DHS OIG, OIG-13-48, Management Letter for U.S. Customs and Border Protection’s FY 2012 Consolidated Financial Statements (2013)

DHS OIG

Section: Management Letter for U.S. Customs and Border Protection’s FY 2012 Consolidated Financial Statements

Effective: 3/25/2013

Bluebook Citation: DHS OIG, OIG-13-48, Management Letter for U.S. Customs and Border Protection’s FY 2012 Consolidated Financial Statements (2013)

Department of Homeland Security Management Letter for U.S. Customs and Border Protection’s FY 2012 Consolidated Financial Statements OIG-13-48 March 2013 OFFICE OF INSPECTOR GENERAL Department of Homeland Security Washington, DC 20528 / www.oig.dhs.gov MAR 25 2013 MEMORANDUM FOR: Deborah J. Schilling Chief Financial Officer U.S. Customs and Border Protection FROM: SUBJECT: Anne L. Richa Assistant Insp rds ector General for Audits Management Letter for U.S. Customs and Border Protection’s FY 2012 Consolidated Financial Statements Attached for your information is our final report, Management Letter for U.S. Customs and Border Protection’s FY 2012 Consolidated Financial Statements. This report contains observations and recommendations related to internal control deficiencies that were not required to be reported in the Independent Auditors’ Report on U.S. Customs and Border Protection’s FY 2012 Financial Statements. Internal control deficiencies, which are considered significant deficiencies were reported, as required, in the Independent Auditors’ Report, dated January 25, 2013, which was included in U.S. Customs Border Protection’s (CBP) Fiscal Year 2012 Performance and Accountability Report. We do not require management’s response to the recommendations.

The independent public accounting firm KPMG LLP conducted the audit of CBP’s FY 2012 consolidated financial statements and is responsible for the attached management letter dated February 27, 2013, and the conclusions expressed in it. We do not express opinions on CBP’s financial statements or internal control, nor do we provide conclusions on compliance with laws and regulations. Please call me with any questions, or your staff may contact, Mark Bell, Deputy Assistant Inspector General for Audits, at (202)254-4100. Attachment KPMG LLP Suite 12000 1801 K Street, NW Washington, DC 20006 February 27, 2013 Inspector General and Chief Financial Officer U.S. Department of Homeland Security Washington, DC Chief Financial Officer U.S. Customs and Border Protection Ladies and Gentlemen: We have audited the consolidated balance sheets of the U.S. Customs and Border Protection (CBP), a Component of the U.S. Department of Homeland Security (DHS), as of September 30, 2012 and 2011, and the related consolidated statements of net cost, changes in net position, and custodial activity, and the combined statements of budgetary resources (hereinafter, referred to as “consolidated financial statements”) for the years then ended.

In planning and performing our audit of CBP’s consolidated financial statements, we considered CBP’s internal control over financial reporting in order to determine our auditing procedures for the purpose of expressing our opinion on the consolidated financial statements. In connection with our fiscal year (FY) 2012 audit engagement, we considered CBP’s internal control over financial reporting by obtaining an understanding of CBP’s internal controls, determining whether internal controls had been placed in operation, assessing control risk, and performing tests of controls in order to determine our procedures. We limited our internal control testing to those controls necessary to achieve the objectives described in Government Auditing Standards and the Office of Management and Budget (OMB) Bulletin No. 07-04, Audit Requirements for Federal Financial Statements, as amended. We did not test all internal controls relevant to operating objectives as broadly defined by the Federal Managers’ Financial Integrity Act of 1982.

The objective of our audit engagement was not to provide an opinion on the effectiveness of CBP’s internal control over financial reporting. Accordingly, we do not express an opinion on the effectiveness of CBP’s internal control over financial reporting. A deficiency in internal control exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct misstatements on a timely basis. A material weakness is a deficiency, or combination of deficiencies, in internal control such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected on a timely basis.

A significant deficiency is a deficiency, or combination of deficiencies, in internal control that is less severe than a material weakness, yet important enough to merit attention by those charged with governance. In accordance with Government Auditing Standards, our Independent Auditors’ Report included internal control deficiencies identified during our audit, that individually, or in aggregate, represented a material weakness or a significant deficiency. KPMG LLP is a Delaware limited liability partnership, the U.S. member firm of KPMG International Cooperative (“KPMG International”), a Swiss entity. We also noted certain matters involving internal control and other operational matters that are less severe than a material weakness or a significant deficiency, and consequently are reported separately to the Office of Inspector General (OIG) and CBP management in this letter.

These comments and recommendations, all of which have been discussed with the appropriate members of management, are intended to improve internal control or result in other operating efficiencies. The matters listed in the Table of Financial Management Comments of this letter provide our observations for your consideration. The disposition of each internal control deficiency identified during our FY 2012 audit – as either reported in our Independent Auditors’ Report, or herein – is presented in Appendix A. The status of internal control deficiencies identified during our FY 2011 audit is presented in Appendix B. Our findings related to information technology systems have been presented in a separate letter to the OIG and the CBP Chief Information Officer. CBP’s written response to our comments and recommendations, presented in Appendix C, has not been subjected to auditing procedures and, accordingly, we express no opinion on it.

We would be pleased to discuss these comments and recommendations with you at any time. This report is intended for the information and use of DHS and CBP management, the DHS Office of Inspector General, the OMB, the U.S. Congress, and the Government Accountability Office, and is not intended to be and should not be used by anyone other than these specified parties. Very truly yours, Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 TABLE OF FINANCIAL MANAGEMENT COMMENTS (FMC) Comment Reference FMC 12-01 FMC 12-02 Subject Lack of Implementation of Controls over Determining Classification of Leases Automated Commercial System (ACS) Deficiency over the Accumulation of Accelerated Payments against a Drawback Bond FMC 12-03 Weaknesses in Controls over Timely Processing of Goods and Services Received Insufficient Review of ACS and User Fee Database Reconciliation FMC 12-04 FMC 12-05 Deficiencies in the Public and Confidential Financial Disclosure Reporting Process FMC 12-06 Deficiencies in the Performance Management Program FMC 12-07 Insufficient Review of the Consolidated Omnibus Budget Reconciliation Act (COBRA) User Fees (CUF) and Immigration User Fees (IUF) Accounts Receivable Estimate FMC 12-08 Lack of Segregation of Duties over Collections and Deposits FMC 12-09 Weaknesses in the Trade Compliance Measurement (TCM) Program Deficiencies over Monitoring of Ethics Requirements FMC 12-10 FMC 12-11 Untimely Undelivered Orders (UDOs) Quarterly Review FMC 12-12 Weaknesses in Controls over Customs-Trade Partnership Against Terrorism (C- TPAT) Benefits FMC 12-13 Lack of Verification of Refunds FMC 12-14 FMC 12-15 Deficiencies in the Seized Inventory Process FMC 12-16 FMC 12-17 Weaknesses in CBP' Deficiencies in the Review of the Department of Labor (DOL) Chargeback Report s Process Related to Recording Construction Percentage of Weaknesses in Controls over the Bond Sufficiency Review Process Completion (POC) Amounts FMC 12-18 Untimely De-obligation of UDOs and Weaknesses in Related Controls FMC 12-19 Deficiencies in the Review of Standard Form (SF)-52 Personnel Action Request Tracking System (PARTS) Actions Deficiencies in the Review of Adjusting Journal Entries (JEs) FMC 12-20 FMC 12-21 Deficiencies in the Inventory and Related Property Process FMC 12-22 Deficiencies in Tracking CBP Leases APPENDICES Appendix A Subject Crosswalk – Financial Management Comments to Active Notices of Finding and Recommendation (NFRs) Status of Prior Year Findings Management Response to the Draft Management Letter B C 1 Page 2 2 2 3 4 4 5 6 6 6 7 7 7 8 9 9 10 10 11 11 12 12 Page 14 16 18 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 Financial Management Comment (FMC) 12-01: Lack of Implementation of Controls over Determining Classification of Leases (Notice of Finding and Recommendation (NFR) No. CBP-12­ 02) CBP does not have a formal requirement to retain documentation to support the analysis and evaluation of all leases as either operating or capital for personal and Office of Information Technology (OIT) property. Therefore, there is no clear, auditable documentation evidencing how CBP determines if a personal property or OIT lease should be classified as operating or capital.

Recommendations: We recommend that CBP: 1. Prepare a personal property and OIT lease evaluation tool in accordance with Statements of Federal Financial Accounts Standards (SFFAS) No. 6 and Office of Management and Budget (OMB) Circular No. A-11. 2. Update CBP’s lease directive to require the completion and retention of the personal property and OIT lease evaluation tool and establish related responsibilities.

FMC 12-02: Automated Commercial System (ACS) Deficiency over the Accumulation of Accelerated Payments against a Drawback Bond (NFR No. CBP-12-03) ACS does not properly determine the sufficiency of continuous bonds. Specifically, the automated control that prevents a claimant from exceeding the bond amount on file is not operating effectively. As a result, CBP may not have sufficient surety against a drawback over claim. Additionally, manual procedures are not in place to ensure the sufficiency of bonds.

ACS remains the system of record for drawback claims and bonds. In fiscal year (FY) 2012, CBP began developing a script within ACS, known as “ACP,” that will indicate the bond number, claimants listed on the bond, anniversary date of the bond, bond value, and a list of all drawback accelerated payments applied against the bond. However, the script has not been fully implemented within ACS. Recommendation: We recommend that CBP release the revised ACP script described above into production and issue an updated memo to the drawback centers announcing the implementation of the ACP script, along with instructions on how to use the script.

FMC 12-03: Weaknesses in Controls over Timely Processing of Goods and Services Received (NFR Nos. CBP-12-07 and CBP-12-07b) We reviewed a statistical sample of 121 operating expense transactions. In 19 transactions, the receipt of goods or services was not recorded in the proper period. Contracting Officer’s Technical Representatives (COTRs) and goods receivers did not consistently enter goods receipt and service entry sheets timely into Systems, Applications, and Products (SAP), CBP’s financial reporting system. As a result, at year-end CBP must estimate 2 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 accounts payable for goods or services received, but not yet entered into SAP.

Although this estimation process is typically accurate, as evidenced by the search for unrecorded liabilities performed by CBP at the beginning of each fiscal year, CBP’s controls over the timely recording of goods and services receipt are not consistently applied throughout the year. In order to capture goods receipt/service entry sheets untimely entered, CBP uses both workflow messages and an on-demand SAP “parked invoice” report available to all receiving officials. A workflow message is sent to the receiver of goods when an invoice is input into SAP without a corresponding goods receipt. In addition, if this message is not addressed within five days, a subsequent message is sent to a budget official.

CBP’s Commercial Accounts Section works the “parked invoice” report weekly and communicates with program offices to resolve open items. In addition, program level officers at CBP Headquarters are provided the “parked invoice” report each month, which allows them to monitor the items outstanding for their program office. These officials are responsible for distributing the report to their subordinate offices for action and implementing various levels of review procedures to ensure items are resolved. Beginning January 2012, SAP was enhanced to issue email messages to Contracting Officers when an invoice remained parked for eight days and another email message was issued when the invoice was still parked at fifteen days.

In addition, CBP Directive 5220-040, Contract Invoice Processing and Payment Procedures, was issued January 26, 2012 to establish controls, guidance, and procedures for timely processing of contractors’ invoices and interim vouchers, to prevent interest penalties for late payments. However, these procedures are not performed until after the receipt of an invoice, which typically occurs after the receipt of goods or services. Recommendations: We recommend that CBP: 1. Continue outreach efforts that provide guidance to receiving officials through conference calls and newsletters.

2. Monitor the results of the annual Self Inspection worksheets to determine additional training needs. 3. Provide Webinar training and target program offices that have consistently entered receiving information late.

FMC 12-04: Insufficient Review of ACS and User Fee Database Reconciliation (NFR No. CBP-12­ 09) Insufficient review was performed over the December 2011 ACS-User Fee Database reconciliation. For the reconciliation of one class code, the amount of collections input on the reconciliation was incorrect. As a result, the un-reconciled amount did not mathematically sum as indicated on the reconciliation. These errors were not identified during the review process; however, the errors did not lead to a misstatement of the financial statements.

Recommendation: We recommend that CBP management perform a monthly review of the ACS-User Fee Database reconciliations to ensure that mathematical inaccuracies are identified and corrected. 3 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 FMC 12-05: Deficiencies in the Public and Confidential Financial Disclosure Reporting Process (NFR No. CBP-12-10) During testwork over a sample of 15 employees that filed Office of Government Ethics (OGE) Form 278, Executive Branch Personnel Public Financial Disclosure Report, in FY 2012, the following deficiency was identified: • Evidence of review and certification by the reviewing official within 60 days of the filing date for one of the OGE Form 278s could not be provided. During testwork over a sample of 45 employees that filed OGE Form 450, Executive Branch Personnel Confidential Financial Disclosure Report, in FY 2012, the following deficiencies were identified: • One employee did not complete the OGE Form 450 correctly and the inaccuracies were not identified and resolved during the review process. • Seven employees filed the OGE Form 450 after the required February 15th filing date. • Four OGE Form 450s were not signed by the Final Reviewing Official within 60 days of the filing date. Recommendations: We recommend that CBP: 1.

Ensure final reviewers of the OGE Form 278 are notified via email to manually select the filing by clicking on the “Submitted to Designated Agency Ethics Official (DAEO) w/out required signatures” button. The final reviewer may then access and complete their review and certification of the employee’s OGE Form 278. In addition, the email transmission from the “Supervisor” will remind the final reviewer to select the “End Initial Review” button once the review of the filing is complete to ensure that the audit trail in the Financial Disclosure Microflow contains the date that the initial review occurred. 2.

Continue the implementation of an automated OGE Form 450 filing process. The electronic OGE Form 450 is operational and will be utilized for both new entrant and annual OGE Form 450s filers. Additionally, ensure system-generated email notifications are sent to employees in covered positions regarding their requirement to file, and to supervisors and final reviewers when a filing is ready for their review. Finally, utilize the electronic OGE Form 450 to provide program offices with the capability to monitor the status of filings for all filers within their organization throughout the filing process.

FMC 12-06: Deficiencies in the Performance Management Program (NFR No. CBP-12-11) During testwork over a sample of 15 Senior Executive Service (SES) performance plans, the following deficiency was identified: • One employee did not assign weights (i.e., numerical quantifications) to each employee- specific performance objective at the beginning of the performance appraisal period. After the issue was identified, weights were assigned to their employee-specific performance objectives prior to the year-end performance appraisal. 4 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 During testwork over a sample of 45 Non-SES, Supervisory employee performance and appraisal plans, the following deficiencies were identified: • One employee did not have a mid-year review; • One employee did not have initial and mid-year performance meetings within the required timeframe; and • One employee did not have separate initial and mid-year performance meetings, but instead conducted one meeting outside of the initial and mid-year review timeframes. During testwork over a sample of 45 Non-SES, Non-Supervisory employee performance and appraisal plans, the following deficiencies were identified: • Evidence was not provided to support that one employee’s initial performance meeting had been conducted within the required timeframe; • One employee’s initial plan was not signed by a supervisory rating official within the required timeframe; and • One employee did not have an initial planning meeting or mid-year performance review within the required timeframes.

Recommendations: We recommend that CBP: 1. Non-SES Supervisory and employee programs continue implementation of the new performance management workflow (Human Resource Business Engine-Performance Management) that will allow the Labor and Employee Relations (LER) Policy Division to closely monitor the progress and timeliness of CBP program offices in their completion of employee performance plan processes. The Human Resource Business Engine-Performance Management workflow will allow the LER Policy Division to prepare reports for program offices to alert them of impending action requirements and deadlines. Additionally, CBP messaging to program offices concerning the initiation of performance plans, completion of mid-cycle performance reviews, and completion of final ratings of record should continue.

2. Continue to reinforce the requirement to assign weights for employee-specific performance objectives to all SES individuals when the SES performance agreement for the new fiscal year is issued. FMC 12-07: Insufficient Review of the Consolidated Omnibus Budget Reconciliation Act (COBRA) User Fees (CUF) and Immigration User Fees (IUF) Accounts Receivable Estimate (NFR No. CBP­ 12-13) An error on the March 2012 listing exported from the User Fee Database, which is used to generate the Accounts Receivable estimate, was not identified prior to recording the monthly Accounts Receivable accrual. The March 2012 listing of the average prior four quarters of collections by carrier was exported to Microsoft Excel and incorrectly stored several amounts as “text” instead of as “numbers”.

Therefore, these amounts were not included in the total for the March 2012 Accounts Receivable estimate. Recommendation: CBP corrected the process to resolve the underlying issue with the assistance of an OIT programmer on September 11, 2012. The download now treats all data as “numbers” rather than 5 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 “text”. This change was tested on September 13, 2012.

In addition, future reviews of this report should include specifically checking the individual receivables to ensure this type of error does not occur. FMC 12-08: Lack of Segregation of Duties over Collections and Deposits (NFR No. CBP-12-16) During testwork performed at 1 of the 11 statistically selected Ports of Entry, CBP was unable to provide evidence that an independent verifier confirmed that the deposit ticket subtotals and totals were correct by agreeing them to the cash on hand for two of the three daily collection files selected for testwork. Recommendation: We recommend that CBP’s Office of Administration continue to work with the Office of Field Operations (OFO) to ensure consistent execution of national policy set forth in the CBP Collections & Deposits Handbook (HB) 5300-12B. FMC 12-09: Weaknesses in the Trade Compliance Measurement (TCM) Program (NFR No. CBP­ 12-17) During testing performed at the 11 selected Ports of Entry, the following condition related to the TCM program was identified: • One port was unable to provide evidence that the monthly TCM database was reviewed in a timely manner and signed by a supervisor for all validation activities assigned to the port.

Recommendation: We recommend that CBP’s OFO continue developing a remedial action plan to address the compliance finding and use the audit result as a guide for TCM process improvement at OFO and Area Ports. OFO is developing measures to improve documented evidence that the monthly TCM data are timely reviewed and vouched by the assigned port manager. Highlights of the action plan include: reissue of the Trade Compliance Measurement Policy Memo; TCM reports are downloaded and assigned a unique work number and due date in an automated tracker; the report and tracking number are assigned to area port management; port management vouch their validation reviews and voucher for the timely completion of the assigned TCM tasking through email; the OFO TCM Coordinator validates these findings using Automated Commercial Environment (ACE) reports; and OFO TCM findings along with the emails are reported to close­ out the automated tracker for the period. FMC 12-10: Deficiencies over Monitoring of Ethics Requirements (NFR No. CBP-12-21) During testwork performed over a sample of 45 new employees, the following instances of non­ compliance with ethics training requirements were identified: • For nine employees, CBP was unable to provide evidence that the employee timely received ethics materials within 90 days of the employee's effective date of employment; and • For two employees, CBP was unable to provide evidence that the employee received ethics materials.

6 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 Recommendation: We recommend that CBP continue to implement procedures for tracking the receipt of ethics information by new employees, including: 1. Adding the “Acknowledgment of Receipt of Conduct Information” form to the checklist of “Required Employment Forms to Ensure Accurate Human Resources Data” that must be completed by the first day of employment. 2. Completing the “Acknowledgment of Receipt of Conduct Information” forms and storing these forms on the temporary side of an employee’s electronic Official Personnel Folder.

FMC 12-11: Untimely Undelivered Orders (UDOs) Quarterly Review (NFR No. CBP-12-22) A deficiency was identified during the walkthrough performed over the first quarterly UDO review process. Specifically, three program offices submitted their Quarterly Certification letter to the National Finance Center after the 21 day deadline. The untimely submission ranged from 7 days to 18 days after the deadline. Recommendation: We recommend that CBP continue to perform outreach to the points of contact in the program offices to obtain a status on the progress of the Quarterly Certification effort.

FMC 12-12: Weaknesses in Controls over Customs-Trade Partnership Against Terrorism (C­ TPAT) Benefits (NFR No. CBP-12-23) During testwork performed over a sample of 45 C-TPAT partners, the following instances of non­ compliance with requirements for applying and removing benefits in ACS were identified: • One C-TPAT Partner had benefits that were not appropriately removed in ACS after being suspended from the C-TPAT program; and • Three C-TPAT Partners were entitled to benefits but did not have any benefits designated in ACS. During testwork performed over a sample of 45 C-TPAT Partners, the following instance of non­ compliance with requirements for applying benefits in the Web Portal was identified: • One C-TPAT Partner had fewer benefits than it was entitled to in the Web Portal. Recommendation: We recommend that CBP continue to implement procedures to electronically link the benefits in Web Portal and ACS. FMC 12-13: Lack of Verification of Refunds (NFR No. CBP-12-24) Customs Officers and port personnel did not verify the duties, fees, charges, or exactions deposited in excess prior to issuing the refund for 1 of 45 refunds sampled during testwork performed at the Ports of Entry.

Specifically, port personnel issued the refund without confirming the Harmonized Tariff Schedule (HTS) number associated with the merchandise on the refund request. As a result, the port processed and issued a refund based on an expired HTS number. The refund did not result in an overpayment or under payment as the correct HTS 7 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 number that should have been associated with the merchandise would have resulted in a refund of the same amount. Recommendation: We recommend that CBP provide targeted communication to the noncompliant port to reinforce the importance of the requirements listed in CBP Directive 3710-004B.

FMC 12-14: Weaknesses in Controls over the Bond Sufficiency Review Process (NFR No. CBP-12­ 26) During testwork performed over 120 single transaction bond (STB) samples, the following instances of non-compliance with CBP Directive 3510-004 were identified: • For three STBs selected for bond sufficiency testwork, the total value of the bond was not sufficient to cover the total value of the merchandise being imported, plus all associated taxes, duties and fees. During testwork performed over 120 continuous bond sample items, the following instances of non-compliance with CBP Directive 3510-005 were identified: • For seven active continuous bonds, the bond amounts were insufficient as they were not greater than 10 percent of all duties, taxes and fees paid by the importer (or broker acting as the importer of record) during the previous bond year. • For two active continuous bonds, the Bond Liability Locate screen in ACS erroneously accumulated estimated duties, taxes and fees in a future bond year (2020 and 2021) due to a programming issue. In addition, the following weakness existed over the bond sufficiency process during FY 2012: • The Bond Sufficiency Report by Beginning Effective Date of Bond and the Bond Sufficiency Report by Ending Effective Date of Bond generated by the National Finance Center (NFC) do not factor in all duties, taxes, and fees paid by the importer during the previous bond year due to ACS system limitations. As a result, the report does not identify bonds that may be insufficient if the continuous bond amount is set lower than ten percent of all duties, taxes and fees paid by the importer (or broker acting as the importer of record), during the previous bond year.

Recommendations: We recommend that CBP: 1. Continue to provide direction to the field on the sufficient amount of STB coverage when STBs are required in cases where antidumping/countervailing duty (AD/CVD) evasion is suspected. When STBs are requested in such instances, ports are to request national cargo criteria to record the STB request. This will allow monitoring of the AD/CVD STBs.

CBP should also continue to develop an e-bond module in ACE for the electronic submission of all STBs. E-bond should allow for electronic reporting on STB sufficiency. 2. Continue to implement the Revenue Division’s modified monthly reports that capture insufficient bonds.

This should resolve the issue that resulted in the seven bonds that were identified as insufficient from the sample of 120 continuous bonds. 3. Work with OIT to resolve the two active continuous bonds that had future years (2020 and 2021) on the Bond Liability Locate screen in ACS. 8 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 FMC 12-15: Deficiencies in the Seized Inventory Process (NFR No. CBP-12-27) During physical inventory observation procedures conducted at 10 seized property vaults, the following deficiencies were identified: • At one vault, the log book evidenced that only one person was present in the vault for a period of time for one of the five days selected for testwork.

CBP’s policies and procedures require that two armed CBP Officers are present in the vault, when the vault is accessed. • At one vault, the amount listed on the CBP Form (CF) 6051, Custody Receipt for Seized Property and Evidence, did not agree with the amount listed in the Seized Asset and Case Tracking System (SEACATS) for one of the five CF-6051’s selected for testwork. • At one vault, one seizure in which the weight in the updated SEACATS inventory report did not agree to the amount recorded on the certified inventory count sheets for one of the 45 items observed. Recommendations: We recommend that CBP: 1. Issue a memorandum to the Directors of Field Operations and ports to inform them of the audit findings and remind them of the proper CBP policies and procedures that guide their activities concerning the custody, management, accountability of seized property, and updating SEACATS within the required time frames. 2.

Distribute a reminder to the field reinforcing vault access requirements. FMC 12-16: Deficiencies in the Review of the Department of Labor (DOL) Chargeback Report (NFR No. CBP-12-28) CBP’s Human Resource Management Office of Worker’s Compensation Programs (HRM­ OWCP) does not perform a review of the Detailed Chargeback Report on a quarterly basis. Rather, a review of significant payments is performed approximately every twelve months. However, a review was not performed in FY 2012.

Additionally, CBP was unable to provide support for 2 of the 45 CA-1, Notice of Traumatic Injury and Claim for Compensation, forms selected in the June 30, 2012 Federal Employees Compensation Act (FECA) claims sample. Recommendations: We recommend that CBP HRM-OWCP: 1. Continue reviewing the Chargeback Reports as frequently as possible to identify erroneous claims and work with other Department of Homeland Security (DHS) components to request transfer of these cases and recover erroneous charges through the Intragovernmental Payment and Collection (IPAC) system. 2.

Continue implementation of the Occupational Safety and Workers’ Compensation Working Group (WCWG), efforts to study the program’s structure, including injury prevention, case management, return-to-work initiatives and review of the quarterly chargeback process. 3. Address issues and logistics relative to retrieving claim forms and data entry of all active previous claims into eComp, CBP’s web-based electronic submission and case management system through the WCWG. 9 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 FMC 12-17: Weaknesses in CBP's Process Related to Recording Construction Percentage of Completion (POC) Amounts (NFR No. CBP-12-29) The following weakness was identified in the controls over CBP’s financial recording of the POC in FY 2012: • Lack of an internal review process in the first quarter to determine if all POC amounts were reported correctly.

Five projects were inadvertently omitted from the POC accrual due to a miscommunication between Facilities, Management, and Engineering (FM&E) and the Capital Assets Section (CAS). Subsequently, the projects were reported and included correctly in the POC accrual for the remainder of the fiscal year. Recommendation: We recommend that CBP continue to implement the updated FY 2012 FM&E policies. FMC 12-18: Untimely De-obligation of UDOs and Weaknesses in Related Controls (NFR No. CBP 12-30) During our testwork over CBP’s active and inactive UDO balances as of August 31, 2012, we selected a statistical sample of 331 UDOs and identified weaknesses in CBP’s monitoring of these obligations.

Specifically, the following deficiencies were identified: • Six instances, totaling $3.8 million, in which UDOs were no longer valid and had not been de-obligated, or identified for de-obligation. • Two instances, ranging from 5 to 32 months, in which the period of performance had expired prior to the execution of the next modification. • One instance in which the contracting officer authorized a modification for a dollar value greater than the contracting officer’s warrant authority. • Five instances in which an Invoice Receipt (IR) variance was corrected via an “MR11” transaction in SAP. Due to the program design of SAP, the “MR11” transaction is the only option available to correct a service entry sheet variance. Although the UDO balance is still valid, the “MR11” transaction returned the excess funds to either general ledger account 4610, Allotments – Realized Resources, or 4650, Allotments – Expired Authority. As a result, the UDO balance is understated by a total of $135,000.

Furthermore, the “MR11” transaction, which is essentially a de-obligation, is not reflected in general ledger account 4871, Downward Adjustments of Prior-Year Unpaid Undelivered Orders – Obligations, Recoveries, or 4971, Downward Adjustments of Prior-Year Unpaid Delivered Orders – Obligations, Recoveries. As such, the Recoveries line item on the Statement of Budgetary Resources (SBR) is understated and the transaction is not compliant with the United States Standard General Ledger. As a result of the “MR11” transaction errors identified above, an SAP report was obtained that identified all of the “MR11” transactions recorded during FY 2012. Based on an analysis performed of this report, it was determined that the Recoveries line item on the SBR is understated by approximately $13 million.

10 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 During our testwork over CBP’s UDO balance activity during the month of September 2012, we selected a statistical sample of 102 UDOs and identified weaknesses in CBP’s monitoring of these obligations. Specifically, the following deficiencies were identified: • One instance, related to two sample items, in which the period of performance had expired by approximately one month prior to the execution of the next modification. • One instance in which the UDO balance was not valid because the obligation was established in SAP on September 19, 2012; however, the Reimbursable Work Agreement (RWA) was not authorized and executed until FY 2013. As such, the UDO balance was overstated by $607,000. Recommendations: We recommend that CBP: 1.

Emphasize better communication between the Contracting Officer (CO) and Contracting Officer Representative (COR) to obtain a de-obligation request when appropriate. In addition, complete the review and implementation of the revised CBP Directive No. 1220­ 011E, Reviews of Un-liquidated Obligations and Open Goods/Service Receiving Records. 2. Continue to monitor the period of performance, especially the end date, on active contract actions to avoid lapses and ensure SAP is updated with the current period of performance end date.

3. Continue to enforce the warrant authority policy and conduct a random review of award documents to ensure compliance. 4. Reevaluate the MR11 business process to determine if the MR11 procedures or SAP postings need to be modified.

5. Communicate the procedure for processing RWA obligations to applicable staff and monitor this process to ensure compliance. FMC 12-19: Deficiencies in the Review of Standard Form (SF)-52 Personnel Action Request Tracking System (PARTS) Actions (NFR No. CBP-12-31) During testwork performed over 45 PARTS actions, one PARTS action requiring higher-level approval was processed without receiving higher-level approval. Specifically, the PARTS action related to OFO (organizational code CU13##) requesting a personnel action for reassignment (personnel action code RA) requires higher-level approval, but higher-level approval was not obtained before the PARTS action was processed.

Recommendations: We recommend that CBP’s Hiring Center: 1. Ensure that all Staffing Specialists understand the business rules, which require higher-level approval when using certain personnel action codes; and 2. Monitor PARTS actions to ensure the business rules are being properly applied. FMC 12-20: Deficiencies in the Review of Adjusting Journal Entries (JEs) (NFR No. CBP-12-32) During testwork performed over 131 standard voucher transactions as of June 30, 2012, one standard voucher was reversed without receiving proper supervisory approval.

Specifically, the topside entry recorded in FY 2011 to account for custodial activity for Puerto Rico was reversed in FY 2012 by a Staff Accountant without obtaining supervisory approval. 11 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 Recommendation: We recommend that CBP modify the Regulatory Reports Section’s Standard Operating Procedures to require review and approval for the reversal of JEs. FMC 12-21: Deficiencies in the Inventory and Related Property Process (NFR No. CBP-12-33) During testwork performed at one of the five selected Office of Air and Marine (OAM) sites performing an annual inventory, the following discrepancy was identified: • An inventory item listed on the count sheet was not physically located on the floor. Upon review, the inventory supervisor determined that the part had been shipped for repair on July 6, 2012, which was prior to the annual inventory.

However, the certified count sheets received in the completion package reflected an inventory count of one rather than zero. During testwork performed over CBP’s Certification of OAM Physical Inventories performed for all 34 sites, the following discrepancy was identified: • One inventory site did not certify its inventory. Upon review, it was determined that the nine items listed as located at this site are actually located at a different site. Furthermore, it was determined that the nine items were counted during the second site’s annual inventory and were identified during the inventory as having the incorrect location code.

However, the location code for these nine items was not appropriately updated upon completion of the inventory. Recommendations: We recommend that CBP: 1. Ensure inventory count sheets at the locations accurately reflect inventory data. 2.

Ensure inventory data in the systems accurately reflect results of inventory counts. FMC 12-22: Deficiencies in Tracking CBP Leases (NFR No. CBP-12-34) During testwork performed to verify the completeness of CBP’s September 30, 2012 lease population, a sam ple of 25 lease payments was selected. The following discrepancies were identified: • Five instances in which a payment was made for a cancellable personal property lease agreement in which the lease agreement did not appear in CBP’s listing of leases as of September 30, 2012. Additionally, CBP cannot confirm that it has accounted for all of its personal and real property leases.

Though a majority of CBP’s real and personal property leases are considered to be cancellable, thus minimizing the overall impact on the Leases footnote, the footnote could be inaccurate because CBP is not aware of all of its existing leases. Recommendations: We recommend that CBP: 1. Ensure all Property, Plant, and Equipment procured through leases are properly recorded in SAP. 12 Department of Homeland Security U.S. Customs and Border Protection Financial Management Comments September 30, 2012 2.

In conjunction with efforts to implement the lease scoring tool, utilize the Object Classification Code/Material Classification Code to create SAP asset shell records for assets procured through lease. 13 U.S. Customs and Border Protection Crosswalk – Financial Management Comments to Active NFRs September 30, 2012 Appendix A NFR Number CBP-12-01 CBP-12-02 CBP-12-03 CBP-12-04 CBP-12-05 CBP-12-05b CBP-12-06 CBP-12-06b CBP-12-07 CBP-12-07b CBP-12-08 CBP-12-08b CBP-12-09 CBP-12-10 CBP-12-11 Description Automated Commercial System (ACS) Limitations – Review of Prior Related Drawback Claims and Selectivity for Underlying Consumption Entries Lack of Implementation of Controls over Determining Classification of Leases ACS Deficiency over the Accumulation of Accelerated Payments against a Drawback Bond Insufficient Retention Period for Documents that Support Drawback Claims Improper Settlement of Assets, including Untimely Capitalization of Assets from Construction in Progress (CIP) as of 4/30/2012 Improper Settlement of Assets, including Untimely Capitalization of Assets from CIP as of 7/31/2012 and 9/30/2012 Weaknesses in CBP’s Process Related to Asset Additions as of 4/30/2012 Weaknesses in CBP's Processes Related to Asset Additions and Classification of Property, Plant, and Equipment (PP&E) related transactions as of 7/31/2012 and 9/30/2012 Weaknesses in Controls over Timely Processing of Goods and Services Received as of 3/31/2012 Weaknesses in Controls over Timely Processing of Goods and Services Received as of 7/31/2012 and 9/30/2012 Weaknesses in CBP's Process Related to Asset Disposals as of 4/30/2012 Weaknesses in CBP's Process Related to Asset Disposals as of 7/31/2012 Insufficient Review of ACS and User Fee Database Reconciliation Deficiencies in the Public and Confidential Financial Disclosure Reporting Process Deficiencies in the Performance Management Program CBP-12-12 ACS Deficiencies over Non-Entity Accounts Receivable and CBP's Ability to Effectively Monitor Collection Actions CBP-12-13 Insufficient Review of the Consolidated Omnibus Budget Reconciliation Act (COBRA) User Fees (CUF) and Immigration User Fees (IUF) Accounts Receivable Estimate Disposition* Independent Auditors’ Report Non- Significant Compliance Deficiency Material Weakness FMC Number A A B B B B B B 12-01 12-02 12-03 12-03 12-04 12-05 12-06 12-07 Compliance Determined at Department Level CBP-12-14 Detection of Excessive Drawback Claims A 14 U.S. Customs and Border Protection Crosswalk – Financial Management Comments to Active NFRs September 30, 2012 Appendix A NFR Number CBP-12-15 CBP-12-16 CBP-12-17 Description Lack of System Integration and Compliance with the United States Standard General Ledger at the Transaction Level Related to Inventory and Related Property, Net Lack of Segregation of Duties over Collections and Deposits Weaknesses in the Trade Compliance Measurement (TCM) Program CBP-12-18 Deficiencies in the In-Bond Process Weaknesses in the Review of Entry Edit/Exception Reports CBP-12-19 CBP-12-20 Management Oversight of PP&E CBP-12-21 CBP-12-22 CBP-12-23 Deficiencies over Monitoring of Ethics Requirements Untimely Undelivered Orders (UDOs) Quarterly Review Weaknesses in Controls over Customs-Trade Partnership Against Terrorism (C-TPAT) Benefits CBP-12-24 Lack of Verification of Refunds CBP-12-25 CBP-12-26 Weaknesses Identified in the Bonded Warehouse and Foreign Trade Zone Processes and Procedures Weaknesses in Controls over the Bond Sufficiency Review Process CBP-12-30 CBP-12-29 CBP-12-28 CBP-12-27 Deficiencies in the Seized Inventory Process Deficiencies in the Review of the Department of Labor (DOL) Chargeback Report Weaknesses in CBP's Process Related to Recording Construction Percentage of Completion (POC) Amounts Untimely De-obligation of UDOs and Weaknesses in Related Controls Deficiencies in the Review of Standard Form (SF)-52 Personnel Action Request Tracking System (PARTS) Actions Deficiencies in the Review of Adjusting Journal Entries (JEs) Deficiencies in the Inventory and Related Property Process CBP-12-32 CBP-12-31 CBP-12-33 Disposition* Material Weakness Independent Auditors’ Report Non- Significant Compliance Deficiency Compliance Determined at Department Level FMC Number C C B C 12-08 12-09 12-10 12-11 12-12 12-13 12-14 12-15 12-16 12-17 12-18 12-19 12-20 12-21 12-22 CBP-12-34 Deficiencies in Tracking CBP Leases *Disposition Legend: FMC Financial Management Comment Cross-reference to the applicable sections of the Independent Auditors’ Report: A B C Drawback of Duties, Taxes, and Fees Property, Plant, and Equipment Entry Process 15 U.S. Customs and Border Protection Status of Prior Year Findings September 30, 2012 Appendix B FY12 Disposition Repeat (FY12 NFR No.) Closed X FY11 NFR No. CBP-11-01 CBP-11-02 CBP-11-03 Description Certification of Refund and Drawback Payments Insufficient Retention Period for Documents that Support Drawback Claims Automated Commercial System (ACS) Deficiency over the Accumulation of Accelerated Payments Against a Drawback Bond CBP-11-04 ACS Limitations – Review of Prior Related Drawback Claims and Selectivity for Underlying Consumption Entries CBP-11-05 CBP-11-06 CBP-11-07 CBP-11-07b CBP-11-08 CBP-11-08b CBP-11-09 CBP-11-09b ACS Deficiencies over Non-Entity Accounts Receivable and CBP’s Ability to Effectively Monitor Collection Actions Lack of System Integration and Compliance with the United States Standard General Ledger at the Transaction Level Related to Inventory and Related Property, Net Weaknesses in CBP's Process Related to Asset Additions and Classification of Property, Plant, and Equipment (PP&E) Related Transactions as of 4/30/2011 Weaknesses in CBP's Process Related to Asset Additions and Classification of PP&E Related Transactions as of 7/31/2011 and 9/30/2011 Improper Settlement of Assets, Including Untimely Capitalization of Assets from Construction in Progress (CIP) as of 4/30/2011 Improper Settlement of Assets, Including Untimely Capitalization of Assets from CIP as of 7/31/2011 and 9/30/2011 Weaknesses in CBP' 4/30/2011 Weaknesses in CBP' 7/31/2011 and 9/30/2011 s Process Related to Asset Disposals as of s Process Related to Asset Disposals as of CBP-11-10 Lack of Controls over Timely Processing of Goods and Services Received as of 3/31/2011 CBP-11-10b Lack of Controls over Timely Processing of Goods and Services Received as of 7/31/2011 and 9/30/2011 CBP-11-11 CBP-11-12 CBP-11-13 CBP-11-14 CBP-11-15 CBP-11-16 CBP-11-17 CBP-11-18 CBP-11-19 CBP-11-20 CBP-11-21 CBP-11-22 Weaknesses in the Monitoring and Review Process over Fines, Penalties, and Forfeitures (FP&F) cases Lack of Implementation of Controls over Determining Classification of Leases Weaknesses in the Review of Weekly Entry Edit/Exception Reports Lack of Evidence of Review of the D28 Alert Report Detection of Excessive Drawback Claims Deficiencies in the In-Bond Process Deficiencies in the Public Financial Disclosure Reporting Process Deficiencies in the Performance Management Program Weaknesses in Controls over Automated Journal Entries (JEs) Weaknesses in Controls over the Bond Sufficiency Review Process Incorrect use of CBP Overtime Scheduling System Codes Lack of Formal Process for Determining Required Supervisory Reviews X X X X X 16 CBP-12-04 CBP-12-03 CBP-12-01 CBP-12-12 CBP-12-15 CBP-12-06 CBP-12-06b CBP-12-05 CBP-12-05b CBP-12-08 CBP-12-08b CBP-12-07 CBP-12-07b CBP-12-02 CBP-12-19 CBP-12-14 CBP-12-18 CBP-12-10 CBP-12-11 CBP-12-26 U.S. Customs and Border Protection Status of Prior Year Findings September 30, 2012 Appendix B FY12 Disposition Closed Repeat (FY12 NFR No.) CBP-12-21 CBP-12-22 CBP-12-25 CBP-12-17 CBP-12-20 CBP-12-30 CBP-12-29 CBP-12-28 FY11 NFR No. CBP-11-23 CBP-11-24 CBP-11-25 CBP-11-26 CBP-11-27 CBP-11-28 CBP-11-29 Description Deficiencies over Monitoring of Ethics Requirements Weaknesses in the Quarterly Undelivered Orders (UDO) Review Process Weaknesses Identified in the Bonded Warehouse and Foreign Trade Zone Processes and Procedures Weaknesses in the Trade Compliance Measurement (TCM) Program Management Oversight of PP&E Untimely De-obligation of UDOs Weaknesses in CBP's Process Related to Recording Construction Percentage of Completion (POC) Amounts CBP-11-30 CBP-11-31 Weaknesses in CBP's Payroll Reconciliation Process Insufficient Review of Manual Journal Entries X X CBP-11-32 Deficiencies in the Review of the Department of Labor (DOL) Chargeback Report 17 U.S. Customs and Border Protection Management Response to the Draft Management Letter September 30, 2012 Appendix C 1300 PennsylvmJ;!' Avenue NW Washington. DC 20 22 9 us. Customs and Border Protection FEB 1 5 2013 MEMORANDUM FOR: FROM: SUBJECT: Anne L. Richards As. ... ista nt Inspector General for Aud its Department of Homeland Security Deborah 1.

Schill ing Chief financial Officer U.S. Customs and Border Protection Management Response to CDP 's FY 20 12 Consulidated Financial Stateme nts Management Letter Report T hank you fo r the oPJX'rtunilY to review and comment on this report.

U. S.

Customs and Border Protection (CBP) ha.s reviewed and concurs wi th all weaknesses contai ned in the report. CBP will continue to work toward th e resolu tion of the audi tor identified weaknesses. I want to thank you for your e fforts and louk forward to continuing o ur professional auditing relationship. If you have any questions or would like additional informat ion, please contact me at (202) 344-2300, or have a member of your staff may conlac t Ms. Jaye.\1.

Will iams, Executive Director. Financial Operati ons Directorate. at (202) 344-2364. Deborah J. Schilling Attachments 18 OFFICE OF INSPECTOR GENERAL Department of Homeland Security Appendix D Report Distribution Department of Homeland Security Secretary Deputy Secretary Chief of Staff Deputy Chief of Staff General Counsel Executive Secretary Director, GAO/OIG Liaison Office Assistant Secretary for Office of Policy Assistant Secretary for Office of Public Affairs Assistant Secretary for Office of Legislative Affairs Acting Chief Privacy Officer Chief Financial Officer Chief Information Officer U.S. Customs and Border Protection Commissioner Chief Financial Officer Chief Information Officer Office of Management and Budget Chief, Homeland Security Branch DHS OIG Budget Examiner Congress Congressional Oversight and Appropriations Committees, as appropriate www.oig.dhs.gov 19 OIG-13-48 ADDITIONAL INFORMATION AND COPIES To obtain additional copies of this document, please call us at (202) 254-4100, fax your request to (202) 254-4305, or e-mail your request to our Office of Inspector General (OIG) Office of Public Affairs at: [email protected]. For additional information, visit our website at: www.oig.dhs.gov, or follow us on Twitter at: @dhsoig.

OIG HOTLINE

To expedite the reporting of alleged fraud, waste, abuse or mismanagement, or any other kinds of criminal or noncriminal misconduct relative to Department of Homeland Security (DHS) programs and operations, please visit our website at www.oig.dhs.gov and click on the red tab titled "Hotline" to report. You will be directed to complete and submit an automated DHS OIG Investigative Referral Submission Form. Submission through our website ensures that your complaint will be promptly received and reviewed by DHS OIG. Should you be unable to access our website, you may submit your complaint in writing to: DHS Office of Inspector General, Attention: Office of Investigations Hotline, 245 Murray Drive, SW, Building 410/Mail Stop 2600, Washington, DC, 20528; or you may call 1 (800) 323-8603; or fax it directly to us at (202) 254-4297.

The OIG seeks to protect the identity of each writer and caller.

Chat with this agency guidance using AI

Ask CiteLaw's AI Navigator anything about this agency guidance, verify citations, and research related authorities. Sign up for CiteLaw free today to get started.