FEDERAL DATA:

Report to Congressional Requesters

June 2026

GAO-26-107466

United States Government Accountability Office

A report to congressional requesters

Contact: Paula M. Rascona at rasconap@gao.gov

What GAO Found

Agencies can use more than 100 federal data sources—or a combination of them—to verify if recipients meet the eligibility criteria for federal programs throughout the award life cycle (which includes pre-award screening, post-award monitoring, and payment validation). As of September 2025, these included 28 data sources in the Do Not Pay working system (DNP) or designated for inclusion in DNP. However, weaknesses in data interoperability may hinder agencies’ ability to efficiently determine award and payment eligibility.

Data interoperability is the ability to share and disseminate standardized data in a way that is efficient, consistent, and accessible across different systems and users, for which high-quality data are essential. Without it, the risk of improper awards or payments increases, and the potential use of artificial intelligence and advanced analytics to assist agencies in making eligibility determinations is limited.

GAO found that, for more than 30 years, several laws and guidance have established general requirements related to data interoperability but have not established specific requirements for enforcing interoperability, such as for recipient eligibility data, throughout the federal government. Many of the data sources GAO identified, including those in DNP, were created to comply with legal requirements or to manage specific federal programs—not to support eligibility determinations for other agencies.

GAO also found a variety of obstacles and challenges that can affect the interoperability of the nine selected data sources that agencies may use for eligibility determinations (see figure).

GAO also found that insufficient or improperly documented validation rules contributed to data quality issues. All nine selected data sources had data quality

Why GAO Did This Study

Government agencies are responsible for ensuring that data, including those needed to determine whether entities are eligible to receive federal awards and funds, are interoperable and reliable. Having interoperable data among agencies and data sources is crucial to improving the federal government’s efforts to detect and prevent improper payments. The Payment Integrity Information Act of 2019 requires executive agencies to take actions to reduce improper payments, such as using DNP to ensure that they make awards and payments only to eligible recipients.

GAO was asked to review how the government can better leverage USAspending.gov and other data sources to help enhance monitoring of federal spending and potential fraud, waste, and abuse. This report describes (1) federal data sources agencies may use to verify award recipient’s eligibility, (2) the extent to which selected eligibility data sources are interoperable, and (3) the extent to which eligibility data can be matched with USAspending.gov post-award information to analyze potentially ineligible recipients.

To conduct this review, GAO

·       reviewed laws, regulations, OMB guidance, and relevant federal agencies’ websites and documentation to identify federal data sources that agencies can use to determine award recipients’ eligibility;

·       reviewed laws, regulations, policies, and OMB guidance related to data interoperability to identify requirements;

·       judgmentally selected nine eligibility data sources that were publicly available, in DNP or designated for inclusion in DNP, and included information about entities;

issues (e.g., missing, invalid, and duplicate data), and seven data sources had inconsistences between them, such as overlap in mutually exclusive data. These data quality issues undermine data reliability and interoperability for agencies seeking to make eligibility determinations.

To determine the extent to which eligibility and award data could be linked to help agencies identify whether potentially ineligible entities had received federal awards, GAO partially linked two data sources—System for Award Management (SAM) entity information and SAM Exclusion records—with USAspending.gov awards based on the unique entity identifiers (UEI). Most USAspending.gov award recipient UEIs could be linked to SAM entity information. However, most SAM Exclusion records, which identify parties excluded from receiving federal benefits and awards, such as contracts, did not have a UEI because this data source does not always require them. For the SAM Exclusion records with a UEI, GAO identified 2,074 awards to recipients that were listed in the data source at the time of the transaction. However, these matches by themselves do not indicate that the awards were improper or involved fraud, waste, or abuse. Making this determination requires specific evaluation of each case.

The inability to fully analyze SAM Exclusions and USAspending.gov data is an example of government-wide issues with data matching for recipient eligibility determinations. While analysis based on unique identifiers can support eligibility determinations, such identifiers might not always be required or available. Improved data interoperability—including standardized data elements and increased interoperability of data elements, such as names and addresses across data sources and agencies—could enable more comprehensive and efficient data matching. This would improve the government’s ability to identify potentially ineligible recipients.

In addition, several federal agencies and cross-agency groups support best practices for data management and interoperability. However, there is no data governance agency designated to establish and enforce mandatory data interoperability requirements to support recipient eligibility determinations. This has led to fragmented and inconsistent data management efforts that rely on agencies’ voluntary adoption.

Congress could help improve government-wide data interoperability for recipient eligibility data by assigning a single agency a lead role in establishing and implementing data interoperability requirements for recipient eligibility data sources. Based on its role supporting agencies in their efforts to prevent and detect improper payments and operating systems that collect, validate, and use financial, award, spending, and payment data, the Department of the Treasury could be assigned the explicit authority to establish and implement mandatory government-wide data standards and interoperability requirements for recipient eligibility data sources. Treasury could then work with the Chief Data Officer (CDO) Council and the Office of Management and Budget (OMB) to implement the requirements. Not having a data governance agency will contribute to unreliable reporting and inefficiencies as agencies attempt to determine recipient eligibility, and it will limit the government’s ability to leverage artificial intelligence and advanced analytics to identify and prevent improper awards and payments.

·       reviewed agencies’ data dictionaries and documentation of validation processes about the selected eligibility data sources for consistency with interoperability practices GAO identified;

·       tested data for fiscal years 2023 and 2024 for data quality issues, such as missing and invalid values, consistency, and comparability based on specifications established by the data owners and GAO’s professional judgment;

·       interviewed officials at Treasury, the General Services Administration, and the Department of Health and Human Services’ Office of Inspector General because they own the selected data sources; and

·       linked SAM data sources with USAspending.gov award information using UEI.

What GAO Recommends

GAO recommends that Congress consider assigning a single agency, such as Treasury, explicit authority to lead, in coordination with the CDO Council and in consultation with the OMB—and others, as needed—the development and implementation of government-wide data standards and interoperability requirements for recipient eligibility data sources. These sources include relevant financial, award, spending, and payment data needed to support eligibility determinations throughout the award life cycle. In its comments, the Bureau of the Fiscal Service agreed with the findings of GAO’s report and stated that, to be successful in setting government-wide data standards, Treasury would require clear authority to lead standardization related to eligibility data that are designated for use in DNP. OMB did not provide comments.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Abbreviations
API	application programming interface
ARL	Automatic Revocation of Exemption List
CDO	Chief Data Officer
CFO Act	Chief Financial Officers Act of 1990
CSV	Comma-Separated Values
DATA Act	Digital Accountability and Transparency Act of 2014
DNP	Do Not Pay working system
EIN	employer identification number
FAC	Federal Audit Clearinghouse
FAR	Federal Acquisition Regulation
FFATA	Federal Funding Accountability and Transparency Act of 2006
GREAT Act	Grant Reporting Efficiency and Agreements Transparency Act of 2019
GSA	General Services Administration
HHS	Department of Health and Human Services
IRS	Internal Revenue Service
JSON	JavaScript Object Notation
LEIE	List of Excluded Individuals and Entities
NIEM	National Information Exchange Model
NPI	National Provider Identifier
OFAC	Office of Foreign Assets Control
OIG	Office of Inspector General
OMB	Office of Management and Budget
PDF	Portable Document Format
PIIA	Payment Integrity Information Act of 2019
SAM	System for Award Management
SDN	Specially Designated Nationals and Blocked Persons
SSA	Social Security Administration
UEI	unique entity identifier
Uniform Guidance	Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards
UTC	Coordinated Universal Time
XML	Extensible Markup Language

June 16, 2026

Congressional Requesters

Accurate and timely eligibility data are essential for ensuring that agencies only award and pay federal funds to entities that meet applicable legal and regulatory criteria. This is especially critical in preventing the misuse of funds, including fraud, waste, and abuse. Inaccurate eligibility data, such as incomplete records, can lead to improper payments, including payments to ineligible recipients or to recipients that cannot be verified.

Quality eligibility data also enables greater transparency, accountability, and effective government operations, including the potential use of artificial intelligence to analyze large datasets, identify risks and anomalies, and support more efficient oversight. The use of eligibility information to prevent improper federal awards and payments and the role of USAspending.gov in detecting potentially improper awards are vital to safeguarding taxpayer dollars.

The Payment Integrity Information Act of 2019 (PIIA) requires executive agencies to take specific actions to identify and reduce improper payments.[1] This includes mandatory use of the Do Not Pay working system (DNP) to ensure that they make awards and payments only to eligible recipients.[2] DNP includes information from certain databases, such as those that track debarred, suspended, or excluded parties, that executive agencies may use to help prevent ineligible entities from receiving federal awards or funds.

The use of eligibility data is fundamental to maintaining the integrity of the federal procurement and grants processes. In our prior work evaluating agencies’ use of DNP, we emphasized the need for better integration of eligibility checks into award decision-making processes.[3] When agencies do not effectively use eligibility data, it increases the risk of improper federal awards and payments, undermining PIIA’s goals. This highlights the urgent need for agencies to prioritize the quality, accuracy, and accessibility of eligibility data, ensuring that they consistently apply the data to verify recipients’ eligibility before they award and pay funds.

USAspending.gov—the government’s official public source for federal spending information, including federal awards, recipients, obligations, and outlays—plays a critical role in providing transparent, accessible information on federal spending. Making this information publicly available helps enhance oversight, enabling federal agencies, including their Offices of Inspector General (OIG), and the public to detect potentially improper awards and payments.

Accurate and compatible eligibility data—data that are standardized and aligned across systems to enable consistent comparison and use—help agencies support these award decisions, perform automated and systemic eligibility checks, and capture relevant spending information. As such, ensuring that agencies can effectively match eligibility data and award spending information, to validate that only eligible entities receive federal funds, is crucial to improving the success of efforts aimed at detecting and preventing improper payments.

This report is part of a series of reports in response to your request for us to study how the government can better leverage USAspending.gov and other data sources to enhance monitoring of federal spending and to help identify and prevent fraud, waste, and abuse.[4] This report (1) describes the federal data sources that agencies may use to verify entities’ eligibility to receive federal awards, (2) determines the extent to which data in the selected federal eligibility data sources are interoperable, and (3) determines the extent to which eligibility data can be matched with post-award data from USAspending.gov to help agencies identify potentially ineligible recipients of federal awards.

For objective one, we reviewed laws, regulations, Office of Management and Budget (OMB) guidance, and relevant federal agencies’ websites and documentation to identify federal data sources agencies may use to determine recipients’ eligibility for federal awards. We obtained an understanding of the Department of the Treasury’s DNP by reviewing related web pages, documentation, and information on integrated data sources and federal agency participation, and by interviewing agency officials. We also interviewed OMB staff and officials from federal agencies that own and manage eligibility data sources or administer DNP, such as the General Service Administration (GSA), the Department of Health and Human Services’ (HHS) OIG, and Treasury, to identify and better understand federal data sources available to agencies.

To address objective two, we judgmentally selected nine data sources to assess data interoperability. We selected eligibility data sources that were publicly available, in DNP or designated for inclusion in DNP, and included information about entities. We also considered whether the data sources contained information to support eligibility determinations. We selected (1) GSA’s Federal Audit Clearinghouse (FAC) Single Audit Reports, (2) GSA’s System for Award Management (SAM) Entity Registrations, (3) GSA’s SAM Exclusions, (4) HHS OIG’s List of Excluded Individuals and Entities (LEIE), (5) the Internal Revenue Service’s (IRS) Automatic Revocation of Exemption List, (6) IRS’s Form 990-N list, (7) IRS’s Publication 78 list, (8) the Office of Foreign Assets Control’s (OFAC) Specially Designated Nationals and Blocked Persons (SDN) List, and (9) OFAC’s Non-SDN Lists.[5]

For the selected data sources, we reviewed data dictionaries and documentation of validation processes for consistency with OMB guidance and other interoperability practices we identified. These practices included the U.S. Geological Survey’s guidance on data dictionaries and metadata and Treasury’s Governmentwide Spending Data Model documentation and validation rules. We interviewed agency officials responsible for the selected sources to understand how they collected, validated, maintained, and monitored their data. In addition, we performed electronic testing of data for fiscal years 2023 and 2024 (the latest available at the time of our analyses) for apparent errors in accuracy and completeness, such as duplicate records, missing or invalid values, data formatting, and conflicting data relationships. To determine consistency across data sources, we performed electronic comparison procedures, where applicable, using exact matching.

For objective three, we narrowed our selection to the data sources that Treasury’s DNP categorized as debarment data sources and had the unique entity identifier (UEI) data element, which USAspending.gov uses.[6] We selected GSA’s SAM entity information and SAM Exclusions. We matched selected data from these data sources with relevant USAspending.gov award data for fiscal years 2023 and 2024 based on the UEI to identify awards to potentially ineligible recipients. To the extent possible, we also quantified the number and obligation amounts of awards that matched. As discussed later in the report, data limitations prevented us from analyzing the full data set to identify awards to potentially ineligible recipients using UEIs.

Because we made a nongeneralizable selection of data sources, our findings for objectives two and three cannot be used to make inferences about other data sources nor the full population of awards. However, we determined that the selection of these data sources was appropriate for our design and objectives, and that the selection would generate valid and reliable evidence to support our work. We provide additional details regarding our objectives, scope, and methodology in appendix I.

We conducted this performance audit from March 2024 to June 2026 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.

Background

Legal Framework and Guidance for Federal Award Eligibility and Payment Integrity

The Federal Funding Accountability and Transparency Act of 2006 (FFATA) requires federal awards of more than $25,000 and subawards of more than $30,000 to be displayed on a publicly accessible and searchable website, which is USAspending.gov.[7] Federal awards displayed on the website include the following:

·       Contracts. Agreements between the federal government and a prime recipient to provide goods and services for a fee, such as purchasing equipment or supplies. They include contracts, subcontracts, purchase orders, task orders, and delivery orders.

·       Financial assistance. Federal program, service, or activity that directly aids organizations; individuals; or state, local, or tribal governments, such as funding for a lower-income housing program. It includes grants, subgrants, loans, cooperative agreements, and insurance.

For purposes of this report, we refer to both contracts and federal financial assistance collectively as “federal awards.” A variety of laws, regulations, and guidance establish a framework for ensuring the integrity of award-related funds, with specific legal requirements varying based on the type of agreement used.

The Federal Acquisition Regulation (FAR), which codifies uniform policies for executive agencies to acquire supplies and services, governs most contracts. The FAR, together with individual agencies’ regulations implementing or supplementing it, provides rules for contractors’ qualifications, monitoring, and oversight. For example, prospective contractors must meet standards of responsibility in areas such as financial resources and past performance.[8] It also requires agencies and contractors to check SAM Exclusions to prevent awarding contracts and subcontracts to contractors with active exclusion records, such as contractors that have been debarred or suspended.[9]

OMB has issued Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance), reprinted in 2 C.F.R. part 200, which provides government-wide policy for executive agencies and nonfederal entities carrying out federal financial assistance programs. Among other things, it requires agencies and entities to review eligibility and to monitor activities and reports to ensure compliance.[10] OMB also provides guidance in part 170 of 2 C.F.R. to agencies on reporting awards and establishes requirements for recipients’ reporting on subawards to SAM.gov, which is then published on USAspending.gov.

PIIA requires agencies to manage improper payments by identifying risks, taking corrective actions, and estimating and reporting on improper payments in programs they administer.[11] As discussed, PIIA mandates that agencies use, at a minimum, DNP to ensure that they make awards and payments only to eligible recipients.

Treasury has a central role in managing payments for the federal government, with broad authority to disburse funds on behalf of other agencies and to maintain the financial reporting and accounting system of the federal government.[12] A 2025 executive order entitled Protecting America’s Bank Account Against Fraud, Waste, and Abuse instructed agencies to make greater use of Treasury’s centralized disbursement system.[13] It also enhanced the requirement for agencies to use DNP as part of a precertification and pre-award process. Further, the executive order directed Treasury to minimize administrative barriers to accessing and using data to prevent fraud and improper payments, such as by using existing authority to waive requirements for computer matching agreements.[14]

Do Not Pay and Federal Efforts

The Do Not Pay initiative, which PIIA statutorily authorized, provides centralized access to certain databases to verify a recipient’s payment or award eligibility before issuance.[15] DNP, which Treasury operates and OMB oversees, provides data matching, data-analytics services, and support to executive agencies in their efforts to prevent and detect improper payments. State agencies that administer federal programs may also use DNP, which is free for all authorized users.

DNP Products and Services

Treasury’s Office of Financial Integrity manages DNP and offers a variety of services and solutions, such as account and entity verification and data analytics. It provides the following services.

·       Do Not Pay Connect. Allows users to connect through a secure application programming interface for real-time, system-to-system eligibility screening by conducting single or batch queries. It also provides users with risk and confidence levels for identifying and making eligibility determinations.

·       Do Not Pay Web Portal. Provides users on-demand access through a web-based portal to conduct single eligibility searches and review batch matching results and continuous monitoring alerts. This option can also generate and export detailed reports.

·       Treasury Payment Verification. Automatically screens federal agencies’ disbursements against authoritative data to confirm identity and eligibility, helping flag ineligible payments and reduce improper payments. While this provides a critical safeguard, agencies must still conduct prepayment eligibility checks through DNP Connect and Web Portal. This service is only available to federal agencies that use Treasury for payment disbursement.

Participating states can also securely access DNP through program integrity hubs, such as the HHS’s Administration for Children & Families’ Public Assistance Reporting Information System and the Department of Labor’s Unemployment Insurance Integrity Center Integrity Data Hub. These hubs can be used, as applicable, to detect and prevent duplicate public assistance benefits, verify eligibility, identify deceased payees, confirm bank account ownership, and prevent unemployment insurance fraud, among other things.

Data Sources Used by DNP

PIIA requires that, at a minimum, agencies must review the following six databases via DNP before issuing payments and awards: (1) the Social Security Administration’s (SSA) Death Master File; (2) GSA’s SAM Exclusions; (3) Treasury Debt Check; (4) the Department of Housing and Urban Development’s Credit Alert System, also known as the Credit Alert Interactive Voice Response System; (5) HHS OIG’s LEIE; and (6) SSA’s incarcerated individuals list.[16]

As of September 2025, OMB had designated 22 additional databases for inclusion in DNP. Treasury evaluates and integrates the databases into DNP based on multiple factors, including technical feasibility; whether a database addresses a relevant root cause of improper payments; data quality and reliability; the program’s authorities; and data compatibility with the tool’s matching capabilities, such as presence of a unique identifier—for example, employer identification number (EIN) or UEI—of a potential recipient. In June 2025, OMB delegated the authority to designate data sources for inclusion in DNP to Treasury. Many of the data sources included, or designated for inclusion, in DNP were originally created to comply with legal requirements or manage specific federal programs. OMB and Treasury have since repurposed them to support more widespread payment and eligibility determinations.

The nine DNP data sources we selected for analysis, from the broader set of 28 data sources, and a brief description of each are listed in table 1.

Owner Data source	Description
General Services Administration
Federal Audit Clearinghouse (FAC)	Contains single audit reports and indicates whether a significant deficiency or material weakness was found and addressed. The Single Audit Act and related guidance require certain nonfederal entities to undergo a single audit or, in select cases, a program-specific audit. This audit evaluates an entity’s financial statements and compliance with federal awards, and entities must submit the results to FAC.
System for Award Management (SAM) Entity Registrations	Contains publicly available entity registration data for those entities that are registered in SAM to conduct business with the federal government in accordance with the Federal Acquisition Regulation and 2 C.F.R. Part 200 (2026).
SAM Exclusions	Identifies parties excluded from receiving federal benefits and awards such as contracts and federal financial assistance.
Department of Health and Human Services - Office of Inspector General
List of Excluded Individuals and Entities	Contains current information about individuals and entities excluded from participation in Medicare, Medicaid, and all other federal health care programs.
Department of the Treasury - Internal Revenue Service (IRS)
Automatic Revocation of Exemption List	Contains information about nonprofit entities whose tax-exempt status was automatically revoked because they did not file Form 990 for 3 consecutive years. Tax-exempt organizations must file an annual information return or notice with the IRS, unless an exception applies. Annual information returns include Form 990, Form 990-EZ, and Form 990-PF.
Form 990-N list	Contains Form 990-N data. Form 990-N is an annual electronic notice that most small tax-exempt organizations (i.e., organizations with annual gross receipts normally $50,000 or less) are eligible to file instead of Form 990 or Form 990-EZ.
Publication 78 list	Lists organizations that are eligible to receive tax-deductible charitable contributions.
Treasury - Office of Foreign Assets Control (OFAC)
Specially Designated Nationals and Blocked Persons (SDN) List	Contains a list of individuals, groups, and entities owned or controlled by, or acting for or on behalf of, sanctioned countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers, designated under programs that are not country specific. Such persons’ assets are blocked, and U.S. persons are generally prohibited from transacting or dealing with them.
Non-SDN Consolidated Sanctions List	Includes parties subject to specific, limited prohibitions, rather than full blocking. It consolidates individuals, groups, and entities from various OFAC lists, such as the Sectoral Sanctions Identifications, Foreign Sanctions Evaders, and others with targeted restrictions.

Source: GAO analysis of agency information.  |  GAO‑26‑107466

Note: While OFAC’s Non-SDN Consolidated List has not specifically been designated for inclusion in DNP, it is included in the SAM Exclusions, which were designated and are part of DNP. Therefore, we included it in our selection of data sources.

Users of DNP

As of July 2025, more than 60 federal government agencies use DNP. According to Treasury, DNP has demonstrated its ability to prevent improper payments. For example, Treasury officials told us that in fiscal year 2025, DNP yielded almost $5 billion in prevention and recovery of improper payments and fraud (compared to more than $2 billion in fiscal year 2024). In addition, officials said that almost $7 billion was identified in fiscal year 2025 using other tools to detect check fraud and conduct additional screenings (compared to more than $5 billion in fiscal year 2024).

OIGs’ and Our Work on Award Processes, Payment Integrity, and Use of Federal Data

Agency OIGs and we have frequently examined federal award processes; payment integrity; and agencies’ use of data-matching tools, such as DNP. We have also reported on opportunities to leverage existing tools, such as USAspending.gov, to identify potential fraud, waste, and abuse and to inform enforcement of recipient compliance. These reports have highlighted the importance of standardized data and effective internal controls to minimize fraud, waste, and abuse.[17]

For example, we have previously reported on agencies’ implementation of PIIA, including requirements and challenges with managing and reducing improper payments.[18] We have also reported on challenges agencies face regarding data matching due to a lack of government-wide data standards, adherence to existing standards, or system interoperability.[19] We and the OIGs have also reported on improving the quality of data available through USAspending.gov.[20]

While USAspending.gov can be helpful in identifying potential improper payments and fraud, its current data quality issues limit its usefulness. Our work has shown that clarifying data standards, enhancing agency practices, and reinstating OIG oversight could significantly help improve the website’s effectiveness and usefulness.[21] Our and the OIGs’ work has also emphasized that stopping improper payments before they happen through preventive controls, such as DNP, is more efficient than recovering them later (“pay and chase”).[22]

Agencies May Use Many Federal Data Sources to Verify Entities’ Eligibility Throughout the Award Life Cycle

What federal data sources may agencies use?

Agencies may use more than 100 federal data sources, including the 28 data sources in DNP or designated for inclusion in DNP, to help determine if entities, as well as individuals, qualify to receive federal awards and payments. Some of these sources include information on identity verification, financial delinquency, criminal records, and prior audit findings.[23] Agencies may use a combination of data sources to verify eligibility of recipients.[24] However, many of the data sources we identified were created to comply with legal requirements or manage specific federal programs. These data sources were not originally created to support eligibility determinations for other agencies.

Examples include the following:

·       SSA maintains data on identity, disability, U.S. citizenship, incarceration, and death to administer its own programs. Other agencies may also use these data to verify identity or eligibility for other federal programs (e.g., the Department of Housing and Urban Development uses SSA information to help verify applicant identity or eligibility for subsidized housing programs).

·       The Department of Veterans Affairs maintains data on veterans’ health, education, and compensation benefits to manage and deliver personalized benefits and services to veterans. Other agencies may also use this information when veteran status affects program eligibility (e.g., the Small Business Administration uses veterans’ information to help verify eligibility for contracting opportunities).

·       IRS publishes the tax-exempt organizations lists to make available the status of such organizations.[25] Other agencies may also use these data to verify eligibility to receive federal funding (e.g., the National Institutes of Health use IRS tax-exempt status information to monitor whether tax-exempt hospitals meet federal requirements).

How may agencies access federal data sources?

Agencies may access relevant data through public websites, by direct access to source systems, and through centralized access. For example:

·       Public website. Agencies may obtain sanctions-related data from OFAC’s website. Agencies may also obtain the list of individuals and entities that are excluded from participation in federal health care programs, such as Medicare, from the HHS OIG’s website.

·       Direct access. Agencies may verify Social Security numbers directly from the SSA State Verification and Exchange System. Agencies may also verify institutions, day care home providers, and individuals that have been terminated or otherwise disqualified from Child and Adult Care Food Program participation through the Department of Agriculture’s National Disqualified List.

·       Centralized access. Agencies may use the Federal Data Services Hub, which the Centers for Medicare & Medicaid Services primarily maintains. It is a single point of access to a variety of federal data sources, including those from SSA, the Department of Homeland Security, and IRS, to verify income, citizenship, and other eligibility factors. Similarly, the DNP Connect and Web Portal provides access to multiple federal databases, including those from IRS, OFAC, and GSA.

Depending on the type and nature of the data, statutory authorities, and privacy and security protections involved, access to certain federal data sources may be limited or require a memorandum of understanding or computer matching agreement that dictates how agencies may use, share, and protect the data.[26] For sensitive or restricted data, such as Social Security numbers or financial records, agencies must meet additional legal and technical requirements and may only access the data through secure federal systems that require proper authentication.

Laws such as the Privacy Act of 1974 and the Computer Matching and Privacy Protection Act of 1988 govern how agencies may access and use personal data.[27] These laws require agencies to establish safeguards, document formal agreements, and ensure that they use data only for authorized purposes. Congress established these protections to balance efficiency and the government’s need to verify eligibility by protecting the public’s trust and reducing misuse of personal information.

How do federal data sources help agencies verify eligibility?

Agencies may use federal data sources to improve program efficiency and verify if entities, as well as individuals, meet the eligibility criteria for federal programs throughout the award life cycle, including pre-award screening, post-award monitoring, and payment validation. These data sources support more informed decision-making, help reduce the risk of improper awards and payments, identify potential fraud, and ensure compliance with legal and policy requirements.[28]

For example, agency officials, including auditors, may use these data sources throughout the award life cycle to

·       verify identity or status, such as confirming that an individual is not deceased or that a business is properly registered in SAM;

·       check for suspensions, debarments, or other prohibitions that would disqualify an applicant from receiving federal funds, such as contracts or payments from federal programs;[29]

·       confirm compliance and assess eligibility by identifying disqualifying conditions or risks based on past performance or financial history by considering factors such as prior audit findings, failure to meet reporting requirements, or delinquent debt; and

·       identify potential fraud risks, such as duplicate or conflicting information and other inconsistencies or irregularities, that may indicate potentially fraudulent activity.

Our prior work has shown that these data sources can help corroborate self-reported information from applicants and enable more accurate and efficient eligibility determinations.[30] Having access to timely, standardized federal information also helps reduce the administrative burden on agencies and improve coordination, among other things.

Data Interoperability Weaknesses May Hinder Agencies’ Ability to Efficiently Determine Award and Payment Eligibility

What is data interoperability, and why does it matter to the federal government?

Data interoperability refers to the ability to share and disseminate standardized data in a way that is efficient, consistent, and accessible across different systems and users, for which high-quality data are essential.[31] OMB guidance directs agencies to promote open, interoperable data by building or modernizing information systems using machine-readable formats, data standards, and consistent metadata to support downstream data processing. Agencies are also required to ensure that the information is reliable by implementing rigorous pre-dissemination practices that evaluate accuracy and coherence.[32]

This approach to data interoperability is critical to support federal government efforts emphasizing the use of existing data. It requires high-quality program data to accurately evaluate the effectiveness of government programs and policies. To increase the integrity of analyses based on such data, the National Academies of Sciences, Engineering, and Medicine recommend a comprehensive quality framework that includes evaluating and documenting data interoperability concerns, including timeliness, accuracy, accessibility, coherence, interpretability, and granularity.[33] Because data interoperability depends on quality and consistency, maintaining strong data standards is essential. This includes ensuring that formats are standardized, data validation checks are effective, and agencies address inaccuracy issues, such as missing or invalid values, and duplicates.

Data interoperability allows federal data systems to exchange information and collaborate seamlessly, enabling more timely, informed, and evidence-based decision-making and increasing the efficiency and effectiveness of federal operations. In contrast, poor data quality or inconsistent data structures break down interoperability, preventing accurate or efficient record matching and data integration, which undermines the usefulness of the data. Consequently, relying on poorly matched or poorly integrated data limits agencies’ ability to inform decision-making and to implement efficient and reliable processes, including the potential use of artificial intelligence to assist users in making eligibility determinations.

Within the context of eligibility determinations, the lack of data interoperability across systems may limit agencies’ ability to efficiently and reliably determine whether a recipient is identified as ineligible in the relevant data sources. For the same reasons, officials might also be unable to determine whether previous payments were improperly made to ineligible recipients, thereby increasing the risks of improper awards or payments going undetected.

What are the requirements for federal data interoperability?

For more than 30 years, several laws and OMB and Treasury guidance have established general requirements related to data interoperability and standardization, but they have not established specific requirements for enforcing data interoperability, such as for recipient eligibility data, throughout the federal government.

Legal Requirements Related to Data Interoperability

We identified 12 laws and one executive order that promote federal data interoperability. For example, the Digital Accountability and Transparency Act of 2014 (DATA Act) and the Grant Reporting Efficiency and Agreements Transparency Act of 2019 (GREAT Act) include requirements to establish data standards and definitions for spending and grant data, respectively. In contrast, laws such as the Paperwork Reduction Act of 1995, E-Government Act of 2002, and the Foundations for Evidence-Based Policymaking Act of 2018 promote key principles, such as data standardization, sharing, reuse, and transparency. These are important aspects of data interoperability, but they do not address the establishment of government-wide data governance to establish specific requirements and help enforce interoperable data across the federal government. We summarize relevant laws and one executive order related to data interoperability in table 2.

Law or executive order	Requirements relevant to data interoperability
Federal Managers’ Financial Integrity Act of 1982, Pub. L. No. 97-255, 96 Stat. 814, codified at 31 U.S.C. § 3512(c), (d)	Requires executive branch entities to establish systems of internal control in accordance with Comptroller General standards to ensure accurate accounting, safeguarding of assets, and reliable financial reporting.
Paperwork Reduction Act of 1995, Pub. L. No. 104-13, 109 Stat. 163, codified as amended at 44 U.S.C. § 3501 et seq.	Assigns the Office of Management and Budget (OMB) responsibility for federal information dissemination and mandates the development of common standards for federal information, including interoperability. Directs OMB to develop and oversee the implementation of uniform information resources management policies, principles, standards, and guidelines.
Information Technology Management Reform Act of 1996 (also known as the Clinger-Cohen Act of 1996), Pub. L. No. 104-106, div. E, 110 Stat. 186, 679, codified at 40 U.S.C. § 11101 et seq.	Establishes agency chief information officers and tasks them with developing and implementing integrated IT architectures.
Federal Financial Management Improvement Act of 1996, Pub. L. No. 104‑208, title VIII, §§ 801 et seq., 110 Stat. 3001, 300-389-394, codified at 31 U.S.C. § 3512 note	Requires Chief Financial Officers Act of 1990 (CFO Act) agencies—24 major executive departments and large independent agencies—to implement and maintain financial management systems that comply with federal requirements, applicable accounting standards, and the U.S. Standard General Ledger at the transaction level. It promotes consistency in agency accounting practices across fiscal years and the use of uniform accounting standards.
Information Quality Act of 2000, Pub. L. No. 106-554, app. C, title V, § 515, 114 Stat. 2763, 2763A-153-155	Requires OMB to issue guidance to federal agencies for ensuring and maximizing the quality, objectivity, utility, and integrity of disseminated information.
E-Government Act of 2002, Pub. L. No. 107-347, 116 Stat. 2899, codified at 44 U.S.C. § 3601 et seq.	Establishes the Chief Information Officer Council and the Interagency Committee on Government Information to promote government information interoperability and IT standards.
Federal Funding Accountability and Transparency Act of 2006 (FFATA), Pub. L. No. 109-282, 120 Stat. 1186, codified at 31 U.S.C. § 6101 note	Establishes USAspending.gov and requires federal agencies to report information on federal awards to entities over $25,000, including unique identifiers for the award recipient and, if applicable, the parent entity (the organization that owns another entity).
Digital Accountability and Transparency Act of 2014, Pub. L. No. 113-101, 128 Stat. 1146, codified at 31 U.S.C. § 6101 notea	Expands FFATA and requires the Department of the Treasury and OMB to establish government-wide financial data standards for federal funds, including the use of common data elements and unique identifiers, to submit data on USAspending.gov. It also aimed to hold federal agencies accountable for the completeness, timeliness, quality, and accuracy of the data they submitted through reviews by their Offices of Inspector General and GAO, but that requirement sunset in 2021.
21st Century Integrated Digital Experience Act, Pub. L. No. 115-336, 132 Stat. 5025, codified at 44 U.S.C. § 3501 note	Requires agencies to standardize and modernize public-facing websites and digital services by avoiding duplicative legacy sites, ensuring searchable content, and maintaining common standards that support future shared service interoperability.
Foundations for Evidence-Based Policymaking Act, Pub. L. No. 115-435, title II, 132 Stat. 5529, 5534-5544, codified in scattered sections of 44 U.S.C. ch. 35, subch. I (2019)	Establishes a Chief Data Officer Council within OMB required to set government-wide best practices for the use, protection, dissemination, and generation of data. While the council’s statutory authorization expired on December 15, 2024, the act continues to mandate that agencies develop and maintain comprehensive data inventories, among other requirements.
Grant Reporting Efficiency and Agreements Transparency Act of 2019, Pub. L. No. 116-103, 133 Stat. 3266, codified at 31 U.S.C. § 6401 et seq.	Requires OMB and a standard-setting agency to establish government-wide data standards for information that recipients of federal grants and other financial assistance report, including standardized definitions for data elements and unique identifiers.
Payment Integrity Information Act of 2019, Pub. L. No. 116-117, 134 Stat. 113, codified at 31 U.S.C. § 3351-3358 (2020)	Encourages executive agencies to enter into computer matching agreements with other executive agencies to allow ongoing data matching (e.g., automated data matching) to detect and prevent improper payments.
Protecting America’s Bank Account Against Fraud, Waste, and Abuse, Exec. Order No. 14249, 90 Fed. Reg. 14,011, (Mar. 28, 2025)	Directs Treasury and OMB to strengthen fraud prevention and improper payment verification by expanding data access, enabling precertification checks for all Treasury-disbursed payments, and guiding agencies on data sharing for payment verification. It also requires CFO Act agencies to consolidate, standardize, and integrate their core financial systems with Treasury platforms.

Source: GAO analysis of the laws and executive order.  |  GAO‑26‑107466

^aIn March 2022, we recommended that Congress consider extending requirements for the Offices of Inspector General to periodically report on USAspending.gov data, among other things. As of February 2026, Congress had not enacted legislation to address these matters. See GAO‑22‑105715.

Data Interoperability Provisions from Guidance

We identified several guidance documents for agencies that relate to federal data interoperability. For example, Treasury and OMB guidance for USAspending.gov reporting outline specific standards, definitions, and requirements for data submitted under the DATA Act. In contrast, other OMB guidance about federal data broadly requires agencies to leverage data standards to promote alignment, comparability, and reuse of data but does not provide specific data standards, definitions, or requirements. We summarize relevant guidance in table 3.

Guidance	Relevant data interoperability guidance
Office of Management and Budget (OMB) M-15-12, Increasing Transparency of Federal Spending by Making Federal Spending Data Accessible, Searchable, and Reliable (May 8, 2015)	Provides guidance to federal agencies on reporting requirements under the Federal Financial Accountability and Transparency Act of 2006 (FFATA), as amended by the Digital Accountability and Transparency Act of 2014 (DATA Act). It directs the use of standardized data definitions published in a virtual repository and requires Treasury to publish spending data on USAspending.gov.
OMB Circular A-130, Managing Information as a Strategic Resource (July 27, 2016)	Establishes government-wide policy for managing federal information and IT resources, directing agencies to use open data standards, application programming interfaces (API), and machine-readable formats to support interoperability. It also requires agencies to implement policies, procedures, and standards that enable data governance.
OMB M-19-15, Improving Implementation of the Information Quality Act (Apr. 24, 2019)	Provides agencies with additional guidelines for their responsibilities under the Information Quality Act, including requirements for pre-dissemination quality reviews and updates to agency information quality assurance procedures. It also reinforces that agencies are required to create information that supports public transparency and enables third-party use, ensuring that data are accessible and usable. Additionally, it emphasizes that agencies must provide potential users with sufficient information about data quality, strengths, weaknesses, and analytical limitations when disseminating it publicly.
OMB M-19-18, Federal Data Strategy – A Framework for Consistency (June 4, 2019)	Establishes the Federal Data Strategy as a government-wide framework to guide federal agencies in managing and using data as a strategic asset, requiring agencies to prioritize data governance and leverage data standards to maximize data quality and facilitate access, sharing, and interoperability.
OMB M-19-23, Phase 1 Implementation of the Foundations for Evidence-Based Policymaking Act of 2018 (July 10, 2019)	Provides implementation guidance of the Foundations for Evidence-Based Policymaking Act, Pub. L. No. 115-435, title II, 132 Stat. 5529, 5534-5544, codified in scattered sections of 44 U.S.C. ch. 35, subch. I (2019), in support of statutory establishment of agency data governance roles and responsibilities for key personnel, including the newly designated Chief Data Officer (CDO) position. It also directs the CDO Council to develop government-wide best practices, promote data sharing agreements, and identify ways to improve the collection, access, and use of data.
OMB M-20-12, Phase 4 Implementation of the Foundations for Evidence-Based Policymaking Act of 2018: Program Evaluation Standards and Practices (Mar. 10, 2020)	Requires agencies to support the secondary use and dissemination of information. Notes that one effective approach is to enable reuse of evaluation data by providing clear data dictionaries or other documentation describing data sources, defining data elements, and outlining any limitations in completeness or accuracy of the data.
OMB M-21-19, Transmittal of Appendix C to OMB Circular A-123, Payment Integrity Improvement (Mar. 5, 2021)	Provides a payment integrity framework to guide agencies authorized to enter into ongoing computer matching agreements to detect and prevent improper payments.
OMB M-21-27, Evidence-Based Policymaking: Learning Agendas and Annual Evaluation Plans (June 30, 2021)	Reaffirms and expands on previous OMB guidance on learning agendas and annual evaluation plans, including OMB M-19-23 and OMB M-20-12. It provides additional guidance for implementing the Foundations for Evidence-Based Policymaking Act to support data-sharing efforts as part of evidence-based government.
OMB M-23-22, Delivering a Digital-First Public Experience (Sept. 22, 2023)	Directs agencies to deliver digital services using structured, machine-readable content and standardized interfaces, such as web APIs, to enable data exchange and promote interoperability across different systems.
Treasury Governmentwide Spending Data Model, GSDM 1.2 (Dec. 2025)	Provides government-wide data definition standards and technical guidance for federal agencies on what to report to USAspending.gov. The Department of the Treasury and OMB first released it as the DATA Act Information Model Schema in 2016, and Treasury continually updates it to reflect new legislation and policies. It includes data-reporting submission specifications, such as data elements, character limits and valid values, and validation rules.
OMB M-25-05, Phase 2 Implementation of the Foundations for Evidence-Based Policymaking Act of 2018: Open Government Data Access and Management Guidance (Jan. 15, 2025)	Requires agencies to develop and maintain a comprehensive data inventory of their data assets that uses the OMB-approved standard metadata schema, is published in open and machine-readable formats, and is interoperable with the Federal Data Catalog that the General Services Administration maintains.
OMB M-25-06, Re-establishing the Chief Data Officer Council (Jan. 15, 2025)	Reestablishes the CDO Council to establish government-wide best practices for federal data, promote interagency data-sharing agreements, and identify new technology solutions for improving the collection and use of data.

Source: GAO analysis of guidance.  |  GAO‑26‑107466

Who is responsible for data interoperability across the federal government?

While several agencies and cross-agency groups support coordination of best practices for data management and interoperability, there is no data governance agency designated to establish and enforce interoperability requirements across the federal government. Based on our research, these agencies and cross-agency groups identify shared needs and challenges, provide technical and policy guidance, and develop frameworks to enable more consistent data use and exchange. We found that none of them issue mandatory directives and some of them have limited technical and operational enforcement capacity. As a result, interoperability efforts—including those related to eligibility data sources—remain fragmented and depend on agencies’ voluntary adoption. Table 4 includes the stakeholders and a summary of their roles and responsibilities that we identified based on our research and interviews with agency officials regarding data interoperability.

Stakeholder	Management area	Roles or responsibilities
Office of Management and Budget (OMB)	Government-wide data policy	Encourages agencies to adopt data standardization and interoperability practices through the Federal Data Strategy and implementation guidance for the Foundations for Evidence-Based Policymaking Act. It also co-leads implementation of the Digital Accountability and Transparency Act of 2014 (DATA Act), ensuring transparent, accessible financial data. Further, it collaborates with the Federal Committee on Statistical Methodology—an interagency committee that OMB founded in 1975 comprising career federal employees that OMB selected based on their expertise in statistical methods—to promote consistent statistical standards and methods for federal data collection and use.
Department of the Treasury	Financial and award data reporting and disbursements	Co-leads implementation of the DATA Act, requiring agencies to report financial and award data in standardized formats in systems such as USAspending.gov and the Financial Assistance Broker Submission—a system through which federal agencies report detailed financial assistance award data—to enforce data uniformity across agencies. It also manages several government-wide financial data systems, including the Governmentwide Treasury Account Symbol Adjusted Trial Balance and other systems that support the preparation of the consolidated financial statements of the U.S. government. Furthermore, Treasury operates the Do Not Pay working system and various federal payment systems that disburse funds on behalf of agencies.
General Services Administration (GSA)	Data platforms and technology	Supports interoperability through modernizing and centralizing data systems through Integrated Award Environment systems, such as SAM.gov, which is part of the federal awards life cycle, and Data.gov, which is a central repository for federal open data.
National Information Exchange Model (NIEM) Opena	Data sharing framework and data model	Provides a framework developed through interagency and intergovernmental collaboration to support consistent data exchange and interoperability. It includes a standardized data vocabulary model for use in community-specific business areas, such as emergency management, human services, and forensic data sharing. Agencies may choose to adopt its standards but are not required to do so.
Chief Data Officer Council	Cross-agency data strategy	Coordinates data-sharing efforts and promotes best practices for the management, use, protection, dissemination, and generation of data between federal agencies. Established under the Foundations for Evidence-Based Policymaking Act, the council comprises chief data officers from the 24 major executive departments and large independent agencies (i.e., the 24 Chief Financial Officer Act of 1990 (CFO Act) agencies), other designated federal agencies, and officials from OMB. It engages with stakeholders to help improve access to federal data. It also publishes guides, playbooks, and reports, such as recommendations related to data sharing. Further, the council shares responsibilities with other interagency councils that conduct and affect data-related activities, including those focused on IT, statistics, information security, evaluation, and privacy.
Interagency Council on Statistical Policy	Statistical data integration	Advises OMB and coordinates statistical methods and systems to support interoperability of survey, census, and administrative data, and to help ensure secure, shared access to data throughout the Federal Statistical Research Data Centers. The council comprises 30 unique members, including the Chief Statistician, designated statistical officials from the 24 CFO Act agencies, as well as all heads of OMB recognized statistical agencies and units.
Shared Services Governance Board	Cross-functional steering committee	Coordinates agency inputs, recommends changes to service offerings, and supports government-wide efforts to improve service delivery efficiency. GSA manages it under OMB guidance, and it is part of the governance structure for shared IT and service delivery initiatives, including those that support data interoperability. The board operates in an advisory and coordinating capacity. Its membership includes representation across federal interagency councils, including the Chief Acquisition Officer Council, Performance Improvement Council, and Chief Data Officer Council, among others.
Chief Information Officer Council	Cross-agency federal information management	Advises OMB and the Office of Personnel Management and promotes collaboration across the federal government to improve IT practices related to cybersecurity, cloud adoption, using data, and IT workforce development. The council also shares best practices, ideas, experiences, and innovative approaches to enhance government efficiency and effectiveness and delivery of services. It comprises OMB officials and the chief information officers from the 24 CFO Act agencies, among others.
Council on Federal Financial Assistance	Financial assistance	Supports coordination of data standards and practices to help improve coordination, transparency, and accountability related to federal financial assistance awards. This interagency forum also promotes consistent application and interpretation of government-wide financial assistance policies, management practices, and business data standards, among other requirements. The Council on Federal Financial Assistance comprises OMB officials, senior financial assistance officers from the 24 CFO Act agencies, and a representative from the Small Agency Council.

Source: GAO analysis of policies and guidance.  |  GAO‑26‑107466

Note: This list may not be comprehensive. We listed the agencies and groups and a summary of their roles and responsibilities that we identified based on our research and interviews with regards to eligibility data sources, including Treasury’s Do Not Pay working system.

^aWhile the Departments of Justice, Health and Human Services, and Homeland Security originally established NIEM in 2005, it is not a federal agency. It provides a collaborative partnership among governmental agencies, operational practitioners, systems developers, standards bodies, and other stakeholders across federal, state, local, tribal, territorial, international, and private organizations.

What obstacles can affect the interoperability of selected federal data sources?

We identified three obstacles that can affect the interoperability of the nine selected federal data sources: (1) lack of comprehensive data dictionaries, (2) lack of comprehensive or documented data validation rules, and (3) inconsistencies between data sources.[34] Without clear requirements for data standards, agencies have developed datasets that use inconsistent definitions and validation rules, contributing to data quality issues. These weaknesses and inconsistencies in data management reduce the accuracy and completeness of the data and increase the difficulty of sharing and integrating data across systems.

Incomplete Data Dictionaries

Data dictionaries for eight of the nine selected data sources we reviewed were incomplete. As shown in table 5, these eight selected data sources did not include all six of the following key elements that we developed from practices identified in our prior work, as well as data standards, policies, and processes that federal agencies developed or use.[35]

·       Name. A word or set of words that the field is called.

·       Definition. Description of what data elements represent.

·       Character limit. Limit in the number of characters allowed for a field.

·       Data type and format. Description of the expected value types, such as text, string, numbers, or a date in a specific order (e.g., MM/DD/YYYY).

·       Mandatory or optional field indicator. Clarification of whether a field is required or optional, including conditional circumstances.

·       Sensitivity indicator. Identification of data elements that contain sensitive or restricted information.

Owner Data source	Name	Definition	Character limit	Data type and format	Mandatory or optional field indicator	Sensitivity indicator
General Services Administration
Federal Audit Clearinghouse	Yes	Yes	No	Yes	Yes	NA
System for Award Management (SAM) Entity Registrations	Yes	Yes	Yes	Yes	Yes	Yes
SAM Exclusions	Yes	Yes	Yes	No	No	NA
Department of Health and Human Services - Office of Inspector General
List of Excluded Individuals and Entities	Yes	Yes	Yes	No	Yes	No
Department of the Treasury - Internal Revenue Service (IRS)
Automatic Revocation of Exemption List (ARL)a	Yes	Yes	Yes	No	No	NA
Form 990-N list	Yes	Yes	Yes	No	Yes	NA
Publication 78 lista	Yes	Yes	Yes	No	No	NA
Treasury - Office of Foreign Assets Control (OFAC)
Specially Designated Nationals and Blocked Persons (SDN) Listb	Yes	No	No	Yes	No	NA
Non-SDN Consolidated Sanctions Listb	Yes	No	No	Yes	No	NA

Legend: Yes = agency data dictionary documentation included the key element; No = agency data dictionary documentation did not include the key element; NA = Not applicable because all information provided in the related files is public.

Source: GAO analysis of agency documentation.  |  GAO‑26‑107466

^aIRS did not publish and could not provide a data dictionary upon request for the ARL and the Publication 78 list. In March 2025, after our request, IRS published on its website a data dictionary for each of these data sources.

^bOFAC has different data dictionaries for different file formats. We evaluated the data dictionary for the Extensible Markup Language (XML) file only. XML is a flexible, nonproprietary set of standards for tagging information so that it can be transmitted using internet protocols and other computer systems can readily interpret it.

We found no specific federal requirements that define what a data dictionary should include, which has led to variation in how agencies manage documentation for their data. As such, the lack of complete and standardized data dictionaries contributed to other interoperability challenges. For example, inconsistent data elements and formats across sources increased the level of effort required to achieve consistency across the data sources in our analyses. These types of interoperability challenges that we encountered could also affect agencies and result in them using inconsistent or incomplete information for decision-making. For example, program staff processing federal payments or awards could have unclear or inconsistent data when making eligibility determinations, which increases the risk of errors and improper payments or awards.

Inconsistent Data Elements

We found that different data sources used different data element field names, numbers of data elements, and orders of data element fields to represent the same information. For example, while Treasury and OMB collaboratively have developed specific standards for some of these elements for certain platforms, such as USAspending.gov, there is no government-wide standard for reporting name and address. Table 6 shows examples of the fields used to represent names in the selected data sources.

Data source	Fields representing “Name”
System for Award Management Entity Registrations	legal business name dba name
Publication 78 list	business name
List of Excluded Individuals and Entities	lastname firstname midname busname
Specially Designated Nationals and Blocked Persons List	FormattedFirstName FormattedLastName FormattedFullName

Legend: dba = doing business as

Source: GAO analysis of agency documentation.  |  GAO‑26‑107466

Our prior work has found that, without clear data elements and definitions, agencies have interpreted and applied the definitions for the same data elements differently. This resulted in the reporting of data that were not comparable as well as difficulties for users in understanding and using those data.[36]

Inconsistent data elements may also lead to additional efforts, such as extra time and resources needed to combine and compare data across different data sources, and increase the risk that management may misinterpret information when making decisions.

Inconsistent Data Formats

We also encountered formatting differences, such as different character limits, and names appearing in all capital letters in one source and mixed case in another source. For example, LEIE limited name fields to a fewer number of characters than did SAM Exclusions, resulting in a middle name being truncated. This difference caused a record to appear as a mismatch between the two sources, even though it referred to the same individual.

We also found that different data sources reported address and country information in a variety of formats. For example, entries for country information in the different data sources included United States, USA, and US. These variations could reflect the use of different standards or formatting options available (e.g., Geopolitical Entities, Names, and Codes and International Organization for Standardization). Without clear documentation that specifies the required standard and formatting, determining the reason for the mismatches can be time consuming and require additional efforts to reconcile and integrate data. It may also result in the inability to compare data elements that represent the same information across data sources.

 

Types of unique identification numbers used in the selected federal data sources Unique entity identifier is an identification number that SAM.gov assigns to entities doing business with the federal government. The General Services Administration has required it since April 4, 2022, when it replaced the Dun & Bradstreet number. Employer identification number is an identification number that the Internal Revenue Service issues to administer federal tax laws for businesses, tax-exempt organizations, and other entities. National Provider Identifier is a unique identifier that the Centers for Medicare & Medicaid Services issues to covered health care providers for use in Health Insurance Portability and Accountability Act administrative and financial transactions. Source: GAO analysis of agency information.  |  GAO‑26‑107466

Lack of Common Unique Identifiers

There was no common unique identifier across all the selected data sources, as shown in table 7. Not all entities included in the data sources we reviewed conduct business with the federal government, such as foreign entities, or are required to have a UEI. The EIN was available in certain formats, such as restricted or sensitive files or on the data source owners’ websites when known in advance.

	Common unique identifiers
Owner Data source	Unique entity identifier (UEI)	Employer identifier number (EIN)	National Provider Identifier
General Services Administration
Federal Audit Clearinghouse	✓	✓
System for Award Management (SAM) Entity Registrations	✓	✓a	✓
SAM Exclusions	✓	✓b	✓
Department of Health and Human Services - Office of Inspector General
List of Excluded Individuals and Entities		✓c	✓
Department of the Treasury - Internal Revenue Service
Automatic Revocation of Exemption List		✓
Form 990-N list		✓
Publication 78 list		✓
Treasury - Office of Foreign Assets Control
Specially Designated Nationals and Blocked Persons (SDN) List
Non-SDN Consolidated Sanctions List

Legend: ✓ = Unique identifier is present in the data source for at least some records.

Source: GAO analysis of agency data.  |  GAO‑26‑107466

Note: The availability of common unique identifiers may vary within each data source, and the unique identifier may not be present for all records.

^aThe EIN is only available in the sensitive file.

^bThe EIN is not available in the public data files but may be searched in SAM.gov if known in advance.

^cThe EIN for entities (and Social Security number for individuals) is available in the restricted file, not the public file, and may be used to verify the provider in the online tool after a name match, if known in advance.

We aimed to work exclusively with publicly accessible data, which reflect the type of information agency officials would have, at a minimum, available for their decision-making. Without accessible and reliable common unique identifiers in our analyses, we sometimes relied on individual and entity names or other fields, such as country, to match records between data sources. These fields varied in name, formatting, and number of fields, further complicating exact matching. We used exact matching techniques to replicate what a human might do and to avoid making incorrect matches. We did not use “fuzzy matching”—a collection of techniques that calculate how similar the values are. Fuzzy matching without human judgment to confirm a match can reduce the accuracy and reliability of the analysis if it incorrectly identifies matches or misses true matches. For instance, it can incorrectly identify matches, such as “Global Tech Industries Inc” in one data source matching with “Global Technologies Inc” in another data source. While using common unique identifiers across databases could improve the accuracy and efficiency of data matching, we have previously reported that it may also pose challenges, such as those related to implementation and cost as well as potential security and privacy risks if identifiers were compromised.[37]

Comprehensive and required use of data dictionaries for each selected data source could have helped to mitigate these challenges by clearly documenting the structure, definitions, and formatting requirements for each data element. This information would have supported our efforts to identify and reconcile inconsistencies across sources, such as the varying data formats and field names and the lack of unique identifiers, thereby improving the reliability and efficiency of data comparisons.

Insufficient Validation Rules Contribute to Data Quality Issues

Of the nine data sources we reviewed, eight had data validation rules—quality checks that help ensure that data are valid, reliable, and accurate enough for their intended use—that were insufficient or not properly documented for the time frame we selected. In addition, the remaining data source lacked formal validation rules. For example, GSA officials stated that validation checks were built directly into SAM. However, they could not readily provide documentation to describe which rules were applied to SAM Entity Registrations and how they worked. The lack of clearly defined or documented validation rules contributed to the quality issues we found, such as incomplete, inaccurate, or duplicate data, that undermine data reliability and interoperability.

OMB guidance requires agencies to establish procedures to ensure that information is reviewed for quality before it is disseminated, but there are no specific federal requirements or guidance for what these procedures should be.[38] Therefore, we identified practices based on our prior work and policies and processes that federal agencies used.[39]

Based on the practices identified, we developed and used these five factors to assess data quality:

·       Missing values. Information in data elements is missing, which could indicate incomplete records.

·       Invalid values. Data do not conform to expected values or fall outside of valid time periods.

·       Invalid data formats. Characters and format type for the data field do not align with the data source owners’ rules and specifications, when available.

·       Conflicting data relationships. Combinations of values between data elements are illogical.

·       Duplicate values. Data entries are either full duplicates (i.e., where all the values in a record are repeated) or partial duplicates (i.e., where specific values within a record appear more than once).

All nine data sources we reviewed had at least one data quality issue based on the factors we assessed, as we summarize in table 8.

Owner Data source	Missing values	Invalid values	Invalid data formats	Conflicting data relationships	Duplicate data
General Services Administration (GSA)
Federal Audit Clearinghouse	Unclear	✓	✓	✓	✓
System for Award Management (SAM) Entity Registrations	✓	✓	X	✓	X
SAM Exclusions	✓	✓	✓	X	✓
Department of Health and Human Services (HHS) - Office of Inspector General (OIG)
List of Excluded Individuals and Entities	✓	✓	✓	X	✓
Department of the Treasury - Internal Revenue Service (IRS)
Automatic Revocation of Exemption List	✓	✓	X	✓	✓
Form 990-N list	✓	✓	X	✓	✓
Publication 78 list	✓	X	X	NA	X
Treasury - Office of Foreign Assets Control
Specially Designated Nationals and Blocked Persons (SDN) List	Unclear	✓	NA	NA	✓
Non-SDN Consolidated Sanctions List	Unclear	X	NA	NA	✓

Legend: ✓ = Data source had data quality issue based on GAO assessment; X = Data source did not have data quality issue based on GAO assessment; NA = Not applicable; Unclear = Because the agency did not provide documentation of which elements were optional or required, we were unable to determine whether the missing values were an issue.

Source: GAO analysis of agency data.  |  GAO‑26‑107466

Note: Our analyses identified issues, some of which may have been the result of evolving system and legal requirements, according to some data source owners. Related to duplicates, GSA, HHS OIG, and IRS officials told us that these duplicates may be or were valid. These officials also stated that they do not have control over errors, such as those that external parties or other officials responsible for entering the data introduced.

Treasury officials told us that all data sources in DNP undergo a validation process specific to each source at the file level, such as checking that the file is not empty and there are no unsupported file extensions. If these checks fail, Treasury notifies the data provider to correct the issues. In addition, Treasury officials told us the agency lacks the authority to require agencies that own the databases to adopt specific data standards or validation rules.

Without established and documented validation rules and procedures, data source owners may be unable to identify and resolve these issues in a timely manner. This can limit the reliability of the data for downstream use and decision-making and increase the resources needed to integrate data or address errors after data have been shared. In addition, users may be unable to understand the design and inherent limitations of a database, which may reduce data credibility and users’ confidence in the data.

Missing Values

We found that six of the nine selected data sources had missing values for selected data elements, such as address or part of the address.[40] For example, the SAM Exclusions data were missing address line 1 for 137,773 of 146,877 records we tested (more than 93 percent) and the active date of the exclusion for 13,676 of 172,091 records (almost 8 percent).[41] Missing address information limits the ability to accurately identify and verify potential recipients. Similarly, without an active date for an exclusion, users will be unable to efficiently determine when the exclusion was in effect. This can make it difficult to assess compliance with federal contract or program requirements or to identify whether an entity should have been excluded from receiving federal funds at a given point in time.

In some cases, data may be missing because they are not known—such as the address of a criminal enterprise—or because of other factors, including that the data element is not applicable to the record, requirements changed over time, legacy system limitations exist, information is not published to protect personal information, and there are errors in the data. For example, some SAM Exclusion entries related to OFAC may have been missing parts of the address information because OFAC’s processes changed over time, among other reasons. According to OFAC officials, as of February 2026 they were aware that address information for their SAM Exclusions entries was incomplete; they will continue updating their SAM Exclusion entries to the extent possible. GSA officials also told us that they collect but do not publicly publish address line 1 information for individuals, which represent 137,533 of the 137,773 records missing address line 1.

In addition, GSA officials told us that, for the data we reviewed, they had different validation rules for data submitted to SAM Exclusions through the web-based manual entry system and the bulk uploader. For example, the manual entry system requires address information for firms and individuals, while the bulk uploader, which processes an Extensible Markup Language (XML) file, did not. GSA officials said that, depending on how data are collected, there can be differences in how they apply business validation rules to each method. As a result, data that agencies submitted to SAM Exclusions have not been subject to consistent validation rules. GSA officials also told us that, as part of modernizing SAM Exclusions, since early 2026 the system requires address line 1 for data submitted through both the manual entry and bulk uploader for firms and individuals when the country is the United States or Canada. We discuss additional issues related to different data file formats later in this report.

Invalid Values

We found instances where seven of the nine selected data sources included invalid data, such as values not defined in the data dictionary and dates that fell outside valid time periods. For example, the Automatic Revocation of Exemption List (ARL) included 43 records, out of 1.1 million, with an exemption type not listed in the agency’s official list of exemption types. According to IRS officials, this error was due to a data entry issue, which they corrected in response to our inquiry. In the Form 990-N list, we found 100 records where the tax year of the filed form did not align with the tax period indicated on the form. For example, one record showed a 2014 tax form used for tax period January 1, 2015, through December 31, 2015—when a 2015 or 2016 form should have been used. IRS officials told us that they implemented a check to validate this time frame in 2017. However, the most recent record we identified is from 2022. While these exceptions represent a small number relative to the overall dataset, their presence may contribute to or exacerbate issues as additional data are incorporated over time.

In addition, we found that SAM Exclusions included active dates for two exclusion records that were set unreasonably far in the future—in the years 2084 and 2099. According to GSA officials, these exceptions were data entry errors that the agencies that entered the information had not corrected.

We were unable to verify the validity of the UEI values in two of the data sources. Specifically, we did not find 41,765 of 43,273 UEIs (almost 97 percent) from SAM Exclusions and 1,410 of 90,723 UEIs from FAC (almost 2 percent) in SAM entity information.[42] According to GSA officials, not all UEIs that SAM Exclusions create will have a corresponding SAM Entity Registration record because the entity may never have registered in SAM.gov.[43] In addition, GSA officials told us that they could not provide the list of all the UEIs that SAM Exclusions generated because it would require significant resources.[44]

GSA officials also stated that the lack of corresponding SAM entity information for FAC UEIs is primarily related to historical records (about 1,300 records) before FAC was fully implemented in GSA in October 2023 and some are related to records with FAC accepted dates prior to SAM entity registration dates.

However, without a central index to verify or manage the UEIs, the validity and uniqueness of the identifiers cannot be assured. These types of issues can lead to incorrect determinations of compliance or eligibility and could result in the use of invalid UEIs or the creation of duplicate UEIs. We discuss additional issues related to invalid UEIs later in this report.

Invalid Data Formats

We also found that three of the nine data sources had instances where data did not conform to the format specified in the data dictionary or the structure that the originating agency defined.[45] For example, we reviewed the UEIs included in the selected data sources and verified whether they conformed to the technical specifications that GSA established (e.g., a 12-character alphanumeric code). We found eight instances in SAM Exclusions and 35 instances in FAC where the UEI did not meet the GSA specifications. GSA officials told us that they implemented the validation check for the UEI data element in SAM Exclusions in July 2023 and that FAC has had UEI validation checks at multiple points during the submission process since September 2023. The records for all instances we identified in SAM Exclusions and FAC were created prior to the implementation of these validation checks.

While GSA’s validation check should help ensure that these issues do not occur in the future, older data have not been updated and are not subject to the new rules. There may also be additional issues with earlier years of data not included in our analysis. Without valid UEI values, agencies may be unable to accurately identify, track, and assess recipients and entities across datasets, limiting oversight and eligibility determinations.

Conflicting Data Relationships

In addition, four of the nine data sources we reviewed had instances where two or more data element values contradicted each other. These inconsistencies or errors within a data source can affect data interoperability by creating confusion or misalignment when sharing data or integrating it with other data sources or systems. For example, in FAC, we found 32,721 records out of 90,723 (about 36 percent) where the FAC system acceptance date was before—rather than after—the date the auditee certified its audit report submission.[46] According to GSA officials, this may occur because GSA uses the Coordinated Universal Time (UTC) and subtracts 11 hours from the FAC system acceptance date to accommodate for the different time zones. For instance, a record in FAC may display an acceptance date of January 11, 2024, and a certification date of January 12, 2024. Based on GSA’s explanation, if the acceptance occurred on January 12, 2024, before 11:00 a.m. UTC, the system’s subtraction of 11 hours would cause the acceptance date to be recorded as January 11, 2024. As a result, FAC may display the acceptance date as occurring prior to the certification date, even though the acceptance occurred on January 12, 2024. Out of the 32,721 records we found, 31,838 (about 97 percent), had an acceptance date 1 day before the auditee certified date.

In FAC, we also found about 270 records out of 90,723 (less than 1 percent) where the fiscal year duration was not the expected either 12- or 24-month length of the audit period, which may reflect data errors or inconsistencies. An audit performed in accordance with the Uniform Guidance must cover the auditee’s financial transactions for its fiscal year (or a 2-year period).[47] GSA officials told us that, while the audit period is typically 12 months, the audit period covered could be less or more than 12 months. However, based on our analysis of the audit period using the fiscal year start and end dates, we found that they ranged from 0 days to 7,669 days (about 21 years).[48] GSA officials told us that these were user-entered fields and noted that audit years are not strictly defined and may vary in length. GSA also said that more guidance from inspectors general and auditors is needed to determine allowable date ranges and whether GSA should set limits.

In the Form 990-N list, we found 16 records out of 1.4 million where the tax period end date was before the tax period start date. IRS officials told us that they implemented a validation check in 2017 to confirm that the dates are chronological, and that they applied the check retrospectively for tax years 2015 and 2016. However, 10 of the 16 records we identified were related to tax years 2015 and 2016. We also found 20 records where the tax year lasted more than 1 year, including one that spanned from 1969 to 2015. IRS officials told us that some organizations can have fiscal years as long as 53 weeks, and that they implemented a check to validate this time frame in January 2017. However, 14 of the 20 records we identified were outside the 53-week limit, and one was dated December 2017, which is after the validation check was implemented. Because validation checks generally apply to new records or are not retrospectively applied to all existing records, inaccurate or illogical data entered before IRS implemented the checks will remain in the system.

Our prior work has found that changes in data submission and reporting guidance and requirements over time may affect the completeness, consistency, and quality of data.[49] This limits data reliability, comparability, and interoperability, especially when not disclosed. As such, systems may have difficulty interpreting and properly using the data and could create mismatches, which could affect eligibility determinations that rely on accurate information.

Duplicate Data

Seven of the nine selected data sources contained duplicate records, that is, those that were the same or had some of the same information, such as unique identifier, name, and address. In some cases, agency officials explained the basis for the duplication; however, in other cases the reason was not apparent.

For example, both SAM Exclusions and LEIE contained repeated records within their respective datasets. GSA officials told us that some duplicates may be valid, but GSA is not able to validate this as the SAM Exclusions contain records received from multiple excluding agencies. They also told us that the system allows users to create duplicate records (e.g., to allow different agencies to enter the same entity excluded for different reasons), and it is up to users to determine when to create a duplicate record. HHS OIG officials told us that it is possible to have multiple LEIE records because an individual or an entity can be excluded under the same authority and on the same date in different criminal cases or by two different courts. They also stated that the instances we identified represented separate criminal cases that were sentenced on the same date and listed separately, which they said the law requires.

We also found 369,415 out of 1.4 million records in the Form 990-N list with duplicate entity names but different EINs. According to IRS officials, all organizations under a group ruling will have the same entity name, each with its own EIN.[50]

Similarly, we found that FAC had more than 2,331 duplicate records (i.e., single audit reports submitted more than once) out of 90,723 based on an analysis of the UEI and audit year. GSA officials told us that auditees may have multiple submissions for an audit year, if they need to resubmit their single audit reports. Officials also told us that, in May 2026, they plan to release functionality that allows users to update an existing audit rather than submit a new one to prevent duplicate audit submissions.

While some duplicate records within each data source may be justified, unexplained complete or partial duplicates may appear to be errors to users. While some of these errors were limited in number, they raise concerns about the overall reliability and usefulness of the data and emphasize the need for stronger validation controls to ensure data accuracy and consistency.

The lack of sufficient validation rules and checks at the time of data entry or implementing validation rules after data has been collected and shared increases the risk of errors and reduces data quality, efficiency, and performance across agencies’ processes for making eligibility determinations. These weaknesses can reduce data and systems interoperability and confidence in the data, which can lead to inaccurate and inconsistent eligibility determinations and increase the risk of potentially improper awards or payments. They may also limit the potential use of artificial intelligence and advanced analytical tools that depend on high-quality, consistent, valid data to produce accurate and useful results.[51]

Inconsistencies Between Data Sources

Seven of the nine data sources we reviewed had inconsistencies between them that limited their interoperability and hindered the accuracy and completeness of the information.[52]

 

Relationship among IRS Automatic Revocation of Exemption List, Publication 78 list, and Form 990-N list Automatic Revocation of Exemption List (ARL) shows nonprofits that lost tax-exempt status for not filing required returns for 3 consecutive years. Publication 78 list shows organizations that currently have valid tax-exempt status. Form 990-N bulk download data show the most recent filing that most small nonprofits are eligible to submit. Failing to file the required form for 3 consecutive years causes automatic revocation and placement on ARL and removal from the Publication 78 list. Source: GAO analysis of Internal Revenue Service (IRS) information.  |  GAO‑26‑107466

Unexpected Overlap

We found records that appeared in both ARL (for organizations failing to file returns required to maintain tax-exempt status) and in the Publication 78 list (organizations that are currently eligible for tax-exempt status). These lists are mutually exclusive, so the overlap raises questions about the accuracy of the data. Specifically, we found 17,175 of 974,927 records (almost 2 percent) that appeared in both ARL and the Publication 78 list based on EIN.

Furthermore, 5,287 of the 17,175 records (almost 31 percent) did not have consistent names between the two data sources, which raises questions about the uniqueness of EINs and may lead to confusion when making decisions based on these data. According to IRS officials, organizations’ names may differ because organizations may change names and ARL uses information from the time of revocation, while the Publication 78 list uses the most current information.

Organizations whose tax-exempt status has been revoked (i.e., they are in ARL) may not file a Form 990-N unless IRS first reinstates them. However, we found 23,086 records (about 2 percent) in ARL that did not appear to have been reinstated but were also listed in the Form 990-N list. This indicates that entities made Form 990-N submissions while they were ineligible for the simplified filing process. According to IRS officials, this may occur if IRS has reinstated the organization but has not updated ARL.

We also found 14,640 of 974,927 records (almost 2 percent) that were listed as automatically revoked (i.e., in ARL) before the due date of the third consecutive return they missed. IRS officials stated that this could happen for a variety of reasons, such as (1) the timing difference between when the return was filed and when the system automatically revoked the tax-exempt status, (2) the organization having been revoked more than once and the second revocation not being recorded, or (3) the organization changing its fiscal year (i.e., changed the 12-month period to track and report its finances) since the last revocation was recorded.

Mismatched Records

According to HHS OIG, SAM Exclusions should have all individuals and entities listed in LEIE. However, we did not find 13,760 of the 81,867 original LEIE records (about 17 percent) in SAM Exclusions based on either entity name or National Provider Identifier (NPI). We also did not find 3,913 of 71,407 LEIE entries from SAM Exclusions (about 5 percent) in the original LEIE data based on either the entity name or NPI.

HHS OIG officials explained that the mismatch for records prior to 2007 (about 17 percent of the 13,760 and about 66 percent of the 3,913) is likely related to manual entry errors, such as extra characters or typos. For the mismatched records after 2007 (about 83 percent of 13,760 and 34 percent of 3,913), HHS OIG officials told us that records since 2007 have been added to SAM Exclusions through an automated process. The officials said that some mismatches occurred because LEIE and SAM Exclusions capture middle names and suffixes differently. However, HHS OIG officials also said they identified transmission issues beginning in 2018 that likely prevented more than 10,000 of the 13,760 LEIE records from transferring to GSA’s SAM Exclusions. From 2018 through 2022, data transfers degraded and prevented some LEIE records from uploading to SAM Exclusions, and from April 2022 to the present, no transferred LEIE records have been uploaded to SAM Exclusions. Although we analyzed fiscal years 2023 and 2024 data, we confirmed that, as of April 2026, SAM Exclusions had six LEIE records created in September 2025 and no others since May 9, 2022. HHS OIG officials also said they are working with GSA to resolve these issues and ensure that SAM Exclusions reflect data for all exclusions. Related to the NPI, HHS OIG officials noted that the NPI data element is only updated when a user or provider notifies them. HHS OIG began collecting NPIs in 2008 and publishing them in LEIE in 2010.

In addition, according to OFAC, SAM Exclusions should also have all individuals and entities listed in OFAC’s SDN and Non-SDN Lists.[53] However, we did not find a match in SAM Exclusions for 18,634 of the 41,437 OFAC SDN entries and 1,046 of the 1,579 Non-SDN entries based on the name and related country information.[54] We also reviewed the OFAC records within SAM Exclusions and did not find 10,267 of the 36,115 OFAC entries within SAM Exclusions in the original OFAC data based on the name and related country information.[55] According to OFAC officials, many of these records did not match for a variety of reasons, such as (1) OFAC entries with multiple alternate names do not have stand-alone entries in SAM Exclusions for names considered too common or generic to support meaningful identification, (2) some OFAC entries in SAM Exclusions did not have country information or had country information incorrectly entered as the United States, or (3) historical records created in SAM Exclusions’ predecessor system did not include country information for entries related to alternate names because the legacy system did not record those data.

In May 2026, OFAC officials also told us that they are reviewing all data in SAM Exclusions and coordinating with GSA to update entries as needed, including some instances based on our findings. They also noted that they might not always be able to update some information such as when addresses are not known, historical, or associated with unrelated individuals, such as residents of large apartment buildings, which is a challenge for submitting data that they plan to discuss with GSA.

These issues result in conflicting or incomplete data, increasing the risk that agencies may not identify ineligible parties during contract, grant, or payment eligibility verification. Improving data interoperability by ensuring that all eligibility records align and are consistent would enhance agencies’ ability to accurately identify ineligible parties and strengthen program integrity.

What additional data interoperability challenges did we find?

In addition to data flaws, we identified challenges related to (1) differences across data sources in how frequently data are reported or updated, (2) the availability of historical information, and (3) the use of different data file formats. While these challenges are common when working with multiple data sources, they affect data interoperability. These challenges may also hinder agencies’ ability to use the data to make eligibility determinations, especially if agency staff do not have technical or programming expertise.

Different Reporting Cadences

Agencies update the data sources at different frequencies, and the availability of historical data varies, as we summarize in table 9. These challenges make it difficult to obtain historical information for the same period across all the selected data sources. Unaligned data may lead to inconsistent analysis over the selected period and may result in misidentifying eligible recipients. The lack of historical data may also make it difficult for auditors and others to conduct analyses and oversight.

Owner Data source	Frequency of updates	Availability of historical information
General Services Administration (GSA)
Federal Audit Clearinghousea	Basic Search: Real-time Advanced Search: Daily	From 2016 to present
System for Award Management (SAM) Entity Registrationsa	Public extract files: Monthly Sensitive extract files: Daily and monthly	Public: Monthly files available for at least the 2 most recent months; cumulative semiannual extracts for May and November, available from 2014 to present Sensitive: Daily and monthly extracts available from 2022 to present
SAM Exclusionsa	Public extract files: Daily	Cumulative semiannual extracts: - April and October from 2015 to 2021 - April and November from 2022 to present
Department of Health and Human Services - Office of Inspector General
List of Excluded Individuals and Entities (LEIE)	Monthlyb	Monthly change files available for the previous 12 months
Department of the Treasury - Internal Revenue Service
Automatic Revocation of Exemption List (ARL)	Monthlyb	Cumulative list, includes historical records
Form 990-N list	Weekly	Not available on the bulk download data file, but available on the Tax Exempt Organization Search tool
Publication 78 list	Monthlyb	No historical data available
Treasury - Office of Foreign Assets Control
Specially Designated Nationals and Blocked Persons (SDN) Lista	Frequently, as needed	Annual extract of changes available by year
Non-SDN Consolidated Sanctions Lista	Frequently, as needed	Annual extract of changes to the various Non-SDN Sanctions Lists available by year

Source: GAO analysis of agencies’ information.  |  GAO‑26‑107466

Note: In 2025, GSA began deleting SAM Entity Registration records older than 10 years, in accordance with its record retention policy. Unique entity identifiers without recent active registrations will remain but with limited data.

^aData can also be obtained using the application programming interface, which may have a different update frequency and historical availability.

^bWhile the updates are monthly, ARL and the Publication 78 list are generally updated on the second Tuesday of each month and LEIE by the middle of each month.

To identify all individuals and entities that each list included at any point during fiscal years 2023 and 2024, we could not rely on a single annual file or download for some of the data sources.[56] This is because these lists generally reflect status as of the publication date and do not provide a complete historical account of changes, such as deletions.

To illustrate, LEIE did not have a single file publicly available for fiscal years 2023 and 2024.[57] As such, we used the list that HHS OIG published for exclusions active as of October 2024 and joined it with 26 monthly supplement files documenting reinstatements and exclusions, to capture all changes for fiscal years 2023 and 2024. However, combining and merging files may lead to errors and inefficiencies in reconstructing historical data.

In addition, for SAM Exclusions, we used the semiannual cumulative extracts, which could have inadvertently missed any additions, modifications, or removals that occurred within the same 6-month period. As a result, the dates included in some of the data sources may not have aligned with fiscal years 2023 and 2024.[58]

Different Data File Formats

The selected data sources were in different data file formats. While agencies should make data available in multiple, nonproprietary formats to meet the needs of a wide range of users, the lack of consistency can make it difficult to compare or combine them accurately and requires more time to clean and reformat the data. For example, as we show in figure 1, Comma-Separated Values and Pipe Delimited Text files use different characters to separate data, fixed-field formats rely on precise character spacing to identify each data element, and XML files use tags to structure data. We provide additional details of the types of files publicly available for each data source in appendix II.

Having data in multiple file formats can introduce efficiency and integration challenges, even if files are machine readable as required. For example, a data analyst would need extra time and must use a manual process or write a computer program to convert data into consistent structures for integration and analysis. This process increases the risk of errors, such as truncation or dropped values, and could result in failure to integrate. While artificial intelligence could help automate some of the processes needed to clean or transform the data, the need for manual intervention or computer programming to address data inconsistencies would not be eliminated.

Note: The data elements in this figure are for illustrative purposes only and may not reflect the actual data elements included in each data source or file format. We fabricated all entity information in this figure.

What can be done to help improve data interoperability across eligibility data sources?

Congress could take actions to help ensure the development and enforcement of requirements to improve government-wide data interoperability for recipient eligibility data. Agencies are required to manage information as an asset, ensuring that systems are designed to maximize interoperability and accessibility.[59] However, no current government-wide standards exist to help ensure that the recipient eligibility data can be used across federal agencies. Specifically, while various efforts have promoted data interoperability across the federal government, none have established comprehensive, government-wide requirements—such as standardized data file formats, definitions, or oversight bodies—to enforce data standards for recipient eligibility data. Laws such as the DATA Act and the GREAT Act have required more uniform data practices for USAspending.gov and financial assistance reporting, respectively. However, we have previously identified implementation challenges, such as incomplete data and inconsistencies in data definitions.[60] In addition, OMB guidance, such as OMB M-19-15 and the Federal Data Strategy, underscores the requirement for agencies to produce high-quality, transparent, and usable data through the value of leveraging data standards. However, the guidance lacks detailed specifications (e.g., data standards, dictionaries, and validation rules) and enforcement mechanisms.

The federal government does have entities in place that could be coordinated and used to establish requirements for recipient eligibility data, including data that support eligibility determinations throughout the award life cycle. Treasury could establish technical standards because it supports agencies’ efforts to prevent and detect improper payments. The department also operates systems that collect, validate, and use government-wide financial, award, spending, and payment data. The Chief Data Officer (CDO) Council could help facilitate agency input and ensure that the standards align with broader federal data governance and agency practices. In addition, OMB could support consistent implementation through its policy and budget oversight roles, while coordinating with relevant federal agencies to ensure alignment across stakeholders and effectiveness in implementation.

Congress could require these entities to work together in establishing and implementing data interoperability requirements for recipient eligibility data sources. Specifically, Congress could assign Treasury explicit authority to lead, in coordination with the CDO Council and in consultation with OMB—and others, as needed—the development and implementation of government-wide data standards and interoperability requirements. This would include developing and implementing common data elements, definitions, dictionaries, validation, and disclosures for recipient eligibility data sources, including relevant financial, award, spending, and payment data needed to support eligibility determinations throughout the award life cycle.

This approach would improve coordination, optimize data sharing, enhance data quality, and support more efficient eligibility determinations across the federal government. It could also lead to more reliable reporting, strengthen the foundation needed for the effective use of artificial intelligence, and enable agencies to use other advanced analytical tools that depend on accurate and reliable data.

Comparability of USAspending.gov and SAM Data and Efficient Identification of Potentially Ineligible Recipients

Could we link SAM data with USAspending.gov award data to identify potentially ineligible recipients?

Yes, partially. We were able to link most of the fiscal years 2023 and 2024 USAspending.gov award data to SAM entity information using UEIs. However, most of the SAM Exclusion records did not have a UEI and could not be linked to SAM entity information. As such, we could not fully analyze the data to identify awards to potentially ineligible recipients using UEIs, as we summarize in table 10.

Source	Count or amounta	Notes
USAspending.gov awards	20.3 million	Total contracts and financial assistance awards
Awards with valid UEI	12.8 million	Awards with UEI matched to SAM entity information
Awards without UEI	7.4 million	Awards with no UEI present, mostly for financial assistance aggregate awards that do not require a UEI
Awards with invalid UEI	2,969	Awards with UEI that did not match SAM entity information
SAM Exclusion records	172,091
Exclusions with valid UEI	41,822	Exclusions with UEI matched SAM entity information or SAM Exclusions web search
Exclusions without UEI	128,818	Exclusions with no UEI present, mostly for records that do not require a UEI (e.g., individuals)
Exclusions with invalid UEI	1,451	Exclusions with UEI that did not match SAM entity information or SAM Exclusions web search
Matched awards based on the UEI	2,074	With active exclusion at the time of transaction
Total obligations amount of matched awards	$626.2 million	Obligations as of February 2025

Legend: UEI = unique entity identifier.

Source: GAO analysis of USAspending.gov and SAM.gov data.  |  GAO‑26‑107466

Notes: We downloaded USAspending.gov award data for fiscal years 2023 and 2024 on February 3, 2025. While USAspending.gov is the official public source of federal spending information, we have previously reported issues with the quality of award data that could limit the reliability of matches in our analysis. See GAO‑22‑104702 and GAO‑24‑106214.

We matched based only on the UEIs; records and awards without UEIs were not eligible for matching. These matches by themselves do not indicate that the awards were improper or involved fraud, waste, or abuse. We did not evaluate recipient eligibility of the awards to entities included in SAM Exclusions because our evaluation focused on the feasibility of linking award and exclusion records; eligibility and compliance determinations are the responsibility of the awarding agencies and require the specific evaluation of each case. Because we made a nongeneralizable selection of data sources, our findings may not be used to make inferences about other data sources nor the full population of awards. For details on our methodology, see app. I.

^aCounts represent number of records, unless otherwise noted. Dollar value is presented in millions.

We identified 2,074 awards with transactions involving 137 entities (based on the UEI) that were listed in the SAM Exclusion records at the time of the transaction.[61] As of February 2025, total obligations for these 2,074 awards were $626.2 million. However, these matches by themselves do not indicate that the awards were improper or involved fraud, waste, or abuse. Making this determination would require specific evaluation of eligibility of the entities for each of these awards to assess whether any awards were improper or involved fraud, waste, or abuse.

The matches we identified represent the minimum number of known cases. Additional matches may exist, but we could not identify them because most records in SAM Exclusions and most financial assistance awards did not have the UEIs needed for our analysis because they were not required to have them (e.g., SAM Exclusions do not require UEIs for individuals, and financial assistance awards that are aggregated to protect personal identifiable information of individuals do not include UEIs in USAspending.gov). As a result, the matches we found likely represent only a portion of the UEIs listed in the SAM Exclusions records that received awards in fiscal years 2023 and 2024.

The inability to fully analyze SAM Exclusions and USAspending.gov data is an example of government-wide issues with data matching for recipient eligibility determinations. Although data matching based on unique identifiers can support eligibility determinations, such identifiers may have limitations. For example, they might not always be required or available. Improved data interoperability—including standardized data elements and increased interoperability of data elements, such as names and addresses, across data sources and agencies—could enable more comprehensive and efficient data matching and improve the government’s ability to identify potentially ineligible recipients. In contrast, inconsistent or noninteroperable data may limit data matching, reducing the ability to identify potentially ineligible recipients and increasing the risk of improper awards or payments.

Conclusions

Federal agencies may use a wide range of data sources and systems to make eligibility decisions and safeguard against improper payments. However, we found that data in the selected data sources were not interoperable, partly because data dictionaries are incomplete, validation rules are insufficient or not properly documented, and data quality issues exist. These challenges may also hinder use of artificial intelligence to assist in making eligibility determinations, a process that relies on timely, high-quality, and integrated data.

Currently, there is no data governance agency designated to establish and enforce mandatory data interoperability requirements needed to support recipient eligibility determinations throughout the federal government. Until Congress establishes this requirement, oversight and payment integrity efforts and the government’s ability to effectively leverage artificial intelligence and advanced analytics to determine recipient eligibility can be limited. Treasury could be assigned this explicit authority based on the department’s role in operating systems that collect, validate, and use government-wide financial, award, spending, and payment data. With such authority, Treasury could work with the CDO Council and OMB to establish and implement interagency data requirements to help improve agencies’ ability to identify and prevent improper awards and payments and potential fraud, waste, and abuse.

Matter for Congressional Consideration

Congress should consider assigning Treasury explicit authority to lead, in coordination with the CDO Council and in consultation with OMB—and others, as needed—the development and implementation of government-wide data standards and interoperability requirements, including data definitions, dictionaries, validation rules, and disclosures, for recipient eligibility data sources, including relevant financial, award, spending, and payment data needed to support eligibility determinations throughout the award life cycle. (Matter for Consideration 1)

Agency Comments

We provided a draft of this report to Treasury’s Bureau of the Fiscal Service, OFAC, HHS OIG, IRS, GSA, and OMB for review and comment.

Fiscal Service provided written comments that are reprinted in appendix III and summarized below. Fiscal Service, OFAC, and HHS OIG provided technical comments, which we incorporated as appropriate. IRS and GSA did not have any comments on the report. OMB did not provide comments on the report.

In its comments, Fiscal Service agreed with the findings of our report. The bureau stated that its authorities do not extend to requiring other agencies to adopt specific data standards, validation rules, or interoperability practices for their source systems that produce eligibility data. Fiscal Service further said that to be successful in setting government-wide data standards, Treasury would require clear authority and sufficient resources, including the authority to lead standardization related to eligibility data that are designated for use in DNP.

We are sending copies of this report to the appropriate congressional committees, the Director of the Office of Management and Budget, the Secretary of the Treasury, the Administrator of the General Services Administration, and the Inspector General of the Department of Health and Human Services. In addition, the report is available at no charge on the GAO website at https://www.gao.gov.

If you or your staff have any questions about this report, please contact me at rasconap@gao.gov. Contact points for our Offices of Congressional Relations and Media Relations may be found on the last page of this report. GAO staff who made key contributions to this report are listed in appendix IV.

Paula M. Rascona
Director
Financial Management and Assurance

List of Requesters

The Honorable James Lankford
Chairman
Subcommittee on Border Management, Federal Workforce and Regulatory Affairs
Committee on Homeland Security and Governmental Affairs
United States Senate

The Honorable Joni K. Ernst
United States Senate

The Honorable Margaret Wood Hassan
United States Senate

This report describes (1) the federal data sources that agencies may use to verify entities’ eligibility to receive federal awards, (2) the extent to which data in the selected federal eligibility data sources are interoperable, and (3) the extent to which data from selected federal eligibility data sources can be matched with post-award data from USAspending.gov to assist agencies’ analysis of awards to potentially ineligible recipients.

To address objective one, we reviewed laws, regulations, Office of Management and Budget (OMB) guidance, and federal agencies’ websites and documentation to identify more than 100 federal data sources that agencies can use to determine recipients’ eligibility for federal awards. We also obtained an understanding of the Department of the Treasury Do Not Pay working system (DNP), including its components, integrated data sources, the purpose of data sources, the process for designating data sources for inclusion in DNP, and federal agency participation. In addition, we interviewed OMB staff to understand their role in the Do Not Pay initiative, and what requirements, if any, exist to help ensure the interoperability of its data sources. We also interviewed General Services Administration (GSA) officials; Department of Health and Human Services’ (HHS) Office of Inspector General (OIG) officials; and Treasury officials from the Bureau of the Fiscal Service, the Internal Revenue Service (IRS), and the Office of Foreign Assets Control (OFAC) to identify and better understand

·       federal data sources these agencies own and manage,

·       the data sources’ purpose and availability, and

·       how the data sources can support agencies’ determinations of recipient eligibility.

We selected these agencies based on the criteria described in objective two.

To address objective two, we reviewed laws, regulations, policies, and OMB guidance related to data interoperability. We judgmentally selected nine data sources from the 28 DNP data sources we identified in objective one, to assess the extent to which they were interoperable. We selected federal data sources based on whether they were publicly available, in DNP or designated for inclusion in DNP, and included information about entities. We did not include data sources that included only individuals because our scope focused on entities. We also considered whether the data sources contained information to support eligibility determinations. Specifically, we selected (1) GSA’s Federal Audit Clearinghouse (FAC), (2) GSA’s System for Award Management (SAM) Entity Registrations, (3) GSA’s SAM Exclusions, (4) HHS OIG’s List of Excluded Individuals and Entities (LEIE), (5) IRS’s Automatic Revocation of Exemption List (ARL), (6) IRS’s Form 990-N list, (7) IRS’s Publication 78 list, (8) OFAC’s Specially Designated Nationals and Blocked Persons (SDN) List, and (9) OFAC’s Non-SDN Lists. While OFAC’s Non-SDN Lists have not specifically been designated for inclusion in DNP, they are included in SAM Exclusions, which was designated and is part of DNP. Therefore, we selected the Non-SDN Lists as a data source for this work.

Because we made a nongeneralizable selection of data sources, our findings for this objective cannot be used to make inferences about other data sources. However, we determined that the selection of these data sources was appropriate for our design and objectives and that the selection would generate valid and reliable evidence to support our work.

For the nine selected data sources, we reviewed data dictionaries and documentation of validation processes for consistency with interoperability practices we identified and judgmentally selected. We researched OMB guidance and our previous work and incorporated other federal practices related to supporting and enabling data interoperability.[62] For example, OMB M-19-18 discusses the need to adopt or adapt, create as needed, and implement data standards to maximize data quality and to facilitate use, access, sharing, and interoperability.[63] The National Institute of Standards and Technology emphasizes the importance of structured data management and metadata, in which a data dictionary plays a crucial role. However, OMB guidance and the National Institute of Standards and Technology do not specify data standards or describe what data standards should include. Therefore, we leveraged practices included in the guidance on data dictionaries and metadata from the U.S. Geological Survey and the documentation and validation rules from Treasury in the Governmentwide Spending Data Model.

We assessed whether agencies documented data dictionaries and data validation processes and their content based on practices identified in our prior work, as well as data standards, policies, and processes that federal agencies developed or use.[64] Specifically, we assessed whether data dictionaries identified each data element by name and included its definition and details, such as data type, character limits, and whether it is required or optional. We also discussed these processes with relevant agency officials to understand how the data are collected, validated, maintained, and monitored.

We also performed electronic testing of data from the selected data sources for fiscal years 2023 and 2024 (the latest data available at the time of our analyses). We aimed to work exclusively with publicly accessible data, which we determined reflects the type of information agency officials would have, at a minimum, available for their decision-making. We also attempted to align the date range for the selected data sources for fiscal years 2023 and 2024. However, we could not always align the date range for some of the data sources because of their reporting periods and cadence. Specifically, for each of the data sources, we obtained and used data as follows:

·       FAC. On May 13, 2025, we downloaded public data from the FAC application programming interface (API) with a FAC accepted date from October 1, 2022, through September 30, 2024.

·       SAM Entity Registrations. On August 29, 2024, we downloaded three files from SAM.gov dated April 2, 2023, October 1, 2023, and April 7, 2024. On October 9, 2024, we downloaded the file dated October 6, 2024. According to the website, each file includes registrations that were active as of the date of the file and inactive registrations for the previous 6 months. Because the dates of the files varied, there may have been records not included in our data. Our data analysts had access to additional information restricted to authorized users, such as Taxpayer Identification Number (i.e., Social Security number or employer identification number). However, we did not use it for our data matching tests because it is not publicly available.

·       SAM Exclusions. On August 28, 2024, we downloaded four publicly available files from SAM.gov dated November 2022, April 2023, November 2023, and April 2024. On January 3, 2025, we downloaded the file dated November 2024.[65] According to the website, each semiannual extract file includes all active exclusions at the time the file is generated. Because the as of date of the files is unclear, there may have been records not included in our data.

·       LEIE. On November 26, 2024, we downloaded from HHS OIG’s website the monthly supplements files for January 2023 to September 2024. In December 2024, HHS OIG officials provided us the files for October 2022 through December 2022 that were no longer available on the website. On November 27, 2024, we downloaded from HHS OIG’s website the October 2024 LEIE database along with the October 2024 monthly supplement files documenting reinstatements and exclusions. Although HHS OIG could have provided a single file for the period under our review with additional information restricted to authorized users, such as Taxpayer Identification Numbers, doing so would have required a memorandum of understanding. We chose not to pursue this option as we aimed to rely on publicly accessible data.

·       ARL, the Form 990-N list, and the Publication 78 list. On December 10, 2024, we downloaded from the IRS website the bulk data files for each of the three sources. According to IRS officials, all files were updated as of December 9, 2024. Therefore, some records that might have been included in the Form 990-N list and the Publication 78 list during fiscal years 2023 and 2024 might not have been included by our download date.

·       SDN and Non-SDN Lists. On January 27, 2025, we downloaded OFAC Extensible Markup Language files from the API. These data included sanction records that were active as of the download date. Therefore, it did not include records that might have been active during fiscal years 2023 and 2024 but subsequently changed to inactive prior to our download date.

We designed some tests based on the specifications that the data source owners established, such as acceptable values and data relationships. We designed others based on our professional judgment to test for apparent errors in accuracy and completeness, such as missing or invalid values, data formatting issues, and conflicting data relationships. For verifying the validity of unique entity identifiers (UEI), we compared the values against SAM entity information.[66]

We used all data elements to check for complete duplicate records and selected data elements to check for partial duplicates. For relevance, we selected data elements to perform comparability tests based on factors including whether agency documentation indicated that the elements were required and DNP included the elements in search results. Selected data elements generally included unique identifiers, name, address, and relevant date information, to the extent available.

Additionally, we assessed the consistency and relationship between the selected data sources by comparing them with each other. Without accessible and reliable common unique identifiers, in our analyses, we sometimes relied on individual and entity names or other fields, such as country, to match records between data sources. These fields varied in name, formatting, and number of fields, further complicating exact matching. We generally used automated exact-matching procedures and did not perform manual checks to determine whether additional or different matches could have been identified.[67] We used exact matching techniques, including a unique identifier when available, to replicate what a human might do and avoid making incorrect matches. We did not use “fuzzy matching”—a collection of techniques that calculate how similar the values are and require human judgment to confirm a match. Fuzzy matching without human judgment can reduce the accuracy and reliability of the analysis by incorrectly identifying matches and missing true matches. For instance, it can incorrectly identify matches, such as “Global Tech Industries Inc” in one data source matching with “Global Technologies Inc” in another data source.

We interviewed GSA officials, HHS OIG officials, and Treasury officials from IRS and OFAC to understand the reasons for the issues we identified in the data sources they own. We also interviewed officials from the audit community who have worked with these data, such as the Council of the Inspectors General on Integrity and Efficiency, and GSA OIG, to gain an understanding of any data interoperability challenges they may have identified. While we determined that the data we used from the selected data sources were sufficiently reliable for the purposes of assessing data interoperability, including accuracy and completeness, we identified risks to the reliability of the data, as we discuss in the report.

To address objective three, we narrowed our selection to the data sources that Treasury’s DNP categorized as debarment and had a UEI to more closely identify potentially ineligible recipients.[68] We used only the UEI data element to more reliably and accurately compare with the USAspending.gov award data.[69] We selected GSA’s (1) SAM entity information and (2) SAM Exclusions.

Because we made a nongeneralizable selection of data sources, our findings for this objective cannot be used to make inferences about other data sources nor the full population of awards. However, we determined that the selection of these data sources was appropriate for our design and objectives and that the selection would generate valid and reliable evidence to support our work.

We downloaded all award transaction data for fiscal years 2023 and 2024 (the latest available at the time of our analyses) from the USAspending.gov Award Data Archive on February 3, 2025. We then compared SAM entity information records with the USAspending.gov contract and financial assistance award data for fiscal years 2023 and 2024 to determine if the recipient UEIs in USAspending.gov were valid. To identify awards made to excluded UEIs during the exclusion period, we analyzed the award transaction dates in relation to the corresponding exclusion dates to determine if a UEI was excluded at the same time as the transaction. Because contracts have transaction identifiers for closeout, legal contract cancellation, terminate for cause, terminate for default, and terminate for convenience, we excluded these types of transactions from our matches. We did not make a similar exclusion for financial assistance transactions because the identifier did not have categories to indicate termination.

While each award generally has multiple transactions throughout its life cycle, we summarized the matches by award for reporting purposes. For federal award recipient UEIs in USAspending.gov that matched a UEI on SAM Exclusions, we summarized the number of contract and financial assistance awards, and their associated total obligation amounts for fiscal years 2023 and 2024, to quantify the magnitude of awards made to potentially ineligible federal award recipients. We also downloaded SAM Exclusions web search data in April 2026 to verify UEIs for some exclusion records that did not match SAM entity information. While we determined that the data we used from the selected data sources were sufficiently reliable for the purpose of matching exclusions data and awards, we identified risks to the reliability of the data, as we discuss in the report. For USAspending.gov, we assessed the reliability of award data by checking completeness of the UEIs and award identifiers, as well as the validity of the UEIs by comparing them to SAM entity information. We determined that data we used from USAspending.gov were sufficiently reliable for the purpose of matching exclusions data and awards, and we discuss data reliability issues in the report.

We conducted this performance audit from March 2024 to June 2026 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.

Table 11 provides the file formats for the publicly available data sources selected in our review.

	Publicly available file formats
Owner Data source	CSV	Fixed-field	JSON	PDF	Pipe delimited text	XML
General Services Administration
Federal Audit Clearinghouse	P		P
System for Award Management (SAM) Entity Registrations	P		P		P
SAM Exclusions	P		P
Department of Health and Human Services - Office of Inspector General
List of Excluded Individuals and Entities	P
Department of the Treasury - Internal Revenue Service
Automatic Revocation of Exemption List					P
Form 990-N list					P
Publication 78 list					P
Treasury - Office of Foreign Assets Control (OFAC)
Specially Designated Nationals and Blocked Persons (SDN) List	P	P		P		Pa
Non-SDN Consolidated Sanctions List	P	P		P		Pa

Legend: P = The data source is publicly available in the indicated file format; CSV = Comma-Separated Values; JSON = JavaScript Object Notation; PDF = Portable Document Format; and XML = Extensible Markup Language.

Source: GAO analysis of selected data sources.  |  GAO‑26‑107466

^aOFAC publishes standard, advanced, and enhanced versions of XML files.

GAO Contact

Paula M. Rascona, rasconap@gao.gov

Staff Acknowledgments

In addition to the contact named above, María C. Belaval, Mariana Calderón, and Sarah Hay (Assistant Directors); Erika Szatmari (Auditor in Charge); Giovanna K. Cruz; Joanne Howard; Jason Kirwan; Cory A. Mazer; Brenda Mittelbuscher; Gabriel M. Nelson; Christian P. Sullano; and Lisa Zhao made key contributions to this report.

Federal Spending Transparency: Actions Needed to Help Ensure Procurement Data Quality. GAO‑25‑107469. Washington, D.C.: September 25, 2025.

Grants Management: Recent Guidance Could Enhance Subaward Oversight. GAO‑25‑107315. Washington, D.C.: March 26, 2025.

Program Integrity: Agencies and Congress Can Take Actions to Better Manage Improper Payments and Fraud Risks. GAO‑25‑108172. Washington, D.C.: March 11, 2025.

Payment Integrity: Significant Improvements Are Needed to Address Improper Payments and Fraud. GAO‑24‑107660. Washington, D.C.: September 10, 2024.

Fraud Risk Management: 2018-2022 Data Show Federal Government Loses an Estimated $233 Billion to $521 Billion Annually to Fraud, Based on Various Risk Environments. GAO‑24‑105833. Washington, D.C.: April 16, 2024.

Grants Management: Action Needed to Ensure Consistency and Usefulness of New Data Standards. GAO‑24‑106164. Washington, D.C.: January 25, 2024.

Federal Spending Transparency: Opportunities to Improve USAspending.gov Data. GAO‑24‑106214. Washington, D.C.: November 7, 2023.

Federal Spending Transparency: OIGs Identified a Variety of Issues with the Quality of Agencies’ Data Submissions. GAO‑22‑105427. Washington, D.C.: July 12, 2022.

Emergency Relief Funds: Significant Improvements Are Needed to Ensure Transparency and Accountability for COVID-19 and Beyond. GAO‑22‑105715. Washington, D.C.: March 17, 2022.

Federal Spending Transparency: Opportunities Exist for Treasury to Further Improve USAspending.gov’s Use and Usefulness. GAO‑22‑104127. Washington, D.C.: December 16, 2021.

Federal Spending Transparency: Opportunities Exist to Further Improve the Information Available on USAspending.gov. GAO‑22‑104702. Washington, D.C.: November 8, 2021.

DATA Act: OIGs Reported That Quality of Agency-Submitted Data Varied, and Most Recommended Improvements. GAO‑20‑540. Washington, D.C.: July 9, 2020.

DATA Act: Quality of Data Submissions Has Improved but Further Action Is Needed to Disclose Known Data Limitations. GAO‑20‑75. Washington, D.C.: November 8, 2019.

DATA Act: OMB Needs to Formalize Data Governance for Reporting Federal Spending. GAO‑19‑284. Washington, D.C.: March 22, 2019.

DATA Act: Reported Quality of Agencies’ Spending Data Reviewed by OIGs Varied Because of Government-wide and Agency Issues. GAO‑18‑546. Washington, D.C.: July 23, 2018.

DATA Act: OMB, Treasury, and Agencies Need to Improve Completeness and Accuracy of Spending Data and Disclose Limitations. GAO‑18‑138. Washington, D.C.: November 8, 2017.

DATA Act: As Reporting Deadline Nears, Challenges Remain That Will Affect Data Quality. GAO‑17‑496. Washington, D.C.: April 28, 2017.

DATA Act: Office of Inspector General Reports Help Identify Agencies’ Implementation Challenges. GAO‑17‑460. Washington, D.C.: April 26, 2017.

DATA Act: Implementation Progresses but Challenges Remain. GAO‑17‑282T. Washington, D.C.: December 8, 2016.

DATA Act: OMB and Treasury Have Issued Additional Guidance and Have Improved Pilot Design but Implementation Challenges Remain. GAO‑17‑156. Washington, D.C.: December 8, 2016.

Improper Payments: Strategy and Additional Actions Needed to Help Ensure Agencies Use the Do Not Pay Working System as Intended. GAO‑17‑15. Washington, D.C.: October 14, 2016.

DATA Act: Improvements Needed in Reviewing Agency Implementation Plans and Monitoring Progress. GAO‑16‑698. Washington, D.C.: July 29, 2016.

DATA Act: Progress Made but Significant Challenges Must Be Addressed to Ensure Full and Effective Implementation. GAO‑16‑556T. Washington, D.C.: April 19, 2016.

DATA Act: Data Standards Established, but More Complete and Timely Guidance Is Needed to Ensure Effective Implementation. GAO‑16‑261. Washington, D.C.: January 29, 2016.

DATA Act: Progress Made in Initial Implementation but Challenges Must be Addressed as Efforts Proceed. GAO‑15‑752T. Washington, D.C.: July 29, 2015.

GAO’s Mission

The Government Accountability Office, the audit, evaluation, and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO’s commitment to good government is reflected in its core values of accountability, integrity, and reliability.

Obtaining Copies of GAO Reports and Testimony

The fastest and easiest way to obtain copies of GAO documents at no cost is through our website. Each weekday afternoon, GAO posts on its website newly released reports, testimony, and correspondence. You can also subscribe to GAO’s email updates to receive notification of newly posted products.

Order by Phone

The price of each GAO publication reflects GAO’s actual cost of production and distribution and depends on the number of pages in the publication and whether the publication is printed in color or black and white. Pricing and ordering information is posted on GAO’s website, https://www.gao.gov/ordering.htm.

Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537.

Orders may be paid for using American Express, Discover Card, MasterCard, Visa, check, or money order. Call for additional information.

Connect with GAO

Connect with GAO on X, LinkedIn, Instagram, and YouTube.
Subscribe to our Email Updates. Listen to our Podcasts.
Visit GAO on the web at https://www.gao.gov.

To Report Fraud, Waste, and Abuse in Federal Programs

Contact FraudNet:

Website: https://www.gao.gov/about/what-gao-does/fraudnet

Automated answering system: (800) 424-5454

Media Relations

Sarah Kaczmarek, Managing Director, Media@gao.gov

Congressional Relations

David A. Powner, Acting Managing Director, CongRel@gao.gov

General Inquiries

https://www.gao.gov/about/contact-us