Jared Serbu | April 17, 2015 4:53 pm
(This article is part of Federal News Radio’s special report, Rise of the Money People).
The Department of Defense is an outlier among federal entities, almost all of which have complied by now with the 1990 Chief Financial Officer Act’s requirement to develop financial statements that can withstand the scrutiny of independent auditors.
The department’s progress toward obtaining a clean audit opinion has dragged on for more than two decades, and it now has a new set of legal deadlines in place: an interim deadline of 2014 for a partial audit and 2017 for a full audit. Experts who are watching the process closely are almost universally skeptical that the Pentagon will meet those deadlines.
However, if the department misses them, those same experts agree, it won’t be for lack of trying.
Understand progress being made in the evolving cyber scorecard. Download our free Expert Edition: Cyber Exposure in DoD.
“I don’t want people to think this is all doom and gloom,” said Dan Blair, the deputy DoD inspector general who serves as the top outside auditor of the Pentagon. “The department works very, very hard. With a lot of work, I think they’re going to be able to get there.”
Eventually. But he’s doubtful about the department meeting its 2014 deadline for an audit of its statement of budgetary resources.
Tracy Porter, a partner at the CPA firm Grant Thornton, who is currently working with the Marine Corps on that component’s SBR audit, said that the prospect of DoD as a whole earning a clean opinion on its 2014 statement is unrealistic, but she praised the department for taking auditability seriously.
That hasn’t always been true, she said.
“When the CFO Act was passed, I really think DoD thought the sunset date would come and go, so they could just slow-roll this and do the minimum amount to get by,” Porter said. “But over time, I think they now really do see the benefit of what this gets them.”
The business value of maintaining reliable financial information
According to financial management experts inside and outside of government, DoD has transitioned from treating auditability as yet another unwelcome paperwork requirement to realizing that there’s enormous business value generated by the process of preparing for an audit and maintaining reliable, detailed, up-to-date financial information.
That’s what Congress had in mind in the first place 23 years ago, Blair said.
“The goal of the CFO Act wasn’t just to get clean opinions on your financial statements,” he said. “The goal was to provide reliable data to managers and decision makers on a daily basis. If you’re doing things just to get a clean opinion, you’re really falling short of some of the benefits you can obtain through improved financial management processes.”
After years of what appeared to be half-hearted attempts to carry DoD through to auditability, things took on a noticeable change in 2011, when then-Defense secretary Leon Panetta said publicly and repeatedly that auditability was a top priority for the Pentagon.
“We may have crossed the Rubicon at that point in terms of momentum,” said Rep. Mike Conaway (R-Texas), a CPA who chaired a series of House Armed Services Committee hearings about DoD auditability before releasing a report last year. “I can’t brag on Leon Panetta enough, because especially with that leadership, folks get it. The commitment is there. Down in the depths of the system, you have people now who are positively looking at getting things done that will help them long-term and get them toward auditability.”
The House panel’s January 2012 report found DoD’s audit readiness plan was achievable, assuming a sustained effort. But Conaway is more nervous about the deadline now. In addition to longstanding challenges the department already faced with issues such as data quality, internal controls and underperforming IT systems, Congress created new ones over the past year by keeping the government in constant budget turmoil and by imposing sequestration, which has sliced back funding for everything, including financial management.
“We’re aggravating the problem over there. I don’t envy (DoD Comptroller) Bob Hale and his team at all,” Conaway said. “We’re not going to let them off the hook, but I acknowledge we’re not making it easier on them to get to sustainably auditable systems that can perform year-in-and-year-out.”
DoD fed skepticism about its ability to meet the 2014 audit deadline in November when its Financial Improvement and Audit Readiness directorate published its latest progress update.
“That laid it out pretty clearly that for the SBR, only about 15 percent of the budgetary activity is under audit,” said Asif Khan, the director for financial management and assurance at the Government Accountability Office. “That really shows that the lion’s share has to be done between now and 2014. It’s going to be a really tough push to get that done.”
That’s not to say the department’s focus on auditability hasn’t yielded anything measurable.
DoD is the world’s largest and most complicated organization, but over the last several years, some of its less-complex elements have undergone audits and eventually gotten clean opinions on their own financial statements. The list includes the Army Corps of Engineers, the Defense Contract Audit Agency and DoD’s Medicare trust fund, among others.
“What we talk about is getting out of the locker room and out onto the court so that we’re actually playing,” said Mark Easton, DoD’s deputy chief financial officer. “We’re trying to move people into examinations and limited-scope audits so that they can get feedback. We’ve been able to do that. We don’t always get the outcome that we might hope for, but at least we know where we stand.”
‘Take me to audit’
Porter, one of the people leading those outside examinations, said subjecting the department’s financial statements to outside scrutiny, even if a clean or qualified opinion seems unlikely, is exactly the right thing to do.
“What they need to be saying is, ‘Take me to audit. Forget about getting me ready, just take me to audit, let me figure out what’s wrong, and let me direct my resources to actually fixing problems where my risks are,'” she said. “If you’re not doing a risk-based approach that’s focused on where your control weaknesses are the greatest, you’re spending money on audit readiness activities that don’t benefit anybody, including yourself.”
Porter said, and DoD acknowledges, that the department’s workforce and business processes are culturally unaccustomed to tracking and storing the sort of supporting documentation that outside auditors need to see in granular detail in order to validate the integrity of the Pentagon’s financial statements.
“Now, they’re trying to turn their processes to detail the information that they need. But that can’t happen overnight,” she said. “If their audit readiness efforts haven’t focused on the right things, they don’t even know what they’re missing.”
Porter said her company and other outside CPA firms conducting the examinations have routinely found that DoD’s financial management workforce is highly dedicated and capable, but military components have been “spinning their wheels” during preparation for audits, drawing up detailed descriptions of business processes without a clear understanding of how those actions impact their organization’s financial statements.
“That’s what an auditor needs. If you have audit readiness activities being done by individuals who are great process documenters but don’t understand how what they do connects to the financial statement, the auditors come in, and they have to go all the way back to the beginning and start over to get the information that should have been there as their launching point,” she said. “It’s a waste of resources and people’s time, but it’s also frustrating for the agency. Because they thought they had it, and then someone comes in and tells them that they didn’t even have the fundamentals.”
The DoD comptroller’s office has made it a top priority to improve the DoD financial management workforce’s training, including its understanding of what’s required to go to audit in a system that relies on standards that have been almost entirely imported from the world of commercial accounting.
DoD’s first course-based certification for program managers approved
The Defense Department’s first course-based certification program for financial managers was approved late last month. The workforce will begin transitioning into the program this spring, building on existing training programs for Defense financial experts, but adding specific checkpoints and an online learning management tool to give a more organized framework to an individual’s career path.
“We’ve tried to step back and look at competencies, and we’ve identified 23 so far,” Easton said. “Then we’ve tried to organize our courses to be able to relate the course outcomes to those competencies.”
However critical the workforce is to achieving auditable financial statements, experts agree the department can’t achieve a process that can sustainably pass an audit year after year without dramatic improvements to the way it handles financial information: given the size and complexity of DoD, no amount of human intervention can produce reliable financial data in a cost-effective way that also meets audit standards.
The systems DoD relies on today to track the transactions that ultimately feed into a financial statement are, in some cases, many decades old. And for the people who designed them, generating data in accordance with generally-accepted accounting principles was the furthest thing from their minds.
“Some of these were developed 50 years ago. They were incredible for their time, and a lot of them, apart from doing the mission work, were also designed to track logistics,” Khan said. “The only thing missing from that was the financial data. But a lot of these systems are still in existence right now.”
Those legacy systems have dwindled over the years, with many having been retired or subsumed into a new generation of enterprise resource planning (ERP) systems that are gradually coming online in DoD.
But those ERPs have had a checkered history. A 2012 inspector general’s examination of six such systems found that each one had incurred cost overruns and tended to produce less capability than the military services originally intended.
The most oft-cited example of failure is the Air Force’s Enterprise Combat Support System, which the service decided to terminate last year after saying it had spent more than $1 billion and gotten almost no new capability in return.
Other ERPs, such as the Army’s General Fund Enterprise Business System, are widely-deployed and in use today.
But Blair, the deputy DoD IG, said the Air Force’s ECSS is not the only example of trouble with ERPs, which he said are critical to long-term, year-after-year auditability at DoD.
“When you’re processing millions of transactions a month, having good, reliable data is essential to producing reliable financial statements,” he said. “We’ve had some concerns about these systems and whether the department has really done a good job of evaluating the requirements. We’ve noticed that some of the systems don’t even have the right chart of accounts, or they’re incomplete. We’ve also noticed that they are posting logic errors, and some of the data is creating unusual balances in the financial statements. There are some indications that these new systems need to be carefully evaluated and improved upon in order for them to be reliable.”
In some cases, DoD is planning to push forward toward the 2014 audit deadline before the ERPs are ready for prime time, using legacy systems and manual processes in the meantime as workarounds.
“They can do that, but I’d question whether they’ll be successful,” Blair said. “I’d go back to the large volume of transactions and the data quality challenges. If they were able to use existing processes and systems, they would have already obtained an unqualified opinion.”
DoD is using the Marine Corps as its first experiment with a large-scale, servicewide audit. With the help of outside CPA firms, the Marines have been trying to get a clean audit of their own statement of budgetary resources since 2011. The Pentagon is hopeful that the Marines will pass that test for the first time, and the results of the latest attempt are expected any day.
Al Tucker, a former deputy CFO at DoD, is hopeful too. But he said it’s not atypical for military components to find that they can’t satisfy auditors the first time out of the gate.
“What history has shown is, for instance, for the Corps of Engineers, it was five years after they thought they were ready for an audit before they could actually pass an audit,” he said. “It’s been three years for the Marine Corps. What that shows you is once you get into the work, you find difficulties, and you find things you have to work with and work around.”
Easton said the comptroller’s office remains hopeful that DoD will meet both its 2014 and 2017 deadlines. In any case, however, attaining auditability is important for at least two reasons, he said.
“One is the public confidence issue. You find people in Congress who translate the lack of audit to not knowing anything about where we’re spending the money,” he said. “We very strongly disagree with that sentiment, but we can understand where it comes from.”
Secondly, with regard to DoD’s Financial Improvement and Audit Readiness program, there’s a reason “financial improvement” is mentioned first, he said.
“We need better insight into exactly how we’re spending the money at a given time, so we can make better decisions,” he said. “Having that insight is critical as we get into what has to be very, very difficult budget times.”