Skip to main content

Department of Energy Contracting: Improvements Needed to Ensure DOE Assesses Its Full Range of Contracting Fraud Risks

GAO-21-44 Published: Jan 13, 2021. Publicly Released: Jan 13, 2021.
Jump To:

Fast Facts

The Department of Energy spends billions of dollars on contracts every year. But detecting contract fraud can be difficult, so it's important for the DOE to assess and manage all of its risks.

We identified 9 categories of contracting fraud schemes that occurred at the DOE from 2013 to 2019, including billing schemes and bid-rigging. We found that the DOE's methods for gathering information about its fraud risks do not capture all of the contracting fraud risks it faces.

Our 2 recommendations include that the DOE expand its fraud risk assessments to include all risks facing its programs.

A contract and a pen

Skip to Highlights

Highlights

What GAO Found

GAO identified nine categories of contracting fraud schemes that occurred at the Department of Energy (DOE), including billing schemes, conflicts of interest, and payroll schemes. For example, a subcontractor employee at a site created fraudulent invoices for goods never received, resulting in a loss of over $6 million. In another scheme, a contractor engaged in years of widespread time card fraud, submitting inflated claims for compensation. The contractor agreed to pay $18.5 million to settle the case. DOE reported that it identified nearly $15 million in improper payments due to confirmed fraud in fiscal year 2019. However, due to the difficulty in detecting fraud, agencies—including DOE—incur financial losses related to fraud that are never identified or are settled without admission to fraud and are not counted as such. Fraud can also have nonfinancial impacts, such as fraudsters obtaining a competitive advantage and preventing legitimate businesses from obtaining contracts.

DOE has taken some steps and is planning others to demonstrate a commitment to combat fraud and assess its contracting fraud risks, consistent with the leading practices in GAO's Fraud Risk Framework. However, GAO found that DOE has not assessed the full range of contracting fraud risks it faces. Specifically, GAO found DOE's methods for gathering information about its fraud risks captures selected fraud risks—rather than all fraud risks—facing DOE programs. As shown in the figure, DOE's risk profiles for fiscal years 2018 and 2019 did not capture four of nine fraud schemes that occurred at DOE. For example, one entity did not include any fraud risks in its risk profiles, yet GAO identified six types of fraud schemes that occurred at the entity's site. DOE plans to expand its risk assessment process, but officials expect the new process will continue to rely on a methodology that gathers information on selected fraud risks. The Fraud Risk Framework states that entities identify specific tools, methods, and sources for gathering information about fraud risks. Without expanding its methodology to capture, assess, and document all fraud risks facing its programs, DOE risks remaining vulnerable to these types of fraud.

Fraud Risks Identified in Fiscal Years 2018 and 2019 Risk Profiles Compared with Types of Fraud Schemes That Have Occurred at DOE

Fraud Risks Identified in Fiscal Years 2018 and 2019 Risk Profiles Compared with Types of Fraud Schemes That Have Occurred at DOE

DOE is planning to develop an antifraud strategy in fiscal year 2022 and has taken some steps to evaluate and adapt to fraud risks, consistent with leading practices in GAO's Fraud Risk Framework. Part of DOE's effort to manage fraud risks includes adapting controls to address emerging fraud risks. Additionally, DOE is planning to expand its use of data analytics to detect contracting fraud, beginning in fiscal year 2022.

Why GAO Did This Study

DOE relies primarily on contractors to carry out its missions at its laboratories and other facilities, spending approximately 80 percent of its total obligations on contracts. GAO and DOE's Inspector General have reported on incidents of fraud by DOE contractors and identified multiple contracting fraud risks.

GAO was asked to examine DOE's processes to manage contracting fraud risks. This report examines, for DOE, (1) types of contracting fraud schemes and their financial and nonfinancial impacts, (2) steps taken to commit to combating contracting fraud risks and the extent to which these risks have been assessed, and (3) steps taken to design and implement an antifraud strategy and to evaluate and adapt its approach.

GAO reviewed relevant laws and guidance; reviewed agency media releases, Agency Financial Reports, and DOE Inspector General reports to Congress from 2013 through 2019; and reviewed documents and interviewed officials from 42 DOE field and site offices, contractors, and subcontractors, representing a range of sites and programs.

Recommendations

GAO is making two recommendations, including for DOE to expand its fraud risk assessment methodology to ensure all fraud risks facing DOE programs are fully assessed and documented in accordance with leading practices. DOE concurred with GAO's recommendations.

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Energy
Priority Rec.
The Office of the Chief Financial Officer should expand its methodology for developing its agency-wide fraud risk assessment to ensure that all inherent fraud risks—not limited to top fraud risks—facing DOE programs are fully assessed and documented in accordance with leading practices. (Recommendation 1)
Closed – Implemented
As of May 2024, DOE updated its Internal Controls guidance and risk profile template so that reporting organizations assess the likelihood and impact of every risk identified in their risk profiles and the extent to which controls mitigate those risks, consistent with leading practices. Further, DOE identified risk tolerances and updated its guidance and risk profile templates to direct reporting organizations to assess their residual risk scores against DOE's risk tolerances in determining an appropriate risk response. By taking these steps, DOE will be better positioned to manage the wide range of fraud risks it faces.
Department of Energy The Office of the Chief Financial Officer should update its internal control guidance to clarify the information that reporting entities should obtain to assess the fraud risks for non-M&O contractors they oversee. (Recommendation 2)
Closed – Implemented
In April 2022, DOE provided us evidence that it updated its Internal Control Evaluations guidance to clarify that reporting organizations should take into consideration the risk profiles from the M&O and integrated non-M&O contractors under their purview when assessing fraud risks and developing related risk profiles. By clarifying that reporting entities should consider fraud risks facing M&O and integrated non-M&O contractors when conducting fraud risk assessments, DOE is better positioned to understand and manage the full range of fraud risks the agency faces.

Full Report

GAO Contacts

Allison Bawden
Director
Natural Resources and Environment

Rebecca Shea
Director
Forensic Audits and Investigative Service

Media Inquiries

Sarah Kaczmarek
Managing Director
Office of Public Affairs

Public Inquiries

Topics

Agency evaluationsAntifraud programsBest practicesBilling proceduresCompetitive advantageConflict of interestsContractor paymentsContractor violationsCriminal investigationsFederal contractorsFraudFraudulent invoicesImproper paymentsInternal controlsInvoicesLossesPayrollQuestionable paymentsRisk assessmentRisk managementSubcontractors