KPMG

KPMG, LLP found that the Federal Emergency Management Agency (FEMA) did not always ensure Virgin Islands Territorial Emergency Management Agency (VITEMA) and the Virgin Islands Department of Education (VIDE) established and implemented policies, procedures, and practices to account for and expend Public Assistance (PA) grant funds according to Federal regulations and FEMA guidance.  For example, VIDE did not have policies and procedures to address procurement-related conflicts of interest and related disciplinary actions.  This occurred because FEMA did not adequately train VIDE personnel and did not review these policies and procedures.  We made five recommendations that, when implemented, should improve management of FEMA PA grant funds, ensuring the funds are expended according to Federal regulations and FEMA guidance.  FEMA concurred with the recommendations. 

KPMG, LLC found the Federal Emergency Management Agency (FEMA) did not provide adequate guidance to the Virgin Islands Emergency Management Agency (VITEMA) and the Virgin Islands Housing Finance Agency (VIHFA) and that VITEMA and VIHFA did not adequately manage FEMA Public Assistance (PA) funds.  Also, VITEMA and VIHFA did not always ensure the accuracy of project funding information or promptly notify FEMA about significant project cost overruns.  This occurred because FEMA did not provide the necessary guidance to and oversight of VITEMA and VIHFA to properly manage PA funds.  Because of these deficiencies, PA programs are at increased risk of mismanagement and expenditure of funds for unallowable activities.  We made seven recommendations to improve VITEMA’s and VIHFA’s management of FEMA PA funds, ensuring they are expended according to Federal regulations and FEMA guidance.  FEMA concurred with the recommendations.

KPMG LLP (KPMG), under contract with DHS OIG, conducted an integrated audit of DHS’ FY 2019 consolidated financial statements and internal control over financial reporting.  KPMG issued an unmodified (clean) opinion over the Department’s financial statements, reporting that they present fairly, in all material respects, DHS’ financial position as of September 30, 2019.  However, KPMG identified material weaknesses in internal control in two areas and other significant deficiencies in three areas.  Consequently, KPMG issued an adverse opinion on DHS’ internal control over financial reporting.  KPMG also reported two instances of noncompliance with laws and regulations.  DHS concurred with all of the recommendations.

This report presents the results of KPMG LLP’s (KPMG) work conducted to address the performance audit objectives relative to the Audit of Department of Homeland Security’s Fiscal Year 2017 Conference Spending. KPMG performed the work during the period of September 18, 2017 to August 30, 2018, and our scope period for testing was October 1, 2016 through September 30, 2017. KPMG LLP (KPMG) found that DHS management has policies and procedures over conference spending and reporting, improvements are needed. KMPG made seven recommendations to improve conference spending reporting.

The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting. KPMG noted that the financial statements present fairly, in all material respects, DHS’ financial position as of September 30, 2018.

KPMG issued an adverse opinion on DHS’ internal control over financial reporting of its financial statements as of September 30, 2018. The report identifies the following six significant deficiencies in internal control, the first two of which are considered material weaknesses, and four instances where DHS did not comply with laws and regulations.

KPMG, under contract with DHS OIG, audited the Management Directorate’s financial statements and internal control over financial reporting.  The resulting management letter discusses five observations related to internal control for management’s consideration.  These issues were related to journal entry review; financial system reconciliations; ineffective obligation analysis; contract expense approval, improper invoice posting; and intra-governmental payment and collection expense approval.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

KPMG, under contract with DHS OIG, audited the National Protection and Programs Directorate’s financial statements and internal control over financial reporting.  The resulting management letter discusses 14 observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes including revenue accrual, personnel actions, journal entry reviews, performance reviews, contract expense approvals, time keeping, and intra-governmental payment and collection expense approvals.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

KPMG, under contract with DHS OIG, audited the United States Coast Guard’s financial statements and internal control over financial reporting.  The resulting management letter discusses 12 observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes including financial disclosure reports; accounts receivable; civilian and military payroll; financial reporting process; and accounts payable accrual.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

KPMG, under contract with DHS OIG, audited Customs and Border Protection’s (CBP) fiscal year (FY) 2016 consolidated financial statements.  The resulting management letter discusses 12 observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in a number of processes, including deobligation of undelivered orders, review of Federal Employee Compensation Act claims, and the seized and forfeited property inventory.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on U.S. Customs and Border Protection’s FY 2016 Consolidated Financial Statements, dated January 18, 2017, included in CBP’s FY 2016 Performance and Accountability Report.

Most of the deficiencies identified by the independent public accounting firm KPMG LLP were related to access controls and configuration management of the Management Directorate’s core financial systems.  The deficiencies collectively limited the Management Directorate’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that the Management Directorate make improvements to DHS’ financial management systems and associated information technology security program.