FOREIGN ASSISTANCE

Opportunities Exist for Agencies to Improve Their Management of Fraud, Waste, and Abuse Risks

Statement of Latesha Love-Grayer, Director, International Affairs and Trade

Testimony

Before the Subcommittee on Oversight and Intelligence, Committee on Foreign Affairs, House of Representatives

For Release on Delivery Expected at 2 pm ET

Tuesday, March 17, 2026

GAO-26-108945

United States Government Accountability Office

A testimony before the Subcommittee on Oversight and Intelligence, Committee on Foreign Affairs, House of Representatives

For more information, contact: Latesha Love-Grayer at LoveGrayerL@gao.gov

What GAO Found

No area of the federal government is immune to fraud, waste, or abuse. GAO estimates that the federal government loses between $233 billion and $521 billion annually to fraud, based on 2018-2022 data. Delivering foreign assistance can involve specific challenges that increase fraud, waste and abuse risks, such as the presence of conflict in a country and the urgency of providing life-saving aid. GAO’s work in this area has highlighted several instances of actual and potential fraud, waste, and abuse in foreign assistance in countries such as Somalia, Afghanistan, and Mexico. For example, GAO reported on a 2023 United Nations assessment in Somalia that found widespread and systemic diversion of aid, primarily cash assistance. As part of this diversion, beneficiaries reported being required or coerced into paying a significant portion of their aid to those managing the camps where the assistance was distributed, or others.

GAO’s work has identified useful practices and controls in place to manage fraud risks at some agencies. For example, U.S. Agency for International Development’s (USAID) Bureau for Humanitarian Affairs tracked all reported allegations, including fraud, across its awards and identified trends to support its oversight efforts. The Department of State and USAID also maintained processes for reviewing past performance of potential prime partners.

However, GAO also identified systematic weaknesses in agencies’ efforts to manage fraud and other risks. For example, State and USAID did not require fraud awareness training, limiting assurance that their staff could identify fraud risks. State and USAID also had weaknesses in their screening and vetting of international organizations and oversight of subawardees, which increased vulnerabilities to risks, such as fraud. Further, the U.S. African Development Foundation (USADF) lacked internal policies and processes to manage fraud and other risks. Treasury officials that supported USADF contracting told GAO that USADF procurement officials also engaged in questionable practices when making foreign assistance awards, such as steering contracts to former USADF contractual employees. USADF’s Director of Financial Management was later criminally charged by the Department of Justice.

Why GAO Did This Study

Foreign assistance is used to support U.S. foreign policy by providing resources to countries that policymakers have deemed to be strategically important, countries in conflict, and populations in need. The complex environments in which U.S. foreign assistance is often delivered have inherent risks for fraud, waste, and abuse. These risks must be recognized and better managed to fulfill programs and protect taxpayer dollars.

Fraud prevention is key as attempting to prosecute individuals and entities after they have committed fraud addresses a small fraction of fraudulent activity, requires significant time and resources, and returns only a portion, if anything, of what was lost. Tactics of those who commit fraud are constantly evolving. As such, agencies should strive to continuously improve anti-fraud efforts to more efficiently and effectively prevent, detect, and respond to fraud.

This statement focuses on (1) specific risks and examples of fraud, waste, and abuse associated with foreign assistance and (2) useful practices and weaknesses in fraud risk management in foreign assistance identified through past GAO work. This statement is based on a body of work of selected reports GAO published from July 2015 to January 2026 addressing fraud risk management in foreign assistance.

What GAO Recommends

Since July 2016, GAO has made at least 51 recommendations to support the management of fraud and other risks for agencies delivering foreign assistance. While agencies have implemented 22 of these recommendations, addressing the remaining 29 recommendations would improve risk management and better enable agencies to prevent fraud, waste, and abuse.

Chairman Mills, Ranking Member Moskowitz, and Members of the Subcommittee:

I appreciate the opportunity to discuss fraud, waste, and abuse and the work GAO has done regarding fraud risk management in foreign assistance.

Foreign assistance supports U.S foreign policy goals by providing resources to countries that policymakers have deemed to be strategically important, countries in conflict, and populations in need. Congress has appropriated approximately $50 billion in 2026 for the Department of State and other foreign affairs agencies and programs, including foreign assistance. Most U.S. foreign assistance prior to 2025 was administered by the U.S. Agency for International Development (USAID); the U.S. Departments of State (State), Agriculture, Health and Human Services, the Treasury, and Defense; and the Millennium Challenge Corporation (MCC). The current Administration has made changes to the U.S. government entities administering foreign assistance, including ceasing USAID’s administration of ongoing foreign aid as of July 1, 2025. State is now poised to be the lead U.S. foreign assistance provider, having assumed certain former USAID functions.

Foreign assistance is often delivered in complex environments with inherent risks, such as fraud, waste, and abuse.[1] These risks must be managed effectively to ensure assistance delivery and taxpayer dollars are safeguarded. While most federal spending, including foreign assistance, is not lost to fraud, every dollar or resource that is diverted to fraudsters damages the federal government’s ability to achieve its goals. Direct financial losses from fraud place an increased burden on the government’s financial outlook. Additionally, non-financial impacts and losses erode public trust in government and hinder agencies’ efforts to execute their missions effectively and efficiently.[2]

While it is impossible to eliminate fraud completely, agencies can manage the risk more effectively by leveraging our recommendations, guidance, and resources for fraud prevention. And prevention is key. Prosecuting individuals and entities after they have committed fraud addresses only a small fraction of identified fraudulent activity, requires significant time and resources, and often recovers only a portion, if anything, of what was lost. The tactics of those who commit fraud are constantly evolving and so should the U.S. government’s approach to subverting them. To be clear, managing fraud risk is never finished. The goal is to continuously improve anti-fraud efforts to better prevent fraud before it occurs, detect it sooner when it happens, and respond more effectively than we have in the past.

This statement focuses on (1) specific risks and examples of fraud, waste, and abuse associated with foreign assistance and (2) useful practices and weaknesses in fraud risk management in foreign assistance identified through past GAO work.

This statement is based on a body of work of selected reports we published from July 2015 to January 2026 addressing fraud risk management in foreign assistance. More detailed information on the scope and methodology of our prior work can be found within the specific reports on which this statement is based. These reports are listed on the Related GAO Products page at the end of this statement. We conducted the work on which this statement is based in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.

Foreign Assistance Has Heightened Risks for Fraud, Waste, and Abuse

No area of the federal government is immune to fraud, waste, or abuse (see fig. 1). We estimate that the federal government loses between $233 billion and $521 billion annually to fraud, based on 2018-2022 data.[3] Fraud can come from within or from outside an organization. For example, an employee, manager or executive within an organization may commit fraud by deceiving their own organization through embezzling funds or accepting bribes. Outside entities may also commit fraud against an organization. For example, vendors may lie about the work they performed, or grantees may claim reimbursement for activities they did not perform.

Delivering Foreign Assistance Presents Increased Risks

The delivery of foreign assistance can present some specific challenges that increase fraud, waste, and abuse risks. These include:

Reliance on Implementing Partners for Delivering Assistance. U.S. foreign assistance is often delivered through award agreements with partnering organizations that implement the assistance. These implementing partners may enter into a sub-award agreement that provides funds to sub-partner organizations to carry out the work.[4] During the delivery of assistance, the U.S. Agency for International Development (USAID) generally relied on partners’ own controls to prevent risks, including fraud. As such, implementing partners and sub-partners play an important role in the delivery and safeguarding of foreign assistance. Therefore, the potential for fraud and other risks is greater if federal agencies, implementing partners, and sub-partners do not have strong controls. See the text box for examples of inadequate internal controls that could increase vulnerabilities to fraud, waste, or abuse.

Examples of Inadequate Internal Controls that Could Increase the Risk of Fraud, Waste, or Abuse ·          Inadequate separation of duties. ·          Lack of or limited monitoring visits or inspection requirements. ·          Lack of or limited policies and guidance for award selection and management. ·          Limited or no requirements for awardees to monitor or report on sub awardee data or information. ·          Weak or limited counter fraud or antiterrorism clauses in delivery partner agreements and contracts. ·          Limited verification of beneficiary data. ·          Limited tracking and oversight of asset management or inventory systems. ·          Limited or no antifraud control environment (e.g. limited or no fraud training, fraud reporting mechanism, or regularly communicated antifraud tone at all organizational levels).  ·          Limited internal or compliance audits.

Source: GAO analysis of prior GAO reports.  |  GAO-26-108945

Countries Experiencing Conflict. Many factors complicate the delivery of assistance to people living in conflict zones. For example, a dangerous operating environment can limit access to certain geographic areas for U.S. agency personnel and implementing partners, which can result in managing U.S. assistance remotely. Lack of in-person oversight increases the risk that assistance will be misused or diverted through fraud or other means. For example, USAID officials who provided assistance to Syria explained that implementing partners were unable to consistently access project sites due to factors such as ongoing fighting, bombing raids, and border closures. This limited partners’ ability to obtain and verify progress.[5] Similarly, we found that USAID was often unable to conduct regular site visits in conflict-affected areas, including Ukraine, Nigeria, and Somalia, instead relying at times on other methods to detect risks, such as reviewing partner’s financial information in regular reports and additional communication with its partners. However, we also found that partners in these countries also said they were often unable to safely access some of their own implementation sites.[6]

Urgency of Humanitarian Assistance and Life-saving Aid. Disasters and public emergencies present an additional challenge to combating fraud. The need for urgent assistance can hinder the implementation of effective controls to combat fraud. Agencies may need to develop new programs or significantly expand existing ones, which can involve increased risks. Further, both our work and that of the USAID Office of Inspector General (OIG) have found that crisis environments, such as war zones in Ukraine, Gaza, and Syria, are by their very nature unstable and insecure. Substantial uncertainty and inaccessibility, coupled with the rapid flow of large amounts of money, create prime opportunities for fraud and diversion—risks that have intensified with the growing scale and duration of humanitarian responses.

Use of Local Organizations. USAID set goals to work directly with local partners to implement assistance in some countries. While working with local organizations can improve the effectiveness and sustainability of foreign assistance, it also potentially raises risks, including the risk of fraud. Many local organizations are smaller than traditional development organizations and may not have the capacity to implement large scale programs, oversee and track substantial funding, and may have limited experience in implementing financial controls or reporting requirements Further, fraud risks can be greater in countries with high levels of corruption.

Presence of Terrorists or Other Sanctioned Entities. Various U.S. laws, regulations. and executive orders provide for U.S. sanctions on specified groups, such as drug traffickers and terrorists. The risk of providing assistance to sanctioned entities in violation of these laws, regulations, and executive orders may be higher in conflict zones because of the presence of terrorists or sanctioned entities contributing to the conflict. This type of risk may require increased oversight of assistance provided.

GAO Work has Highlighted Examples of Fraud, Waste, and Abuse

During our work examining foreign assistance programs of multiple agencies, including USAID, State, and U.S. African Development Foundation (USADF), we have identified or reported on various instances of fraud, waste, or abuse or potential fraud under investigation.

U.S. African Development Foundation. We reported in 2025 that USADF has faced allegations of fraud, waste, and abuse originating from former staff.[7] These allegations included reports on the misuse of official funds, fraudulent spending, conflicts of interest, and inappropriate, abusive, and discriminatory management practices. According to a Department of Justice press release, on January 30, 2026, the Director of Financial Management of the USADF was charged and agreed to plead guilty to accepting payments from a USADF contractor and lying to federal law enforcement officers about those payments. According to the Department of Justice, the USADF employee directed USADF funds to the contractor for little to no work and arranged for USADF to pay vendors and contractors through a Kenyan-based company that was owned by the USADF contractor. The USADF employee and contractor had allegedly known each other for over 20 years.

Post-Delivery Food Aid Diversion in Somalia. We reported that in July 2023, a United Nations assessment in Somalia found widespread and systemic diversion of food aid, primarily cash assistance.[8] For example, internally displaced beneficiaries reported being required or coerced into paying the people managing the camps for the displaced, or other individuals a significant portion—usually in cash—of the aid they had received.

Potential Fraud Under the Mérida Initiative. We reported on several potential fraud cases identified by State and USAID under the Mérida Initiative, a partnership created to help reduce violence in Mexico and mitigate effects of the drug trade.[9] Both State and USAID officials told us about cases of potential fraud involving Mérida funds in 2018 that involved grantees overstating labor costs on invoices submitted for repayment. We also reported on another case of potential fraud reported to USAID in 2018 that involved a contractor who had awarded a subcontract to an employee’s immediate relative without disclosure, in violation of conflict-of-interest reporting requirements.

Examples of Fraud, Waste, and Abuse in Afghanistan. In a 2021 report, we highlighted multiple examples of fraud, waste, and abuse identified in Afghanistan.[10] These included:

·         In 2009 we reported USAID-funded United Nations Office for Project Services (UNOPS) grants were associated with findings of alleged criminal actions and mismanaged funds, leaving USAID’s programs vulnerable to fraud, waste, and abuse. A UN Procurement Task Force in 2008 found instances of fraud, embezzlement, conversion of public funds, conflict of interest, and severe mismanagement of USAID-funded UNOPS projects in Afghanistan, including a $365.8 million project to rehabilitate secondary roads. According to the allegations, a UNOPS official diverted reconstruction funds for personal use, including hundreds of thousands of dollars in USAID funds for rent, a home renovation, and luxury items. The investigation found that the UNOPS official repeatedly violated rules and regulations by severely misappropriating project funds and by engaging in fraudulent and unlawful acts.

·         In 2012, we reported on waste in construction of facilities used by U.S. and Afghan troops. Some contracting officers’ representatives did not have the technical expertise necessary to monitor contract performance for the contracts they were assigned to oversee. As a result, some newly constructed buildings had to be repaired or rebuilt before troops could use them, resulting in wasted resources, low morale, and risks to personnel safety.

·         In 2009 we reported on alleged fraud involving Afghan government and police personnel. U.S. contractors validated the status of almost 47,400 Afghan Ministry of Interior and Afghan National Police personnel but were unable to validate the status of almost 29,400 personnel—who were paid in part by $230 million in U.S. contributions to a UN trust fund—because of a lack of cooperation from some police commanders. During a 2-month period in 2008, U.S. civilian police mentors reported a variety of financial irregularities and alleged fraud.

·         In 2009 we reported on abuse by the Afghan National Police, including an Afghan Border Police battalion commander in Khost province who allegedly sold weapons to anti-coalition forces. In a March 2008 report, a U.S. contractor working with the Afghan National Police noted that despite repeated requests, the police chief logistical officer for Paktika province would not produce a list of serial numbers for weapons on hand. The contractor suggested that this reluctance to share information could be part of an attempt to conceal inventory discrepancies.

Lessons from Useful Practices and Weaknesses in Managing Fraud Risk

Federal law enacted in 2016 required the Office of Management and Budget (OMB) to establish guidelines for agencies to create controls to identify and assess fraud risks and to design and implement antifraud control activities.[11] In its 2016 Circular No. A-123 guidelines, OMB directed agencies to adhere to leading practices in our A Framework for Managing Fraud Risk in Federal Programs (Fraud Risk Framework).[12] The Fraud Risk Framework’s comprehensive leading practices, organized into four components, are designed to help program managers combat fraud in a strategic, risk-based manner. The four components are (1) committing to combat fraud by creating an organizational culture, (2) planning and conducting risk assessments, (3) designing and implementing a strategy with specific control activities, and (4) evaluating and adapting fraud risk management activities (see figure 2).

Our work has found that agencies have some practices and controls in place to manage fraud risks in foreign assistance, consistent with GAO’s Fraud Risk Framework. However, we have also identified systematic weaknesses in agencies’ efforts to prevent, detect, and properly respond to fraud risks in foreign assistance and made numerous recommendations to address these weaknesses. While agencies have taken some steps to address these weaknesses, the remaining yet to be implemented recommendations can guide agencies seeking to enhance their risk management for foreign assistance. Some of these recommendations are to USAID and USADF, which have respectively ceased administration of aid and reduced functions; however, the practices underlying the recommendations for these agencies may be applicable to the agencies that will continue to administer foreign assistance.

Lessons from Useful Practices and Weakness in Agencies’ Efforts

Our prior work identified both useful practices and weaknesses in agencies’ fraud risk management related to (1) internal controls, (2) fraud risk assessments, (3) fraud awareness training, (4) oversight of implementing partners, (4) third-party monitoring, (5) use of data analytics to manage fraud risks, and (6) responding and adapting to risks.

Internal Controls

Our prior work has found that agencies have some policies and procedures to mitigate fraud and other risks. For example, in a 2024 review, we found that USAID maintained internal policies and procedures that guided award type decisions and outlined roles and responsibilities for award management.[13] However, agencies’ policies may be insufficient or not systematically implemented in line with leading practices for managing fraud risks.

For example, we found in a 2025 review that USADF had inadequate policies, procedures, and practices to ensure the appropriate use of federal award funds.[14] As one of many systematic internal control weaknesses described in our report, we found that USADF had insufficient internal policies and procedures to guide contract award decisions and management. Treasury officials that supported USADF’s contracting process told us that USADF procurement officials engaged in questionable practices when making awards. USADF’s Director of Financial Management was later criminally charged by the Department of Justice. We reported concerns with USADF practices such as steering contracts to former USADF contractual employees, cancelling solicitations when desired prior contract employees did not win the contract, and directing Department of Treasury officials on who to hire and what to pay their former contractual employees. Treasury officials noted that these practices all went against Federal Acquisition Regulation provisions related to procurement integrity. We reported that these practices could be a sign of potential procurement fraud and abuse schemes, such as bid rigging and unjustified sole source awards. These practices may have proliferated because of the lack of procedures and oversight controls.

Among other things, we recommended that the USADF (1) implement specific effective internal control policies and processes and (2) ensure that it has appropriate personnel in place to establish and update internal control policies, assess and mitigate fraud, ensure appropriate separation of duties, and manage procurements. Our recommendations are not yet implemented.

Fraud Risk Assessments

We noted in a 2024 review of assistance provided in conflict zones that USAID had an Enterprise Risk Management structure that included teams within bureaus and missions to assess and document risks, including fraud.[15] Under this structure, USAID bureaus and missions were required to develop annual risk profiles to identify, analyze, and manage risks and communicate these risks to leadership, as outlined in USAID’s Enterprise Risk Management guidance and Anti-Fraud Plan.

While these risk assessments have the potential to be useful tools, we found weaknesses in USAID’s and State’s approach to assessing fraud risks for their programs. Specifically, the agencies’ assessments were not tailored to program-specific fraud risks, in accordance with the leading practices identified in the Fraud Risk Framework. For example, in 2021, we found that State and USAID had not fully assessed the potential risks of fraud in their Mérida programs.[16] In 2024, we again found that USAID’s fraud risk assessments for El Salvador, Guatemala, Honduras, Nigeria, Somalia, and Ukraine did not examine program-specific fraud risks.[17] Without completing fraud risk assessments that are tailored to individual programs, State’s and USAID’s programs were more vulnerable to those risks.

We made one recommendation to State and seven recommendations to USAID to assess fraud risks in their programs. Subsequently, State and USAID completed fraud risk assessments for their Mérida programs, and USAID created a requirement for regular fraud risk assessments for its programs agencywide in 2024. As of July 2025, when USAID transferred its remaining programmatic functions to State, USAID had not implemented five of these recommendations.

Fraud Awareness Training

Fraud risk training also enables agencies to identify and mitigate these risks. In a 2024 review, we found that while USAID offered fraud awareness training, attendance was not always mandated or tracked because USAID did not require these steps agencywide.[18] We likewise found in 2021 that State also did not require fraud awareness training.[19] Without mandatory training, State and USAID lacked assurance that its staff and partners knew how to identify and mitigate key fraud risks and vulnerabilities for its programs.

We made three recommendations to State and USAID to update their policies and guidance to require fraud awareness training. State and USAID implemented these recommendations.

Oversight of Implementing Partners

Agencies employed some useful processes to oversee implementing partners and their sub-partners throughout the award process that can be useful for identifying and assessing fraud risks. For example:

·         Reviewing past performance. Our July 2024 review of State’s and USAID’s use of implementing partners in Ukraine found that State and USAID had standard processes for considering past performance when selecting some prime implementing partners for awards (e.g. contracts or grants), which our review of a sample of 28 awards indicated that they followed. USAID also routinely monitored its NGO implementing partners’ screening of their sub-partners for past performance, as of July 2024.[20]

·         Award provisions and due diligence. Our April 2024 review of USAID assistance in conflict zones found that prior to implementing awards, USAID used award provisions (i.e. contractual or legal terms in the award) to outline control requirements related to fiduciary risks, including provisions on fraud disclosure, whistleblower protections, and conflicts of interest.[21] Likewise, USAID had policies to conduct due diligence and partner vetting and included provisions in awards to ensure assistance did not benefit terrorists or sanctioned entities.[22]

·         Improving internal controls. We found USAID had several strategies to oversee implementing partners’ internal controls and address any deficiencies. For example, as of April 2024, USAID’s missions in Nigeria and Ukraine conducted financial reviews of awards to oversee and detect fiduciary risks, including fraud. For example, a financial review might look at a partner’s accounting and record keeping; internal control procedures; or compliance with the award agreement. The Nigeria mission also required certain local partners to hire a compliance officer to help build an internal compliance system, as local partners may not have had the same level of capacity and controls as international implementing partners.

Our work has also found weaknesses in State’s and USAID’s oversight of implementing partners and their sub-partners that increased vulnerabilities to financial risks, such as fraud, and the risk of providing assistance to entities or individuals associated with terrorism. In general, we noted additional weaknesses with State and USAID’s oversight of awards with international organizations compared to nongovernmental organizations. Specifically,

·         Past performance of international organizations. We found weaknesses with State’s review of potential partners’ past performance during our 2024 review of State and USAID’s oversight of partners in Ukraine.[23] Specifically, State did not screen for past performance for letters of agreement, a type of award with certain international organizations, as its policy did not require this screening. Without screening all types of implementing partners, State had a higher risk of selecting implementing partners that may have been excluded from federal awards or may not have performed well. In addition, across all award types, State did not document detailed information about applicants’ past performance because its policies did not require it. Detailed documentation would help other State officials understand the risks of using these partners to implement assistance under current and potential future awards.

·         Past performance of sub-partners. We also found weaknesses with how State and USAID monitored their partners’ screening of their sub-partners for past performance, based on the sample of awards we reviewed. While USAID routinely monitored how its NGO implementing partners screened sub-partners for past performance, it did not monitor its international organization partners, such as United Nations agencies. State did not perform this monitoring for either type of partner. Without periodic monitoring, the agencies increased the risk that partners may not have effectively screened sub-partners.

·         Sub-partner vetting and provisions. A March 2021 review of USAID funding to the West Bank and Gaza found that, for fiscal years 2015 through 2019, USAID fully complied with requirements for partner vetting, antiterrorism certificates, and mandatory provisions.[24] However, our analysis of a sample of subawards showed that partners were not consistently vetting subawardees and certain mandatory anti-terrorism provisions were not included in contracts, as required. Weaknesses in USAID’s subaward monitoring may have increased the risk of providing assistance to entities or individuals associated with terrorism.

In these reports, we made seven recommendations to State and USAID to ensure proper screening of partners and sub-partners. State and USAID implemented six of these recommendations by establishing requirements for officials to document past performance information and periodically monitor partners’ screening on sub-partners, among other things. One recommendation to State is yet to be implemented and relates to screening international organizations.

Third-Party Monitoring

Conducting in-person site visits for assistance programs is an important oversight tool. However, the presence of conflict limits agencies’ direct oversight of their partners. In these environments, agencies can use third-party monitoring to manage this limitation. Specifically, our 2016 review of USAID’s humanitarian assistance to Syria and our 2024 review of USAID’s assistance in conflict zones found that USAID used third-party monitors to improve oversight and verify progress of its programs.[25]

However, this third-party monitoring focused on performance management and was not designed explicitly for fraud risk detection. As a result, there were inconsistencies in whether these monitors checked for indications of potential fraud. For example, we reviewed site visit questionnaires for the third-party monitoring contracts in Nigeria, Somalia, and Ukraine and found examples of questions that could be used to detect possible instances of fraud and other risks. Some questionnaires asked beneficiaries whether anyone had demanded payment for assistance, and others had questions on practices to manage fiduciary risk, such as how partners select beneficiaries and whether they maintained distribution registers. However, we did not see similar practices consistently across countries. Improved training and guidance for third-party monitoring would allow these monitors to be used to help assess and identify potential risks.

We made three recommendations to USAID to enhance the use of third-party monitoring to detect potential fraud. One recommendation related to USAID’s programs in Syria is implemented, as USAID revised site visit templates for third-party monitors to indicate potential fraud incidents during site visits. As of July 2025, USAID had not implemented two recommendations related to updating agencywide guidance on using third-party monitoring for potential fraud detection.

Data Analytics

Data analytics can help agencies prevent and detect potential fraud. For example, our 2024 review of USAID assistance in conflict zones described how USAID’s Bureau for Humanitarian Affairs maintained a central tracker of all reported allegations, including fraud, across all its awards.[26] The bureau used this information to identify trends and support staff in overseeing awards.

We also noted weaknesses in the use of data analytics for fraud risk management. In September 2025, we found that USAID did not regularly verify or use all available data to inform its oversight of direct budget support to Ukraine.[27] Specifically, USAID did not review Ukraine’s detailed expenditure data received from the World Bank. We analyzed a subset of this data and identified 161 unusual increases out of 5,121 expenditure changes. For example, one large increase was a 2,474 percent increase (equal to $1,067,542) between April and June 2023 for salaries to non-security government employees working at the Ukraine Supreme Court. Although non-security government employees typically receive bonuses in June, this percentage increase was an outlier for June 2023 and merited further examination. Reviewing all available expenditure data would help identify data anomalies, determine the cause, and help ensure Ukraine’s use of U.S. direct budget support funding was appropriate.

We made one recommendation to State, which assumed oversight responsibility for the direct budget support to Ukraine from USAID in July 2025, to review expenditure data to enhance oversight of direct budget support funding. This recommendation is yet to be implemented.

Responding and Adapting to Risks

Beyond preventing and detecting risks, agencies must also effectively respond and adapt to them. Response can include investigating potential fraud and taking corrective actions. For example, during our 2024 review of assistance in conflict zones we found that USAID required its awardees to report all violations of criminal law involving fraud or other certain prohibited conduct potentially affecting the award to the USAID OIG. We found multiple instances when implementing partners in Ukraine reported instances of conflicts of interest to the OIG for investigation. Our review also found that after a Somalia mission partner reported and confirmed instances of fraudulent invoices, the mission requested that the partner revise its plan for conducting due diligence to address related internal control gaps.

We found that, at times, agencies could improve actions to address fraud and other risks in federal contracts, grants, or other awards. For example, in a 2021 review, we noted that USAID’s compliance review process found numerous instances of partners not complying with requirements for vetting and inclusion of mandatory anti-terrorism provisions in subawards for the West Bank Gaza program.[28] However, we found this compliance review process did not always occur in time to enforce remedies for awardee’s noncompliance before awards ended, such as withholding cash payments pending correction of the deficiency or withholding approval of further awards. We recommended USAID conduct compliance reviews and take appropriate actions before awards end, which USAID implemented.

Even if entities take corrective actions or remedy the harm caused by fraud or other violations, it is essential for agencies to have strong controls to prevent and detect future violations. In particular, reporting award violations and other information related to contractor performance in federal systems used to inform contracting decisions is also essential. However, we have found that contracting officials sometimes failed to report contractor violations, such as human trafficking violations in federal contracts or terminations of contracts due to the fault of the contractor, in required federal procurement databases. Because other contracting officials rely on these databases to review contractors’ performance histories before making new awards, incomplete reporting increases the risk that agencies will unknowingly work with contractors with a history of violating award provisions, thereby putting taxpayer dollars at risk. We are particularly concerned about this incomplete reporting because we are aware of instances when agencies have continued to work with implementing partners or sub-partners on other ongoing or new awards after those partners have entered into settlement agreements with the Department of Justice for fraud or related violations. We recommended that agencies improve their reporting of violations. For example, we made one recommendation to the Secretary of the Army to clarify guidance regarding reporting requirements for human trafficking violations, which it implemented. We also made a recommendation to the Department of Defense on reporting information such as contract terminations in these databases, which is not yet implemented.

Agencies should also continually adapt their risk management activities by applying lessons learned. However, USAID could not show us how they have used such lessons to develop better prevention and detection controls—a leading practice in fraud risk management. For example, while USAID mission staff in Nigeria, Somalia, and Ukraine reported some sharing of risk related lessons, we found that USAID lacks a dedicated mechanism for its missions to systematically share lessons learned about managing risk in conflict zones. In response, we made a recommendation to USAID to develop a mechanism for systematically sharing lessons learned among conflict-affected missions related to the management of risks that are common across conflict zones, including fraud. As of July 2025, USAID had not implemented this recommendation.

Recommendations to Better Manage Fraud Risks

Over the last ten years, we have made dozens of recommendations to agencies on how they can better manage fraud and other risks in their foreign assistance programs, including those cited above. We have also identified actions Congress can take to improve agencies’ efforts.

Recommendations to agencies

From July 2016 through September 2025, we made at least 51 recommendations to improve and support the management of fraud and other risks for agencies delivering foreign assistance. These included 14 recommendations to State, 25 recommendations to USAID, four recommendations to USADF, and eight recommendations to other agencies and offices including Treasury, the Department of Energy, and the Office of Management and Budget.

As of February 2026, these agencies collectively had taken actions to fully implement 22 of these recommendations but had yet to fully implement the remaining 29. Specifically, State had eight implemented recommendations and six not yet implemented; USAID had 13 implemented recommendations and 12 not implemented; USADF had four recommendations not yet implemented; and the remaining agencies had one implemented recommendation and seven not yet implemented.[29]

With the cessation of USAID’s administration of aid and reduction of USADF’s functions, the practices underlying the recommendations for these agencies may be applicable to State and other agencies that will continue to administer foreign assistance.

Matters for Congressional Consideration

Congressional action is also part of the solution, and we have identified actions that Congress could take to help agencies combat fraud.[30] For example:

·         Reinstating the requirement for agencies to report on their antifraud controls and fraud risk management efforts in agency financial reports. In March 2022, GAO recommended that Congress amend the Payment Integrity Information Act of 2019 to reinstate certain reporting requirements.[31] Requiring agencies to report annually on their antifraud controls and fraud risk management efforts would support congressional oversight and focus agency attention on strategic fraud risk management and help align their efforts with leading practices.

In conclusion, combating fraud requires continuous learning, oversight, and improvement. Addressing the weaknesses we have identified and implementing related recommendations and matters will help the federal government to manage fraud risks in foreign assistance. Moreover, as agencies adapt and undertake new programs and challenges, GAO’s fraud risk management resources, in addition to the OIGs’ and our findings and recommendations, can guide agencies’ continued growth in fraud management.[32] In particular, to help State transition into its new role as the lead U.S. foreign assistance provider, it can look to incorporate the useful practices into current and future assistance programs and avoid the weaknesses our work has identified.

Chairman Mills, Ranking Member Moskowitz, and Members of the Subcommittee, this completes my prepared statement. I would be pleased to respond to any questions that you may have at this time.

GAO Contact and Staff Acknowledgements

If you or your staff have any questions about this testimony, please contact Latesha Love-Grayer, Director, International Affairs and Trade, at lovegrayerl@gao.gov. Contact points for our Office of Congressional Relations and Public Affairs may be found on the last page of this statement. GAO staff who made key contributions to this testimony are Heather Latta (Assistant Director), Michael Maslowski (Analyst-in-Charge), Rianna Jansen, Terry Richardson, Larissa Barrett, Samantha Jorgensen, Rebecca Shea, and Seto Bagdoyan. Staff who made key contributions to the reports cited in the testimony are identified in the source products.

Related GAO Products

Combating Fraud: Approaches to Evaluate Effectiveness and Demonstrate Integrity. GAO‑26‑107609. (Washington D.C.: January 14, 2026).

Ukraine: State Should Build on USAID’s Oversight of Direct Budget Support. GAO‑25‑107057. (Washington, D.C.: September 24, 2025).

U.S. African Development Foundation: Strategic Approach Needed to Mitigate Fraud Risks. GAO‑25‑107574. (Washington, D.C.: September 15, 2025).

Ukraine: DOE Could Better Assess Fraud Risks and Formalize Its Transition Plans for Nuclear Security and Safety Efforts. GAO‑25‑108444. (Washington, D.C.: June 12, 2025).

Fraud in Federal Programs: FinCEN Should Take Steps to Improve the Ability of Inspectors General to Determine Beneficial Owners of Companies. GAO‑25‑107143. (Washington, D.C.: April 8, 2025).

Federal Contractors: Actions Needed to Improve Quality of Performance and Integrity Data. GAO‑24‑106911. (Washington, D.C.: September 25, 2024).

Ukraine: State and USAID Should Improve Processes for Ensuring Partners Can Perform Required Work. GAO‑24‑106751. (Washington, D.C.: July 31, 2024).

Human Trafficking: Agencies Need to Adopt a Systematic Approach to Manage Risks in Contracts. GAO‑24‑106973. (Washington, D.C.: July 30, 2024).

Foreign Assistance: USAID Should Strengthen Risk Management in Conflict Zones. GAO‑24‑106192. (Washington, D.C.: April 30, 2024).

Fraud Risk Management: 2018-2022 Data Show Federal Government Loses an Estimated $233 Billion to $521 Billion Annually to Fraud, Based on Various Risk Environments. GAO‑24‑105833. (Washington, D.C.: April 16, 2024).

Central America: USAID Should Strengthen Staffing and Fraud Risk Management for Initiative Addressing Migration to the U.S. GAO‑24‑106232. (Washington, D.C.: March 14, 2024).

Fraud Risk Management: Key Areas for Federal Agency and Congressional Action. GAO‑23‑106567. (Washington D.C.: April 13, 2023).

Emergency Relief Funds: Significant Improvements Are Needed to Ensure Transparency and Accountability for COVID-19 and Beyond. GAO‑22‑105715. (Washington, D.C.: March 17, 2022).

West Bank and Gaza Aid: Should Funding Resume, Increased Oversight of Subawardee Compliance with USAID’s Antiterrorism Policies May Reduce Risks. GAO‑21‑332. (Washington, D.C.: March 29, 2021).

Human Trafficking: DOD Should Address Weaknesses in Oversight of Contractors and Reporting of Investigations Related to Contracts. GAO‑21‑546. (Washington, D.C.: August 4, 2021).

Afghanistan Reconstruction: GAO Work since 2002 Shows Systemic Internal Control Weaknesses that Increased the Risk of Waste, Fraud, and Abuse. GAO‑21‑32R. (Washington, D.C.: January 27, 2021).

U.S. Assistance To Mexico: State and USAID Should Strengthen Risk Management for Programs under the Mérida Initiative. GAO‑21‑335. (Washington, D.C.: March 1, 2021).

Syrian Refugees: U.S. Agencies Conduct Financial Oversight Activities for Humanitarian Assistance but Should Strengthen Monitoring. GAO‑18‑58. (Washington, D.C.: October 31, 2017).

Syria Humanitarian Assistance: Some Risks of Providing Aid inside Syria Assessed, but U.S. Agencies Could Improve Fraud Oversight. GAO‑16‑629. (Washington, D.C.: July 14, 2016).

Syria Humanitarian Assistance: Implementing Partners Have Assessed Some Risks of Providing Aid inside Syria, but U.S. Agencies Could Improve Fraud Oversight. GAO‑16‑808T. (Washington, D.C.: July 14, 2016).

A Framework for Managing Fraud Risks in Federal Programs. GAO‑15‑593SP. (Washington, D.C.: July 28, 2015).

GAO’s Mission

The Government Accountability Office, the audit, evaluation, and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO’s commitment to good government is reflected in its core values of accountability, integrity, and reliability.

Obtaining Copies of GAO Reports and Testimony

The fastest and easiest way to obtain copies of GAO documents at no cost is through our website. Each weekday afternoon, GAO posts on its website newly released reports, testimony, and correspondence. You can also subscribe to GAO’s email updates to receive notification of newly posted products.

Order by Phone

The price of each GAO publication reflects GAO’s actual cost of production and distribution and depends on the number of pages in the publication and whether the publication is printed in color or black and white. Pricing and ordering information is posted on GAO’s website, https://www.gao.gov/ordering.htm.

Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537.

Orders may be paid for using American Express, Discover Card, MasterCard, Visa, check, or money order. Call for additional information.

Connect with GAO

Connect with GAO on X, LinkedIn, Instagram, and YouTube.
Subscribe to our Email Updates. Listen to our Podcasts.
Visit GAO on the web at https://www.gao.gov.

To Report Fraud, Waste, and Abuse in Federal Programs

Contact FraudNet:

Website: https://www.gao.gov/about/what-gao-does/fraudnet

Automated answering system: (800) 424-5454

Media Relations

Sarah Kaczmarek, Managing Director, Media@gao.gov

Congressional Relations

David A. Powner, Acting Managing Director, CongRel@gao.gov

General Inquiries

https://www.gao.gov/about/contact-us