General Fund: Improvements Needed in Controls over Retention of Key System Security and Cash Activity Documentation
Fast Facts
We audit the General Fund, which finances daily and long-term government operations and is managed by Treasury's Fiscal Service.
During our FY 2024 audit, we identified issues with Fiscal Service's internal control over financial reporting. For instance, we found that Fiscal Service didn't maintain documentation to support certain cash transactions. Additionally, the agency didn't fully document all of its IT controls in its security plans. Our new recommendations address these issues.
We also found that Fiscal Service has not yet fully addressed 82% of our recommendations from previous reports.
Highlights
What GAO Found
During audits of the fiscal year 2024 Schedules of the General Fund, GAO identified two new deficiencies in internal control over financial reporting due to inadequate information system security plan documentation and insufficient support for certain cash transactions. Although GAO did not consider these two new deficiencies to be material weaknesses or significant deficiencies, they nonetheless warrant the attention of the Department of the Treasury's Bureau of the Fiscal Service management. By addressing these deficiencies, Fiscal Service can make it more likely that its management and staff will prevent, or detect and correct, misstatements in the Schedules of the General Fund.
GAO's audits included following up on the status of Fiscal Service's corrective actions to address 11 recommendations related to internal control over financial reporting from GAO's prior years' reports that remained open as of March 2023. GAO found that Fiscal Service took action to close two, and as of the completion of GAO's fiscal year 2024 audits, nine remained open.
Concurrent with GAO's fiscal year 2024 audits, Treasury's Office of Inspector General contracted with an independent public accounting firm to audit Treasury's fiscal year 2024 and 2023 consolidated financial statements. Treasury took action to close four information system control deficiencies relevant to the Schedules of the General Fund, and as of September 30, 2024, six remained open.
Why GAO Did This Study
The General Fund of the U.S. government, an entity that the Fiscal Service manages, is responsible for the accounting and reporting on the cash activity fundamental to funding the federal government. The General Fund consists of assets and liabilities used to finance the daily and long-term operations of the U.S. government. The preparation of and audit assurance over the Schedules of the General Fund is necessary to account for and eliminate General Fund intragovernmental activity and balances with other reporting entities in the consolidated financial statements of the U.S. government. In connection with GAO's audit of the fiscal year 2024 consolidated financial statements, GAO reported that the federal government's inability to adequately account for intragovernmental activity and balances between federal entities represented a material weakness in internal control over financial reporting.
To evaluate Fiscal Service's internal control over financial reporting, GAO reviewed Fiscal Service policies and procedures; interviewed Fiscal Service management and staff; observed controls in operation; and tested certain controls to determine whether they were designed, implemented, and operating effectively.
Recommendations
GAO is recommending that Fiscal Service (1) reasonably assure that agency policy related to information system security documentation is fully implemented for each system relevant to the General Fund and (2) coordinate with the Federal Reserve Banks (FRB) to design and implement procedures to be executed by the FRBs to maintain documentation to support FRB-initiated transactions.
Recommendations for Executive Action
| Agency Affected | Recommendation | Status |
|---|---|---|
| Bureau of the Fiscal Service | The Commissioner of Fiscal Service should reasonably assure that agency policy related to information system security documentation, including SSPs and interconnection agreements, is fully implemented for the systems relevant to the Schedules of the General Fund. (Recommendation 1) |
In its comments on our draft report, Fiscal Service agreed with this recommendation and cited actions it will take to address it. We will follow-up with Fiscal Service on actions to address this recommendation.
|
| Bureau of the Fiscal Service | The Commissioner of Fiscal Service, in coordination with the FRBs, should design and implement procedures to be executed by the FRBs to maintain and periodically review documentation to support TAS and BETC attributes for FRB-initiated transactions to reasonably assure that FRB-initiated transactions are properly recognized in the Schedules of the General Fund. (Recommendation 2) |
In its comments on our draft report, Fiscal Service agreed with this recommendation and cited actions it will take to address it. We will follow-up with Fiscal Service on actions to address this recommendation.
|