An official website of the United States government
Here's how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Brought to you by the Council of the Inspectors General on Integrity and Efficiency
Federal Reports
Report Date
Agency Reviewed / Investigated
Report Title
Type
Location
Department of Housing and Urban Development
The City and County of Honolulu Made Some Improper Payments in its ESG CARES Act Program
We recently issued an audit report on the City and County of Honolulu’s (City) fraud risk management practices, which determined the grantee did not adequately develop a fraud risk management framework for the Coronavirus Aid, Relief, and Economic Security (CARES) Act funding provided for the Emergency Solutions Grant (ESG) program to prevent, detect, and respond to fraud (Audit Report No. 2024-LA-1002, issued August 6, 2024). This audit follows that recent work, in which we audited the City’s ESG CARES Act program with the objective of determining if improper payments existed.
The City made some improper payments in its ESG CARES Act program because it did not always follow HUD’s requirements. Specifically, the City and its subrecipients did not (1) determine that 233 landlord signing bonus payments totaling $714,512 were reasonable and necessary, (2) prorate the rent amount for partial months resulting in $51,235 in overpaid rent (projected to be $248,572 in overpayments based on our statistical sample), and (3) ensure there were no duplication of benefits for three program participants totaling $10,100. We also determined that HUD communicated draw deadline dates to grantees that were inconsistent with guidance it publicly issued, causing the City to draw $1.9 million in grant funds after the deadline. These conditions occurred because we determined that officials of the City and its subrecipients were not aware of some of HUD’s requirements for the ESG CARES Act program and did not have controls for preventing a duplication of benefits. In addition, HUD used a single draw deadline for grantees, which conflicted with the three separate expenditure deadlines that it established, but did not issue formal written notice so that all grantees, subrecipients, and the public would be aware of the single deadline. These results reduced the number of participants that could have been served by the program, intended to reduce or mitigate homelessness, and impacted the City’s ability to maintain program and payment integrity of the ESG CARES Act program. Although the ESG CARES Act program has concluded, the City could make some of the same types of improper payments in the annual ESG program and other HUD-funded programs it operates, since these programs allow expenses for similar activities.
We recommend that the Director of HUD’s Honolulu Office of Community Planning and Development instruct the City to (1) determine whether the $714,512 paid for 233 signing bonuses under the ESG CARES Act program were reasonable and necessary, (2) develop and implement written policies and procedures for the ESG program to ensure that rents are prorated for the first month for tenant-based rental assistance, (3) repay HUD from non-Federal funds $51,235 in overpaid rent to landlords, (4) develop and implement written policies and procedures to prevent duplication of benefits, and (5) review the rental assistance payments made for the ESG CARES Act program to identify other possible duplication of benefits with other rental assistance programs that the City operates.
We audited the U.S. Department of Housing and Urban Development’s (HUD) oversight of the Moving to Work (MTW) demonstration program. We also reviewed three of the 39 initial MTW public housing agencies (PHA) for compliance with the MTW program’s statutory requirements. We selected the three PHAs for review based on our analysis of risk factors for initial MTW PHAs. Our objective was to (1) assess HUD’s monitoring of initial MTW PHAs’ compliance with the statutory requirements of the MTW demonstration program, which includes HUD’s confirmation of PHAs’ activities and related outcomes and (2) determine whether the selected PHAs complied with three of the statutory requirements (creating a reasonable rent policy that encourages employment and self-sufficiency, continuing to assist substantially the same number of eligible families, and maintaining families of similar sizes as the PHA would have if it had not participated in the demonstration program). Further, we reviewed the PHAs’ activities to assess their established metrics and reported outcomes related to the statutory objectives.
We found that HUD’s monitoring of PHAs’ MTW demonstration programs had weaknesses. Specifically, HUD relied on PHA self-reported data and certifications to determine full compliance with the statutory requirements and did not confirm program activities. We determined that two of the three selected PHAs complied with the statutory requirements that we reviewed. However, (1) one PHA did not always comply with the statutory requirement of serving substantially the same number of families as it had before joining the program, which HUD had identified through its monitoring; and (2) two PHAs’ reporting of local non-traditional households (LNT), which impacts that same requirement, had errors and were not supported. Further, all three PHAs did not always use appropriate metrics when assessing program activities and related outcomes. Lastly, two PHAs did not consistently maintain support for their program activities.
These issues occurred because HUD did not verify PHAs’ reported information due to limited resources and its systems did not capture PHA data needed to determine full compliance with the statutory requirements. Further, PHAs relied on third-party contractors to administer programs for LNT households without providing sufficient oversight to ensure that data reported for their MTW programs were accurate. Additionally, HUD's standard metrics did not always align with the PHAs’ program activities; therefore, the PHAs could not consistently meet benchmarks and accurately report outcomes to HUD. The PHAs also did not consistently maintain support for activities reported in their MTW reports because they believed that documentation was not needed or had relied on third-party contractors to develop and implement MTW activities on their behalf. As a result, HUD did not have complete and accurate information to determine PHAs’ full compliance with the statutory requirements and evaluate their MTW activities to make program decisions that could impact assisted housing, increase housing choices, and encourage low-income families to gain self-sufficiency.
We make several recommendations in this report to address the improvements needed in HUD’s monitoring of initial MTW PHAs to ensure accuracy and reliability of the information PHAs report to HUD related to program activities and outcomes. Specifically, we recommend that the General Deputy Assistant Secretary for Public Housing Investments require the MTW Program Office to develop and implement a review and verification process to ensure that data provided by MTW PHAs is accurate, complete, and supported, and ensure corrections or updates to PHA information are reflected in either restated or subsequent MTW annual reports. Further, establish a requirement for PHAs to retain supporting documentation for all data elements reported in their annual reports and program data not captured within HUD systems. Based on the changes HUD made related to its reporting requirements and performance metrics during this audit, we recommend that HUD conduct an analysis to determine whether those changes will allow PHAs and HUD to appropriately measure the benefits and impacts of PHAs’ MTW program to include whether additional changes are warranted to appropriately evaluate results of the MTW program. We also recommend that HUD develop and implement a review process to ensure that appropriate outcomes are assessed for each PHA’s local MTW program.
Financial Audit of USAID Resources Managed by Infectious Diseases Institute Limited in Multiple Countries, Under Multiple Awards July 1, 2024, to June 30, 2025
Our objective was to assess the progress of the National Oceanic and Atmospheric Administration (NOAA) in implementing the Geostationary Extended Observations (GeoXO) weather satellite program. We also evaluated NOAA’s efforts to address the risk of a future gap in geostationary observations, and we assessed the program’s risk management processes.
We found that the GeoXO program has made adequate progress in its current phase of development and that it is achieving the desired technology maturity. However, NOAA should consider enhancing its continuity planning and risk management processes by (1) managing the risk of a continuity gap in geostationary satellite data, as the current series’s backup satellites are likely to reach the end of their lifespans before the first GeoXO satellite becomes operational, and (2) improving risk management processes to ensure the mission’s success.
The objective of this audit was to determine whether the Farm Credit Administration has designed and implemented appropriate controls over its Emergency Operations Center.
During fiscal year (FY) 2025, the Office of Inspector General (OIG) conducted cybersecurity reviews to determine whether the Department of Energy’s unclassified cybersecurity program was implemented in accordance with Federal and Department requirements. The OIG also performed the audit, The Department of Energy’s Fiscal Year 2025 Consolidated Financial Statements, which included test work over controls related to information technology.
The management letter discusses the results of cybersecurity reviews conducted by the OIG in FY 2025 and the results of our Federal Information Security Modernization Act of 2014 evaluation.
The OIG issued 33 cybersecurity findings (including 13 repeat prior year findings) to Department sites and programs related to information technology controls. However, three of those prior year findings, along with their recommendations, are being tracked in other OIG issued reports. Additionally, the audit, The Department of Energy’s Fiscal Year 2025 Consolidated Financial Statements, identified a significant deficiency related to access controls over various Department financial systems. The findings that led to the significant deficiency are included within this report.
The weaknesses occurred for a variety of reasons. For instance, deficiencies related to access controls occurred, in part, due to management not responding to changes in risks or identifying risks associated with inappropriate or unnecessary access to systems.
Without improvements to address the weaknesses identified in our report, the Department may be unable to adequately protect its information systems and data from compromise, loss, or unauthorized modification.