Education Financial Management
Weak Internal Controls Led to Instances of Fraud and Other Improper Payments
Gao ID: GAO-02-406 March 28, 2002
Because of internal control weaknesses, the Department of Education's student financial assistance programs are at high risk for fraud or erroneous payments. GAO discovered fraud in the grant and loan areas and pervasive control breakdowns and improper payments in other areas. Controls over grant and loan disbursements lacked a key edit check or follow-up process that would identify schools improperly disbursing Pell Grants. Significant internal control weaknesses over Education's third party drafts also increased the department's vulnerability. GAO found that individual Education employees could control the entire payment process for third party drafts. Education employees also circumvented a key computerized control designed to prevent duplicate payments. Education eliminated third party drafts in May 2001. Inconsistent and inadequate authorization and review processes for purchase cards, combined with a lack of monitoring, meant that improper purchases were unlikely to be detected. Inadequate control over these expenditures, combined with the inherent risk of fraud and abuse associated with purchase cards, led to fraudulent, improper, and questionable purchases totaling $686,000. Poor internal controls over computers acquired with purchase cards and third party drafts led to 241 missing personal computers and other equipment valued at $261,500. Although Education changed policies and procedures over disbursements to improve internal controls and program integrity, many of these changes have not been effectively implemented.
Recommendations
Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.
Director:
Team:
Phone:
GAO-02-406, Education Financial Management: Weak Internal Controls Led to Instances of Fraud and Other Improper Payments
This is the accessible text file for GAO report number GAO-02-406
entitled 'Education Financial Management: Weak Internal Controls Led
to Instances of Fraud and Other Improper Payments' which was released
on March 28, 2002.
This text file was formatted by the U.S. General Accounting Office
(GAO) to be accessible to users with visual impairments, as part of a
longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the
printed version. The portable document format (PDF) file is an exact
electronic replica of the printed version. We welcome your feedback.
Please E-mail your comments regarding the contents or accessibility
features of this document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
United States General Accounting Office:
GAO:
Report to Congressional Requesters:
Education Financial Management:
Weak Internal Controls Led to Instances of Fraud and Other Improper
Payments:
GAO-02-406:
Contents:
Letter:
Results in Brief:
Background:
Objectives, Scope, and Methodology:
Controls over Grants Disbursement Process Failed to Detect Certain
Improper Payments:
Controls Over Third Party Draft Process Were Ineffective:
Poor Controls over Government Purchase Cards Resulted in Some
Fraudulent, Improper, and Questionable Purchases:
Poor Controls Contributed to Loss of Computer Equipment:
Conclusions:
Recommendations for Executive Action:
Agency Comments and Our Evaluation:
Appendixes:
Appendix I: Description of Grant and Loan Programs Reviewed:
Appendix II: Objectives, Scope, and Methodology:
Appendix III: Comments from the Department of Education:
Appendix IV: GAO Contact and Staff Acknowledgments:
Tables:
Table 1: Fiscal Year 2000 Disbursements by the Department of Education:
Table 2: Amounts of Potentially Improper Payments Initially Identified
and Disposition of Those Amounts after Review of Supporting
Documentation:
Table 3: Description of Programs and Amounts Disbursed:
Abbreviations:
COD: Common Origination and Disbursement:
CPS: Central Processing System:
ESL: English as a second language:
FMSS: Financial Management System Software:
FRB: Federal Reserve Bank:
GAPS: Grant Administration and Payment System:
GSA: General Services Administration:
LOS: Loan Origination System:
MCC: Merchant Category Code:
OCFO: Office of the Chief Financial Officer:
OCIO: Office of the Chief Information Officer:
OIG: Office of Inspector General:
RFMS: Recipient Financial Management System:
SSA: Social Security Administration:
SSN: social security number:
Y2K: Year 2000:
[End of section]
United States General Accounting Office:
Washington, D.C. 20548:
March 28, 2002:
The Honorable Pete Hoekstra:
Chairman:
Subcommittee on Select Education:
Committee on Education and the Workforce:
House of Representatives:
The Honorable Charlie Norwood:
House of Representatives:
The Department of Education has a history of financial management
problems, including serious internal control weaknesses, which have
affected Education's ability to provide reliable financial information
to decisionmakers both inside and outside the agency and to maintain
the financial integrity of its operations. Because of this, we have
designated Education's student financial assistance programs as a high-
risk area for waste, fraud, abuse, and mismanagement.[Footnote 1]
Given the billions of dollars in payments made by Education each year
to recipients nationwide and abroad, these known deficiencies raise
the risk that fraudulent or erroneous payments could make their way
undetected through Education's processes. In January 2002, three
employees pleaded guilty to a scheme in which they defrauded the
department of more than $1 million during the 1990s, and, in 2000, the
department reported that $1.9 million meant for two school districts
in South Dakota was fraudulently wired to improper bank accounts.
Given this risk, you requested that we audit selected disbursement
processes at Education that are particularly susceptible to waste,
fraud, and abuse. Specifically, you asked us to assess the adequacy of
internal controls over (1) grant and loan disbursements, (2) third
party drafts,[Footnote 2] and (3) government purchase cards, and to
determine if any fraudulent or otherwise improper payments were made
in these areas. You requested that we cover the period May 1998
through September 2000 during which time Education disbursed $181.5
billion through these processes”-$181.4 billion in grants and loans,
$55 million in third party drafts, and $22 million in purchase card
transactions. You also asked that we look at physical controls over
computer equipment purchased with third party drafts and purchase
cards. Our work built upon earlier work done by Education's Office of
Inspector General (OIG) in which the OIG identified weaknesses in the
department's third party draft and purchase card processes. Last year
we testified twice[Footnote 3] and made several recommendations to
address the key findings discussed in our testimonies. We also
provided two interim briefings on the status of our ongoing work. This
report provides the final results of our work.
Results in Brief:
Significant internal control weaknesses in Education's payment
processes and poor physical control over its computer assets made the
department vulnerable to and in some cases resulted in fraud, improper
payments, and lost assets. We identified several instances of fraud in
the grant and loan areas and pervasive control breakdowns and improper
payments in other areas, particularly involving purchase cards.
Further, because of the risks we identified in the third party draft
process, Education eliminated their use.
Controls over grant and loan disbursements did not include a key edit
check or follow-up process that would help identify schools that were
disbursing Pell Grants to ineligible students. Our tests and follow-up
investigation identified 3 schools that fraudulently disbursed about
$2 million of Pell Grants to ineligible students. Previously, we had
investigated 2 of these schools for similar activity. We also
identified 1 school that improperly disbursed $1.4 million of Pell
Grants to ineligible students. We have formally referred the results
of our investigation of these 4 schools to Education's Inspector
General. In addition, we identified 31 other schools with
disbursements totaling $1.6 million with similar characteristics that
we referred to Education for follow-up. Further, we found other grant
and loan payments totaling $12 million that were potentially
fraudulent or otherwise improper. However, because Education did not
provide adequate supporting documentation, we were unable to determine
the validity of these transactions or conclude on the effectiveness of
the related edit checks. While the amount of improper and potentially
improper grant and loan payments we identified is relatively
insignificant compared to the billions of dollars disbursed for these
programs annually, it represents a control risk that could easily be
exploited to a greater extent.
Significant internal control weaknesses over Education's process for
third party drafts markedly increased the department's vulnerability
to improper payments. Although segregation of duties is one of the
most fundamental internal control concepts, we found that some
individuals at Education could control the entire payment process for
third party drafts. We also found that Education employees
circumvented a key computer system application control designed to
prevent duplicate payments. We tested third party draft transactions
and identified $8.9 million of potential improper payments, $1.7
million of which remain unresolved because Education was unable to
provide us with adequate supporting documentation. Because of the
risks we identified in the third party draft payment process, and in
response to a letter from the Chairman and Vice-Chairman of the
Subcommittee on Select Education, House Committee on Education and the
Workforce, Education took action in May 2001 to eliminate the use of
third party drafts.
We found that Education's inconsistent and inadequate authorization
and review processes for purchase cards, combined with a lack of
monitoring, created an environment in which improper purchases could
be made with little risk of detection. Inadequate control over these
expenditures, combined with the inherent risk of fraud and abuse
associated with purchase cards, resulted in fraudulent, improper, and
questionable purchases totaling about $686,000 by some Education
employees. For example, one employee made improper charges totaling
$11,700 for herself and a coworker to attend college classes that were
unrelated to their jobs at the department. In another example, we
identified almost $287,000 in questionable purchases for new office
furniture and renovation costs related to interim space that was to be
vacated. Further, Education could not provide any support for $152,000
of additional purchases and does not know what was acquired with these
funds.
Education also lacked adequate internal controls over computers
acquired with purchase cards and third party drafts, which contributed
to 241 missing personal computers and computer equipment with an
acquisition cost of about $261,500. After we completed our work in
this area, we again visited the office where most of the computer
equipment was missing because Education officials told us they had
located some of the missing inventory. Although Education officials
stated they found 73 pieces of equipment, we were able to locate only
62 pieces of the equipment with an acquisition value of about $49,800.
Education officials have been unable to locate the remaining 179
pieces of missing computer equipment with an acquisition value of
about $211,700. Segregation of duties, one of the most fundamental
internal controls, was lacking in the office where most of the missing
equipment was purchased. In addition, according to Education's
Inspector General, the department had not taken a comprehensive
physical inventory of all property, including computers, for at least
2 years. Further, Education did not record almost $400,000 of computer
purchases in its property records. These weaknesses created an
environment in which computer equipment could be easily lost or stolen
without detection. Education's Inspector General is investigating the
disappearance of these vulnerable assets.
During our review, Education made several changes to policies and
procedures over disbursements to improve internal controls and program
integrity. While these changes are positive steps, in many cases they
have not been effectively implemented. Therefore, many of the risks we
identified continue to exist. For example, Education developed a new
approval process for its purchase card program; however, our testing
of 3 months of purchase card statements under the new process found
that over 20 percent lacked proper support for the items purchased.
Management commitment to improving internal controls is necessary to
minimize Education's vulnerability to future improper payments and
lost assets and to improve financial management in general. This
report makes recommendations that, if fully implemented, will help the
department improve its controls so that fraudulent and otherwise
improper payments can be prevented or detected in the future and
vulnerable assets can be better protected.
In commenting on a draft of this report, the Deputy Secretary
generally agreed with our findings and recommendations and said that
Education is developing a formal corrective action plan to address
each of our recommendations.
Background:
The Department of Education's mission is to ensure equal access to
education and to promote educational excellence throughout the nation.
Education does this, in part, by disbursing billions of dollars each
year in grants and loans to school districts, state education
agencies, organizations, and individuals. Appendix I describes the
various grant and loan programs and the amounts disbursed for these
programs during the period we reviewed. In supporting its mission,
Education also paid close to a billion dollars in fiscal year 2000 to
various contractors and vendors for goods and services, including
computers and supplies. Education used various payment methods for
these expenses, including third party drafts and government purchase
cards. The following table shows the amounts disbursed in fiscal year
2000 for the various grant and loan programs and the amount of
expenses paid by third party drafts and government purchase cards.
Table 1: Fiscal Year 2000 Disbursements by the Department of Education:
Disbursement type: Grants and loans;
Amount disbursed in fiscal year 2000: $45.5 billion.
Disbursement type: Third party drafts;
Amount disbursed in fiscal year 2000: $23 million.
Disbursement type: Purchase cards;
Amount disbursed in fiscal year 2000: $8 million.
[End of table]
Payments for Grants and Loans:
Education funds for various grants go directly to the recipients”state
education agencies, schools, individuals, and school districts”and are
to be used by the recipients for the stated purposes. Education
disburses funds for Pell Grants and direct loans, which help finance
the higher education of millions of students, directly to schools.
[Footnote 4] The schools are responsible for determining student
eligibility for these funds and for disbursing the grants and loans to
students. The disbursement process for these grants and loans relies
extensively on various computer information systems within Education
and their related computer application controls.[Footnote 5]
Each student applying for federal financial aid must complete an
application form, either electronically or on a paper copy. This
application includes information that is used to determine
eligibility. The application information goes directly into
Education's Central Processing System (CPS) if submitted
electronically, or to a contractor for data entry into CPS if a paper
copy is submitted. CPS matches the student data against several
databases at other agencies, such as the Social Security
Administration (SSA), the Immigration and Naturalization Service, the
Selective Service System, and the Department of Veterans Affairs
Errors can occur if the student submits wrong information or the
information on the application was not entered correctly in CPS. If
discrepancies are found, the application is rejected or identified for
follow-up. Generally, the school to which the student applied must
have correct data before it can disburse federal Education funds to
the student. However, the school can disburse funds to the student
without waiting for submitted corrections to be processed in the
system.
Third Party Drafts:
Third party drafts are check-like instruments drawn on and paid by a
financial institution or outside contractor. Agencies receive the
drafts from the institution or contractor that maintains the agency
account and may use them as an alternative to imprest funds. Education
originally used third party drafts to pay field readers”non-Education
employees who review grant applications. By May 1999, Education's
policy allowed the use of third party drafts to pay for a wide variety
of other expenses including employee local travel reimbursements, fuel
and maintenance for government vehicles, and other "small purchases."
The Executive Officer in each of Education's principal offices
determined who had signature authority. Third party drafts could be
issued for up to $10,000”a limitation that is printed on the face of
each draft. Following our April 2001 testimony before the Subcommittee
on Select Education, and in response to a letter from the Chairman and
Vice-Chairman of the subcommittee, Education took action in May 2001
to eliminate the use of third party drafts.
Purchase Cards:
Government purchase cards, a type of credit card, are available to
federal agencies under a General Services Administration (GSA)
contract and are to be used to make small purchases with minimal
paperwork. The Department of the Treasury requires agencies to
establish approved uses and limitations on the types of purchases and
dollar amounts. During the period of our review”May 1998 through
September 2000”Education's purchase card program was operating under a
policy dated March 1990. This policy stated that purchase cards could
be used to buy various small items such as supplies not available from
the GSA Customer Supply Center. The policy prohibited purchases for
nonexpendable property, such as desks, chairs, tables, and personal
computers.
Education's purchase card policy stated that an approving official was
to ensure that all credit card transactions were for authorized
Education purchases and in accordance with departmental and other
federal regulations. The approving official signified that a
cardholder's purchases were appropriate by reviewing and signing
monthly statements. Education's 1990 written policy did not establish
specific dollar limits for either the cumulative purchases in a given
month or the total for a single purchase, known as the monthly
purchase limit and single purchase limit, respectively. As of January
2001, single purchase limits for individual cardholders, which were
established by each principal office, ranged from $500 to $80,000, and
their monthly limits ranged from $1,500 to $300,000.[Footnote 6]
Currently, both single and monthly limits range from $500 to $30,000.
Bank of America currently services the purchase card program at
Education.
Computer Purchases:
During the time frame of our review, each individual principal office
made its own purchases of computers and related equipment on a
decentralized basis. There were no established policies that required
approvals from the Office of the Chief Information Officer (OCIO). In
July 2000, Education issued new written procedures for computer asset
management. The procedures state that a new position, asset manager,
will be established in OCIO. The procedures further state that
principal offices are required to use only vendors approved by the
department. Education is to request that these vendors bar code
equipment before delivering it to the department with bar codes
provided by the new asset manager. Vendors are to electronically
submit a list of equipment with serial numbers and bar codes, which
will be entered into the new Asset Management System before the
equipment is delivered. The new procedures also modify procedures for
controlling computer equipment that leaves any Education building.
Security guards are to verify that anyone taking computer equipment
from the building has been authorized to do so and has an appropriate
property pass.
Internal Control:
Internal control is a major part of managing an organization. As
mandated by the Federal Managers' Financial Integrity Act of 1982, the
Comptroller General issues standards for internal control in the
federal government.[Footnote 7] These standards provide the overall
framework for establishing and maintaining internal control and for
identifying and addressing major performance and management challenges
and areas at greatest risk of fraud, waste, abuse, and mismanagement.
According to these standards, internal control comprises the plans,
methods, and procedures used to meet missions, goals, and objectives.
Internal control is the first line of defense in safeguarding assets
and preventing and detecting fraud and errors. Internal control, which
is synonymous with management control, helps government program
managers achieve desired results through effective stewardship of
public resources.
Control activities are the policies, procedures, techniques, and
mechanisms that enforce management's directives and help ensure that
actions are taken to address risks. Control activities are an integral
part of an entity's planning, implementing, reviewing, and
accountability for stewardship of government resources and achieving
effective results. They include a wide range of diverse activities.
Some examples of control activities include controls over information
processing, physical control over vulnerable assets, segregation of
duties, proper execution of transactions and events, and access
restrictions to and accountability for resources and records.
Management should design and implement internal control based on the
related costs and benefits. No matter how well designed and operated,
internal control cannot provide absolute assurance that all agency
objectives will be met, and thus, once in place, internal control
provides reasonable, not absolute, assurance of meeting agency
objectives.
Objectives, Scope, and Methodology:
The objectives of our review were to assess internal controls in place
from May 1998 through September 2000 and to identify any fraudulent or
otherwise improper payments that may have resulted from control
weaknesses in Education's processes for (1) disbursing grants and
loans, (2) paying for purchases with third party drafts, and (3) use
of government purchase cards. In addition, our objective was to assess
Education's physical controls over its computer equipment from May
1998 through September 2000 and identify any effects of weak controls.
Further, at your request, we assessed the effectiveness of recent
changes to Education's process for purchase card purchases, which took
effect in July 2001 following our testimony before the subcommittee.
To identify and assess internal controls over Education's (1)
disbursement process for grants and loans and (2) processes for paying
for purchases with third party drafts and government purchase cards,
we obtained an understanding of the processes, interviewed staff and
officials in the Office of Chief Financial Officer (OCFO) and program
offices, and performed walk-throughs of the processes. We also
reviewed Education's policies and procedures and reviewed our own
reports and those by Education's OIG and independent auditors. To
identify potential improper payments, we requested and obtained
payment data and other supporting data from Education[Footnote 8] and
sources external to the department, including SSA, Rocky Mountain
Bank, and Bank of America; contracted with forensic and information
risk management experts; and used an automated approach, including
database searches, file comparisons, and other detailed analyses, to
identify unusual transactions and payment patterns that may be
improper. For those payments that we identified as potentially
improper, we requested and analyzed supporting documentation to assess
their propriety. To assess Education's controls over computer
equipment, we conducted an unannounced search for computers and their
related components that were purchased with government purchase cards
and third party drafts and were not included in Education's asset
management system inventory To assess the effectiveness of recent
changes in Education's process for approving purchase card purchases,
we reviewed a statistical sample of cardholders' monthly statements
for July, August, and September 2001. While we identified some
fraudulent and improper payments, our work was not designed to
identify all fraudulent or otherwise improper payments throughout the
department.
Appendix II provides further details on our scope and methodology. We
conducted our work from August 2000 through February 2002, in
accordance with generally accepted government auditing standards, as
well as with investigative standards established by the President's
Council on Integrity and Efficiency. We requested comments on a draft
of this report from the Secretary of Education or his designee.
Written comments were received from the Deputy Secretary and are
reprinted in appendix III.
Controls over Grants Disbursement Process Failed to Detect Certain
Improper Payments:
Education's grant and loan disbursement process relies on computer
systems application controls, or edit checks, to help ensure the
propriety of payments. We focused our review on these edit checks and
related controls because they are key to helping prevent or detect
improper payments in an automated process. In our testing of the
effectiveness of Education's controls, we found that the department
lacked a key edit check and follow-up process that would help identify
schools that were disbursing Pell Grants to ineligible students. As a
result of our tests and follow-up investigation, we identified 3
schools that fraudulently disbursed about $2 million of Pell Grants.
These schools produced fraudulent documentation to support the grants.
We also identified another school that improperly disbursed about $1.4
million of Pell Grants to ineligible students. In addition, we
identified 31 other schools with similar characteristics that we
referred to Education for follow-up.9 In testing whether existing edit
checks were working effectively or whether additional edit checks were
needed, we found other grant and loan payments that were potentially
improper. However, because Education did not provide adequate
supporting documentation, we were unable to determine the validity of
these transactions or conclude on the effectiveness of the related
edit checks. We also found that a system used in the loan origination
process contained erroneous data on some students that could affect
the ability of the department to collect those student loans. In April
2002, Education plans to implement a new grant and loan disbursement
system designed to improve controls and reduce the risk of future
improper grant payments.
Education Lacked a Key Edit Check and Follow-up Procedures:
Education's CPS for student aid applications lacked an edit that would
identify students who were older than would typically be expected. In
addition, the department lacked a formal, systematic process to follow
up on unusual disbursement patterns identified by such an edit. To
identify improper payments that may have resulted from the absence of
these controls, we identified schools that disbursed Pell Grants over
multiple years to students 70 years of age or older. We chose to test
for students of this age because we did not expect large numbers of
older students to be receiving Pell Grants.[Footnote 10] We identified
707 schools that had disbursed more than 4,500 Pell Grants totaling
about $7 million to students 70 years of age and older during the
period covered by our review.
Based on the initial results of our test and because of the problems
we had identified in the past,[Footnote 11] we decided to expand our
review of 7 of the 707 schools that had disproportionately high
numbers of older students to include recipients 50 years of age or
older.[Footnote 12] Our Office of Special Investigations investigated
4 of these 7 schools and found that they disbursed approximately $3.4
million in Pell Grants to ineligible students during this period.
[Footnote 13] These students were ineligible because their primary
course of study was English as a second language (ESL), and they were
not seeking degrees or certificates.[Footnote 14] Further, most of the
students interviewed during the investigation said that they were not
working and were studying English in order to improve their speaking
abilities, not to obtain a degree or certificate. The investigation
disclosed that 3 schools generated fraudulent student admissions
documents to create the appearance that students who were not in fact
seeking degrees were participating in degree programs. We investigated
2 of these 4 schools in 1993 and found similar activities, including
the falsification of student records.
The remaining 3 schools disbursed approximately $450,000 in Pell
Grants and warranted additional review because they also had unusually
high concentrations of older students who were potentially ineligible.
We have formally referred the information on these 3 schools, as well
as the results of our investigations of the 4 schools discussed above,
to Education's OIG for appropriate follow-up.
To determine whether the other 700 schools made improper Pell Grant
payments to students 70 years of age and older, we asked Education to
provide us with documentation supporting the students' eligibility.
Education requested documentation from these schools. The department
provided us with student transcripts and other data from less than
half of the 700 schools. Based on our review of the documentation we
received, we identified 19 additional schools that disbursed Pell
Grants to large numbers of students who were 70 years of age or older
and whose course of study was mainly ESL. These 19 schools made
disbursements totaling about $573,000 to these students during the
period of our review. We also identified 9 other schools, based solely
on data from the Pell Grant system, that had similar disbursement
patterns to those making the payments to ineligible students. These 9
schools did not provide supporting documentation for approximately
$547,000 in Pell Grant disbursements. We provided information on these
28 schools to Education for follow-up.
Education staff and officials told us that they have performed ad hoc
reviews in the past to identify schools that disbursed Pell Grants to
ineligible students and have recovered some improper payments as a
result. However, Education did not have a formal, systematic process
in place specifically designed to identify schools that may be
improperly disbursing Pell Grants. In September 2001, we issued an
interim report[Footnote 15] in which we recommended that the Secretary
of Education (1) establish appropriate edit checks to identify unusual
grant and loan disbursement patterns and (2) design and implement a
formal, routine process to investigate unusual disbursement patterns
identified by the edit checks. This type of process would serve not
only to detect fraudulent and otherwise improper payments, but would
also act as a deterrent to others who may be inclined toward these
types of activities.
In response to our work, Education told us an edit was implemented in
January 2002 in CPS, the application processing system, that will
identify applications that indicate a student is 75 years of age or
older. If the student's date of birth indicates that he or she is 75
years of age or older, the system edit will reject the application and
the school will not be authorized to give the student federal
education funds until the student either submits a corrected date of
birth or verifies that it is correct. However, without also looking
for unusual patterns and following up, the edit may not be very
effective, other than to correct data entry errors or confirm older
students applying for aid.
Education is also in the process of implementing a new system called
Common Origination and Disbursement (COD) that is to be effective
beginning in April 2002. Education officials told us that this
integrated system will replace the separate systems Education has used
for Pell Grants and direct loans and other systems containing
information on student aid, and it will integrate with applicant data
in CPS. The focus of COD is to improve program and data integrity.
According to Education officials, they will be able to use COD to
identify schools with characteristics like those we identified.
However, until there is a mechanism in place to investigate schools
once unusual patterns are identified, Education will continue to be
vulnerable to the types of improper Pell Grant payments we identified
during our review.
Lack of Adequate Support to Determine Validity of Other Payments and
Effectiveness of Edit Checks:
We performed several additional tests of Education's disbursements to
identify potentially improper grant and loan payments that may not
have been detected because of missing or ineffective edit checks. In
addition to Pell Grant payments to students 70 years of age and older,
we identified $28.8 million of other potentially improper grant and
loan payments made by more than 1,800 schools to students who (1) were
much older or younger than would be expected, (2) had social security
numbers (SSN) that were either not in SSA's database or were in SSA's
death records, or (3) received Pell Grants in excess of statutory
limits. Based on supporting documentation provided to us by Education,
we determined that $20.3 million of these payments were proper.
Education did not, however, provide adequate supporting documentation
to enable us to determine the validity of $8.5 million of these
payments made by these schools. In addition, Education did not provide
adequate supporting documentation for us to determine the validity of
$3.5 million of Pell Grants disbursed to students 70 years of age and
older,[Footnote 16] for a total of $12 million of grant and loan
payments for which we could not determine the validity. Table 2 shows
the amounts of potentially improper grant and loan payments we
initially identified and the disposition of those amounts after we
reviewed supporting documentation. Although Education officials told
us they requested supporting documentation from the approximately
1,800 schools that disbursed these funds, over 1,000 schools did not
provide the documentation, and documentation provided by some of the
schools was inadequate for independent verification of the validity of
these payments.
Table 2: Amounts of Potentially Improper Payments Initially Identified
and Disposition of Those Amounts after Review of Supporting
Documentation:
Description: Pell Grants to students older than expected;
Potential improper payments initially identified: $7.8 million;
Payments determined to be proper: $0.9 million;
Inadequately supported payments: $3.5 million;
Improper payments: $3.4 million.
Description: Grant and loan payments identified in additional tests;
Potential improper payments initially identified: $28.8 million;
Payments determined to be proper: $20.3 million;
Inadequately supported payments: $8.5 million;
Improper payments: 0.
Description: Totals;
Potential improper payments initially identified: $36.6 million;
Payments determined to be proper: $21.2 million;
Inadequately supported payments: $12.0 million;
Improper payments: $3.4 million.
[End of table]
According to Education officials, if a school that did not provide
support or provided inadequate support had only a small number of
potential improper payments, the department did not follow up because
it did not consider doing so a wise use of its resources. We agree
that Education should weigh the costs of resources required to follow
up on potential improper payments with the benefits that could be
obtained when making such decisions. However, 20 of the schools that
did not provide support or provided inadequate support had from 20 to
138 instances of these potential improper payments totaling $1.5
million.[Footnote 17] Without following up with the schools that
exhibit such patterns, Education is missing an opportunity to identify
problem schools, including those that may be improperly disbursing
Pell Grant funds. Because of this, we reaffirm our previous
recommendation that Education design and implement a formal, routine
process to investigate unusual disbursement patterns identified by the
edit checks.
During our investigation of potentially improper transactions, we did
find that direct loans and Pell Grants provided to two students were
obtained fraudulently. The students, two brothers, submitted
counterfeit Social Security cards and fraudulent birth certificates
along with their applications for federal education aid. They received
almost $55,000 in direct loans and Pell Grants. We have referred them
to Education's OIG and SSA's OIG. The U.S. Attorney's Office is
considering prosecuting these individuals.
Erroneous Data Could Affect Loan Collections:
During our tests to determine the effectiveness of Education's edit
checks, we also found data errors, such as incorrect SSNs of
borrowers, in the Loan Origination System (LOS). Such errors could
negatively affect the collection of student loans because without
correct identifying information, Education may not be able to locate
and collect from borrowers when their loans become due. LOS processes
all loan origination data received from schools and contains
information on each loan and borrower. We reviewed data for more than
1,600 loans and determined that for almost 500 of these loans, the
borrowers' SSNs or dates of birth were incorrect in LOS. It is likely
that many of these errors occurred during the loan origination process.
As described earlier, when students apply for federal Education grants
and loans, the information from their applications goes into the
application processing system, CPS, which matches the student data
against several databases at other agencies, including SSA. If the SSA
match results indicate that the student's SSN or date of birth is
incorrect, the student is notified and asked to provide corrected
data, which is input in CPS. However, these corrections are not made
to data in LOS. Because Education's loan collection system relies on
data from LOS, Education's ability to locate borrowers who have
defaulted on their loans is negatively affected. The new COD system
discussed earlier may alleviate this situation because it will replace
separate systems, including LOS, and will interface with CPS. If this
system works as intended, then student data will be consistent among
all of the department's systems because it will automatically share
corrected data. However, until the new system is fully implemented,
errors in LOS could impede loan collection efforts.
Controls Over Third Party Draft Process Were Ineffective:
Significant internal control weaknesses over Education's process for
third party drafts, which were used to pay expenses totaling $55
million from May 1998 through September 2000, increased the
department's vulnerability to improper payments. In testing the third
party draft process, we found that (1) Education employees
circumvented a key computer system application control and (2) some
individuals could control the entire payment process because
accounting duties were not properly segregated. Because of these
weaknesses, we tested third party draft transactions and identified
potential improper payments, many of which remain unresolved because
Education was unable to provide us with adequate supporting
documentation. Education has since canceled its third party draft
program.
The circumvented computer system application control, which was
designed to avoid duplicate payments, was an edit in Education's
system indicating that an invoice number had already been entered into
the system. Internal control standards require agencies to have
adequate application controls such as automated edits that help ensure
that transactions completed through computerized applications are
valid, properly authorized, and completely and accurately processed
and reported. Our review of one of Education's procedures manuals
disclosed that the department had created a procedure that allowed
employees to circumvent this control. The manual instructed Education
employees to add a suffix to the invoice or voucher number when the
system indicated that a number had already been used. For example, if
invoice number 123 had already been entered into the system, an
employee could add the letter "a" to this invoice number and issue
another third party draft or other payment mechanism related to the
invoice. Education officials told us this procedure was implemented as
a way to allow users to issue replacement drafts in the event the
draft had to be reissued. However, it also significantly increased
Education's exposure to duplicate payments.
We also found that it was common practice for Education employees to
use multiple third party drafts to pay for purchases in excess of the
$10,000 limit imprinted on the blank drafts. Education officials told
us that they used multiple third party drafts to pay invoices greater
than $10,000 primarily as a matter of convenience. For example, when
it was necessary to research a transaction, Education officials told
us that it was more convenient to have their own check numbers and
copies of the checks on hand rather than having to review records of
payments from Treasury. This process of using multiple third party
drafts negated the control of limiting third party drafts to $10,000
and further exacerbated Education's vulnerability to making improper
payments.
Another weakness in the third party draft process was inadequate
segregation of duties; that is, some individuals could control the
entire payment process. Segregation of duties is one of the most
fundamental internal control concepts. To reduce the risk of fraud and
other improper payments, key duties and responsibilities associated
with the payment process need to be divided or segregated among
different people. This should include separating the responsibilities
for authorizing transactions, processing and recording them, reviewing
the transactions, and handling the related funds. We found that some
individuals at Education could control the entire payment process for
third party drafts. Forty-nine Education employees could request blank
checks. Further, 21 of these 49 individuals could also access the
system, generate a payment without prior obligation, print and sign
the check, and submit it to the payee. Education officials told us
this control was lacking because, as the department moved toward
decentralization and flexibility, the responsibility for monitoring
and enforcing the use of the third party drafts became inconsistent
from one organization to another. Because these individuals had the
capacity to control the entire payment process, the department was
vulnerable to the possibility that third party drafts could be used to
pay for personal expenses or other improper purchases.
One of the primary risks Education was exposed to because of these
internal control weaknesses was the risk of overpaying invoices. Based
on our tests of third party draft transactions, we identified 268
instances, totaling approximately $8.9 million, in which multiple
third party drafts were issued to the same payee with the same invoice
number or on the same day. We reviewed the available supporting
documents provided by Education for $7.2 million of these transactions
and found no instances of overpayments. However, Education officials
could not provide us with adequate supporting documentation to enable
us to assess the validity of the remaining $1.7 million of these third
party drafts. As a result, these remain potential improper payments.
Because of the risks we identified in the third party draft payment
process, and in response to a letter from the Chairman and Vice-
Chairman of the Subcommittee on Select Education, Education took
action in May 2001 to eliminate the use of third party drafts.
Poor Controls over Government Purchase Cards Resulted in Some
Fraudulent, Improper, and Questionable Purchases:
Education lacked fundamental internal controls over its purchase card
program that would have minimized the risk of improper purchases. We
found that Education's inconsistent and inadequate authorization and
review processes, combined with a lack of monitoring, created an
environment in which improper purchases could be made with little risk
of detection. Inadequate control over these expenditures, combined
with the inherent risk of fraud and abuse associated with purchase
cards, resulted in fraudulent, improper, and questionable purchases by
some Education employees. Recently, the department has made changes to
the way it administers its purchase card program to help reduce its
vulnerability in this area. However, because the department has not
effectively implemented its new policies, vulnerabilities remain.
Outdated Policies and Inconsistent Authorization and Review Created an
Environment Susceptible to Improper Purchases:
Treasury guidance for purchase cards states that agencies are
responsible for developing their own procedures for using purchase
cards, including approved uses of the cards and limitations on the
types of purchases and dollar amounts. During the time covered by our
review, Education's purchase card program was operating under policies
and procedures that were implemented in March 1990.[Footnote 18]
Education officials told us that since this policy was drafted, the
number of cards and frequency of their use expanded significantly.
Education's policy provided very limited guidance on what types of
purchases were appropriate. Although Education's policy required each
cardholder and approving official to receive training on their
respective responsibilities, we found several cardholders and at least
one approving official who were not trained. This lack of detailed and
timely policies and procedures, as well as the lack of training for
all cardholders and approving officials, resulted in a lax control
environment for this inherently risky program.
Internal control standards state that transactions should be
authorized and executed only by persons acting within the scope of
their authority to ensure that only valid transactions are entered
into. For purchase cards, specific procedures should include (1)
authorizing purchases, (2) monitoring monthly reports of card usage,
(3) blocking certain Merchant Category Codes (MCC) for vendors whose
business is unrelated to Education's mission, and (4) reviewing and
approving monthly purchase card statements. We found serious
deficiencies in each of these four areas that made the department
vulnerable to improper purchases.
Only 4 out of 14 offices within Education required cardholders to
obtain authorization prior to making some or all purchases, although
Education's policy required that all requests to purchase items over
$1,000 be made in writing to the applicable department Executive
Officer. We also found that approving officials did not use monitoring
reports that were available from Bank of America to identify unusual
or unauthorized purchases. For instance, if a cardholder used a
government purchase card to obtain a cash advance, which is prohibited
by Education's policies, the MCC for this type of vendor (a financial
institution) would appear on the report next to the cardholder's name.
Additionally, Bank of America can block specific MCCs to prohibit
certain types of transactions that are clearly not business related,
such as purchases from snowmobile or boat dealers. However, prior to
November 2001, Education only blocked four MCCs related to gambling
and obtaining cash advances. As discussed later in this section, the
department recently took action to block certain other MCCs. Education
officials told us that they had not used this control extensively
because the department relied on the approving official's review of
the cardholder's monthly purchase card statements to ensure that all
purchases made by employees were proper.
In order to test the effectiveness of the approving officials' review
of purchase card statements, we selected 5 months of cardholder
statements to review for certain attributes, including the approving
official's signature. We reviewed all 903 monthly statements that were
issued during these months, totaling about $4 million, and found that
338, or 37 percent, which totaled about $1.8 million, were not
approved by the appropriate authorizing official. The approval process
was also less effective because some approving officials were not in a
good position to know which purchases were appropriate. For example,
we identified an employee who, in addition to regular job duties, had
responsibility for reviewing the monthly purchases of 96 cardholders
located throughout the country. In these situations, the approving
official may not have had sufficient contact with cardholders to
understand their duties and the types of purchases they would
routinely make. Combined, the inconsistent review of purchases and the
ineffective review process created an environment where improper
purchases could be made with little risk of detection.
Some Education Employees Made Fraudulent, Improper, and Questionable
Purchases:
Because of the extensive internal control weaknesses related to the
department's purchase card program, we requested supporting
documentation for the 338 monthly statements totaling $1.8 million we
reviewed that were not properly approved, as well as for other
transactions that appeared unusual. However, Education was unable to
provide adequate supporting documentation to enable us to determine
the validity of purchases totaling over $218,000. In our review of the
available documentation, we identified some fraudulent, improper, and
questionable purchases.
We considered fraudulent purchases to be those that were unauthorized
and intended for personal use. Improper purchases included those for
government use that were not, or did not appear to be, for a purpose
permitted by law or regulation. We also identified as improper
purchases those made on the same day from the same vendor that
appeared to circumvent cardholder single purchase limits.[Footnote 19]
We defined questionable transactions as those that, while authorized,
were for items purchased at an excessive cost, for a questionable
government need, or both, as well as transactions for which Education
could not provide adequate supporting documentation to enable us to
determine whether the purchases were valid.
We found one instance in which a cardholder made several fraudulent
purchases from two Internet sites for pornographic services.
Notwithstanding the relatively small amount of money involved, the
name of at least one of the pornographic sites”-Slave Labor
Productions.com--should have caused suspicion when it appeared on the
employee's monthly credit card statement. To determine whether these
purchases were approved, we obtained the monthly statements containing
these charges. The statements contained handwritten notes next to the
pornography charges indicating that these were charges for
transparencies and other nondescript items. According to the approving
official, he was not aware of the cardholder's day-to-day
responsibilities and did not feel that he was in a position to review
the monthly statements properly. The approving official stated that
the primary focus of his review was to ensure there was enough money
available in that particular appropriation to pay the bill. As a
result of investigations related to these pornography purchases,
Education management issued a termination letter, prompting the
employee to resign.
We also identified purchases totaling $4,427 from a restaurant in San
Juan, Puerto Rico,[Footnote 20] that we determined to be improper.
These restaurant charges were incurred during a Year 2000 (Y2K) focus
group meeting, and included breakfasts and lunches for federal
employees and nonfederal guests. The Statement of Work for the focus
group notes that the travel expenses fell "under the invitational
travel statute (5 U.S.C. 5703)." Appropriated funds may not be used to
pay the costs of nonfederal individuals to attend meetings unless
otherwise specifically authorized by law.[Footnote 21] Such authority
exists in 5 U.S.C. 5703, which allows an agency to use invitational
travel to pay the costs of nonfederal individuals to attend meetings
if the attendees are providing direct services to the government.
Education, however, could not provide us with any evidence that the
nonfederal attendees provided direct services to the government. In
fact, the Statement of Work for the focus group states that the
purpose of the meeting was for attendees to "share their experiences
with the Y2K issue and to assure that the education community's
computers are compliant." Thus, rather than providing a direct service
to the federal government, it appears that the attendees were
receiving a benefit from the meeting. According to an Education
official, there were eight additional Y2K focus group meetings,
similar to the San Juan meeting, held in various cities throughout the
United States. This official estimated that the agency paid
approximately $45,000 in expenses for nonfederal individuals to attend
the nine meetings. We have referred this matter to Education's OIG.
We also found 28 improper purchases totaling $123,985 where Education
employees made multiple purchases from a vendor on the same day. These
purchases appear to violate the Federal Acquisition Regulation that
prohibits splitting purchases into more than one segment to circumvent
single purchase limits. For example, one cardholder purchased two
computers from the same vendor at essentially the same time. Because
the total cost of these computers exceeded the cardholder's $2,500
single purchase limit, the total of $4,184.90 was split into two
purchases of $2,092.45 each. In some instances, Education officials
sent memos to the offending cardholders reminding them of the
prohibition against split purchases.
We identified five additional instances, totaling about $17,000, in
which multiple purchases were made from a single vendor on the same
day. Although we were unable to determine whether these purchases were
improper, based on the available supporting documentation, these
transactions share similar characteristics with the 28 split
purchases. For example, one cardholder purchased two printers, costing
$1,711 each, from the same vendor on the same day. The combined cost
of these purchases, $3,422, exceeded the cardholder's $2,500 single
purchase limit. Education provided us with no explanation for why
these two items were purchased separately.
We identified questionable purchases totaling $286,894 where Education
employees paid for new office furniture and construction costs to
renovate office space that they were planning to vacate. Only a small
amount of furniture, including chairs for employees with special
needs, were moved to the new building when department employees
relocated.
Other purchases we questioned included numerous charges, totaling
$35,760 over several years, made by an Education employee for herself
and a coworker to attend college. Some of the classes the employees
took were apparently prerequisites to obtain a liberal arts degree,
but were unrelated to Education's mission. The classes included
biology, music, and theology, and represent $11,700 of the $35,760.
Because the Government Employees Training Act, 5 U.S.C. 4103 and 4107,
requires that training be related to an employee's job and prohibits
expenditures to obtain a college degree unless necessitated by
retention or recruitment needs, which was not the case here, we
consider these purchases improper. Moreover, most of the monthly
charge statements were not reviewed by anyone but the employee who
made the charges and received more than half of the financial benefit.
After we questioned the charges for these tuition expenses, Education
determined that the classes costing $11,700 were improperly charged.
As of December 2001, one of the employees had received a bachelor's
degree and left the department; no funds had been recovered from
either employee.
In addition, we identified as questionable purchases totaling more
than $218,000 for which Education provided us with no support or
inadequate support to assess the validity of these purchases. These
inadequately supported or unsupported purchases included charges to
various hotels for more than $3,000, purchases of computer equipment
and software totaling more than $22,000, and charges for various
college and other training courses totaling about $51,000. Numerous
other purchases were made from home electronics and appliance stores
as well as toy, book, and furniture stores. Education could not
provide any support for more than $152,000 of these purchases, nor
does the department know specifically what was purchased, why it was
purchased, or whether these purchases were appropriate. For the
remaining $66,000, Education was able to provide only limited
supporting documentation. As a result, we were unable to assess the
validity of these payments, and we consider these purchases to be
potentially improper.
Recent Changes to Purchase Card Program Have Helped Improve the
Overall Control Environment, but Vulnerabilities Remain:
Our interim report, issued in September 2001, described the poor
internal controls over Education's cash disbursement processes,
including purchase cards. In that report, we recommended that the
department:
* reiterate to all employees established policies regarding the
appropriate use of government purchase cards;
* strengthen the process of reviewing and approving purchase card
transactions, focusing on identifying split purchases and other
inappropriate transactions; and;
* expand the use of MCCs to block transactions with certain vendors.
Recently, Education has made some changes in the way it administers
its purchase card program in an effort to address these three
recommendations. For example, in December 2001, the department issued
new policies and procedures that, among other things, (1) establish
detailed responsibilities for the cardholder and the approving
official, (2) prohibit personal use of the card and split purchases to
circumvent the cardholder's single purchase limits, (3) require
approving officials to review the appropriateness of each individual
purchase, (4) establish mandatory training prior to receiving the card
and refresher training every 2 years, and (5) establish a quarterly
quality review of a sample of purchase card transactions to ensure
compliance with key aspects of the department's policy. If
appropriately implemented, these new policies and procedures are a
good step toward reducing Education's vulnerability to future improper
purchases.
Further, in July 2001, the department implemented a new process to
approve purchase card purchases. Instead of the approving official
signing a monthly statement indicating that all transactions are
proper, the approval is now done electronically for each individual
transaction. According to Education officials, most approving
officials and cardholders received training on this new process. In
order to assess the effectiveness of this new approval process, we
reviewed a statistical sample of the monthly statements of cardholders
for July, August, and September 2001. Purchases during these months
totaled $1,881,220. While we found evidence in the department's system
that all of the 87 statistically sampled monthly statements had been
reviewed by the cardholder's approving official, 20 of the statements
had inadequate or no support for items purchased, totaling $23,151.
[Footnote 22] Based on our work, we estimate[Footnote 23] the most
likely amount of unsupported or inadequately supported purchases
during these 3 months is $65,817. The effectiveness of the
department's new approval process has been minimized because approving
officials are not ensuring that adequate supporting documentation
exists for all purchases. In addition, these procedures do not address
the problem of an authorizing official who does not have personal
knowledge of the cardholder's daily activities and therefore is not in
a position to know what types of purchases are appropriate.
In response to our recommendation regarding the use of MCCs to block
transactions from certain vendors, in November 2001, the department
implemented blocks on purchases from a wide variety of merchants that
provide goods and services totally unrelated to the department's
mission, including veterinary services, boat and snowmobile dealers,
and cruise lines. In total, Education blocked more than 300 MCCs. By
blocking these codes, Education has made use of a key preventive
control to help reduce its exposure to future improper purchases.
Earlier in 2001, Education took action to improve internal controls
related to the use of government purchase cards by lowering the
maximum monthly spending limit to $30,000, lowering other cardholders'
single purchase and total monthly purchase limits, and revoking some
purchase cards. This action was in response to a letter from the
Subcommittee on Select Education dated April 19, 2001, which
highlighted our April 2001 testimony, in which we stated that some
individual cardholders had monthly purchase limits as high as
$300,000. These and the other steps described above have helped reduce
Education's exposure to improper purchase card activities. However,
more needs to be done to improve the approval function, which is key
to adequate control of these activities.
Poor Controls Contributed to Loss of Computer Equipment:
As part of following up on computer purchases made with third party
drafts and purchase cards, we assessed the controls over these
portable assets. We found that Education lacked adequate physical
controls over its computers, which contributed to 241 missing personal
computers and computer-related equipment with an acquisition cost of
about $261,500. After we completed our work in this area, we again
visited the office where most of the computer equipment was missing
because Education officials told us they had located some of the
missing inventory. Although Education officials stated they had
located 73 pieces of equipment, we were able to locate only 62 pieces
of the equipment with an acquisition value of about $49,800. Education
officials have been unable to locate the remaining 179 pieces of
missing computer equipment with an acquisition value of about
$211,700. This matter is currently under investigation by Education's
OIG.
From May 1998 through September 2000, the period covered by our audit,
Education made purchases totaling more than $2.9 million from personal
computer and other computer-related equipment vendors using purchase
cards and third party drafts”a violation of Education's policy, which
prohibited the use of purchase cards for this purpose. These purchases
included personal computers, scanners, color printers, software, and
other computer accessories.
According to Education, during this period, the department's computer
purchases were decentralized so that individual principal offices were
able to purchase the types of equipment from any vendors they chose.
This provided considerable flexibility and rapid acquisition of
equipment, but had several drawbacks. For example, unnecessary,
duplicate orders were placed even within the same offices. Further,
equipment that could not be supported by Education's networked
environment was ordered. Other equipment was ordered and then left in
closets only to be found sometimes a year later, when it was no longer
needed. As a result of this decentralized ordering, virtually no
volume discounts could be used because of the small amounts of
equipment being purchased at any given time. According to the
Education Inspector General, the department had not taken a
comprehensive physical inventory for at least 2 years prior to October
2000, thus compounding the lack of accountability over this equipment.
Education staff members who were involved with ordering and receiving
this equipment described a process that included significant
breakdowns in basic internal controls. Internal control standards
state that key duties and responsibilities need to be divided or
segregated among different people to reduce the risk of error or
fraud. In the office where most of the missing equipment was
purchased, two individuals had interchangeable responsibility for
receiving more than $120,000 of computer equipment purchased by a
single cardholder, from one particular vendor. In addition, these two
individuals also had responsibility for bar coding the equipment,
securing the equipment in a temporary storage area, and delivering the
computers to the users.[Footnote 24] Furthermore, one of these two
individuals was responsible for providing information on computer
purchases to the person who entered the data into the department's
asset management system. According to the cardholder who purchased the
equipment, they did not routinely compare the purchase request with
the receiving documents from the shipping company to ensure that all
items purchased were received. In addition, our review of records
obtained from the computer vendor from which Education made the
largest number of purchase card and third party draft purchases showed
that less than half of the $614,725 worth of computers had been
properly entered in the department's property records. Combined, these
weaknesses created an environment in which computer equipment could be
easily lost or stolen without detection.
In order to identify computers that were purchased with purchase cards
and third party drafts that were not included in the department's
asset management system, we obtained the serial numbers of all pieces
of computer equipment purchased from the largest computer vendor the
department used.[Footnote 25] We compared these serial numbers to
those in the department's asset management system and found that 384
pieces of equipment, totaling $399,900, appeared to be missing,
including desktop computers, scanners, and printers. We conducted an
unannounced inventory to determine whether these computers were
actually missing or were inadvertently omitted from the property
records. We located 143 pieces of equipment[Footnote 26] that were not
on the property records, valued at about $138,400, and determined that
241 pieces, valued at about $261,500, were missing. Education's
Inspector General is in the process of investigating the disappearance
of these vulnerable assets.
After we completed our work in this area, we again visited the office
where most of the computer equipment was missing because Education
officials told us they had located some of the missing inventory.
Officials in this office told us they hired a contractor to keep track
of their computers when moving to their new space.[Footnote 27]
According to the officials, as part of its work, the contractor
recorded the serial numbers of all computers moved and identified 86
of the 241 pieces of computer equipment that we were unable to locate
during our unannounced inventory in September 2001. However, when
Education staff and officials tried to locate this equipment, they
were only able to find 73 of the 86 pieces of equipment. When we
visited the department, we located only 62 pieces of equipment with an
acquisition value of about $49,800. Education officials have been
unable to locate the remaining 179 pieces of missing computer
equipment with an acquisition value of about $211,700. They surmised
that some of these items may have been surplused; however, there is no
paperwork to determine whether this assertion is valid.
According to Education officials, new policies have been implemented
that do not allow individual offices to purchase computer equipment
without the consent of the OCIO. However, during our previously
mentioned review of a statistical sample of purchase card transactions
made from July 2001 through September 2001, we found three
transactions totaling $2,231 for the purchase of computer equipment
without any supporting documentation from the OCIO. Based on these
results, the new policies are not being effectively implemented. This
is another indication that the new purchase card approval function is
not operating as an effective deterrent to improper purchases.
Further, we found mixed results in a walk-through of the new computer
ordering and receiving processes in the office where most of the
missing equipment was purchased. These new policies are designed to
maintain control over the procurement of computers and related
equipment and include:
* purchasing computers from preferred vendors that apply the
department's inventory bar code label and record the serial number of
each computer on a computer disk that is sent directly to the
Education official in charge of the property records;
* loading the computer disk containing the bar code, serial number,
and description of the computer into the property records; and;
* having an employee verify that the computers received from the
vendor match the serial numbers and bar codes on the shipping
documents and the approved purchase order.
However, a continued lack of adequate physical control negates the
effectiveness of these new procedures. For example, the doors to the
two rooms used to store computer equipment waiting to be installed
were both unlocked and unattended. The receptionist at the mail
counter next to the first storage room we visited told us that he had
the door open to regulate the room temperature. The Education official
responsible for this process stated that he did not know that mailroom
personnel had access to this room. Furthermore, he stated that he does
not have a key to either storage room. Also, during our second search
for this equipment, we visited four rooms where some of the computers
were stored and found them all to be unsecured. This lack of physical
security was pointed out to the department nearly 7 weeks earlier when
we first found some of its temporary computer storage rooms unsecured.
The department's new written procedures state that security guards in
the Washington, D.C., facilities should inspect all bags, cases, and
boxes leaving the buildings to determine if they contain computer
equipment, and require property passes for all equipment removed from
the building. However, Education officials acknowledged that the
primary focus of the building security is people and packages entering
the building. Education officials told us that individuals could
likely leave the building with equipment without being questioned by
security. Without enhanced physical security, Education will continue
to be at risk to further computer equipment losses.
Conclusions:
The problems we found in grant and loan payments, purchase card use,
and physical controls over computer equipment leave Education
vulnerable to fraudulent or otherwise improper payments, questionable
purchases, and loss or theft of assets. While Education has taken
steps to develop new policies and procedures to address these
problems, in many cases they are not being effectively implemented.
Vulnerabilities remain in all areas we reviewed, except for third
party drafts, which have been discontinued. Until Education takes
further action to strengthen its internal controls over Pell Grants,
purchase cards, and computer equipment, it will continue to be
susceptible to fraud, waste, abuse, and mismanagement in these areas.
Recommendations for Executive Action:
To strengthen its internal controls over Pell Grants and loans,
purchase cards, and computer equipment and to reduce Education's
vulnerability to improper payments and lost assets, we recommend that
the Secretary of Education take the following actions.
In the area of Pell Grants and loans, we recommend that the Secretary
direct the Chief Operating Officer of student financial assistance
programs to:
* conduct on-site investigations, including interviews of school
personnel and students, at the 28 schools with characteristics similar
to those we found that improperly disbursed Pell Grants to determine
whether the grants were properly disbursed;
* follow up with the schools that had high concentrations of the $12
million in potential improper payments for which the department did
not provide adequate supporting documentation; and;
* implement a process to verify borrowers' SSNs and dates of birth
submitted by schools to LOS.
In the third party drafts area, we recommend that the Secretary direct
the Chief Financial Officer to follow up on the $1.7 million of third
party draft payments for which the department did not provide adequate
supporting documentation for us to use to determine their validity.
For purchase cards, we recommend that the Secretary direct the Chief
Financial Officer to:
* implement an effective review and approval process that ensures all
approving officials (1) conduct a thorough review of all purchases
made, including the review of all supporting documentation, (2) are
knowledgeable of the cardholders' daily responsibilities and therefore
can effectively assess the appropriateness of each purchase, (3) are
not reviewing a large volume of purchase card statements each month,
and (4) are appropriately trained on how to perform their approving
official responsibilities;
* perform periodic tests of this new approval process and, where
necessary, take action to ensure that approving officials comply with
it;
* take action to recover questioned tuition costs from the two
employees; and;
* follow up on the $218,000 of purchases for which the department did
not provide adequate supporting documentation for us to use to
determine the validity, to determine whether the purchases were proper.
Regarding computer equipment, we recommend that the Secretary direct
the Director, Office of Management, to:
* conduct routine inventories of computer equipment, including
reconciling computer purchases with property records;
* enhance physical security over the computer storage rooms;
* provide access to computer storage rooms only to authorized
individuals;
* ensure that security personnel in the Washington, D.C., facilities
inspect all bags, cases, and boxes leaving the buildings to determine
if they contain computer equipment and that property passes accompany
all equipment removed from the buildings; and;
* establish appropriate monitoring procedures to ensure that security
personnel are actually inspecting items being removed from the
buildings.
Agency Comments and Our Evaluation:
In written comments on a draft of this report, which are reprinted in
appendix DI, the Deputy Secretary generally agreed with our findings
and recommendations and stated that Education has made great strides
to improve its internal controls and manage its payment processes to
prevent and detect erroneous payments, and it is developing a formal
corrective action plan to address each of our recommendations.
Regarding grants and loans, the Deputy Secretary stated that, while
there is room for improvement in Education's systems and processes, he
believes the department's current controls are strong and provide
reasonable assurance that its objectives can be met. He pointed out
that the $3.4 million in Pell Grants we identified that was disbursed
by four schools to ineligible students was less than five thousandths
of a percent of the total disbursements we reviewed. We agree that the
fraudulent and improper grant and loan payments we identified are a
very small percentage of the total grants and loans disbursed every
year. However, as we stated in our report, these improper payments
represent an identified control risk that could easily be exploited to
a greater extent. Although the Deputy Secretary stated that
Education's controls were strong, he presented steps that the
department is taking to strengthen the integrity of these payment
processes. For example, he stated that, as an interim process, the
department analyzed student data to identify high concentrations of
students over 65 and eligible noncitizens at a single institution to
determine if problems exist in the ESL programs that warrant further
review. Also, he stated that, before we started our review, Education
had already begun a matching process with SSA's death records.
Further, as a result of our review, the Deputy Secretary stated that
Education will implement an edit to identify all applicants whose
dates of birth indicate they are 75 years of age or older beginning
with the upcoming school year. He stated that the department is
analyzing its data more systematically to establish baselines and
indicators to focus its resources more effectively, and as we noted,
the new COD system will assist Education in identifying unusual
activity. We are encouraged by these actions, which, if properly
implemented, should help improve internal controls over these
vulnerable payments.
With regards to our findings related to third party drafts, the Deputy
Secretary stated that the department will refer the third party draft
payments, for which we were unable to determine the validity, to the
OIG for further investigation.
In the purchase card area, the Deputy Secretary stated that Education
issued an updated directive in January 2002, which strengthens the
department's policies and practices regarding appropriate use of the
purchase card and has trained cardholders and approving officials on
these policies and procedures. According to the Deputy Secretary, the
directive provides detailed instructions on cardholder and approving
official responsibilities for reviewing and approving purchase card
transactions. He stated the department will also provide monthly
management reports containing information on purchase card
transactions to each principal office for review and that the ()CFO
will conduct quarterly internal control reviews and quality reviews of
random sample purchase card transactions. This is an important action
to determine whether cardholders and approving officials are following
the directive and whether this training has effectively reduced
unauthorized and improper purchases. The Deputy Secretary also stated
that the department has blocked more than 300 MCCs, including those
for wire transfer money orders, airline and car rentals, and banks.
Regarding the improper charges for college tuition that we identified,
the Deputy Secretary stated the department will follow established
debt collection procedures to recover the questioned costs.
To help it better account for its computer equipment, the Deputy
Secretary stated that Education is developing a single comprehensive
system that covers accountable assets from purchase to disposition.
The Deputy Secretary also stated that the department hired contractors
to perform an independent physical inventory, and upon completion, was
able to locate 93 percent of the items sampled. The Deputy Secretary
pointed out Education is in the process of documenting detailed
property management procedures and centralizing the property
management responsibility with its Office of Management. He also
stated that, while the department has taken steps to enhance physical
security over allocation, storage, and transit of equipment, and to
ensure that only authorized individuals have access to storage areas,
it will continue to work to improve in this area. We are encouraged by
the department's efforts to account for and secure its computers. At
the same time, based on our most recent search for missing computers,
significant vulnerabilities remain unresolved. We urge the department
to immediately focus on providing adequate physical security over
these vulnerable assets.
Overall, the actions the department has taken and plans to take to
improve its controls over grant and loan payments, purchase card
transactions, and computer and related equipment are encouraging and
represent a positive tone at the top of the organization to improve
internal control. As the department has recognized, it must
continually review its processes to ensure that the improved controls
are sustained and, therefore, will help to reduce the department's
vulnerability to fraudulent and improper payments and lost assets and
improve its financial management overall.
As we arranged with your offices, unless you publicly announce its
contents earlier, we plan no further distribution of this report until
30 days from its date. At that time, we will send copies to the
Ranking Minority Member of the Subcommittee on Select Education, House
Committee on Education and the Workforce; the Secretary of Education;
and other interested parties. We will make copies available to others
upon request.
Please contact me at (202) 512-9508 or by e-mail at calboml@gao.gov if
you or your staff have any questions concerning this report. An
additional GAO contact and staff acknowledgments are provided in
appendix IV.
Signed by:
Linda M. Calbom:
Director, Financial Management and Assurance:
Appendix I: Description of Grant and Loan Programs Reviewed:
The Department of Education disburses billions of dollars each year to
recipients for various grant and loan programs. The programs we
reviewed include formula grants, Pell Grants, discretionary grants,
direct loans, campus-based programs, and Impact Aid. Recipients
include schools, state agencies, organizations, and individuals. Table
3 provides descriptions of the grant and loan programs we reviewed and
the amounts disbursed for these programs during the period of our
review.
Table 3: Description of Programs and Amounts Disbursed:
Program: Formula grants;
Description: Grants to state education agencies based on populations
of certain groups and per capita income;
Amount disbursed, May 1998 through September 2000: $90.5 billion.
Program: Direct loan program;
Description: Includes Direct Subsidized and Unsubsidized Stafford/Ford
Loans, Direct Parent Loans for Undergraduate Students, and Direct
Consolidated Loans;
Amount disbursed, May 1998 through September 2000: $57.2 billion.
Program: Pell Grants;
Description: Grants based on financial need to undergraduate students
who have not earned bachelor's or professional degrees;
Amount disbursed, May 1998 through September 2000: $17.1 billion.
Program: Discretionary grants;
Description: Grants awarded through a competitive process for programs
established by Congress through authorizing legislation;
Amount disbursed, May 1998 through September 2000: $10.7 billion.
Program: Campus-based programs;
Description: Financial assistance for students pursuing education
beyond high school. Includes Federal Perkins Loan program (low-
interest loans), Federal Work-Study Program, and Federal Supplemental
Education Opportunity Grant Program.
Amount disbursed, May 1998 through September 2000: $3.6.
[End of table]
[End of section]
Appendix II: Objectives, Scope, and Methodology:
The objectives of our review were to assess internal controls in place
during the period from May 1998 through September 2000 and to identify
any fraudulent or otherwise improper payments that may have resulted
from control weaknesses in Education's processes for (1) disbursing
grants and loans, (2) paying for purchases with third party drafts,
and (3) using government purchase cards. In addition, our objective
was to assess Education's physical controls over its computer
equipment during the period from May 1998 to September 2000 and
identify any effects of weak controls. Further, at the subcommittee's
request, we assessed the effectiveness of recent changes to
Education's process for purchase card purchases, which took effect in
July 2001 following our testimony before the subcommittee.
To obtain an understanding of the payment processes, identify related
controls, and assess the effectiveness of their design, we interviewed
staff members and officials in Education's ()CFO and program offices;
performed walk-throughs of the payment processes; reviewed Education's
policies and procedures; reviewed previous reports we prepared, as
well as reports issued by Education's OIG and independent auditors;
and identified vulnerabilities in the payment processes. To identify
potential improper payments, we requested and obtained disbursement
and related data from Education and various external sources,
including SSA, Rocky Mountain Bank, and Bank of America.
Education provided us with computer-generated records on more than 19
million disbursements totaling over $181 billion, made from May 1998
through September 2000 from the following systems:
* Grant Administration and Payment System (GAPS),
* Pell Grant Recipient Financial Management System (RFMS),[Footnote 28]
* Loan Origination System (LOS),
* National Student Loan Data System,
* Impact Aid system,
* Campus-based program system,
* Postsecondary Education Participants System, and,
* Financial Management System Software (FMSS).
Because of the large volume of data involved (millions of records),
and the fact that we initially received some data in an unusable
format, our testing extended to only selected portions of the data for
certain systems. The majority of our tests were focused on data
received from the GAPS, RFMS, LOS, and FMSS systems.
In order to identify unusual grant and loan transactions that may have
been improper payments, we searched databases, compared files,
identified unusual transactions and patterns, and performed other
detailed analyses to identify:
SSNs of grant and loan recipients that were either invalid or in SSA's
death records,
* grant and loan recipients who were much older or younger than would
be expected,
* individual SSNs associated with more than one name or date of birth,
* grants disbursed to individuals in excess of statutory limits,
* loan disbursements with no recorded loan number in the system,
* payments for grants and loans to schools that were either closed or
ineligible for federal education funds,
* payment transactions that were returned by the Federal Reserve Bank
(FRB),
* payment transactions that did not have FRB confirmation schedule
numbers,
* transactions that were posted on weekends,
* grantees with invalid grantee ID numbers or multiple ID numbers,
* Education employees who may have received grant funds, and;
* disbursement records that did not contain required information such
as a grant award number.
To assist in our analysis and identification of improper payments, we
contracted with forensic and information risk management experts.
For those grant and loan payments that our tests indicated were
potentially improper, we requested from Education documentation
supporting their validity. After analyzing the documentation we
received, we did the following.
* For those recipients identified as being older or younger than
expected, we looked for proof of age generated by a source other than
the school or the department, such as a birth certificate, driver's
license, or some other government-issued identification showing the
recipient's name and date of birth. For Pell Grants, if the support
confirmed that the recipient was older or younger than would be
expected, we looked for proof of enrollment in an eligible program.
* For those recipients we identified whose SSN was either invalid or
in SSA's death records, we looked for proof of the recipient's SSN,
such as a birth certificate, driver's license, social security card,
or other government-issued ID that showed the recipient's name and
SSN. If the support confirmed the accuracy of the recipient's SSN, we
reviewed transcripts, if available, to show the recipient's dates of
enrollment or additional support that was not generated by the school
indicating the recipient's date of death for those students who died
while they were receiving aid.
* For those recipients who received grants in excess of the statutory
limit, we looked for financial aid disbursement information from each
institution the student attended during the award year showing the
amounts disbursed and the dates on which the money was disbursed. We
also looked for documentation showing repayment information, if
applicable, or documentation demonstrating why repayment was not
required for the recipient.
* For direct loan recipients, we reviewed information on loan payment
status.
* For the schools that Education's system showed to be either closed
or ineligible to receive federal student financial aid, we reviewed
documentation such as audit reports and disbursement information for
these schools.
Separately, for the four schools we investigated that we identified as
disbursing Pell Grants to disproportionately high numbers of older
students, we (1) interviewed Pell Grant recipients, school officials,
and Education officials and (2) reviewed documents from the
recipients, the schools, and Education.
For third party drafts, we requested and obtained data from the third
party draft systems administrator consisting of drafts that had been
reconciled with downloaded information from Gelco[Footnote 29] and
matched with data in FMSS. We used these data to test for third party
drafts that had been used to pay for split purchases greater than
$10,000. We also reviewed data provided by the third party draft
systems administrator to identify unusual payees. Upon identifying
payees that we thought would not normally be engaged in business with
Education, we requested supporting documentation, such as purchase
orders, invoices, and receipts, to determine the propriety of the
purchases.
For government purchase cards, we requested data on transactions from
November 1998 through September 2000. Based on these data, we
performed tests to identify the following types of potential improper
purchase card transactions:
* unauthorized statements, such as purchases that were not properly
reviewed by an approving official;
* split purchases for which Education employees either split
transactions or made multiple transactions to the same vendor on the
same day to circumvent their single purchase limit;
* purchases from questionable vendors; and;
* purchases by Education employees on weekends or holidays.
To assess Education's controls over computer equipment, we obtained
(1) invoices from the computer vendor with the largest volume of
purchase card purchases and (2) information from Education's asset
management system. Using information on the invoices, including the
serial numbers of the computer equipment purchased, we identified
computer equipment that was purchased but not included in the asset
management system. We then conducted an unannounced physical inventory
of the computer equipment purchases that were not found in Education's
asset management system.
To assess the effectiveness of recent changes to Education's process
for purchase card purchases, we requested monthly statements and
invoices for purchases made during July, August, and September 2001.
We reviewed a statistical sample of the monthly statements to
determine whether approvals were done in accordance with the new
policy. In addition, to identify any computer equipment that may have
been purchased without the involvement of the OCIO and to determine
whether purchases were sufficiently supported, we reviewed supporting
documentation for each transaction in the statistical sample of
monthly statements.
While we identified some fraudulent and improper payments, our work
was not designed to identify all fraudulent or otherwise improper
payments. We performed our work from August 2000 through February 2002
in accordance with generally accepted government auditing standards, as
well as with investigative standards established by the President's
Council on Integrity and Efficiency. We requested comments on a draft
of this report from the Secretary of Education or his designee.
Written comments were received from the Deputy Secretary and are
reprinted in appendix III.
[End of section]
Appendix III: Comments from the Department of Education:
United States Department Of Education:
The Deputy Secretary:
400 Maryland Ave., S.W.
Washington, D.C. 20202-0500:
[hyperlink, http://www.ed.gov]
Our mission is to ensure equal access to education and to promote
educational excellence throughout the Nation.
February 28, 2002:
Ms. Linda M. Calbom:
Director:
Financial Management and Assurance:
General Accounting Office:
Washington, DC 20548:
Dear Ms. Calbom:
Thank you for the opportunity to respond to the General Accounting
Office (GAO) draft report, "Education Financial Management: Weak
Internal Controls Led to Instances of Fraud and Other Improper
Payments" (GAO-02-406). We believe that the Department of Education
has made great strides to improve our internal controls, and to manage
our payment processes to prevent and detect erroneous payments.
Outlined below are actions underway to address GAO's recommendations.
We are developing a formal Corrective Action Plan to address each of
GAO's recommendations.
SFA Grants and Loans:
On Pell Grants and Direct Loans, GAO referred 28 schools to the
Department for further review due to abnormal disbursement patterns.
Nineteen of these schools disbursed $573,000 to students who were 70
years of age and older and whose course of study was mainly English as
a Second Language (ESL). The remaining nine schools had "similar
disbursement patterns." We agree with GAO's concern that disbursements
made to students aged 70 and over may be an indicator of potential
ineligible disbursements when there is a higher than normal
concentration of such disbursements.
However, in analyzing the complete disbursement data for these 28
schools, we have found that only four of the 28 schools had
concentrations of older students that exceeded a normal range.
However, as an interim process to address this sensitive issue, we
analyzed National Student Loan Data System (NSLDS) data to identify
high concentrations of students over 65 and eligible non-citizens at a
single institution to determine if problems with the ESL program
existed. We determined what the norm is for concentrations of such
students and have begun to determine what constitutes "abnormal"
concentrations, which warrant further review. With GAO and the OIG's
assistance, we will refine our methodology for analyzing this
information and conducting reviews at institutions. If staff suspect
any cases of fraud and abuse, we will refer those cases to the Office
of the Inspector General. We will continue to use NSLDS data to find
unusual disbursement patterns until we can use our Common Origination
and Disbursement (COD) system to provide such analysis. (See
discussion on COD below.)
GAO's fraud findings state that four schools disbursed approximately
$3.4 million in Pell Grants to ineligible students. We feel it is
important to point out that GAO reviewed SFA loan and grant
disbursements totaling $77.9 billion at thousands of schools. The
fraud was concentrated at four schools and represents less than five
thousandths of a percent (.0044%) of the SFA disbursements reviewed.
While there is still room for improvement in our systems and
processes, we believe that our current controls are already very
strong, and provide us with reasonable assurance that our objectives
are met. As your report noted in Table 2, GAO's initial testing
identified $36.6 million as potentially improper. This is about two-
hundredths of one-percent of the entire grant and loan transactions
that GAO tested. Further, almost 58% of that amount, $21.2 million,
was later determined to be proper. With respect to the $12 million GAO
considers unsupported, SFA did not have sufficient time to collect the
supporting documentation from such a large number of schools before
the GAO submission deadline.
We have taken several steps to strengthen the integrity of these
payments. In fact, some of this work had begun before the GAO audit.
For example, we began a matching process with the Social Security
Administration's death records, and we implemented our new Recipient
Financial Management System, increasing controls over grant payments.
In addition, as a result of this review, we will implement an edit to
identify all applicants whose date of birth indicates they are 75
years of age or older beginning in 2002-03. In such cases, the
applicant must verify his or her date of birth before his or her Free
Application for Federal Student Aid (FAFSA) is processed completely.
Funds cannot be disbursed to an applicant until a FAFSA is completely
processed by our Central Processing System and an estimated family
contribution is calculated. In December 2001, we also implemented a
new process to identify and review schools with abnormal
concentrations of students with unique characteristics (such as age).
We continue to work toward strengthening our controls further. We are
analyzing our data in a more systematic manner to establish baselines
and indicators to focus our resources more effectively and, as your
report noted, we will implement a new COD system that will assist us
in identifying unusual activity. COD will also assure that borrowers'
SSNs and dates of birth submitted by schools to the Department for the
loan programs are verified.
Third Party Drafts:
The Department abolished the use of third party drafts in May 2001.
The $1 7 million in unresolved items where adequate supporting
documentation was not provided will be referred to our Office of
Inspector General (OIG) for further investigation.
Purchase Cards:
On January 23, 2002, the Department issued an updated Administrative
Communication System Directive on Purchase Cards. The revised
Directive strengthens the Department's policies and practices
regarding appropriate use of the purchase card. Since January 2001,
the Office of the Chief Financial Officer (OCFO) has trained the
Department's cardholders and approving officials on purchase card
policies and procedures. ()CFO provided copies of the Directive to all
cardholders, approving officials, executive officers, and supervisors
with a self-test to emphasize key policy changes OCFO continues to
answer questions and provides on-going support to cardholders and
other relevant participants, as the Agency program coordinator and as
the procurement resource for the Department. In addition, an on-line
site is now available for cardholders to take a self-administered
test, to help them determine any points of weakness in their knowledge.
Additionally, the revised Directive and Department procedures provide
detailed instructions on cardholder and approving official
responsibilities for reviewing and approving purchase card
transactions. With the new EDCAPS electronic reconciliation and
payment approval process, the cardholder is required to provide
reports to the approving official documenting the cardholder's
transaction activity for the billing period. This is in addition to
the hard copy receipts submitted for the approving official's review.
Further, OCFO distributes monthly management reports to each principal
office to review their cardholder purchase card transaction activity.
As the Department program coordinator, OCFO will conduct internal
control reviews and quality reviews of random sample purchase card
transactions on a quarterly basis to: a) ensure that purchases above
the micro-purchase threshold of $2,500 are only being made by
warranted officials, b) review the appropriateness of purchases,
including determining that individual purchases are appropriate, that
the goods and services were properly received and accepted, that
payment was proper through the review of merchant category codes
(MCC), and by examining the record, c) ensure appropriate separation
of duties between the cardholder and the approving official, and d)
ensure that requirements are not split into more than a single
purchase to circumvent procurement rules that apply to purchases
exceeding the micro-purchase threshold or to circumvent purchase card
limits.
The Department has blocked more than 300 MCCs. Examples of merchant
categories include: wire transfer money orders, veterinary services,
airlines and car rentals, taxis and limousines, airline carriers, and
banks As discussed, OCFO will utilize MCC data to identify potential
transactions subject to restrictions when using the purchase card, or
to identify additional MCCs that may track to improper purchases.
With regard to the unauthorized payment of tuition with a purchase
card, the Department will follow established debt collection
procedures to recover the questioned costs. The Department also will
follow up on the $218,000 in questionable purchases to determine
validity and propriety. In addition, the Department will continue to
work on improving our ability to readily obtain supporting
documentation. Our newly published Directive on purchase card use
highlights this effort.
Computer Equipment:
The Department is developing a single comprehensive system that covers
accountable assets from purchase to disposition. Assets will be
tracked and managed by a single dedicated group. We have completed a
physical inventory of our accountable asset inventory. This property
consisted of the following: office machines; computers, including mini-
computers, and personal computers; computer peripheral equipment;
communications equipment; and Personal Digital Assistants. The
Department hired KPMG and American Appraisal to perform an independent
physical inventory. KPMG completed a physical inventory on a sample of
819 items (out of a total 31,304 assets) representing 25 separate
locations. KPMG's initial efforts located 58% of the items. Based on
past experience of American Appraisal, between 40% and 60% of items
are usually located while doing this type of verification. Upon
completion of the initial verification, the Department performed its
own inventory verification and also referred the results to American
Appraisal. At the end of these three reviews, 93%, or all but five of
the items, were located.
The Department has come a long way in properly accounting for its
physical assets. We are in the process of documenting detailed
property management procedures and centralizing the property
management responsibility within our Office of Management. In
addition, KPMG was able to provide the Department with some valuable
recommendations to improve our processes and procedures, and the
Department expects to have these recommendations implemented by June
2002.
While we have taken steps to enhance physical security over
allocation, storage and transit of equipment, and to ensure that only
authorized individuals have access to storage areas, we will continue
to work to improve in this area. We have strengthened guard security
at our facilities to add additional oversight at the building level,
and we are currently conducting a nationwide and comprehensive
physical security assessment of all space where assets are housed.
Thank you again for the opportunity to comment on your proposed
report. We will use what we have learned during this audit to continue
to improve our financial management processes.
Sincerely,
Signed by:
William D. Hansen:
[End of section]
Appendix IV: GAO Contact and Staff Acknowledgments:
GAO Contact:
Dan Blair, (202) 512-9401:
Acknowledgments:
In addition to the contact named above, Lisa Crye, Anh Dang, Bonnie
Derby, David Engstrom, Bill Hamel, Jeff Jacobson, Kelly Lehr, Sharon
Loftin, Bridgette Lennon, Bonnie McEwan, Diane Morris, Andy O'Connell,
Russell Rowe, Brooke Whittaker, and Doris Yanger made key
contributions to this report.
[End of section]
Footnotes:
[1] U.S. General Accounting Office, Major Management Challenges and
Program Risks: Department of Education, [hyperlink,
http://www.gao.gov/products/GAO-01-245] (Washington, D.C.: January 1,
2001), and High-Risk Series: An Update, GAO-01-263 (Washington, D.C.:
January 1, 2001).
[2] Third party drafts are check-like instruments drawn on and paid by
a financial institution or outside contractor.
[3] U.S. General Accounting Office, Financial Management: Internal
Control Weaknesses Leave Department of Education Vulnerable to
Improper Payments, [hyperlink,
http://www.gao.gov/products/GAO-01-585T] (Washington, D.C.: April 3,
2001), and Financial Management: Poor Internal Control Exposes
Department of Education to Improper Payments, [hyperlink,
http://www.gao.gov/products/GAO-01-997T] (Washington, D.C.: July 24,
2001).
[4] In this report, when discussing Pell Grants and loans, we use the
term "schools" to refer to postsecondary institutions, including
colleges and universities, proprietary (for-profit) institutions, and
vocational schools.
[5] Computer application controls are directly related to specific
computer programs. They help ensure that transactions are valid,
properly authorized, and completely and accurately processed and
reported.
[6] As discussed later in this report, the limits were reduced
following our April 2001 testimony before the Subcommittee on Select
Education, House Committee on Education and the Workforce.
[7] U.S. General Accounting Office, Internal Control: Standards for
Internal Control in the Federal Government, [hyperlink,
http://www.gao.gov/products/GAO/AIMD-00-21.3.1] (Washington, D.C.:
November 1999).
[8] Because Education's Pell Grant data are maintained by school year,
the time frames for the Pell Grant disbursements we reviewed were for
school years 1997-1998, 1998-1999, and 1999-2000.
[9] As discussed later in this section, we referred 3 of these 31
schools to Education's OIG and the remaining 28 schools to Education's
Student Financial Assistance office.
[10] A Pell Grant is a form of financial aid that is awarded to
undergraduate students who have not earned bachelor's or professional
degrees, and who are enrolled in degree or certificate programs.
[11] U.S. General Accounting Office, Student Financial Aid Programs:
Pell Grant Program Abuse, [hyperlink,
http://www.gao.gov/products/GAO/T-OSI-94-8] (Washington, D.C.: October
27, 1993).
[12] The total amount of Pell Grants disbursed by the 707 schools
increased to $7.8 million when we expanded our review.
[13] Investigations at 2 of these schools were done in coordination
with Education's OIG.
[14] Under federal regulations, a Pell Grant can be obtained to study
ESL but only if the student needs ESL to use existing knowledge,
training, or skills, and if the student studies ESL as part of a
degree program.
[15] U.S. General Accounting Office, Financial Management: Poor
Internal Controls Expose Department of Education to Improper Payments,
[hyperlink, http://www.gao.gov/products/GAO-01-1151] (Washington,
D.C.: September 9, 2001).
[16] The $3.5 million includes the $1,120,000 of Pell Grant
disbursements made by the 28 schools we previously discussed that we
referred to Education for follow-up.
[17] These 20 schools include the 9 schools that did not provide
support for the $547,000 of Pell Grant disbursements that we discussed
above.
[18] In December 2001, Education updated its purchase card policies
and procedures.
[19] The Federal Acquisition Regulation prohibits splitting purchase
card transactions into more than one segment to avoid the requirement
to obtain competitive bids on purchases over the $2,500 micro-purchase
threshold or to circumvent higher single purchase limits.
[20] The Department of Education has a regional satellite office in
Puerto Rico.
[21] 31 U.S.C. 1345.
[22] Subsequent to the completion of our work in this area, the
department provided us with a copy of an invoice it had obtained to
support one of the charges for training costing $525. According to
Education officials, because the vendor does not routinely generate
invoices for the training courses it provides, this invoice was not
available at the time of our review. The approving official stated
that she approved the charge based on a certificate of completion for
the training course. This certificate was not in the file at the time
of our review.
[23] Our estimate is based on a 95-percent confidence level and used a
test materiality of $94,061. Based on the sample results, the amount
of improper purchases could be as much as $133,895.
[24] One of these individuals was charged in connection with a theft
ring that operated during the period covered by our audit.
[25] We attempted to obtain the invoices from another vendor. However,
it did not provide this information to us.
[26] We did not attempt to find 1 piece of equipment because it was
the only piece ordered by a particular office and the cardholder was
not in when we did our unannounced inventory.
[27] This office was in the process of moving to a new building while
we were conducting our audit work.
[28] Because the Pell Grant data are maintained by school year, the
time frames for the Pell Grant disbursements we reviewed were for
school years 1997-1998, 1998-1999, and 1999-2000.
[29] Gelco was Education's contractor for third party drafts. Gelco
paid the drafts and then was reimbursed by Education.
[End of section]
GAO‘s Mission:
The General Accounting Office, the investigative arm of Congress,
exists to support Congress in meeting its constitutional
responsibilities and to help improve the performance and accountability
of the federal government for the American people. GAO examines the use
of public funds; evaluates federal programs and policies; and provides
analyses, recommendations, and other assistance to help Congress make
informed oversight, policy, and funding decisions. GAO‘s commitment to
good government is reflected in its core values of accountability,
integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through the Internet. GAO‘s Web site [hyperlink,
http://www.gao.gov] contains abstracts and full text files of current
reports and testimony and an expanding archive of older products. The
Web site features a search engine to help you locate documents using
key words and phrases. You can print these documents in their entirety,
including charts and other graphics.
Each day, GAO issues a list of newly released reports, testimony, and
correspondence. GAO posts this list, known as ’Today‘s Reports,“ on its
Web site daily. The list contains links to the full-text document
files. To have GAO e-mail this list to you every afternoon, go to
[hyperlink, http://www.gao.gov] and select ’Subscribe to daily E-mail
alert for newly released products“ under the GAO Reports heading.
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. General Accounting Office:
441 G Street NW, Room LM:
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Public Affairs:
Jeff Nelligan, managing director, NelliganJ@gao.gov:
(202) 512-4800:
U.S. General Accounting Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548: