Last week the DHS Office of the Inspector General released the auditor’s management letter for the Department. The letter outlines findings and recommendations from KPMG’s audit of FY2008. The complete report can be accessed at the OIG website.
As is typical of audits for both private and public organizations, several “financial management comments” are offered. These reflect agency actions — or more commonly non-actions — that the auditors perceive reflect bad practice or non-compliance with laws and regulations. These may range from trivial to truly troublesome. Whether trivial or troublesome often depends on context.
I am more familiar with FEMA than with other DHS components. Below I highlight two auditor findings that strike me as more than trivial. I hope readers who are familiar with other components referenced in the audit (or read more between the lines in the FEMA findings) will use the comment function to underline what seems important to you.
The KPMG audit found:
“FEMA has not established a process to verify an applicant’s homeowner’s insurance prior to granting disaster housing assistance… therefore, FEMA does not have controls in place to prevent a violation of Section 312 of the Stafford Act…”
“We randomly selected nine insurance companies to perform procedures over flood insurance premiums written during the period October 1, 2007 through April 30, 2008. For the nine companies selected, we noted the following internal control deficiencies related to our 405 sample items:
- Five instances where the check did not agree to the appropriate policy.
- Six instances where the check received from the insured was not in the name of the company issuing the policy.”
There were a number of additional findings related to FEMA’s role in flood insurance that, taken together, suggest considerable inaccuracies and less than fully effective management controls. FEMA administers the National Flood Insurance Program. The NFIP is a perpetual source of controversy.