U.S. flag

An official website of the United States government Here’s how you know

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Document
Document

We conducted this engagement in coordination with the Pandemic Response Accountability Committee (PRAC) to gain an understanding of the U.S. Department of Housing and Urban Development’s (HUD) fraud risk management practices and develop an inventory of fraud risks that HUD had not already identified for the funds appropriated by the Coronavirus Aid, Relief, and Economic Security (CARES) Act for the Community Development Block Grant (CDBG) and Emergency Solutions Grant (ESG) programs.

We identified five overall risk factors that contribute to the risk of fraud for the CDBG and ESG CARES Act funds.  We used these risk factors and the results of brainstorming sessions; interviews; and reviews of audit reports, investigations, and press releases to develop a fraud risk map containing 31 fraud schemes that can be used to misappropriate CDBG and ESG CARES Act funds.  We also identified opportunities to improve HUD’s fraud risk management practices, including clarifying roles and responsibilities, performing fraud-specific risk assessments, and raising awareness of fraud and fraud risks.

We recommend that the Office of the Chief Financial Officer coordinate with Office of Community Planning and Development program staff to clarify the roles and responsibilities for fraud risk identification, assessment, and mitigation.  We recommend the Principal Deputy Assistant Secretary for Community Planning and Development 1) complete program-specific fraud risk assessments and risk profiles for the CDBG and ESG programs, 2) consider OIG’s fraud risk inventory to improve their fraud risk assessments, 3) implement efforts to increase the awareness of fraud at all levels, 4) develop and implement a fraud risk checklist or other instrument to be completed as part of each monitoring review, and 5) develop and implement a fraud analytics strategy using available data.

Recommendation Status Date Issued Summary
2022-FO-0801-001-A Closed October 12, 2021 Coordinate with CPD program staff to clarify the (1) roles and responsibilities of the CRO, HCCRT, and CPD’s risk management staff with regard to identifying, assessing, and mitigating fraud risks and (2) purpose and role of HUD’s ERM processes and program office risk management processes with regard to identifying, assessing, and mitigating fraud risks.
2022-FO-0801-001-B Open October 12, 2021 Complete a program-specific fraud risk assessment and risk profile for the CDBG and ESG programs, with emphasis on CARES Act funding, and replicate this process to create program-specific fraud assessments and risk profiles for other CPD programs.
2022-FO-0801-001-C Open October 12, 2021 Consider OIG’s fraud risk inventory to improve CPD’s own fraud risk assessments and develop a program-specific fraud risk map and compendium.
2022-FO-0801-001-D Open October 12, 2021 Implement efforts to increase the awareness of fraud at all levels (headquarters, field offices, grantees, subrecipients, etc.), including but not limited to regularly publishing articles on known fraud schemes and identified instances of fraud in periodic newsletters or on CPD’s intranet website, providing recurring fraud risk trainings to HUD employees and grantees and working with OIG to develop materials to support fraud awareness.
2022-FO-0801-001-E Open October 12, 2021 Develop and implement a fraud risk checklist or other instrument as part of CPD’s monitoring oversight requirements, to be completed as part of each remote and onsite monitoring review.
2022-FO-0801-001-F Open October 12, 2021 Develop and implement a fraud analytics strategy using available data, including but not limited to data and information collected during the grantee risk assessment and monitoring processes, to begin conducting data analyses to identify potential fraud risks for further review.