Skip to main content

Grants: AmeriCorps Should Take Multiple Actions to Better Manage Fraud Risks

GAO-24-106564 Published: Mar 13, 2024. Publicly Released: Mar 13, 2024.
Jump To:

Fast Facts

AmeriCorps funds grants—over $900 million in FY 2023—for volunteer and national service programs to address a range of community needs across the country. These grants support projects in areas like disaster recovery, educational support, and environmental stewardship.

AmeriCorps has taken some steps to manage potential fraud in its grant programs, such as developing training on what fraud might look like. But it hasn't considered the specific fraud risks in each of its grant programs, which can differ significantly.

We recommended, among other things, that AmeriCorps plan and conduct regular program-level fraud risk assessments.

A hand writing on a notebook on a desk.

Skip to Highlights

Highlights

What GAO Found

AmeriCorps—also known as the Corporation for National and Community Service—administers a variety of grant programs that support service opportunities aimed at addressing community needs. The agency has taken some steps to manage fraud risks in its major grant programs. For example, as part of ongoing efforts to formalize its fraud risk management program, in September 2023 AmeriCorps developed a draft standard operating procedure that documents key roles of those leading fraud risk management activities.

Nevertheless, many of the agency's efforts to manage fraud risks do not fully align with selected leading practices in GAO's Fraud Risk Framework. For instance, AmeriCorps has not established a process to conduct regular fraud risk assessments in its major grant programs. The agency's current fraud risk assessment was conducted at the agency level and was not tailored to identify or address program-specific risks. The agency's programs vary in size and scope. For example, one program funded over 7,000 volunteers, while another program funded over 115,000 volunteers. The agency-level assessment may not result in the information necessary to effectively manage program-level fraud risks.

Furthermore, AmeriCorps' current agency-level fraud risk assessment does not fully align with leading practices in GAO's Fraud Risk Framework. Specifically:

  • Identifying fraud risks. The fraud risk assessment did not fully identify specific risks or differences across its major grant programs—such as size and scope—that may warrant separate consideration.
  • Assessing inherent fraud risks. AmeriCorps did not assess the likelihood or impact of the inherent fraud risks it identified.
  • Setting risk tolerance. AmeriCorps set a fraud risk tolerance that does not align with guidance on the level of risk the agency is willing to accept. Specifically, AmeriCorps' guidance calls for a low fraud risk tolerance. However, the agency's fraud risk assessment set a higher risk tolerance, accepting more risk than called for by the agency's guidance.
  • Considering existing controls. AmeriCorps did not fully consider the effect of existing controls because it had not assessed its inherent fraud risks.

Conducting fraud risk assessments that fully align with leading practices can help ensure that AmeriCorps produces the program-level information necessary to strategically manage fraud risks across its major grant programs.

AmeriCorps plans to explore and implement feasible antifraud data analytics, as called for by leading practices. However, the agency faces challenges that may hinder these efforts. For example, AmeriCorps does not collect any information on individual volunteers in certain programs, which may limit potential analytics. AmeriCorps has system modernization efforts currently underway that may improve data quality and allow for additional antifraud analytics. However, its plans do not explain whether its analysis will include the benefits and costs of collecting additional information or the anticipated benefits of its modernization efforts. Including these factors will help ensure that AmeriCorps fully explores the feasibility of antifraud data analytics in its major grant programs.

Why GAO Did This Study

AmeriCorps' grant programs address various community needs, including disaster relief, educational support, and environmental stewardship. In fiscal year 2023, the agency received over $900 million to fund these grant programs.

However, AmeriCorps has faced financial management challenges. In fiscal year 2023, AmeriCorps' Inspector General identified improving financial management and prioritizing fraud prevention and detection as major management challenges.

GAO was asked to review issues related to AmeriCorps' management of fraud risks in its grant programs. This report examines the extent to which AmeriCorps' (1) fraud risk management activities for major grant programs and (2) antifraud data analytics align with selected leading practices from GAO's Fraud Risk Framework. GAO reviewed relevant policies and documentation, analyzed data, and interviewed agency officials and compared this information with selected leading practices.

Recommendations

GAO is making 10 recommendations, including that AmeriCorps plan and conduct regular program-level fraud risk assessments that align with leading practices and include data completeness and quality challenges as it explores the feasibility of antifraud data analytics. AmeriCorps agreed with our recommendations and described plans to address them.

Recommendations for Executive Action

Agency Affected Recommendation Status
AmeriCorps The Chief Executive Officer of AmeriCorps should establish a process to plan regular fraud risk assessments in its grant programs that align with leading practices in the Fraud Risk Framework. (Recommendation 1)
Closed – Implemented
In March 2024, AmeriCorps provided an updated version of its standard operating procedures (SOP) for fraud risk management. The SOP describes the agency's various risk assessment processes, including fraud risk assessment. The SOP notes that fraud risk assessments will be conducted annually and include a program-by-program focus. The SOP also describes the necessary information and stakeholders involved in assessing fraud risks. These steps align with leading practices in the Fraud Risk Framework. As a result, AmeriCorps is better positioned to ensure that it regularly assesses and manages fraud risks in its various grant programs.
AmeriCorps The Chief Executive Officer of AmeriCorps should require future fraud risk assessments in its grant programs to identify specific inherent fraud risks. (Recommendation 2)
Closed – Implemented
In March 2024, AmeriCorps provided an updated version of its standard operating procedures (SOP) for fraud risk management and an updated fraud risk assessment for its grant programs. The SOP requires AmeriCorps to annually identify and assess program-specific risks in its grant programs. Further, AmeriCorps assessed fraud risks at the program level in its updated fraud risk assessment, which helps to account for differences across programs. As a result, AmeriCorps is better positioned to assess and manage fraud risks across its various grant programs.
AmeriCorps The Chief Executive Officer of AmeriCorps should assess the likelihood and impact of inherent fraud risks as part of future fraud risk assessments. (Recommendation 3)
Closed – Implemented
In March 2024, AmeriCorps provided an updated fraud risk assessment for its grant programs. The fraud risk assessment assesses the likelihood and impact of each inherent fraud risk. Additionally, AmeriCorps' standard operating procedure for fraud risk management now requires annual fraud risk assessments to assess inherent and residual risks. As a result, AmeriCorps is better positioned to establish a baseline against which it can determine fraud risk tolerance and the effect of existing antifraud controls its various grant programs.
AmeriCorps The Chief Executive Officer of AmeriCorps should align the fraud risk tolerance in future fraud risk assessments with the agency's risk appetite statement. (Recommendation 4)
Closed – Implemented
In March 2024, AmeriCorps provided an updated version of its standard operating procedures (SOP) for fraud risk management, which it adopted as an interim draft. The SOP requires fraud risk assessments to align with the agency's risk appetite statement. Further, AmeriCorps' updated fraud risk assessment sets a lower fraud risk tolerance than the 2023 assessment. As a result, AmeriCorps is better positioned to consistently and effectively assess fraud risks and mitigate those that exceed its tolerance.
AmeriCorps The Chief Executive Officer of AmeriCorps should fully consider the effect of existing antifraud controls in mitigating the likelihood and impact of inherent fraud risks as part of future fraud risk assessments. (Recommendation 5)
Closed – Implemented
In March 2024, AmeriCorps provided an updated fraud risk assessment for its grant programs. The fraud risk assessment separately assesses inherent fraud risks, which then allowed AmeriCorps to more fully consider the effect of existing controls in mitigating the inherent fraud risks (i.e., residual risks). Additionally, AmeriCorps' standard operating procedure for fraud risk management now requires annual fraud risk assessments to assess inherent and residual risks. As a result, AmeriCorps is better positioned to identify the impact of its antifraud controls and prioritize risks that remain above tolerance in its various grant programs.
AmeriCorps The Chief Executive Officer of AmeriCorps should update the agency's fraud risk profile with information from elements of a fraud risk assessment process that align with the leading practices in the Fraud Risk Framework. (Recommendation 6)
Closed – Implemented
In March 2024, AmeriCorps provided an updated fraud risk assessment for its grant programs, including an updated fraud risk profile. We determined that the assessment met the leading practices in the Fraud Risk Framework. Therefore, the updated fraud risk profile used information from elements of a fraud risk assessment that aligned with these leading practices. As a result, AmeriCorps is better positioned to use its fraud risk profile to develop an antifraud strategy and related controls to manage fraud risks in its grant programs.
AmeriCorps The Chief Executive Officer of AmeriCorps should develop, document, and communicate an antifraud strategy for its grant programs based on a fraud risk profile that aligns with leading practices for fraud risk management. (Recommendation 7)
Closed – Implemented
In August 2024, AmeriCorps provided us a copy of its antifraud strategy. AmeriCorps' antifraud strategy identifies the responsibilities of agency officials and staff in the agency's antifraud efforts. As well as documenting the agencies near term fraud risk management priorities and plans for annual updates to the antifraud strategy. After each annual update, AmeriCorps' antifraud strategy is communicated to the agency's Risk and Assessment Committee, which is responsible for fraud risk scoring, assisting in the development of internal controls and other fraud risk management activities. AmeriCorps' antifraud strategy will help the agency to strategically manage its fraud risks in a prioritized manner.
AmeriCorps The Chief Executive Officer of AmeriCorps should require grantees to take its fraud awareness training. (Recommendation 8)
Open – Partially Addressed
In August 2024, AmeriCorps provided the Terms and Conditions for its fiscal year 2024 AmeriCorps Seniors and AmeriCorps State and National grants, which require that at least one staff person at grant recipients must take AmeriCorps' fraud awareness training. AmeriCorps officials explained that this requirement will be included in the Terms and Conditions for fiscal year 2025 awards in its remaining grant programs. We will continue to monitor AmeriCorps' progress in this area.
AmeriCorps The Chief Executive Officer of AmeriCorps should include the benefits and costs of collecting data on volunteers and all subgrants as it explores the feasibility of antifraud data analytics. (Recommendation 9)
Closed – Implemented
In August 2024, AmeriCorps provided a memorandum documenting the agency's consideration of the costs and benefits of collecting additional data elements and the antifraud data analytics those additional data would facilitate. The agency determined that the burden to grantees of collecting subgrantee information for national grants outweighed the potential benefit of that additional information. Conversely, AmeriCorps plans to begin collecting information on volunteers and their service. As a result, AmeriCorps is able to explore and implement additional antifraud data analytics.
AmeriCorps The Chief Executive Officer of AmeriCorps should include the anticipated effects of its systems modernization efforts as it explores the feasibility of antifraud data analytics. (Recommendation 10)
Closed – Implemented
In August 2024, AmeriCorps provided a memorandum documenting how the agency considered the effects of its system modernization efforts and the additional antifraud data analytics that could be implemented. The modernized system will allow AmeriCorps direct access to grantee data and facilitate more regular reviews. Additionally, AmeriCorps anticipates that the modernization effort will allow the agency to more easily make comparison across grantees and program participants. As a result, AmeriCorps is better positioned to implement additional antifraud data analytics.

Full Report

GAO Contacts

Seto J. Bagdoyan
Director
Forensic Audits and Investigative Service

Media Inquiries

Sarah Kaczmarek
Managing Director
Office of Public Affairs

Topics

Best practicesCompliance oversightFinancial managementGrant awardsGrant programsManagement challengesRisk assessmentRisk managementBusiness systems modernizationDisaster relief