Federal Reports

What We Looked AtAccording to U.S. Bank, Department of Transportation (DOT) employees made more than 327,000 purchase card transactions—totaling $223.7 million—from October 2016 through March 2018. In 2013, we reported several internal control weaknesses in the Department’s purchase card program, such as lack of prior approval or funding certification for purchases; use of cards by individuals other than cardholders; split purchases to circumvent single purchase limits; payments of incorrect amounts; and purchases of items not included in purchase requests. In addition, our annual charge card risk assessments disclosed areas that constitute risk to the Department’s charge card program such as purchase cardholders (PCH) not meeting training requirements and using their DOT-issued purchase cards to commit acts of fraud. As a result, we determined that another audit of this program was needed. Our objectives were to (1) test existing controls to determine if they provide reasonable assurance that improper purchases are prevented or detected in the normal course of business and (2) evaluate DOT’s policies and procedures for oversight of its purchase card program. We looked at purchase card program policies and procedures and supporting documentation for purchases. What We FoundWe identified internal control weaknesses in multiple areas of the purchase card program. The weaknesses show that PCHs are not consistently following existing controls to prevent improper purchases, putting the Department’s purchase card program at increased risk of misuse and abuse. Specifically, based on our findings for 44 of the 109 purchase card transactions in our sample, PCHs did not always follow prescribed controls for an estimated $86.1 million in purchases. Furthermore, we found that employees did not always use proper purchase request channels, thus putting DOT at risk for Anti-Deficiency Act violations. We also found that DOT’s policies and procedures for overseeing the purchase card program are not sufficient. For example, DOT does not review individual Operating Administrations’ purchase card guidance for compliance with the Transportation Acquisition Manual. RecommendationsWe made 13 recommendations to assist DOT in improving its oversight of the purchase card program and increasing the effectiveness of its internal controls. DOT fully concurred with 10 recommendations and partially concurred with 3.

The Government Publishing Office (GPO), Office of Inspector General conducted an inspection of GPO’s Next Generation Passport Program to determine if GPO had the capability to produce the upgraded and more secure Next Generation Passports at the estimated quantity of more than 15 million total per year. We found that with respect to machine and process readiness, GPO is prepared to meet future next generation passport orders. Our report contains no recommendations for GPO and considered management’s comments responsive (appendix D).

We reviewed 45 fiscal year 2018 contract files at the Equal Employment Opportunity Commission (EEOC). We found that some contract files had incomplete contract orders and were missing the Contracting Officer Representative (COR) acceptance page. In addition, progress reports were not found in any of the contract files. Although the files usually contained sub dividers and were organized, it was cumbersome to find contract administration documents in many of the folders.We interviewed nine CORs and reviewed 20 COR contract files. We found that insufficient oversight of CORs and internal guidance contribute to incomplete COR documentation and uncertainty among CORs about how to perform their duties. We found 29 documents were missing from the files, including COR appointment letters, invoices, and progress reports. Five CORs expressed a need for more consistency among the Contracting Officers and three said they would benefit from more procedural guidance on how to perform their duties.Lastly, we found that the Office of the Chief Financial Officer (OCFO) usually pays contractor invoices on time; however, the COR review and approval process causes significant delays. Of the 268 invoices in our sample, 56 (21 percent) were overdue. On average, OCFO paid the invoices within 9 days of the CORs approval. However, contract invoices were in the system an average of 64 days prior to the CORs approval. CORs stated that the invoice system does not notify them when vendors submit invoices, which may contribute to the payment delays. We issued five recommendations to improve EEOC’s contracts administration activities.