Agencies Lack Access to the Data, Tools and Resources Needed to Implement FRDAA Requirements

Published: December 04, 2018

GAOWaste, Fraud, and Abuse

Since its passage in June 2018, agencies have made some progress in implementing the requirements under the Federal Reduction and Data Analytics Act of 2015, but still face many challenges to be in full accordance with the law.

In July 2015, the GAO issued a report providing a Fraud Risk Framework that served as leading practices in developing efforts to prevent fraudulent activities under federal programs. Fraud risk differs from fraud in that it can exist even without actual fraud taking place. Fraud risk are instances/patterns that can be identified, remedied and prevented through the collection and analyzation of fraud data.

In response to the July 2015 GAO Report, the Federal Reduction and Data Analytics Act (FRDAA) of 2015 was passed in June 2016 to direct agencies to implement financial and administrative control activities to mitigate and reduce the threat of fraud in the federal government. FRDAA required agencies to implement controls designed around:

  1. Using a risk-based approach
  2. Collecting and analyzing data from reporting tools to monitor and detect fraudulent patterns
  3. Directly using the results from the data analysis to improve fraud detection, mitigation and response

Additionally, the FRDAA of 2015 required agencies to report their fraud risk management practices in accordance to the law and other policies within annual agency financial reports. Lastly, the legislation ordered OMB to form working groups to develop and share best practices surrounding fraud risk programs as well as develop a federal interagency data analytics library to assist agencies in their programs.

A GAO report released on December 4th provides an outlook of how agencies have progressed in following the FRDAA. Surveying the 72 government agencies that fall under the purview of the FRDAA, the GAO found that 85% of agencies have at least started planning how they will meet FRDAA requirements while 78% stated they have started their implementation of the requirements. Nonetheless, only a smaller portion of those agencies have matured in their planning and implementation of the law:

Likewise, the GAO asked agencies to provide a status of their fraud risk management activities. The watchdog found that while a majority of agencies adhered to many of FRDAA’s requirements regarding monitoring, evaluating and auditing fraud risk activities, fewer agencies indicated they collect and analyze the data needed specifically for fraud-related prevention:

In addition to frustration at a lack of clear guidance from OMB working groups, agencies primarily found great or moderate challenges to implementing FRDAA requirements due to: unavailable resources, limited tools and techniques for data analytics, lack of available expertise and access to data information:

Many of these are areas where contractors may be able to fill in the gap. Specifically, the availability of resources such as staffing and funding hindered agency efforts to undergo fraud risk management activities. While some agencies complained of the burden of assigning multiple, ongoing tasks to staff, others suggested that authority to use program-integrity funding may help in fraud risk management initiatives. Moreover, many agencies struggle to obtain the software and related data analytic tools to conduct fraud risk practices as well as the technical expertise to understand the tools to aide in the design and implementation of antifraud activities. Lastly, security and ownership controls continue to prevent agencies the access to data needed to implement FRDAA requirements.

More information on the FRDAA and other legislation as well as policy directives driving the federal waste, fraud and abuse market are forthcoming in Deltek’s report, Technology Strategies for Federal Waste, Fraud and Abuse 2018, due for release at the end of this month.