"The data analysis was one of the four key things that we did to look at fraud, waste and abuse risks in this program," Rebecca Shea said.
The Small Business Innovation Research and Small Business Technology Transfer programs have attracted billions in federal spending. Known as SBIR and SBTT, these signature Small Business Administration programs are also rife with fraud. For why and how to reduce it the Federal Drive with Tom Temin spoke to the director of forensic audits at the Government Accountability Office, Rebecca Shea.
Learn more about your ad choices. Visit podcastchoices.com/adchoices
Interview transcript:
Tom Temin Here. And just briefly review the SBIR and Small Business Technology Transfer programs, what they do. And it’s not actually just the SBA, but these are replicated throughout the government, correct?
Rebecca Shea Yeah, that’s right. So they are programs that have been around for a good time now. SBIR started in 1982, 42 years ago, STTR back in 1992. So ten years later, STTR was started. And as you mentioned, they provide awards to small businesses to develop research and development. And obviously there’s something in it for the government. So agencies have projects that they need to meet their research and development needs and technology area. So they award these grants, contracts and cooperative agreements. But it also benefits the public in two key ways. They support innovation in the U.S., which is always a good thing for the U.S. to stay on the leading edge of research and development. And they also support small business development, which is critical to the U.S. economy. So it’s like kind of a win-win program. And like maybe two quick examples of how this might work. So the Department of Defense (DoD) and Health and Human Services (HHS) they say, hey, look, we need some ways to quickly identify airborne microbes or aerosolized threats in public places. And so they put out a request for ideas and projects in this area, completely in a different area, Department of Transportation. They’re looking for a bridge inspection technology that can scan traffic while it’s still passing so you don’t have to stop the flow. And for those of us in the DMV, the D.C., Maryland, Virginia area, we really appreciate that If you’re metroing or commuting, you don’t have to wait and pause at bridges and also your metros are safe. And just going back to how they’re administered. So, yes, SBA is the entity, the Small Business Administration, they oversee the program, but there are 11 participating agencies that administer the awards and provide them. And they do that in the form of, as I mentioned, grants, contracts and cooperative agreements.
Tom Temin All right. So GAO looked at more than 10,000 awards over a period of five years. And you found well, close to a thousand of those had risk indicators that maybe they shouldn’t get a grant or a cooperative agreement or a contract. Tell us more.
Rebecca Shea Yep. So the data analysis was one of the four key things that we did to look at fraud, waste and abuse risks in this program. And we looked at six years of award data. So 2016 to 2021, there’s always a little bit of a lag in collecting or reporting the data. So that’s why it’s prior years. And we looked at compliance risk, five compliance risk. These are things that are required by the program. And so they should be met. And we found flags that suggest that maybe they are. And then a host of other risk indicators, not necessarily compliance, but things that the agencies should be aware of. And maybe because of the flag, we want to take a closer look. So on the compliance side, for example, we looked at business size. It’s a small business program, so the businesses should not have more than on average, 500 employees. And we found some evidence of cases where it looked like they were the businesses that were receiving these awards were larger than 500 employees. And there are awards associated with those totaling about $445 million. Other areas include PI employment. So we want to make sure that the principal investigator on these awards is working full time on them. We want them dedicated to the project and making sure we’re getting value for the government, for the project. And we found looking at wage data, a good number of PIs that had multiple wages for different different organizations, different entities in the time period. We also looked at foreign ownership. So U.S. business R&D project, they should be U.S. businesses. We looked at equivalent work. We don’t want the federal government paying money for the same work across different agencies. And then we also looked at facility address. The address should be a legitimate address. It should be fit for purpose and in the U.S. And we found risks in all of those areas, among some others.
Tom Temin Yeah, So lots of factors that add up to real money, I guess that went out the door. We’re speaking with Rebecca Shae. She’s director of forensic audits at the Government Accountability Office. And just a detail question. Did you find any cases of where a given entity was getting multiple awards or agreements or contracts from different agencies for the same work where they were trying to play the street, you might say?
Rebecca Shea We did, in fact. And that’s actually one thing that I want to highlight about these awards, because there are 11 participating agencies, and entities can receive awards from multiple agencies. And so the risk does not just exist within a single agency. It can exist across agencies. And that’s the case with the duplicative awards. We found about $445 million worth of awards associated with potentially duplicative work that was being funded across ten different agencies.
Tom Temin Yeah. So again, real money. Well, to get around this then, is this an SBA problem? Is it the agencies that administer it problem or both? Who did your recommendations go to?
Rebecca Shea Yeah, it’s both. It’s everyone’s problem to manage fraud, waste and abuse. So SBA, they do a number of things to help agencies manage the fraud risks. And we made our recommendations to align with some of those existing processes that they already had in place. For example they issued this policy directive with ten minimum standards for agencies to do certain things to manage fraud, waste and abuse threats like conduct training. So we found that two agencies were not conducting the required training for applicants and awardees. So we made recommendations to them to do that training. But then also SBA, they conduct these monthly program manager meetings to talk about fraud risks and other issues, successful control strategies. They list fraud cases on their website as a deterrent, but also to help agencies identify these risks. And there were certain things that we recommended that they could do to enhance some of their efforts in that area. For example, we looked at 37 different fraud schemes and found that some of the schemes we identified SBA had not identified and listed on their website. So we recommended that they look at some different sources and do a better job of identifying and posting those fraud cases. Because that helps serve the deterrent effect. We recommended that they provide guidance on conducting fraud risk assessments to the agencies to support fraud, risk management. And then we also recommended two recommendations for improving data quality. So agencies use the company registry data and the award data to do some of those compliance checks that I mentioned, like the duplicative work one. We found a number of abstracts for awards that were incomplete or blank. And how are you able to tell if you’re awarding something for duplicative work if there’s no abstract. So they need to ensure that the data are more complete and more reliable so that agencies can conduct those checks.
Tom Temin Sometimes it seems like the volume of work just gets beyond the ability of the people carrying it out to make sure that all the I’s are dotted and the T’s are crossed.
Rebecca Shea Yeah, that’s a good point. And that’s one of the reasons we tend to try to do these data analytics test that are proof of concepts, if you will. We didn’t use any hard to find or hard to use data or postal service data system for award management data. Some basic checks of the registry data that’s available to all agencies. These are ways that the agencies can identify fraud risks and prioritize their resources, prioritize who they’re going to check out. Because they can’t look at everybody. We’re talking 10,000 awards in this this group that we looked at. But if they can identify where there are these flags and multiple flags, that’s where they can prioritize their resources for further review and investigation.
Tom Temin And by the way, did you also audit for the appropriateness of the awards in the first place? That is, were they really for basic research that could be used by the government versus prototyping, which would be other transaction authority, a whole different structure?
Rebecca Shea Yeah. So we did not look into the appropriateness of the awards. We were really looking just at of those that have been awarded, what are the fraud and compliance indicators of those?
Tom Temin And did the SBA and you also had recommendations for Agriculture and the Defense Department. Did they all say, yeah, you’re right, we want to get after that?
Rebecca Shea They did. Everyone agreed generally with our recommendations, and have reported that they have already started taking action to address them.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Tom Temin is host of the Federal Drive and has been providing insight on federal technology and management issues for more than 30 years.
Follow @tteminWFED