Federal Reports

The U.S. Small Business Administration (SBA) is authorized under Section 7(a) of the Small Business Act to provide financial assistance to small businesses in the form of government guaranteed loans. The secondary market was established to provide greater liquidity to lenders, thereby, expanding the availability of commercial credit for small businesses. Lenders are allowed to sell the guaranteed portions of their loans in the secondary market. The lender receives cash equal to the amount of the guaranteed portion sold plus a market driven premium, while the investor gets an interest earning security that is backed by the full faith and credit of the U.S. government.Before a loan can be sold on the secondary market, the lender must submit it to the fiscal and transfer agent (FTA) for approval. FTA reviews loans submitted for sale approval via Secondary Participation Guarantee Agreement (SBA Form 1086). For lenders under regulatory, state, or federal orders, SBA maintains a watch list. Lenders on this list may request for a loan to be sold on the secondary market through the FTA. However, due to the risk associated with these lenders, SBA’s Office of Credit Risk Management (OCRM) conducts a detailed review of each loan to determine whether it complies with SBA requirements and is eligible for sale.We determined that the process OCRM established to document secondary market loan sale denials in the Centralized Loan Chron System (CLCS) was generally effective at communicating loan deficiencies to the appropriate loan centers. OCRM completed its process to document secondary market loan sale denials in CLCS; however, we noted that the required CLCS notes on two of eight denied applications were not made until after we announced this inspection and requested applicable information. An OCRM official stated they noted the error while compiling the requested information and made the corrections in the system prior to sending us the information.

EAC OIG, through the independent public accounting firm of McBride, Lock & Associates, LLC, audited $27.4 million in funds received by the State of Wisconsin under the Help America Vote Act. The objectives of the audit were to determine whether the State of Wisconsin Elections Commission: 1) used funds for authorized purposes in accordance with Section 101 and Section 251 of HAVA and other applicable requirements; 2) properly accounted for and controlled property purchased with HAVA payments; and 3) used the funds in a manner consistent with the informational plans provided to EAC. The audit also determined if proper closeout procedures were followed for the CARES Act funds.

The Office of the Inspector General conducted a review of the Power Service Shop (PSS) organization to identify factors that could impact PSS’s organizational effectiveness. During our evaluation, PSS personnel commented positively on interactions within and outside of PSS and the safety environment. However, we identified issues that could negatively impact PSS’s effectiveness, if not addressed. These issues include (1) staffing challenges; (2) resource concerns related to tooling, tools, equipment, and trailers; and (3) communication with business partners. PSS is taking actions to address some of these concerns. We also identified risks to the independence of PSS’s Quality Control inspectors performing work on nuclear related components.

Our objective was to evaluate the Delivery Survey process for residential customers and small and medium businesses and to identify opportunities for improvement. We reviewed processes, contracts, and results, and interviewed Postal Service and supplier officials.

Our objective was to assess the Postal Service’s management of penalty overtime. For this audit, we analyzed nationwide penalty overtime data during fiscal years (FYs) 2020 through 2022. The data included average penalty overtime per employee and the total penalty overtime hours used. We conducted site visits at 22 judgmentally selected facilities where we held interviews to identify underlying causes that contributed to penalty overtime usage at the facilities and the Postal Service as a whole. Additionally, we interviewed headquarters personnel regarding their responsibilities, processes, and procedures on the management of penalty overtime.

Final Management Letter: Readiness Review – The SEC’s Progress Toward Implementing Zero Trust Cybersecurity Principles

The Transportation Security Administration’s (TSA) fiscal year 2021 pipeline security directives, if implemented, should strengthen pipeline operators’ posture against cyber threats. TSA considered and partially addressed stakeholder feedback when drafting these two directives. However, TSA did not ensure all pipeline operators timely adhered to security requirements contained in the directives.

U.S. Customs and Border Protection’s (CBP) Office of Field Operations (OFO) uses the Centralized Area Video Surveillance System (CAVSS) at land ports of entry (LPOEs) to increase the safety of the public, employees, and property, but improvements are needed to address video surveillance system issues. Specifically, CAVSS experienced widespread recording gaps, instances of poorquality video and audio, areas of inadequate video and audio coverage within LPOEs, and inadequate privacy protections for detainees being held at LPOEs.

U.S. Customs and Border Protection (CBP) did not consistently target for additional inspection or evaluate potentially inadmissible international mail entering the United States through its nine International Mail Facilities (IMFs). Although IMFs faced challenges targeting mail and examining packages identified as potential threats, CBP did not evaluate whether its screening was effective or refer problems to stakeholders for resolution.

This is the audit of the NEA's information technology systems security. Due to security concerns, this report is not published on the internet. You can obtain a copy of this report through a freedom of information act request at the following link: https://www.arts.gov/freedom-information-act-guide.

What We Looked AtThis report presents the results of our quality control review (QCR) of an audit of the Department of Transportation's (DOT) information security program and practices. The Federal Information Security Modernization Act of 2014 (FISMA) requires agencies to develop, implement, and document agencywide information security programs and practices. FISMA also requires inspectors general to conduct annual reviews of their agencies' information security programs and report the results to the Office of Management and Budget. To meet this requirement, we contracted with CliftonLarsonAllen LLP (CLA) to conduct this audit subject to our oversight. The audit objective was to determine the effectiveness of DOT's information security program and practices in five function areas--Identify, Protect, Detect, Respond, and Recover.What We FoundOur QCR disclosed no instances in which CLA did not comply, in all material respects, with generally accepted Government auditing standards.Our RecommendationsDOT concurs with both of CLA's recommendations. We consider both recommendations resolved but open pending completion of planned actions.

The VA Office of Inspector General (OIG) conducted a healthcare inspection to assess care coordination for patients of the VA Eastern Kansas Health Care System (system) who received care and were dually prescribed opioids and benzodiazepines from Community Care Network (CCN) providers. The inspection also reviewed compliance with public law and Veterans Health Administration (VHA) policies and guidelines specific to the oversight of CCN provider opioid prescribing practices. The OIG found issues related to incomplete and delayed CCN provider documentation, Opioid Safety Initiative (OSI) prescribing risk mitigation strategies, prescriptions dispensed at VHA pharmacies versus non-VA pharmacies, and lack of medication reconciliation and VHA medication profile updates, which place patients at risk for adverse opioid related events. Additionally, the OIG identified two examples in which patients received multiple controlled substance prescriptions from a combination of system, non-system VHA providers, and CCN providers.The OIG found the Veterans Integrated Service Network (VISN) Director and system staff were not conducting oversight of CCN providers opioid prescribing practices as required under the MISSION Act and as recommended by the OIG in 2019 and were not reporting concerns of unsafe CCN provider practices to the third party administrator.The OIG made seven recommendations to the Under Secretary for Health related to CCN provider documentation, evidence of CCN provider training and use of OSI risk-mitigation strategies, state prescription drug monitoring program queries, and capture of CCN-prescribed medications in electronic health records (EHR). The OIG made two recommendations to the VISN Director related to ensuring the system has processes in place to conduct oversight of CCN providers’ prescribing practices. The OIG made four recommendations to the System Director related to documenting use of OSI risk-mitigation strategies, capturing CCN-prescribed medications in the EHR, filling vacant positions, and educating staff on reporting patient safety concerns involving CCN providers.

Objectives: To (1) determine whether the Social Security Administration had taken corrective action in response to the recommendation in our 2015 review of Self-employment Earnings Removed from the Master Earnings File and (2) review instances where SSA removed self-employment earnings from the Master Earnings File since our 2015 review.

The objective was to determine whether the Social Security Administration’s identity verification controls for the my Social Security portal were compliant with Federal requirements. Our audit report (A-14-18-50486) results contain information that, if not protected, could result in adverse effects to the Agency’s information systems. In accordance with government auditing standards, we have separately transmitted to SSA management our audit’s detailed findings and recommendations and excluded from this summary certain sensitive information because of the potential damage if the information is misused. We determined the omitted information neither distorts the audit results described in this report nor conceals improper or illegal practices.

The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the security of the Social Security Administration’s (SSA) Web Identification, Authentication, and Access Control System. Ernst & Young’s audit results contain information that, if not protected, could result in adverse effects to the Agency’s information systems. In accordance with government auditing standards, we have separately transmitted to SSA management Ernst & Young’s detailed findings and recommendations and excluded from this summary report certain sensitive information because of the potential damage if the information is misused. We have determined the omitted information neither distorts the audit results described in this report nor conceals improper or illegal practices.

Compared to the general population, veterans have a higher risk of opioid overdose due to many contributing factors, along with a higher incidence of medical conditions that increase the risk for opioid use disorder. The MISSION Act of 2018 requires VA to ensure that non VA providers who prescribe opioids to veterans receive and certify the review of VA’s Opioid Safety Initiative (OSI) guidelines. These guidelines require providers to query state prescription drug monitoring programs (PDMPs) to determine whether veterans already have other opioid prescriptions before writing a new opioid prescription. The VA Office of Inspector General (OIG) assessed whether VA ensured non VA providers were provided a copy of the OSI guidelines and certified that they have reviewed them, whether a sample of non VA providers conducted required PDMP queries, and whether sampled veterans’ medical records included opioid prescriptions, as required by the MISSION Act. The Office of Integrated Veteran Care (IVC) did not provide adequate oversight for either the third party administrators or non VA providers to ensure the providers received and certified they reviewed the OSI guidelines. IVC also did not monitor third party administrators to ensure non VA providers are completing PDMP queries as required. The sampled medical records generally contained the non VA provider opioid prescription information as required. However, this information was documented in different sections of the VA medical records, which may make it difficult for providers to access this critical information. The OIG made three recommendations to improve compliance with MISSION Act requirements and OSI guidelines.

This Office of Inspector General Comprehensive Healthcare Inspection Program report describes the results of a focused evaluation of the inpatient and outpatient care provided at the Corporal Michael J. Crescenz VA Medical Center and associated outpatient clinics in Pennsylvania and New Jersey. This evaluation focused on five key operational areas:• Leadership and organizational risks• Quality, safety, and value• Medical staff privileging• Environment of care• Mental health (emergency department and urgent care center suicide prevention initiatives)The OIG issued nine recommendations for improvement in three areas:1. Quality, Safety, and Value• Root cause analysis for patient safety events with a safety assessment code score of 32. Medical Staff Privileging• Ongoing Professional Practice Evaluationso Service-specific criteriao Reprivileging based on datao Results reviewed and documented by Medical Executive Board when making reprivileging recommendations• Focused Professional Practice Evaluation results reported to the Medical Executive Board3. Environment of Care• Inspections at the required frequency• Clean and safe environment• Safe environment in the inpatient mental health unit• Access to medication and supply rooms

OIG assessed whether USDA agencies and staff offices had adequate processes in place to identify and mitigate security vulnerabilities on their USDA-developed mobile applications.

Our objective was to assess the safety and security aspects of the Postal Service’s surface transportation network. To accomplish our objective, we conducted reviews at eight mail processing facilities nationwide to determine whether contract drivers had current security clearances and visibly displayed identification badges while working, and that proper forms were completed for badge irregularities. We also identified safety and security concerns that pose a potential threat to employees, the public, mail, and/or assets.

Our objective was to evaluate whether corrective actions taken by the Postal Service in response to prior recommendations in the U.S. Postal Service Office of Inspector General’s Nationwide Employee Background Screening audit report (Report No. HR-AR-19-003) sufficiently addressed the issues identified and further assess the efficiency of background screening processes.

For our evaluation of the U.S. Economic Development Administration’s (EDA’s) file maintenance of grants awarded with Coronavirus Aid, Relief, and Economic Security Act funds, our objective was to determine whether EDA properly maintained grant files during the COVID-19 pandemic. We found that EDA generally maintained grant files during the pandemic. In addition, EDA generally complied with U.S. Department of Commerce policy for grant file requirements.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

For most Tennessee Valley Authority (TVA) employees, annual compensation consists of two components: base pay (salary) and pay at risk (Winning Performance [WP]). WP is a performance management program designed to promote teamwork, encourage high performance behaviors, and motivate and reward TVA employees for achieving goals aligned with TVA’s mission and values. We included an audit of TVA’s Load Not Served (LNS) WP measure in our annual audit plan because LNS was the second highest weighted measure in the fiscal year (FY) 2022 WP scorecard. LNS, which is an estimate of the megawatt hours not delivered when an interruption to a customer connection point is greater than or equal to 1 minute, was weighted at 30 percent at the target level on the WP scorecard for FY 2022. TVA’s total payout for WP for FY 2022 was $147.8 million, based on a total payout percentage of 119 percent of target. The LNS goal was paid at the threshold level for FY 2022 (50 percent of target) and accounted for about $18.6 million of the total $147.8 million payout. Our audit objective was to determine if adequate internal controls were in place to ensure accurate calculation and reporting of the LNS WP measure. Our audit scope included the LNS totals reported for WP in FY 2022 and the calculations’ compliance with Transmission Standard Programs and Processes (TRANS-SPP) 10.001, Rev. 5, Service Interruption Database Guidelines. Our scope did not include an assessment of the reasonableness of any exclusions allowed by TRANS-SPP-10.001.We determined the significant internal controls we identified for accurate LNS calculations were operating effectively. However, there were not adequate controls in place to ensure proper management approval of LNS exclusions. Additionally, we found some user access permissions were not appropriate.

We found that the Office of Diversity, Inclusion and Civil Rights applied an incorrect legal standard and backdated final agency decisions.

U.S. Immigration and Customs Enforcement (ICE) did not fully comply with Federal and departmental guidance for monitoring and overseeing transportation contracts. Specifically, ICE did not always appoint contracting officer’s representatives (COR) according to policy.

The Federal Information Security Modernization Act of 2014 (FISMA) requires each agency’s Inspector General (IG) to conduct an annual independent evaluation to determine the effectiveness of the information security program (ISP) and practices of its respective agency. Our objective was to determine the effectiveness of the Tennessee Valley Authority’s (TVA) ISP and practices as defined by the FY [Fiscal Year] 2023 – 2024 IG FISMA Reporting Metrics. Our audit scope was limited to answering the fiscal year (FY) 2023 IG metrics, which include 20 core IG metrics to be evaluated annually and remaining supplemental IG metrics will be evaluated on a two year cycle (Appendix B). The 20 core IG metrics were chosen based on alignment with Executive Order 14028, Improving the Nation's Cybersecurity, as well as recent OMB guidance to agencies in furtherance of the modernization of federal cybersecurity. The FISMA methodology considers metrics at a level 4 (managed and measurable) or higher to be at an effective level of security. Based on our analysis of the 40 IG metrics and associated maturity models, we found 21 of 40 IG metrics were at a level 1 (ad-hoc), level 2 (defined), or level 3 (consistently implemented); therefore, TVA's information security program was not operating in an effective manner.

Objective: To determine whether the Social Security Administration accurately administered Statutory Benefit Continuation for beneficiaries who appealed the Agency’s medical cessation decisions.

The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the Social Security Administration’s (SSA) ransomware prevention and response strategy. Ernst & Young’s audit results contain information that, if not protected, could result in adverse effects to the Agency’s information systems. In accordance with government auditing standards, we have separately transmitted to SSA management Ernst & Young’s detailed findings and recommendations and excluded from this summary report certain sensitive information because of the potential damage if the information is misused. We have determined the omitted information neither distorts the audit results described in this report nor conceals improper or illegal practices.

The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the security of the Social Security Administration’s (SSA) Earnings Record Maintenance System - Cloud. Ernst & Young’s audit results contain information that, if not protected, could be used to adversely affect SSA’s information systems. In accordance with government auditing standards, we have transmitted Ernst & Young’s detailed findings and recommendations to SSA management and excluded from this summary certain sensitive information because of the potential damage if the information is misused. The omitted information neither distorts the audit results described in this report nor conceals improper or illegal practices.

The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) Fiscal Year (FY) 2023 review of the Social Security Administration’s (SSA) information security program and practices, as required by the Federal Information Security Modernization Act of 2014 (FISMA). Ernst & Young’s audit results contain information that, if not protected, could result in adverse effects to the Agency’s information systems. In accordance with government auditing standards, we have separately transmitted to SSA management Ernst & Young’s detailed findings and recommendations and excluded from this report certain sensitive information because of the potential damage if the information is misused. The omitted information neither distorts the audit results described in this report nor conceals improper or illegal practices.

What We Looked AtWe performed a quality control review on the single audit that Crosslin PLLC performed for the Metropolitan Transit Authority (MTA) of Nashville, TN. During this period, MTA expended approximately $32 million from U.S. Department of Transportation (DOT) programs. Crosslin determined that DOT’s major program was the Federal Transit Cluster. What We FoundCrosslin did not comply with the requirements of the Single Audit Act, the Uniform Guidance, and DOT’s major program. We found that Crosslin’s audit documentation contained an unreported noncompliance that affected the reliability of the audit results. Accordingly, we assigned Crosslin an overall rating of fail. Additionally, we identified several deficiencies requiring corrective actions in future audits.

Anticipating a surge in disability benefits claims resulting from the passage of the PACT Act, the Veterans Benefits Administration (VBA) launched a project to automate the processing of hypertension (high blood pressure) claims—specifically, claims that request an increased evaluation or rating for this condition. VBA assigns a rating to each service connected disability based on impaired earning capacity; an increased rating would indicate worsening of the disability and increase the veteran’s monthly benefits accordingly. The VA Office of Inspector General (OIG) conducted this proactive review to determine whether the project supported accurate decisions on veterans’ claims while also improving processing timeliness and reducing manual effort.The project automates evidence-gathering tasks including extracting blood pressure readings and hypertension-related medication data from VA treatment records. These are compiled into a summary sheet uploaded to the veteran’s electronic claims folder. Overall, the summary sheets the OIG team reviewed did not contain comprehensive blood pressure reading information that would assist claims processors in accurately deciding the claim.Three other automation project deficiencies were inaccurate decisions, oversight gaps, and unclear metrics. Testing revealed that 27 percent of all claims reviewed (16 of 60 claims) contained inaccurate and inconsistent determinations (1) regarding the predominant blood pressure readings for hypertension or (2) when evidence was sufficient to decide a claim without an exam. This resulted in inaccurate decisions on veterans’ claims. The inaccuracies were largely caused by confusing guidance. Oversight gaps appeared in quality assurance results and monitoring. The team also found that claims processing timeliness metrics did not factor in the high priority given hypertension claims, making it difficult to assess improvement in claims decisions.The OIG recommended implementing technology improvements, ensuring guidance is clear for all claims processors, improving quality assurance and better monitoring the results, and creating or amending metrics.

Our objective was to assess the effectiveness of the THS operations at the West Valley P&DC. To assess the effectiveness of THS operations, we reviewed three key performance indicators including air container utilization, bypass utilization, and timely tendering of mail to the air supplier. In addition, we analyzed air container data from October 2021 to May 2023, and further supported our analysis with a site visit to the West Valley P&DC during the week of May 22, 2023, to review the THS operations.

We conducted this work as part of an ongoing inspection with the objective of conducting integrated oversight of the funding provided to Forest Service’s IIJA Legacy Road and Trail Remediation Program.

We determined whether Farm Service Agency (FSA) provided timely and accurate Coronavirus Food Assistance Program (CFAP) direct payments to eligible recipients.

This document discusses EAC OIG's planned oversight activities for fiscal year 2024.

The Department of Homeland Security does not have an up-to-date strategic plan to manage biometric capabilities across the Department. DHS issued a biometrics strategic framework covering 2015–2025 to address biometric capability gaps and advance biometric use across DHS.

The Federal Information Security Modernization Act of 2014 (FISMA) provides a comprehensive framework for establishing and ensuring the effectiveness of managerial, operational, and technical controls over information technology (IT) that supports Federal operations and assets and provides a mechanism for improved oversight of Federal agency information security programs. FISMA requires the head of each agency to implement policies and procedures to cost-effectively reduce IT security risks to an acceptable level. FISMA requires agency program officials, Chief Information Officers (CIO)s, Chief Information Security Officers (CISO)s, senior agency officials for privacy, and inspectors general to conduct annual reviews of the agency’s information security program.

Objective: To determine whether the Social Security Administration’s eligibility and payment determinations for Supplemental Security Income recipients who owned trusts were accurate.

This Office of Inspector General Comprehensive Healthcare Inspection Program report describes the results of a focused evaluation of the inpatient and outpatient care provided at the Michael E. DeBakey VA Medical Center in Houston and multiple outpatient clinics in Texas. This evaluation focused on five key operational areas:• Leadership and organizational risks• Quality, safety, and value• Medical staff privileging• Environment of care• Mental health (emergency department and urgent care center suicide prevention initiatives)The OIG issued three recommendations for improvement in three areas:1. Leadership and Organizational Risks• Institutional disclosures for sentinel events2. Medical Staff Privileging• Ongoing Professional Practice Evaluations by providers with equivalent training and similar privileges3. Environment of Care• Furnishings and equipment safe and in good repair

This Office of Inspector General (OIG) Comprehensive Healthcare Inspection Program report highlights the results of a focused evaluation of Veterans Health Administration (VHA) facilities’ medication management related to teratogenic medication prescriptions. The report describes a finding from healthcare inspections performed at 45 VHA medical facilities. The OIG interviewed key staff and reviewed the electronic health records of 1,352 randomly selected patients with the potential to become pregnant, who received care at the inspected facilities from July 1, 2020, through June 30, 2021, and were prescribed a teratogenic medication.The OIG issued one recommendation for improvement related to providing counseling to patients who have the potential to become pregnant on the risks and benefits of teratogenic medications prior to prescribing them and documenting the counseling in the electronic health record.

The objective of our audit was to evaluate acquisition planning and the internal controls over the contracting practices for the procurement of goods and services under contracts issued by the PRC. Our audit determined whether controls implemented in response to past audits were effective. We reviewed 36 contract files totaling $2,619,329, which included 13 acquisitions using PRC-drafted contracts and 23 purchase orders issued between October 1, 2019, and September 30, 2022.

Once a major system is fully deployed, it transitions to the sustainment phase, where Office of Management and Budget Circular No. A-11 provides guidance to Federal agencies to conduct an operational analysis (OA) periodically to ensure systems continue to perform as intended. From fiscal years 2018 through 2021, the Department of Homeland Security had 15 major systems that transitioned to sustainment and required OAs; these systems had operations and maintenance costs totaling about $1.1 billion in FY 2021.

In November 2021, Congress passed the VA Transparency & Trust Act of 2021 (Transparency Act) to provide oversight of VA’s spending of COVID-19-related emergency relief funding, including funding related to the Families First Coronavirus Response Act (FFCRA) and the Coronavirus Aid, Relief, and Economic Security (CARES) Act. To comply, VA must provide a detailed plan to Congress outlining its intent and justification for obligating and expending funds covered by the act. Additionally, the Transparency Act requires VA to submit biweekly reports to Congress detailing its obligations, expenditures, and planned uses, as well as justification for any deviation from the plan. The act also requires the VA Office of Inspector General (OIG) to submit semiannual reports comparing how VA is obligating and expending covered funds to the planned obligations and expenditures. In this fourth report, the OIG found VA initially purchased services, supplies, and materials that were not aligned with FFCRA but took action to correct its obligations and expenditures based on guidance from the Office of General Counsel. The OIG determined that expenditure transfers may pose a risk to VA’s financial reporting and that VA generally did not comply with its financial policies to process and authorize FFCRA expenditure transfers. The OIG also found that VA generally complied with the Transparency Act for CARES Act reporting requirements and biweekly reports. The OIG made one recommendation to VA’s under secretary for health to ensure that Veterans Health Administration fiscal staff are trained on the VA financial policy requirements for the preparation and approval of journal vouchers (including expenditure transfers).

We inspected the U.S. Small Business Administration’s (SBA) corrective action(s) for 8 of our 11 recommendations from the Office of Inspector General (OIG) audit report Audit of SBA’s Oversight of the SCORE Association to determine whether SBA continues to practice corrective actions. A verification inspection is a limited scope that focuses on closed recommendations from prior OIG reports.We determined OIG Report 19-12 recommendations 1, 2, 5, 6, 7, 8, and 11 to be fully implemented; however, SBA program officials did not fully implement recommendation 10. We will track management’s implementation by reopening the recommendation and will work with SBA to establish a target date for implementing corrective actions through the audit follow-up process.

The Office of Inspector General (OIG) is issuing this management advisory to bring to U.S. Small Business Administration’s (SBA) attention concerns regarding the SBA’s Reporting of Loan Data to a Commercial Credit Reporting Agency. These issues require immediate attention and action by SBA to ensure the commercial loan data it provides to Experian can be effectively incorporated into Experian’s commercial credit database and analyzed.Experian, as one of the three primary commercial credit reporting agencies, collects data on millions of businesses and combines the data to create business credit reports and calculate a credit rating. These business credit reports are used when businesses apply for a business loan, establish payment terms with a new vendor, or obtain any type of business credit.The U.S. Small Business Administration (SBA) provided Experian its commercial loan data; however, SBA was unaware that Experian had not analyzed or incorporated this loan data into its commercial credit files from October 2018 to June 2023. According to Experian, it could not use the data because, in 2018, SBA did not submit it timely. Experian stated that SBA needed to validate the integrity of the data before it could resume using it.To ensure SBA provides Experian with complete, accurate, and timely loan data sufficient to be incorporated into Experian’s business credit files and establish an applicant’s creditworthiness, we suggested SBA (1) coordinate with Experian to ensure SBA commercial loan data is reported in a manner that can be included in the credit reporting agency’s commercial credit files, (2) establish communication protocols with Experian to address, resolve, and monitor commercial credit reporting issues, and (3) establish a written agreement for reporting loan data with Experian and other major commercial credit reporting agencies, as applicable.

Our objective was to assess the Postal Service management of AMS for rural routes. Specifically, we determined whether the process for maintaining delivery points and other route information is timely and accurate. We limited our review to rural routes due to the recent implementation of the Rural Route Evaluation Compensation System, which relies on delivery point data from AMS.

To obtain further information about this Classified Report, please contact the OIG Office of Counsel at OIGCounsel@oig.treas.gov, (202) 927-0650, or by mail at Office of Treasury Inspector General, 1500 Pennsylvania Avenue, Washington, DC 20220.

To obtain further information about this Classified Report, please contact the OIG Office of Counsel at OIGCounsel@oig.treas.gov, 202 (927)-0650, or by mail at Office of Treasury Inspector General, 1500 Pennsylvania Avenue, Washington, DC 20220.

The COVID-19 pandemic put an unprecedented strain on the nation’s federal healthcare systems. The Pandemic Response Accountability Committee (PRAC) Health Care Subgroup surveyed more than 300 facilities across four federal healthcare programs to determine if the facilities had sufficient medical staff during the pandemic. The VA Office of Inspector General (OIG) reviewed staffing at Veterans Health Administration facilities, the Department of Justice OIG reviewed Federal Bureau of Prisons facilities, the Department of Defense OIG reviewed medical treatment facilities, and the Health and Human Services OIG reviewed staffing within Medicare- and Medicaid-certified nursing homes. Collectively, the IGs learned that most facilities had challenges hiring and maintaining the staff they needed. This joint report provides insights into shortages in personnel positions most commonly reported; factors contributing to personnel shortages reported by facility officials; impacts to the healthcare personnel, the patients, and healthcare services provided by the federal healthcare programs; and strategies to mitigate personnel shortages caused by or exacerbated by the pandemic. Specific insights identified in the report include• Nurses and medical officers were the most commonly reported positions that experienced shortages during the pandemic.• A limited labor pool, noncompetitive pay, COVID-19 requirements, and a challenging hiring process were the most commonly reported factors that contributed to personnel shortages.• A decrease in patient access to care and patient satisfaction and an increase in health care personnel work hours and responsibilities were the most commonly reported impacts resulting from personnel shortages.• Monetary incentives were the most commonly reported strategy to recruit and retain personnel.These insights can help policymakers understand the challenges that federal healthcare programs experienced throughout the pandemic and determine the actions necessary to ensure sufficient staffing for ongoing health care needs and future pandemic response efforts.