BBG Watch
Broadcasting Board of Governors (BBG) Chairman Jeff Shell responded to some of the recent findings of the Office of Inspector General. These findings included:
“A weak tone at the top,” “vulnerabilities in the management and oversight,” “an increased risk of fraud, waste, and abuse,” “insufficient oversight of contracts and grants,” weaknesses in financial management”, “inadequate information security,” “Voice of America’s Eurasia division director did not foster conditions for open communication in the Russian Service,” “several management control weaknesses in administrative operations” at OCB, “management did not communicate effectively and … decision-making processes lacked transparency,” “many employees expressed fear of reprisal by management if they raised concerns,” “BBG does not have sufficient oversight of the three grantees.”
BBG Chair Jeff Shell said that the leadership problem at the board level happened before the current board took over. He also pointed out in his letter, which was prepared by the BBG staff, that many of the problems identified in OIG reports have been solved or are being solved.
Management Alert: Broadcasting Board of Governors Significant Management Weaknesses
Summary of Review
Through various audits, inspections, and evaluations, the Office of Inspector General (OIG) has identified significant vulnerabilities in the management and oversight of the Broadcasting Board of Governors (BBG) and its grantee organizations. Systemic, recurring problems include ineffective leadership, insufficient oversight of contracts and grants, weaknesses in financial management, and inadequate information security. Although BBG has made progress in correcting some of these vulnerabilities, significant issues remain that expose BBG to increased risk for instances of fraud, waste, and abuse.
BACKGROUND
In audits and inspections conducted over the past 3 fiscal years, the Office of Inspector General (OIG) has identified significant vulnerabilities in the management and oversight of the Broadcasting Board of Governors (BBG) and its grantee organizations. These vulnerabilities expose BBG to an increased risk of fraud, waste, and abuse and the unintended disclosure of sensitive information. Although BBG has taken steps to mitigate many of these issues through implementation of OIG recommendations, OIG remains concerned about recurring, systemic weaknesses.
Specific areas of concern include ineffective leadership, insufficient oversight of contracts and grants, weaknesses in financial management, and inadequate information security. These challenges mirror those set forth in the statement prepared by OIG for BBG’s FY 2014 Performance and Accountability Report.1 The Senate Appropriations Committee also expressed concern with OIG’s findings in the areas of financial and contract management. The Committee directed that the BBG Chairman coordinate with OIG to submit a report to the appropriate Congressional Committees detailing the status of the implementation of OIG’s recommendations, to develop an action plan with measurable goals and milestones, and to develop and implement enforcement mechanisms to assist in ensuring enhanced accountability for compliance with procurement regulations.2 In response, BBG provided OIG with a report and action plan documenting its progress in improving administration and oversight of acquisition and procurement functions. The action plan resolves one of OIG’s recommendations in its audit of BBG’s acquisition function3 and serves as a focal point for its Board’s oversight of the implementation of contracting reforms.
RESULTS
Ineffective Leadership
According to the U.S. Government Accountability Office’s (GAO) Standards for Internal Control in the Federal Government, “tone at the top” is a key attribute in an agency’s internal control environment. Specifically, the oversight body and management should lead by examples that demonstrate the organization’s values, philosophy, and operating style.4 Tone at the top can be either a driver or a barrier to internal control. Without a strong tone at the top to support an internal control system, the entity’s risk identification may be incomplete, risk responses may be inappropriate, control activities may not be appropriately designed or implemented, communication may falter, and results of monitoring may not be understood or acted upon to remediate deficiencies.
• OIG’s 2013 inspection of BBG5 drew attention to the effects of a weak tone at the top. OIG found that BBG’s part-time Board could not provide effective oversight to all broadcasting operations and that the Board’s bylaws and self-adopted governance policies were inadequate to govern appropriately the conduct of Board business. OIG also found that chronic vacancies and absences of Board members threatened the quorum required for the Board to act, limited the diversity of perspectives brought to discussion, and put at risk the bipartisan nature of the Board. To address these issues, OIG recommended that BBG create a Chief Executive Officer (CEO) position. BBG concurred with this recommendation and worked with the Administration to seek legislation to establish a new CEO position with appropriate authority. While this legislation is still pending in Congress, BBG worked with the Office of Personnel Management and the Administration to appoint a CEO under existing legislative authority. A new CEO was sworn in on January 20, 2015, but unfortunately, he has already left BBG. BBG is actively seeking his replacement, but in the interim, has appointed an interim CEO who is fully empowered to act as chief executive. In addition, OIG notes that all of its recommendations resulting from this 2013 inspection have been closed.
• Various inspections of the operations of individual BBG broadcasting offices also revealed leadership problems. For example, in its inspection of the Office of Cuba Broadcasting (OCB),6 OIG found that employee morale was a concern. Staff expressed that management did not communicate effectively and that decision-making processes lacked transparency. Many employees expressed fear of reprisal by management if they raised concerns. In its Inspection of U.S. International Broadcasting to Russia,7 OIG found that the Voice of America’s Eurasia division director did not foster conditions for open communication in the Russian Service and recommended that BBG implement a 360 leadership assessment tool for the division director, which has been completed.
Insufficient Oversight of Grants and Contracts
OIG has reported in a number of audits and inspections that BBG does not have sufficient oversight of the three grantees it funds through annual agreements: Radio Free Europe/Radio Liberty (RFE/RL), Radio Free Asia (RFA), and Middle East Broadcasting Networks (MBN). The three grantees annually receive approximately $245 million, one-third of BBG’s total funding.8 Grants present special oversight challenges because, unlike contracts, grants do not generally require the recipient to deliver any specific goods or services to the Government. Examples of insufficient oversight include the following:
• An audit of RFE/RL after employment benefits9 found that BBG did not sufficiently monitor the grantee, did not adequately define grantee oversight roles and responsibilities, and did not maintain adequate internal communications pertaining to grantee oversight.
• During the audit of BBG’s FY 2013 financial statements, an independent auditor identified a material weakness related to grants management. The auditor reported that BBG did not have procedures in place for post-award grantee monitoring to ensure that Federal awards were used only for allowable costs and did not have sufficient oversight policies and procedures to ensure that grantees have mandated procurement procedures.10 Further, BBG did not correctly record significant cash balances provided to grantees in its annual financial statements.11 In its audit of BBG’s FY 2014 financial statements,12 the independent auditor noted that while BBG was assessing potential corrective actions that would bring its grantee monitoring into compliance with Federal regulations, these actions had not been executed. For example, BBG had not improved its grantee handbook to define roles and responsibilities for responsible officials. BBG had also not developed tools, templates, or best practices to ensure procedures were being appropriately executed. Further, BBG had not developed a process to ensure oversight activities were communicated between different officials involved in the oversight process. BBG officials stated that limited resources and competing priorities impacted their ability to implement planned corrective actions. BBG officials stated that they anticipated that BBG would be able to implement grantee monitoring procedures during FY 2015 and that they were recruiting a grants manager to focus on this function.
With regard to contracting, the estimated total dollar amount of BBG acquisitions during FYs 2011– 2013 was just over $400 million.13 OIG has reported a similar lack of oversight in this area, and has also cited numerous instances of noncompliance with Federal contracting regulations:
• Based on an audit of 34 contracts, totaling almost $7.8 million, OIG identified noncompliance with Federal contracting regulations, a lack of contract oversight, and potential violations of the Anti-Deficiency Act (ADA).14 BBG had routinely entered into Personal Services Contracts that exceeded its statutory authority. The OIG identified a reportable violation of the ADA, which prohibits “employ[ing] personal services exceeding that authorized by law.” BBG also obligated funds before the funds were available by allowing contractors to work without contracts in place via a “pre-approval” process. OIG identified two reportable violations of the ADA relating to BBG’s “pre-approval process.” Further, BBG did not adequately promote full and open competition when soliciting for offers or awarding contracts, did not adequately determine that contract prices were fair and reasonable, and did not perform contractor responsibility determinations. As a result, BBG did not have reasonable assurance that its requirements were performed in the most effective and economical manner. In addition, OIG identified $419,020 in funds that could have been put to better use in relation to contracts that were never executed, possibly because of lack of planning, and $3.5 million in questioned costs because of unsupported contract pricing. OIG has determined that BBG’s actions have resolved all 38 recommendations from this audit and has since closed 14 of the recommendations.15
• OIG also reported several weaknesses in contract administration, procedures, and oversight in its inspection of OCB.16 For example, the inspection team found instances of noncompliance with the Federal Acquisition Regulation (FAR) during the presolicitation, preaward, and contract administration phases. During the presolicitation and precontract award phases, the inspectors did not find documentation to support the performance of acquisition planning and market research, as required by FAR 7.102 and FAR 10.001(a), respectively. During the contract administration phase, the contracting officers did not always document involvement in contract administration, as stated in FAR1.602-2. For all three of the above acquisition phases, the contract files did not always have adequate documentation in accordance with FAR 4.801(b) and FAR 4.802(a)(1) and (2). The inspection also found that BBG’s Office of Contracts was not appointing, in writing, the contracting officer’s representatives for OCB contracts, as required by the FAR.
Weaknesses in Financial Management
During a financial statement audit, a deficiency in internal controls exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct, misstatements on a timely basis. A material weakness is a deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected, on a timely basis.17
• Although BBG received an unqualified opinion on its FY 2013 financial statements,18 an independent auditor identified material weaknesses in internal controls as well as reportable instances of noncompliance with certain laws and regulations that could have a material impact on the financial statements. In addition to the previously discussed grants management issues, the auditor reported several deficiencies with BBG’s property, plant, and equipment processes. The audit also found that BBG lacked sufficient, reliable controls over its accounting and business processes to ensure that budgetary transactions were properly recorded, monitored, and reported. In addition to these material weaknesses, the auditor also reported noncompliance with a number of laws and regulations, including the FAR, ADA, and the Federal Managers’ Financial Integrity Act. During the audit of BBG’s FY 2014 financial statements, the independent auditor concluded that BBG had not addressed the material weaknesses and instances of noncompliance identified during the previous audit.
• In the inspection of OCB, OIG identified several management control weaknesses in administrative operations, including lack of financial management review for unliquidated obligations. As of September 3, 2013, prior to the on-site inspection, OCB had approximately $2.2 million in unliquidated obligations for FY 2013. Given the large amount of unliquidated obligations in FY 2013, the inspection team determined that OCB has not been following its process to periodically review obligations and certify whether they were still valid or whether funds or available balances could be deobligated. Since the inspection, OCB has reduced to zero unliquidated obligations from 2009 to 2012.
Inadequate Information Security
During the FY 2014 audit of BBG’s compliance with the Federal Information Security Management Act (FISMA) of 2002,19 OIG identified control weaknesses that represented a significant deficiency to [Redacted] (b) (5) . The Office of Management and Budget (OMB) defines a significant deficiency as follows:
…a weakness in an agency’s overall information systems security program or management control structure, or within one or more information systems that significantly restricts the capability of the agency to carry out its mission or compromises the security of its information, information systems, personnel, or other resources, operations, or assets.20
With regard to BBG, OIG identified weaknesses in 9 of 11 information security program areas that considerably impacted BBG’s information security program. The most significant weaknesses were related to the risk management framework, continuous monitoring program, configuration management, and the incident response and reporting program. In addition, information security program areas that needed improvement included Plans of Action and Milestones, remote access, identity and access management, and security training. Since FY 2010, the weak (and in some cases lack of) security controls adversely affected the confidentiality, integrity, and availability of information and information systems. As an example, the weak security controls resulted in the hacking of BBG websites in 2011. According to BBG, it recognizes that it is a target for international intrusion into its information systems and is working to strengthen its information security.
1 BBG, FY 2014 Performance and Accountability Report,
2 S. Rep. No. 113-195, at 8 (2014).
3 Audit of the Broadcasting Board of Governors Administration and Oversight of Acquisition Functions (AUD-CG-IB- 14-26, June 2014).
4 GAO, Standards for Internal Control in the Federal Government (Sept. 2014).
5 Inspection of the Broadcasting Board of Governors (ISP-IB-13-07, Jan. 2013).
6 Inspection of the Office of Cuba Broadcasting (ISP-IB-14-15, July 2014).
7 Inspection of U.S. International Broadcasting to Russia (ISP-IB-13-50, Sept. 2013).
8 Independent Auditor’s Report on the Broadcasting Board of Governors 2014 and 2013 Financial Statements (AUD- FM-IB-15-10, Nov. 2014).
9 Audit of Radio Free Europe/Radio Liberty After-employment Benefits (AUD-FM-IB-14-34, Sept. 2014).
10 Independent Auditor’s Report on the Broadcasting Board of Governors 2013 and 2012 Financial Statements (AUD-
FM-IB-14-14, Dec. 2013). 11 Ibid.
12 Independent Auditor’s Report on the Broadcasting Board of Governors 2014 and 2013 Financial Statements (AUD- FM-IB-15-10, Nov. 2014).
13 Audit of the Broadcasting Board of Governors Administration and Oversight of Acquisition Functions (AUD-CG-IB- 14-26, June 2014).
14 Ibid.
15 The criteria for “resolved” and “closed” recommendations included in OIG audits and inspections of both U.S. Department of State and BBG operations are described in 1 Foreign Affairs Manual 056.1.
16 Inspection of the Office of Cuba Broadcasting (ISP-IB-14-15, July 2014).
17 Statement on Auditing Standards 115, American Institute of Certified Public Accountants,
18 Independent Auditor’s Report on the Broadcasting Board of Governors 2013 and 2012 Financial Statements (AUD- FM-IB-14-14, Dec. 2013).
19 Audit of the Broadcasting Board of Governors Information Security Program (AUD-IT-IB-15-13, Oct. 2014).
20 OMB Memorandum M-14-04, FY 2013 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management, Nov. 2013.