What GAO Found The Department of State leads U.S. government international cyber diplomacy efforts to advance U.S. interests in cyberspace. To help achieve those objectives, State established the Bureau of Cybersecurity and Digital Policy (CDP) in April 2022. In doing so, State addressed GAO's recommendations to involve federal stakeholders and use data and evidence in planning for the bureau. State created the bureau to elevate cyberspace as an organizing concept for U.S. diplomacy by consolidating efforts and leadership of cyber-related activities into a single unit. CDP's cyber diplomacy strategic objectives include building coalitions, strengthening capacity, and reinforcing norms. New Entities State Created in 2022 to Elevate Cyber Priorities In 2024, GAO reported that State conducts a range of diplomatic and foreign assistance activities aligned with U.S. cyber objectives. For example, State works to build coalitions of countries that share U.S. strategic objectives to (1) counter threats to the U.S. digital ecosystem and (2) reinforce global norms of responsible state behavior. CDP leads or coordinates many of these activities for State. For example, CDP rallies countries that share U.S. goals to coordinate policies that advance an open, free, global, interoperable, reliable and secure internet. CDP also facilitates bilateral diplomacy efforts through activities such as interagency whole-of-government cyber dialogues, which involve communication with partner nations. GAO also reported that CDP faced ongoing organizational challenges, including clarifying roles, hiring staff, and ensuring it had the expertise needed to carry out its goals. Although cyber responsibilities are defined under the new structure, roles remain deliberately shared across government, making clarification an ongoing challenge. CDP was also working to clarify State's role in the interagency process and maintain its lead in cyber diplomacy. CDP officials noted that defining roles across overlapping issues and sustaining internal communication and visibility remain key challenges, especially given the broad scope of cyber issues. Ensuring the bureau has trained staff to carry out its goals may also be a challenge. State must effectively navigate these challenges for CDP to achieve its stated goals. Why GAO Did This Study As international trade, communication, and critical infrastructure grow more dependent on cyberspace and digital technology, the U.S. and its allies face intensifying foreign cyber threats in critical areas. Foreign governments and non-state actors are increasingly using cyberspace as a platform from which to target critical infrastructure and U.S. citizens. This undermines democracies and international institutions and organizations. It also undercuts fair competition in the global economy by stealing ideas when they cannot create them. CDP's mission is to promote U.S. national and economic security by leading, coordinating, and elevating foreign policy on cyberspace and digital technologies. This statement discusses: the evolution of cyber diplomacy at State that led to the eventual creation of CDP, including the status of recommendations GAO made during its creation; how the bureau has organized itself to accomplish cyber diplomacy goals and the types of efforts it undertakes; and challenges the bureau faces in fulfilling its goals. This statement is based on three GAO reports related to State's cyber diplomacy programs— GAO-20-607R, GAO-21-266R, and GAO-24-105563. For that work, GAO analyzed State documents and data and interviewed agency officials. For a full list of the reports, see Related GAO Products at the conclusion of this statement. For more information, contact Latesha Love-Grayer at lovegrayerl@gao.gov.

To alert the audit community to changes in professional standards, we periodically issue Professional Standards Updates (PSU). These updates highlight the effective dates of recently issued standards and guidance related to engagements conducted in accordance with Government Auditing Standards. PSUs contain summary information only, and those affected by a change should refer to the respective standard or guidance for details.

In fiscal year 2024, GAO's work yielded over $67.5 billion in financial benefits. Our average return on investment for the past 6 years is $123 for every dollar invested in GAO. In fiscal year 2024, GAO also identified 1,232 programmatic and operational benefits that led to improved services to the American people, strengthened public safety, and spurred improvements across government. Congress routinely uses GAO's work to inform key legislative decisions. For example, based on GAO recommendations, Congress: directed DOD to establish minimum standards for military housing to address poor conditions; required the FAA to develop a strategy to safely integrate drones into the national airspace; and directed the National Nuclear Security Administration to improve cybersecurity practices. GAO's fiscal year 2026 request reflects continued high demand for GAO services. Over the past 4 years, GAO has received, on average, 627 new congressional requests for studies each year, which includes requests from committee leadership and mandates (provisions in legislation and related reports). For example, the latest National Defense Authorization Act and related reports included 95 mandates for GAO; the Water Resources Development Act of 2024 included 26 mandates; and the Federal Aviation Administration Reauthorization Act of 2024 included 36 mandates. In addition to conducting work for new mandates, GAO has over 150 mandates that have recurring reporting requirements. For example, GAO performs annual financial audits of the SEC, FDIC, and IRS, among others. GAO also provides an increasing amount of technical assistance to Members and committees. In fiscal year 2024, GAO provided over 1,100 instances of this informal, quick-turnaround assistance. GAO's fiscal year 2026 budget request is for $933.9 million in appropriated funds and $72.2 million in offsetting receipts. GAO's workforce is projected to shrink by 126 employees in fiscal year 2025 due to the full-year continuing resolution. The fiscal year 2026 budget request would allow GAO to build back some, but not all, of this loss. These resources will enable GAO to meet the priority needs of the Congress, including five key areas of importance to the nation and Congress: National Security Enterprise. GAO evaluates an array of national security efforts in areas such as military readiness, major weapons systems acquisitions, space programs, and the U.S. nuclear complex. The size and complexity of these efforts continue to grow; the fiscal year 2025 continuing resolution increased defense spending by $6 billion over fiscal year 2024 enacted levels. Science and Technology. There is growing demand for GAO's science and technology work. GAO has focused on enhancing this area to meet increased demands from Congress. GAO's science and technology team, for example, provided over 90 technical consultations to Congress in 2024 alone. GAO's portfolio of ongoing and future work includes many aspects of artificial intelligence, medical research and applications, critical minerals recovery, and quantum computing. Fraud Prevention. GAO examines government efforts to safeguard programs from fraud by focusing agencies more on prevention. In 2024, GAO estimated the federal government lost between $233 billion and $521 billion annually between fiscal years 2018-2022. Similarly, GAO reported that agencies estimated $162 billion in improper payments in 2024, but this does not represent the full extent of this problem. Cybersecurity. GAO assesses the development and execution of a comprehensive national cybersecurity strategy, the cybersecurity of 16 critical infrastructure sectors across the U.S., and the security of federal information systems. Health Care Costs. GAO examines the sustainability and integrity of the Medicare and Medicaid programs, Veterans Affairs, DOD, and Indian Health Service health care services. The fiscal year 2026 budget request will also allow GAO to address internal operational needs as well as critical projects and initiatives deferred in fiscal year 2025. Specifically, GAO will advance ongoing IT modernization, cloud management, and storage solutions initiatives while also enhancing internal cyber security controls. Additionally, GAO will continue space optimization projects at both our headquarters building and field offices to increase leasable space and address critical building infrastructure enhancements to improve safety, strengthen reliability, and reduce costs. Background GAO's mission is to support Congress in meeting its constitutional responsibilities and to help improve the performance and ensure the accountability of the federal government for the benefit of the American people. GAO's work spans the full breadth and scope of the federal government's responsibilities. Congress relies on GAO's nonpartisan, objective, and high-quality work to help inform congressional deliberations as well as oversight of the executive branch. GAO routinely conducts work for the Chairs or Ranking Members of over 90 percent of all standing committees. Since fiscal year 2002, GAO's work has resulted in over: $1.45 trillion dollars in financial benefits; and Over 29,000 program and operational benefits that helped to change laws, improve public safety, and promote sound management throughout government. For more information, contact A. Nicole Clowers at ClowersA@gao.gov.

What GAO Found The Department of Defense (DOD) has made some progress in improving its financial management efforts. However, more remains to be done to address significant remaining issues and for DOD to realize its goal of achieving an unmodified (“clean”) audit opinion by the end of 2028. In February 2025, GAO found that DOD's efforts to address its financial management and business systems modernization high-risk areas demonstrated leadership's commitment to addressing them. However, GAO also found that other areas, such as action plans and demonstrating results, needed further attention. GAO also expanded the financial management high-risk area to include fraud risk management. For fiscal years 2017 through 2024, DOD reported about $10.8 billion in confirmed fraud. The full extent of fraud affecting DOD is not known but is potentially significant. Until DOD implements a comprehensive antifraud strategy that effectively aligns with leading practices, as GAO has recommended, its programs and significant expenditures will remain at substantial risk of fraud. DOD has also taken steps to address audit findings in pursuit of its goal of achieving a clean audit opinion in 2028. These have included identifying priority areas and developing a strategy, plans, and roadmaps to systematically address major impediments. According to DOD, it is also studying lessons learned from the Marine Corps' approach, which resulted in clean audit opinions for fiscal years 2023 and 2024. Nevertheless, the DOD Inspector General has identified 17 scope-limiting material weaknesses that are significant roadblocks to DOD's clean audit opinion goal. DOD has developed a timeline for addressing these weaknesses (see figure). DOD's Timeline for Addressing Selected Scope-Limiting Material Weaknesses DOD has made progress in addressing some of its scope-limiting material weaknesses. However, DOD needs to accelerate the pace at which it addresses these long-standing issues. DOD has also achieved a variety of benefits from its efforts to improve its financial management, including cost savings and avoidances and improvements to financial systems and data. GAO has over 100 open recommendations aimed at improving DOD financial management. To make greater progress, DOD needs to address these open recommendations associated with, among other things, challenges DOD faces in meeting target remediation dates, addressing auditor-identified deficiencies, and improving efforts to manage fraud risk. Addressing these recommendations and the DOD Inspector General's material weaknesses will help DOD achieve the benefits of a clean audit opinion and improved program integrity. Why GAO Did This Study DOD is responsible for about half of the federal government's discretionary spending and about 82 percent of the federal government's total physical assets. DOD obtaining a clean audit opinion is important to ensure that its financial statements and underlying financial management information are reliable for decision-making. DOD's financial management and business systems modernization efforts have both been on GAO's High-Risk List since 1995. DOD has taken steps over the last 30 years to improve these areas. However, the department needs to address pervasive weaknesses in its finances, fraud risk management, and IT acquisition management. To help DOD improve its financial management, DOD's auditors have issued thousands of notices of findings and recommendations and identified associated material weaknesses. DOD has taken important steps to address these findings and weaknesses but has faced challenges in meeting target remediation dates. This testimony discusses (1) GAO's high-risk areas of DOD financial management (including fraud risk management) and DOD business systems modernization; (2) DOD's efforts to address audit findings and associated impediments; and (3) DOD's progress, audit benefits, and next steps to achieving a clean audit opinion in 2028. This testimony is based on GAO work from 2020 through 2025 related to DOD financial management. Details on GAO's methodology can be found in each of the reports cited in this statement. For more information, contact Asif Khan at khana@gao.gov, Vijay D’Souza at dsouzav@gao.gov, or Seto Bagdoyan at bagdoyans@gao.gov.

This supplement is a companion to GAO's report entitled Subminimum Wage Program: Employment Outcomes and Views of Former Workers in Two States, GAO-25-106471. The purpose of this supplement is to provide an "Easy Read" version of the report. Easy Read reports are one way some groups make their written information easier to understand. For example, Easy Read documents use short sentences and plain language. Some employers are allowed to pay wages below the federal minimum to people with disabilities. These jobs are called subminimum wage jobs. GAO found that 16 states have passed laws to end subminimum wage jobs. GAO looked at what happened in two of these states, Colorado and Oregon. GAO found that the states could not track what happened to all people who used to work in subminimum wage jobs. Of the people they could track, about half went to community or other jobs. The remaining people the states could track went to unpaid programs like day services or programs that offered job skills training. GAO asked people and their caregivers in these two states about their experiences working in subminimum wage jobs and after subminimum wage jobs ended. They told GAO about both positive and challenging experiences they had in their subminimum wage jobs, as well as in community jobs. For both kinds of jobs, more people talked about positive experiences than challenges they had. For more information, contact Elizabeth Curda at EWISInquiry@gao.gov.

What GAO Found As of January 2025, 16 states had enacted legislation to eliminate the use of 14(c) certificates, according to the Department of Labor (DOL) and state officials. DOL can grant these certificates to employers to pay wages below the federal minimum to certain individuals with disabilities. These states enacted legislation between 2015 and 2025, according to DOL and state officials. States That Have Enacted Legislation Eliminating the Use of 14(c) Certificates as of January 2025, According to DOL and State Information GAO's analysis of data from two selected states that eliminated the use of 14(c) certificates—Colorado and Oregon—provides a partial picture of outcomes in those states. As of 2023 (the most recent data available), fewer than half of the approximately 1,000 people these states were able to track had moved from 14(c) to some other type of employment. This included competitive integrated employment (CIE), which entails earning a competitive wage at or above the federal minimum alongside people without disabilities. The remaining 54 to 61 percent of people the states were able to track were not working but were receiving non-employment services funded by Medicaid, such as day services to build socialization and daily living skills. Both states were not able to easily track outcomes for people who no longer received Medicaid services. Those individuals may or may not be working; may have chosen to retire; may have lost eligibility; or may no longer be living, according to state officials. People who previously worked in 14(c) employment and their caregivers in the selected states discussed positive and challenging experiences related to 14(c) employment and CIE. For both types of employment, more interview participants discussed positive experiences than challenging ones. For instance, people frequently cited liking the tasks they completed and the interpersonal relationships they had in both 14(c) employment and CIE. People also discussed a range of experiences with their transition out of 14(c) employment, such as opportunities for new social connections and challenges related to finding CIE. Why GAO Did This Study The 14(c) program originated from a provision of the Fair Labor Standards Act of 1938. Almost 40,000 people with disabilities were working under 14(c) certificates as of November 2024. Proposed federal legislation to eliminate the use of 14(c) certificates has raised questions about what happens to people when the program is eliminated. GAO was asked to review the effects of eliminating the use of 14(c) certificates on 14(c) workers. This report examines (1) which states have eliminated the use of 14(c) certificates and are collecting outcome data on former employees, (2) post-14(c) employment outcomes in two selected states, and (3) the views of people who previously worked in 14(c) employment and their caregivers in selected states about the transition away from 14(c) employment. GAO selected a nongeneralizable sample of two states, selected in part because they collected multiple years of relevant data. In Colorado, GAO analyzed data on former 14(c) workers from July 2021 to February 2024. In Oregon, GAO analyzed data on former 14(c) workers from July 2014 to April 2024. GAO also conducted in-person interviews with a nongeneralizable sample of 19 individuals from these two states who previously worked in 14(c) employment and their caregivers, selected to represent a range of experiences with the transition out of 14(c) employment in rural and urban settings. For more information, contact Elizabeth H. Curda at EWISInquiry@gao.gov.

What GAO Found The General Services Administration (GSA) selected 362 projects in federal buildings across the U.S. to receive Inflation Reduction Act (IRA) funding, as of January 31, 2025. The funding was targeted to support low-embodied carbon materials, emerging and sustainable technologies, and high-performance green building features. Selected applications included low-emissions concrete, electric heat pumps, and building-level energy meters. GSA's estimated costs for these projects accounted for 99 percent of its total available IRA funding. As of January 31, 2025, GSA reported obligating 49 percent of its available IRA funding and had expended 5 percent (see table). As of February 2025, GSA officials stated that the IRA program is under review and priorities and goals could change. General Services Administration (GSA) Recorded Total Obligations and Expenditures Under the Inflation Reduction Act, as of January 31, 2025 Dollars in millions Inflation Reduction Act program Available Obligated (%) Expended (%) Low embodied carbon materials $2,150 $767 (36%) $102 (5%) Emerging and sustainable technologies $975 $683 (70%) $49 (5%) High-performance green buildings $250 $204 (82%) $25 (10%) Total $3,375 $1,654 (49%) $176 (5%) Sources: GAO (analysis); GSA (data). | GAO-25-107349 GSA followed leading practices in capital decision-making when selecting projects for two of its three IRA programs. Specifically, GSA developed a framework for evaluating and selecting projects for the low embodied carbon and emerging and sustainable technology programs. In contrast, GSA had not established a selection framework for evaluating and selecting projects for the high-performance green building program. GSA officials explained that they focused on developing selection frameworks for the two IRA programs with earlier statutory deadlines of 2026 for obligating funds (the deadline for the high-performance green building program is 2031). Nevertheless, establishing a selection framework with criteria for selecting high-performance green building projects would help ensure that GSA makes sound capital investment decisions for this program, including any adjustments to existing selections that it may choose to make. GSA established 11 performance goals to track progress across its IRA programs as of December 31, 2024. Each goal had one or more quantitative targets with associated time frames. The time frames were typically upon completion of the final IRA project, which was at least several years in the future. However, GSA had not established interim targets for any of the 11 performance goals, which is a practice that could help the agency assess whether it is achieving its goals over time. In addition, no one public document contained all the goals, and the public descriptions of three of the goals did not mention the goals' targets. GSA officials noted that the IRA does not require it to publish performance goals. They said that GSA often chooses not to publish goals beyond those required, instead using them internally to help ensure effectiveness. However, without readily accessible and more complete performance information, Congress and the public will have only limited insight into whether GSA's $3.375 billion in IRA project investments are achieving their intended goals. Why GAO Did This Study GSA maintains more than 1,500 federally owned buildings. The Council on Environmental Quality has identified these buildings as a major source of the federal government's greenhouse gas emissions and energy and water use. The IRA provided GSA with a combined $3.375 billion for sustainability improvements. GAO was asked to review GSA's IRA activities. The IRA also includes a provision for GAO to support oversight of the use of IRA funds. This report examines, as of December 31, 2024, (1) how GSA planned to use its IRA funds, (2) the extent to which it followed leading practices when selecting projects to fund, and (3) the extent to which it established IRA performance goals, among other issues. GAO analyzed GSA's IRA spending plan, including updates as of January 31, 2025, its IRA risk management plan, and other agency documents. GAO interviewed officials who manage GSA's IRA programs and visited three IRA project sites, representing a range of building types and IRA funding programs to observe progress. GAO assessed GSA's efforts for project selection against two leading practices for capital decision-making.

What GAO Found Fifteen federal agencies reported that in total they were appropriated approximately $711.8 billion in Infrastructure Investment and Jobs Act (IIJA) funding available to award as grants to Tribes, states, localities, and territories across over 100 programs. The Department of Transportation was appropriated 74 percent of the available funds for these recipients. Agency Reported Infrastructure Investment and Jobs Act Appropriations for Grant Funding Available to Tribes, States, Localities, and Territories Notes: Agency officials provided these data between September 2024 and March 2025. Grants include federal funding obligated through cooperative agreements. Some of the appropriated funds are also available to entities other than Tribes, states, localities, and territories as determined by the agencies. Appropriations data excludes all actual and projected set-asides, administrative expenses, transfers to inspectors general, and other expenses reported by the agencies. The totals by agency may not add up to the $711.8 billion in Infrastructure Investment and Jobs Act funds identified by agencies as available to Tribes, states, localities, and territories due to rounding. Of the $711.8 billion in potential IIJA funds for grants identified, $580.6 billion (82 percent) became available to the 15 agencies to obligate toward infrastructure projects between fiscal year 2022 and fiscal year 2025. The remaining $131.2 billion (18 percent) will become available for obligation in fiscal year 2026. The obligation deadline for these funds varies depending on the program receiving funds According to data obtained from USAspending.gov, as of December 31, 2024, agencies reported obligating $275.1 billion (47 percent) and outlaying $119.4 billion (21 percent) of the $580.6 billion available between fiscal year 2022 and fiscal year 2025. These obligations and outlays represent 39 and 17 percent, respectively, of the $711.8 billion in IIJA funds identified as available to these recipients. On January 20, 2025, President Trump signed Executive Order “Unleashing American Energy,” which directs agencies to pause disbursement of IIJA funds and review the processes, policies, and programs for issuing grants for the corresponding programs. On January 21, 2025, the Office of Management and Budget issued a memorandum clarifying that the pause on IIJA funds disbursement applies only to funds supporting programs, projects, or activities that contravene administration policies outlined in the executive order. Additionally, on February 26, 2025, President Trump signed an Executive Order directing agencies to review certain grant programs in order to reduce spending and promote efficiency. The extent of public reporting on performance measures and results for IIJA programs varied by agency as of January 2025. Some agencies told GAO that they plan to report more performance information about their IIJA programs in the future. Why GAO Did This Study The IIJA, enacted in November 2021, appropriated funds to federal agencies to support transportation, clean energy and power, broadband, and other infrastructure projects. Agencies continue to distribute much of this funding through grants to Tribes, states, localities, and territories. GAO prepared this report at the initiative of the Comptroller General. This report describes IIJA grant funding and the status of that funding to Tribes, states, localities, and territories. It also describes how agencies are reporting on the implementation of the funds. To conduct this work, GAO reviewed federal laws, regulations, and guidance as well as agency documentation. GAO analyzed publicly available agency data, including data on USAspending.gov, and interviewed officials from 15 agencies that were appropriated IIJA funds available to issue grant awards to Tribes, states, localities, and territories. For more information, contact Jeff Arkin at arkinj@gao.gov.

What GAO Found Pursuant to federal law, the Department of Homeland Security (DHS) implemented a grant program to help state, local, tribal, and territorial governments address cybersecurity risks and threats. As of August 1, 2024, DHS provided about $172 million in grants to 33 states and territories. The grants are funding 839 state and local cybersecurity projects that align with core cybersecurity functions as defined by the National Institute of Standards and Technology (see figure). The projects include developing cybersecurity policy, hiring cybersecurity contractors, upgrading equipment, and implementing multi-factor authentication. Such projects are essential to identifying risks, protecting systems, detecting events, and responding to and recovering from incidents. Overview of Cybersecurity Project Types Approved for State and Local Cybersecurity Grant Program Funding for Fiscal Years 2022 and 2023 In administering the State and Local Cybersecurity Grant Program, DHS's Federal Emergency Management Agency (FEMA) and Cybersecurity and Infrastructure Security Agency (CISA) are responsible for reviewing (1) cybersecurity grant applications and (2) applicants' proposed cybersecurity projects. GAO found that the review and selection processes used by these agencies met the law's specific requirements. For example, CISA used a checklist to validate that applicants' cybersecurity plans contained 16 elements required by the act. GAO also found that seven selected applicants met the grant program's eligibility requirements, with allowed exceptions. For example, applicants were allowed to submit investment justifications without detailing project-level information if they were not yet ready when the applications were due. In these cases, DHS held awarded funds until applicants addressed requirements. Selected state and territory officials had positive feedback about the grant program, such as FEMA's willingness to make improvements to the application process. Officials also noted challenges, including sustaining cybersecurity projects after the grant program ends. For example, officials from three states emphasized the importance of reauthorizing the program. However, officials from other states said that they plan to use other federal grant programs or state and local-level funds to continue funding cybersecurity projects. Why GAO Did This Study State, local, tribal, and territorial governments provide essential services, including public utilities, healthcare, and public safety. To help address cybersecurity risks and threats to these essential services, DHS implemented a cybersecurity program under the State and Local Cybersecurity Improvement Act. The act includes a provision in statute for GAO to review DHS's grant program. This report (1) identifies, categorizes, and describes the projects funded by the grant program, (2) examines the extent to which DHS's grant program review process met the requirements of the act, (3) examines the extent to which selected applicants met eligibility requirements, and (4) describes selected state and territory officials' views on the program. GAO identified and summarized approved cybersecurity projects under the State and Local Cybersecurity Grant Program. GAO analyzed requirements for FEMA and CISA in administering the grant program. GAO also selected a nongeneralizable random sample of seven state and territory grant applicants from various regions of the country to examine the extent to which applicants met eligibility requirements. GAO interviewed selected officials from seven states and two territories who agreed to provide their views on the program. For more information, contact David B. Hinchman at hinchmand@gao.gov, or Tina Won Sherman at shermant@gao.gov.

What GAO Found The Department of Veterans Affairs (VA) is the only federal entity that oversees all state veterans homes. The Centers for Medicare & Medicaid Services (CMS) and state agencies also have an oversight role in some of these homes. While these homes are owned and operated by states, VA helps pay for care for eligible veterans and is required to ensure each home meets VA's quality standards. To do this, VA conducts regular inspections. Homes that do not meet standards can be cited for deficiencies. CMS also conducts inspections in homes that receive Medicare or Medicaid payments and can also cite deficiencies. For example, as of January 2022, CMS inspected 116 of the 153 state veterans homes. In response to GAO's 2022 national survey of state agencies that operate state veterans homes, 43 states also reported inspecting homes for compliance with state-specific regulations. VA has implemented three of four GAO recommendations to strengthen oversight of state veterans homes. For example, VA developed a process to consistently follow up with homes that have not implemented their corrective action plans by agreed upon dates. However, VA has not addressed GAO's recommendation to identify a range of enforcement actions to bring state veterans homes into compliance with quality standards. Unlike CMS, VA lacks a range of enforcement actions (see figure). At the time of GAO's report, over 40 percent of homes were deficient in the same standard in both 2019 and 2021. VA had never used its only enforcement action, withholding payment, considering it too severe for most situations. VA officials said they were considering seeking legislative authority to take additional enforcement actions to ensure compliance with quality standards. Available Enforcement Actions for Department of Veterans Affairs and Selected Actions for Centers for Medicare & Medicaid Services, as of November 2022 However, in 2025, VA officials said they are no longer pursuing the identification of additional enforcement actions and corresponding legislative authority. Instead, in 2024 VA developed a new enforcement plan that strengthens timelines and increases the amount of follow-up with homes that have deficiencies. However, the plan does not include a mechanism to compel compliance with VA's quality standards. GAO maintains that having a range of enforcement options would help VA meet its program goals, align VA's practices with CMS's, and help VA ensure veterans receive quality care in state veterans homes. Why GAO Did This Study Veterans—like many other Americans—rely on nursing home care to help meet their health needs as they age. In fiscal year 2023, VA paid about $1.5 billion for veteran nursing home care provided in state veterans homes. This statement describes (1) oversight of state veterans homes; and (2) the status of VA efforts to implement GAO recommendations to strengthen oversight of state veterans homes. This statement is based on GAO's November 2022 report (GAO-23-105167) on oversight of state veterans homes. To do that work, GAO conducted a nationwide survey to collect information on the 153 state veterans homes providing nursing home care. GAO also reviewed relevant laws and VA documents and interviewed federal and state officials, state veterans homes' officials, and other organizations involved with veteran care, such as veterans service organizations. For this statement GAO reviewed expenditure and utilization data for fiscal year 2023 and provided updates on the status of GAO's recommendations.

What GAO Found The Department of Veterans Affairs' (VA) Accreditation, Discipline, and Fees (ADF) program accredits representatives who help veterans file claims for VA benefits. A key responsibility for ADF staff is reviewing accreditation applications. The ADF program has policies that help staff carry out program responsibilities, such as ensuring representatives are knowledgeable and have good character. For example, it has policies on when to obtain more information if an applicant has a criminal history and how to consider this information when making approval decisions. GAO reviewed a nongeneralizable sample of 35 applications approved in fiscal year 2023 and found that staff generally followed VA's policies. ADF staff also address complaints; however, staff responses depend on whether the subject of the complaint is accredited. Accredited representatives are subject to VA oversight, and ADF staff follow procedures to determine if a program violation occurred and what actions, if any, should be taken. In contrast, ADF officials told GAO they have limited options regarding complaints about unaccredited individuals because VA lacks enforcement authority over them. (Legislation had been proposed to impose criminal penalties in certain circumstances.) ADF officials said they investigate complaints received, issue a “cease-and-desist” letter if warranted, and can refer the complaint to state or federal law enforcement if the unaccredited individual may have committed crimes. In GAO's nongeneralizable sample of 10 complaints against accredited and unaccredited individuals, ADF staff generally followed program procedures. VA is addressing ADF program challenges, but its efforts do not fully apply sound planning practices that could help ensure success. Initiatives and other actions to address key challenges that VA and outside stakeholders have identified include: Training requirements. VA has issued a proposed rule that would increase the frequency of required training hours to ensure representatives are better qualified to provide representation. Deterrence of unaccredited individuals. VA is educating veterans about the safeguards tied to using accredited representatives. Insufficient IT System Capabilities: VA is developing a new IT system to allow staff to track program performance and automate routine tasks. Lacking sufficient workforce resources. VA developed a strategic plan and is analyzing workforce needs to help ADF staff carry out program responsibilities in a timely manner. However, VA has not fully developed plans that detail how it will implement and monitor these program initiatives, contrary to sound planning practices identified in prior GAO work. Specifically, ADF plans do not fully identify specific activities, timelines, or resources needed to complete each of the initiatives. Officials also have not assessed the risks that could affect their plans, or established how they will monitor and report performance. Fully applying these practices will help ensure the success of ADF program initiatives and ensure veterans receive responsible and qualified representation on their VA benefit claims. Why GAO Did This Study Representatives accredited by VA's ADF program serve an important role in helping veterans or their families apply for VA benefits. Accredited representatives must be of good character and meet other requirements established in federal law and regulations. GAO was asked to review VA's ADF program. This report examines (1) VA policies for ensuring representatives are knowledgeable and have good character, (2) how the ADF program addresses complaints against representatives and unaccredited individuals, and (3) the extent to which VA has addressed ADF program challenges. GAO reviewed ADF policies for reviewing applications and addressing complaints. GAO also reviewed nongeneralizable samples of applications and complaints from fiscal year 2023. Further, GAO identified challenges that ADF faces by reviewing VA documents and interviewing VA officials and selected stakeholders familiar with the ADF program, such as veteran service organizations. GAO assessed the ADF program's plans to address challenges against GAO-identified sound planning practices.

What GAO Found Federal agencies rely on the Federal Communications Commission's (FCC) National Broadband Map as a key information source to target tens of billions of dollars in federal broadband funding by knowing where high-speed internet is already available. However, the accuracy of the broadband availability data on the map is uncertain. FCC has not documented or assessed the sufficiency of its processes for ensuring the information's accuracy. Without taking these steps, FCC cannot be assured its processes are sufficient to ensure the data's quality or that its staff are carrying out these processes consistently, increasing the risk that inaccurate data appear on the map. Inaccurate data could jeopardize agencies' ability to make the most efficient and effective funding decisions. FCC, the National Telecommunications and Information Administration (NTIA), and the Departments of Agriculture (USDA) and the Treasury coordinate with each other to administer the bulk of federal funding for broadband deployment. GAO found that coordination efforts between these agencies generally followed two and partially followed six of eight leading collaboration practices (see figure). Assessment of Interagency Coordination Efforts to Administer Federal Broadband Funding Compared with Leading Practices for Interagency Collaboration In particular, the agencies use various coordination methods, including regularly meeting and leveraging maps to share data to help avoid duplicate funding. The agencies also have some written agreements to guide coordination, such as an information-sharing memorandum. However, GAO found areas where the agencies have not clearly documented the scope of how coordination efforts will be implemented. For example, they have not clearly defined or documented key areas of their collaborative efforts, such as what “covered data” include when sharing information about their broadband deployment projects, as referenced in the memorandum. The agencies also have not established timelines for providing data on funded projects to the map used to display information on federally funded broadband projects, or documented a formal process for avoiding duplicate funding. Clearly defining, agreeing upon, and formally documenting guidance would better position the agencies to sustain their collaborative efforts, especially should changes in leadership or staff occur. It would also help ensure that billions of dollars in federal funding are spent efficiently and effectively to expand broadband access, including to areas with the greatest need. Why GAO Did This Study Access to broadband is critical for employment, education, health care, and other daily activities. Yet millions of Americans lack broadband access, despite at least $44 billion in federal investment over the past decade across myriad programs managed by different agencies. Information on where broadband is not available is key to expanding access. GAO was asked to review federal broadband efforts. This report examines (1) agencies' use of broadband availability information and the extent to which FCC ensures the quality of data in its National Broadband Map; and (2) the extent to which agencies' coordination of broadband funding programs aligns with GAO's leading practices for interagency collaboration, among other issues. GAO reviewed documents and interviewed officials from FCC and other broadband funding agencies. GAO compared (1) FCC's practices for ensuring the quality of information in its National Broadband Map against relevant federal internal control standards and (2) interagency coordination efforts with leading practices for interagency collaboration.

What GAO Found When information is unclear about the identity of the person who ultimately owns or controls a company that is participating in federal programs or operations, there is a heightened risk of procurement-, grant-, and eligibility- related fraud. Offices of Inspectors General (OIG) told GAO that they face challenges using the currently available federal, state, and commercial data sources to identify the “beneficial owners” of companies as part of their fraud detection and response efforts. A law that took effect in January 2024 directed certain companies to report their beneficial ownership information to a company registry administered by the U.S. Department of the Treasury's Financial Crimes Enforcement Network (FinCEN). FinCEN has begun rolling out a process to allow law enforcement agencies, including select OIGs, to request access. Some OIGs told GAO that they have received information about the company registry, but they were unclear on which OIGs would have access to the data and exactly how company registry data can be used. Nevertheless, most OIGs who responded to GAO's survey reported that access to company registry data could be useful to their offices' fraud detection and response efforts (see fig.). Usefulness of Beneficial Ownership Information to Fraud Detection and Investigation Efforts, According to Offices of Inspectors General (OIG) Survey Responses OIGs identified several potential limitations in using company registry data. For example, FinCEN has not yet specified capabilities for bulk downloads of the data, but OIGs noted that such capability could facilitate data matching between the company registry and other data sources. In March 2025, Treasury announced plans to narrow the scope of reporting to foreign companies only. Beneficial ownership risk remains, however. With this change, registry information available to OIGs is more limited. Communicating with OIGs could help clarify the information available, OIGs' access, and how the data can be used. FinCEN officials said they are open to discussions with OIGs on these issues. Communication with OIGs during the registry rollout would better position FinCEN to identify and address challenges related to the fraud detection and response needs of the OIG community. Further, these efforts support FinCEN's strategic goal to significantly improve the ability to mitigate illicit finance risk by increasing law enforcement and other authorized users' access to beneficial ownership information. Why GAO Did This Study Fraud across federal programs is a significant and persistent problem. Some of this fraud is perpetrated by private companies obscuring beneficial ownership information when they compete for government contracts or apply for federal benefits. OIGs conduct oversight through audits and investigations, which include issues related to beneficial ownership. GAO was asked to review how beneficial ownership information may aid OIGs in their fraud detection and response efforts. This report describes the types of federal program fraud associated with beneficial ownership information, provides OIGs' perspectives on using the company registry, and assesses FinCEN's actions to communicate with OIGs. GAO reviewed relevant laws and agency documentation, interviewed officials from FinCEN and the Council of the Inspectors General on Integrity and Efficiency (CIGIE), conducted a roundtable discussion with seven OIGs, and surveyed 72 OIGs to obtain their views on how the registry could affect their efforts to combat fraud.

What GAO Found The Centers for Medicare & Medicaid Services (CMS) has begun implementing the Medicare drug price negotiation program (negotiation program) and Medicare prescription drug inflation rebate program (inflation rebate program), as the Inflation Reduction Act of 2022 (IRA) requires. The negotiation program requires CMS to negotiate prices for certain high-expenditure drugs. The inflation rebate program requires drug manufacturers to pay CMS a rebate if the prices of certain Medicare-covered drugs increase faster than the rate of inflation. As of December 2024, CMS's implementation of the negotiation program has included, for example, hiring staff, issuing program implementation guidance, and drug price negotiation. In August 2024, CMS announced negotiated prices for the first 10 drugs selected for negotiation, and these prices will go into effect in 2026. CMS's implementation of the inflation rebate program has included, for example, hiring program staff, issuing guidance and regulations, and developing program infrastructure to support rebate invoicing. CMS plans to begin invoicing manufacturers for rebates in late 2025. GAO found that CMS's plans for monitoring appropriated funds for the negotiation and inflation rebate programs are consistent with relevant federal internal control principles. As of December 2024, CMS plans to obligate approximately $2.9 billion of the $3 billion in negotiation program appropriated funds from fiscal years 2022 through 2033. CMS plans to use the majority—85 percent—of actual and planned obligations for program support—including contractors to support access to negotiated prices by pharmacies and other dispensing entities—and administration. Centers for Medicare & Medicaid Services' Total Planned Obligations to Implement the Medicare Negotiation Program, Fiscal Years 2022-2033 CMS plans to obligate approximately $155 million of the $160 million in inflation rebate program appropriated funds from 2022 through 2031. CMS plans to use the majority—approximately 82 percent—of actual and planned obligations for rebate operations, administration, and program support. Why GAO Did This Study The IRA requires changes to prescription drug coverage under Medicare Part B (which generally covers physician-administered drugs) and Part D (which provides voluntary prescription drug coverage). The IRA established two programs—the negotiation program and inflation rebate program—that aim to lower the prices Medicare and beneficiaries pay for prescription drugs. The IRA included a provision for us to support oversight of the use of funds appropriated in the IRA. This report (1) describes CMS's implementation of the negotiation program, (2) describes CMS's implementation of the inflation rebate program, and (3) assesses CMS's plans for using funds for both programs. For all objectives, GAO reviewed CMS documentation, including agency guidance and its spending planning documents, and interviewed CMS officials. For more information, contact John E. Dicken at dickenj@gao.gov.

What GAO Found The U.S. Army Corps of Engineers’ Waterborne Commerce Statistics Center (Center) collects data on waterborne commerce, or the transport of commercial goods over waterways. The Corps uses waterborne commerce data to inform how it prioritizes funding for navigation projects. This helps ensure that federal harbors and channels remain navigable for vessels bringing goods to U.S. ports. For cargo transported between ports—which includes a wide variety of goods and reflects the many sectors of the nation’s economy—the Center collects data on tons of cargo, or tonnage, from vessel operators, other agencies, and a third-party vendor. For fish caught offshore and brought to port for sale, known as commercial fish landings, the Center collects data on pounds of fish landed from a database maintained by the National Oceanic and Atmospheric Administration’s National Marine Fisheries Service (NMFS). Ports of Houston, Texas and Dutch Harbor, Alaska According to the Corps’ budget guidance, while not the only factor that it considers, tonnage is the primary factor that the agency uses to prioritize funding for navigation projects. The Center, however, does not incorporate commercial fish landings data into tonnage, and the Corps does not otherwise use the landings data to inform budget decision-making for navigation projects. While Corps officials said that landings totals are likely small compared to the overall amount of cargo, the agency has not assessed the potential impact of incorporating landings data into tonnage. As a result, the Corps does not know if including landings data could impact the prioritization of navigation projects, particularly in states with significant commercial fishing activity. By assessing whether the Center should incorporate landings into tonnage, the Corps would be better able to substantiate its navigation budget decision-making. Why GAO Did This Study The Water Resources Development Act of 2022 includes a provision for GAO to conduct a review of the Center’s collection and reporting of waterborne commerce data, including data on commercial fishery landings and aquaculture harvest. This report provides information on the Center’s collection and use of these data. To inform this work, GAO reviewed and analyzed laws, regulations, policies, and guidance relevant to the Center’s collection of waterborne commerce data, and documents related to the Corps’ use of waterborne commerce data in its budget decision-making. GAO also met with Corps officials to understand the agency’s collection and use of waterborne commerce data, and reviewed data in the Corps’ Waterborne Commerce of the United States Calendar Year 2022. To better understand the commercial fish landings data collected by the Center, GAO met with officials from NMFS, and reviewed data available for fiscal year 2022 through the agency’s Fisheries One Stop Shop database.

What GAO Found The Departments of State and Defense (DOD) are the primary U.S. agencies responsible for managing the sale or transfer of U.S. defense articles, such as weapons and equipment. The transfer of these articles to other countries is governed by laws and policies, including human rights requirements. U.S. law generally prohibits assistance to any country where the government consistently violates internationally recognized human rights. In 2023, the Biden administration updated its arms transfer policy to place a greater emphasis on human rights and require U.S. agencies to conduct “appropriate monitoring” to ensure arms are used responsibly. In 2024, the Biden administration required State to obtain additional assurances from recipients that they will respect human rights obligations. State did not pause any arms transfers as a result of these updated policies. Agency processes do not fully address the risk that recipients may use transferred U.S. defense articles to commit human rights abuses. Existing agency processes, such as vetting recipients and verifying custody of transferred defense articles, address aspects of this risk. Since 2023, State and DOD have also developed processes to respond to reports of civilian harm—including human rights abuses—involving U.S. defense articles. In response to a GAO recommendation, State developed a process called the Civilian Harm Incident Response Guidance, but it does not allow reports from non-U.S. government parties. For example, State received 617 civilian harm reports from August 2023 to December 2024. However, non-U.S. government parties such as the United Nations have identified thousands of civilian harm incidents resulting from the Israel-Hamas conflict alone. Incorporating external reports into its response process would give State a fuller picture of the scope of civilian harm incidents. Further, as of December 2024, State had not completed any investigations into reports it deemed credible. State officials said they needed additional resources to manage this workload. By developing and implementing a strategy to identify appropriate staffing and resources for the process, State could investigate the full scope of reported incidents in a more timely manner. U.S. Defense Articles Delivered to Israel in October 2023 Why GAO Did This Study The United States is the world's largest provider of defense articles to other nations. State and DOD have jointly approved over $100 billion in transfers annually. Public reports have raised concerns that recipients may be using U.S. defense articles in activities that violate human rights. House Report 118-125 includes a provision for GAO to review laws and policies related to transfers of defense articles and human rights as well as efforts to conduct monitoring of potential human rights violations involving U.S. defense articles. This report examines (1) laws and policies related to human rights and the transfer or use of U.S. defense articles and (2) the extent to which agencies mitigate and respond to the risk that U.S. defense articles may be involved in human rights violations. GAO analyzed relevant laws, policies, guidance, and State and DOD information on monitoring and civilian harm response processes. GAO also interviewed agency officials.

What GAO Found The Department of Defense's (DOD) Defense Health Agency (DHA) has 13 contracts with private sector companies to provide TRICARE health, dental, and pharmacy benefits generally through networks of civilian providers. Current TRICARE Contracts for Health, Dental, and Pharmacy Benefits GAO identified changes in the key characteristics of these current contracts compared with the prior version of these contracts that had recently ended. For example, 11 of the 13 current contracts had an increase in their total contract value at the time of award (i.e., the sum value of the contract's base period including all option years). GAO found various reasons that contributed to the higher award values, including changes in geographic service areas and longer periods of performance. DHA officials also told GAO that health care costs have increased significantly over the last 10 years due to inflation and the COVID-19 pandemic. GAO also found that seven of the 13 TRICARE contracts were competitively awarded and of those, four received fewer bids for the current contracts compared with the prior contracts. The remaining three competitively awarded contracts received the same number of bids for the current and prior contracts, with one contract receiving a single bid each time. In addition, DHA awarded six of the seven contracts to the incumbent contractors. Why GAO Did This Study DOD offers health care services to over 9 million eligible beneficiaries through its TRICARE program. TRICARE beneficiaries may obtain care through either military medical treatment facilities, including medical centers, hospitals, and clinics or through the private sector care system of civilian providers. Within DOD, DHA is responsible for TRICARE, including the award, administration, and oversight of 13 health, dental, and pharmacy contracts used to provide care and services through civilian providers. As of September 30, 2024, these current contracts were collectively valued at about $168 billion. The James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 includes a provision for GAO to report on key characteristics of certain contracts related to the TRICARE program. Some of these key characteristics include total contract values, the products or services procured, and health care or service delivery time frames. Among other things, this report describes changes in the key characteristics between the current and prior TRICARE health, dental, and pharmacy contracts. GAO analyzed DHA documentation for the current and prior TRICARE contracts for health, dental, and pharmacy benefits. In addition, GAO reviewed data from the Federal Procurement Data System. GAO also interviewed DHA officials responsible for each of the TRICARE contracts. For more information, contact Sharon M. Silas at SilasS@gao.gov.

What GAO Found Levees are man-made structures, such as earthen embankments or concrete floodwalls, that play a vital role in reducing the risk of flooding. The National Levee Database contains critical information for all known levees nationwide. Such information includes a levee’s location and condition as well as the population and number of vulnerable structures behind a levee should a levee fail or be overtopped with floodwaters. The U.S. Army Corps of Engineers(Corps) and the Federal Emergency Management Agency (FEMA) update data in the National Levee Database on an ongoing basis, typically in conjunction with scheduled levee inspections and efforts to map flood risks, respectively. The Corps and FEMA routinely share information from the database. Corps Inspector Using a Mobile Device to Record Levee Information According to FEMA officials, data updates regarding levee conditions may not substantially affect the cost of insurance premiums for those participating in the National Flood Insurance Program (NFIP), which FEMA administers. This is because the premiums are based on multiple factors, including geographical, structural, and policy variables, such as distance from the flooding source, type of structure impacted, and amount of insurance coverage requested by policyholders. Moreover, the premiums remain in effect until policies are due for renewal, and annual increases are generally limited by statute. GAO found that the Corps does not typically rely on data in the National Levee Database for analyzing the benefits and costs associated with flood risk management activities, including levees. The Corps obtains the information it needs from other entities, such as state and local governments, that operate and maintain federally authorized levees. Why GAO Did This Study The Corps established the National Levee Database—the first centralized repository of information on the nation’s levees––in the aftermath of destructive levee failures during Hurricanes Katrina and Rita in 2005. The database was established under the National Levee Safety Act of 2007 and became publicly available in 2011. The database is intended to help decision-makers better understand the scope of the nation’s levees, including their location and condition. The database also provides other benefits, such as supporting community preparedness and quantifying the nation's flood exposure. Corps and FEMA each have roles and responsibilities regarding the levee database. For example, the Corps hosts the database, which contains information on levees managed by the Corps as well as other entities. The Corps works in partnership with FEMA, which populates and maintains certain information in the database including data related to NFIP. This program makes flood insurance available to property and business owners located in communities that participate in the program by adopting minimum floodplain standards. This report provides information on how the Corps and FEMA enter, share, and use levee information in the database. For more information, contact Cardell D. Johnson at JohnsonCD1@gao.gov.

What GAO Found Sepsis is a life-threatening condition caused by an extreme response to an infection in the body and typically requires hospital care. GAO's analysis of Defense Health Agency data indicates that the number of inpatient admissions at military medical treatment facilities that involved sepsis was relatively consistent from fiscal year 2017 through fiscal year 2023. These admissions accounted for more than 15,000 (about 1 percent) of the almost 1.3 million total inpatient admissions for this 7-year period. Further, for 86 percent of the admissions involving sepsis, the condition was present when the patient was admitted. The Defense Health Agency formed a Sepsis Working Group in 2021 to standardize efforts related to sepsis detection, diagnosis, and treatment across military medical treatment facilities. In February 2025, the Defense Health Agency released a policy memorandum developed by the Sepsis Working Group. This memorandum establishes a sepsis strategy in the military medical treatment facilities, referencing national standards and guidelines, such as the Centers for Disease Control and Prevention's Hospital Sepsis Program Core Elements and the Surviving Sepsis Campaign guidelines. The Defense Health Agency tracks information on four sepsis-related quality measures. For these measures, military medical treatment facilities generally performed comparable to, or better than, the benchmark rates for all hospitals applicable to calendar year 2023. For example, military medical treatment facilities performed comparable to, or better than, the benchmark rates for all hospitals for measures pertaining to patients receiving appropriate care for sepsis in hospital settings, the death rate among surgical inpatients with sepsis as a serious treatable complication, and the rate of postoperative sepsis. Staff GAO interviewed at selected military medical treatment facilities did not report experiencing any major challenges specific to sepsis diagnosis and treatment. Why GAO Did This Study  The Department of Defense is responsible for providing health care to approximately 9.4 million beneficiaries, including care that could involve the diagnosis and treatment of sepsis. The department's Defense Health Agency coordinates the delivery of these health services, in part through care provided at agency-operated military medical treatment facilities. The House Report accompanying the National Defense Authorization Act for Fiscal Year 2024 includes a provision for GAO to report on various issues related to sepsis within the Department of Defense. This report describes admissions involving sepsis at military medical treatment facilities and sepsis management efforts within the Defense Health Agency, including what entities focus on sepsis, what information is tracked, and selected military medical treatment facility experiences with sepsis diagnosis and treatment. To conduct this work, GAO analyzed Defense Health Agency data on inpatient admissions involving sepsis at military medical treatment facilities from fiscal year 2017 through fiscal year 2023—the most recent data available. GAO also reviewed information on sepsis-related quality measures tracked by the Defense Health Agency and facilities' performance on these measures. GAO interviewed and obtained information from Defense Health Agency officials and staff from selected military medical treatment facilities, which were selected for variation in the number of sepsis cases treated, inpatient bed capacity, affiliated service branch, and geography. For more information, contact Alyssa M. Hundrup at HundrupA@gao.gov.