September 30, 2023, and to provide a report on internal control over financial reporting and compliance with certain provisions of laws, regulations, contracts and grant agreements, and other matters, which they issued on December 20, 2023.1 Because the company receives federal financial assistance, it must obtain an audit performed in accordance with U.S. generally accepted government auditing standards. The contract also required Ernst & Young to perform a Single Audit of the company’s federal financial assistance for the fiscal year ended September 30, 2023, in accordance with the audit requirements of Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards(Uniform Guidance). The objective of the Single Audit was to test internal control over compliance with major federal program award requirements and determine whether the company complied with the laws, regulations, and provisions of contracts or grant agreements that may have a direct and material effect on its major federal programs.Major federal programs are those with the larger and higher‐risk expenditures, as determined using the Uniform Guidance. In fiscal year 2023, the company had two such programs: the Department of Transportation’s (DOT) National Railroad Passenger Corporation Grants and Federal‐State Partnership for State of Good Repair programs.On June 14, 2024, Ernst & Young issued an unmodified compliance opinion on the major federal programs it reviewed, concluding that “Amtrak complied, in all material respects, with the compliance requirements . . . that could have a direct and material effect on its major federal programs” for the period covered by its report.2 Ernst & Young identified, however, two significant deficiencies3 in the company’s internal control over compliance. The first was a longstanding finding in the area of Equipment and Real Property Management for the DOT National Railroad Passenger Corporation Grants, and the second was a new finding related to preparation and maintenance of the equipment population. Ernst & Young also identified other deficiencies in internal control over compliance that it determined did not rise to the level of a significant deficiency, which it communicated to the company on June 14, 2024.As required by the Inspector General Act of 1978, we monitored the audit activities of Ernst & Young to help ensure audit quality and compliance with auditing standards. Our review disclosed no instances in which Ernst & Young did not comply, in all material respects, with U.S. generally accepted government auditing standards and Uniform Guidance requirements.We monitored Ernst & Young’s audit activities by attending key meetings and reviewing its reports, audit plans, detailed audit testing results, summary workpapers, audit quality controls, auditor independence, and qualifications. At selected field locations, we also observed Ernst & Young’s testing of the company’s internal controls and compliance for its management of equipment and real property.Our monitoring activities, as differentiated from an audit in accordance with U.S. generally accepted government auditing standards, were not intended to enable us to express an audit opinion. Therefore, we do not express an opinion on compliance for the major program, conclusions about the effectiveness of internal control over compliance, or whether the Schedule of Expenditures of Federal Awards is fairly stated. Ernst & Young is responsible for its report dated June 14, 2024, and the conclusions expressed in the report.

The objectives of our audit were to determine whether the Puerto Rico Department of Natural and Environmental Resources (1) claimed allowable, allocable, and reasonable costs, and (2) met performance requirements of the grants.To address this objective, we reviewed $1,676,515.45 in claimed costs and 65 grant award performance progress reports that PRDNER submitted. Overall, we found the following:I. PRDNER claimed costs that were generally allowable, allocable, and reasonable but did not comply with internal and federal regulations. II. PRDNER continues to encounter challenges in meeting the performance requirements of operational awards.

To see our report, click on the link below

We found that a DOI employee violated Department policy and ethics standards by accessing records in a secure Government database.

We found that a former FWS employee misused their Government travel credit card for personal expenses totaling over $37,000.

ICE officers did not always perform risk classification assessments to ensure they appropriately detained or released noncitizens held in ICE custody. According to a 2012 email message from the Executive Associate Director, ICE officers are responsible for completing the risk classification assessment for detained noncitizens unless they are subject to mandatory detention or removal from the United States within 5 days. However, in FY 2023, ICE officers did not conduct a risk assessment for 79,977 (33 percent) of 244,376 detained noncitizens. This noncompletion rate was higher in FY 2022, when ICE did not conduct risk classification assessment for 129,250 (43 percent) of 302,758 detained noncitizens.

We performed our inspection to determine whether the U.S. Department of Education (Department) ensured that contractors and grantees notified employees in writing of the whistleblower protections provided under 41 United States Code 4712 (Section 4712). We found that the Department did not adequately ensure that contractors and grantees notified employees in writing of the protections provided under Section 4712. Specifically, we found that the Department did not always include the required contractor employee whistleblower protections clause in contract awards, did not include a sufficient reference to whistleblower protections in its Grant Award Notifications, and did not have a process in place to ensure that contractors and grantees actually notified their employees of the whistleblower protections. We made 4 recommendations to address the issues identified.

We conducted an audit to determine whether the Federal Student Aid office (FSA) has effective plans for transitioning assigned activities to itsBusiness Process Operations (BPO) vendors and the status of the transition. We found that FSA has not developed effective plans for transitioning assigned activities to its BPO vendors. We found weaknesses related to FSA’s schedule management and lifecycle management methodology (LMM) documentation and related reviews. This included LMM documentation not always including required signoffs or indicating that required steps were completed. We also determined that the non-servicing phase was fully transitioned in March 2022, but the planned transition of the servicing and recovery phases has been pushed back repeatedly. FSA plans the servicing phase to be transitioned by November 2024. There is no planned transition date for the recovery phase. We also found that all of the BPO vendors initially struggled to meet non-servicing phase performance metrics. FSA revised the performance framework to lower targets for some metrics and remove others, which resulted in all vendors achieving passing scores. We made eight recommendations to improve FSA’s ability to effectively transition the servicing and recovery phases to BPO vendors and to ensure that performance metrics are realistic and achievable.

The National Credit Union Administration (NCUA) Office of Inspector General (OIG)conducted this self-initiated audit to assess the NCUA’s examination hours. The objectives ofour audit were to determine: (1) the NCUA’s effectiveness in establishing examination hours,and (2) whether the NCUA ensured proper regulatory safeguards remained in place to protect thecredit union system, credit union members, and the National Credit Union Share Insurance Fund(SIF) while appropriately managing the examination burden on credit unions.

The VA Office of Inspector General (OIG) conducted a healthcare inspection to review VISN and facility leaders’ response to allegations that an optometrist was not practicing to the standard of care at the Cheyenne VA Medical Center (facility) in Wyoming. In a response to an OIG request for review, VISN and facility leaders substantiated that the optometrist failed to diagnose patients and delayed testing for 15 of 16 identified patients. The response, however, lacked a plan to review the care of other patients who may have been adversely affected. The OIG identified deficiencies with the facility leaders’ response to the quality of care concerns, state licensing board reporting, and completing proficiency reports for the optometrist.The optometrist was suspended in January 2023 while facility leaders initiated a focused clinical care review of the optometrist’s practice. Although expert reviewers tasked with examining a selection of patient cases expressed significant concerns, and facility leaders’ analysis concluded the optometrist “did not meet the standard of care,” facility leaders did not initiate a review to assess the potential harm to other patients. The optometrist was allowed to return to patient care on a focused professional practice evaluation for cause and showed performance improvement before retiring in July. The OIG found that facility leaders failed to initiate the state licensing board reporting process after the optometrist “failed to meet generally accepted standards of clinical practice” due to a lack of understanding of reporting requirements. The OIG also found the optometrist’s supervisors failed to complete annual proficiency reports in 2021 and 2023 due to an oversight and inexperience by supervisors. The optometry supervisors also failed to address deficiencies identified in other completed proficiency reports. The OIG made recommendations for a comprehensive review of the optometrist’s care, state licensing board reporting, and completing the proficiency process.

Power plants rely on operational technology (OT) to ensure the plants can run without disruption. Due to the high risks associated with threat events against OT, we performed an audit of the Tennessee Valley Authority’s (TVA) OT cybersecurity at a combined cycle plant. Our objective was to determine if logical, physical, and general security controls were (1) appropriately designed to reduce cybersecurity risk and (2) operating effectively. We determined logical, physical, and some general controls were appropriately designed and operating effectively. However general security controls related to contingency planning, system inventory, system baselines, and cybersecurity monitoring needed improvement. Specifically, we identified:• Contingency plans were not documented. • OT inventory was incomplete.• System baselines were not in place.• Cybersecurity monitoring was incomplete.In addition, we determined a risk assessment had not been completed for the site’s OT systems.

U.S. Customs and Border Protection (CBP) spent $60 million of Infrastructure Investment and Jobs Act (IIJA) procurement, construction, and improvements (PC&I) funding on six contracts in fiscal years 2022 and 2023 to modernize and improve CBPowned land ports of entry (LPOEs). In FY 2022, CBP spent $16 million of IIJA PC&I funding for two contracts for maintenance and repairs at CBP-owned LPOEs. In FY 2023, CBP spent $44.5 million of IIJA PC&I funding for contracts to modernize six CBPowned LPOEs. In FY 2024, CBP plans to use IIJA PC&I funding for contracts to include work to address outstanding priority repairs at CBP-owned LPOEs.

NPS did not take sufficient steps to implement Justice40 and did not identify data necessary to track, monitor, and report the impact of DOI actions.

U.S. Customs and Border Protection’s (CBP) International Airport office in , and U.S. Immigration and Customs Enforcement’s (ICE) office did not have an effective process for detaining and removing inadmissible travelers. Between fiscal years 2021 and 2023, CBP We conducted this evaluation to assess whether CBP and ICE have an effective process for detaining and removing inadmissible travelers arriving at . What We Recommend We made three recommendations to ensure CBP and ICE effectively detain and remove inadmissible travelers and issue NTAs to inadmissible travelers who do not return for removal flights. For Further Information: Contact our Office of Public Affairs at (202) 981-6000, or email us at: DHS-OIG.OfficePublicAffairs@oig.dhs.gov. released at least 383 inadmissible travelers from custody; 168 (44 percent) of these travelers did not return for their removal flights. ICE leadership stated they deny CBP overnight detention requests for inadmissible travelers before removal flights because of staffing and bed space limitations. In addition, CBP does not have enough overtime funds to pay officers to detain inadmissible travelers at the airport after operating hours. Further, CBP described difficulties transferring inadmissible travelers to another airport because they must receive permission from the airline and the other airport’s CBP office and overcome other logistical issues.

To see our report, click on the link below

Audit of System of Internal Rules

During our unannounced inspection of U.S Immigration and Customs Enforcement’s (ICE) Denver Contract Detention Facility (Denver) in Aurora, Colorado, we found that Denver’s staff complied with Performance-Based National Detention Standards 2011, revised in December 2016, for recreation, use of force, library, and the voluntary work program. However, facility and ICE staff did not comply with standards related to staff-detainee communication and grievance practices. In addition, ICE did not maintain proper documentation of detainee grievances and a current log of paper requests and grievances, nor did they provide timely and appropriate responses to all requests.

Objective: To report internal control weaknesses, noncompliance issues, and unallowable costs identified in the single audit to SSA for resolution action.

Why We Did This ReportWhile conducting an evaluation of American Creosote Works Inc. in Pensacola, Florida, to determine whether the U.S. Environmental Protection Agency implements and oversees institutional controls, we noted the proximity of the Escambia Wood Treating Company, another Infrastructure Investment and Jobs Act-funded Superfund site. To optimize the value of our site visit, we drove past this site and observed insufficient engineering controls and poorly enforced institutional controls. Summary of FindingsThe EPA is not providing sufficient oversight of the maintenance of engineering controls, specifically physical access controls, and institutional controls to protect human health and the remedy addressing soil contamination at the site. According to site documents, camping and trespassing have been ongoing issues since at least March 2007. However, the EPA did not work with state and local partners to enforce the established institutional controls or take administrative action to ensure this unauthorized use did not continue even though the protectiveness of the remedy depends on it. It is the site’s remedial project manager’s opinion that encampments of homeless persons at the site do not pose an unacceptable risk despite the site’s restrictive covenants. This opinion conflicts with the EPA’s official site decision documentation. Further, the poorly maintained physical access controls and conflicting zoning enable continued camping and trespassing.

We announced two concurrent audits to determine whether First Responder Network Authority (FirstNet Authority) is ensuring that AT&T is achieving the desired results for device connection targets and Nationwide Public Safety Broadband Network (NPSBN) coverage for each state and territory. We separated these objectives into three components that include (1) the evolution of the desired results for device connection targets and network coverage as executed through contract modifications, (2) oversight of device connection targets, and (3) oversight of network coverage. This report focuses on the second component: FirstNet Authority’s oversight of device connection targets. We found that FirstNet Authority did not adequately assess contractor performance to ensure AT&T achieved the desired results for device connection targets for each state and territory. Specifically, FirstNet Authority did not develop measurable performance standards and methods of surveillance to assess if reported device connections complied with the Middle Class Tax Relief and Job Creation Act of 2012 and contract requirements; develop an adequate performance metric to accurately measure public safety use and adoption; review AT&T’s quality control program results or consistently conduct audits of raw data; or remediate deficiencies for device connections.

What We Looked AtWe performed a quality control review (QCR) on the single audit that Plante & Moran, PLLC performed for the Wayne County Airport Authority’s (WCAA) fiscal year that ended December 31, 2022. During this period, WCAA expended approximately $75.4 million from U.S. Department of Transportation (DOT) programs. Plante & Moran determined that DOT’s major program was the Federal Aviation Administration’s Airport Improvement Program. Our QCR objectives were to determine whether (1) Plante & Moran’s audit work complied with the Single Audit Act of 1984, as amended, the Office of Management and Budget’s Uniform Guidance, and the extent to which we could rely on the auditor’s work on DOT’s major program and (2) WCAA’s reporting package complied with the reporting requirements of the Uniform Guidance.What We FoundPlante & Moran complied with the requirements of the Single Audit Act, the Uniform Guidance, and DOT’s major program. We found nothing to indicate that Plante & Moran’s opinion on DOT’s major program was inappropriate or unreliable. However, we identified deficiencies in Plante & Moran’s audit work that require correction in future audits. Accordingly, we assigned Plante & Moran a rating of pass with deficiencies.