DoD OIG Newsletter October 2018



The DoD OIG newsletter summarizes the reports and investigations released by the Department of Defense Office of Inspector General in the previous month and those we anticipate releasing in the coming month. I encourage you to read these reports and to access our website, which lists reports and investigations by year, subject, and DoD component. You'll also find our project announcements and additional news releases highlighting investigations conducted by the Defense Criminal Investigative Service. Thank you for subscribing to our newsletter.



Significant reports expected to be issued within the next 30 days include:

Audit of DoD Incident Response Capability for Mission-Critical Control Systems
This audit determines whether the DoD has an effective program to detect, report, and respond to security incidents on mission-critical control systems.  Mission-critical control systems are computer resources, both hardware and software, that are physically part of, dedicated to, or essential to the mission performance of systems providing essential infrastructure services such as electricity, building automation, or fuel distribution.  This report will be classified.

Investigation into the United States Air Forces Failure to Submit Devin Patrick Kelley’s Criminal History Information to the Federal Bureau of Investigation
This investigation determines why the United States Air Force failed to submit Mr. Devin Patrick Kelley’s criminal history information to the FBI for inclusion in its databases.  On November 5, 2017, Kelley shot and killed 26 people and injured 22 others at the First Baptist Church in Sutherland Springs, Texas.  Kelley was able to purchase a firearm even though he had a disqualifying conviction while in the Air Force.

External Peer Review on the Air Force Audit Agency
This review determines whether the Air Force Audit Agency’s system of quality control for audits in effect for the year ended December 31, 2016, provided reasonable assurance of conforming to Government auditing standards.  The Air Force Audit Agency is responsible for establishing and maintaining a system of quality control designed to provide it with reasonable assurance that its audit organization complies with professional standards, and applicable legal and regulatory requirements in all material respects.

Evaluation of Contracting Officer Actions on Contractor Pricing Proposals Deemed Inadequate by the Defense Contract Audit Agency
This evaluation determines whether contracting officer actions during contract negotiations complied with acquisition regulations when contractor proposals were deemed inadequate by the Defense Contract Audit Agency.


Recently issued Reports of Interest (to view report, if available, please click on title)

Audit of Military Sealift Command’s Maintenance of Prepositioning Ships
This audit determined that Military Sealift Command (MSC) did not maintain complete and accurate preventative maintenance plans for prepositioned ships, which identify the contractors’ maintenance responsibilities.  In addition, MSC did not verify that contractor personnel completed the contract requirements, such as changing the air compressor oil, related to the preventative maintenance of the Government-Owned, Contractor-Operated prepositioning fleet.  As a result, MSC is unable to assess the condition and readiness of the government-owned, contractor-operated ships, which has impeded the combatant commander’s ability to carry out planned operations. 

DoD Information Technology System Repositories 
This audit determined that DoD components did not report accurate or complete information technology system data in the Secret Information Technology Registry (SITR) for 31 of the 32 information technology systems reviewed.  The SITR is a classified inventory of DoD’s mission‐critical and mission‐essential information technology systems.  As a result, the DoD cannot rely on SITR data for decision making as intended, which can affect annual updates of the Business Enterprise Architecture and can also affect resource decisions. In addition, the DoD also may not be able to support its statutory compliance reporting designed to improve critical cybersecurity infrastructure.

Management of Army and Marine Corps Prepositioned Stocks in U.S. European Command
This audit determined that Army and Marine Corps officials did not effectively manage the storage and maintenance of prepositioned stocks in the U.S. Command area of responsibility.  Prepositioned stock is war-reserve material and equipment, such as combat vehicles, spare parts, munitions, and medical supplies, that is strategically located to facilitate a timely response in support of Combatant Commander requirements during the initial phases of an operation.  This audit determined that Army and Marine Corps officials did not ensure proper storage facility humidity levels, weapons maintenance, and vehicle maintenance.  As a result, the DoD does not have assurance that the Army and Marine Corps properly stored and maintained at least $203.7 million worth of prepositioned stock at Army Prepositioned Stock and Marine Corps Prepositioning Program – Norway sites in the U.S. European Command area of responsibility. Vehicles and weapons that are not properly stored and maintained are less likely to be ready for issuance when needed.  Without adequately managed prepositioned equipment, the Army and the Marine Corps may not be able to fully support a request for to provide immediate crisis response when the need arises in Europe or Africa.  

Armed Forces Retirement Home Support Functions 
This evaluation found that some Armed Forces Retirement Home (AFRH) support functions, such as the Resident Services program, the Admissions and Eligibility program, and the Estate Matters program, operated in accordance with applicable statutes and AFRH Agency Directives.  However, the evaluation also found that some other AFRH support functions, such as the Facilities Management program, the Human Resources program, and the Information Security program, did not meet all applicable Federal standards, Federal guidance, or AFRH policies such as complying with the Office of Personnel Management  80 day end-to-end hiring process, National Institute of Standards and Technology security requirements, and frequency of physical security facility assessments.  The identified deficiencies pose an increased risk to the health, safety, and security of AFRH residents and their overall quality of life. The AFRH is a continuing-care retirement community that provides five levels of care to meet the changing needs of former service members of the Armed Forces as they age.

U.S. and Coalition Efforts to Train, Advise, Assist, and Equip an Iraqi Police Hold Force in Support of Stability Operations 
This evaluation determined that while U.S. and Coalition efforts supported development of Iraqi Police Hold Force units, the DoD OIG was unable to determine the extent and sustainability of that development because the training and deployment of Iraqi Police Hold Force units was still underway.  In addition, the evaluation determined that there were no U.S. or Coalition advisors assigned at the unit level to observe training effectiveness.  Iraqi Police Hold Force units are primarily used by the Government of Iraq to secure liberated areas and prevent ISIS from reestablishing an effective presence in those areas.  The Hold Force units conduct clearing and checkpoint operations and provide local security.  

Followup on DoD OIG Report No. DODIG-2013-099 “Compliance with Electrical and Fire Protection Standards of U.S. Controlled and Occupied Facilities in Afghanistan,” July 18, 2013, at Kandahar Airfield
This followup evaluation was conducted to determine whether U.S. Forces–Afghanistan (USFOR–A) implemented corrective action at Kandahar Airfield (KAF) in response to recommendations made in the subject 2013 report.  The evaluation determined that U.S. Forces – Afghanistan (USFOR-A) provided qualified personnel for the oversight and inspection of electrical systems and that USFOR-A developed a process to perform regular inspection and maintenance of electrical systems.  It also determined that USFOR-A corrected 65 of the 66 deficiencies (99 percent) that were identified by the DoD OIG in the 2013 report.  However, USFOR-A did not provide a Qualified Fire Protection Engineer to perform oversight of fire protection systems, ensure inspection and maintenance of all fire protection systems, and develop a fire protection plan for Kandahar Airfield.  In addition, USFOR-A did not correct 84 of 170 fire protection deficiencies (49 percent) that were identified by the DoD OIG in the 2013 report.  As a result, there is an increased risk of loss of life and property due to fire, shock, or electrocution from a fire protection system deficiency.

System Review Report of the Air Force Audit Agency’s Special Access Program Audits
The DoD OIG conducted an external peer system review of the system of quality control for the Air Force Audit Agency (AFAA) Special Access Program (SAP) audits in effect for the period ended December 31, 2016, and one report issued in May 2017.  The SAP is a program established for a specific class of classified information that imposes special safeguarding and access requirements.  The AFAA received a rating of pass with deficiencies for its SAP audits.  These deficiencies include a lack of professional judgment, supervision, audit documentation, and reporting. The forthcoming DoD OIG peer review report (see upcoming reports) on the overall opinion of the AFAA will contain a pass opinion.  The pass with deficiencies for the AFAA’s SAP audits did not change the overall AFAA rating of pass because the number of SAP audits conducted by the AFAA were not material when compared to the number of non-SAP audits conducted by the AFAA.


DEFENSE CRIMINAL INVESTIGATIVE SERVICE HIGHLIGHTS (to view DOJ press release, if available, please click on title)

Owner of Defense Firm Charged with Conspiracy to Defraud Department of Defense of $7 Million, Violate Arms Export Control Act
On September 5, 2018, a Federal grand jury indicted Ferdi Murat Gul, a Turkish national, (a.k.a. Fred Gul) on conspiracy to commit wire fraud, wire fraud, and conspiracy to violate and the violation of the Arms Export Control Act.  According to the indictment, Gul was the principal owner and operator of the Bright Machinery Manufacturing Group.  The company acquired 346 contracts from the DoD to domestically manufacture military parts, including torpedo and aircraft parts as well as firearms and mine clearance systems.  Over the course of approximately five years, Gul exported technical data to secretly manufacture military parts in Turkey that the company fraudulently claimed were manufactured in the United States.  DoD tests revealed that some parts had numerous design flaws or were otherwise unusable.  Gul is currently at large, and is believed to be in Turkey.  This was a joint investigation with the Defense Criminal Investigative Service (DCIS) and Homeland Security Investigations.

South Florida Pharmacist Convicted of Health Care Fraud for Role in $5 Million Compounding Pharmacy Scheme
On September 7, 2018, a Federal jury found Stephen Chalker guilty for his role in a $5 million compounding pharmacy and telemedicine scheme.  From approximately September 2014 to August 2016, Chalker submitted fraudulent claims to Medicare, Medicaid, and TRICARE for compounded drugs and other prescription medications that were not medically necessary or never provided.  Chalker and his co-conspirators ran a nationwide telemarketing and telemedicine scheme in which there was not a real patient-prescriber relationship or actual patient care provided. This was a joint investigation with DCIS, the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services Office of Inspector General (HHS-OIG).

Pain Management Physician Sentenced to 8 Years in Federal Prison for Central Role in Million Dollar Kickback Scheme and Fraudulent Billing Scheme
On September 11, 2018, a U.S. district judge sentenced Atif Babar Malik, a pain management physician, to eight years in prison and three years of supervised release for health care fraud and tax evasion.  The health care fraud charges were related to a $1.46 million kickback and fraudulent billing scheme.  Malik and a co-defendant, Sandeep Sherlekar, operated a pain management practice called Advanced Pain Management Services, LLC, doing business as American Spine Center, LLC (APMS/ASC).  APMS/ASC physicians required patients who were prescribed controlled substances as pain relief medications to submit urine specimens.  In late 2011, APMS/ASC began referring patients’ urine toxicology specimens to Accu Reference (a company owned by another co-defendant) in exchange for kickbacks.  In addition to his conviction relating to the health care fraud scheme, Malik also pleaded guilty to tax evasion.  Malik admitted that he underreported his taxable income by approximately $3.37 million.  This was a joint investigation with DCIS, the FBI, HHS-OIG, Internal Revenue Service-Criminal Investigation (IRS-CI), and the U.S. Office of Personnel Management Office of the Inspector General.

Nicholas Rivecca, Sr., and Sonag Ready Mix, LLC to Pay $629,732 to Resolve False Claims Act Allegations Regarding Disadvantaged Business Enterprises
On September 12, 2018, the Department of Justice announced that Nicholas Rivecca, Sr. and his company, Sonag Ready Mix, have agreed to pay $629,732 to resolve alleged violations of the False Claims Act.  Rivecca and Sonag Ready Mix allegedly defrauded the U.S. Department of Transportation's Disadvantaged Business Enterprise (DBE) program.  According to the allegations, Rivecca and others obtained a fraudulent DBE certification for Nuvo Construction Company (Nuvo).  Sonag Ready Mix was not eligible to participate in the DBE program.  Nuvo's improper DBE status was then used to obtain ready-mix concrete contracts, but Sonag Ready Mix performed almost all of the work and received the contract’s profits.  Rivecca pleaded guilty to criminal charges related to the conspiracy to use Nuvo's DBE status to win Government contracts.  This was a joint investigation with DCIS, FBI, U.S. Department of Transportation Office of Inspector General, U.S. General Services Administration Office of Inspector General, Department of Veterans Affairs Office of Inspector General, U.S. Small Business Administration Office of Inspector General, Investigations Division, Defense Contract Audit Agency, and U.S. Army Criminal Investigations Command Major Procurement Fraud Unit.

Another Pharmacist Pleads Guilty Relating to Largest Health Care Fraud Case Ever in Mississippi
On September 13, 2018, Marco Bisa Hawkins Moran pleaded guilty to a Criminal Information outlining his role in a scheme to defraud TRICARE and other health care benefit programs.  In total, 12 conspirators have been charged, and 9 people have been convicted, for this scheme.  From approximately May 2014 through January 2016, Moran co-owned and operated Medworx Compounding (Medworx) and Custom Care Pharmacy (Custom Care).  Medworx and Custom Care submitted over $22 million in fraudulent claims to TRICARE and other health care benefit programs.  Moran and other co-conspirators mass-produced high-yield compounded medications on behalf of the pharmacies.  Rather than formulating compounded medications based on the individualized needs of patients, formulas were selected to maximize profit based upon reimbursements from TRICARE and other health care benefit programs.  Moran and his co-conspirators paid kickbacks and bribes to marketers and physicians to obtain prescriptions for compounded medications from prescribers for beneficiaries who were covered by the most lucrative health care benefit programs, irrespective of whether the compounded medications were medically necessary for the treatment of beneficiaries.  This is a joint investigation with DCIS, the FBI, and IRS-CI.

Former Marine Receives 33 Months for Embezzling Over $500,000 from the Marine Corps and Over $20,000 from Toys for Tots
On September 21, 2018, the Department of Justice announced that former U.S. Marine Corps Staff Sergeant Christopher Aragon was sentenced to 33 months imprisonment for conspiring to commit wire fraud.  Aragon was also ordered to pay $534,044 in restitution to the U.S. Marine Corps Forces Reserve and $20,044 in restitution to the Marine Toys for Tots Foundation.  According to court documents, Aragon conspired with co-defendants to achieve personal financial gain by making unauthorized, fraudulent charges to a government credit card and to a credit card linked to funds for Toys for Tots.  He also prepared false documents to support the reconciliation of the fraudulent charges on both credit cards.  This was a joint investigation with DCIS and the Naval Criminal Investigative Service.


ANNOUNCED PROJECTS (to view the announcement letters, if available, please click on the title)

Audit of U.S. Air Force Contract Augmentation Program IV Government Property  
The objective of this audit is to determine whether the U.S. Air Force accounted for the Air Force Contract Augmentation Program (AFCAP) IV government-furnished property in Southwest Asia, such as vehicles, body armor, and computers.  The U.S. Air Force designed the AFCAP IV Program
to provide U.S. personnel with base operating support, logistic support, and combat service support capabilities, such as infrastructure support, and lodging management during contingency operations.  AFCAP IV provides these services to U.S. personnel located at bases throughout Southwest Asia in support of both Operation Inherent Resolve and Operation Freedom's Sentinel.

Joint Audit of the DoD's Use of Cybersecurity Reciprocity Within the Risk Management Framework Process  
The objective of this audit is to determine whether DoD components are leveraging cybersecurity reciprocity to reduce redundant test and assessment efforts when authorizing information technology through the Risk Management Framework process.  Cybersecurity reciprocity is the agreement between departments and agencies to accept each other’s security assessments to reuse information system resources and to accept each other’s assessed security posture.  The Risk Management Framework is a common information security framework used across the Federal Government that supports transparency of security and risk management related information.

Audit of the Army Integrated Air and Missile Defense Program  
The objective of this audit is to determine whether the Army is developing an affordable Integrated Air and Missile Defense program that can meet all capability requirements, and whether these requirements remain valid and meet warfighter needs.  The Army Integrated Air and Missile Defense is a battle command system that will increase force protection by controlling a mix of air and missile defense sensors and weapons to detect, identify, monitor, deny, and defeat enemy forces.

Audit of the DoD FY 2018 Compliance With Improper Payments Information Act Requirements
The objective of this audit is to determine whether the DoD complied with the Improper Payments Information Act of 2002, as amended.  An “improper payment” is any payment that was made in an incorrect amount, made to an ineligible recipient, or made for goods or services that were not received.  The law requires each agency to annually review programs and identify those susceptible to significant improper payments, estimate and submit the annual amount of improper payments to Congress, and report on actions taken to reduce improper payments.

Department of Defense Regional Centers for Security Studies
The objective of this evaluation is to review the operations and practices of the DoD Regional Centers for Security Studies related to vetting and hiring of foreign faculty, nondisclosure agreements, travel, and payment of fees for guest lecturers.  The review will also evaluate the DoD's and Regional Center's implementation of actions recommended in prior oversight reports to develop measures of effectiveness.

Audit of the DoD Closing Package Financial Statements for Fiscal Years Ending September 30, 2018, and September 30, 2017
The objective of this audit is to determine whether the DoD Closing Package Financial Statements and accompanying notes, as of September 30, 2018, and September 30, 2017, present fairly, in all material respects, the DoD's financial position, net costs, and changes in net position, in conformity with generally accepted accounting principles in the United States.