Text

UNITED STATES NUCLEAR REGULATORY COMMISSION WASHINGTON, D.C. 20555-0001 OFFICE OF THE INSPECTOR GENERAL May 13, 2021 MEMORANDUM TO: Chairman Christopher T. Hanson Digitally signed by Robert FROM: Robert J. Feitel Robert J. J. Feitel Date: 2021.05.13 Inspector General Feitel 09:46:06 -04'00'

SUBJECT:

AUDIT OF THE NRCS FISCAL YEAR (FY) 2020 COMPLIANCE WITH IMPROPER PAYMENT LAWS (OIG-21-A-10)

The Office of the Inspector General (OIG) conducted this audit to assess the NRCs compliance with the Payment Integrity Information Act of 2019 (PIIA) and report any material weaknesses in internal control. The OIG found the NRC is generally compliant with the PIIA. The OIG did not identify any material weaknesses in internal control during this audit.

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws I. BACKGROUND Improper Payment Laws Enacted in 2020, the Payment Integrity Information Act of 2019 (PIIA) requires federal agencies to periodically review all programs and activities the agency administers, and identify all programs and activities that may be susceptible to significant improper payments. Programs are considered to be significant if, in the preceding fiscal year, the sum of a program or activitys improper payments, and payments whose propriety cannot be determined, may have exceeded $10,000,000 of all reported program or activity payments made during that fiscal year, and 1.5 percent of program outlays, or $100,000,000. Federal agencies should assess programs and activities susceptible to improper payment risk at least once every three years.

The PIIA repealed the 2002 Improper Payments Information Act (IPIA),

the 2010 Improper Payments Elimination and Recovery Act (IPERA), the 2012 Improper Payments Elimination and Recovery Improvement Act (IPERIA), and the 2015 Fraud Reduction and Data Analytics Act (FRDAA).

The PIIA incorporates select provisions from the IPIA, the IPERA, the IPERIA, and the FRDAA into a single subchapter in the U.S. Code, while also introducing new aspects into the payment integrity statutory framework.

1

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws Federal Improper Payment Guidance for Executive Agencies On June 26, 2018, the Office of Management and Budget (OMB) issued Memorandum M-18-20, Appendix C to OMB Circular A-123, Requirements for Payment Integrity Improvement. Table 1 of this report lists the requirements established in the OMBs memorandum. The OMB guidance also specifies that each agencys Inspector General should review agency improper payment reporting in the agencys annual Agency Financial Report (AFR), and accompanying materials.

2

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws II. OBJECTIVES The objectives of this audit were to assess the NRCs compliance with the PIIA and report any material weaknesses in internal control. The appendix of this report contains information on the audit scope and methodology.

III. FINDINGS The Nuclear Regulatory Commission (NRC) is compliant with the PIIA and does not have any material weaknesses in internal control. The NRC reported the required information and conducted the mandated risk assessment. The Office of the Inspector General (OIG) concluded that agency reporting of improper payments is accurate and complete, as noted in Table 1.

Compliance with Improper Payment Laws The OIG determined that for FY 2020, the agency is in compliance with the requirements of the PIIA, as demonstrated in Table 1.

3

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws Table 1: The NRCs FY 2020 Compliance with the PIIA Reported Published Improper Published Published Conducted an Payment Published Corrective and Met Program Name a Risk Improper Rate an AFR Action Reduction Assessment Payment Greater Plans Targets Estimate Than 10%

Commercial Payments Compliant Compliant N/A N/A N/A N/A Grants Compliant Compliant N/A N/A N/A N/A Employee Payments Compliant Compliant N/A N/A N/A N/A Payroll Compliant Compliant N/A N/A N/A N/A Purchase Cards Compliant Compliant N/A N/A N/A N/A Travel Cards Compliant Compliant N/A N/A N/A N/A Source: OIG-generated from Appendix C requirements Per Appendix C, the NRC is required to publish improper payment information in the most recent agency AFR. In addition, the NRC is required to publish any accompanying materials required by the OMB on the agency website. The NRC complied with these requirements, as applicable, by including sufficient improper payment information in its FY 2020 AFR. Four OMB reporting requirements were not applicable to the NRC. (Refer to Table 1)

The NRC Completed Required Improper Payments Risk Assessment The PIIA requires agencies to triennially review all programs and activities that meet the statutory significance threshold to determine if they are susceptible to significant improper payments. In FY 2020, the NRC engaged a contractor1 to conduct reviews in compliance with this requirement. The NRCs contractor considered a universe of approximately $658 million distributed across six programs: commercial payments; grants; employee payments; payroll; purchase cards; and travel cards. The NRCs contractor performed limited testing over four of 1

In FY 2020, the NRC contracted with Castro & Company, LLC (Castro) to conduct a risk assessment of programs selected by management to determine if any were susceptible to making significant improper payments.

4

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws the six payment streams using six months of disbursement data as the universe. Due to the low dollar value of both purchase and travel card disbursements, the contractor did not perform quantitative testing of these two programs. Based on the qualitative and quantitative risk assessment, the NRC did not identify any programs susceptible to significant improper payments.

5

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws IV. AGENCY COMMENTS The Office of the Executive Director for Operations and the Office of the Chief Financial Officer reviewed the draft memorandum report and had no comments.

6

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws Appendix A OBJECTIVES, SCOPE, AND METHODOLOGY Objectives The objectives of this audit were to assess the NRCs compliance with the PIIA and report any material weaknesses in internal control.

Scope The audit focused on improper payment compliance for FY 2020. The OIG conducted this audit from April through May 2021, at the NRC Headquarters in Rockville, Maryland. Internal controls related to the audit objectives were reviewed and analyzed.

Methodology To accomplish the audit objectives, the OIG reviewed agency documents related to the NRCs compliance with the PIIA for FY 2020. The OIG also reviewed applicable federal laws, regulations, and requirements for the PIIA.

Since the NRC is subject to a triennial Appendix C risk assessment, the OIG reviewed the NRCs FY 2020 Improper Payments Risk Assessment report and supporting documentation as part of the review.

We conducted this performance audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to 7

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.

Throughout the audit, auditors considered the possibility of fraud, waste, and abuse in the program.

The audit was conducted by Terri Cooper, Team Leader; Felicia Silver, Audit Manager; and Muhammad Arefin, Senior Auditor.

8

Audit of the NRCs Fiscal Year (FY) 2020 Compliance with Improper Payment Laws TO REPORT FRAUD, WASTE, OR ABUSE Please

Contact:

Email: Online Form Telephone: 1-800-233-3497 TDD: 7-1-1, or 1-800-201-7165 Address: U.S. Nuclear Regulatory Commission Office of the Inspector General Hotline Program Mail Stop O5-E13 11555 Rockville Pike Rockville, MD 20852 COMMENTS AND SUGGESTIONS If you wish to provide comments on this report, please email the OIG using this link.

In addition, if you have suggestions for future OIG audits, please provide them using this link.

9