NEW YORK, June 5 - The National Science Foundation is at risk for widespread loss, misuse, waste, and theft of its financial resources and research equipment, according to a government audit released this week.
In its semiannual report, the Office of Inspector General of the NSF also says the agency fails to comply with a pair of federal financial baselines and must improve a bevvy of guidelines, regulations, oversight procedures, and security protocols if it wants to protect itself from fraud and abuse.
The product of a comprehensive audit and investigation into the inner workings of the NSF over the six months ended March 31, the 68-page report cautions that NSF's cash and assets are vulnerable to misuse, whether unintentional or deliberate, in several places.
OIG claims that NSF, which oversees a budget approaching $5 billion, must improve the way it tracks funds after they are approved and distributed. Specifically, OIG says NSF should create written procedures to for complying with so-called post-award conditions.
Though the NSF has "an adequate system of award management over its pre-award and award phases, the agency does not have a comprehensive risk-based internal-grants management program to monitor" cash once it has been disbursed to an institute, the OIG writes.
"As a result, awardees' use of federal funds may ... leave resources unprotected from waste, fraud, and mismanagement," according to the OIG.
The office describes the case of a university bioengineering professor who recently defrauded NSF to the tune of $99,000. In this case, the professor, who taught at a university in South Carolina, submitted a bogus Small Business Innovation Grant application for his wife's company.
Trouble was, the application was based on a Master's thesis written by one of his students. According to the OIG, the only people to ever see the grant money was the couple, who used it for "personal expenses" and college tuition for their son. The professor ultimately plead guilty and returned some $198,000 to the federal government. His wife was forced to shutter her company.
"It's tempting to assume the job is done once the money is out the door," says Tim Cross, deputy inspector at the OIG. "That's not the way we look at it."
Keeping tabs on identities and assets
NSF also "faces the challenging task" of keeping its open-search culture vibrant while ensuring that its IT remains safe from "unauthorized intrusion." Specifically, OIG found that NSF's security "indicates that there may be weaknesses that increase security risks."
The report points to a recent case in which the social security numbers of an undisclosed number of NSF conference attendees were stolen. In later investigation with state law enforcement, OIG found "there were many with the opportunity to steal conference registration data, including NSF staff, a contractor, and a subcontractor."
According to Cross, "there are various IT security issues that have evolved over recent years ... where NSF has to be careful in how it protects its critical information and protects the systems."
NSF must also improve the way it monitors the $200 million worth of assets held by award winners, according to OIG. "Inadequate tracking of these assets could result in potential loss, misuse, or theft."
"Although some procedures are in place to monitor these assets, there is no process within the NSF either to check the accuracy of the inventories submitted by grantees or to assess the condition of these assets," the OIG writes.
Wrangling a behemoth
While Cross says these issues are improving every year, he stresses that the root of the challenge is manpower--a problem due for more stress when one considers that 63 percent of NSF's executives will become eligible to retire over the next five years. An NSF spokeswoman says this "general 'aging' of the federal workforce" is a "concern."
"NSF has areas [in accountability] that it can improve," Cross told GenomeWeb in a recent interview. "And I think they need some additional people." He says that staffing at NSF has been flat over the years despite "huge increases" in the agency's budget as well as the total dollar amount of grants issued.
"So the volume of the work has increased pretty dramatically in recent years and probably will continue to increase," he says. "And you can't just keep loading people with additional burdens without some kind of relief" and expect good work.
To be sure, there is no way to place a dollar amount on the problems outlined in OIG's report, which is sent to Congress, Cross says. And because NSF supports a wide range of scientific, mathematical, and engineering disciplines, it is impossible to calculate how much money goes specifically to genomics-based research.
But it is a large agency upon whose largesse many investigators rely: NSF's 600 staff scientists and engineers and 50,000 outside reviewers comb through some 250,000 grant applications and issue 20,000 awards that help support nearly 200,000 teachers, researchers, post-docs, and trainees each year.
An independent federal agency, the NSF is responsible for 4 percent of the total federal funding earmarked for R&D in a broad range of scientific disciplines, and 23 percent of all federal cash that trickles down to basic research at academic institutions. The NSF also is responsible for 36 percent of the nation's funding of physical sciences and 78 percent of computer science research.
An inherent problem within NSF itself hampers its ability to be its own watchdog, according to Cross. "It's a difficult area for an agency, like NSF, that is culturally not a regulatory agency," Cross says. "It's a granting agency and very much embraces the culture of the universities" and not a culture of overseer. That, Cross says, should change.
In an e-mail message to GenomeWeb, Mary Hanson, the NSF spokeswoman, said the agency "is focused on assuring that infrastructure and critical assets are appropriately protected while maintaining an open and collaborative environment for science and engineering research and education.
"The agency has established a strong and comprehensive Information Technology Security program that is consistent with Government-wide guidance and is patterned after industry best practices," Hanson writes. "NSF will continue to identify areas where ITS improvements are appropriate, and to identify steps that can be taken to reasonably address areas of significant risk.
"We plan to continue to develop additional security-related policies and procedures; offer training and education activities; refine security assessments, plans and controls; and incorporate best practices and lessons learned into established defensive measures," she added.
Click here to read the complete report.