Federal Reports

The Office of the Inspector General performed an audit to determine if the backup and recovery process for operational technology cyber assets at Tennessee Valley Authority (TVA) natural gas plants were (1) designed in accordance with federal guidance and (2) operating as defined by TVA policy.  We determined TVA Generation’s backup and recovery procedure was designed in accordance with federal guidance for most areas.  However, the (1) procedure did not align with federal guidance for encryption and (2) process was not operating as defined by TVA Generation’s procedure.  Specifically, the National Institute of Standards and Technology recommends cryptographic mechanisms be implemented to prevent unauthorized disclosure and modification of data; however, encryption was not addressed in TVA Generation’s procedure.  Additionally, none of the plants selected for testing had a documented backup and recovery plan as required by procedure.

Background 

The Postal Regulatory Commission (PRC) participates in the General Services Administration SmartPay® program. The program provides purchase cards to federal agencies through contracts negotiated with bank providers. PRC purchase card holders will use the government purchase card as its preferred acquisition method for official government business purchases $10,000 and under, to expedite purchasing, streamline payment, and reduce administrative costs. 

In 2022, prior to relinquishing its oversight responsibility to the U.S. Postal Service Office of Inspector General (OIG), the PRC OIG conducted the PRC Purchase Card Expenses audit, which found among other things, that the PRC purchase card policy needed strengthening. This audit follows up on those findings. 

What We Did 

Our objective was to evaluate the PRC purchase card expenses and assess the effectiveness of internal controls and procedures. For this audit, we analyzed 252 of the 588 purchases (or about 43 percent) made from October 1, 2023, through July 31, 2025. 

What We Found 

The PRC made significant strides to improve controls over their purchase card program since the PRC Purchase Card Expenses audit, including standing up the Office of Budget and Finance, updating purchase card policies, and initiating a system to electronically track all purchases. However, we found opportunities for the PRC to further strengthen controls over purchase card transactions. Specifically, we identified inconsistencies and missing documentation across several transactions and noted other opportunities for the PRC to replace recurring monthly payments with contracts. Lastly, we found that the PRC did not consistently use preferred vendors as required. These conditions may result in missed opportunities for cost savings, reduce individual accountability, and increase the risk of misuse of purchase cards. 

Recommendations and Management’s Comments 

We made three recommendations to address the issues identified in the report. The Postal Regulatory Commission agreed with all three recommendations. Management’s comments and our evaluation are at the end of each finding and recommendation. The OIG considers management’s comments responsive to all recommendations. Corrective actions should resolve the issues identified in the report.

On January 21, 2026, we issued the financial statements audit report (Report 26-03) performed by the independent certified public accounting firm KPMG LLP. The auditors issued a disclaimer of opinion on the consolidated balance sheet as of September 30, 2025. During that audit, KPMG identified and reported on four material weaknesses and one significant deficiency.

When conducting an audit of an agency’s financial statements, auditors may identify certain other matters involving internal controls that do not rise to the level of a material weakness or significant deficiency and are not required to be reported in the independent auditors’ report. Instead, those matters are communicated in a management letter.

This memorandum has been prepared to transmit a management letter prepared by KPMG, dated February 20, 2026, to report internal control issues identified during the 2025 financial statement audit, that were not included in the final financial statement audit report. The attached management letter entitled Controls Related to the Reporting of Outstanding Guaranty Loans details the following issues identified by KPMG:

• Management did not properly categorize the 1 month reporting lag of the guaranty loan balances as a non-generally accepted accounting principles policy.
• Management did not perform a timely review of the non-generally accepted accounting principles policy related to the untimely reporting of the guaranty loan balances and determine its impact on the financial statements and related notes.

The auditors made two recommendations based on these findings that management agreed to implement to improve internal controls. We consider the recommendations issued in this letter as open audit recommendations. In accordance with our audit follow-up process, we will monitor management’s implementation of the corrective actions.

This report communicates the results of the Fiscal Year 2025 Federal Trade Commission Office of Inspector General review of the FTC’s compliance with the Payment Integrity Information Act of 2019 (PIIA) (Public Law 116-117).

Background

The U.S. Postal Service has 50 authorized officer positions, including the postmaster general, deputy postmaster general, and vice presidents. The Postal Service had 48 active officers, including acting officers, as of September 30, 2025. Officers filed 1,011 expense reimbursement requests totaling $1,405,278. In addition, as of the end of fiscal year (FY) 2025, the Postal Service had 13 executive directors who filed 195 reimbursement requests totaling $314,570. Further, the Postal Service hired specially assigned, limited-term contract employees who were not officers, but management elected for their reimbursement requests to receive the same level of review as officers. During FY 2025, the contract employees filed 81 reimbursement requests, totaling $120,075.

What We Did

Our objective was to determine whether Postal Service officers and executive directors complied with policies and procedures regarding travel and representation expense reimbursements. We reviewed a sample of 60 reimbursement requests for officers, including limited-term contract employees, totaling $75,136, and 20 executive directors’ reimbursement requests totaling $28,362 from FY 2025.

What We Found

For the travel and representation expense reimbursements we reviewed, Postal Service officers and executive directors generally followed applicable Postal Service travel policies and included proper support for reimbursement requests. However, we did identify instances of noncompliance where applicable travel policies were not followed and reimbursement requests were not supported, as required. In some cases, the non-compliance related to undocumented policy exceptions. In addition, we noted limited-term contract employees’ reimbursement requests were not always identified for additional review by the Travel and Relocation team.

The audit objectives were to determine whether program funds were managed in accordance with the ARC and Federal grant requirements.

Performance Audit Report on the Federal Labor Relations Authority’s Compliance with the Payment Integrity Information Act of 2019 for Fiscal Year 2025

Fiscal Year 2025 Independent Evaluation of the SEC's Implementation of the Federal Information Security Modernization Act of 2014, Report No. 589