Why We Did This Audit
Israel declared war on Hamas after the U.S.-designated terrorist organization invaded the country on October 7, 2023, killing more than 1,200 people and seizing 253 hostages. To respond to urgent humanitarian needs resulting from the war, USAID’s Bureau for Humanitarian Assistance (BHA) provided food and healthcare to help support displaced and conflict-affected populations in West Bank and Gaza. BHA also provided support through multipurpose cash assistance (MPCA)—cash distributions through one-time or monthly transfers that help with the average household’s basic needs, such as food, rent, and water during an emergency. In fiscal year 2024, USAID awarded about $36 million for MPCA activities to four nongovernmental organizations (NGOs) in West Bank and Gaza.
Although providing cash can be flexible and more cost effective than providing in-kind commodities, it is also susceptible to fraudulent activity such as misappropriation and theft. Having controls over cash assistance is important for mitigating risks of fraud in humanitarian aid programming, such as diversion to U.S.-designated terrorist organizations.
We conducted this audit to assess the extent to which BHA evaluated fraud risk for MPCA activities implemented by NGOs in West Bank and Gaza and monitored these activities.
What We Found
BHA did not identify key fraud risks for cash assistance in West Bank and Gaza. Specifically, the bureau did not develop a fraud risk assessment and profile or response risk profile for its humanitarian assistance in the complex emergency to identify key risks related to MPCA. These risks included cash liquidity challenges, vendor fees, price gouging, and diversion to unauthorized recipients and terrorist groups. BHA officials noted that when the West Bank and Gaza response began, priority was given to the urgency of providing life-saving assistance during the rapidly evolving conflict in Gaza over developing a response risk profile. BHA staff also said that they were not required to create a fraud risk assessment and profile because Agency or bureau policy did not mandate them to do so. This is contrary to the Government Accountability Office’s A Framework for Managing Fraud Risks in Federal Programs and requirements from BHA’s Management Council on Risk and Internal Controls. The bureau also did not have a permanent, dedicated risk management advisor assigned to support and conduct response risk profiles and had limited staff. Nonetheless, without a fraud risk assessment and profile and response risk profiles for West Bank and Gaza, BHA was unable to demonstrate how it identified or addressed key risks to providing cash assistance in Gaza—a high-risk area for diversion and misuse of U.S. foreign assistance.
BHA monitored cash assistance activities. BHA reviewed and relied on NGOs’ risk assessment and management plans before issuing awards to NGOs. Due to the nonpermissive environment, BHA did not monitor MPCA activities directly. Instead, it relied on multiple methods of monitoring, including a third-party monitor, biweekly and monthly reports, and post distribution monitoring reports from NGOs. According to BHA, these reports provided the bureau with insights into operational challenges to the flow of cash or supplies.
What We Recommend
To strengthen procedures for identifying and mitigating fraud risks, we suggest that decision makers implement a fraud risk management policy for humanitarian assistance responses in nonpermissive environments, including completing a fraud risk assessment and profile and a response risk profile before or soon after initiating the response.