Fiscal Year 1998 (Second Half)

October 31, 1998

The Honorable Robert Pitofsky
Chairman
Federal Trade Commission
600 Pennsylvania Avenue, N.W.
Washington, D.C. 20580

Dear Chairman Pitofsky:

The attached report covers the Office of Inspector General's (OIG) activities for the second half of fiscal year 1998, and is submitted according to Section 5 of the Inspector General Act of 1978, as amended. The Act requires that you submit this report, with your Report of Final Action, to the appropriate Congressional committees on, or before, November 30, 1998.

During this reporting period, the OIG completed its first financial statement audit of the Federal Trade Commission. I am pleased to report that the agency received an "unqualified opinion," the highest opinion provided by independent auditors. Based on this audit work, the OIG also issued a management letter that contained a number of recommendations on how to improve the agency's financial management program. As in the past, management has been responsive in attempting to address all OIG recommendations. The report also details that the OIG completed field work on an investigative alert relating to security concerns surrounding the agency's e-mail system, closed six investigations, conducted field work relating to a peer review of another Office of Inspector General and began two new audits.

As in the past, I appreciate management's support, and I look forward to working with you in our ongoing efforts to promote economy and efficiency in agency programs.

Sincerely,

Frederick J. Zirkel
Inspector General

TABLE OF CONTENTS

TRANSMITTAL

INTRODUCTION

AUDIT ACTIVITIES

Completed Audits
Summary of Findings for Audit Reports Issued During the Current Period
Audits in Which Field Work is Complete
Audits in Which Field Work is in Process

INVESTIGATIVE ACTIVITIES

Investigative Summary

Investigations Closed During the Current

Matters Referred for Prosecution

OTHER ACTIVITIES

Significant Management Decisions

Access to Information

Internet Access

Audit Resolution Review of Legislation

Contacting the Office of Inspector General

TABLES

Table I:

Summary of Inspector General Reporting Requirements

Table II:

Inspector General Issued Reports With Questioned Costs

Table III:

Inspector General Issued Reports With Recommendations That Funds Be Put To Better Use

INTRODUCTION

The Federal Trade Commission (FTC) seeks to assure that the nation's markets are competitive, efficient, and free from undue restrictions. The FTC also seeks to improve the operation of the marketplace by ending unfair and deceptive practices, with emphasis on those practices that might unreasonably restrict or inhibit the free exercise of informed choice by consumers. The FTC relies on economic analysis to support its law enforcement efforts and to contribute to the economic policy deliberations of Congress, the Executive Branch and the public.

To aid the FTC in accomplishing its consumer protection and antitrust missions, the Office of Inspector General (OIG) was provided five workyears and a budget of $498,300 for fiscal year 1998.

AUDIT ACTIVITIES

For this semiannual period, the OIG audited the FTC's FY 1997 financial statements and issued a letter to FTC management containing financial-related findings and recommendations resulting from the audit. The OIG also prepared a draft report on electronic mail (e-mail) access vulnerabilities, initiated planning activities for the audit of the FY 1998 FTC financial statements, and began a survey of the FTC's enforcement of rules and orders. Detailed information about these topics is provided below.

Completed Audits

Audit Report Number
Subject of Audit

AR 98-040

Audit of the Federal Trade Commission's Financial Statements for the Fiscal Year Ending September 30, 1997.

   AR 98-040A
    Management Letter to FY 1997 Financial Statements

 

Summary of Findings for Audit Reports Issued During the Current Period

The objective of the OIG's audit of the FY 1997 financial statements was to determine whether the agency's financial statements present fairly the financial condition of the agency. The statements audited were the Balance Sheet, Statement of Net Cost, Statement of Changes in Net Position, Statement of Budgetary Resources, Statement of Financing, and Statement of Custodial Activity as of September 30, 1997. This represents the first time that the FTC has undertaken a financial statement audit. The agency received an "unqualified opinion," the highest opinion available from independent auditors.

To accomplish our objective, the OIG worked closely with management to prepare financial statements and supporting footnotes in accordance with OMB Bulletin 97-01, Form and Content of Financial Statements, effective September 30, 1998. Although the FTC is not subject to the provisions of the bulletin (the FTC is not a "CFO Act" agency), agency management, in collaboration with the OIG, elected to present the financial statements in the form and content prescribed in OMB Bulletin 97-01, one year in advance of OMB's mandate to prepare such statements.

The FY 1997 audited statements present a substantial amount of financial and performance information about the FTC. For example, the Balance Sheet lists agency assets of $101 million and liabilities of $83 million. Half of the $83 million in liabilities represents funds collected from defendants to be returned to consumers in the form of redress. On the revenue side, the Statement of Net Cost and Statement of Budgetary Resources show that the agency is largely self-funded due to Hart Scott Rodino Act (HSR) premerger fees collected from parties seeking merger approval. The FTC and the Department of Justice are required by law to review all merger applications meeting certain thresholds for potential anticompetitive effects. All fees are collected by the FTC, then are evenly split between the two agencies. In FY 1997, the FTC collected over $154 million in premerger fees: $77 million was transferred to DOJ. Of the Commission's $77 million, $59 million was placed in the FTC appropriation account, and $18 million was reserved to offset the agency's FY 1998 appropriation requirements. Because of this revenue source, the FTC's net cost of operations for FY 1997 amounted to just $29 million.

The Statement of Custodial Activity reveals much in the way of agency results in attacking consumer fraud. For example, the agency won court-ordered judgments totaling $142 million against defendants in consumer fraud cases. Collections against judgments totaled $22.3 million, while civil penalties of $4.5 million were deposited in the U.S. Treasury. FTC redress contractors returned $4.8 million to consumers in fiscal year 1997. Although these figures do provide a picture of agency performance, no comparative data was available since this was the first year for the statements. FY 1998 statements will enable the reader to compare performance over a two year period.

In the OIG's Management Letter, we identified 10 areas where improvements are needed in the financial operations of the agency. Four (4) of the findings pertain to the agency's redress administration program. Generally, the OIG found that the agency needs to exercise more oversight to ensure that (a) referrals of outstanding judgment debt are made in a timely manner to the Department of Treasury, Debt Management Service, (b) performance information is accurately reported to the Commission, Congress, OMB, and the public, and (c) monthly reports submitted by redress contractors are accurate. The remaining recommendations pertain to transactions affecting the accuracy and completeness of the agency's accounting records. In most cases, the agency has already taken steps to address weaknesses identified in the Management Letter, and the OIG continues to work with management to resolve the remaining recommendations.

Audits in Which Field Work is Complete

Investigative Alert Number

Subject of Audit

IA-99-07

Investigative Alert: Access Vulnerabilities to the FTC's e-mail System.
The Office of Inspector General received an allegation of wrongdoing relating to a former agency employee accessing his FTC e-mail account. Facts developed in this investigation exposed vulnerabilities relating to e-mail system access at the agency. This investigative alert details these vulnerabilities along with OIG findings and recommendations. As part of our review, the OIG sought to identify: (1) the total number of active e-mail accounts at the agency and the number of accounts belonging to former employees; (2) the number of current employee e-mail accounts that are not password protected; (3) the names of employees provided with GroupWise Remote Software; (4) the types of messages forwarded via e-mail; and (5) the number of e-mail accounts containing a rule that forwards messages to a remote location.

The OIG completed its draft report and discussed the report's findings and recommendations with management. Upon learning of access vulnerabilities, management took immediate steps to close them. Management, working with the OIG, is continuing to address systemic vulnerabilities to enhance security of the agency's e-mail system, particularly in the area of requiring that all employees "password protect" their accounts.

 

Audits in Which Field Work is in Process

Audit Report Number

Subject of Audit

AR 99-XXX

Audit of the Federal Trade Commission's Financial Statements for the Fiscal   Year Ending September 30, 1998.
The objective of this audit is to determine whether the agency's financial statements present fairly the financial position of the agency, results of operations, and cash flows or changes in financial position in conformity with generally accepted accounting principles.

The principal financial statements to be audited include: (i) Balance Sheet; (ii) Statement of Net Cost; (iii) Statement of Changes in Net Position; (iv) Statement of Budgetary Resources; (v) Statement of Financing; (vi) Statement of Custodial Activity; and (vii) Notes to the Financial Statements.

The OIG has begun planning the audit and is currently developing audit programs to test management controls and assess compliance with laws and regulations.

AR 99-XXX

Survey of the Systems Used by the Federal Trade Commission to Monitor Compliance with FTC Orders and/or Rules.
The survey objective is to gain an understanding of how the FTC (specifically, the Bureaus of Competition and Consumer Protection) monitors compliance with its orders and rules. The OIG collected rules and orders issued in 1996 and 1997 and will examine the processes and approaches employed by the bureaus to ensure compliance.

INVESTIGATIVE ACTIVITIES

The Inspector General is authorized by the IG Act to receive and investigate allegations of fraud, waste and abuse occurring within FTC programs and operations. Matters of possible wrongdoing usually come to the OIG in the form of allegations or complaints from a variety of sources, including FTC employees, other government agencies and the general public.

Reported incidents of possible fraud, waste and abuse might give rise to administrative, civil or criminal investigations. OIG investigations might also be initiated based on the possibility of wrongdoing by firms or individuals outside the agency when there is some information that indicates they are or were involved in activities intended to affect the outcome of a particular agency enforcement action. Because this kind of wrongdoing strikes at the integrity of the FTC's consumer protection and antitrust law enforcement missions, the OIG places a high priority on investigating it.

In conducting investigations during the past several years, the OIG has sought assistance from, and worked jointly with, other law enforcement agencies, including the Federal Bureau of Investigation (FBI), the Postal Inspection Service, the U.S. Secret Service, the Internal Revenue Service, other OIGs, state agencies and local police departments.

Investigative Summary

During this reporting period the OIG received 22 complaints of possible wrongdoing. Of these 22 complaints, nine (9) related to matters that the OIG determined were either the responsibility of FTC program components or the agency's ethics official. As such, the OIG referred these matters to the appropriate FTC component for disposition. Out of the remaining 13 complaints, the OIG opened three (3) new investigations and also provided investigative assistance to FTC management, another OIG, and the Drug Enforcement Administration in four (4) other matters. The six (6) remaining complaints were closed without OIG action.

Following is a summary of the OIG's investigative activities for the six-month period ending September 30, 1998. While the OIG opened three (3) new investigations during this reporting period, it also closed six (6) cases:

Cases pending as of March 31, 1998
4

       Plus: New cases

+3

       Less: Cases closed

-6
Cases pending as of September 30, 1998
1

Investigations Closed During the Current Period

Obstructions & Unauthorized Disclosures (1)

The OIG opened an unauthorized disclosure investigation in an earlier reporting period based on a news article which indicated an FTC employee might have leaked nonpublic information to a news publication. The matter related to a merger review that was being conducted by the agency's Bureau of Competition. As news accounts of prospective FTC action on the proposed merger appeared to coincide with fluctuations in the prices of the affected companies' publicly-traded stocks, the OIG assumed personal enrichment might be a motive for any leak to the media. Based on some term-of-art language used in one article, a particular FTC employee who had worked directly on the competition matter was identified as one possible source of the leak. After learning that the individual had once worked as a commodities broker before joining the FTC, a financial background check of the person was performed to identify any unusual spending patterns. None were found. As no other evidence could be developed that would indicate any other employee was involved in the leaks, the case was closed with no referrals to either management or the DOJ. Employee Misconduct and Ethical Violations (2)

1 - The OIG opened an investigation during a prior reporting period based on an allegation that a former employee might have violated a criminal conflict of interest law by accepting a job with a company that had a contract with the FTC over which the employee was involved both personally and substantially. During our review of this allegation, the OIG also reviewed agency accounting records and contractor invoices to determine if any over-billing had occurred. While the OIG found some deficiencies in how the agency monitored contractor performance, we developed no evidence of contractor improprieties. Because questions remained after the OIG interviewed the former employee regarding how and when the company offered him a job, the OIG referred the matter to the Office of Government Ethics after determining, in consultation with the DOJ, that a criminal violation of 18 U.S.C. §208 (Acts that affect a personal financial interest) was not at issue. Accordingly, the OIG closed the case.

2 - The OIG opened an investigation into serious employee misconduct after being provided with a number of copies of a scurrilous letter directed to various senior officials. The letter contained derogatory comments about certain groups and management officials at the FTC. After conducting interviews with recipients of the letter, the OIG learned that a subordinate employee of one of the managers targeted in the letter had been the subject of recent disciplinary action. After interviewing the employee, the OIG obtained fingerprint evidence from the FBI. After receipt of the fingerprint evidence results, the OIG could not conclusively prove that the subject had prepared and/or mailed the letters. Consequently, the case was closed. Crimes Against the Government (1)

During this period the OIG also initiated an investigation based on an allegation from an anonymous source that an FTC employee was misusing his government telephone to make unauthorized long distance calls (both domestic and international). After identifying a number of domestic long distance telephone calls which were made from the agency to several of the phone numbers which had been provided to the OIG by the informant, the OIG interviewed the employee's supervisor and learned that the employee had been authorized to make occasional long distance calls during work hours to family members who lived outside the local toll-free calling area. However, he was not authorized to make any international long distance calls to other family members overseas as also alleged in the anonymous complaint.

As agency phone records for the period under review did not indicate that any international phone calls were placed to the overseas numbers provided to the OIG (as alleged in the anonymous complaint), and given that the total cost of local long distance calls amounted to only a few hundred dollars, the OIG referred the matter to management to have the former employee's supervisor attempt to separate authorized long distance calls from unauthorized calls based on his earlier approvals, and then decide if any collection efforts should be undertaken. The OIG, thereafter, closed the case. Other Investigations (2)

1 - The OIG initiated an investigation in an earlier reporting period based on general allegations of possible contract improprieties by either an FTC contractor or agency employees, or both. The contract involved related to services provided to the FTC's records management unit. Specifically, it was alleged that the contractor's employees had destroyed agency records intended for storage and had also compromised the computer retrievability of FTC data in retaliation for the agency requesting that several of the contractor's employees be replaced.

After conducting interviews with FTC staff and reviewing contract records, the OIG concluded that a compliance review of the contractor's performance should be conducted. As a result, the OIG undertook and completed a compliance review of the contractor's performance in the FTC's records processing unit. The OIG issued an audit report in a prior reporting period that contained recommendations to FTC management for improving records processing within the agency. Management agreed with the OIG's recommendations and took action to implement them. In the meantime, the OIG continued to pursue investigative leads.

After locating and interviewing the contractor's former FTC on-site supervisor concerning her knowledge of wrongdoing by contractor employees, the OIG determined that there was no credible evidence that any criminal violation had occurred. Rather, primarily carelessness on the part of the contractor led to the destruction of some agency records which were to have been retained, and computer access to data was not impeded by any contractor employee. Consequently, the OIG closed the investigation.

2 - The OIG opened an investigation during this reporting period based on an allegation that a former agency attorney not only had continuing access to his FTC e-mail box since leaving the agency months earlier, but also might be reading nonpublic information that was still being forwarded to his e-mail box.

After conducting a number of interviews and reviewing FTC e-mail account listings, the OIG learned that not only did the subject of the investigation have e-mail access to his account, but also that a large number of former employees and contractors had active e-mail accounts; though, many of these individuals likely were not aware of this fact. Nevertheless, a certain number of former employees would have both the knowledge and means to remotely access their former FTC e-mail accounts and thereby obtain nonpublic information.

This investigative finding required the OIG to expand its investigation into an overall security review of agency e-mail practices. This effort resulted in the preparation of an investigative alert report (IA-99-07) that will contain a number of recommendations for enhancing e-mail security.

After interviewing the former FTC attorney about whom the allegations were made, the OIG learned that the individual had established a rule that allows for messages to be forwarded to remote locations. This information was shared with the agency's ethics officer to determine if a referral to the bar is warranted. As no evidence of criminal wrongdoing was developed and because of the prevalence of the overall weakness in agency e-mail system controls, the case was closed.

Matters Referred for Prosecution

During the current reporting period the OIG continued to work with a federal prosecutor on a case that had been referred for criminal prosecution during a prior reporting period. The investigation is continuing.

OTHER ACTIVITIES

During this reporting period the OIG also allocated resources to activities other than conducting audits and investigations. These activities involved participating on Executive Council on Integrity and Efficiency (ECIE) committees and responding to Congressional, GAO and OMB requests for information. Peer Review Activities -- A federal IG is required by the IG Act to have a peer review performed of their organization once every three years. These reviews are to be performed only by federal auditors. The FTC OIG is planning on undergoing its third peer review since opening shop in 1989. It is expected by the federal audit community that the organization seeking to be reviewed will reciprocate and conduct a review of some other OIG when asked to do so by a committee of the ECIE. A committee of the ECIE schedules the review to ensure that resources are available to perform them and that OIGs do not conduct reviews of one another. Against this background, the FTC OIG began a peer review of the OIG at the Federal Labor Relations Authority. The objectives of a peer review are to determine whether an effective internal quality control system has been established in the office and, established policies, procedures, and applicable government auditing standards are being followed.   GPRA Activities -- The OIG is a member of the agency's Government Performance and Results Act Committee. The purpose of the committee is to provide a central forum through which GPRA information, obtained from various sources in and outside the agency, can be disseminated, shared and discussed. The committee will also continually update and improve the FTC strategic and performance plans consistent with statutory mandates and program needs of the FTC.   Joint Audit Activities -- The House Subcommittee on Government Management, Information and Technology, Committee on Government Reform and Oversight is concerned about how much of a reported $47 billion in non-tax delinquent debt owed the government is ultimately collectible. FTC amounts are included in this government-wide figure. In addition to Committee concerns regarding collectibility, both GAO and Treasury's Financial Management Service (FMS) have raised additional concerns about the accuracy of the reported $47 billion of non-tax delinquent debt. In short, there is concern that not all agency accounting systems accurately capture and report this important information. To address these concerns, the Treasury OIG has asked that other PCIE/ECIE OIGs review those agency accounting systems that are used to capture and report non-tax delinquent debt.

Because of the work performed by the OIG and management in preparing audited financial statements, the FTC will be able to provide Treasury OIG and GAO with accurate information on both the amounts of non-tax debt owed the FTC and its collectibility for fiscal year 1998.

Significant Management Decisions

Section 5(a)(12) of the Inspector General Act requires that if the IG disagrees with any significant management decision, such disagreement must be reported in the semiannual report. Further, Section 5(a)(11) of the Act requires that any decision by management to change a significant resolved audit finding must also be disclosed in the semiannual report. For this reporting period there were no significant final management decisions made on which the IG disagreed, and management did not revise any earlier decision on an OIG audit recommendation.

Access to Information

The IG is to be provided with ready access to all agency records, information or assistance when conducting an investigation or audit. Section 6(b)(2) of the IG Act requires the IG to report to the agency head, without delay, if the IG believes that access to required information, records or assistance has been unreasonably refused, or otherwise has not been provided. A summary of each report submitted to the agency head in compliance with Section 6(b)(2) must be provided in the semiannual report in accordance with Section 5(a)(5) of the Act.

During this reporting period, the OIG did not encounter any problems in obtaining assistance or access to agency records. Consequently, no report was issued by the IG to the agency head in accordance with Section 6(b)(2) of the IG Act.

Internet Access

The OIG can be accessed via the World Wide Web. The OIG internet address is www.ftc.gov/oig/oighome.htm. A visitor to the OIG home page can download any of the OIG's semiannual reports to Congress that are listed, and can also browse through a list of audit reports, identifying those of interest and ordering them via an e-mail link to the OIG. In addition to this resource of information about the OIG, visitors are also provided a link to other federal organizations and offices of inspector general.

Audit Resolution

As of the end of this reporting period, all OIG audit recommendations for reports issued in prior periods have been resolved. That is, management and the OIG have reached agreement on what actions need to be taken.

Review of Legislation

Section 4(a)(2) of the IG Act authorizes the IG to review and comment on any proposed legislation or regulations relating to the agency or affecting the operations of the OIG. During this reporting period, the OIG responded to requests from OMB, PCIE and ECIE on matters related to possible changes to the IG Act.

Contacting the Office of Inspector General

Employees and the public are encouraged to contact the OIG regarding any incidents of possible fraud, waste or abuse occurring within FTC programs and operations. The OIG telephone number is (202) 326-2800. To report suspected wrongdoing, employees and the public should call the OIG's chief investigator directly on (202) 326-2581. A confidential or anonymous message can be left 24 hours a day.

The OIG is located in room 494 of the FTC Headquarters Building at 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. Office hours are from 8:30 a.m. to 6:00 p.m., Monday through Friday, except federal holidays.

TABLE I

SUMMARY OF INSPECTOR GENERAL REPORTING REQUIREMENTS

IG Act Reference
Reporting Requirement
Page(s)
Section 4(a)(2) Review of legislation and regulations
10
Section 5(a)(l) Significant problems, abuses and deficiencies
2
Section 5(a)(2) Recommendations with respect to significant problems, abuses and deficiencies
2
Section 5(a)(3) Prior significant recommendations on which corrective actions have not been made
10
Section 5(a)(4) Matters referred to prosecutive authorities
8
Section 5(a)(5) Summary of instances where information was refused
9
Section 5(a)(6) List of audit reports by subject matter, showing dollar value of questioned costs and funds put to better use
1
Section 5(a)(7) Summary of each particularly significant report
1
Section 5(a)(8) Statistical tables showing number of reports and dollar value of questioned costs
12
Section 5(a)(9) Statistical tables showing number of reports and dollar value of recommendations that funds be put to better use
13
Section 5(a)(10) Summary of each audit issued before this reporting period for which no management decision was made by the end of the reporting period
10
Section 5(a)(11) Significant revised management decisions
9
Section 5(a)(12) Significant management decisions with which the Inspector General disagrees
9

TABLE II

INSPECTOR GENERAL ISSUED REPORTS WITH QUESTIONED COSTS

 

Number

Dollar Value
(in thousands)

Questioned
Costs
Unsupported
Costs
A. For which no management decision has been made by the commencement of the reporting period
0
0
0
B. Which were issued during the reporting period
0
0
0
Subtotals (A + B)
0
0
0
C. For which a management decision was made during the reporting period
0
0
0
(i) dollar value of disallowed costs
0
0
0
(ii) dollar value of cost not disallowed
0
0
0
D. For which no management decision was made by the end of the reporting period
0
0
0
Reports for which no management decision was made within six months of issuance
0
0
0

  TABLE III

INSPECTOR GENERAL ISSUED REPORTS
WITH RECOMMENDATIONS THAT FUNDS BE PUT TO BETTER USE

 

Number

Dollar Value
(in thousands)

A. For which no management decision has been made by the commencement of the reporting period
0
0
B. Which were issued during this reporting period
0
0
C. For which a management decision was made during the reporting period
0
0
(i) dollar value of recommendations that were agreed to by management
0
0
- based on proposed management action
0
0
- based on proposed legislative action
0
0
(ii) dollar value of recommendations that were not agreed to by management
0
0
D. For which no management decision has been made by the end of the reporting period
0
0
Reports for which no management decision was made within six months of issuance
0
0