FBI pays '$10m too much for IT contractors'

The FBI has been paying consultancy invoices for IT contractors without any attempt to assess the validity of the charges, creating an overpayment of $10.1m (£5.8million).



Without new controls on the Bureau's IT projects, "weakness" and "vulnerabilities" in the payment process will remain, resulting in "questionable contractor costs."



Such is the finding of the US Government Accountability Office, which found charges were paid to consultancy contractors without approving the amounts stated in their invoices.



These costs included first-class air travel, incorrect charges for overtime hours, inflated labour rates, and "charges for which the contractors could not provide… documentation to substantiate the costs."



One individual contracting at GSA charged 371hours for one four-week period, averaging 93 hours a week, and 359 hours in the subsequent five-week period, an average of 70 hours a week.



The Office found there was "no systematic process" in place to ensure the individuals listed on invoices had actually worked on Trilogy, the FBI's IT upgrade project.



Moreover, no checks were carried out on the number of hours billed, or that the job classifications and related billing rates were appropriate, meaning freelancers working overtime decided how much a particular activity was worth.



The GSA official who paid the invoices said she relied on members of the review team that worked on-site to review the travel invoices.



These on-site review team officials indicated that their review process was based on their "general understanding" of who was travelling.



Computer Sciences Corporation, an FBI contractor, racked up the bulk of spurious sub-contractor labour costs.



According to the report, its invoices lacked basic information needed to assess costs, such as name of subcontractor worker, hours billed or individual rates.



CSC could only substantiate about $2m in labour charges out of a total £116m, although $41m of this amount represents labour charged by a subsidiary company.



In addition, the services provider billed the FBI for $456,211 (£261,708) – described on the invoice only as "other direct costs."



This fee was paid without validation, and no receipts have ever been produced to substantiate what CSC later explained was for "facilities/materials."



Beyond financial controls, the FBI also failed to establish a grip over equipment purchased for the Trilogy project, which sought to develop intelligent applications and upgrade the overall IT infrastructure.



"These control lapses resulted in more than 1,200 missing pieces of equipment valued at approximately $7.6 million," GAO's report states.



"In addition, in its own inventory counts, FBI identified 37 pieces of Trilogy equipment valued at approximately $167,000 that had been lost or stolen."



A combination of poor controls in both the finance and equipment department of the FBI came together when the Bureau hired IT trainer, CACI.



Contracted to train FBI officials in basic, intermediate and advanced MS Office, CACI spent over $52,000 on special project pens and highlighters.



"While there was supporting documentation for these costs and FBI officials stated that they pre-approved the purchases as part of their acceptance of the Trilogy Pre-Training Education Plan, we question whether these purchases were necessary," the GAO reflected.



The Bureau's decision for CACI to train its operatives outside FBI HQ led to an events planner being hired, yet CACI has failed to account for $3m it paid to the contractor.



Reviewing invoices submitted by Science Applications International Corp, the Office found the FBI was billed twice for the same subcontractor invoice, totaling $26,335.



"If these control weaknesses go uncorrected, future contracts, including those related to Sentinel—FBI's new electronic information management system initiative—will be highly exposed to improper payments," the Office concluded.



"In addition, the lack of accountability for Trilogy equipment calls into question FBI's ability to adequately safeguard its existing assets."



Responding to the report, the Bureau has agreed with over 20 recommendations to improve its controls and is beginning to realign its structure and procedures for IT contractors.