Skip to main content

Financial Management: Department of Homeland Security Faces Significant Financial Management Challenges

GAO-04-774 Published: Jul 19, 2004. Publicly Released: Jul 29, 2004.
Jump To:
Skip to Highlights

Highlights

When the Department of Homeland Security (DHS) began operations in March 2003, it faced the daunting task of bringing together 22 diverse agencies. This transformation poses significant management and leadership challenges, including integrating a myriad of redundant financial management systems and addressing the existing weaknesses in the inherited components, as well as newly identified weaknesses. This review was performed to (1) identify the financial management systems' weaknesses DHS inherited from the 22 component agencies, (2) assess DHS's progress in addressing those weaknesses, (3) identify plans DHS has to integrate its financial management systems, and (4) review whether the planned systems DHS is developing will meet the requirements of relevant financial management improvement laws.

Recommendations

Matter for Congressional Consideration

Matter Status Comments
In view of the size of DHS and the importance of the CFO Act and FFMIA in improving financial management and its applicability to all other cabinet departments, the Congress may wish to consider enacting legislation to designate DHS as a CFO Act agency.
Closed – Implemented
In the aftermath of the terrorist attacks of September 11, 2001, the Congress passed and the President signed the Homeland Security Act of 2002 (HSA), which merged 22 federal agencies and organizations into a new Department of Homeland Security (DHS). DHS was formed in March 2003 and at that time had the third largest budget in the federal government, about $40 billion for fiscal year 2005. GAO has designated implementation and transformation of the new DHS as high risk based on several factors. When DHS was formed by the HSA, the department was not legislatively subjected to two key financial management improvement laws: The Chief Financial Officers Act of 1990 (CFO Act) and the Federal Financial Management Improvement Act of 1996 (FFMIA). The goals of the CFO Act and FFMIA are, among other things, to provide the Congress and agency management with reliable financial information for managing and making day-to-day decisions and to improve financial management systems and controls to properly safeguard the government's assets. Further, when DHS was formed, it inherited 30 reportable internal control conditions that had been identified in prior component agencies financial statement audits. In view of the size of DHS, the internal control conditions it inherited, and the importance of the CFO Act and FFMIA in improving financial management, GAO strongly supported legislatively requiring DHS to comply with these laws in testimony and in written products. On May 4, 2004, H.R. 4259, the Department of Homeland Security Financial Accountability Act, was introduced in the House of Representatives and was passed by the Congress and presented to the President for signature on October 5, 2004. This Act legislatively requires DHS to comply with the provisions of the CFO Act and FFMIA.

Recommendations for Executive Action

Agency Affected Recommendation Status
Management Directorate To improve financial management at the department, the Secretary of Homeland Security should direct the Under Secretary for Management to continue to maintain strong involvement of key stakeholders and top management throughout the acquisition and implementation of the eMerge2 initiative.
Closed – Implemented
In December 2005, the Bearing Point contract for eMerge2 expired. Key stakeholders and DHS management concluded that further investment in eMerge2 was high risk. Instead, DHS management, in consultation with key stakeholders, at that time established plans to focus on reducing the number of internal financial management systems by utilizing OMB's "Centers of Excellence" initiative for the delivery of financial management services. DHS management (with the involvement of key stakeholders) has been working since that time to ameliorate against systems failure risks in utilizing the OMB initiatives. These sustained actions by DHS management, and its stakeholders, are consistent with the intent of our recommendation directed at ensuring strong management involvement throughout system implementation.
Management Directorate To improve financial management at the department, the Secretary of Homeland Security should direct the Under Secretary for Management to assess the impact of further reduction in financial service providers on DHS staff and their ability to produce timely financial information.
Closed – Implemented
In December 2005, the Bearing Point contract to implement eMerge2, which would have influenced the number of service providers, expired and the initiative to acquire and implement a new department-wide financial management system for the Department of Homeland Security (DHS) ended. DHS is currently considering various financial management systems options, including migrating to a shared service provider approach. DHS also reported performing an internal assessment, including consideration of resourcing leveraging opportunities through the use of financial service providers. These actions are consistent with the intent of our recommendation to assess the impact of using shared service providers on DHS resources.
Management Directorate To improve financial management at the department, the Secretary of Homeland Security should direct the Under Secretary for Management to adhere to FFMIA requirements, including JFMIP requirements, even though the department is not statutorily required to do so.
Closed – Implemented
For fiscal years 2003 and 2004, DHS was required to prepare audited financial statements under the Accountability of Tax Dollars Act of 2002 (Pub. L. No. 107-289, 116 Stat. 2049 (Nov. 7, 2002). However, because DHS was not a CFO Act agency, it was not subject to FFMIA requirements including JFMIP requirements. On October 16, 2004, the DHS Financial Accountability Act, Pub. L No. 108-330, 118 Stat. 1275 (Oct. 16, 2004), added DHS to the list of CFO Act agencies. Thus, DHS will now be required to adhere to FFMIA requirements, including JFMIP requirements and DHS's auditors will be required to test compliance with these requirements.
Management Directorate To improve financial management at the department, the Secretary of Homeland Security should direct the Under Secretary for Management to have independent auditors report annually on compliance with FFMIA.
Closed – Implemented
For fiscal years 2003 and 2004, DHS was required to prepare audited financial statements under the Accountability of Tax Dollars Act of 2002 (Pub. L. No. 107-289, 116 Stat. 2049 (Nov. 7, 2002). However because DHS was not a CFO Act agency, it was not subject to requirements including FFMIA requirements including JFMIP requirements. On October 16, 2004, the DHS Financial Accountability Act, Pub. L No. 108-330, 118 Stat. 1275 (Oct. 16, 2004), added DHS to the list of CFO Act agencies, increasing the number of CFO Act agencies to 24 for fiscal year 2005. Thus, DHS and its auditors will now be required to report annually on compliance with FFMIA.
Management Directorate To improve financial management at the department, the Secretary of Homeland Security should direct the Under Secretary for Management to continue to give sustained attention to addressing previously reported material weaknesses, reportable conditions, and observations and recommendations.
Closed – Implemented
DHS released its first Internal Controls Over Financial Reporting (ICOFR) Playbook in March 2007. DHS expects the ICOFR Playbook to guide the agency ahead for the next several years through fundamental financial management improvement across the spectrum of financial activities supporting DHS's mission. The ICOFR Playbook includes specific strategies to design and implement internal controls to correct identified significant financial reporting weaknesses. As a result, in its fiscal year 2007 reporting, DHS increased from four to seven the number of DHS components with no material weaknesses. While many financial management challenges and material weaknesses remain at DHS, the ICOFR Playbook establishes a vehicle to better ensure the department's sustained attention to addressing previously reported material weaknesses, reportable conditions, and observations and recommendations.
Management Directorate To improve financial management at the department, the Secretary of Homeland Security should direct the Under Secretary for Management to complete development of corrective action plans for all material weaknesses, reportable conditions, and observations and recommendations.
Closed – Implemented
DHS issued a Mission Action Plan guide for financial management for fiscal year 2008. In accordance with the guide, DHS and its components are to develop plans for corrective actions that are to be implemented for any new or existing internal control deficiencies over financial reporting (as identified by management or the external auditors). These actions are to be documented (including planned remediation actions, timeframes, key milestones, assignment of responsibilities) Actions planned for each control deficiency at the DHS component level) in the DHS Internal Control Over Financial Reporting (ICOFR) Playbook.
Management Directorate To improve financial management at the department, the Secretary of Homeland Security should direct the Under Secretary for Management to ensure that internal control weaknesses are addressed at the component level if they were combined or reclassified at the departmentwide level.
Closed – Implemented
In 2006, DHS issued Management Directive 1030, Corrective Action Plans. Further, in 2008, the Department issued a Mission Action Plan guide for financial management. In accordance with the guide, DHS components are to develop corrective action plans (including specific actions, timeframes, key milestones, assignment of responsibility, and the timing of corrective action validation) for any new or existing internal control deficiencies over financial reporting (whether identified by management or the external auditors), for input into the DHS Internal Control Over Financial Reporting (ICOFR) Playbook. If effectively implemented, the ICOFR Playbook should, consistent with our recommendation, document the remediation actions planned for each deficiency at the DHS component level.
Management Directorate To improve financial management at the department, the Secretary of Homeland Security should direct the Under Secretary for Management to maintain a tracking system of all auditor-identified and management-identified control weaknesses.
Closed – Implemented
In 2006, DHS developed the Electronic Program Management Office (ePMO) system, which enables the Department and components to track the corrective actions being undertaken at the component level to ensure a coordinated Department-wide response to auditor findings and recommendations. DHS requires staff to use this system to track the resolution of findings. If effectively implemented, DHS should be able to use this system to better track corrective actions being put in to place across the department.

Full Report

Office of Public Affairs

Topics

Accounting proceduresAuditing proceduresAuditing standardsComputer securityFederal agency accounting systemsFederal agency reorganizationFinancial managementFinancial management systemsFinancial recordsFinancial statement auditsInternal controlsReporting requirementsStrategic information systems planningSystems compatibilitySystems integrationHomeland securityPolicies and procedures