Contents

• Background
• Improper Payments Requirements
• PIIA Requirements
• Ongoing Challenges with Payment Integrity
• A Small Subset of Programs Account for Most Improper Payments
• Root Causes
• Uneven Progress in Reducing Error Rates
• Error Rate Reductions
• Persistent Error Rates
• Noncompliance with PIIA
• CFO Act Agencies Reporting Error Rates Above 10%
• Unreliable Improper Payment Estimates
• Inadequate Risk Assessments
• Recovery Audit Data Are Limited
• Agencies May Not Adequately Justify Decision to Not Pursue Recoveries
• Data on PaymentAccuracy.gov Are Limited
• Inadequate Controls over Pandemic Spending
• Lack of Prepayment Controls
• Lack of Post-Payment Controls
• Lack of Fraud Risk Management Plans
• Selected Legislative Proposals in the 119^th Congress
• The Improper Payments Transparency Act (H.R. 1771/S. 747)
• The Taxpayer Resources Used in Emergencies (TRUE) Accountability Act (S. 78)
• The Safeguarding the Transparency and Efficacy of Payments (STEP) Act (S. 80)
• The PIIA Reform Act (H.R. 1533)
• Concluding Observations
• Unknown Payments
• Uncollected Overpayments

Summary

Improper payments—those that should not have been made or that were made for the wrong amount—are a long-standing concern for the federal government. Since FY2004, agencies have reported just under $3.0 trillion in improper payments, including $186 billion in FY2025. Fraud in pandemic relief spending, which is estimated to exceed $300 billion, contributed to a spike in improper payments from FY2020 through FY2023.

In an effort to reduce improper payments, Congress passed a series of laws between 2002 and 2015 that were consolidated and replaced by the Payment Integrity Information Act of 2019 (PIIA; P.L. 116-117). PIIA requires executive branch agencies to assess the risk of significant improper payments for every program with outlays over $10 million. If a program is found to be risk-susceptible, the agency must publish in its annual financial statement an estimate of its improper payments, a corrective action plan, and annual reduction targets, among other things. PIIA also requires agencies to recapture overpayments through a recovery audit program when doing so is cost-effective. An agency is deemed noncompliant with PIIA if it fails to fulfill these requirements or reports an error rate of 10% or higher for any program.

Each year, dozens of programs with varied structures and purposes are deemed to be risk-susceptible. The amounts of improper payments, on the other hand, tend to be concentrated in the same five programs: Medicare, Medicaid, Unemployment Insurance, Supplemental Security Income, and the Earned Income Tax Credit. These programs have accounted for 77% (approximately $2.3 trillion) of improper payments reported since FY2004. Improper payment totals have increased in the past two decades in part because federal expenditures have increased significantly while error rates for many programs have not improved much, if at all. The Earned Income Tax Credit, for example, has reported an error rate of 23% or higher every year for 21 years, and the error rate for the Unemployment Insurance program was higher in FY2025 than it was in FY2004.

Improper payments have also increased in recent years in part due to more than $300 billion in fraudulent pandemic relief payments. Since FY2020, Congress has provided $4.5 trillion in emergency funds to mitigate the impacts of the COVID-19 virus. A number of agencies lacked effective pre-payment, post-payment, and fraud risk controls at the outset of the pandemic. Some agencies, in an effort to expedite disbursals, did not verify applicants' identities or eligibility before issuing payments. Other agencies did not review payments in a timely manner to detect and recover fraud and other improper payments. Most agencies had inadequate fraud risk management plans in place prior to the pandemic and were unprepared to safeguard pandemic programs from increasingly sophisticated fraudsters.

Noncompliance with PIIA is widespread. Of the 24 agencies subject to the Chief Financial Officers Act, about half are not compliant with PIIA each year. The most common causes of noncompliance are reporting a program with an error rate above 10% (which 19 programs did in FY2025), reporting unreliable improper payments estimates, and performing inadequate risk assessments. Some agencies have been noncompliant for several years in a row. The Department of Defense has not reported valid improper payments estimates for 15 consecutive years, and the Department of Housing and Urban Development has not reported valid estimates for its two largest programs—which constitute two-thirds of its expenditures—for eight consecutive years.

Auditors have found that agencies do not always implement recovery audit programs when they should and sometimes do not provide adequate justification for not pursuing the collection of overpayments. In addition, PaymentAccuracy.gov, the primary source for government-wide improper payments data, has limited information on overpayments. Congress might benefit from having a central repository for a wider range of data, such as the amounts of overpayments waived by federal and state agencies each year and the amounts of overpayments that are outstanding at each agency.

There have been several improper payments bills introduced in recent years. Among the key provisions in these bills are requirements for agencies to deem any program with $100 million in expenditures as risk-susceptible, report on their implementation of fraud risk management best practices, include improper payments information with their budget materials, and develop internal control plans for emergency funding. Congress may also wish to consider requiring agencies to report on the percentage of "unknown payments" that are ultimately determined to be proper, improper, and fraudulent.

Background

Improper payments—those that should not have been made or were made in the wrong amount—have been a long-standing issue in the federal government. Between FY2004 and FY2025, federal agencies reported just under $3.0 trillion in improper payments.¹ The amount of annual improper payments increased 304% during that time, growing from $46 billion to $186 billion in nominal dollars.²

There was a notable increase in improper payments from FY2020 through FY2023, when the government implemented a $4.6 trillion spending initiative to mitigate the effects of the COVID-19 virus on public health and the economy. Hundreds of billions of dollars in pandemic funds have been lost to fraud³—a subset of improper payments—and billions more were accidentally sent to ineligible recipients, including $1.4 billion in stimulus payments sent to deceased individuals.⁴ As a consequence, agencies reported $971 billion in improper payments in the four years following the onset of the pandemic (FY2020-FY2023) as compared to $611 billion in the four years prior to the pandemic (FY2016-FY2019), a 59% increase.⁵ The decrease in improper payments between FY2023 and FY2024 was largely attributable to the government terminating or winding down spending for pandemic programs. The amount of improper payments increased in FY2025. Figure 1 shows the annual amounts of improper payments from FY2004 to FY2025.

The total amount of improper payments remains unknown because some agencies do not report valid estimates for every program that is susceptible to significant levels of improper payments, as required by the Payment Integrity Information Act (PIIA; P.L. 116-117). A 2024 analysis of federal spending also suggests that the government's loss due to fraud—a subset of improper payments—may range from $233 billion to $521 billion each year.⁶ The total amount of improper payments therefore may be substantially higher than current estimates.

Figure 1. Government-Wide Improper Payments, FY2004-FY2025

Source: PaymentAccuracy.gov. CRS graph. Data accessed April 15, 2026.

Improper Payments Requirements

In 1997, the Comptroller General first identified improper payments as a weakness in the government's consolidated financial statements.⁷ In response, the Government Accountability Office (GAO) coordinated with the Office of Management and Budget (OMB), agency inspectors general (IGs), and relevant federal agencies to assess the full scope of improper payments and implement appropriate remediation efforts.⁸ Building on this initiative, Congress passed the Improper Payments Information Act of 2002 (IPIA; P.L. 107-300). The IPIA required each executive branch agency to (1) assess each program for its risk of improper payments, (2) develop an estimate of the improper payment rate for risk-susceptible programs, and (3) report that estimate to Congress along with a description of the steps the agency plans to take to reduce its improper payments, beginning in FY2004.

Congress subsequently passed a series of laws to expand and enhance IPIA requirements, including the Improper Payments Enhancement and Recovery Act of 2010 (IPERA; P.L. 111-204), Improper Payments Enhancement and Recovery Improvement Act of 2012 (IPERIA; P.L. 112-248), and Fraud and Data Analytics Act of 2015 (FRDAA; P.L. 114-186). Concerned that the multiplicity of improper payments statutes "lack(ed) sufficient coherence," Congress repealed and replaced all of these laws with PIIA.⁹

PIIA Requirements

PIIA retained most of the key provisions of IPIA, IPERA, IPERIA, and FRDAA. It also required agencies to verify payments before issuing them and codified elements of OMB Memorandum M-15-02, Requirements for Effective Estimation and Remediation of Improper Payments.¹⁰ Key features are described below.

Risk Assessments

PIIA requires executive branch agencies to review all of their programs and activities (hereinafter shortened to "programs") at least every three years to determine if they are susceptible to significant levels of improper payments. PIIA defines significant as total improper payments that may have exceeded (1) $10 million and 1.5% of total program outlays or (2) $100 million. For the purposes of this report, programs that exceed the threshold for significant improper payments are referred to as "risk-susceptible."

When assessing a program or activity, the agency must consider factors that may increase the risk of improper payments. These factors include

• the complexity of the program;
• the volume of payments;
• whether the program is new to the agency;
• whether eligibility for the program is determined at the state or local level;
• whether there have been major changes in program funding, authorities, or procedures;
• the level of expertise of the personnel that make eligibility determinations or certify payments;
• significant deficiencies that might hinder accurate payment certification;
• accuracy and reliability of previously reported improper payment estimates; and
• risk of fraud as assessed by the agency under the Standards for Internal Control in the Federal Government.¹¹

Improper Payments Estimates

Agencies must develop statistically valid estimates of improper payments for all risk-susceptible programs and report those estimates in their annual financial statements. An estimate must include both verified improper payments—where the agency has the data needed to confirm payments were made in the wrong amount or should not have been made at all—and "unknown payments," where the agency lacks sufficient documentation to determine if the payment was proper or not. When an agency reports an error rate, the total includes unknown and known improper payments.

Corrective Action Plans

Each agency with a risk-susceptible program must provide a corrective action plan (CAP) that specifies the actions it is taking to reduce improper payments, including a description of the causes of improper payments, the steps it plans to take to achieve reductions, and an estimate of when those steps will be complete. The CAP must also include

• a statement as to whether the agency has sufficient internal controls, human capital, and information systems to achieve significant reductions in improper payments;
• program-specific improper payments reduction targets that have been approved by OMB; and
• a description of the steps the agency is taking to ensure agency staff and state and local governments (where appropriate) are held accountable for meeting reduction targets and maintaining adequate internal controls.

Recovery Audit Reports

PIIA requires agencies to attempt to recapture overpayments—a process known as a recovery audit—for any program with outlays in excess of $1 million in a fiscal year if doing so would be cost-effective. An agency may conduct the recovery audit itself, use another federal agency, or contract with a private sector entity for the service. If an agency procures recovery audit services, the contractor must report periodically to the agency on the conditions that gave rise to overpayments and may provide recommendations on how to mitigate those conditions. The agency must, in turn, include in its annual financial statement a discussion of the steps it took to address the contractor's recommendations.

The head of an agency has the authority to distribute recovered overpayments as follows:

• Not more than 25% of the total shall be used to carry out a financial management improvement program. The program must, as its first priority, address the problems that contribute to improper payments. As a secondary priority it may seek to reduce errors and waste in other agency programs and operations.
• Not more than 25% of the total shall be used for the same general purposes as the appropriation or fund from which the overpayment was made. Recovered overpayments that originated in trust funds must revert back to those accounts.
• Not more than 5% of the total shall be available to the agency IG to carry out the PIIA or to investigate improper payments or audit internal controls associated with improper payments.
• Amounts collected that are not used as discussed above shall be deposited in the Treasury as miscellaneous receipts, except for overpayments recovered from trust funds, which shall revert back to those accounts.

Each agency must include a discussion of its recovery audit programs in its annual financial statement, including the methods used to recover overpayments and the amounts of overpayments that were recovered, remain outstanding, and were determined to be uncollectible. The discussion must summarize how recovered overpayments have been distributed and how the agency is addressing the conditions that gave rise to improper payments. The financial statement must also include a justification for instances where (1) recovery audits were not implemented on the grounds that they would not be cost-effective or (2) funds were determined to be uncollectible. Fraud is an example of an overpayment that may be deemed uncollectible, as it is unlikely that the recipient will repay that debt, and it is generally not possible to offset future payments.

High-Priority Programs

OMB is required to review all risk-susceptible programs and identify a list of "high-priority" programs. These programs are to be selected because they have the highest dollar value of improper payments, the highest improper payment rates (calculated as a percentage of outlays), or the highest risk of improper payments. OMB may identify a program as being high-priority based on any one those factors, which means a program that does not meet the threshold for "significant" improper payments may be added if its risk is deemed sufficiently high.

High-priority programs—which are responsible for 99% of the government's improper payments each year—are subject to greater levels of oversight and review. For each high-priority program, OMB is required to work with the administering agency to establish semi-annual or quarterly actions for reducing improper payments. In addition, the administering agency must submit to OMB and its IG a report that describes the actions the agency has taken, and intends to take, to prevent and recover improper payments. OMB is required to make these reports available to the public online. Agency IGs must review each high-priority program and assess the

• level of risk associated with each high-priority program,
• quality of the improper payments estimates the agency developed, and
• financial controls the agency has in place to prevent improper payments.

The IGs must submit to Congress any recommendations for improving agencies' corrective action plans, risk assessments, or improper payments estimates.

Internal Controls

Under PIIA, agencies are required to implement internal controls that effectively prevent and detect improper payments. PIIA specifies that federal agencies, as well as state governments and contractors that administer federal funds, must use the Department of the Treasury's Do Not Pay Initiative (DNP) prior to issuing payments or making awards. DNP allows a user to simultaneously check multiple databases to verify the eligibility or identity of a vendor, grantee, loan recipient, or beneficiary.¹² Prepayment reviews are generally considered essential internal controls, because identifying and attempting to recover improper payments after they are made—often referred to as the "pay and chase" approach—is inefficient and costly.¹³

PIIA also requires agencies to establish a fraud risk management framework that incorporates the standards and leading practices established by GAO in its publication A Framework for Managing Fraud Risks in Federal Programs.¹⁴ Under the framework, an agency must

• create an organizational structure and culture conducive to fraud risk management. In particular, each agency should designate an entity to lead fraud risk management activities and ensure it has the resources to do so.
• plan regular fraud risk assessments and assess risks to determine fraud risk profiles. The assessments should be tailored to each program and should consider the suitability of existing controls.
• design and implement strategies with specific control activities to mitigate assessed fraud risks and collaborate to help ensure effective implementation. Strategies should focus on preventive control activities and involve both subject matter and data analysis experts.
• evaluate outcomes using a risk-based approach and adapt activities to improve fraud risk management. Agencies should collect and analyze data on potential and detected fraud and use the results to improve fraud management activities. Data analytic tools should be employed to the maximum extent possible.

PIIA required agencies to report on their progress in implementing the fraud risk framework for FY2019 and FY2020. That requirement has not been reimplemented since the statutory mandate expired.

Compliance

Each year, the IG of every agency must issue a report on whether the agency is compliant with PIIA requirements. OMB's guidance¹⁵ to IGs clarifies that there are 10 requirements (listed in six items) that agencies must meet to be compliant with PIIA. Each agency must

1a. publish payment integrity information with its annual financial statement;

1b. post its annual financial statement and accompanying materials on its website;

2a. conduct an improper payments risk assessment, at least once every three years, for each program with annual outlays greater than $10 million;

2b. adequately conclude whether assessed programs are likely to make improper payments and unknown payments above or below the statutory threshold;

3. publish in the materials that accompany its annual financial statement any improper payment and unknown payment estimates for programs susceptible to significant improper payments and unknown payments;

4. publish in the materials that accompany its annual financial statement a corrective action plan for each risk-susceptible program;

5a. publish in the materials that accompany its annual financial statement an improper payment and unknown payment reduction target for each risk-susceptible program;

5b. demonstrate improvements to payment integrity for each risk-susceptible program;

5c. develop a plan to meet its improper payment and unknown payment reduction targets; and

6. report an improper payment estimate (inclusive of unknown payments) of less than 10% for each risk-susceptible program.

The compliance reports are to be submitted to Congress and posted on a public website. If an agency is found to be noncompliant with any of these requirements, the agency must submit a plan to the program's authorizing and appropriations committees that describes the actions it will take to become compliant. If an agency is noncompliant for two consecutive fiscal years for the same program, the agency shall propose to OMB additional program integrity measures that would help the agency come into compliance, such as additional funding. If an agency is noncompliant for three consecutive years for the same program, the agency must submit to the program's authorizing and appropriations committees a list of proposed statutory changes necessary to bring the program into compliance. If an agency is noncompliant for four or more consecutive years for the same program, it must submit a report to the program's authorizing and appropriations committees on the actions it has taken to address the causes of noncompliance, additional steps it intends to take to come into compliance, and a timeline for completing those steps.

Ongoing Challenges with Payment Integrity

The scale and growth of improper payments, as shown in Figure 1, reflect several factors. First, although payment integrity issues are widespread, a small number of programs account for a large majority of total improper payments. In addition, while the error rates for some risk-susceptible programs have improved over time, a number of programs with tens of billions of dollars in annual outlays have shown virtually no improvement. Moreover, about half of the 24 largest federal agencies¹⁶—which account for 99% of improper payments¹⁷—are noncompliant with PIIA in most years, and many agencies have not implemented effective internal controls to prevent and detect fraud. Auditors have also identified concerns with agency recovery audit practices, noting that some agencies have declined to pursue overpayments without providing adequate justification. Unless footnoted, all data come from the PaymentAccuracy.gov website, which was established jointly by the Department of the Treasury, OMB, and the Department of Justice.

A Small Subset of Programs Account for Most Improper Payments

Payment integrity issues are widespread in that they are not confined to programs or agencies that fit a particular profile. In FY2025, for example, 15 agencies reported $185.8 billion in improper payments for 64 risk-susceptible programs.¹⁸ Some of these programs were administered entirely by federal agencies and others jointly with state and local governments. They provided different forms of assistance, such as grants, contracts, loans, and loan guarantees. They included mandatory and discretionary spending, programs newly created during the pandemic, and programs that had been in place for decades. Their objectives were as varied as building highways, paying military pensions, and providing food benefits to low-income families.

However, by sorting these programs into groups based on their levels of improper payments, it becomes apparent that a relatively small number of programs account for a large percentage of improper payments. As Table 1 shows, of the 64 risk-susceptible programs identified in FY2025, 22 reported at least $1 billion in improper payments, accounting for just under 95% of all improper payments that year.

The FY2025 data show that a relatively small number of programs account for a large percentage of total improper payments. Five of the largest programs in terms of expenditures—Medicare (including Part C, Part D, and Fee-for-Service), Medicaid, the Earned Income Tax Credit (EITC), Unemployment Insurance (UI), and Supplemental Security Income (SSI)—reported approximately $128 billion in improper payments in FY2025, accounting for 66% of total improper payments that year. This a consistent finding over the past 21 years of reporting. Of the estimated $3.0 trillion in improper payments that agencies reported between FY2004 and FY2025, approximately $2.3 trillion (77%) was from these five programs. Improving payment integrity in these programs would likely be a necessary step to achieving significant reductions in annual improper payments.

Improper payments in Medicare and Medicaid have garnered particular attention from stakeholders not only for their scale—the two programs reported a total of $94 billion in improper payments in FY2025—but also because of the impact improper payments have on beneficiaries. Improper payments, by misallocating resources, reduce the ability of these programs to provide adequate health care to those who rely on them, including low-income children, the elderly, and the disabled.¹⁹ Improper payments in Medicare also reduce the longevity of the Hospital Insurance Trust Fund—the source of Medicare's funding. In June 2025, Medicare trustees estimated that the fund's reserves will be depleted in 2033, at which point continuing program income will be sufficient to pay 89% of scheduled benefits.²⁰

Root Causes

OMB guidance requires agencies to annually identify and report on the root causes of improper payments in their risk-susceptible programs.²¹ These data are then published on PaymentAccuracy.gov. OMB provides categories of root causes from which agencies must choose when reporting on their programs, although it may change the categories from year to year to reflect feedback from the agencies on what is driving improper payments.

According to data reported by agencies, approximately 92% of the government's total improper payments in FY2022 and 93% in FY2025 were placed into one of four root cause categories, although the "top four" categories were not the same each year. The distribution of improper payments among various root causes changed for most categories between FY2022 and FY2025. For example, FY2025 had a smaller percentage of improper payments attributable to the inability to access information and a larger percentage attributable to data not existing and failure to access data. Also, agencies reported no improper payments due to insufficient data from applicants in FY2025, whereas in FY2022 that category accounted for 8% of total improper payments. The largest category of root causes was the same in both years: the failure to access information that was available prior to making a payment. Table 2 defines these categories and identifies the percentage of total improper payments that were attributed to each from FY2022 to FY2025.

Root causes matter because they may be used to guide the development of policies and practices that address improper payments. Different root causes may require different policy solutions. For example, an agency that does not access information that is available prior to issuing program payments might increase training for its staff to ensure they better understand their responsibilities, whereas an agency that does not have access to the data it needs to prevent improper payments for a program might need to obtain legislative authority to fully address the issue. Table 3 shows the most common root cause of improper payments for EITC, Medicaid, Medicare (Part C, Fee-for-Service, and Part D), SSI, and UI as reported for FY2025. The root causes were the same for each program in FY2022.

Table 3 is consistent with what the data from FY2022 showed: that root causes, and therefore potential corrective actions, vary across programs. Even among this small sample of five programs there were three different "most common" root causes identified. This may suggest that long-term progress in reducing improper payments would require a multifaceted approach that addresses both government-wide concerns—such as ensuring that all agencies are meeting PIIA's reporting requirements—as well as program-specific issues.

Uneven Progress in Reducing Error Rates

Improper payment amounts are estimated by applying the percentage of improper payments in a program—its error rate—to its total expenditures. While some programs have reduced their error rates over time, federal improper payments continue to increase, primarily due to the lack of progress in reducing error rates in high-priority programs, increased federal expenditures, and the mismanagement of emergency funding.

Error Rate Reductions

A few high-priority programs have significantly reduced their error rates. The error rate for the School Lunch program decreased from 16.3% in FY2007 to 7.0% in FY2025, and the error rate for the Pell Grant program declined from 4.1% in FY2008 to 1.1% in FY2025. Had those error rates remained at their initial levels, School Lunch would have reported $1.9 billion more in improper payments in FY2025 alone and Pell Grants an additional $1.2 billion.

Medicare, one of the largest programs the government administers both in terms of the number of beneficiaries (68 million)²² and outlays ($935 billion in FY2025), is comprised of three component programs: Fee-for-Service (FFS), Medicare Advantage (Part C), and Prescription Drug Benefits (Part D). Each of these programs reports its own error rate, and each is designated a high-priority program. The error rates for both FFS and Part C—which accounted for 89% of Medicare payments in FY2025—have moderately improved since they were first reported. The error rate for FFS decreased from 10.1% in FY2004 to 6.6% in FY2025, and Part C's error rate decreased from 10.6% in FY2008 to 6.1% in FY2025. Part D's error rate increased from 3.2% in FY2011 to 4.0% in FY2025. Improper payments for all three components increased even as the error rates for FFS and Part C decreased because of the rapid growth in Medicare outlays—federal spending on Medicare increased 60% ($355 billion) between FY2012 and FY2022. While the three Medicare components each report error rates below 10%—PIIA's standard for compliance—significantly reducing total Medicare improper payments will require additional action.

Persistent Error Rates

Many high-priority programs have not shown significant, sustained improvement in their error rates over time. In some cases, the error rate for a program decreased steadily for years before increasing again, often exceeding the initial error rate. For example, in FY2004, the Supplemental Nutrition Assistance Program reported an error rate of 6.6%, which steadily declined until it reached 3.8% in FY2011. The error rate remained below 4.0% for five consecutive fiscal years, then grew quickly, reaching 6.8% in FY2019 and 10.9% in FY2025. Similarly, the error rate for the Children's Health Insurance Program declined from 14.7% in FY2008 to 6.5% in FY2014, and then increased steadily until reaching 15.8% in FY2019. These two examples suggest that improving payment integrity is not a task that is finished once a program's error rate reaches a certain level; rather, it is a process that must be constantly evaluated and revised.

The error rates for other high-priority programs have shown little or no improvement over time. In FY2004, EITC reported an error rate of 24.5% and improper payments of $9.7 billion. During the following 19 years EITC's error rate never fell below 23.4%, and in FY2025 it was reported at 32.7% with $21.1 billion in improper payments. Similarly, the UI program reported an initial error rate of 10.3% and $3.9 billion in improper payments in FY2004. UI's error rate did not fall below 9.9% during the following 20 fiscal years and peaked at 22.2%. In FY2025, UI reported an error rate of 14.9% with improper payments of $5.6 billion.

While arguably low, the error rate for the Old Age, Survivors, and Disability Insurance (OASDI) program, which had outlays of $1.29 trillion in FY2025, has increased somewhat over time. In FY2004, the error rate for OASDI was 0.32% with improper payments of $1.7 billion, and in FY2025 it was 0.30% with $1.6 billion in improper payments. OASDI arguably has effective payment integrity measures in place given that its error rate has remained below 1% every year for the past 21 years. However, it is a high-priority program due its expenditure levels—$1.29 trillion in FY2025—meaning a 0.1% change in OASDI's error rate would result in a $1.29 billion increase or decrease in improper payments.

Noncompliance with PIIA

As aforementioned, noncompliance with PIIA is widespread among the 24 agencies covered by the Chief Financial Officers Act (CFO Act). In the 15-year span from FY2011 to FY2025, many agencies were PIIA-compliant in two or fewer years: the Departments of Agriculture (USDA), Defense (DOD), Health and Human Services (HHS), Housing and Urban Development (HUD), Labor (DOL), Treasury, and Veterans Affairs (VA), as well as the Small Business Administration (SBA) and the Social Security Administration (SSA). Agencies are most commonly found noncompliant because they report error rates above 10%, publish unreliable improper payments estimates, and perform inadequate risk assessments. Table 4 identifies the number of years each CFO Act agency was compliant with PIIA from FY2011 to FY2025.

CFO Act Agencies Reporting Error Rates Above 10%

The most common cause of PIIA noncompliance most years is reporting an error rate above the 10% threshold. In FY2023, for example, six agencies reported a total of 12 programs with error rates above the threshold, and in FY2025, eight agencies reported 18 programs with error rates above it. As the data suggest, in most years, one or more agencies report multiple programs with error rates above 10%, although the agencies vary from year to year. For example, four agencies reported multiple programs with noncompliant error rates in FY2025—USDA, DOD, SBA, and Treasury—while in FY2016 three agencies reported multiple programs with noncompliant error rates—USDA, HHS, and VA. Table 5 shows the programs with error rates above 10% for FY2025.

While it is not common, agencies sometimes report multiple programs with noncompliant error rates for extended periods of time. Treasury has reported error rates above 10% every year since FY2019 for the American Opportunity Tax Credit, the Additional Child Tax Credit, and the EITC.

Unreliable Improper Payment Estimates

Agencies are required to report reliable improper payments estimates under PIIA. If an agency uses an unreliable methodology for estimating its improper payments, or does not report an estimate at all, it is deemed noncompliant. This section does not include FY2025 data because not all agency PIIA compliance audits were available as of the date this report was published.

Developing unreliable estimates is a long-standing problem that affects multiple programs at some agencies. For example, in FY2024, improper payment estimates at eight agencies—the Department of Homeland Security (DHS), DOD, the Department of Education, HHS, HUD, the Office of Personnel Management (OPM), SBA, and USDA—were determined to be unreliable by their respective IGs.²³ DOD reported unreliable estimates for all eight of its risk-susceptible programs for the 14^th consecutive year due to a range of problems with its methodology and data quality.²⁴ SBA reported unreliable improper payments estimates for four programs—Disaster Assistance Loans, 7(a) Loan Guaranty Purchases, Paycheck Protection Program (PPP) loan forgiveness, and PPP Loan Guaranty Purchases²⁵—and the Department of Education reported unreliable estimates for two of its risk-susceptible programs.²⁶

Some agencies do not report improper payments estimates at all for some of their risk-susceptible programs, including programs with significant outlays. For eight consecutive years (FY2017-FY2024), HUD did not report estimates for the Project-Based Rental Assistance program or the Public Indian Housing—Tenant-Based Rental Assistance program, which account for roughly two-thirds ($50 billion) of HUD's expenditures.²⁷ Similarly, DOL did not report an estimate for the Pandemic Unemployment Assistance program until FY2023, even though the program began operating in March 2020. DOL ultimately reported an error rate of 35.9% for this program, with $43.5 billion in improper payments.

HHS did not report an error rate for Temporary Assistance for Needy Families (TANF) in FY2024 because it says it did not have the authority to require states to submit the data needed to estimate and report on improper payments.²⁸ The lack of adequate data to assess TANF has been a concern for more than two decades,²⁹ and the inability to estimate and report on improper payments in TANF, which had $14.4 billion in federal expenditures in FY2024, represents a fiscal risk to the government.³⁰

Inadequate Risk Assessments

PIIA requires agencies to assess each program every three years and conclude whether it is susceptible to significant levels of improper payments. If an agency does not perform timely assessments, or incorrectly concludes that a program is not risk-susceptible, then some improper payments may escape detection for years. Moreover, excluding programs from PIIA requirements limits oversight of improper payments and prevents the full scope of the problem from being known.

HHS was found noncompliant with PIIA in FY2023³¹ and in FY2024,³² in part for failing to perform a risk assessment for each program at least once every three years, although the auditor did not specify how many programs had not been assessed as required.

In FY2023, Treasury was found noncompliant with PIIA in part because it incorrectly concluded that Emergency Rental Assistance (ERA), a $45 billion pandemic-era program, was not susceptible to significant levels of improper payments. Auditors noted that Treasury looked at ERA payments only at the federal level and did not take into account the risk associated with payments made by state agencies and grantees.³³ Similarly, DHS was found to be noncompliant with PIIA in FY2022 because it incorrectly concluded that the Funeral Assistance Program was not risk-susceptible even though auditors at both DHS and GAO rated the program as highly susceptible to improper payments.³⁴

Some newly created programs are not assessed for improper payments in a timely manner. Agencies have the option to wait until a program has a full year of expenditure data before performing its initial assessment. A new program may begin issuing payments mid-year, which means an agency may opt to perform an initial risk assessment after the end of the subsequent fiscal year. If the program is determined to be risk-susceptible, then the program would begin reporting in its third fiscal year. At the same time, the risk of significant improper payments may be elevated for new programs because federal and state staff are unfamiliar with program requirements and internal controls. When new programs have substantial expenditures, there is increased risk to the government of significant levels of improper payments being undetected for years.

Recovery Audit Data Are Limited

In FY2025, agencies reported $152 billion in overpayments. Recovery auditors identify overpayments by examining payment data for indications of potential improper payments, such as duplicate payments, errors on invoices, payments for items not received, errors in calculating payment amounts, or failure to reduce payments by applicable discounts, rebates, or credits. Strategies that agencies commonly employ to recover overpayments include offsetting other federal payments, establishing a payment plan, direct billing, garnishing wages, and referring overpaid individuals to credit bureaus or law enforcement agencies. Agencies must refer nontax debts that are 120 days delinquent to Treasury for collection.³⁵ Recovery audits take time to implement and, in many cases, result in long-term repayment plans. The amount of recoveries reported in a given year therefore are not entirely from overpayments made that year; they include recovery of overpayments from prior years as well.

In some cases, agencies may establish recovery audits but choose not to pursue some of the overpayments. An agency may waive an overpayment when the debtor may not be able to repay the amount owed, the debtor cannot be located, the debtor has received a waiver, or the debt was discharged in bankruptcy, among other reasons. Also, agencies may waive nonfraud overpayments for certain programs, such as UI³⁶ and SSI,³⁷ if requiring repayment of the debt would go against "equity and good conscience" or otherwise defeat the purpose of the law. State agencies may also have the authority to waive overpayments in some instances.

Auditors have found that agencies do not always provide adequate justification for deciding not to implement recovery audits. In addition, the information on PaymentAccuracy.gov might be expanded and enhanced to ensure that Congress and the public can easily access and understand government-wide overpayments data.

Agencies May Not Adequately Justify Decision to Not Pursue Recoveries

Agencies do not always provide well-documented justifications for not implementing recovery audit programs. In some cases, agencies may underestimate the potential returns on recovery audits, either by not having adequate cost-benefit analyses performed or by failing to consider evidence showing that the amount of improper payments is higher than initially believed.

In April 2022, SBA announced it would end collections on delinquent PPP loans that were under $100,000.³⁸ SBA justified this decision by arguing that it would not be cost-effective to attempt to collect on the loans.³⁹ By December 2022, SBA had charged-off 203,101 PPP loans totaling $7.3 billion.⁴⁰ Under pressure from the SBA Office of Inspector General (OIG), who argued that the agency's decision was not justified because it did not perform an adequate cost-benefit analysis on collecting debt for either program,⁴¹ SBA hired a contractor to determine if a PPP loan recovery audit would be cost-effective. In December 2023, SBA reversed its position and announced it would refer delinquent PPP loans of $100,000 or less to Treasury for collection.⁴²

In another example, the Treasury Department did not implement recovery audits for three programs in FY2023—ERA, Air Carrier Payroll Support, and the Homeowners Assistance Fund—on the grounds that those programs were not likely to make significant improper payments and therefore recovery activities would not be cost-effective. According to auditors, Treasury did not sufficiently justify this decision because it did not take into account new information that indicated those programs might be risk-susceptible.

Data on PaymentAccuracy.gov Are Limited

PaymentAccurcacy.gov does not include information that might be useful to Congress for conducting oversight. Notably, PaymentAccuracy.gov does not explain why agencies do not attempt to recover hundreds of billions in overpayments. For example, agencies reported $152 billion in overpayments for FY2025 combined but identified only $39 billion (26%) for recapture. There is no explanation for why agencies were not pursuing the entire $152 billion in overpayments made that year. Moreover, the government's recovery rate for overpayments excludes overpayments that agencies are not going to pursue; it measures total recoveries in a year as a percentage of overpayments identified for recapture. In FY2025, for example, agencies recovered $24 billion after having identified $39 billion for recapture, producing a recovery rate of 62%. Comparing $24 billion in recoveries to the total amount of overpayments in FY2025 ($152 billion), however, yields a recovery rate of 16%.

Some of the gap between total overpayments and overpayments identified for recapture might be due to waivers, but PaymentAccuracy.gov does not provide that information. Among the limited available data agencies included in their FY2025 financial reports, SSA issued waivers for $1.5 billion in SSI and OASDI overpayments in FY2025,⁴³ and DOL waived $218 million in overpayments for nonpandemic UI payments in FY2023, which represented 10% of total UI overpayments that year.⁴⁴ It is not known how often auditors assess the use of waivers, particularly at the state level. In DOL's FY2024 annual financial report, auditors noted that state agencies had waived $12 billion in overpayments from three unemployment programs established during the pandemic—Pandemic Unemployment Assistance, Pandemic Emergency Unemployment Compensation, and Federal Pandemic Unemployment Compensation—and that in doing so states may have unintentionally waived fraudulent payments.⁴⁵

Inadequate Controls over Pandemic Spending

The relatively steep increase in improper payments from FY2020 through FY2023 was largely the result of underlying fraud in pandemic spending, which is estimated to exceed $300 billion.⁴⁶ Emergency funding—such as that appropriated in the Coronavirus Aid, Relief, and Economic Security Act (CARES Act; P.L. 116-36)—has long been known to be susceptible to significant levels of improper payments, especially fraud.⁴⁷ When agencies have to establish new programs or quickly scale up existing ones, they often do not develop and implement adequate internal controls to prevent and detect improper payments.⁴⁸ Due to the impetus to expedite payments, the federal and state agencies that administer federal emergency funds may bypass prepayment verification controls, thereby increasing the risk of fraud.⁴⁹ Pandemic fraud might have been mitigated had more federal agencies implemented effective fraud prevention and detection controls, as required by FRDAA and then PIIA. However, auditors have determined that many agencies had not done so prior to the onset of the pandemic.⁵⁰

Lack of Prepayment Controls

Several agencies, in order to expedite the disbursal of pandemic funds, allowed applicants to self-certify their eligibility for pandemic assistance. SBA did not verify the information that applicants provided when they sought loans from two of the largest pandemic programs: EIDL and PPP. Michael Horowitz, the IG for the Department of Justice and the chair of Pandemic Response Accountability Committee, said the lack of verification directly contributed to the $200 billion of estimated fraud in the EIDL and PPP programs:

If you open up the bank window and say, give me your application and just promise me you are who you say you are, you attract a lot of fraudsters and that's what happened here.⁵¹

Similarly, many of the state agencies that determine UI eligibility allowed claimants to self-certify their applications for pandemic unemployment assistance, contributing to the loss of between $100 billion and $135 billion in program funds due to fraud.⁵²

Contractors that issued pandemic payments on behalf of federal agencies also lacked effective pre-payment controls. The Health Resources and Services Administration (HRSA), a component of HHS, managed the Uninsured Program, which reimbursed health care providers for provision of COVID-19-related services to uninsured individuals. A contractor was responsible for confirming that a patient did not have insurance prior to reimbursing a provider. The contractor, however, tried to verify a patient's insurance status only when the provider submitted a Social Security number. If no such number was provided, the contractor automatically issued a payment.⁵³ According to auditors, 92% of all claims that HRSA paid in FY2022 were automatic (unverified) because Social Security numbers were not provided. Due largely to weaknesses in pre-payment eligibility assessments, the Uninsured Program issued an estimated $784 million in improper payments, the equivalent of a 19% error rate.⁵⁴

Lack of Post-Payment Controls

Post-payment controls, such as reviewing supporting documentation and payment data, are fundamental tools for detecting and recovering improper payments. However, some agencies did not establish and implement effective post-payment controls in a timely manner. For example, the CARES Act, enacted in March 2020, established both the ERA program at Treasury and the Provider Relief Fund, a HRSA-managed program that reimbursed health care providers for costs associated with diagnosing, testing, or treating the COVID-19 virus. Twenty months after the CARES Act was passed, Treasury had issued more than $28 billion under ERA but had not established post-payment procedures to verify the eligibility and accuracy of payments to renters and identify and recover overpayments.⁵⁵ Similarly, by September 2021, HRSA had issued over $132 billion from the Provider Relief Fund but had not developed plans to identify or recover overpayments.⁵⁶

State agencies that implemented federal pandemic programs also did not implement effective post-payment controls. DOL's Employment and Training Administration, which oversees federal funds for UI, issued guidance in May 2020 that required states to detect overpayments by cross-matching the eligibility data provided by beneficiaries with employment and income data sources.⁵⁷ The DOL IG determined that 40% of state agencies did not perform the required post-payment cross-matches.⁵⁸

Lack of Fraud Risk Management Plans

The FRDAA required agencies to begin implementing the standards and leading practices of the GAO fraud risk management framework in 2016 and report on their progress in implementing the framework through FY2020. The lack of progress in implementing fraud risk controls since 2016 meant some agencies "were not adequately prepared to prevent fraud when the pandemic began."⁵⁹

Under the framework, each agency is required to identify or create an office to lead its fraud risk management activities. SBA did not establish its Fraud Risk Management Board until April 2022,⁶⁰ and DOL had not designated an anti-fraud entity by January 2023⁶¹—although it subsequently designated its chief financial officer (CFO) to serve as its improper payments coordinator.⁶² Additionally, agencies must perform fraud risk assessments for new programs as soon as possible to identify vulnerabilities in program operations. SBA did not complete its fraud risk assessments for two newly created pandemic programs, PPP and EIDL, until October 2021, when PPP had already stopped accepting applications and two months before EIDL would follow suit.⁶³

State agencies also lacked effective fraud risk management plans. The California Employment Development Department was required by state law to review its anti-fraud policies annually, but it had not done so between January 2016 and January 2021.⁶⁴ As a consequence, the agency relied on "uninformed and disjointed techniques" to detect fraud in its pandemic programs and paid an estimated $10.4 billion to potential fraudsters between March and December of 2020.⁶⁵

The GAO framework requires agencies to outline the specific actions they will take to monitor and manage fraud risks. The most effective strategies emphasize pre-payment controls, but information gained by monitoring all fraud controls can help agencies determine whether those controls are effective and how they may be adjusted to achieve better results. By January 2023—almost three years past the onset of the pandemic—SBA and DOL had only partially completed their anti-fraud strategies.⁶⁶ It is not clear how much progress SBA, DOL, and other agencies have made in implementing GAO's fraud risk framework, because the requirement that agencies report on their fraud prevention and detection policies sunset in FY2020.

Selected Legislative Proposals in the 119^th Congress

Several bills introduced in the 119^th Congress would aim to enhance oversight of agency fraud risk controls, ensure that new programs with expenditures over $100 million are more quickly subject to PIIA requirements, and impose financial penalties on states that do not make use of payment integrity tools. In addition, some Members have proposed legislation that would address the data collection challenges related to TANF improper payments.

The Improper Payments Transparency Act (H.R. 1771/S. 747)

These companion bills would require agencies to include with their budget submissions information on improper payment amounts and rates for programs subject to PIIA reporting requirements, including a description of why improper payments amounts and rates have increased or decreased for covered programs in the past three years and corrective actions the agency has taken and plans to take. This legislation might expand oversight to the House and Senate budget committees, which might in turn enhance oversight and result in a broader range of policy proposals. On the other hand, if the legislation expands the number of congressional committees with jurisdiction over improper payments issues, agencies might be unsure which committees to work with on improper payments policy development.

The Taxpayer Resources Used in Emergencies (TRUE) Accountability Act (S. 78)

The TRUE Accountability Act would require OMB to issue guidance to agencies for the development of internal control plans that are "ready or adaptable" for immediate use in emergencies or crises. The guidance must be in alignment with two GAO publications: A Framework for Managing Improper Payments in Emergency Assistance Programs and A Framework for Managing Fraud Risks in Federal Programs.⁶⁷ In addition, the guidance must require each agency's plan to identify the senior official responsible for implementing the plan, as well as policies and procedures to

• assess the risks of improper payments and fraud related to emergency appropriations or other increases in budget authority as part of the government's disaster relief response or public health emergency; and
• develop and implement appropriate responses to these risks, including changes to internal controls, prior to the expenditure of funds.

Each agency would be required to submit a plan within one year of the date of enactment, and to review its plan every three years. If the plan is amended, the agency would be required to submit the updated plan to OMB. Each agency would also be required to annually submit its plan to the Senate Committee on Homeland Security and Governmental Affairs, and the House Committee on Oversight and Government Reform.

Emergency funding has long been identified as an area with an elevated risk of improper payments and fraud. This bill has the potential to mitigate improper payments by requiring agencies to establish internal control plans for emergency spending prior to the expenditure of funds, which agencies have not always done. Oversight of these plans might be further enhanced if agencies were required to submit copies to a broader range of committees, possibly including authorizing and appropriations committees.

The Safeguarding the Transparency and Efficacy of Payments (STEP) Act (S. 80)

The STEP Act would require agencies to deem as risk-susceptible any program that has or is expected to have outlays exceeding $100 million in any one of its first three fiscal years. The bill would also require an agency's improper payments estimates to be approved by its CFO.

In addition, the bill would further require each agency to include in its annual financial statement a report on the agency's progress in implementing fraud risk controls and best practices, including those identified in GAO's fraud risk management framework, OMB Circular A-123, and GAO's Standards for Internal Controls in the Federal Government.⁶⁸

The bill would also require each agency to report its PIIA information in a document containing its financial statement—such as its annual financial report—rather than in the financial statement itself. The bill would also require each agency's CFO to include a statement in its annual financial report that (1) certifies the reliability of the agency's risk assessments and improper payments estimates and (2) describes the actions of the CFO in developing and implementing the agency's corrective action plans.

Most agencies currently report their improper payments information in their annual financial reports, so S. 80 would codify existing practice. The STEP Act might enhance oversight by requiring agencies to provide new information, in publicly available reports, that details the extent to which the agencies have implemented key internal controls, particularly those related to fraud. In addition, the bill might mitigate the fiscal exposure of newly created programs by deeming those with $100 million automatically at risk of significant improper payments and therefore subject to immediate assessment, rather than allowing agencies to wait for a year or more before assessing them. The certification requirements might also increase the efforts of agencies' CFOs to ensure PIIA compliance.

The PIIA Reform Act (H.R. 1533)

H.R. 1533 would establish an "Overpayment Czar" within OMB. The czar would assist agencies with their efforts to identify, prevent, and mitigate improper payments and fraud. In addition, the czar would be required to develop recommendations and strategies that address improper payments and to submit to the OMB Controller an annual report that proposes corrective actions to improve payment integrity. The czar would be authorized to recommend policy changes to the CFO of any agency.

The bill would require agencies to perform risk assessments for any newly established program that has or is expected to have at least $100 million in outlays in one of its first three years of operation, and for any program that has an outstanding recommendation from its inspector general for improving payment integrity. It would also require agencies to declare a new program as susceptible to significant improper payments if the program has or is expected to have outlays exceeding $100 million in one of its first three years of operation.

In addition, H.R. 1533 would reduce administrative funding for executive branch agencies that were noncompliant with PIIA, although the language is not clear on how this reduction would be calculated. For example, the legislation would reduce the "highest-level administrative appropriations account" in a particular sequestration report, although that term is not defined in the bill.

The bill would require each agency to annually submit, for the 10-year period following enactment, a report on the progress of the agency in implementing anti-fraud financial and administrative controls, the fraud risk principles in the Standards for Internal Control in the Federal Government, and the leading practices related to managing fraud risk in OMB Circular A-123.⁶⁹ The report must also discuss the agency's progress in identifying fraud risks and vulnerabilities, and in establishing strategies and procedures for curbing fraud. The report must include information on the status of implementing each of the 11 leading practices identified in GAO's Framework for Managing Fraud Risks in Federal Programs.

H.R. 1533 would also require OMB to publish a list of payment integrity tools and require states to use them for Medicaid, TANF, the Supplemental Nutrition Assistance Program (SNAP), UI, and the Special Supplemental Nutrition Program for Women, Infants, and Children (WIC). States would be required to submit a report to OMB each year that analyzes the effectiveness of these tools in preventing improper payments in these five programs. If a state "does not use payment integrity tools as required" by the bill, then it would be required to remit to the Treasury an amount equal to the total amount of overpayments it made for the five programs covered by the reporting language.

By establishing an overpayment czar, the bill might enhance executive branch oversight and policy development. For example, the czar would be able to examine improper payments government-wide, perhaps enhancing opportunities to identify and address common weaknesses in agencies' payment integrity policies and practices, particularly related to fraud schemes. On the other hand, it might be possible to assign the duties of the proposed czar to an existing position at OMB, such as the head of the Office of Federal Financial Management, thereby avoiding the need to add another position and the administrative costs that go with it.

The bill would potentially reduce the time it takes for a newly established program to be subject to PIIA's reporting requirements by up to two years. Rather than allowing agencies to wait until the program has made expenditures for a year and then conduct a risk assessment in year two, the legislation would require a program that is expected to have $100 million in outlays in any of its first three years to be immediately deemed risk-susceptible. Agencies might consider this an undue burden, as it would require them to invest resources in programs that have not demonstrated that they are risk-susceptible.

The bill would enhance transparency over agency fraud risk management practices, about which little is currently known, and provide Congress with a way to hold agencies accountable for complying with PIIA fraud prevention requirements. The hundreds of billions of dollars in fraud in pandemic programs highlighted the risks posed by inadequate fraud controls.

As noted, TANF's expenditures exceeded $14 billion in FY2024 but it has an unknown error rate because, according to HHS, the federal government does not have the authority to collect the data it needs on improper payments from the states that administer the program. By providing HHS with new data collection authority, the bill might enable the government to establish an error rate for the program and improve federal oversight of billions of dollars.

Concluding Observations

In addition to the proposals outlined above, Congress may wish to consider legislation that would enhance transparency over two areas where little data are currently available: unknown payments and uncollected overpayments.

Unknown Payments

Unknown payments are a substantial portion of federal improper payments each year. In FY2024, unknown payments totaled $12.8 billion and was the second largest category of improper payments (8%) after overpayments. In FY2023, agencies reported $44.6 billion in unknown payments, accounting for 19% of all improper payments.⁷⁰ In total, federal agencies have reported over $273 billion in unknown payments since reporting first began for FY2019.

OMB Circular A-123, which provides agencies with guidance on PIIA implementation, explains that unknown payments (UPs) are not meant to remain unknown:

If a program cannot discern whether a payment is proper or improper, the payment is considered an UP. If a program is still conducting research or going through the review of a payment at the time that the program must finish their sampling and report its results, the payment will be considered an UP for reporting purposes that year. This is done so that the program would not unintentionally over or under report the payment type results. An UP will eventually be determined to be proper or improper but because the program does not know whether it is proper or improper at the time of their review, they must call it an UP for purposes of this guidance. Programs may be required to report the review results of their UPs in future reporting years as the results become available. Agencies should not cushion their reporting timeframe specifically for the purpose of allowing the agency additional time to verify whether an UP is proper or improper.⁷¹

OMB's guidance indicates that agencies are expected to determine whether unknown payments were proper or improper. This information may be useful for oversight and policymaking; agencies do not currently report on the ultimate status of tens of billions of dollars in unknown payments.

Unknown payments that are eventually determined to be improper would increase the totals for overpayments and monetary loss, whereas those that are eventually found to be proper would reduce a program's "real" improper payment rate. The resolution of unknown payments might also shape policy decisions. Unknown payments that are determined to be fraudulent might lead agency officials and Congress to look at strengthening fraud controls, whereas unknown payments that are determined to be accidental might be addressed by providing additional training for program personnel. Congress may wish to consider requiring agencies to report on the resolution of unknown payments as part of their annual financial reports.

Uncollected Overpayments

In FY2024, agencies reported more than $135 billion in overpayments⁷² but provided little information about their recovery audits. To enhance transparency, Congress may wish to require additional reporting in agencies' annual financial reports. Information that might be useful includes the percentage and amounts of overpayments waived, charged off, or otherwise not identified for recapture for each program; the amounts of overpayments recovered and outstanding for each program and agency; and an explanation of the difference between the estimate of total overpayments and overpayments that agencies identify for recapture. Potential legislation might also require auditors to assess the process through which federal and state agencies grant waivers when the amount waived reaches a certain threshold, such as the greater of x% of a program's overpayments or $y million.

Footnotes