Where Most Needed

The Washington Post and New York Times have reported on the decision by Debra S. Ritt to step down as inspector general of the Smithsonian Institution (EIN 53-0206027 Form 990) to take a position in the IG office at the Small Business Administration. 

(For comparison, the SBA has a roughly comparable operating budget of about a half billion, but the agency guarantees something like $14 billion in loans.)

Ms. Ritt notes that the museum continues to cut back the budget of the IG, and that the office reports to the head of the Smithsonian, depriving the OIG of the independence it would enjoy were it reporting directly to the trustees. 

The Inspector General position is more common in government agencies than nonprofit organizations and stems from the Smithsonian's peculiar character as a quasi-government institution chartered by Congress long before nonprofit (or for-profit) corporations became commonplace. 

This IG has been in the news of late for questioning the compensation and and accounting of Smithsonian Business Ventures, a for-profit subsidiary whose staff are not under civil service pay grades.  CEO of SBV Gary M. Beer is paid $525,000 and secretary of the Smithsonian Lawrence Small receives $813,000 (including a housing allowance).  These are not your typical civil servants.

The Smithsonian OIG maintains a web page that includes it audit reports plus a semi-annual report to Congress.  The most recent report (March 31, 2006) shows the wide range of activities that a large museum needs to monitor, but it also shows the fine line that an auditor much walk. 

To me, the report shows a little too much emphasis on attending conferences and having input into policy directives.  In addition, it tells us that the OIG's office had been put in charge of oversight of the organization's external audit (by accounting firm KPMG).  This puts the office in the difficult position of having to defend the organization's practices to outsiders while questioning them internally. 

The audit observations are familiar back office issues: 

• lack of control over bank charges, which added up to $340,000 in unmonitored expense
• laxity in information security measures, like failing to recertify security after major system changes and not tracking resolution of deficiencies that have been noted

Plus some interesting crime notes:

• someone submitted a false change of address form for one of the museums right before a major fundraising campaign, diverting mail with $107,000 in donations and membership fees,
• stolen and fraudlent use of government purchase cards (ordinary musuem would just have to worry about credit card abuse), and
• a mailroom employee stole checks.

A less familiar but nonetheless important audit observation involved the issuance of pseudo-Social Security numbers to local employees in Panama, which was done to meet the requirements of a former in-house payroll system, since replaced.  These numbers were then used to open up accounts with the Agriculture Federal Credit Union (and possibly other US bank accounts).  This was all done without fraudulent intent, just to get the payroll system to work, but it nevertheless could spell trouble, particularly if the numbers are ever assigned by Social Security to real US citizens. 

The Smithsonian OIG had an ambitious agenda that was more than could be carried out in areas of protection of the collection and employee and contractor screening and access controls. 

What can be done?  The Smithsonian is a large museum, but a very small part of the government. 

• One possible solution would be to shift the OIG to another agency (say, the Department of Education), in effect becoming an external oversight office; in the absence of that:
• IT security needs its own oversight function, which is more likely to be implemented now with recent revelations of serious data loss in other areas of the government.
• Collection security, screening and access also need their own oversight mechanism.
• A more trimmed down internal audit function needs to be established, solely with oversight over fiscal and internal controls.
• The trustees themselves, with the assistance of media and Congress, need to step in on the issue of executive compensation; no internal office can hope to address this issue.