For the first time in its history, the Pentagon now has an audit underway of its 2017 financial statements, a project that’s almost guaranteed to end without a clean opinion. Nonetheless, it will be a gargantuan effort.
DoD expects to spend $367 million this year just to conduct the audit and another $551 million to fix the problems its auditors find.
The costs are likely to decrease somewhat in the subsequent years of what DoD vows will be an annual audit process. But the project’s manpower demands will be immense as well. By this spring, the Pentagon expects to have 1,200 of its personnel working full-time on the audit.
However, the benefits are well worth those costs, David Norquist, DoD’s comptroller and chief financial officer argued before the House Armed Services Committee Wednesday. He urged lawmakers to maintain a sense of proportion: The $181 million dollars in fees the department is paying to independent firms to conduct the audit amounts to only one-thirtieth of one percent of DoD’s annual budget.
“Any number that ends in ‘million’ is a large number, but on the scale of the enterprise, that type of money for accountability is money well spent,” he said. “I don’t think operating in ignorance of the problem is the right way forward. I fully support the committee and the legislative direction. We need to conduct the audit.”
The Pentagon remains the only federal agency that’s unable to pass a full scope financial audit, and legislation Congress enacted in 2010 and 2014 required the department to sufficiently improve the condition of its financial systems so that it could at least complete its first audit – pass or fail – by September of 2018.
But Norquist said there are plenty of reasons for Defense managers to want to have auditable statements even if achieving that objective were not a statutory requirement, and argued that the innumerable workhours DoD has gone through to prepare itself for an audit had already produced results that proved the endeavor worthwhile.
“There’s a lot of steps we still have to solve, but fixing the pieces along the way produce a tremendous benefit,” he said. “So think about the inventory in a warehouse, how many spare parts or munitions that you have. Those had been delivered by the vendor, but hadn’t been recorded in the property system, which meant folks who were anticipating using them were still waiting to take advantage of it. Or in the case of buildings, the person on the base may know they’re there, but somebody at headquarters who’s trying to figure out whether we have enough square footage where we need to do things is operating with incomplete information.”
There are more concrete examples: According to DoD, the Defense Information Systems Agency (DISA) was able to reduce the rates it charges to its military customers by $230 million once its own audit process yielded a better understanding of its internal costs. Work the Navy undertook in preparation for its audit also saved $65 million, because it showed that it could automate much of the personnel-related data entry functions it had been previously paying the Defense Finance Accounting Service (DFAS) to perform.
The department has already faced several setbacks in its multi-year audit plan, which originally called for individual military services to become “audit ready” before the department put its entire financial statement under auditors’ scrutiny.
DoD officials initially celebrated in 2015 when the Marine Corps became the first service to pass a partial audit, but the DoD inspector general revoked that opinion after problems were discovered. To date, some Defense components – including the DFAS, DISA and the military’s retirement fund – have received clean opinions, but none of the military services have.
At Wednesday’s hearing, Norquist offered no predictions as to when the full-scope audit will start to produce signs of progress.
But to increase the chances that DoD will make the sorts of small, underlying business reforms it needs to in order to comply with audit standards, it has created a single, centralized IT system that will track each and every problem auditors uncover during the upcoming year.
“Every time there is a notice of finding and recommendation (NFR), the auditors will enter that into the database,” he said. “We’ll then have an organization or individual associated with that NFR and the responsibility to correct it. I will be able to come back and report to you, each year, which of those were closed and which of those were not. One of the things I like about that is, you may have a large number of findings and somebody says, ‘Well, why do I need to fix my piece? Look at how big the problem is.’ Yes, but there are two assigned to you. If you can fix those two, that’s all you need to do. As more and more people do that, the whole organization moves in the right direction.”
But Norquist cautioned that it will almost certainly take years before DoD takes enough of those small corrective actions to give its inspector general confidence that its financial statements are accurately stated. He noted that the Department of Homeland Security, where he previously served as CFO, took a full decade to earn its first clean opinion.
One reason is that DoD is placing a premium on setting up business processes that are workable year-after-year, but that still comply with audit standards. As a general matter, it’s not interested in creating manual workarounds that must performed just to satisfy the audit.
“So for any particular task, if the resistance is that it’s just way too labor-intensive, then stop,” he said. “Let’s figure out why answering that auditor request is labor-intensive and fix the way we store the data, or do the check so we can answer them efficiently every year. I would rather take a negative finding the first year than do some Herculean, expensive effort that I’m going to have to repeat the next year. If we’re not able to find the records efficiently, let’s create a data warehouse, let’s put the records where they can be easily searched so that next year it’s a very quick process. We can do things differently, but we’re still going to have to meet the standards of the audit.”
To that end, Norquist said Congress and DoD itself are going to have to be diligent about what types of business systems they allow individual Defense components to procure, going forward.
“I think the biggest concern in the long-run is going to be the systems, because they take the longest to fix,” he said. “Policies, procedures, even cultural changes, we can do more quickly. So as Congress goes through each year’s budget review, when somebody comes in and asks for money for a business system, make sure you understand: is it compliant? Have they prioritized the things related to the audit, or have they pushed those down on their to-do list in place of something else? Are other systems being phased out? These things are not sexy or glamorous, and they will take us some time, but I think they have some tremendous long-term improvements for the department.”
Norquist said the department’s financial community, by and large, was excited to have the audit process finally begin, because it validates the importance of the preparatory work they have been conducting for the last several years as various Defense components have been attempting to adjust their business processes to meet generally-accepted government accounting standards.
But the current way forward — undertaking a costly audit process that’s certain to yield a disclaimer of opinion — has been criticized by some lawmakers.
An amendment to the annual Defense authorization bill offered by four senators last September would have required DoD to focus first on the “feeder systems” that are vital to many of the Defense Department’s financial transactions.
“Spending so much money on audits that are doomed to failure would be a gross waste of tax dollars,” Sen. Chuck Grassley (R-Iowa) said at the time. “Fix them, and then the rest should be just a piece of cake.”