I’m reading through the Senate Select Committee on Intelligence’s report on what it did last Congress. Among a number of interesting details, the report describes really really bad accounting at the National Security Agency (NSA).
The report describes how the Intelligence Authorization Bill of 2002 required that our big intelligence agencies produce auditable financial statements by 2005. Most agencies at least showed improvement; the National Reconnaissance Office (NRO) actually fixed its books so they were auditable. But when the Committee looked at NSA’s books in 2009, they were still a complete clusterfuck.
The NSA‘s annual financial report was the exception, in that it showed no apparent improvement. In particular, the Committee was concerned about the failed implementation of NSA‘s new financial system. An NSA Inspector General report found that this system was put into operation before it was adequately tested and that operators were not properly trained to use it. The NSA also made $7 million in duplicative invoice payments, and the agency could not successfully reconcile its financial books at the end of fiscal year 2008. Further, a July 2008 Army Finance Command report, referenced by the NSA IG, found that the NSA‘s accounting system was in violation of public laws, Treasury Department financial manuals, and DoD regulations, and was inconsistent with the Federal Managers Financial Integrity Act.
After SSCI cracked heads, the NSA claimed it had fixed the problems in June 2009. Only they hadn’t.
In June 2009, the Director of NSA wrote to the Chairman and Vice Chairman, claiming that the NSA was now ―fully compliant with the laws, regulations, and manuals referenced in the U.S. Army Finance Command report and the Federal Financial Managers Integrity Act. The NSA Director‘s letter also stated that the NSA had been able to reconcile its fiscal year 2008 financial records. In July 2009, the Chairman and Vice Chairman wrote to the Secretary of Defense concerning the NSA Director‘s letter. They stated that in light of the NSA‘s past difficulties in producing auditable financial statements, the Committee believed the progress claimed by the NSA should be independently confirmed by the DoD Inspector General. Specifically, the letter requested that the DoD IG conduct a form and content review of the NSA‘s fiscal year 2009 financial statements to determine whether they were supported by reliable and accounting data and supporting information.
The Committee received the results of the DoD IG‘s review in November 2009, which was very critical of NSA‘s claims. Overall, the IG found that the NSA‘s financial statements were not adequately supported by reliable accounting data and supporting information. An even more disturbing finding was that the NSA‘s ―remediation plans do not fully address audit impediments. Specific findings included an inability to reconcile critical general ledger balances, failure to perform required accounting processes, and inconsistencies between the information contained in the notes to the financial statements and the information provided to the IG. The IG‘s findings raised serious questions about the assertions made by the NSA Director in his June 2009 letter and the support he is receiving from the administrative staff involved.
The report doesn’t actually say whether NSA has since fixed its auditing systems such that someone can actually tell whether the telecoms paid to spy on us are paid what they are supposed to be paid. So the most up-to-date information the report provides is that in late 2009, the NSA wasn’t really planning to fix the things that made it difficult to audit its books.
Along the way, some lucky telecoms (or other contractors) got paid twice. Or maybe got paid for stuff that is not on the books, who knows?
Now, $7 million is small potatoes in the great pot of money the NSA doles out to contractors. It’s not like they lost $9 billion in cash, like some other entities at DOD.
But at the same time as SSCI was discovering how bad NSA’s book-keeping practices were, they were overseeing the assignment to NSA of our Cyber Command. Keith Alexander, the guy who oversaw this book-keeping clusterfuck, is now in charge of even more secret contracts to people who spy on activities that might sweep up Americans.
Call me crazy, but NSA’s apparently inability or unwillingness to fix its book-keeping seems rather ripe for abuse.