U.S. Department of Housing and Urban Development, Washington, DC Government Travel Card Program Office of Audit, Region 7 Audit Report Number: 2018-KC-0005 Kansas City, KS September 27, 2018 To: Irving L. Dennis, Chief Financial Officer, F //signed// From: Ronald J. Hosking, Regional Inspector General for Audit, 7AGA Subject: HUD’s Travel Cards Were Used for Unauthorized, Unsupported, or Ineligible Purchases in at Least 950 Instances Totaling More Than $95,000 Attached is the U.S. Department of Housing and Urban Development (HUD), Office of Inspector General’s (OIG) final results of our review of HUD’s compliance with the travel card program requirements for fiscal year 2017. HUD Handbook 2000.06, REV-4, sets specific timeframes for management decisions on recommended corrective actions. For each recommendation without a management decision, please respond and provide status reports in accordance with the HUD Handbook. Please furnish us copies of any correspondence or directives issued because of the audit. The Inspector General Act, Title 5 United States Code, section 8M, requires that OIG post its publicly available reports on the OIG website. Accordingly, this report will be posted at http://www.hudoig.gov. If you have any questions or comments about this report, please do not hesitate to call me at 913-551-5870. Audit Report Number: 2018-KC-0005 Date: September 27, 2018 HUD’s Travel Cards Were Used for Unauthorized, Unsupported, or Ineligible Purchases in at Least 950 Instances Totaling More Than $95,000 Highlights What We Audited and Why We audited the U.S. Department of Housing and Urban Development’s (HUD) travel and purchase card programs for fiscal year 2017 based on (1) our annual risk assessment of these programs and (2) our requirement under the Charge Card Abuse Prevention Act of 2012 to periodically review government travel and purchase cards. The most recent travel card risk assessment found that there was a moderate risk of illegal, improper, or erroneous transactions occurring. The Act required inspectors general to perform analyses or audits of government charge card programs as necessary. Our audit objective was to determine whether HUD travel cards were used for unauthorized, unsupported, or ineligible purchases. What We Found HUD’s travel cards were used for unauthorized, unsupported, or ineligible purchases in at least 950 instances totaling more than $95,000. Based on the results of a statistical sample we drew from a pool of 3,045 purchases with indicators of improper activity, we estimate that at least 944 government travel card purchases totaling nearly $91,000 were unauthorized or unsupported. We also identified 15 purchases totaling more than $5,000 that were ineligible. Further, there could be additional unauthorized or ineligible purchases in the universe of more than 89,000 purchases that were not part of our targeted audit pool of 3,045 purchases. What We Recommend We recommend that the Office of the Chief Financial Officer (1) review the 17 travel cardholders with purchases that occurred without a travel authorization and the 6 travel cardholders with purchases that were not supported to determine whether they were allowable, proper, and paid in full by the cardholder, taking appropriate administrative actions as necessary; (2) perform an analysis of the remainder of the 3,045 potentially improper travel card transactions to determine whether they were allowable, proper, and paid in full by the cardholder, taking appropriate administrative actions as necessary; and (3) refer the 15 ineligible travel card transactions to the appropriate program office for appropriate administrative actions; and (4) strengthen internal monitoring efforts. Table of Contents Background and Objective…...…………………………………………………..3 Results of Audit ........................................................................................................5 Finding 1: HUD Travel Cards Were Used for Unauthorized, Unsupported, or Ineligible Purchases ......................................................................................................... 5 Scope and Methodology .........................................................................................10 Internal Controls ....................................................................................................12 Followup on Prior Audits ......................................................................................13 Appendixes ..............................................................................................................14 A. Schedule of Questioned Costs ............................................................................ 14 B. Auditee Comments and OIG’s Evaluation ....................................................... 15 C. Criteria ................................................................................................................. 18 D. Sampling and Projections................................................................................... 19 2 Background and Objective On October 5, 2012, President Obama signed the Charge Card Abuse Prevention Act of 2012, Public Law 112-194. The Charge Card Act was designed to prevent recurring fraud, waste, and abuse in governmentwide charge card programs. This law required all executive branch agencies to establish and maintain safeguards and internal controls for their use of purchase cards, travel cards, and centrally billed accounts. Further, it required offices of inspector general to (1) conduct periodic assessments of the agency charge card programs; (2) identify and analyze the risk of illegal, improper, or mistaken purchases and payments; and (3) perform analyses or audits as necessary. The General Services Administration (GSA) administers the government charge card program, also known as the SmartPay program. This program provides travel cards to agencies or departments throughout the U.S. Government. GSA designed the travel card program to facilitate official government travel, including airfare, rail or bus tickets, lodging, meals, rental cars, and other miscellaneous expenses. The U.S. Department of Housing and Urban Development (HUD) uses Citibank as its travel card provider. HUD contracted with the Accounting Resource Center (ARC) within the Bureau of the Fiscal Service, U.S. Department of the Treasury, to provide supportive services to the HUD travel card program. ARC assists with the opening and closing of Citibank card accounts, placing and removing purchasing blocks for HUD-restricted merchant category codes, generating regular monitoring reports, and assisting HUD with required Office of Management and Budget (OMB) reporting. The Office of the Chief Financial Officer (OCFO) administers the HUD travel card program. This responsibility includes managing the day-to-day operations, monitoring card use, and reporting to OMB on the status of the travel card program. OCFO establishes travel card policies and uses the Federal Travel Regulations at 41 CFR (Code of Federal Regulations) Parts 300 through 304 to administer the program. 3 The table below shows the total number of transactions and their total dollar amounts during fiscal years 2016 and 2017 for the HUD travel card program. Number of Total amount spent Fiscal year transactions 2016 95,578 $13,013,045 2017 89,573 12,546,116 Our audit objective was to determine whether HUD travel cards were used for unsupported, unauthorized, or ineligible purchases. 4 Results of Audit Finding 1: HUD Travel Cards Were Used for Unauthorized, Unsupported, or Ineligible Purchases HUD’s travel cards were used for unauthorized, unsupported, or ineligible purchases in at least 950 instances totaling more than $95,000. This condition occurred because HUD did not implement adequate controls over the travel card program and relied on inadequate third-party monitoring products. As a result, HUD was at risk of increased public scrutiny over the ineligible and unauthorized purchases of its employees and lacked assurance that it was compliant with the Charge Card Abuse Prevention Act of 2012. HUD Travel Cards Were Used for Unauthorized, Unsupported, or Ineligible Purchases We estimated that HUD’s travel cards were used for unauthorized or unsupported purchases in at least 944 instances totaling nearly $91,000. That estimate is based on the results of our review of 78 statistically selected purchases. We also identified 15 purchases totaling more than $5,000 that were ineligible. Unauthorized Purchases In 17 of the 78 travel purchases reviewed, the purchase was made without an authorization or local voucher. Regulations at 41 CFR 301-2.1 generally require cardholders to have written or electronic authorization before incurring any travel-related expense. See Appendix C for more information. For these 17 purchases, the HUD employee failed to obtain an approved authorization or local voucher. These purchases were for meals, hotels, taxi fares, car rentals, airfares, and train fares, with dollar amounts ranging from $8 to more than $600 and totaling nearly $3,500. Unsupported Purchases In 6 of the 78 travel purchases reviewed, the purchase was made without a required supporting document. For these six purchases, the HUD employee did not include required documentation to support the travel card use in the employee’s travel voucher. Regulations at 41 CFR 301- 11.25 require cardholders to provide receipts for lodging and any other authorized expense of more than $75. These purchases were for hotel, airline, and train purchases, with dollar amounts ranging from more than $100 to more than $600 and totaling nearly$3,000. Ineligible Purchases Eight of the 17 unauthorized purchases identified above were also ineligible, or the cardholder did not provide proof that the purchase was eligible. OMB Circular A-123, appendix B, defines improper charge card purchases as any purchase, whether intentional or by accident, that is made outside a cardholder’s authority to make that purchase. The Circular and HUD policies also state that the travel card should never be used for personal or nonbusiness purposes. We reached out to the 17 cardholders with unauthorized purchases identified during our review of the statistical sample and requested support from them showing that their purchase was proper. Nine of the 5 seventeen provided support showing that the purchase was proper. The remaining eight cardholders either did not reply, admitted that the use was improper but accidental, or provided insufficient support. These purchases were for meals, tolls, taxi fares, and hotel purchases, with dollar amounts ranging from more than $8 to more than $200 and totaling more than $600. In addition to our statistical sample, we reviewed a separate sample of 6 purchases from the universe of all 89,573 fiscal year 2017 transactions. These purchases were made by five cardholders and showed indications of misuse; specifically, ATM withdrawals within 3 days of a casino hotel charge; retail purchases greater than $300; bar, lounge, or nightclub purchases greater than $300; and any transaction, aside from hotels, airlines, and trains, greater than $1,000. Two of the five HUD employees showed that their purchases were proper, with one being related to an approved employee relocation and the other a result of card theft. The four remaining ineligible purchases made by three employees totaled $1,946. The first cardholder made an unauthorized ATM withdrawal with a travel card for $282 in fiscal year 2017 and then used the card again at a casino hotel in Las Vegas in another unauthorized charge for $849 the following day. While following up on these purchases, we identified three additional ineligible purchases this employee made at casino hotels in 2018 for more than $800, each totaling nearly $3,000. The second cardholder used a travel card at an adult entertainment gentlemen’s club, charging more than $400 while on an approved trip to attend training. The cardholder told us the charge was for a meal. However, the vendor did not advertise or make mention of serving food in its marketing. The third cardholder used a travel card at a retail store, charging $355 without an authorization. The cardholder stated that the cardholder’s spouse may have made the store purchase by accident. HUD policies strickly forbid family members of the cardholder or any other person from using the travel card. Table 1 shows the 8 ineligible purchases from our review of the statistical sample, the 4 ineligible purchases from the remaining 3 of 5 HUD employees, and the additional 3 ineligible casino hotel purchases made by the first cardholder, for a total of 15 ineligible purchases. Table 1 Travel card charge description Ineligible amount Eight ineligible purchases from statistical sample $627 Four ineligible purchases from separate sample 1,946 Additional three ineligible casino hotel purchases in 2,820 2018 Total 5,393 6 Statistical Projection of Unauthorized and Unsupported Purchases Of the universe of more than 89,000 fiscal year 2017 travel card purchases, we identified 3,045 purchases totaling more than $651,000, which contained indications that the purchase was unauthorized or ineligible. These indications included any purchase made at least 7 days outside any approved trip for the cardholder or any purchase made at high-risk vendors for large dollar amounts. See the Scope and Methodology section for more information. We selected a statistical sample of 78 purchases, each on a unique travel card, from the targeted pool of 3,045 purchases. We reviewed each travel card purchase in our sample to determine whether it was authorized and supported. We found that 17 purchases were made without authorization, and 6 were made without proper support. Table 2 below shows the results of our sample review. Table 2 Cards with exceptions Purchase amounts from a Sample description from a sample of 78 sample of 78 Unauthorized travel card purchases 17 $3,481 Unsupported travel card purchases 6 2,926 Total 23 6,407 By projecting those results, we estimate that of the 3,045 purchases in our pool, 944 purchases totaling nearly$91,000 were unauthorized or unsupported. See appendix D for more information on the sample and projection. We reviewed a relatively small portion of the total travel card transactions for the year. As a result, it should be noted that there could be additional unauthorized or usupported purchases in the universe of more than 89,000 purchases that were not part of the targeted pool of 3,045 purchases. HUD Did Not Implement Adequate Controls HUD did not implement adequate written policies for the proper administration of travel authorizations and monitoring of card use. Specifically, some policies did not clearly state that any use of the travel card must be authorized, and policies did not establish a process for fully resolving identified questionable purchases. We addressed this control deficiency with recommendations in HUD Office of Inspector General (OIG) audit report 2017-KC-0009, dated September 26, 2017. See the Followup on Prior Audits section for more information. 7 HUD Relied on Inadequate Third-Party Monitoring Products HUD relied on ARC monitoring reports that did not address special situations of concern to OCFO. OCFO used ARC’s monthly monitoring reports to identify potentially improper travel card use. These reports showed recent transactions that triggered ARC’s monitoring algorythms as being potentially unauthorized, non-business related, or made erroneously. However, ARC’s monitoring did not search for questionable transactions indicating card theft, HUD employee details to other HUD could strengthen its controls by agencies, and the use of noncontract data mining to identify violations. travel carriers. OCFO informed ARC of its concerns, but a solution was not obtained. OMB Circular A-123, appendix B, part 4.3, required charge card managers to use data mining (if available) to detect instances of delinquency, fraud, and misuse. HUD could strengthen its controls by data mining its travel card activity to identify violations. HUD had not used data mining to identify potential violations as of August 2018. HUD Was at Risk of Increased Public Scrutiny and Lacked Assurance That It Complied With the Act HUD was at risk of increased public scrutiny over the ineligible and unauthorized purchases of its employees and lacked assurance that it complied with the Act. OMB Memorandum M-13-21 informs Federal agencies that charge card management plans, semiannual reports on charge card violations, and inspectors general risk assessments will be used to assess the effectiveness of an agency’s charge card program. Without adequate controls, OMB could identify HUD as inneffective in its administration of the travel card program and not in compliance with the Act. Recommendations We recommend that the HUD Office of the Chief Financial Officer 1A. Review the 17 travel cardholders with purchases that occurred without a travel authorization and the 6 travel cardholders with purchases that were not supported to determine whether the purchases were allowable, proper, and paid in full by the cardholder, taking appropriate administrative actions as necessary. These unsupported purchases totaled $6,407. However, a total of $5,780 remains after deducting the duplicate amount of $627 addressed in Recommendation 1C. 1B. Perform an analysis of the 3,045 travel card purchases with indications that they were unauthorized or ineligible to identify potential violations and to address any unauthorized purchases identified. OCFO should perform a review of identified transactions to determine whether they were allowable, proper, and paid in full by the cardholder, taking appropriate administrative actions as necessary. 1C. Refer the 15 ineligible travel card transactions totaling $5,393 to the appropriate program office and obtain a response regarding what administrative actions were taken to resolve the violations. If no actions were taken, OCFO should request support to show why no corrective actions were taken. 8 1D. Strengthen internal monitoring efforts regarding government travel card use to identify potentially improper, illegal, or erroneous transactions. Such efforts should include data mining to detect instances of delinquency, fraud, and misuse. 9 Scope and Methodology Our audit period generally covered October 1, 2016, through September 30, 2017. We expanded the scope to include a review of three potentially ineligible purchases occurring from May 15, 2018, to June 14, 2018. We performed our audit work from March through August 2018. We conducted onsite work at HUD headquarters located at 451 7th Street SW, Washington, DC. To accomplish our objective, we reviewed applicable laws and regulations; reviewed HUD’s policies and procedures; interviewed HUD officials and officials from HUD’s administrative contractor, ARC; and reviewed travel card data obtained from Citibank, HUD’s travel system (CONCUR), HUD, and ARC. We used GAO government auditing standards, issued January 2012, section 6.15a-g as guidance to help us determine the risk levels used in HUD OIG memorandum 2018-KC-0801. We used the memorandum’s risk level in determining whether to audit the FY17 travel card program. To achieve our objective, we relied in part on data obtained from Citibank’s Client Reporting System and HUD’s travel system. To test the data reliability, we compared the names and transaction amounts in the Citibank and travel system data with HUD records for a small sample and found the data to be adequate for our purposes. We directly accessed Citibank’s Client Reporting System to obtain all travel card purchases for fiscal year 2017. This action resulted in 89,573 travel card purchases. We also obtained from HUD and ARC a list of all 2,032 fiscal year 2017 travel authorizations and a list of all HUD employees who separated from HUD in fiscal year 2017. We used data analysis tools (Audit Command Language and structured query language) to identify 2,590 travel card purchases with indications that they occurred without an authorization. For each travel card purchase, we compared the purchase date with all authorized trips the cardholder had for the year. We did not flag purchases that occurred at most 7 days before the authorized trip start date or at most 7 days after the authorized trip end date. Otherwise, the purchase was included in the 2,590. We used data analysis tools to identify 550 travel card purchases with indications that they were potentially ineligible and for personal benefit. Specifically, we identified purchases made at casino hotels, bars, lounges, nightclubs, equipment rental merchants, and retail and grocery stores in excess of $75 and ATM withdrawals in excess of $150. We added the 550 to the 2,590, 10 resulting in 3,140 purchases that were potentially unauthorized or ineligible. After removing 95 duplicate transactions, we arrived at the universe of 3,045 transactions. We obtained a statistical sample of 78 transactions from the 3,045 and reviewed each item to determine whether the transaction was authorized and supported in CONCUR. We statistically projected our sample review results to the universe of the 3,045. See appendix D for a detailed methodology of our sampling. For the 17 that were not authorized, we reached out to the HUD cardholder or the cardholder’s administrative officer to request support showing that the charge was authorized and for a HUD business purpose. In addition to the 3,045, we selected a nonstatistical sample of 6 transactions from 5 unique cards from a universe of 89,573 total fiscal year 2017 transactions showing indications of irregularities defined as ATM withdrawals within 3 days of a casino hotel charge; retail purchases greater than $300; bar, lounge, or nightclub charges greater than $300; and any transaction, aside from hotels, airlines, and trains, greater than $1,000. We reached out to the each of the five cardholders or their administrative officers to request support showing that the charge was authorized and for a HUD business purpose. We expanded our audit period to include May 15, 2018, to June 14, 2018, in our review of a HUD employee’s cardholder statement showing three ineligible purchases. The results of this sample review did not reflect on any pool of transactions outside the sample itself. We conducted the audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objective(s). We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective. 11 Internal Controls Internal control is a process adopted by those charged with governance and management, designed to provide reasonable assurance about the achievement of the organization’s mission, goals, and objectives with regard to effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations. Internal controls comprise the plans, policies, methods, and procedures used to meet the organization’s mission, goals, and objectives. Internal controls include the processes and procedures for planning, organizing, directing, and controlling program operations as well as the systems for measuring, reporting, and monitoring program performance. Relevant Internal Controls We determined that the following internal controls were relevant to our audit objective: Controls over travel card programs to ensure that government travel cards are used properly and in accordance with applicable Federal regulations and HUD policies. We assessed the relevant controls identified above. A deficiency in internal control exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, the reasonable opportunity to prevent, detect, or correct (1) impairments to effectiveness or efficiency of operations, (2) misstatements in financial or performance information, or (3) violations of laws and regulations on a timely basis. Significant Deficiency Based on our review, we believe that the following item is a significant deficiency: HUD did not implement adequate written policies and relied on inadequate third-party monitoring products (finding 1). 12 Followup on Prior Audits Government Travel and Purchase Cards, 2017-KC-0009, Issued September 26, 2017 Our previous travel card audit included recommendations that the Chief Financial Officer (1) develop and implement adequate written policies to ensure that cardholders obtain appropriate authorizations to support purchases on their government travel cards and establish a process for submitting a written request to OCFO for a merchant code unblock, (2) develop and implement written policies to ensure that program offices adequately follow up on identified questionable purchases and inform OCFO of significant travel card violations when they are identified, and (3) review the identified 3,160 transactions totaling $555,337 to determine whether they were for official government travel. If they were not for official travel, OCFO should determine whether the cardholders paid the credit bill for the improper purchases, request reimbursement when applicable, and take all other appropriate actions. https://www.hudoig.gov/reports-publications/audit-reports/some-hud-employees-used-travel- cards-potentially-improper As of August 7, 2018, recommendations 1, 2, and 3 were open with a final action date of March 2019. The planned corrective actions are as follows: 1) OCFO will revise the existing travel policies and procedures to clearly state the primary source of HUD travel guidance (such as The Federal Travel Regulations) as well as outline the process for submitting a written request to OCFO for a merchant code unblock, using a form already developed in July of 2017. In addition, to reduce the risk of fraud, OCFO is developing a travel card analytics tool to meet the requirements of the Fraud Reduction and Data Analytics Act of 2015, Public Law 114-186, which will enable OCFO to identify, monitor, and respond to potential fraud risk, including risks within the Government Travel Charge Card Program. 2) OCFO will provide additional training and revise its existing travel policies and procedures to strengthen program offices’ controls over questionable charges and reporting of violations to the Office of the Chief Human Capital Officer (OCHCO) and the Chief Financial Officer as defined in the Table of Penalties. 3) OCFO will research cardholder transactions for anomalies and communicate the results to the program offices, OCHCO, and OIG as appropriate. 13 Appendixes Appendix A Schedule of Questioned Costs Recommendation Ineligible 1/ Unsupported 2/ number 1A $5,7801 1C $5,393 Totals 5,393 5,780 1/ Ineligible costs are costs charged to a HUD-financed or HUD-insured program or activity that the auditor believes are not allowable by law; contract; or Federal, State, or local policies or regulations. 2/ Unsupported costs are those costs charged to a HUD-financed or HUD-insured program or activity when we cannot determine eligibility at the time of the audit. Unsupported costs require a decision by HUD program officials. This decision, in addition to obtaining supporting documentation, might involve a legal interpretation or clarification of departmental policies and procedures. . 1 Total unsupported costs were $6,407 which included $627 also reported in recommendation 1C. The costs in recommendation 1A were reduced by the duplicate amount to result in unsupported costs of $5,780. 14 Appendix B Auditee Comments and OIG’s Evaluation Ref to OIG Evaluation Auditee Comments Comment 1 Comment 2 15 Ref to OIG Auditee Comments Evaluation 16 OIG Evaluation of Auditee Comments Comment 1 HUD stated that it supports the recommendations provided in the audit and will improve controls around the travel card program. Comment 2 HUD stated that it is in the process of implementing new procedures to address the recommendations of this report and the recommendations from HUD OIG report 2017-KC-0009. We will work with HUD during the audit resolution process to ensure the procedures adequately address the recommendations. 17 Appendix C Criteria Public Law 112-194 2(h)(3) Inspector General Audit The Inspector General of each executive agency with more than $10,000,000 in travel card spending shall conduct periodic audits or reviews of travel card programs to analyze risks of illegal, improper, or erroneous purchases and payments. The findings of such audits or reviews along with recommendations to prevent improper use of travel cards shall be reported to the Director of the Office of Management and Budget and Congress. 1909 Management of Purchase Cards The Inspector General of each executive agency shall— (1) conduct periodic assessments of the agency purchase card or convenience check programs to identify and analyze risks of illegal, improper, or erroneous purchases and payments in order to develop a plan for using such risk assessments to determine the scope, frequency, and number of periodic audits of purchase card or convenience check transactions; (2) perform analysis or audits, as necessary, of purchase card transactions designed to identify— (A) potentially illegal, improper, or erroneous uses of purchase cards; (B) any patterns of such uses; and (C) categories of purchases that could be made by means other than purchase cards in order to better aggregate purchases and obtain lower prices (excluding transactions made under card-based strategic sourcing arrangements). 41 CFR Part 301 301–2.1 Must I have authorization to travel? Yes, generally you must have written or electronic authorization prior to incurring any travel expense. If it is not practicable or possible to obtain such authorization prior to travel, your agency may approve a specific authorization for reimbursement of travel expenses after travel is completed. However, written or electronic advance authorization is required for items in § 301–2.5 (c), (i), (n), and (o) of this part. §301-11.25 Must I provide receipts to substantiate my claimed travel expenses? Yes. You must provide a lodging receipt and a receipt for every authorized expense over $75, or provide a reason acceptable to your agency explaining why you are unable to furnish the necessary receipt(s). 18 Appendix D Sampling and Projections Findings: Based on a Neyman optimized sample of 78 travel card transactions, designed to minimize error, we can make the following statements: Dollar Projection Results, Unauthorized Transactions: In 17 of 78 transactions reviewed, the transactions were unauthorized. This amounts to a weighted average of $28 per transaction. Deducting the statistical margin of error to accommodate the uncertainties inherent in statistical sampling, we can say – with a one-sided confidence interval of 95 percent – that this amounts to at least $15 per transaction. In the context of the transaction universe of 3,045 records, this amounts at least $48,359 in total unauthorized transactions. Dollar Projection Results, Unauthorized and Unsupported Transactions: In 23 of 78 transactions reviewed, the transactions were either unauthorized or unsupported. This amounts to a weighted average of $45 per transaction. Deducting the statistical margin of error to accommodate the uncertainties inherent in statistical sampling, we can say – with a one- sided confidence interval of 95 percent – that this amounts to at least $29 per transaction. In the context of the transaction universe of 3,045 records, this amounts at least $90,964 in total unauthorized and unsupported transactions. Count and Percentage Results, Unauthorized Transactions: In 17 of 78 transactions reviewed, the transaction were unauthorized. This amounts to a weighted average of 35.57 percent of the records. Deducting the statistical margin of error to accommodate the uncertainties inherent in statistical sampling, we can still say – with a one- sided confidence interval of 95 percent – that this amounts to at least 24.87 percent of the records in the universe having this same characteristic. Extending this percentage to the total universe count of 3,045 transaction records, we can say that there were at least 757 unauthorized transactions. Count and Percentage Results, Unauthorized and Unsupported Transactions: In 23 of 78 transactions reviewed, the transactions were either unauthorized or unsupported. This amounts to a weighted average of 41.29 percent of the records. Deducting the statistical margin of error to accommodate the uncertainties inherent in statistical sampling, we can still say – with a one-sided confidence interval of 95 percent – that this amounts to at least 31.03 percent of the records in the universe having these characteristics. Extending this percentage to the total universe count of 3,045 transaction records, we can say that there were at least 944 unauthorized or unsupported transactions. 19 Methodology for sample design: We found a Neyman optimized sample size of 78 to be the best size for providing meaningful results without an unnecessary risk of spurious error.i With the frequent occurrence of null values in audits, possible audit findings follow a lognormal distribution, which approximates a bell-curve. We used replicated sampling to proof-test the sample design and model the true sampling distribution of this number set. With this, we confirmed performance of the sample design. The data were sampled using a computer program written in SAS®, using the surveyselect procedure with a random-number seed value of 7. SAS (previously “Statistical Analysis System”) is a software suite designed by SAS Institute for advanced analytics, multivariate analysis, business intelligence, data management, and predictive analytics. The sample design was stratified as shown in the table below. Sample Table Lower Bound Total Sampling Probability of Sampling Strata of Transaction Units per Sample Size Selection Weight Amount Stratum domain1_01 > 0 1,395 14 0.0100 99.64 domain1_02 ≥ $132 562 14 0.0249 40.14 domain1_03 ≥ $208 455 14 0.0308 32.50 domain1_04 ≥ $329 366 14 0.0383 26.14 domain1_05 ≥ $535 267 22 0.0824 12.14 Total N/A 3,045 78 N/A N/A Results, findings, and projections: The review team returned the results of for each record reviewed. The review team did not use a sampling spare record. Therefore, sampling weights were unchanged. We used the surveymeans procedure in SAS® to estimate the dollar amounts. We reduced the average amount by the margin of error (that is, the standard error with a student’s t factor) associated with this sample design. For complex sample designs, such as the stratified technique used for this review, the surveymeans procedure in SAS uses the Taylor expansion method to estimate sampling errors (standard errors). We computed the percentage and number of loans impacted based on the sampling results and extended this result to the population using the surveyfreq procedure provided by SAS®. We estimated the upper and lower confidence intervals using a Gaussian sampling distribution, which is appropriate for error rates in this range. The basic estimation calculations are as follows:ii = µ - / $ = pct - / % = Review finding amount after deducting a margin of error. 20 = Total number of sampling units with the error after deducting a margin of error. µ = Weighted average value of the error per unit. pct = Weighted percentage of sampling units with the error in the universe. SE$ = Standard error per unit, as it applies to projecting dollars. SE% = Standard error per unit, as it applies to projecting proportions. tα/2 = Student’s - t for projecting a one-sided confidence interval for a sample of this size. Findingsiii Dollar Projection Results, Unauthorized Transactions: In 17 of 78 transactions reviewed, the transactions were unauthorized. This amounts to a weighted average of $28.49 per transaction. Deducting the statistical margin of error to accommodate the uncertainties inherent in statistical sampling, we can say – with a one-sided confidence interval of 95 percent – that this amounts to at least $15 per transaction. In the context of the transaction universe of 3,045 records, this amounts at least $48,359 in total unauthorized transactions. Per transaction: $28.49 – 1.666 ⨉ $7.57 ≈ $15.88 LCL Total universe of transactions: $86,740.26 – 1.666 ⨉ $23,037.47 ≈ $48,359.92LCL Dollar Projection Results, Unauthorized and Unsupported Transactions: In 23 out of 78 transactions reviewed, the transactions were either unauthorized or unsupported. This amounts to a weighted average of $45 per transaction. Deducting the statistical margin of error to accommodate the uncertainties inherent in statistical sampling, we can say – with a one- sided confidence interval of 95 percent – that this amounts to at least $29 per transaction. In the context of the transaction universe of 3,045 records, this amounts at least $90,964 in total unauthorized and unsupported transactions. Per transaction: $45.43 – 1.666 ⨉ $9.34 ≈ $29.87 LCL Total universe of transactions: $138,324.87 – 1.666 ⨉ $28,427.95 ≈ $90,964.01LCL Count and Percentage Results, Unauthorized Transactions: In 17 of 78 transactions reviewed, the transactions were unauthorized. This amounts to a weighted average of 35.57 percent of the records. Deducting the statistical margin of error to accommodate the uncertainties inherent in statistical sampling, we can still say – with a one- sided confidence interval of 95 percent – that this amounts to at least 24.87 percent of the records in the universe having this same characteristic. Extending this percentage to the total universe 21 count of 3,045 transaction records, we can say that there were at least 757 unauthorized transactions. Percentage of transactions: 35.75% – 1.666 ⨉ 6.42% ≈ 24.87% LCL Count projection: 1,082.98 – 1.666 ⨉ 195.46 ≈ 757.35 LCL Count and Percentage Results, Unauthorized and Unsupported Transactions: In 23 of 78 transactions reviewed, the transactions were either unauthorized or unsupported. This amounts to a weighted average of 41.29 percent of the records. Deducting the statistical margin of error to accommodate the uncertainties inherent in statistical sampling, we can still say – with a one-sided confidence interval of 95 percent – that this amounts to at least 31.03 percent of the records in the universe having these characteristics. Extending this percentage to the total universe count of 3,045 transaction records, we can say that there were at least 944 unauthorized or unsupported transactions. Percentage of transactions: 41.29% – 1 666 ⨉ 6.16% ≈ 31.03% LCL Count projection: 1,257.31 – 1.666 ⨉ 187.58 ≈ 944.8 LCL i See a selected sample in Excel spreadsheet KC 18 0010, Sample Selection.xlsx, and supporting documentation in KC 18 0010, SAS log.txt. ii See chapter 3 in Kish, Leslie (1965) Survey Sampling New York: John Wiley & Sons, Inc., for a more detailed description of calculating stratified sample means and variances. iii See KC 18 0010, Projections.pdf, for computational details. 22
HUD's Travel Cards Were Used for Unauthorized, Unsupported, or Ineligible Purchases in at Least 950 Instances Totaling More Than $95,000
Published by the Department of Housing and Urban Development, Office of Inspector General on 2018-09-27.
Below is a raw (and likely hideous) rendition of the original report. (PDF)