A new report from the Government Accountability Office (GAO) is calling on the National Telecommunications and Information Administration (NTIA) to develop comprehensive performance goals and measures, as well as a fraud risk assessment, for two new broadband programs that are pumping out billions of broadband funding nationwide.
The Consolidated Appropriations Act of 2021 established the two programs – the Tribal Broadband Connectivity Program (TBCP) and the Broadband Infrastructure Program (BIP). The billion-dollar programs seek to expand broadband connectivity and help close the digital divide.
While NTIA has taken some steps to try and measure the success of the new programs, GAO said more has to be done to track progress and identify fraud risks.
For example, GAO noted that NTIA developed some performance goals and measures for TBCP and BIP, but said they were not fully quantifiable.
“NTIA’s goals for both programs included terms such as ‘reliable’ and ‘affordable’ that are not defined and therefore are not fully quantifiable,” GAO wrote. “NTIA officials said that the agency was still developing goals and measures. Without comprehensive goals and measures, NTIA will be unable to track its progress.”
Additionally, NTIA’s fraud risk management activities did not line up with leading practices, and the agency failed to conduct a fraud risk assessment, the government watchdog agency said.
Under leading practices, GAO said agencies should conduct a proper fraud risk assessment “by comprehensively identifying fraud risks, assessing the likelihood and impact of fraud, setting fraud risk tolerance, examining current antifraud controls, and documenting the fraud risk profile.”
“Without designating an entity to oversee fraud risk management activities and conducting a five-step fraud risk assessment, NTIA lacks assurance that it is sufficiently positioned to combat fraud,” GAO wrote.
GAO offered 15 recommendations to the NTIA to better measure the performance of the two programs and to complete fraud risk management activities. NTIA agreed with the recommendations and outlined actions to address them.
Notably, NTIA said it is in the process of developing a Risk Management Council (RMC) that will provide “governance and oversight” over the programs.
“The RMC’s purpose is to identify, assess, and respond to the greatest priority risk to the [programs’] strategic goals and objectives, define risk tolerance and targets for mitigation, and drive integration of risk management, including fraud risk, across all of NTIA’s grant programs,” NTIA said.