HTML Report April 1, 2014 to September 30, 2014

Office of Inspector General

OIG Seal

Semiannual Report to Congress

April 1, 2014 - September 30, 2014

OIG VISION

Agents Igniting Change and Fostering Accountability, Effectiveness, and Efficiency in Government .

OIG MISSION

To detect and prevent waste, fraud, and abuse; and to promote economy, efficiency, and effectiveness in Agency programs and operations.

Milton A. Mayo Jr.
Inspector General

 

CONTENTS

A Message from the Inspector General

Executive Summary

Introduction

The Audit and Evaluation Program

Completed Projects
New and Ongoing Audit and Evaluation Projects
Audit Follow-Up

The Investigation Program

Investigative Inquiries
Completed Investigative Activities
Ongoing Investigative Activities

Appendixes

Appendix I. Final Office of Inspector General Audit and Evaluation Reports
Appendix II. Index of Reporting Requirements
Appendix III. Single Audit Act Reports

A MESSAGE FROM THE INSPECTOR GENERAL

In accordance with the Inspector General Act of 1978, as amended, I herewith submit the Office of Inspector General (OIG) Semiannual Report to Congress for the period April 1, 2014, through September 30, 2014. The Semiannual Report summarizes the major activities of the OIG's office for the reporting period. Additionally, Section 5 of the Inspector General Act requires the Chair to transmit this report to the appropriate committees or subcommittees of Congress within 30 days of its receipt. Submission of this report satisfies all of the stated requirements.

We thank the Honorable Jacqueline A. Berrien for her dedicated service to the EEOC during her tenure as Chair.  The entire OIG staff extends its best wishes to former Chair Berrien.

We take this opportunity to express our congratulations to our newly appointed Chair, the Honorable Jenny R. Yang.  We look forward to working with Chair Yang, Agency senior leadership, the Commissioners, and the EEOC community at-large as we all work to enhance EEOC's ability carry out its mission to stop and remedy unlawful employment discrimination.

Respectfully,

Signature Milton Mayo

Milton A. Mayo Jr.
Inspector General
October 31, 2014

EXECUTIVE SUMMARY

This Semiannual Report is issued by the U.S. Equal Employment Opportunity Commission's (EEOC's) Office of Inspector General (OIG) pursuant to the Inspector General Act of 1978, as amended. It summarizes the OIG's activities and accomplishments for the period April 1, 2014, through September 30, 2014.

During the reporting period, the OIG issued five final audit/evaluation reports, completed three investigations, and received 638 hotline inquiries. A total of 243 were charge processing issues, 317 were Title VII complaints, and 26 were investigative allegations. The remaining 52 hotline inquiries were general inquiries. 

Significant accomplishments include the following:

  • OIG reported that the Agency complied with the Improper Payments Information Act (IPIA), as amended by the Improper Payments Elimination and Recovery Act of 2010 (IPERA).  The Agency conducted an agency wide risk assessment of vendor and travel payments made in FY 2013.
  • OIG reported that there were no Agency efforts to prevent or hinder OIG activities.  Additionally, there were no closed investigations, audits or evaluations that had not been disclosed to the public.
  • OIG reported on the results of its review of the Agency's Personnel Security Program. OIG's contractor Williams, Adley & Company-DC, LLP determined that although EEOC has designed an overall compliant personnel security program, there were areas in which improvements are needed in the implementation of the program to achieve optimum effectiveness and efficiency.
  • OIG issued a Results in Brief update for its Cooperative Audit Resolution and Oversight Initiative (CAROI) Pilot Program.  The update stated that the OIG's goal for this pilot program is to use CAROI as a method to improve resolution of recommendations contained in reports that require audit follow-up.  Since the OIG began implementing CAROI in 2012, it has achieved significant results, including improved communication with a key program office.
  • OIG contracted with Brown and Company CPAs, PLLC to perform an independent evaluation of EEOC's information security program compliance with the Federal Information Security Management Act of 2002 (FISMA) for FY-2014. 
  • OIG contracted with the Urban Institute to conduct an evaluation of the Agency's Outreach and Education Program.  The objective of this evaluation is to assess the program's efficiency and effectiveness. The resultswill be included in the Performance and Accountability Report.
  • OIG contracted with the public accounting firm of Harper, Rains, Knight & Company (HRK), P.A., to conduct the Agency's 2014 financial statement audit, which is required by the Accountability of Tax Dollars Act of 2002. Fieldwork is ongoing, and the results will be included in the Performance and Accountability Report.
  • OIG is conducting an independent assessment to determine if the Agency's management control evaluation process was conducted in accordance with Office of Management and Budget (OMB) standards. The results will be included in the Performance and Accountability Report.
  • OIG reported that there were a total of 57 open and unimplemented recommendations as of September 30, 2014.  Further, the OIG identified the most urgent recommendations to be: (1) the EEOC update its control over the maintenance of its official personnel files, (2) the EEOC identify and update all policies and procedures impacted by the implementation of the Financial Cloud Solution (FCS), and (3) that the EEOC perform further analysis on its government charge card operations to identify all controls that should be implemented per Office of Management and Budget (OMB) directives.
  • OIG completed investigations regarding ethical misconduct and purchase card fraud. The OIG has ongoing investigations in several field offices involving ethics violations, conflicts of interest, fraud, mismanagement, falsification of government records, impersonation of a Federal official, misuse of travel and purchase cards, theft of government property, misuse of computers, and threats against the Agency.

INTRODUCTION

The Equal Employment Opportunity Commission

The Equal Employment Opportunity Commission (EEOC) is the Federal agency responsible for enforcement of Title VII of the Civil Rights Act of 1964, as amended; the Equal Pay Act of 1963; the Age Discrimination in Employment Act of 1967; Section 501 of the Rehabilitation Act of 1973 (in the Federal sector only); Title I of the Americans with Disabilities Act of 1990 and Americans with Disabilities Act Amendments Act of 2008; the Civil Rights Act of 1991; the Lilly Ledbetter Fair Pay Act of 2009; and the Genetic Information Nondiscrimination Act of 2008 (P.L. 110-233 Stat 881), also referred to as GINA. These statutes prohibit employment discrimination based on race, sex, color, religion, national origin, age, disability, or genetic information.

The EEOC is also responsible for carrying out Executive Order 12067, which promotes coordination and minimizes conflict and duplication among Federal agencies that administer statutes or regulations involving employment discrimination.

The EEOC is a bipartisan commission composed of five presidentially appointed members, including a Chair, a Vice Chair, and three Commissioners. The Chair is responsible for the administration and implementation of policy and for the financial management and organizational development of the Commission. The Vice Chair and the Commissioners equally participate in the development and approval of the policies of the EEOC, issue charges of discrimination where appropriate, and authorize the filing of lawsuits. Additionally, the President appoints a General Counsel, who is responsible for conducting litigation under the laws enforced by the Commission.

During the reporting period, Chair Jacqueline A. Berrien's term expired and she declined reappointment to a second term as the head of the Agency. In September 2014 President Barack Obama appointed the Commission's Vice Chair to succeed former Chair Berrien.

The Office of Inspector General

The U.S. Congress established the Office of Inspector General (OIG) at the EEOC through the 1988 amendments to the Inspector General Act of 1978, which expanded the authority of designated Federal entities to create independent and objective OIGs. Under the direction of the Inspector General (IG), the OIG meets this statutory responsibility by conducting and supervising audits, evaluations, and investigations relating to the programs and operations of the Agency; providing leadership and coordination; and recommending policies for activities designed to promote economy, efficiency, and effectiveness in the administration of programs and operations.

In October 2008, Congress passed the Inspector General Reform Act of 2008, which generally buttressed the independence of IGs, increased their resources, and held them more accountable. The OIG is under the supervision of the Inspector General (IG), an independent EEOC official subject to general supervision by the Chair. The IG must not be prevented or prohibited by the Chair or any other EEOC official from initiating, carrying out, or completing any audit, investigation, evaluation, or other inquiry or from issuing any report.

The IG provides overall direction, coordination, and leadership to the OIG; is the principal advisor to the Chair in connection with all audit and investigative matters relating to the prevention, identification, and elimination of waste in any EEOC program or operation; and recommends the proper boundaries of audit and investigation jurisdiction between the OIG and other EEOC organizations. The IG also develops a separate and independent annual budget for the OIG; responds directly to inquiries from the public, Congress, or the news media; and prepares press releases, statements, and other information about the OIG's activities.

The Deputy Inspector General (DIG) serves as the alter ego of the IG and participates fully in policy development and in management of the diverse audit, investigation, evaluation, and support operations of the OIG.

The Counsel to the Inspector General (CIG) is the sole legal advisor in the OIG. The CIG provides day-to-day guidance to the OIG's investigation team and is the primary liaison with Agency legal components and the Department of Justice.

In addition to these positions, the OIG staff includes a chief technology officer, an evaluator, two auditors, two criminal investigators, an administrative specialist, and a confidential support assistant.

OIG was granted authority to hire and is currently recruiting to fill the positions of the DIG and a staff auditor. These positions were not filled during the fiscal year. We will continue to pursue efforts to fill these vacancies in FY 2015.

During this reporting period, the OIG continued to develop its information technology infrastructure to improve its business processes, practices, planning, collaboration, and products.

Work currently under way includes the following:

  • The OIG's newly designed website (OIG.EEOC.GOV) has been completed and is scheduled to launch during the next reporting period. It will be used as a mechanism to provide: (1) greater transparency in the operations of the OIG by enhancing access to audit and evaluation reports and other public documents; (2) an improved electronic portal for the public to use in reporting fraud, waste, and abuse; and (3) a medium to implement the use of social media to enhance our ability to reach and inform our stakeholders about the OIG's vision, mission, and operations.
  • The OIG is implementing a network infrastructure to support its information technology requirements using a Federal Risk and Authorization Management Program (FedRAMP)-approved cloud provider. Full implementation should be completed by the third quarter of fiscal year 2015.

OIG Seal

THE AUDIT AND EVALUATION PROGRAM

The Audit and Evaluation Program supports the OIG's strategic goal of improving the economy, efficiency, and effectiveness of EEOC programs, operations, and activities.

 

 

 

COMPLETED PROJECTS

Compliance with the Improper Payments Elimination and Recovery Act (IPERA)

On April 15, 2014, the OIG reported that the Agency complied with the Improper Payments Information Act (IPIA), as amended by IPERA.  The Agency conducted an agency wide risk assessment of vendor and travel payments made in FY 2013.  Additionally, the Agency relied on internal controls currently in place relating to payments and indicated it would utilize the U.S. Treasury's FedDebt system to recapture any potential improper payments.

Report to Congress on Open and Unimplemented Inspector General Recommendations

On July 21, 2014, the OIG reported to Congress that there were a total of 57 open and unimplemented recommendations as of March 31, 2014.  Further, we identified the most urgent recommendations to be: (1) the EEOC update its control over the maintenance of its official personnel files, (2) the EEOC identify and update all policies and procedures impacted by the implementation of the FCS, and (3) that EEOC perform further analysis on its government charge card operations to identify all controls that should be implemented per OMB directives.

Performance Audit of the Agency's Personnel Security Program

On September 15, 2014, the OIG's contractor, Williams, Adley & Company-DC, LLP issued its final report regarding the Performance Audit of the Agency's Personnel Security Program.  Williams, Adley & Company-DC, LLP determined that, although EEOC has designed an overall compliant personnel security program, there are areas in which improvements are needed in the implementation of the program in order to achieve optimum effectiveness and efficiency. These areas are:

  1. Classified Information Management,
  2. Suitability Determinations, and
  3. Physical Security and Credentialing

Williams, Adley & Company-DC, LLP made seventeen recommendations calling for management to develop or update policies and procedures, to implement those policies and procedures, to adhere to the requirements already in place, to address staffing concerns within the Office of the Chief Human Capital Officer (OCHCO), and to complete risk designations, reinvestigations, and OPM reporting in accordance with established requirements.

According to the report, without these improvements, EEOC runs the risk of insufficient oversight, inadequate practices, and unauthorized disclosure of classified information. Also, not implementing these improvements to the personnel security program may result in individuals holding positions for which they are not suitable, and limiting EEOC's ability to protect national security, and privacy-related information. The conditions noted were caused by a lack of EEOC policies and procedures for classified information and ineffective implementation of established requirements.

Cooperative Audit Resolution and Oversight Initiative (CAROI)

The OIG issued a Results in Brief report for its CAROI Pilot Program.  The Results in Brief update stated that the OIG's goal for this pilot program is to use CAROI to improve resolution of recommendations contained in reports that require audit follow-up. Since the OIG began using CAROI in 2012, it has achieved significant results, including improved communication with a key program office, and identified a significant audit follow-up process glitch.  In addition, recommendations are resolved in less time than would have been the case without the use of CAROI.

The update also found that:

  1. CAROI is a valuable tool for identifying anomalies and systemic flaws in an organization's audit follow-up and resolution process. The use of CAROI can remedy such issues, resulting in improved audit resolution program efficiency and effectiveness, and improvement in overall program operations.
  2. The use of CAROI can reduce the potential for the auditee's unwise investment of valuable resources that would be used in developing and implementing Corrective Action Plans (CAPs) that are complex and perhaps misguided, or implementing CAPs designed to correct problems that do not exist or have been resolved.
  3. The CAROI paradigm is a preemptive and preventative audit resolution methodology. It is well suited to avert recurring instances of internal control failures, thereby improving the system of internal control and fostering greater trust and improved collaboration among and between the audit organization, the auditee, and the audit resolution function.

NEW AND ONGOING AUDIT AND EVALUATION PROJECTS

FY-2014 Federal Information Security Management Act Independent Evaluation

During the reporting period OIG contracted with Brown and Company CPAs, PLLC to perform an independent evaluation of EEOC's information security program compliance with the Federal Information Security Management Act of 2002 (FISMA) for FY-2014.  Fieldwork is under way and is scheduled to be completed in order to meet the Office of Management and Budget's Cyberscope reporting deadline.

Evaluation of Outreach and Education

During the reporting period OIG contracted with Urban Institute to conduct an evaluation that assesses the management, efficiency and effectiveness of the Agency's Outreach and Education Program. It will generally assess outreach and education efforts, focusing on areas where gains in efficiency and effectiveness may be obtained.  Draft and final products are planned for the third quarter of FY 2015.

Open Government and Transparency Progress Review

On December 8, 2009, the OMB issued Memorandum M10-06, known as the "Open Government Directive" (OGD). The Memorandum requires executive agencies to take specific actions to implement the principles of transparency, participation, and collaboration that form the cornerstone of open government as set forth by the President. On July 15, 2011, the OIG issued a management advisory on EEOC's Open Government activities.  OIG's management advisory focuses on EEOC's Open Government Initiative and related activities from July 16, 2011, to the present.  In July 2014, the EEOC issued a major update to its Open Government Plan. OIG plans to issue an updated progress report in the second quarter of FY 2015.

FY 2014 Audit of the Consolidated EEOC Financial Statements

The public accounting firm of Harper, Rains, Knight & Company (HRK), P.A., is performing the 2014 financial statement audit of the EEOC, which is required by the Accountability of Tax Dollars Act of 2002. To ensure that the OIG meets its mandated reporting deadline requirements, fieldwork is ongoing, and the audit opinion will be included in the Agency's 2014 Performance and Accountability Report. The auditor will issue a management letter report identifying any internal control weaknesses shortly thereafter.

Agency Compliance with the Federal Managers' Financial Integrity Act (FMFIA)

EEOC Order 195.001, Internal Control Systems, requires the OIG to annually provide the Chair with a written advisory addressing whether EEOC's management control evaluation process complied with OMB guidelines. The OIG's independent assessment is to determine if the Agency's management control evaluation process was conducted in accordance with the Office of Management and Budget (OMB) standards. Fieldwork is underway to ensure that OIG meets its mandated reporting deadline requirement. Evaluation results will be included in the Performance and Accountability Report.

Significant Management Challenge

In FY 2014, the EEOC learned that Global Computer Enterprises (GCE), its financial services provider, would likely file for bankruptcy and cease providing the EEOC with essential financial services (e.g., recording obligations, making payments, etc.). As a result, the Agency was forced to find another vendor to provide the services and to begin the task of migrating its data, preparing new business processes, and training its staff for the new system. The Agency chose the Department of Interior/Interior Business Center (DOI/IBC) and paid an installment of over $600,000 to begin providing these services in FY 2015. In addition to paying DOI/IBC the $600,000, EEOC paid $1.7 million to the General Services Administration (GSA) (1) to provide access, for one year (September 18, 2014 - September 17, 2015), to essential financial system data that GCE previously maintained for EEOC.

The unanticipated FY 2015 financial system migration presents a technical challenge and a potential financial challenge. The EEOC FY 2015 budget request is $365.5 million, a minor $1.5 million dollar increase over its FY 2014 budget. Thus, any additional significant unanticipated costs associated with the migration to DOI/IBC may substantively adversely impact the EEOC's resources. Therefore, the EEOC needs to implement thorough planning, including contingency planning, to account for unanticipated cost increases driven by the migration, and related matters.

The OIG will continue to monitor the process through its completion.

AUDIT FOLLOW-UP

Audit follow-up is an integral part of good management and is a shared responsibility of Agency management officials and auditors. Corrective action taken by management to resolve findings and recommendations is essential to improving the effectiveness and efficiency of Agency operations.

As part of the Audit Follow-up process, Section 5(a)(1) of the Inspector General Act of 1978, as amended, requires that semiannual reports include a summary description of significant problems, abuses, and deficiencies relating to the Agency's administration of programs and operations disclosed by the OIG during the reporting period. As summarized in the following tables, five new reports were issued during this reporting period (April 1, 2014-September 30, 2014); one of those reports contained recommendations (OIG Report: 2013-08-PSA - Performance Audit of the Agency's Personnel Security Program, issued 9/15/2014).  

Reports Issued During This Reporting Period

Fiscal Year Report Number Report Title Date Issued

2014
N/A
Compliance with the Improper Payments Elimination and Recovery Act
4/15/14
2014
N/A
Report on Open and Unimplemented OIG Recommendations to Congress
7/21/14
2014
N/A
Report to Congress Concerning Information on Attempts by Agency to Prevent, Delay, otherwise Impede Activities of the Inspector General
6/19/14
2014
2013-08-PSA
Performance Audit of the Agency Personnel Security Program
9/15/14
2014
2013-03-CAROI

9/23/14

As required by Section 5(a)(3) of the Inspector General Act of 1978, as amended, semiannual reports shall provide an identification of each significant recommendation described in previous semiannual reports on which corrective action has not been completed. OIG staff met with Agency follow-up officials in September 2014. The OIG is reporting a total of 16 views with a total of 49 open recommendations for this reporting period. The following table shows those recommendations for which corrective actions have not been completed.

 Recommendations for Which Corrective Actions Have Not Been Completed

Fiscal year

Report number

Report title

Date issued

2014

2013-FIN-01

FY 2013 Financial Statement Audit

12/16/13

Open Recommendations:

  • EEOC should update and revise the manner in which it controls the maintenance of its official personnel files. Additionally, management should perform a thorough review of its employees' personnel files to ensure that documentation is current and complete.

 

Fiscal year

Report number

Report title

Date issued

2014

2013-02-FIN

FY 2013 Financial Statement Management Letter Report

1/31/14

Open Recommendations:

  • EEOC should update and revise the manner in which it controls the maintenance of its official personnel files.  Additionally, management should perform a thorough review of its employees' personnel files to ensure that documentation is current and complete.
  • EEOC should work towards prompt resolution of these differences as this is an essential component of financial data integrity, and its absence compromises the integrity of the financial reporting.
  • EEOC should update the FCS software to calculate depreciation of EEOC assets on a monthly basis.
  • EEOC management should consistently review and approve all documents as prescribed by its policies and procedures. Policies and procedures should be reviewed and updated to ensure they reflect the most current protocol.
  • EEOC should discontinue its use of a "zero" object class when recording its transactions.
  • EEOC should ensure that its property records contain accurate and complete property information.  A review of property records and property inventory should be conducted at least annually, but preferably semi-annually.
  • EEOC should establish and implement controls to prevent waste, fraud, and misuse in the credit card program.  On an annual basis, EEOC should review and update the Charge Card Program Guide for substantial changes.  Additionally, EEOC should monitor the controls to ensure that they are working effectively.

 

Fiscal year

Report number

Report title

Date issued

2014

2013-05-FISMA

FY 2013 Federal Information Security Management Act Report

12/10/13

Open Recommendations:

  • The OIG recommends that the EEOC Office of Information Technology (OIT) define the configuration items (hardware/software inventory) for the information system within the Configuration Management Plan.  The OIG recommends that OIT should document the hardware/software inventory in the Configuration Management Plan or provide a direct reference to where the current hardware/software inventory lists are located.
  • The OIG recommends that the EEOC Office of the Chief Financial Officer, Central Services Division update EEOC Order 370-002 Security Plan to reflect consideration of updated authorities.
  • The OIG recommends the EEOC OIT implement multifactor authentication for remote access. The OIG further recommends the EEOC should use multifactor authentication where one of the factors is provided by a device separate from the computer gaining access.
  • The OIG recommends that the OIT ensure all configuration change request forms are signed to document review and approval.
  • The OIG recommends that the EEOC OIT include an option box or a check box in the Change Request forms for emergency changes to ensure the Change Configuration Board (CCB) approvers have enough information pertaining to the type of change request.
  • The OIG recommends that the EEOC Office of Chief Human Capital Officer work with EEOC Headquarters' Administrative Officers and District Directors regarding:  (1) Implementing procedures to ensure compliance with EEOC Order 501.006 Clearance Procedures; and (2) Implementing procedures to ensure that all separated/terminated EEOC employees complete the EEOC Exit Questionnaire and EEOC Form 470, Contractor and Employee Clearance Record

 

Fiscal year

Report number

Report title

Date issued

2013

2012-09-REV

Review of Evaluations

04/09/2013

Open Recommendations:

  • EEOC should further standardize intake procedures across field offices.
  • EEOC should document criteria for determining Category C charges.
  • EEOC should continue efforts to develop a national approach for addressing and eliminating systemic discrimination.
  • EEOC should continue to review the range of information obtained during intake interviews and review the manner in which the intake information is stored in the Integrated Mission System (IMS).
  • EEOC should investigate the merits of expanding the information it obtains related to employee hiring and terminations.

 

Fiscal year

Report number

Report title

Date issued

2013

2012-01-FIN

FY 2012 Financial Statement Audit Report

11/16/2012

Open Recommendations:

  • EEOC should update and revise the manner in which it controls maintenance of personnel files and perform a thorough review of employees' personnel files to insure that documentation is current and complete.
  • EEOC should document and monitor implementation of all complementary user control considerations.
  • EEOC should implement stringent reconciliation and resolution procedures for the reconciliation of management reports and sub-ledgers to FCS general ledger data.

 

Fiscal year

Report number

Report title

Date issued

2013

2012-03-FISMA

FY 2012 Federal Information Security Management Act Report

11/14/2012

Open Recommendations:

  • EEOC should implement multifactor authentication for network access to non-privileged and privileged accounts.
  • EEOC management should ensure that all network users have read and signed acknowledgment of receipt of the Information Security Responsibilities of EEOC System Users and that forms are managed in a centralized location.
  • EEOC management should revise the Agency's policy to correctly reflect the entire severity rating list published by the United States Computer Emergency Readiness Team (US-CERT).

 

Fiscal year

Report number

Report title

Date issued

2013

2012-02-FIN

FY 2012 Financial Statement Management Letter Report

12/19/2012

Open Recommendations:

  • EEOC should document and monitor implementation of all complementary user control considerations.
  • EEOC should implement stringent reconciliation and resolution procedures for reconciliation of management reports and sub-ledgers to FCS general ledger data.
  • EEOC should calculate and record depreciation in FCS on a monthly basis.

 

Fiscal year

Report number

Report title

Date issued

2013

2012-10-PMEV

Evaluation of EEOC's Performance Measures

03/21/2013

Open Recommendations:

  • EEOC should expand the new Strategic Enforcement Plan (SEP) requirement for quarterly reviews. EEOC management would likely benefit considerably from the implementation of quarterly data-driven reviews such as those required by large Federal agencies.
  • EEOC should provide its Commissioners and managers with easy access to relevant disaggregation of outcome values. Outcome data would be broken out by such characteristics as priority level, industry, and key characteristics of charging parties.

 

Fiscal year

Report number

Report title

Date issued

2013

2012-08-PURCH

Performance Audit of EEOC Charge Card Program

03/28/2013

Open Recommendations:

  • EEOC should perform further analysis on the government charge card operations to identify the controls to be implemented in compliance with OMB directives. Specifically, the EEOC must review and update the identification of procedures performed using the new accounting system (FCS) as well as the current duties of personnel interacting with the system. The EEOC should meet with all process lead personnel to determine what controls are or should be in place to ensure that fraud, waste, abuse, and misuse are not present in the charge card program. The EEOC should identify all requirements in OMB Circular A-123, Appendix B, and determine the procedures necessary to comply with the requirements and ensure that policies and procedures are reviewed on an annual basis, or more frequently, if substantial changes have occurred in EEOC's systems or laws and regulations have been issued This will help to ensure that policies and procedures are appropriate for the current environment.
  • EEOC should develop a system to (1) identify and track all charge card activity, including open accounts, closed accounts, cardholder approver levels, and cardholder training; (2) perform an evaluation of service providers' controls over the charge card program to ensure that controls are appropriate and operating effectively; and (3) monitor all controls, whether performed at EEOC or at a service provider, at least annually, to ensure that controls remain adequate and continue to operate effectively.
  • EEOC should develop policies and procedures to identify and track all cardholder-required training. Documentation should be maintained following National Archives and Records Administration (NARA) requirements for cardholders who have successfully completed training requirements.
  • EEOC should develop controls over the retention of application documents for charge card accounts.
  • EEOC should monitor controls over transaction approval, whether performed at EEOC or at a service provider.
  • EEOC should implement policies and procedures regarding record retention for purchase and travel card transactions.
  • EEOC should develop and implement policies to require reviews of total cardholder activity to ensure compliance with monthly spending authority for all cardholders. Documentation of authority to exceed cardholders' spending limits should be maintained by management. Penalties for exceeding authorized spending limits should be established and enforced.
  • EEOC should develop and implement policies and procedures to use data mining to monitor charge card activity.

 

Fiscal year

Report number

Report title

Date issued

2012

2011-05-FISMA

Federal Information Security Management Act Report

11/17/2011

Open Recommendations:

  • EEOC should implement multifactor authentication for network access to non-privileged and privileged accounts.

 

Fiscal year

Report number

Report title

Date issued

2010

2010-04-FIN

FY 2010 Financial Statement Audit Management Letter Report

02/07/2011

Open Recommendations:

  • EEOC should implement and document the implementation of all applicable client control considerations provided by the service provider. The documentation should be readily available for review and shared with all relevant EEOC offices.

 

Fiscal year

Report number

Report title

Date issued

2010

2010-07-FISMA

Federal Information Security Management Act Report

11/01/2010

Open Recommendations:

  • EEOC should implement multifactor authentication.

 

Fiscal year

Report number

Report title

Date issued

2009

2009-05-FIN

FY 2009 Financial Statement Audit Management Letter Report

01/12/2010

Open Recommendations:

  • EEOC should ensure that all users' accounts are (1) assigned to a unique individual; (2) ensure that all data network and e-mail accounts are created and authorized in accordance with EEOC policies and procedures; (3) disable network and e-mail accounts that have not been used within the past 30 days, as mandated by the Office of Information Technology's (OIT's) controls for creating, changing, and terminating system accounts policy; and (4) ensure that all offices comply with the required annual user account confirmation procedures listing within the EEOC OIT policy on creating, changing, and terminating system accounts. (Finding repeated in FY 2010 management letter.)
  • EEOC should update the network vulnerability scan policies and procedures to ensure that the volume of medium- and high-risk vulnerabilities identified as a result of scanning is in accordance with industry standards. (Finding repeated in FY 2010 management letter.)
  • EEOC management should develop and implement policies and procedures for outsourced applications to ensure that application security violations are appropriately reviewed and reported. (Finding repeated in FY 2010 management letter.)

 

Fiscal year

Report number

Report title

Date issued

2008

2008-12-AEP

FY 2008 Independent Audit of EEOC Privacy Program

09/30/2008

Open Recommendations:

  • EEOC should continue with the planned action to implement two-factor authentication together with the implementation of badges per Homeland Security Presidential Directive 12.

 

Fiscal year

Report number

Report title

Date issued

2008

2008-03-AMR

Oversight of Federal Agency Reporting Management Directive 715 (MD-715) and Related Topics

09/26/2008

Open Recommendations:

  • EEOC should require Federal agencies to submit Part G of their Equal Employment Opportunity assessment with their annual EEOC Management Directive MD-715 submissions.

 

Fiscal year

Report number

Report title

Date issued

2008

2007-11-RFPERF

Performance Audit of the Equal Employment Opportunity Commission's Education, Training, and Technical Assistance Program Revolving Fund

08/26/2008

Open Recommendations:

  • EEOC should approve the establishment of the EEOC Training Institute Steering Committee.
  • EEOC should update the Revolving Fund Business Plan to reflect the Agency's strategic direction, vision, and goals over the next three to five years.
  • EEOC should seek professional assistance to develop a more effective budgeting method to project financial information in order to plan training events and monitor goals.

As required by Section 5(a) (10) of the Inspector General Act of 1978, as amended, semiannual reports shall include a summary of each audit report issued before the start of the reporting period for which no management decision has been made by the end of the reporting period. The OIG has no audit or evaluation reports that were issued before the reporting period began for which no management decision has been made.

 

OIG SealTHE INVESTIGATION PROGRAM

The Investigation Program supports the OIG's strategic goal of focusing limited investigative resources on issues that represent the greatest risk and offer the maximum opportunity to detect and prevent fraud, waste, and abuse in EEOC programs and operations.

 

INVESTIGATIVE INQUIRIES

Investigative Inquires Received
April 1, 2014 - September 30, 2014

Allegations

Number

Charge Processing

243

Other Statutes

54

Title VII

317

Mismanagement

1
Ethics Violations

5

Backgrounds

3

Theft

3

Threats

2

Fraud

2

Other Criminal Allegations

8

Congressional Inquiries

2

Total

638

INVESTIGATIONS

Ethical Misconduct

The OIG completed an investigation of ethical misconduct. In March 2014, in an attempt to assist her daughter in obtaining a place to live, an EEOC employee copied and edited another employee's Earnings and Leave statement to reflect that her daughter was employed by the Equal Employment Opportunity Commission.

OIG found that the employee violated: 1) The Standards of Ethical Conduct for Employees of the Executive Branch Subpart A- General Provisions § 2635.101(14) which establishes as a basic obligation of public service that employees are charged to endeavor to avoid any actions creating the appearance that they are violating the law or the ethical standards set forth in this part, and 2) §2635.704(a) Use of Government Property. OIG referred this matter to management for action, as it deems appropriate.

Purchase Card Fraud

The OIG completed the investigation of an employee who made personal purchases using a government Citibank purchase card. The OIG found that beginning on or about November 23, 2011, and continuing through August 28, 2013, the employee, while acting in her official capacity, purchased American Express Gift Cards with the government purchase card under the pretense of paying for authorized Agency litigation services. Over the course of the employee's scheme, she used government funds to purchase a total of 23 American Express Gift Cards, which were used to make payments on a timeshare, vacations, a car, phone service, and storage, as well as numerous local retail purchases. The employee used fraudulent obligation documents, invoices, and receipts to cover up a scheme of defrauding the Agency of $59,000.

The employee entered a guilty plea in the local court system and was sentenced to six years of probation and required to pay restitution of $59,000 to the Agency.

Filing of a Fraudulent EEOC Complaint

The OIG completed a joint investigation with the Department of Homeland Security (DHS), Homeland Security Investigations (HSI), involving a complainant filing a fraudulent charge of discrimination with the EEOC claiming that a manager sexually harassed her.  During the course of the investigation, it was revealed that the alleged sexual harasser actually conspired with the complainant and at least one other employee to extort money from the employer as part of a fraudulent sexual harassment scheme.  Both the complainant and manager were fired by the employer, and were arrested. Both were indicted for violating 18 U.S.C. 1349 Conspiracy to commit mail fraud. The complainant was also indicted for violating 18 U.S.C. 1001 by making false statements. The disposition of these charges is pending.

ONGOING INVESTIGATIVE ACTIVITES

The OIG has ongoing investigations in several field offices involving ethics violations, conflicts of interest, fraud, mismanagement, falsification of government records, impersonation of a Federal official, misuse of travel and purchase cards, theft of government property, misuse of computers, and threats against the Agency. Status updates of the ongoing investigations will be provided in future semiannual reports following the completion of the individual investigation.

 

APPENDIX I. FINAL OFFICE OF INSPECTOR GENERAL AUDIT AND EVALUATION REPORTS

Report Title

Date Issued

 Questioned Costs Funds Put to Better Use

Unsupported Costs

Performance Audit of the Agency's Personnel Security Program

 9/15/2014

$0

$0

$0

APPENDIX II. INDEX OF REPORTING REQUIREMENTS

Inspector General Act citation

Reporting requirements

Page

Section 4(a)(2)

Review of Legislation and Regulations

N/A

Section 5(a)(1)

Significant Problems, Abuses, and Deficiencies

10-26

Section 5(a)(2)

Recommendations for corrective action with Respect to Significant Problems, Abuses, and Deficiencies

10-12

Section 5(a)(3)

Significant Recommendations Included in Previous Reports on Which Corrective Action Has Not Been Completed

14-23

Section 5(a)(4)

Matters Referred to Prosecutorial Authorities

N/A

Section 5(a)(5)

Summary of Instances Where Information Was Refused

N/A

Section 5(a)(6)

List of Audit Reports

15

Section 5(a)(7)

Summary of Significant Reports

10-12

Section 5(a)(8)

Questioned and Unsupported Costs

27

Section 5(a)(9)

Recommendations That Funds Be Put to Better Use

27

Section 5(a)(10)

Summary of Audit Reports Issued Before the Commencement of the Reporting Period for Which No Management Decision Has Been Made

15

Section 5(a)(11)

Significant Management Decisions That Were Revised During the Reporting Period

N/A

Section 5(a)(12)

Significant Management Decisions with Which the Office of Inspector General Disagreed

N/A

APPENDIX III. SINGLE AUDIT ACT REPORTS

The Single Audit Act of 1984 requires recipients of Federal funds to arrange for audits of their activities. Federal agencies that award these funds must receive annual audit reports to determine whether prompt and appropriate corrective action has been taken in response to audit findings. During the reporting period, the OIG received no audit reports issued by public accounting firms concerning Fair Employment Practice Agencies (FEPAs) that have work-sharing agreements with EEOC.

FOOTNOTES:

1 The U.S. Department of Labor, through the General Services Administration, acquired certain assets of GCE, including data owned by the EEOC.

OIG Seal

EEOC-OI The Hotline

The EEOC Hotline Program was established for Agency employees, other Government employees, contractors, and the general public to report fraud, waste, abuse, or wrongdoing by phone, e-mail, or by mail.

What Should you Report

You should report any concern you may have over a situation in which EEOC is the potential victim of fraudulent acts by employees, contractors, or others. It includes any violations of laws, rules, regulations, gross mismanagement, gross waste or misappropriation of funds, and abuses of authority.

OIG Hotline Contact Information

Call:
EEOC-OIG Hotline
Toll-free 1-800-849-4230

E-Mail: INSPECTOR.GENEREL@EEOC.GOV

Write:
Equal Employment Opportunity Commission
Office of Inspector General
PO Box 77067
Washington, DC 20013-7067