Financial Management
Review of the Military Retirement Trust Fund's Actuarial Model and Related Computer Controls Gao ID: AIMD-97-128 September 9, 1997The Defense Department's (DOD) Military Retirement Trust Fund was created to oversee the accumulation on funds to finance, on an actuarially sound basis, military retirement and survivor benefit programs. With total actuarial liabilities of $548 billion as reported in its financial statements for fiscal year 1996, the Fund has significant implications for the consolidated governmentwide financial statements that GAO plans to audit beginning in fiscal year 1997. In preparation for that audit, GAO contracted with an independent public accounting firm, KPMG Peat Marwick LLP, to review (1) the methods and assumptions used by the DOD Office of the Actuary to calculate the fund's pension liability as of September 30, 1996, and (2) the effectiveness of computer controls at the facilities that are responsible for receiving, formatting, and processing the actuarial information. This report presents the findings of that review.
GAO noted that: (1) based on GAO's review, GAO concurs with KPMG Peat Marwick LLP's conclusion that the methodology and actuarial assumptions used by the DOD Office of the Actuary to calculate the pension liability as of September 30, 1996, and the annual actuarial activity for the Fund were reasonable and reliable; (2) GAO also concurs with KPMG's identification of numerous control weaknesses related to: (a) the data gathering and preparation process; and (b) electronic data processing (EDP) activities; (3) due to the serious nature of the computer-related weaknesses identified, GAO agrees with KPMG's conclusion that there is a lack of overall security administration and management governing access to Fund data files; (4) in particular, DOD has not adequately implemented security policies and procedures, controlled the ability of computer programmers to make changes to systems, and controlled access to information on pension fund participants; (5) such uncontrolled access affects other sensitive personal and career-related information as well; (6) the computer that houses the Fund's data files also stores information on social security numbers, pay rates, child and spousal abuse allegations, and medical test results for both active duty and retired personnel; (7) although DOD regulations require that sensitive data be housed only on computers meeting specific security guidelines, the Fund processing sites reviewed by KPMG do not comply with those guidelines; (8) despite the weaknesses identified, KPMG believed that a material misstatement of the pension liability was unlikely to occur because of compensating controls that hinge largely on the experience and tenure of staff in the Office of the Actuary; and (9) GAO agrees that compensating controls currently exist in the Office of the Actuary but caution DOD against long-term reliance on controls that depend largely on the retention of a few key employees.
RecommendationsOur recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.
Director: Team: Phone: