Our audit objective was to determine whether the USAOs' controls and procedures over the purchase and payment for goods and services using third-party drafts, government purchase cards, electronic fund transfers, and Treasury checks were adequate to ensure that vendor payments were made in accordance with the policies prescribed by EOUSA, the Federal Acquisition Regulations, and other relevant authorities.

Payments resulting from the use of the government's MasterCard for official travel were excluded from our audit, because the traveler, not the government, makes the payment.

Our audit was performed in accordance with Government Auditing Standards issued by the Comptroller General of the United States and included tests necessary to accomplish our audit objective stated above.

During the audit, we selected two extra large districts, two large districts, and two medium districts for testing. The Eastern District of New York (Brooklyn) and the Southern District of Florida (Miami) were the extra large offices. The District of New Mexico (Albuquerque) and the District of Oregon (Portland) were the large offices. The District of Utah (Salt Lake City) and the Eastern District of Tennessee (Knoxville) were the medium offices. EOUSA in Washington, D.C., was also selected with the expectation of reviewing large dollar value purchases.

The scope of audit included tests of transactions occurring from October 2001 through September 2002 (FY 2002). We conducted site visits from November 2002 through April 2003, and gave an exit conference in September 2003.

Also required by the Government Auditing Standards is an assessment of the reliability of computer-processed data when using data from computer generated systems. In performing this audit, we obtained lists of payments for purchases from EOUSA for each of the seven offices tested to generate random samples. The payment records came from computer-generated systems maintained by JMD containing third-party drafts, purchase card purchases, electronic fund transfers, and Treasury checks.

This audit was more limited than would be necessary to express an opinion on JMD's computer-processed data and associated payment systems. Rather, the audit was to assess the controls over vendor payments made by EOUSA and the USAOs from those systems. Therefore, we do not express an opinion on JMD's computer-generated systems or data. However, JMD's computer-generated data was compared to other supporting documentation at EOUSA and the district offices. Therefore, we believe the data used was adequate for sampling, testing, and background reporting purposes.

The table below provides details of the number of transactions by payment type in the universe at our seven test sites.

The criteria that must be followed when purchasing goods or services in the USAOs is the Government Purchase Card Program for Simplified Acquisition, the Department of Justice Third Party Payment Policies and Procedures Manual, the Federal Acquisition Regulations, the Justice Acquisition Regulations, the applicable DOJ Order on delegation of authority, and EOUSA's policies and procedures on procurements and payment limits.

At each of the audit sites, we sampled a minimum of 200 randomly selected payments and tested these transactions against the purchasing criteria stated above. The sampling methodology included judgmentally selecting additional payments when issues came to our attention that appeared to require further review. The result of these combined procedures was seven separate samples totaling 1,517 payments representing 5 percent of the universe of 30,422 transactions.

The following two tables show a breakdown of the sampling methodology by location.

The total dollars audited was $2,755,123, or 8.7 percent of the $31,726,084 disbursed at the test sites. In addition, EOUSA reported that all 94 district offices and EOUSA purchased over $155 million in goods and services in FY 2002 from vendors using the four payment types previously stated.

The following two tables provide additional details on the dollar amounts and types of payments made by the USAOs in FY 2002.

In this audit, we reviewed 10,111 documents and interviewed 153 personnel involved in the acquisition and payment processes that included administrative officers, approving officers, approving officials, budget officers, purchase cardholders, disbursing officers, electronic fund transfer submitters and subcertifiers, EOUSA's Chief Financial Officer and Chief Operating Officer, various other officials within the USAs' organization, and key personnel in JMD. Interviews included a series of general questions covering payment methods, specific questions regarding the individual payment mechanisms and procedures, delegated authority limits, security of unused drafts, responsibilities of specific personnel in the purchase and payment of goods and services, separation of duties, location of accountable property, and applicable training received.

The analysis of the 1,517 purchase transactions included determining whether separation of duties occurred on each transaction. We also looked to see if applicable individuals were designated as accountable officers by their respective U.S. Attorney and signed a Form OBD-234 acknowledging personal liability for loss or improper payment of funds.

When reviewing each purchase transaction, we verified that proper approvals were given prior to the purchase, the amount paid was supported by an original invoice, required sources were used and documented as being first considered, receiving documentation showed a signature and date of receipt, taxes were excluded from payments, and the goods and services purchased reasonably met the USAOs' official needs. Our tests also included a review for split purchases, duplicate payments, delegated procurement limits that were exceeded, and fraudulent transactions. Transactions were then tested from the reverse - the documents in the file cabinet back toward the data in the output reports provided by EOUSA. These transactions were judgmentally selected from the USAO's files and worked back through the acquisition process up to the procurement form that contained documentation of approval and obligation.

While testing transactions paid by a government purchase card, we reviewed cardholders to see who exceeded their delegated procurement authority limits and that the cardholders were only making purchases that had been properly approved by an approving officer. We also checked to see if items prohibited by the Government Purchase Card Program for Simplified Acquisition guidelines were procured and then verified that the supporting documents corresponded to the actual charges listed on the monthly purchase card statement. Another test performed was to determine if cardholders were properly retaining all supporting documents and reconciling all transactions to their monthly purchase card statements by signing and dating the monthly statements.

For transactions paid by third-party drafts, the disbursing officer's signature on the draft was reviewed to determine that only designated individuals were signing the third-party drafts. We also verified that the disbursing officer was not the same person who signed the procurement form as the approving officer or budget officer for that transaction. Our tests verified that copies of the drafts were retained in proper locations as set forth in acquisition and payment regulations, supporting documentation contained all required paid draft elements, and the drafts were printed with a computer printer and not handwritten. Another test consisted of comparing the amount and vendor name on the draft to the amount and vendor name on the support documents.

Voided drafts were reviewed to make sure that the word "VOID" was stamped or written over the signature line on the face of the voided draft and that the voided draft information was properly recorded in the numeric log. Audit testing also looked for retention of copies of the drafts. Further, a sample of third-party drafts paid to disbursing officers was reviewed to verify that disbursing officers were not signing draft payments payable to themselves.

In reviewing transactions paid through electronic fund transfers, in addition to other previously mentioned tests, we checked that separation of duties occurred by comparing the submitter's User ID to the subcertifier's User ID. Electronic fund transfer transactions were reviewed to see if delegated payment limits were exceeded.

For monthly purchase card statements, audit testing included a review for signatures and dates of review by the cardholder and the approving official. Additional testing included a review for notations made by the cardholder regarding credits or items to be credited. When we observed notations on the monthly statements, we followed up to ensure credits were taken and received.

For the transactions involving accountable property, purchased property was traced to the ARGIS property management system controlled by JMD and physically verified that those items were in the USAOs. A sample not to exceed 20 items purchased in FY 2002 for each USAO site tested were selected from the ARGIS records tested and located as well.

While at each audit site, audit testing included a review of the latest EARS report and the associated district office's response to look for vendor payment issues and deficiencies that were not corrected.