FEDERAL COMMUNICATIONS COMM ISSION WASHINGTON OFF ICE OF THE CHAI RMAN January 15, 2021 The Honorable Maria Cantwell Ranking Member Committee on Commerce, Science, and Transportation United States Senate 425 Hart Senate Office Building Washington, DC 20510 Dear Ranking Member Cantwell: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universaJ service support mechanism (commonly known as the "E-Rate" program). The Report addresses (1) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face chaHenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer ofUSAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework \vhen designing and implementing data-analytics activities to prevent and detect fraud as part of their respective anti fraud strategies for the E-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the FCC's ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity of E-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services to provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable Maria Cantwell rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COMM UNICATIONS COMMISSION WAS HINGTON O FFI CE O F T HE CHA I R M A N January 15, 2021 The Honorable James R. Comer Ranking Member Committee on Oversight and Government Refonn U.S. House of Representatives 2471 Rayburn House Office Building Washington, DC 20515 Dear Ranking Member Comer: On September 16, 2020, the Government Accountability Office (GAO) released a .report entitled FCC Should Take Action to Better Manage Persislelll Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's {FCC} schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (l) the E-Rate program's key fraud risks; (2) the e>..1:ent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with Jeading practices; and (3) the e.~ent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining tire suitability ofexisting fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part oftheir respective antifraud strategies for the E-Rate program. Finally~ GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in alt relevant E-Rate program computer systems to hdp improve the FCC~s ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity of E-Rate program funds as we work to dose the dlgital divide and bring digital opportunity to all AmeriC3Ils, including our nation~ s schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to foHiU its statutory rnission to enhance the availability of affordable telecommunications and Internet access services to pm\ide connectivity to schools and libraries and \:onnections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate progran1 fund~ requiring them to be committed for eligible senices and equipment provided to eligible entities, for eligible purposes, and in accordance " vith program Page 2  The Honorable James R. Comer rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COMMUNICATIONS COMMISSION WASHINGTON OFFICE OF THE CHAIRMAN January 15, 2021 The Honorable Chris Coons Ranking Member Committee on Appropriations Subcommittee on Financial Services and General Government United States Senate 125 Hart Senate Office Building Washington, DC 20510 Dear Ranking Member Coons: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action Lo Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries unjversal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (I) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the £ -Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the FCC's ability to understand and use data to manage fraud risks. J share your concern in protecting the integrity ofE-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services t.o provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect £ -Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable Chris Coons rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 F EDERAL COMMUNICATIONS COMMISSION WASHINGTON OFFICE OF T HE CHAIRMAN January 15, 2021 The Honorable Ron Johnson Chairman Committee on Homeland Security and GovernmentaJ Affairs United States Senate 340 Dirksen Senate Office Building Washington, DC 20510 Dear Chairman Johnson: On September 16, 2020, the Government Accountability Office (GAO) released areport entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses ( l) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the E-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the Fee· s ability to understand and use data to manage fraud risks. l share your concern in protecting the integrity of E-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services to provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable Ron Johnson rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COM M UNICATIONS COMMISSION WAS H INGTON OFFICE OF THE CHAIRMAN January 15, 2021 The Honorable John N. Kennedy Chairman Committee on Appropriations Subcommittee on Financial Services and General Government United States Senate S-128 The Capital Building Washington, DC 20510 Dear Chairman Kennedy: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (1) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face chaJlenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the E-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the FCC's ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity ofE-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services to provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable John N. Kennedy rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COMMUNICAT IONS COMMISSION WASHINGTON OFFICE OF January 15, 2021 THE CHAIRMAN The Honorable Carolyn B. Maloney Chairwoman Committee on Oversight and Government Reform U.S. House of Representatives 2157 Rayburn House Office Building Washington, DC 20515 Dear Chairwoman Maloney: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (l) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the E -Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the E-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant £ -Rate program computer systems to help improve the FCC' s ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity of £-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and lntemet access services to provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to prote.ct E-Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable Carolyn B. Maloney rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COMMUN ICATIONS COMMISSION WASH INGTON OFFICE OF THE C H AIRMAN January 15, 2021 The Honorable Frank Pallone Chairman Committee on Energy and Commerce U.S. House of Representatives 2125 Rayburn House Office Building Washington, DC 20515 Dear Chairman Pallone: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (I) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face challenges in effectively employing data anaJytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls~ and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the E-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the FCC's ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity of E-Rate program funds as we work to close the digitaJ divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services to provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable Frank Pallone rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COMMUNICATIONS COMMISSIO N W A SHINGTON OFFICE OF THE CHAIRMAN January 15, 202 l The Honorable Gary Peters Ranking Member Committee on Homeland Security and Governmental Affairs United States Senate 442 Hart Senate Office Building Washington, DC 20510 Dear Ranking Member Peters: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the &hools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (l) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practic.es; and (3) the extent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an anti fraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the £ -Rate program. Fina1ly, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the FCC' s ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity ofE-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services to provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requiring them to be committe.d for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable Gary Peters rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COMMUNICATIONS COMMISSION WASHINGTON OFFICE OF THE CHAIRMAN January 15, 2021 The Honorable Mike Quigley Chairman Committee on Appropriations Subcommittee on Financial Services and General Government u_s_ House of Representatives 2000 Rayburn House Office Building (G Floor) Washington, DC 20515 Dear Chairman Quigley: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (1) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the e>.1:ent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the £ -Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the £ -Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GA O's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the E-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the FCC' s ability to understand and use data to manage fraud risks. l share your concern in protecting the integrity ofE-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chainnan, the FCC has taken additional steps t.o fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services to provide ~-:onnectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable Mike Quigley rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COMMUNICAT IONS COMMISSION WASH INGTON OFFICE OF January 15, 2021 THE CHAIRMAN The Honorable Cathy McMorris Rodgers Ranking Member Committee on Energy and Commerce U.S. House of Representatives 2322A Rayburn House Office Building Washington, DC 20515 Dear Ranking Member Rodgers: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (1) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer ofUSAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the E-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the FCC~s ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity of E-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet ac.cess services to provide connectivity to schools and libraries and conneetions for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2 - The Honorable Cathy McMorris Rodgers rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbwsed and used for appropriate purposes. Jn their August 28, 2020 response to the draft report, the FCC's Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission bas taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC's agreement with the GAO's recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program's internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC's implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program_ Finally, per GAO's recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO's Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. v. cc: The Honorable Michael Enzi 2 FEDERAL COMMUNICATIONS COMMISSION WASHINGTON OFFICE OF THE CHAIRMAN January 15, 2021 The Honorable Roger Wicker Chairman Committee on Commerce, Science, and Transportation United States Senate 512 Dirksen Senate Office Buildjng W ashjngton, DC 20510 Dear Chairman Wicker: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Action to Better Manage Persistent Fraud Risks in the Schools and Libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (I) the E-Rate program' s key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer of USAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective anti fraud strategies for the £-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully document the data fields in all relevant E-Rate program computer systems to help improve the FCC's ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity of E-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services to provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requiring them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2  The Honorable Roger Wicker rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC s agreement with the GAO s recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program s internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC s implementation of its framework to use data analytics to combat future fraud-risks in the E-Rate program. Finally, per GAO s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO s Fraud Risk Framework for the E-Rate program. As part of this effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further if you have any questions. cc: The Honorable Michael Enzi 2 FEDERAL COMMUNICATIONS COMMISSION WASH I NGTON OFFICE OF January 15, 2021 THE CHAIRMAN The Honorable Steve Womack Ranking Member Committee on Appropriations Subcommittee on Financial Services and General Government U.S. House of Representatives 1016 Longworth Office Building Wasbingto~ DC 20515 Dear Ranking Member Womack: On September 16, 2020, the Government Accountability Office (GAO) released a report entitled FCC Should Take Aclion to Beller Manage Persistent Fraud Risks in the Schools and libraries Program (Report). GAO was asked to review fraud risk management in the Federal Communications Commission's (FCC) schools and libraries universal service support mechanism (commonly known as the "E-Rate" program). The Report addresses (1) the E-Rate program's key fraud risks; (2) the extent to which the FCC and the Universal Service Administrative Company (USAC) are managing fraud risks in accordance with leading practices; and (3) the extent to which the FCC and USAC face challenges in effectively employing data analytics to support fraud risk management activities. The Report makes three recommendations focused on managing fraud risks and designing an antifraud strategy for addressing fraud risks in the E-Rate program. Specifically, GAO recommends that the FCC Chairman direct and coordinate with the Chief Executive Officer ofUSAC to comprehensively assess fraud risks to the E-Rate program, including implementing respective plans for developing periodic fraud risk assessments; examining the suitability of existing fraud controls; and compiling fraud risk profiles. GAO also recommends that the FCC Chairman ensure that the FCC and USAC follow the leading practices in GAO's Fraud Risk Framework when designing and implementing data-analytics activities to prevent and detect fraud as part of their respective antifraud strategies for the E-Rate program. Finally, GAO recommends that the FCC Chairman direct USAC to clearly define and fully docwnent the data fields in aU relevant E-Rate program computer systems to help improve the FCC's ability to understand and use data to manage fraud risks. I share your concern in protecting the integrity of E-Rate program funds as we work to close the digital divide and bring digital opportunity to all Americans, including our nation's schools and libraries. During my tenure as FCC Chairman, the FCC has taken additional steps to fulfill its statutory mission to enhance the availability of affordable telecommunications and Internet access services to provide connectivity to schools and libraries and connections for students and library patrons. At the same time, the FCC has been steadfast in its commitment to protect E-Rate program funds, requi...-ffig them to be committed for eligible services and equipment provided to eligible entities, for eligible purposes, and in accordance with program Page 2 - The Honorable Womack rules. We will continue our efforts to protect E-Rate program funds against waste, fraud, and abuse and ensure they are properly disbursed and used for appropriate purposes. In their August 28, 2020 response to the draft report, the FCC' s Managing Director and Chief of the FCC's Wireline Competition Bureau noted that the Commission has taken a variety of administrative and programmatic actions to reduce the risk of fraud in the E-Rate program. The response also indicated the FCC's agreement with the GAO's recommendations and intent to implement them. As detailed in that response, the FCC has implemented a comprehensive fraud risk management strategy, which includes an annual risk assessment of the E-Rate and other universal service programs, and performs other long-standing oversight processes concerning the E-Rate program's internal controls, program management, and audit processes and procedures. The response also reported that the FCC and USAC have been working collaboratively to incorporate the use of data-analytics activities in our fraud risk management plans. The FCC already uses data analytics in the context of investigations and enforcement and is exploring more advanced uses of its data analytics platform to enable predictive analytics and other features to help prevent future instances of fraud. Additionally, we have been coordinating with USAC on USAC's implementation of its framework to use data analytics to combat future fraud--risks in the E-Rate program. Finally, per GAO' s recommendation, USAC has notified the FCC that it has begun to update its data dictionaries across all data fields in the E-Rate program. The FCC also looks forward to building on its current fraud risk management efforts by working with USAC to implement GAO's Fraud Risk Framework for the E-Rate program. As part ofthis effort, USAC will conduct a fraud risk assessment of the E-Rate program once the ongoing risk assessment of the High Cost program has been completed. The Commission is collaborating with USAC to ensure that these efforts result in an overall fraud risk strategy that can be applied to all of the Universal Service Fund programs. I appreciate the opportunity to comment on the Report and would be happy to discuss further ifyou have any questions. v. cc: The Honorable Michael Enzi 2