More than two years after its enactment, some agencies have not even started planning to carry out the Fraud Reduction and Data Analytics Act and even among those that have, much remains to be done, GAO has said.
That law requires agencies to establish internal controls to manage their fraud risks; in a survey of 72, GAO found that about four-fifths had started planning for meeting the requirements and nearly all of those have said they have started taking steps to meet them. But among them, “agencies varied in the extent to which they indicated undertaking specific fraud risk management activities required by FRDAA at the agency-wide level.” For example, only two-thirds of the agencies that are taking specific steps said they collect fraud data for prevention purposes–and even those do it inconsistently.
The law also required OMB to issue guidelines to establish fraud risk controls and to establish a working group. OMB has done so, “however, agencies experienced challenges with OMB’s guidelines and the working group, among other things,” a report said. Agency officials “identified the lack of clear requirements and guidance as top challenges” in carrying out the law and similarly “indicated a lack of involvement with and information from” the working group as additional challenges.
GAO recommended that OMB enhance its guidelines for establishing controls, enhance guidelines for reporting on agencies’ progress, and fully implement the working group. OMB, however, said there was no need for those recommendations.
