Information Technology and Cybersecurity: Significant Attention Is Needed to Address High-Risk Areas

What GAO Found

In its March 2021 high-risk series update, GAO reported that significant attention was needed to improve the federal government’s management of information technology (IT) acquisitions and operations, and ensure the nation’s cybersecurity. Regarding management of IT, overall progress in addressing this area has remained unchanged. Since 2019, GAO has emphasized that the Office of Management and Budget (OMB) and covered federal agencies need to continue to fully implement critical requirements of federal IT acquisition reform legislation, known as the Federal Information Technology Acquisition Reform Act (FITARA), to better manage tens of billions of dollars in IT investments. For example:

  • OMB continued to demonstrate leadership commitment by issuing guidance to implement FITARA statutory provisions, but sustained leadership and expanded capacity were needed to improve agencies’ management of IT.
  • Agencies continued to make progress with reporting FITARA milestones and plans to modernize or replace obsolete IT investments, but significant work remained to complete these efforts.
  • Agencies improved the involvement of their agency Chief Information Officers in the acquisition process, but greater cost savings could be achieved if IT acquisition shortcomings, such as reducing duplicative IT contracts, were addressed.

In March 2021, GAO reiterated the need for agencies to address four major cybersecurity challenges facing the nation: (1) establishing a comprehensive cybersecurity strategy and performing effective oversight, (2) securing federal systems and information, (3) protecting cyber critical infrastructure, and (4) protecting privacy and sensitive data. GAO identified 10 actions for agencies to take to address these challenges. However, since 2019, progress in this area has regressed—GAO’s 2021 rating of leadership commitment declined from met to partially met. To help address the leadership vacuum, in January 2021, Congress enacted a statute establishing the Office of the National Cyber Director. Although the director position has not yet been filled, on April 12 the President announced his intended nominee. Overall, the federal government needs to move with a greater sense of urgency to fully address cybersecurity challenges. In particular:

  • Develop and execute a more comprehensive federal strategy for national cybersecurity and global cyberspace. In September 2020, GAO reported that the cyber strategy and implementation plan addressed some, but not all, of the desirable characteristics of national strategies, such as goals and resources needed.
  • Mitigate global supply chain risks. In December 2020, GAO reported that few of the 23 civilian federal agencies it reviewed implemented foundational practices for managing information and communication technology supply chain risks.
  • Enhance the federal response to cyber incidents. In July 2019, GAO reported that most of 16 selected federal agencies had deficiencies in at least one of the activities associated with incident response processes.

Why GAO Did This Study

The effective management and protection of IT has been a longstanding challenge in the federal government. Each year, the federal government spends more than $100 billion on IT and cyber-related investments; however, many of these investments have failed or performed poorly and often have suffered from ineffective management.

Accordingly, GAO added improving the management of IT acquisitions and operations as a high-risk area in February 2015. Information security has been on the high-risk area since 1997. In its March 2021 high-risk update, GAO reported that significant actions were required to address IT acquisitions and operations. Further, GAO noted the urgent need for agencies to take 10 specific actions on four major cybersecurity challenges.

GAO was asked to testify on federal agencies’ efforts to address the management of IT and cybersecurity. For this testimony, GAO relied primarily on its March 2021 high-risk update and selected prior work across IT and cybersecurity topics.

More from:

Hits: 0

News Network

  • Secretary Antony J. Blinken Virtual Remarks to Embassy London Staff
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Commemoration of the Massacre of Mahshahr and Designation of Iranian Officials Due to Involvement in Gross Violations of Human Rights
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Acting Assistant Secretary Peterson’s Travel to Democratic Republic of Congo
    In Crime Control and Security News
    Office of the [Read More…]
  • Secretary Michael R. Pompeo and Israeli Foreign Minister Gabi Ashkenazi
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Ohio Man Charged with Hate Crime Related to Plot to Conduct Mass Shooting of Women, Illegal Possession of Machine Gun
    In Crime News
    A federal grand jury has charged a self-identified “incel” with attempting to conduct a mass shooting of women and with illegally possessing a machine gun.
    [Read More…]
  • Maternal Mortality and Morbidity: Additional Efforts Needed to Assess Program Data for Rural and Underserved Areas
    In U.S GAO News
    What GAO Found Nationwide data from the Centers for Disease Control and Prevention's (CDC) Pregnancy Mortality Surveillance System from 2011-2016, the most recent data available at the time of GAO's review, indicate that deaths during pregnancy or up to 1 year postpartum due to pregnancy-related causes—are higher in rural areas compared to metropolitan areas. See figure. CDC data also showed higher mortality in underserved areas (areas with lower numbers of certain health care providers per capita). Pregnancy-Related Mortality Ratios in Rural and Metropolitan Areas, 2011-2016 Note: Micropolitan areas include counties with populations of 2,500 to 49,999. Noncore areas include nonmetropolitan counties that do not qualify as micropolitan. GAO also analyzed the most recent annual data available from the Agency for Healthcare Research and Quality for 2016-2018 on severe maternal morbidity (SMM)—unexpected outcomes of labor and delivery resulting in significant health consequences. Nationwide, these data showed higher estimated rates of SMM in metropolitan areas (72.6 per 10,000 delivery hospitalizations) compared to rural areas (62.9 per 10,000). CDC and another Department of Health and Human Services (HHS) agency, the Health Resources and Services Administration (HRSA), fund several maternal health programs that aim to reduce maternal mortality and SMM, including some that target rural or underserved areas. CDC and HRSA collect program data, such as the percentage of women who received postpartum visits, to track progress in improving maternal health, but they do not systematically disaggregate and analyze program data by rural and underserved areas. By taking these actions, CDC and HRSA could help better ensure that program funding is being used to help address any needs in these areas. HHS has taken actions to improve maternal health through its funding of various programs and releasing an action plan in 2020. HHS also has two workgroups that aim to coordinate across HHS agencies on maternal health efforts, such as program activities that aim to reduce maternal mortality and SMM. Officials from HHS's two workgroups said they coordinated in developing the action plan, but they do not have a formal relationship established to ensure ongoing coordination. Officials from one of the workgroups noted that they often have competing priorities and do not always coordinate their efforts. By more formally coordinating their efforts, HHS's workgroups may be in a better position to identify opportunities to achieve HHS's action plan goal for reducing maternal mortality and objectives that target rural and underserved areas. Why GAO Did This Study Each year in the United States, hundreds of women die from pregnancy-related causes, and thousands more experience SMM. Research suggests there is a greater risk of maternal mortality and SMM among rural residents and that underserved areas may lack needed health services. GAO was asked to review maternal mortality and SMM outcomes in rural and underserved areas. This report examines, among other objectives, what is known about these outcomes; selected CDC and HRSA programs that aim to reduce these outcomes, as well as actions to collect and use relevant data; and the extent to which HHS is taking actions to improve maternal health and monitoring progress on its efforts. GAO analyzed HHS data, agency documentation, literature, and interviewed officials from a non-generalizable sample of three states and stakeholders to capture various perspectives.
    [Read More…]
  • Priority Open Recommendations: Office of Management and Budget
    In U.S GAO News
    What GAO Found In April 2020, GAO identified 35 priority recommendations for the Office of Management and Budget (OMB). Since then, OMB has implemented four of those recommendations by, among other things, taking actions to help reduce improper payments across the federal government and improve the quality of agency spending data. In June 2021, GAO identified 13 additional priority recommendations for OMB, bringing the total number to 44. These recommendations involve the following areas: Improving government performance. Increasing availability and transparency of government data. Improving acquisition management and reducing costs. Reducing government-wide improper payments. Strengthening information security. Establishing controls for disaster relief. Improving oversight of agency collection and coordination of federal data on sexual violence. Improving federal real property asset management. Improving information management. OMB's continued attention to these issues could yield significant cost savings and other improvements in government operations. Why GAO Did This Study Priority open recommendations are the GAO recommendations that warrant priority attention from heads of key departments or agencies because their implementation could save large amounts of money; improve congressional and/or executive branch decision-making on major issues; eliminate mismanagement, fraud, and abuse; or ensure that programs comply with laws and funds are legally spent, among other benefits. Since 2015 GAO has sent letters to selected agencies to highlight the importance of implementing such recommendations. For more information, contact Michelle Sager at (202) 512-6806 or sagerm@gao.gov.
    [Read More…]
  • Statement from Assistant Attorney General Eric Dreiband Commemorating the Twentieth Anniversary of the Trafficking Victims Protection Act
    In Crime News
    Assistant Attorney General for Civil Rights Eric Dreiband issued the following statement today commemorating the twentieth anniversary of the Trafficking Victims Protection Act:
    [Read More…]
  • Colorado Businessman Indicted for Employment Tax Fraud
    In Crime News
    A federal grand jury in Denver, Colorado, returned an indictment charging a Bow Mar, Colorado, businessman with tax evasion, failing to pay over employment taxes, and failing to file tax returns.
    [Read More…]
  • Federal Telework: Key Practices That Can Help Ensure the Success of Telework Programs
    In U.S GAO News
    The Telework Enhancement Act of 2010 (the act) defines telework as a work flexibility arrangement under which an employee performs the duties and responsibilities of their position and other authorized activities from an approved worksite other than the location from which the employee would otherwise work. GAO previously identified key practices in telework-related literature and guidelines that federal agencies should implement in ensuring successful telework programs. These key practices may be grouped under seven categories. Program planning. Consistent with a key practice GAO identified, agencies are required to have a telework managing officer. Other key practices related to planning for a telework program include establishing measurable telework program goals, and providing funding to meet the needs of the telework program. Telework policies. Agencies can help ensure their workforces are telework ready by establishing telework policies and guidance. To ensure that teleworkers are approved on an equitable basis, agencies should establish eligibility criteria, such as suitability of tasks and employee performance. Agencies should also have telework agreements for use between teleworkers and their managers. Performance management. Agencies should ensure that the same performance standards are used to evaluate both teleworkers and nonteleworkers. Agencies should also establish guidelines to minimize adverse impacts that telework can have on nonteleworkers. Managerial support. For telework programs to be successful agencies need support from top management. They also need to address managerial resistance to telework. Training and publicizing. Telework training helps agencies ensure a common understanding of the program. The act requires agencies to provide telework training to employees eligible to telework and to managers of teleworkers. Keeping the workforce informed about the program also helps. Technology. Agencies need to make sure teleworkers have the right technology to successfully perform their duties. To that end, agencies should assess teleworker and organization technology needs, provide technical support to teleworkers, and address access and security issues. Program evaluation. Agencies should develop program evaluation tools and use such tools from the very inception of the program to identify problems or issues. Agencies can then use this information to make any needed adjustments to their programs. GAO has previously reported instances where selected agencies faced challenges implementing telework programs that aligned with key practices. For example, three of four selected agencies did not require review or document their review of ongoing telework agreements. These reviews are important to provide assurance that the agreements reflect and support their current business needs. GAO also previously reported that managers at three of four selected agencies were not required to complete telework training before approving staff's telework agreements. The training is important to ensure managers fully understood agency telework policy and goals before approving or denying requests to telework. Telework offers benefits to federal agencies as well as to the federal workforce. These include improving recruitment and retention of employees, reducing the need for costly office space, and an opportunity to better balance work and family demands. In addition, telework is a tool that agencies can use to help accomplish their missions during periods of disruption, including during the current COVID-19 pandemic. Congress has encouraged federal agencies to expand staff participation in telework, most recently by passing the Telework Enhancement Act of 2010 (the act). The act established requirements for executive agencies' telework policies and programs, among other things. This statement provides key practices to help ensure the success of telework programs. The statement is based on GAO's body of work on federal telework issued from July 2003 through February 2017. GAO has recently initiated two reviews related to federal telework. One is examining the extent to which agencies have used telework during the COVID-19 pandemic, including the successes and challenges agencies experienced. The second is reviewing agencies' telework information technology infrastructure. For more information, contact Michelle B. Rosenberg at (202) 512-6806 or rosenbergm@gao.gov.
    [Read More…]
  • Senegal Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • How Engineers at NASA JPL Persevered to Develop a Ventilator
    In Space
    As coronavirus hit, JPL [Read More…]
  • Two Men Charged with Assaulting Federal Officers with Dangerous Weapon on January 6
    In Crime News
    A Pennsylvania and West Virginia man were arrested Sunday on criminal charges related to their alleged conspiring to injure officers and assaulting federal officers, among other charges.
    [Read More…]
  • Social Security Disability: Process Needed to Review Productivity Expectations for Administrative Law Judges
    In U.S GAO News
    What GAO Found The Social Security Administration's (SSA) administrative law judges review, process, and adjudicate requests for hearings on disability benefits. In 2007, the agency set an expectation—which SSA reported was based on trend data and some regional managers' input—for judges to issue 500-700 dispositions (decisions and dismissals) each year, and the extent to which they have met this expectation has varied over time. SSA did not document the expectation-setting process in 2007, nor has it formally reviewed the expectation since. Judges in discussion groups held by GAO questioned the basis of the expectation and 87 percent of judges GAO surveyed (47 of 54) said the expectation was too high. The extent to which judges met the annual and related expectations has fluctuated over the years (see figure). Without periodic reviews, SSA cannot be assured that its expectations appropriately allow judges to balance productivity with other expectations, such as quality, given changing conditions over time. Administrative Law Judges Who Met or Exceeded SSA's Annual Productivity Expectation, Fiscal Years 2014-2020 Judges in selected hearing offices cited a variety of factors affecting their ability to meet the annual expectation. The top factor cited by judges GAO surveyed was the size of case files, which have increased five-fold on average since the expectation was established, according to SSA data. The COVID-19 pandemic introduced other factors in 2020, resulting in fewer hearings being conducted. SSA monitors judges' productivity and takes various actions when expectations are not met, ranging from informal conversations to formal discipline. In addition, judges in 11 of 13 discussion groups viewed telework restrictions as a consequence for not meeting expectations. Additionally, judges GAO surveyed reported feeling pressured to meet the expectations. For instance, 87 percent of judges surveyed (47 of 54) said that SSA placed too much emphasis on productivity, and some expressed concerns about their work quality and work-life balance. SSA officials said they do not formally seek feedback from judges on the expectations. However, without feedback or other gauges of pressure, SSA lacks information that could help it appropriately balance timely case processing while maintaining high-quality work and employee morale. Why GAO Did This Study SSA's approximately 1,350 judges play a major role in processing and adjudicating requests for hearings to help ensure individuals who do not agree with the determination on their claim for Social Security disability benefits receive due process. SSA receives hundreds of thousands of hearing requests each year and has historically had a large backlog. GAO was asked to review SSA's productivity expectations for its judges. This report examines (1) how SSA set productivity expectations for judges and the extent to which judges have met them over time, (2) reported factors affecting the ability of judges in selected offices to meet the annual productivity expectation, and (3) SSA's management of judges' productivity. GAO obtained and analyzed SSA data on judges' productivity from fiscal years 2005-2020; surveyed and held 13 virtual discussion groups with judges in six hearing offices selected for geographic location, average productivity, and average case size; reviewed relevant federal laws and agency policies and documents; and interviewed officials from SSA and the association representing judges.
    [Read More…]
  • Secretary Blinken’s Call with Saudi Foreign Minister Faisal bin Farhan Al Saud
    In Crime Control and Security News
    Office of the [Read More…]
  • Follow NASA’s Perseverance Rover in Real Time on Its Way to Mars
    In Space
    A crisply rendered web [Read More…]
  • Assistant Attorney General Eric Dreiband Announces Departure from Civil Rights Division
    In Crime News
    Assistant Attorney General Eric S. Dreiband of the U.S. Department of Justice’s Civil Rights Division announced his departure from the department, effective Jan. 8, 2021.  Dreiband has served as Assistant Attorney General since Nov. 1, 2018. 
    [Read More…]
  • Justice Department Settles Lawsuit Against Owners and Mangers of Housing Properties in Honolulu, Hawaii for Discriminating Against Families with Children
    In Crime News
    The Justice Department announced today that it has reached a settlement with the owners and managers of housing in Honolulu, Hawaii, to resolve a lawsuit filed last year alleging that the defendants refused to rent to families with children at properties they owned and managed, in violation of the Fair Housing Act.
    [Read More…]
  • Secretary Antony J. Blinken and Russian Foreign Minister Sergey Lavrov Before Their Meeting
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Appellate Court Agrees with Government that Supervised Injection Sites are Illegal under Federal Law; Reverses District Court Ruling
    In Crime News
    In a precedential opinion, the Third Circuit ruled yesterday that it is a federal crime to open a supervised injection site or “consumption room” for illegal drug use.  Local nonprofit Safehouse planned to open the nation’s first such consumption room in the City of Philadelphia, where individuals would be invited to inject heroin and use other drugs under supervision.  But the Third Circuit ruled that doing so “will break the law” because Safehouse knows and intends that visitors to its consumption room will have a significant purpose of using illegal drugs.  In agreeing with the government’s interpretation of the Controlled Substances Act, the Court explained that, “[t]hough the opioid crisis may call for innovative solutions, local innovations may not break federal law.”
    [Read More…]
  • Priority Open Recommendations: Nuclear Regulatory Commission
    In U.S GAO News
    What GAO Found In April 2020, GAO identified seven priority recommendations for the Nuclear Regulatory Commission (NRC). Since then, NRC implemented one of these recommendations by issuing a risk management strategy that addresses key elements foundational to effectively managing cybersecurity risks. The remaining six priority recommendations involve the following areas: addressing the security of radiological sources. improving the reliability of cost estimates. improving strategic human capital management. NRC's continued attention to these issues could lead to significant improvements in government operations. Why GAO Did This Study Priority open recommendations are the GAO recommendations that warrant priority attention from heads of key departments or agencies because their implementation could save large amounts of money; improve congressional and/or executive branch decision-making on major issues; eliminate mismanagement, fraud, and abuse; or ensure that programs comply with laws and funds are legally spent, among other benefits. Since 2015, GAO has sent letters to selected agencies to highlight the importance of implementing such recommendations. For more information, contact Mark Gaffigan at (202) 512-3841 or gaffiganm@gao.gov.
    [Read More…]
  • Atrocities in Ethiopia’s Tigray Region
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Patient Recruiter Convicted in $2.8 Million Telemedicine Scheme Against Medicare
    In Crime News
    The owner of an Orlando-area telemarketing call center was convicted for his role in a kickback scheme involving expensive genetic tests and fraudulent telemedicine services that resulted in the payment of approximately $2.8 million in false and fraudulent claims to Medicare.
    [Read More…]
  • Justice Department Sues Florida Man for Flagrant Violations of the Rivers and Harbors Act
    In Crime News
    The Justice Department’s Environment and Natural Resources Division (ENRD) announced that the United States has filed a civil lawsuit in the Southern District of Florida against Fane Lozman for violations of the Rivers and Harbors Act (RHA) in connection with Mr. Lozman’s obstruction of Lake Worth Lagoon, a navigable waterway, in Riviera Beach, Florida.
    [Read More…]
  • Priority Open Recommendations: National Aeronautics and Space Administration
    In U.S GAO News
    What GAO Found In April 2020, GAO identified 12 priority recommendations for the National Aeronautics and Space Administration (NASA). Since then, NASA has implemented one of those recommendations when it calculated the Space Launch System program's developmental cost growth using a baseline adjusted to reflect the scope of work planned for its first mission. GAO also closed two recommendations as not implemented. Since GAO's June 2019 recommendation to update the Orion crew vehicle's cost estimate to reflect the April 2023 baseline launch date for the first mission to carry crew, that mission's launch date has been delayed. There is no longer an opportunity for NASA to take action on this recommendation now that the program no longer expects to launch in April 2023. The second recommendation, closed as not implemented, was for NASA to develop and maintain a contingency plan for ensuring a presence on the International Space Station until a Commercial Crew Program contractor was certified. NASA took actions to maintain a U.S. presence on the space station and provided GAO periodic updates on considerations for maintaining a continued presence, but did not develop and maintain a contingency plan. NASA certified a Commercial Crew program contractor in November 2020. As a result, there is no longer an opportunity for NASA to take action on this recommendation. In May 2021, GAO identified two additional priority recommendations for NASA, bringing the total number to 11. These recommendations involve the following areas: monitoring program costs and execution, and ensuring cybersecurity. NASA's continued attention to these issues could lead to significant improvements in government operations. Why GAO Did This Study Priority open recommendations are the GAO recommendations that warrant priority attention from heads of key departments or agencies because their implementation could save large amounts of money; improve congressional and/or executive branch decision-making on major issues; eliminate mismanagement, fraud, and abuse; or ensure that programs comply with laws and funds are legally spent, among other benefits. Since 2015 GAO has sent letters to selected agencies to highlight the importance of implementing such recommendations. For more information, contact Michele Mackin at (202) 512-4841 or mackinm@gao.gov.
    [Read More…]
  • Secretary Antony J. Blinken With Chris Wallace of Fox News Sunday
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • John McAfee Indicted for Tax Evasion
    In Crime News
    An indictment was unsealed today charging John David McAfee with tax evasion and willful failure to file tax returns, announced Principal Deputy Assistant Attorney General Richard E. Zuckerman of the Justice Department’s Tax Division and U.S. Attorney D. Michael Dunavant for the Western District of Tennessee. The June 15, 2020 indictment was unsealed following McAfee’s arrest in Spain where he is pending extradition.
    [Read More…]
  • Judge Testifies at House Hearing on Pandemic Impacts
    In U.S Courts
    Through a combination of advance planning, expanded use of technology, and the dedication of thousands of employees, the federal Judiciary’s response to the pandemic has enabled courts to continue to operate, while ensuring the health and safety of the public and court personnel, U.S. Senior District Judge David G. Campbell told Congress on Thursday.
    [Read More…]
  • Opening Statement at Climate Adaptation Summit 2021
    In Climate - Environment - Conservation
    John Kerry, Special [Read More…]
  • Las Vegas Woman Arrested and Charged with Illegally Exporting Goods to Iran
    In Crime News
    A Las Vegas woman has been indicted by a federal grand jury for conspiracy to export goods from the United States to Iran, in violation of the International Emergency Economic Powers Act (IEEPA) and the Iranian Transactions and Sanctions Regulations.
    [Read More…]
  • Secretary Antony J. Blinken With Jake Tapper of CNN’s The Lead with Jake Tapper
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • International Day for the Elimination of Sexual Violence in Conflict
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Trinidad and Tobago Travel Advisory
    In Travel
    Reconsider travel [Read More…]
  • Secretary Antony J. Blinken With Mike Allen of Axios on HBO Max
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Public Designation of Albanian Sali Berisha Due to Involvement in Significant Corruption
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • United States Reaches Proposed Settlement with Ranch Owner to Restore Creek and Wetlands and Pay Damages for Trespass
    In Crime News
    The U.S. Department of Justice, U.S. Environmental Protection Agency (EPA) and Bureau of Land Management (BLM) announced that they have reached a proposed settlement with John Raftopoulos, Diamond Peak Cattle Company LLC and Rancho Greco Limited LLC (collectively, the defendants) to resolve violations of the Clean Water Act (CWA) and the Federal Land Policy and Management Act (FLPMA) involving unauthorized discharges of dredged or fill material into waters of the United States and trespass on federal public lands in northwest Moffat County, Colorado.
    [Read More…]
  • Opening Remarks by Secretary of State Antony J. Blinken Before the House Committee on Foreign Affairs
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Macroprudential Oversight: Principles for Evaluating Policies to Assess and Mitigate Risks to Financial System Stability
    In U.S GAO News
    GAO is providing a framework for evaluating macroprudential policy—that is, activities designed to assess and mitigate risks to financial system stability. The framework presents six general components of macroprudential policy and 18 principles (see table), as well as related standards, for establishing the foundation of such policy and putting it into operation. Government actors—such as the Financial Stability Oversight Council (FSOC) and its member agencies—are responsible for meeting or contributing to framework principles as they relate to the actors' individual areas of macroprudential responsibility or authority. GAO refers to government actors with collective macroprudential policy responsibilities as the macroprudential entity. GAO Framework for Evaluating Macroprudential Policy Component Principles The macroprudential entity should: Mandate and scope Have a clear mandate Have a scope of responsibilities that extends across the financial system Establish measurable and specific intermediate objectives reflecting the full scope of its responsibilities Governance Have a governance structure promoting willingness to mitigate risks to financial stability in a timely manner Have authorities promoting ability to act consistent with mandate and scope Have transparency requirements promoting the effectiveness, legitimacy, and predictability of macroprudential policy Risk assessment Establish a risk-assessment program corresponding to the scope of the financial system and the entity’s intermediate objectives Identify and analyze potential sources of systemic risk Develop criteria to evaluate significance of risk Establish policies and procedures to conduct systematic risk assessments Risk mitigation Develop a range of macroprudential tools consistent with mandate and scope of responsibilities Develop policies and procedures for conducting risk-mitigation activities Evaluation Evaluate effectiveness of its efforts Document and communicate evaluation findings and promptly remediate issues Data and information Use quality data Develop useful information for decision-making Document information appropriately Establish policies and procedures for sharing data and information Source: GAO. | GAO 21 230SP The Dodd-Frank Wall Street Reform and Consumer Protection Act established FSOC to identify and respond to threats to financial stability in the United States. Other countries have created similar entities, and a growing body of research has developed around these macroprudential structures and approaches. This report presents a principles-based framework to serve as criteria for assessing the financial stability efforts of FSOC and its member agencies. It is intended as a resource for GAO and other auditors, FSOC and its member agencies, and Congress. It also may be useful to others, both domestically and internationally. In developing this framework, GAO reviewed literature on macroprudential policy, prior GAO reports, relevant laws and regulations, and international risk-management guidelines. GAO also interviewed or held discussion groups with representatives of FSOC and its member agencies; international financial stability entities, supreme audit institutions, and international organizations; public interest and industry groups; former regulators and civil servants; and academic and regulatory experts. For more information, contact Michael E. Clements at (202) 512-8678 or ClementsM@gao.gov.
    [Read More…]
  • Imposing Sanctions Related to the Islamic Republic of Iran Shipping Lines and Iranian Shipping Entities
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Malawi National Day
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Mozambique Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Kidnapping Charges Added to California Restaurant Owners Charged with Forced Labor and Harboring of Aliens
    In Crime News
    A federal grand jury returned a superseding indictment yesterday adding the charges of conspiracy to commit kidnapping and kidnapping to the previous charges of conspiracy to commit forced labor, forced labor, conspiracy to harbor aliens and harboring aliens.
    [Read More…]
  • Man Pleads Guilty to Attempting to Provide Material Support to Foreign Terrorist Organizations
    In Crime News
    A New York man pleaded guilty to attempting to provide material support and resources to the Islamic State of Iraq and al-Sham (ISIS) and the al-Nusrah Front, both designated by the U.S. Secretary of State as foreign terrorist organizations.
    [Read More…]
  • China Travel Advisory
    In Travel
    Reconsider travel to the [Read More…]
  • North Carolina Return Preparer Sentenced to 50 Months in Prison for Multi-Year Tax Fraud Scheme
    In Crime News
    A Rocky Mount, North Carolina, tax return preparer was sentenced to 50 months in prison today for conspiring to defraud the United States, announced Acting Deputy Assistant Attorney General Stuart M. Goldberg of the Justice Department’s Tax Division and U.S. Attorney Robert J. Higdon Jr. for the Eastern District of North Carolina.
    [Read More…]
  • Financial Stability: Agencies Have Not Found Leveraged Lending to Significantly Threaten Stability but Remain Cautious Amid Pandemic
    In U.S GAO News
    In the years before the economic shock from the COVID-19 pandemic, the Financial Stability Oversight Council (FSOC) and others assessed the potential risks to financial stability that leveraged loans and collateralized loan obligation (CLO) securities may pose. Generally, leveraged loans are those made to businesses with poor credit and high debt, and CLO securities are backed by these loans. FSOC and others found that riskier borrower profiles and looser underwriting standards left leveraged lending market participants vulnerable to losses in the event of a downturn. After the COVID-19 shock in March 2020, loans suffered record downgrades and increased defaults, but the highest-rated CLO securities remained resilient. Although regulators monitoring the effects of the pandemic remain cautious, as of September 2020, they had not found that leveraged lending presented significant threats to financial stability. Based on regulators' assessments, leveraged lending activities had not contributed significantly to the distress of any large financial entity whose failure could threaten financial stability. Large banks' strong capital positions have allowed them to manage their leveraged lending exposures, and the exposure of insurers and other investors also appeared manageable. Mutual funds experienced redemptions by investors but were able to meet them in part by selling leveraged loan holdings. While this may have put downward pressure on already-distressed loan prices, based on regulators' assessments, distressed leveraged loan prices did not pose a potential threat to financial stability. Present-day CLO securities appear to pose less of a risk to financial stability than did similar securities during the 2007–2009 financial crisis, according to regulators and market participants. For example, CLO securities have better investor protections, are more insulated from market swings, and are not widely tied to other risky, complex instruments. FSOC monitors leveraged-lending-related risks primarily through its monthly Systemic Risk Committee meetings, but opportunities exist to enhance FSOC's abilities to respond to financial stability threats. FSOC identified leveraged lending activities as a source of potential risk to financial stability before the COVID-19 shock and recommended continued monitoring and analysis. However, FSOC does not conduct tabletop or similar scenario-based exercises where participants discuss roles and responses to hypothetical emergency scenarios. As a result, FSOC is missing an opportunity to enhance preparedness and test members' coordinated response to financial stability risks. Further, as GAO reported in 2016, FSOC does not generally have clear authority to address broader risks that are not specific to a particular financial entity, such as risks from leveraged lending. GAO recommended that Congress consider better aligning FSOC's authorities with its mission to respond to systemic risks, but Congress had not done so as of September 2020. GAO maintains that changes such as broader designation authority would help FSOC respond to risks from activities that involve many regulators, such as leveraged lending. The market for institutional leveraged loans grew from an estimated $0.5 trillion in 2010 to $1.2 trillion in 2019, fueled largely by investor demand for CLO securities. Some observers and regulators have drawn comparisons to the pre-2008 subprime mortgage market, noting that loan origination and securitization may similarly spread risks to the financial system. These fears are being tested by the COVID-19 pandemic, which has significantly affected leveraged businesses. This report examines assessments by regulators, FSOC, and others—both before and after the COVID-19 shock to the economy—of the potential risks to financial stability stemming from leveraged lending activities, and the extent to which FSOC monitors and responds to risks from broad-based activities like leveraged lending, among other objectives. GAO examined agency and private data on market size and investor exposures; reviewed agency, industry, and international reports; and interviewed federal financial regulators and industry participants. GAO recommends that the Secretary of the Treasury, as Chairperson of FSOC, conduct scenario-based exercises intended to evaluate capabilities for responding to crises. GAO also reiterates its 2016 recommendation (GAO-16-175) that Congress consider legislative changes to align FSOC's authorities with its mission. FSOC neither agreed nor disagreed with the recommendation, but said that it would take further actions if it determined necessary. For more information, contact Michael E. Clements at (202) 512-8678 or ClementsM@gao.gov.
    [Read More…]
  • Department Press Briefing – March 9, 2021
    In Crime Control and Security News
    Ned Price, Department [Read More…]
  • On Lunar New Year
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Comoros Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Former CEO and Founder of Technology Company Pleads Guilty to Investment Fraud Scheme
    In Crime News
    The former chief executive officer (CEO) and co-founder of Trustify, Inc. (Trustify), a privately-held technology company founded in 2015 and based in Arlington, Virginia, pleaded guilty today to his involvement in a fraud scheme resulting in millions of dollars of losses to investors.
    [Read More…]
  • Veterans Community Care Program: Improvements Needed to Help Ensure Timely Access to Care
    In U.S GAO News
    In a September 2020 report, GAO found that the Department of Veterans Affairs (VA) established an appointment scheduling process for its new Veterans Community Care Program (VCCP) but did not specify allowable wait times for some key steps in the process. Further, GAO found that VA had not established an overall wait-time performance measure—that is, the maximum amount of time it should take for veterans to receive care from community providers. In 2013, GAO recommended that VA establish a wait-time measure under a prior VA community care program, and in 2018 again recommended that VA establish an achievable wait-time goal to receive care under the VCCP. VA has not implemented these recommendations. Potential Allowable Wait Time to Obtain Care through the Veterans Community Care Program Note: This figure illustrates potential allowable wait times in calendar days for eligible veterans who are referred to the Veterans Community Care Program through routine referrals (not urgent), and have VA medical center staff—Referral Coordination Team (RCT) and community care staff (CC staff)—schedule the appointments on their behalf. Given VA's lack of action over the prior 7 years in implementing wait-time measures for various community care programs, GAO believes that Congressional action is warranted requiring VA to establish such an overall measure for the VCCP. This should help to achieve timely health care for veterans. GAO found additional VCCP challenges needing VA action: (1) VA uses metrics that are remnants from the previous community care program and inconsistent with the time frames established in the VCCP scheduling process. (2) Few community providers have signed up to use the software VA intends for VA medical center (VAMC) staff and community providers to use to electronically share referral information with each other. (3) Select VAMCs faced challenges scheduling appointments in a timely manner and most did not have the full amount of community care staff VA's staffing tool recommended. In June 2019, VA implemented its new community care program, the VCCP, as required by the VA MISSION Act of 2018. This new program replaced or consolidated prior community care programs. Under the VCCP, VAMC staff are responsible for community care appointment scheduling. This statement summarizes GAO's September 2020 report. It describes for the VCCP: (1) the appointment scheduling process that VA established for veterans, (2) the metrics VA used to monitor the timeliness of appointment scheduling, (3) VA's efforts to prepare VAMC staff for appointment scheduling, and (4) VA's efforts to determine VAMC staffing needs. In performing that work, GAO reviewed VA documentation, such as guidance, referral timeliness data, and VAMC community care staffing data; conducted site visits to five VAMCs; and interviewed VA and VAMC officials. In its September 2020 report, GAO recommended that Congress consider requiring VA to establish an overall wait-time measure for the VCCP. GAO also made three recommendations to VA, including that it align its monitoring metrics with the VCCP appointment scheduling process. VA did not concur with this recommendation, but concurred with the other two. GAO maintains that all recommendations are warranted. For more information, contact Sharon M. Silas at (202) 512-7114 or silass@gao.gov.
    [Read More…]
  • COVID-19: HHS Should Clarify Agency Roles for Emergency Return of U.S. Citizens during a Pandemic
    In U.S GAO News
    What GAO Found At the beginning of the COVID-19 pandemic, the U.S. returned, or repatriated, about 1,100 U.S. citizens from abroad and quarantined them domestically to prevent the spread of COVID-19. The Department of Health and Human Services (HHS) experienced coordination and safety issues that put repatriates, HHS personnel, and nearby communities at risk. This occurred because HHS component agencies—the Administration for Children and Families, the Office of the Assistant Secretary for Preparedness and Response, and the Centers for Disease Control and Prevention—did not follow plans or guidance delineating their roles and responsibilities for repatriating individuals during a pandemic—an event these agencies had never experienced. While they had general repatriation plans, there was disagreement as to whether the effort was in fact a repatriation. This led to fundamental problems for HHS agencies and their federal partners, including at the March Air Reserve Base quarantine facility in California where the first repatriated individuals were quarantined prior to widespread transmission of COVID-19 in the U.S. These problems included the following: Lack of clarity as to which agency was in charge when the first repatriation flight from Wuhan, China, arrived at the quarantine facility, which caused confusion among the HHS component agencies. Coordination issues among HHS component agencies resulted in component agencies operating independently of each other, and led to frustration and complications. HHS's delay in issuing its federal quarantine order, during which time a repatriate tried to leave the quarantine facility. HHS personnel's inconsistent use of personal protective equipment (PPE), and HHS officials' disagreement on which agency was responsible for managing infection prevention and control. An HHS official also directed personnel to remove their PPE as it created “bad optics,” according to an HHS report that examined the repatriation effort. The National Response Framework, a guide to how the U.S. responds to disasters and emergencies, instructs agencies to understand their respective roles and responsibilities, know what plans apply, and develop appropriate guidance for emergency responses. Until HHS revises or develops new plans that clarify agency roles and responsibilities during a repatriation in response to a pandemic, it will be unable to prevent the coordination and health and safety issues it experienced during the COVID-19 repatriation response in future pandemic emergencies. HHS also did not include repatriation in its pandemic planning exercises. As a result, agencies lacked experience deploying together to test repatriation plans during a pandemic, which contributed to serious coordination issues. GAO has previously reported that exercises play an important role in preparing for an incident by providing opportunities to test response plans and assess the clarity of roles and responsibilities. Until HHS conducts such exercises, it will be unable to test its repatriation plans during a pandemic and identify areas for improvement. Why GAO Did This Study HHS provides temporary assistance to U.S. citizens repatriated by the Department of State (State) from a foreign country because of destitution, illness, threat of war, or similar crises through the U.S. Repatriation Program. In January and February 2020, HHS assisted State in repatriating individuals from Wuhan, China, and the Diamond Princess cruise ship in Yokohama, Japan, to the U.S. HHS quarantined repatriates at five Department of Defense (DOD) installations to ensure they did not infect others with COVID-19. GAO was asked to examine HHS's COVID-19 repatriation efforts to ensure the health and safety of those involved in the response. This report examines HHS's coordination and management of its COVID-19 repatriation response. GAO reviewed relevant documentation from HHS, State, and DOD related to repatriation planning, including documentation on pandemic planning exercises. GAO also interviewed officials from HHS, State, and DOD.
    [Read More…]
  • Two Kentucky Real Estate Professionals Indicted for Rigging Farmland Auction
    In Crime News
    A federal grand jury in the Western District of Kentucky returned an indictment charging two Kentucky real estate professionals with conspiring to rig bids at an estate auction for farmland and timber rights.
    [Read More…]
  • Member of White Supremacist Prison Gang Guilty of Violent Crime in Aid of Racketeering
    In Crime News
    A Texas man pleaded guilty today to violent gang-related activities in the Eastern District of Texas.
    [Read More…]
  • Clean Water Act: EPA Needs to Better Assess and Disclose Quality of Compliance and Enforcement Data
    In U.S GAO News
    What GAO Found Since 2015, the Environmental Protection Agency (EPA) has modified one of its three national initiatives emphasizing compliance with the Clean Water Act and has discontinued two others (see fig.). The goal of the modified initiative is to reduce significant noncompliance with National Pollutant Discharge Elimination System (NPDES) permits by half by the end of fiscal year 2022. Such permits set limits on discharges of wastewater from point sources, such as a pipe from an industrial facility. This goal supports EPA's strategic objective to increase compliance with environmental laws in its strategic plan for fiscal years 2018-2022. EPA discontinued its initiatives focused on animal waste pollution and raw sewage and stormwater runoff, returning these areas to the core enforcement program in 2018 and 2019, respectively. As a result, these areas no longer receive the heightened attention and focused resources of the national initiatives, but the agency still pursues enforcement actions when needed. Changes in EPA's Clean Water Act National Initiatives EPA posts data that states report on their NPDES compliance and enforcement activities to its website, but the data are not reliable for identifying changes in the number of activities states conducted since 2015. EPA's most recent assessment of states' data showed that two of 17 states met expectations for the accuracy and completeness of the data recorded in the agency's national database. EPA is working with states to improve their data, and it includes on its website disclosures by some states about problems and limitations with their data. However, the agency has not ensured that all states' disclosures are consolidated, complete, and updated. Until it does so, potential users of the data may not fully understand the data or the data's limitations. EPA developed a measure to track progress toward its goal for reducing the rate of significant noncompliance by NPDES facilities with individual permits by the end of fiscal year 2022. While the measure tracks changes in the number of facilities in significant noncompliance, the results of the measure are unclear because data EPA needs to track compliance are incomplete and contain inaccuracies. According to EPA, about 70 percent of NDPES facilities have sufficiently complete data in the national database for EPA to track compliance. EPA is working with states to improve data quality, but it does not have a plan to assess the overall accuracy of the data. Until it does so, EPA cannot be certain what its measure is showing and if EPA is making progress toward its goal. Why GAO Did This Study EPA partners with states to oversee compliance with and enforcement of the Clean Water Act. In fiscal year 2020, there were roughly 335,000 facilities with active NPDES permits, which are used to regulate wastewater discharges under the act. In 2015, EPA began requiring states and facilities to electronically report data on their NPDES activities. EPA estimated that in 2018, nearly 11,000 facilities significantly exceeded their permit limits and illegally discharged pollutants into nearby waters, which may pose serious threats to human health and the environment. GAO was asked to review EPA's enforcement of the Clean Water Act. This report examines (1) changes since 2015 in EPA's national initiatives for ensuring compliance with the act, (2) changes in NPDES compliance and enforcement activities since 2015, and (3) the extent to which EPA is measuring progress toward compliance with the NPDES program. GAO reviewed and analyzed EPA documents and data on NPDES compliance and enforcement activities. GAO also interviewed officials from eight states, selected in part by EPA region, to learn about their NPDES compliance and enforcement activities and data reporting.
    [Read More…]
  • Sentencing of Hong Kong Pro-Democracy Activists for Unlawful Assembly
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • DISH Network to Pay $210 Million for Telemarketing Violations
    In Crime News
    The Department of Justice today announced a settlement in which DISH Network LLC (DISH) will pay $126 million in civil penalties to the United States for placing millions of telemarketing calls in violation of the FTC’s Telemarketing Sales Rule (TSR). This settlement represents the largest civil penalty ever paid to resolve telemarketing violations under the FTC Act, and exceeds the total penalties paid to the government by all prior violators of the TSR. DISH will also pay a combined $84 million to four states for violations of the Telephone Consumer Protection Act, for a total settlement of $210 million.
    [Read More…]
  • Justice Department Announces National Response Center and Offer to Bring Assistance to Minneapolis Police Department to Support Law Enforcement and Safe Communities Through Fair Policing
    In Crime News
    The Justice Department, in an announcement by Assistant Attorney General for the Civil Rights Division Eric S. Dreiband, Principal Deputy Assistant Attorney General of the Office of Justice Programs (OJP) Katharine T. Sullivan, and U.S. Attorney for the District of Minnesota Erica H. MacDonald, unveiled a new National Response Center Initiative and offered the assistance to the Minneapolis Police Department (MPD) to support law enforcement, and review, enhance and reform policies and practices to prevent the use of excessive force. The BJA Law Enforcement Training and Technical Assistance Response Center will be a national resource for all state, local, and tribal law enforcement agencies.
    [Read More…]
  • Jury Convicts West Virginia Doctor of Drug Distribution
    In Crime News
    A federal jury convicted a West Virginia doctor Thursday for prescribing a buprenorphine product in violation of the Controlled Substances Act.
    [Read More…]
  • Fiscal Year 2022 Performance Plan
    In U.S GAO News
    This report presents the Government Accountability Office's (GAO) Performance Plan for Fiscal Year 2022. In the spirit of the Government Performance and Results Act, this annual plan informs the Congress and the American people about what we expect to accomplish on their behalf in the coming fiscal year. It sets forth our plan to make progress toward achieving our strategic goals for serving the Congress and the American people. This framework not only shows the relationship between our strategic goals and strategic objectives, but also show major themes that could potentially affect our work.
    [Read More…]