What GAO Found The Consolidated Appropriations Act, 2022, contains a provision, codified at 18 U.S.C. § 2243(c), making it unlawful for someone, while acting in their capacity as a federal law enforcement officer, to knowingly engage in a sexual act with an individual who is under arrest, under supervision, in detention, or in federal custody. According to a 2022 Department of Justice (DOJ) report, consent is not a defense to a violation of 18 U.S.C. § 2243(c) and therefore federal law enforcement officers are automatically liable if they engage in the prohibited conduct. Generally, DOJ's Civil Rights Division and the 94 U.S. Attorneys' Offices throughout the country prosecute sexual offenses committed by federal law enforcement officers. According to DOJ data, there were no cases filed and no violations (criminal convictions) pursuant to 18 U.S.C. § 2243(c) in fiscal year 2025. Similarly, as GAO reported in its prior two reports on this topic, there were also no cases filed and no violations in fiscal year 2023 and 2024. As GAO noted in its prior reports, there are several factors that could explain why there have been no cases filed and no violations as of September 30, 2025. First, according to the 2022 DOJ report noted above, federal law enforcement officers committing criminal sexual acts against individuals under arrest, under supervision, in detention, or in federal custody may be prosecuted under other criminal statutes. Prosecutors must assess whether certain statutes apply to a case, based on the facts and circumstances of the case and the relevant case law in their jurisdiction. Second, individuals cannot be charged for prohibited conduct that occurred prior to the provision's effective date of October 1, 2022, and it can take several years from the time of an alleged incident to the filing of a criminal case to a disposition of the criminal case. Finally, according to an official from DOJ's Office on Violence Against Women, many victims do not report sexual abuse immediately due to a variety of factors, including fear of retaliation. The official also noted that there is a high rate of underreporting of sex offenses in general, particularly when it involves victims in custody or detention, where victims are reluctant to report "the police to the police." Why GAO Did This Study The Consolidated Appropriations Act, 2022, includes a provision for GAO to report on violations of 18 U.S.C. § 2243(c) committed between October 1, 2022, and September 30, 2023, and then to report annually thereafter. GAO issued two reports addressing this topic, the first covering fiscal year 2023 in October 2023, and the second covering fiscal year 2024 in October 2024. This report provides information on the number of cases filed by DOJ and the number of violations of 18 U.S.C. § 2243(c) during fiscal year 2025. To address this objective, GAO requested and received data from DOJ on charges and convictions pursuant to 18 U.S.C. § 2243(c), and interviewed officials from EOUSA. GAO also interviewed DOJ officials to understand how they report cases filed and violations in their data system and assessed the reliability of that data. For more information, contact Gretta Goodwin at goodwing@gao.gov.

What GAO Found The Federal Home Loan Bank (FHLBank) System consists of 11 federally chartered FHLBanks that support liquidity by making loans to member financial institutions (including banks) in the U.S. As of June 2025, 93 percent of banks (approximately 4,100) were members of an FHLBank, allowing them to obtain liquidity via secured loans. GAO’s analysis found that the FHLBanks generally serve as a reliable and consistent source of funding for banks of all sizes throughout the financial cycle. They can also play a key role in the health of small banks (those with $10 billion or less in assets). This has been the case despite concerns raised in some academic and other literature that FHLBank lending could exacerbate periods of financial stress—for example, by masking problems at troubled member banks or increasing resolution costs when a member bank fails. Banks’ FHLBank borrowing trends. From 2015 through June 2025, most U.S. banks were FHLBank members and obtained secured loans at least once. Banks’ total outstanding borrowing (as of quarter-end) ranged from $189 billion to $804 billion during this period. Although most active FHLBank members maintained relatively consistent FHLBank borrowing, a small number of large banks (with more than $10 billion in assets) drove substantial increases in aggregate borrowing at the onset of the COVID-19 pandemic in 2020 and during the March 2023 liquidity crisis. For example, large banks were responsible for 97 percent of the increased borrowing in the first quarter of 2023. However, median FHLBank borrowing as a share of median total assets generally stayed within a consistent range from 2015 through June 2025, including for large banks. This suggests that their overall reliance on FHLBank loans during stress periods was largely unchanged. Total Outstanding Federal Home Loan Bank Borrowing, Jan. 2015–June 2025 Outcomes associated with FHLBank borrowing. GAO’s econometric models, which controlled for bank health, macroeconomic factors, and economic cycles, found that higher FHLBank borrowing by a bank was generally associated with positive outcomes for the bank. From 2015 through 2024, higher FHLBank borrowing was associated with (1) increases in real estate lending and (2) lower likelihood of being flagged as a problem bank or of failing or closing voluntarily. These results were largely driven by small banks, which make up 97 percent of banks in GAO’s analysis. Policymaker considerations for potential changes to FHLBank lending. GAO reviewed suggestions for reform from academic, industry, and government sources, such as involving federal banking regulators in lending decisions and changing how FHLBank loans are priced. In discussion groups, interviews, and written comments, stakeholders noted that while these changes could help address certain concerns, each carried potential unintended consequences for markets, member banks (especially smaller ones), and consumers. GAO found that in some cases, the suggested changes would duplicate existing authorities or practices. The FHLBanks, Federal Housing Finance Agency (which oversees FHLBanks), and the federal banking regulators have mechanisms to communicate during periods of financial stress. The bank failures and related liquidity stress of March 2023 highlighted challenges to timely coordination between the FHLBanks and the Federal Reserve Banks. Since then, they have taken steps to improve their coordination. These include conducting joint tabletop exercises and ongoing discussions to help shared members reallocate collateral during emergencies. In January 2025, the FHLBank System and the Federal Reserve System also established a joint working group to improve routine interoperability between the two systems. These efforts are ongoing and, in some cases, are in early stages, with expected completion in late 2025 or 2026. Continued commitment to these coordination efforts will be important to ensure readiness for future financial stress, when member banks may need to reallocate collateral to access additional liquidity. Why GAO Did This Study The FHLBank System supports liquidity by making billions of dollars in loans to member banks. Federal banking regulators oversee individual banks’ safety and soundness and promote financial stability. The 12 district Federal Reserve Banks also lend to banks and may act as a lender of last resort. Substantial FHLBank lending to three large banks that failed in 2023 renewed questions about FHLBanks’ lending role and communication with banking regulators and Federal Reserve Banks during times of stress. GAO was asked to review the role of FHLBanks during financial crises. This report examines (1) banks’ FHLBank borrowing trends from 2015 through June 2025; (2) associations between FHLBank borrowing and outcomes; (3) policy considerations for potential changes to FHLBank lending; and (4) communication among FHLBanks and relevant federal agencies during periods of financial stress. GAO reviewed literature from 2007 through mid-2024; analyzed bank financial reports, FHLBank membership data, and economic indicators; and examined documentation from the FHLBanks, banking regulators, and the Federal Housing Finance Agency. GAO also held seven discussion groups with a total of 30 academics, researchers, and industry group representatives (selected for their relevant knowledge and diverse views) and interviewed representatives of FHLBanks, federal regulators, and a nongeneralizable sample of 10 member banks (selected to reflect varying asset sizes) that borrowed from FHLBanks during recent periods of financial stress. For more information, contact Jill Naamane at naamanej@gao.gov.

What GAO Found The Department of State and U.S. Agency for International Development (USAID) have funded and implemented projects to combat forced labor and sex trafficking, including some projects in countries affected by armed conflict. From fiscal year 2020 through fiscal year 2024, State and USAID obligated about $437 million for anti-trafficking projects. This included funding for projects in conflict-affected countries such as Ukraine, Moldova, Romania, and Ethiopia. However, a January 2025 executive order paused U.S. foreign development assistance. In April 2025, State began a reorganization, and in July 2025, the Secretary of State announced that USAID had ceased providing foreign assistance. As a result, during the first two quarters of fiscal year 2025, State had no new obligations and de-obligated $1.4 million and USAID obligated $1 million and de-obligated about $1.1 million from anti-trafficking projects. As of September 2025, some of State’s anti-trafficking programming remained. Agency officials said that, going forward, State planned to focus on producing its required annual Trafficking in Persons Report—a report describing the anti-trafficking efforts of the United States and foreign governments. Officials from agencies and implementing partner organizations identified challenges affecting anti-trafficking project implementation in conflict-affected countries. They also identified opportunties to strengthen project implementation in any future efforts. Stakeholders Identified Challenges and Opportunities to Strengthen Implementation of Anti-Trafficking Projects in Conflict-Affected Countries Challenges to Implementation Opportunities to Strengthen Implementation · Prioritization of humanitarian aid over anti-trafficking efforts · Increased vulnerabilities to trafficking in conflict-affected countries · Changing trafficking patterns in conflict-affected countries · Impaired prevention and awareness among vulnerable populations · Interrupted access to conduct protection activities · Limited program management flexibility to adapt to changing circumstances in conflict · Difficulties in coordinating and partnering with local and international stakeholders · Limited local partner capacity to conduct anti-trafficking efforts · Corruption and evidence requirements for prosecuting trafficking cases · Continue U.S. policy emphasis on anti-trafficking efforts · Build local partner capacity through training, technology, and best practices · Allow implementing partners greater flexibility to adapt when conflict interrupts planned anti-trafficking activities · Facilitate coordination among international and local anti-trafficking partners · Provide additional funding for anti-trafficking programming Source: GAO analysis of discussion group responses. | GAO-26-107406 Note: We held eight discussion groups with a total of 47 stakeholders from December 2024 to March 2025. Stakeholders included U.S. agency officials managing anti-trafficking projects and representatives of organizations implementing projects in Ukraine, Romania, Moldova, and Ethiopia. Why GAO Did This Study Human trafficking is a global threat that armed conflict exacerbates. Russia’s invasion of Ukraine in 2022 prompted widespread concern about trafficking in Ukraine and other conflict-affected countries. This report is one of several engagements GAO initiated in response to a provision in the Consolidated Appropriations Act, 2023. This report describes State and USAID funding for anti-trafficking projects globally and in four conflict-affected countries—Ukraine, Moldova, Romania, and Ethiopia. Among other objectives, this report also describes challenges and opportunities to strengthen implementation of anti-trafficking projects in conflict-affected countries. GAO analyzed agency documentation and funding data and interviewed and analyzed discussion responses from 47 agency officials and representatives from implementing partner organizations from eight discussion groups held from December 2024 to March 2025. For more information, contact Chelsa Kenney at kenneyc@gao.gov.

What GAO Found According to key metrics, air service at airports of all sizes dropped sharply in 2020 with the onset of the COVID-19 pandemic. While larger airports have rebounded to some extent, the recovery has lagged for smaller airports, including nonhub airports (i.e., airports that have less than 0.05 percent of annual U.S. commercial enplanements but have more than 10,000 annual enplanements). For example, the average number of daily departures per route for nonhub airports was 19 percent lower in 2024 than in 2018. Average Daily Departures per Route for Nonhub Airports Before (2018), During (2020), and After (2024) the COVID-19 Pandemic (Calendar Years) Note: Nonhub airports have less than 0.05 percent of annual U.S. commercial enplanements but have more than 10,000 annual enplanements. The Department of Transportation (DOT) administers two federal programs that support air service to small communities. The Essential Air Service (EAS) program provides subsidies to airlines serving eligible communities to help support air service. The Small Community Air Service Development Program (SCASDP) provides grants to eligible communities not receiving EAS-subsidized service that can be used to jumpstart new air service. However, GAO found the demand for SCASDP grants has continued to exceed the support SCASDP offers. GAO also previously reported that SCASDP grants did not fully fund the revenue guarantees that reduce airlines’ financial risk to initiate new air service. Further, while SCASDP grants provide funding for revenue guarantees for up to 3 years, airport representatives and other stakeholders GAO interviewed identified ongoing funding as needed for maintaining service. The FAA Reauthorization Act of 2024 gave DOT some additional flexibilities to amend existing grants to small communities if circumstances change, and to consider grant applications for the same project from the community in a shorter time frame. Certain nonhub airports that do not receive subsidized air service through EAS (non-EAS nonhub airports) have faced challenges securing and maintaining air service. For example, some of these airports reported an increased need to pay airlines for service, as airlines have shifted to using larger planes and scaled back service to some smaller communities to reduce their operating costs. Representatives of selected non-EAS nonhub airports told GAO they have leveraged various sources of funding to provide airlines revenue guarantees to help secure new air service. However, representatives of several selected airports stressed the difficulty of providing ongoing funding to maintain air service, particularly once any funding from SCASDP has been exhausted. Why GAO Did This Study Access to air service provides a vital connection to the national transportation system and can be an important driver of economic growth. However, smaller communities have experienced declining scheduled passenger air service for several decades. The smaller airports impacted by air service declines include certain nonhub airports that have not regained pre-pandemic service levels. The FAA Reauthorization Act of 2024 includes a provision in statute for GAO to study challenges that certain nonhub airports face. This report describes (1) changes in key metrics for air service at nonhub airports from 2018 through 2024; (2) the extent to which SCASDP can help non-EAS nonhub airports secure and maintain air service; and (3) challenges selected non-EAS nonhub airports have identified, and how these airports have addressed the challenges. GAO analyzed flight data reported to DOT for key metrics, including average daily departures per route, from calendar year 2018 through calendar year 2024. GAO interviewed DOT officials and reviewed relevant statutes and grant documentation, including grant applications and awards for SCASDP from fiscal year 2018 through fiscal year 2023 (the most recent award cycle). Finally, GAO selected seven non-EAS nonhub airports based on factors such as changes in air service. GAO interviewed representatives of these airports about challenges they have faced and their efforts to address those challenges, and GAO conducted site visits to four of the airports. GAO also interviewed state aviation officials in four states where selected airports are located as well as aviation stakeholders. For more information, contact Derrick Collins at CollinsD@gao.gov.

What GAO Found The Navy has suffered significant losses from 13 fires on ships undergoing maintenance since 2008. The Navy investigated these fires, including one on board the USS Bonhomme Richard in 2020. Based on actions taken since that fire, the Navy has improved fire safety and culture in the Navy and among contractors—contributing to no major fires since 2020. However, staffing shortages threaten progress and oversight. GAO found that key organizations responsible for fire safety oversight have personnel shortages. Such shortages limit the Navy’s oversight of fire safety standards and add a burden for sailors who are balancing other duties. Image of the July 2020 Major Fire Aboard the USS Bonhomme Richard Further, the Navy did not fully assess challenges with contractor oversight. In reviewing the Navy’s key oversight tools, GAO found that these tools do not effectively address contractor compliance with fire safety standards during ship maintenance periods: Corrective Action Requests. The Navy uses these requests to bring contractors into compliance with contract requirements. But this process does not incorporate monetary penalties to address persistent issues. As a result, the Navy issued many requests related to fire safety, including a severe warning prior to the USS Bonhomme Richard fire, but fire safety issues continued. Quality Assurance Surveillance Plans. These plans are a tool through which the Navy assesses monetary penalties. The Navy’s guidance and its quality assurance surveillance plans for the six ships GAO reviewed did not assess penalties for noncompliance with contractual safety standards. Progress Payment Retention Rates. The Navy generally pays contractors as maintenance work is completed, retaining some payment until the work is done. The Navy’s continued use of a reduced retention rate implemented in response to the COVID-19 pandemic reduces the effectiveness of this tool. Liability. The Navy has not adjusted its limitation on ship repair contractor liability for major losses since 2003. Inflation and the increased complexity and cost of ship maintenance mean that the limit is proportionally less than when established, placing increase financial risk on the government in the event of a loss, such as a major fire. Why GAO Did This Study Fire is a significant risk for Navy ships undergoing maintenance. A 2020 fire found to be caused by arson on board the USS Bonhomme Richard resulted in the ship’s decommissioning, decades earlier than planned. This report assesses (1) the extent to which Navy actions taken following the USS Bonhomme Richard fire addressed contractor compliance with fire safety standards, and (2) the Navy’s use of various contracting tools for ensuring contractor accountability and compliance with fire safety standards. GAO reviewed Navy actions based on lessons learned from the USS Bonhomme Richard fire. GAO also selected six nonnuclear surface ships undergoing major repair by four different contractors at four domestic maintenance centers, and analyzed Navy documentation of contractor compliance with fire safety standards. Additionally, GAO visited three regional maintenance centers and toured five ships.

What GAO Found Federal Aviation Administration (FAA) air traffic controllers help ensure the safety of U.S. air travel. However, lapses in appropriations in the 2010s, and the COVID-19 pandemic, resulted in reduced controller hiring and increased attrition. In response, FAA has increased hiring every year since 2021. Nevertheless, at the end of fiscal year 2025, FAA employed 13,164 controllers, about 6 percent fewer than in 2015. Between fiscal years 2015 and 2024, total flights using the air traffic control system increased by about 10 percent to 30.8 million. FAA uses a standardized process to hire controllers that begins with evaluating applicants’ performance on an aptitude test or their prior experience as an air traffic controller. Applicants must also meet medical and security standards and succeed at multiple types of training. However, FAA’s processes for hiring and training controllers result in substantial attrition (see fig.). This occurs due to a limited portion of the population having the required aptitude, and the length and complexity of the processes—which can take 2-6 years. Specifically, the medical clearance process can take some applicants 2 years to complete. In response to these challenges, FAA has taken steps to accelerate the process, including adding resources to the medical clearance process and streamlining application review. Attrition Across the FAA’s Processes for Hiring Air Traffic Controllers Without Prior Experience, Fiscal Years 2017-2022 GAO also found that FAA does not consistently assess its processes to recruit, hire, and train air traffic controllers. Specifically, FAA does not have performance goals for these processes and their resulting impact. Such goals help ensure accountability for achieving specific and measurable results. GAO also found that while FAA is taking steps to improve its collection of data on recruiting, hiring, and training, it does not consistently use these data to assess the results of its efforts and inform decision-making. Doing so could help FAA understand the performance of its processes, make the changes that would have the greatest effect on controller staffing, and keep otherwise qualified applicants on the track to becoming certified controllers. Why GAO Did This Study FAA, within the Department of Transportation, manages over 80,000 flights daily. FAA air traffic controllers perform this essential job that requires highly specialized skills and training. Over the last 10 years, FAA has faced staffing shortages at critical facilities. GAO was asked to review FAA’s processes for hiring air traffic controllers. This report (1) describes the size and composition of the air traffic control workforce and changes since fiscal year 2015; (2) describes the processes FAA uses to recruit, hire, and train new controllers; (3) examines the steps FAA has taken to address challenges associated with recruiting, hiring, and training controllers; and (4) evaluates how FAA has assessed its efforts to hire air traffic controllers. To address these objectives, GAO used FAA data to develop a dataset covering individuals from application through certification and used the data to analyze attrition in the controller hiring process. GAO also reviewed FAA documentation; visited the FAA training academy in Oklahoma City and air traffic control facilities near Chicago; Seattle; and Washington, D.C.; interviewed FAA officials and aviation industry stakeholders; and compared FAA’s efforts to assess its hiring processes with leading practices for evidence-based decision-making.

What GAO Found The U.S. Postal Service (USPS) plays a critical role in the nation's communications and commerce. Federal law requires USPS to "provide adequate and efficient postal services at fair and reasonable rates and fees" and to "serve as nearly as practicable the entire population of the United States." USPS has long been expected to fulfill those requirements while being financially self-sufficient by covering its expenses with revenue from the sale of its products and services. However, USPS's financial viability has been on GAO's High Risk List since 2009 due to its poor financial condition, which has been driven in part by declining mail volumes and rising costs. USPS has lost money every fiscal year since 2007. Its net losses have totaled approximately $118 billion from fiscal years 2007 through 2025. Its productivity also has declined—a trend that has contributed to its cost pressures. USPS has been able to continue operating by increasing its debt and unfunded liabilities. At the end of fiscal year 2024, USPS's unfunded liabilities and debt totaled 206 percent of its annual revenue, compared with 82 percent in fiscal year 2007. USPS's key costs are related to employee compensation and benefits, which represented about 76 percent of USPS's total operating expenses in fiscal year 2024. In March 2021, USPS introduced Delivering for America, a 10-year strategic plan intended to modernize its network and products to bring about financial sustainability. The strategic plan includes significant changes to many aspects of USPS operations, including its processing, transportation, and delivery networks. USPS has implemented a range of cost-cutting and revenue-enhancing measures as part of Delivering for America, but additional strategies are constrained by statutory, regulatory, contractual, and political issues. While some key stakeholders have expressed support for Delivering for America's goals and strategies, some have expressed concerns that USPS's implementation of the plan (1) has not achieved projected cost savings and (2) has lowered service performance in some areas. Additionally, the Postal Service Reform Act of 2022 (PSRA) was signed into law on April 6, 2022. PSRA is the first major legislative change to USPS since Congress passed the Postal Accountability Enhancement Act (PAEA) in 2006. PSRA provisions had immediate and long-term effects on USPS's finances and operations, such as repealing the requirement for USPS to prefund retiree health benefits and codifying 6-day-a-week mail delivery. Nevertheless, USPS's business model will remain unsustainable without Congress making difficult, fundamental policy decisions. Why GAO Did This Study This primer updates GAO's 2021 Primer on Postal Issues (GAO-21-479SP). Since GAO issued the original primer, USPS began implementing its 10-year strategic plan, Delivering for America, and Congress passed the Postal Service Reform Act of 2022. In addition, USPS released an updated plan in 2024, which summarized progress made over the preceding 3 years and the evolution of its major strategies. This primer will help readers familiarize themselves with key issues confronting USPS by providing straightforward answers to common questions. It also identifies topics for Congress to consider when determining the future of USPS. For readers interested in a more detailed discussion, a list of related GAO products is included at the end of each section.

What GAO Found The Coast Guard regulates the design, construction, and operation of autonomous ships through existing laws and regulations. Coast Guard officials said they also monitor autonomous ship technology as it develops domestically and internationally. However, officials identified a few factors that could constrain or complicate its ability as a regulator to enable these technologies to be developed and adopted. These factors include a lack of domestic examples demonstrating autonomous ship technologies and challenges in harmonizing international and domestic regulations. In addition, the Coast Guard has limited statutory authority to reduce crewing on ships. Various statutes establish the minimum number of crew required per vessel, and Coast Guard officials told GAO that they do not have the authority to waive these requirements outside of the limited scope of an at-sea rocket recovery pilot program. Officials said they have heard concerns from industry stakeholders that the additional costs of complying with minimum statutory crew requirements could discourage companies from developing autonomous vessels. The International Maritime Organization—a specialized agency of the United Nations responsible for the safety, security, and environmental performance of international shipping—is developing a regulatory framework for commercial autonomous ships. It is generally expected to be adopted by member countries on a non-mandatory basis in 2026 and on a mandatory basis in 2030 by amending an existing International Maritime Organization convention. The Coast Guard is the lead agency for the U.S. delegation to the International Maritime Organization and is helping to develop this framework. Selected countries have taken various approaches to addressing challenges in regulating autonomous ships. According to regulators from Canada, Norway, and the United Kingdom, these approaches include providing guidance to stakeholders on how to comply with existing laws and regulations, modifying regulations, and creating new regulations. Why GAO Did This Study Autonomous ships have technologies that are capable of navigating, avoiding collisions, controlling the speed and direction of the ship, or communicating with other ships with little or no human involvement. As autonomous ship technologies develop, countries are pursuing various approaches to regulating them. In the U.S., the Coast Guard is the federal agency responsible for regulating U.S. waterways to ensure that they are safe and secure. The Coast Guard is currently conducting a statutorily directed pilot program for autonomous at-sea rocket recovery that provides Coast Guard the authority to waive certain crew requirements. This testimony summarizes GAO's August 2024 report entitled Coast Guard: Autonomous Ships and Efforts to Regulate Them and focuses on three areas: (1) U.S. Coast Guard efforts to regulate and monitor autonomous ships operating in U.S. waterways and the challenges it may face in the future, (2) International Maritime Organization efforts to integrate autonomous ships into its regulatory framework, and (3) how selected countries are addressing challenges in regulating autonomous ships in their respective waterways. To inform the report, GAO reviewed Coast Guard documentation, interviewed agency officials, and obtained information from representatives of Canada, Norway, and the United Kingdom. More detailed information on the scope and methodology of that work can be found in the August 2024 report. For more information, contact Andrew von Ah at vonaha@gao.gov.

What GAO Found GAO’s High-Risk List identifies 38 areas across the federal government that are seriously vulnerable to fraud, waste, abuse, and mismanagement or that are in need of transformation. Addressing these high-risk issues will save hundreds of billions of dollars, improve service to the public, and increase government performance and accountability. Conversely, left unaddressed, these issues will impede the government’s ability to effectively serve the nation. GAO’s 2025 High-Risk update added a new area on federal disaster assistance. Natural disasters have become costlier and more frequent, which has strained the Federal Emergency Management Agency. Further, the federal approach to disaster recovery is fragmented across more than 30 federal entities, making it harder for survivors and communities to navigate federal programs. GAO recommended Congress reform the federal approach to disaster recovery. Other high-risk areas also need special attention, including: Expediting the pace of cybersecurity and critical infrastructure protections. While improvements have been made and efforts continue, the government is still not operating at a pace commensurate with the evolving, grave cybersecurity threats to the nation's security, economy, and well-being. GAO has made 4,441 related recommendations since 2010. While 3,848 have been implemented or closed, 593 have not been fully implemented. Also, greater federal efforts are needed to better understand the status of private sector technological developments with cybersecurity implications—such as artificial intelligence—and to continue to enhance public and private sector coordination. Addressing the government’s human capital challenges. The government faces long-standing challenges in strategically managing its workforce. Skills gaps are prevalent across many parts of the federal government and can impair the government’s ability to cost-effectively serve the public and achieve results. Agencies experience skills gaps when they have an insufficient number of staff or individuals without the appropriate skills or abilities to successfully perform their work. GAO has recommended agencies address skills gaps by improving workforce planning, training, and recruitment and retention efforts. Restructuring the U.S. Postal Service (USPS). For years USPS has faced unsustainable financial challenges, declining mail volumes, significant capital needs (such as vehicle replacement), and an outdated business model that struggles to align costs with changing mail use. There is a fundamental tension between the level of service Congress expects and what revenue USPS can reasonably be expected to generate. Congress needs to establish what services it wants USPS to provide and negotiate a balanced funding arrangement. GAO has also found that the federal government is on an unsustainable fiscal path. Debt held by the public as a share of gross domestic product (GDP) is projected to hit its historical high in fiscal year 2027 and grow at a faster rate than GDP over the long term. Perpetually rising debt as a share of GDP has many implications for the economy, American households, and individuals. Risks include slower economic growth and increased chances of a fiscal crisis. Debt Held by the Public Projected to Grow Faster than GDP GAO has recommended that Congress develop a strategy to place the government on a more sustainable fiscal path. The strategy should, among other things, incorporate fiscal rules and targets to help manage debt and address financing gaps for Social Security and Medicare Hospital Insurance. Both programs are supported by trust funds that are projected to be depleted by 2033. A strategy would also include efforts to improve fiscal responsibility by reducing improper payments and fraud; improving tax compliance and addressing tax expenditures; rightsizing the government’s property holdings; and pursuing other efficiencies. GAO recommendations on high-risk areas and its work on fragmentation, overlap, and duplication could help inform the strategy. Reducing improper payments and fraud. Since fiscal year 2003, cumulative improper payment estimates reported by executive branch agencies have totaled about $2.8 trillion. This includes $162 billion for fiscal year 2024. With respect to fraud, GAO estimates that the federal government loses between $233 billion and $521 billion annually, based on data from fiscal years 2018 through 2022. GAO has recommended many actions Congress and the executive branch could take to address improper payments and fraud risks. These include enhancing identity verification through data sharing, restoring fraud-related reporting requirements for agencies, and developing fraud estimates for highly vulnerable programs. Implementing a complete inventory of federal programs. A comprehensive inventory of programs—with related funding and performance information—would be a critical tool to help decision-makers better identify and manage fragmentation, overlap, and duplication. While important progress has been made, the federal government has not yet fully developed such an inventory. GAO has recommended the Office of Management and Budget articulate plans on how and when it will complete a comprehensive inventory. Why GAO Did This Study The federal government is one of the world’s largest and most complex entities, spending trillions of dollars across a broad array of programs and operations. The size, scope, and complexity of the federal government create inherent risks that need to be recognized and managed properly.   Since 1990, GAO has used its High-Risk Series to help Congress focus on high-risk issues that need immediate and sustained attention. Efforts to address high-risk issues have resulted in more than $811 billion in financial benefits. Progress on high-risk areas has also resulted in many other benefits, such as improved public safety, security, and service delivery. But progress across areas has varied. The fiscal condition of the federal government also presents risks and challenges that must be confronted. Nearly every year this century, the government has spent more than it collected in revenue. To finance these deficits the government has had to borrow by issuing debt. The federal government’s level of debt and the annual amount of interest it pays on the debt are quickly approaching unprecedented levels relative to the size of the economy. This statement focuses on (1) high-risk areas needing significant attention and (2) fiscal challenges facing the nation. It also highlights actions that Congress and the administration can take to address these risks and challenges. This statement is based primarily on reports published from February 2025 through December 2025, with selected updates. For more information, contact: Jeff Arkin at arkinj@gao.gov or Jessica Lucas-Judy at lucasjudyj@gao.gov.

This supplement is a companion to GAO’s report entitled, Service Academies: Clarifying Guidance Would Enhance Effectiveness of Honor and Conduct Systems (GAO-26-107049). The purpose of this supplement is to provide information from a survey of service academy students we used to obtain student perceptions, attitudes, and experiences with their academy’s honor and conduct systems. Background This supplemental material presents the questionnaires used to survey students at each of the five service academies (United States Military Academy (West Point); United States Naval Academy (Naval Academy); United States Air Force Academy (Air Force Academy); United States Coast Guard Academy (Coast Guard Academy); and United States Merchant Marine Academy (Merchant Marine Academy)). It also includes the results of our surveys, presented by Academy and each question. To obtain student perceptions, attitudes, and experiences with their academy’s honor and conduct systems, we surveyed a census of 6,984 sophomore through senior students in the fall semester of academic year 2024-2025 at each academy. Each Academy population received the same questionnaire, but with question and response options tailored to each academy’s terminology and processes. We tracked responses with differing terminology by assigning a standardized code to comparable questions and response sets across academies, which helped to ensure the consistency of our analysis. At the end of our survey period, we received from: West Point – 972 complete responses (31 percent response rate) Naval Academy – 3,086 complete responses (94 percent response rate) Air Force Academy – 2,026 complete responses (68 percent response rate) Coast Guard Academy – 503 complete responses (61 percent response rate) Merchant Marine Academy – 397 complete responses (88 percent response rate) For our analysis of survey responses, we performed a nonresponse bias analysis using the available student population data. We compared nonrespondents to respondents based on characteristics such as class year, gender, and race/ethnicity and identified differences for some race/ethnicity and gender groups, depending upon the academy. We applied weighting as appropriate to align survey respondents with the overall demographics of their respective academies. For the academies with lower response rates, non-response bias may exist due to unobservable characteristics, but any bias related to demographics included in the non-response model (race and ethnicity, gender, and class year) is mitigated. The survey results in our online supplemental materials are presented by Academy and each question, excluding those with open-ended responses, is presented with its weighted results including margins of error for each response. All survey results are generalizable to the population of their respective academies, unless otherwise noted. Further information on our methodology can be found in appendix I of the report (GAO-26-107049). We are sending copies of this report to the appropriate congressional committees, the Secretary of Defense, the Secretary of the Army, the Secretary of the Navy, the Secretary of the Air Force, the Secretary of Homeland Security, and the Secretary of Transportation. In addition, this report is available at no charge on the GAO website at http://www.gao.gov. We conducted the work upon which this supplement is based in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objective. For more information, contact Kristy E. Williams at williamsk@gao.gov.

What GAO Found The service academies—West Point, Naval, Air Force, Coast Guard, and Merchant Marine—operate honor and conduct systems to help ensure students adhere to expected ethical and moral standards. Each academy has student-led honor systems to enforce honor codes that prohibit lying, cheating, and stealing; each also has officer-led conduct systems to maintain good order and discipline. However, key differences exist across the academies’ systems, such as the use of hearings and the right to appeal hearing findings or punishments. West Point Cadet Honor Code Typically, each academy offers procedural due process protections to help ensure that students accused of an honor or conduct offense receive a fair hearing. The academies offer most of the 12 common due process protections GAO reviewed, but some academies’ guidance does not clearly specify the availability of certain protections. For example, two academies do not provide clear guidance on students’ rights to access a complete record of their proceeding. By reviewing and revising honor and conduct system guidance to clearly articulate available protections, the academies can help ensure students are informed of their rights when engaging with processes that could impede their ability to graduate and serve as officers. The honor and conduct offense data collected by the academies are not always complete or easily accessible. Specifically, some academies do not collect data on certain stages of their honor and conduct systems, such as investigations or appeals. Further, officials from four academies said they faced challenges in accessing relevant data. Addressing these challenges would improve the academies’ ability to manage their systems with quality information Students GAO surveyed at the academies generally reported favorable opinions about their honor and conduct systems but raised some concerns about their fairness. Between about 25 to 45 percent of students, depending on the academy, said honor system findings were not applied fairly to all students, while about 40 to 55 percent said the same for conduct. Students also stated a reluctance to report honor offenses and minor conduct offenses. However, around 50 to 80 percent of students, depending on the academy, were willing to report major conduct offenses. Why GAO Did This Study The service academies seek to graduate military officers with high ethical and moral standards. Students who violate these standards may be disenrolled. House Report 118-125 includes two provisions for GAO to review academies’ honor and conduct processes. This report assesses the extent to which (1) academy honor and conduct systems compare to one another and provide common procedural due process protections, and (2) academies collect honor and conduct data. It also describes (3) the perceptions of students toward their respective academies’ honor and conduct systems. GAO reviewed academy policies and honor and conduct data for academic years 2018-2019 through 2023-2024. It also surveyed 6,984 students across the five academies. The survey results are generalizable to the sophomore through senior population at each respective academy. Complete survey results can be viewed at GAO-26-108179. GAO also interviewed academy officials and conducted site visits to each academy.

What GAO Found In 2021, the United States Postal Service (USPS) introduced a 10-year strategy designed to improve its poor financial condition while fulfilling its statutory mandates. USPS has taken many actions to try to increase revenue and reduce expenses since this strategy was introduced, such as increasing prices and redesigning its transportation network and processing operations. As part of its strategy, USPS also requested the federal government to take action. Congress partially fulfilled this request via the Postal Service Reform Act of 2022. This act canceled $57 billion of USPS’s missed payments, among other things. However, USPS’s financial condition remains poor. While USPS has increased revenue, its total expenses continue to outpace total revenue leading to further losses (see fig.). In addition, USPS’s unfunded liabilities and debt have steadily increased since fiscal year 2022. USPS projects that if it made all its required payments toward its unfunded liabilities in full, it would run out of cash as early as fiscal year 2026. USPS updated its strategic plan in 2024, but this plan did not include financial projections showing how near-term results from the updated plan’s actions could increase revenue or reduce expenses. Without financial projections, USPS does not have targets to show progress or to effectively communicate how its actions will restore USPS’s financial sustainability. U.S. Postal Service’s (USPS) Revenue and Expenses, Fiscal Years 2007-2024 USPS and Congress have a wide range of options to improve USPS’s financial condition. However, USPS’s actions alone will likely not be enough for it to become financially self-sufficient. GAO has previously recommended that Congress consider various options. Although Congress has taken some action, key issues remain unresolved. These include identifying a sustainable path for postal retiree health benefits and determining the level of postal service required, and the extent to which USPS should be financially self-sufficient. Why GAO Did This Study USPS has lost money almost every fiscal year since 2007, even though Congress created it to be financially self-sufficient. GAO has long reported that USPS’s business model is unsustainable, due to rising costs and lower mail volume. As a result, USPS’s financial viability has been on GAO’s High Risk list since 2009. This report examines (1) recent USPS actions to improve its financial condition, (2) USPS’s current financial condition and the extent to which USPS projects its financial information, and (3) options that could improve USPS’s financial condition. GAO reviewed USPS’s strategic plan, financial reports, reports to Congress, and other reports containing financial information; projected USPS’s retiree health care and pension liabilities; interviewed USPS and other relevant agency officials and stakeholders; assessed the financial information in USPS’s updated strategic plan against GAO’s principles of evidence-based policymaking and surveyed selected stakeholders on potential options to improve USPS’s financial condition. GAO selected stakeholders from its prior work and stakeholders’ public statements on postal issues.

What GAO Found The Excess Defense Articles (EDA) program has a phased approval process. The Department of Defense (DOD) reviews foreign partners’ EDA requests and coordinates with the Departments of Commerce and State. During the process, agency officials consider the proposed transfer’s effect on industry, foreign partner resources, and security cooperation priorities, among other factors. Five General Phases of the EDA Program’s Approval Process aImplementing agencies are the military departments and Defense Logistics Agency Disposition Services. DOD monitors EDA after transfer under its end-use monitoring program. Nearly all EDA are subject to the program’s routine end-use monitoring, which requires DOD officials to observe an item or group of items for each foreign partner at least quarterly. GAO found that DOD generally conducted the quarterly routine checks as required for selected foreign partners. However, DOD does not systematically track key information on EDA after transfer to foreign partners. Specifically, DOD’s end-use monitoring database does not identify items as EDA or have disposition data (i.e., an item’s status, such as demilitarized or expended in combat versus in active use) for routine items. Systematically tracking EDA would provide DOD better information on these items. Such information would allow DOD to make better-informed recommendations on future EDA transfers, because these are based in part on foreign partner abilities to support items. DOD has not taken key steps to assess the EDA program’s performance. It has not developed performance goals to measure progress toward strategic objectives, such as building foreign partner capabilities. DOD has also not systematically collected performance information to assess the program’s results. For example, DOD officials said foreign partner feedback would be a good source of such information, but they do not routinely collect it. By taking steps to systematically assess the EDA program’s performance, DOD would better determine the extent to which the program helps achieve strategic objectives. Why GAO Did This Study The U.S. government transfers defense articles the armed forces no longer need—EDA—to foreign partners. By providing low-cost access to U.S. military equipment, the EDA program aims to support U.S. allies and partners and further national security objectives. The House Appropriations Committee Report 118-121 includes a provision for GAO to review the EDA program. GAO’s report examines (1) how DOD administers the program, (2) the extent to which DOD monitors and tracks EDA transferred to foreign partners, and (3) the extent to which DOD assesses the program’s performance. GAO reviewed relevant DOD policy and guidance. GAO analyzed DOD data on end-use monitoring for five foreign partners selected on the basis of such criteria as the value of EDA approved in fiscal years 2020 through 2024. GAO also interviewed officials from DOD, including from the military departments, security cooperation organizations, and geographic combatant commands; State; and Commerce.

Why This Matters Royalties on the sale of oil and gas produced on federal lands and waters generated more than $14 billion in revenue in 2024. The Department of the Interior’s Office of Natural Resources Revenue (ONRR) oversees these payments by companies. Companies can revise, or make adjustments to, royalties if they over- or underpaid, or they can request a refund to be reimbursed if they overpaid. GAO Key Takeaways Companies’ net adjustments decreased their originally reported royalties from about $96 billion to $93 billion, or by 2.8 percent, in fiscal years 2014–2024. Adjustments included $300 million to royalties initially paid 4–6 years prior. ONRR also approved $352 million in refunds. Royalties must be processed within defined time frames: Companies can make adjustments up to 6 years after their original payment. Concurrently, ONRR has 7 years to verify that royalties were accurately paid. This can take an average of 18 months or much longer, according to ONRR officials. ONRR may not have enough time under current statutory requirements to ensure royalties are accurate. This is especially true when companies submit adjustments toward the end of the 6-year statutory time frame, which provides ONRR one year to review. ONRR recommended to Congress in 2011 that it shorten the statutory time frame for a company to adjust royalties from 6 to 3 years, but this change was not enacted. Industry representatives noted that companies generally use electronic systems, which has improved efficiency and reduced the need for a longer time to submit adjustments. At present, the opportunity still exists to provide ONRR with additional time to verify adjustments, thereby ensuring that it is safeguarding federal revenues. Net Royalty Adjustments of Oil and Gas Royalties from Federal Leases, 2014–2024 Note: Adjustments made based on fiscal year of original royalty payment. How GAO Did This Study GAO analyzed ONRR data extracts from fiscal years 2014 through 2024, reviewed documentation, assessed data systems and tools, and interviewed ONRR officials and two industry stakeholder organizations.

This practice aid is a companion to GAO's 2024 revision of Government Auditing Standards (GAO-24-106786), also known as the Yellow Book, which GAO published on February 1, 2024. Since then, audit organizations have been making progress towards meeting the new quality management requirements outlined in Chapter 5 of the 2024 Yellow Book, "Quality Management, Engagement Quality Reviews, and Peer Review." The purpose of this Yellow Book practice aid is to provide additional guidance based on audit organizations' frequently submitted questions. This Yellow Book practice aid is intended to help audit organizations to understand and meet the new quality management requirements as they deliberate on the design, implementation, and operation of their system of quality management for engagements conducted in accordance with the Yellow Book. It contains three sections: Section I: The Quality Management Risk Assessment Process Section II: The Quality Management Monitoring and Remediation Process Section III: Engagement Quality Reviews This practice aid is considered GAGAS interpretive guidance in accordance with paragraph 2.06 of the Yellow Book.

Why This Matters The use of generative AI is growing rapidly, and it continues to be applied in new ways across the public and private sectors. But generative AI can also be used in destructive ways. This includes producing harmful content, obtaining sensitive information, or carrying out malicious instructions. Even with safeguards in place, no current generative AI systems are immune to such misuse. Key Takeaways Attackers have many different malicious techniques that are effective against generative AI systems. AI safeguards and defenses require continuous development and significant resources to maintain. Policymakers face challenges developing timely solutions to address rapidly evolving uses and threats. The Technology What is malicious use? Attackers or other users can cause generative artificial intelligence (AI) systems to produce harmful content, disclose sensitive information, or carry out other instructions that defy their intended purposes and built-in safeguards. This includes cybercriminals who can also modify generative AI systems to enable malicious use. Harmful content includes information or advice to build weapons, undertake criminal activities such as cyberattacks, help users to harm themselves, or produce deepfakes or other damaging content. Content may also be inadvertently harmful when an AI system fails to discourage user interest in self-harm. In addition, AI systems can be tricked into producing intentionally biased answers or disclosing proprietary business or sensitive personal information. When generative AI is paired with other forms of AI that can autonomously make and adjust plans for users, such as agentic AI, it could enable other AI systems to complete complex and open-ended malicious instructions. For example, paired generative AI systems could autonomously create and deliver phishing emails. How does it work? Generative AI systems can be developed with safeguards to prevent undesired and harmful use or protected by additional software. However, the National Institute of Standards and Technology (NIST) and others have found that no AI systems, generative or otherwise, can be fully secured. Misuse is possible because generative AI cannot easily distinguish harmless requests from malicious instructions or use. Further, attackers can use many creative techniques to make generative AI ignore safeguards or carry out malicious instructions, such as entering prompts intended to make a system ignore its safeguards against misuse and disguising malicious instructions as harmless inputs. For example: Roleplaying. Attackers ask generative AI systems to adopt characteristics that facilitate access to harmful or sensitive content, such as the “Do Anything Now” (DAN) attack. This tricks a system into acting as if it can do anything, allowing it to ignore some safeguards. While systems have been programmed to stop DAN attacks, roleplaying methods can still be successful particularly when combined with other techniques. Crescendo. Attackers steer generative AI systems to create harmful content using small, seemingly benign steps. By shifting focus gradually, the attacker exploits the system’s tendency to comply and avoids direct requests that could trigger safeguards. Automated attacks. These methods use two or more generative AI systems that together refine the phrasing of an initial harmful request to find prompts that bypass safeguards. These attacks can iteratively modify and judge the effectiveness of new prompt phrasings until they are successful. How mature is it? Many techniques for malicious use of generative AI already exist, and tactics are rapidly evolving. For example, researchers recently claimed to have successfully circumvented the safeguards of a new system a single day after its release, thereby obtaining instructions to build an incendiary weapon. Additionally as a readily available technology, one academic study reported that generative AI could reduce malicious users’ costs of conducting phishing cyberattacks by more than 95 percent. How can malicious efforts be countered? Security efforts to test generative AI vulnerabilities are well established in industry and defense techniques are rapidly evolving. NIST has identified mitigation techniques such as reinforcing safeguards through human feedback, filtering of user instructions, and using separate generative AI technology to detect malicious attacks. Figure 1. Selected Attack Techniques and Mitigations for Malicious Use of Generative AI   Challenges Attackers and other users such as cybersecurity researchers are continuing to find new methods to manipulate generative AI. Developers will need to continuously monitor and address vulnerabilities to prevent additional misuse or harmful content. Incentives for generative AI developers are primarily focused on improving performance, rather than addressing security issues such as malicious use. Policy Context and Questions How could the development of AI benchmarks or auditing tools promote research in security and help address vulnerabilities? What guidelines can best ensure generative AI systems are used responsibly, and to what extent do generative AI systems follow existing guidance? As generative AI is integrated into IT systems supporting federal agencies, businesses, and others, what actions are needed to mitigate risks posed by malicious use? Selected GAO Work Artificial Intelligence: Generative AI Training, Development, and Deployment Considerations, GAO-25-107651. Science and Tech Spotlight: AI Agents, GAO-25-108519. Selected Reference Vassilev A, Oprea A, Fordyce A, Anderson H, Davies X, and Hamin M. (2025) Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations. (National Institute of Standards and Technology, Gaithersburg, MD) NIST Artificial Intelligence (AI) Report, NIST Trustworthy and Responsible AI NIST AI 100-2e2025. https://doi.org/10.6028/NIST.AI.100-2e2025. For more information, contact Karen L. Howard, PhD at HowardK@gao.gov.

This is the Spanish language highlights associated with GAO-26-107225. Conclusiones de la GAO En el 2021, el último año para el que la GAO obtuviera datos completos, hubo aproximadamente 2.200 beneficiarios del incentivo fiscal para inversionistas residentes en Puerto Rico. El análisis de la GAO constató una disminución marcada en el promedio de la renta imponible a nivel federal y en los impuestos federales que esta población pagó en el período entre 5 años antes y 5 años después del traslado a Puerto Rico (ver a la figura). El análisis de la GAO encontró que la disminución en los ingresos de los impuestos federales podría ascender a cientos de millones de dólares por año. Figura 1: Promedio del total de renta imponible a nivel federal y a los impuestos federales totales pagados por los contribuyentes que reciben el incentivo fiscal para inversionistas residentes en Puerto Rico Nota: Las sumas en dólares están ajustadas por inflación a valores de 2023. Además, entre 2012 y 2024, casi 4.000 contribuyentes recibieron el incentivo fiscal para la exportación de servicios desde Puerto Rico. El efecto de los incentivos para las inversionistas residentes y la exportación de servicios en la economía de Puerto Rico es difícil de aislar dado que los datos sobre los costos y beneficios son mixtos. En parte, esto se debe a que los beneficiarios representan una fracción pequeña de la población de Puerto Rico. Algunos estudios económicos realizados para el gobierno de Puerto Rico sugieren un aumento en la actividad económica y de empleo a raíz de los incentivos fiscales, mientras que las perspectivas locales y los datos de migración sugieren resultados mixtos. En 2021, el Servicio de Impuestos Internos (IRS, por sus siglas en inglés) anunció una iniciativa de cumplimiento, llamada una campaña, para abordar las inquietudes de que algunos beneficiarios del incentivo para inversionistas residentes en Puerto Rico no estarían cumpliendo sus obligaciones tributarias federales. La campaña solo comenzó a mostrar resultados hace poco tiempo, en parte, debido a la complejidad de las auditorías de ingresos altos y patrimonios elevados, la falta de priorización por parte del IRS de la iniciativa, y las brechas de comunicación entre el IRS y Puerto Rico. Hasta 2025, el IRS no pudo obtener datos completos sobre los contribuyentes que reclamaban el incentivo para inversionistas residentes en Puerto Rico con números del Seguro Social para garantizar el cumplimiento de las leyes tributarias federales. Asimismo, el IRS no cuenta con un plan documentado para obtener sistemáticamente los datos más actuales de Puerto Rico a futuro. La obtención de dichos datos de forma sistemática mejoraría la capacidad del IRS para garantizar el cumplimiento. Adicionalmente, el IRS no analizó referencias de funcionarios del gobierno de Puerto Rico que identificaron a contribuyentes estadounidenses cuyo cumplimiento del requisito de residencia en Puerto Rico no pudieron confirmar. El IRS tampoco tiene un plan para priorizar cualquier referencia futura. La GAO analizó estas referencias junto con los datos del IRS e identificó a los contribuyentes con indicadores de posible incumplimiento de la ley tributaria federal. La GAO compartió este análisis al IRS. El establecimiento de procedimientos para examinar casos de posible incumplimiento identificados por agencias gubernamentales de Puerto Rico podría ayudar al IRS a mejorar el cumplimiento tributario a nivel federal. Por qué la GAO hizo este estudio En el 2012, Puerto Rico promulgó incentivos tributarios para inversionistas residentes (Ley 22) y la exportación de servicios (Ley 20) para fomentar el traslado a Puerto Rico y la inversión en el país. En general, la ley federal exime a los residentes en Puerto Rico del impuesto federal sobre la renta de fuentes dentro de Puerto Rico. El IRS es responsable de asegurar que los contribuyentes que reclaman el incentivo para inversionistas residentes en Puerto Rico cumplan sus obligaciones tributarias federales. Se le solicitó a la GAO que examinara los incentivos tributarios para inversionistas residentes en Puerto Rico y la exportación de servicios. En este informe (1) se describe a la población que recibe los incentivos tributarios, (2) se describen algunos efectos económicos de estos incentivos fiscales en la economía de Puerto Rico, y (3) se evalúan los esfuerzos del IRS para asegurar el cumplimiento entre las personas estadounidenses que se trasladan a Puerto Rico y declaran la residencia. La GAO analizó la documentación y datos del IRS y Puerto Rico y entrevistó a funcionarios pertinentes. La GAO también entrevistó a funcionarios locales, empresas de desarrollo económico y grupos de partes interesadas.

Para la versión de esta página en español, ver a GAO-26-108642. What GAO Found In 2021, the most current year for which GAO had complete data, there were approximately 2,200 recipients of the Puerto Rico resident investor tax incentive. GAO’s analysis found a significant decrease in the average federal taxable income and federal taxes paid by this population between the 5 years prior to and up to 5 years after moving to Puerto Rico (see figure). GAO’s analysis found that the decrease in federal tax revenue in aggregate could amount to hundreds of millions of dollars per year. Figure: Average Total Federal Taxable Income and Total Federal Taxes Paid by Taxpayers Receiving the Puerto Rico Resident Investor Tax Incentive Note: Dollar amounts are inflation-adjusted 2023 dollars. Additionally, from 2012 through 2024, almost 4,000 taxpayers received Puerto Rico’s business export service tax incentive. The effect of the resident investor and business export service incentives on Puerto Rico’s economy is difficult to isolate as the evidence is mixed on the overall costs and benefits. This is, in part, due to recipients representing a small fraction of Puerto Rico’s population. Some economic studies undertaken for the Puerto Rico government suggest an increase in economic activity and employment related to the tax incentives while local perspectives and migration data suggest mixed results. In 2021, the Internal Revenue Service (IRS) announced a compliance initiative, called a campaign, to address concerns that some recipients of Puerto Rico’s resident investor incentive may not be meeting their federal tax obligations. The campaign only recently began showing results, in part, due to the complexity of high-income and high-wealth audits, IRS not prioritizing the effort, and communication gaps between IRS and Puerto Rico. Until 2025, IRS was unable to obtain complete data on taxpayers claiming Puerto Rico’s resident investor incentive with Social Security numbers to help ensure compliance with federal tax laws. Further, IRS has no documented plan to routinely acquire the most current data from Puerto Rico going forward. Obtaining such data regularly would improve IRS’s ability to ensure compliance. Additionally, IRS did not pursue referrals from Puerto Rico government officials who identified U.S. taxpayers whom officials could not confirm met Puerto Rico’s residency requirement. IRS also does not have a plan to prioritize any future referrals. GAO analyzed these referrals along with IRS data and identified taxpayers with indicators of potential noncompliance with federal tax law, which GAO shared with IRS. Establishing procedures to review cases of potential noncompliance identified by Puerto Rico government agencies could help IRS improve federal tax compliance. Why GAO Did This Study In 2012, Puerto Rico enacted the resident investor (Act 22) and export service business (Act 20) tax incentives to encourage relocation to and investment in Puerto Rico. Federal law generally exempts residents of Puerto Rico from federal income tax on income sourced from Puerto Rico. IRS is responsible for ensuring that taxpayers claiming Puerto Rico’s resident investor incentive are meeting their federal tax obligations. GAO was asked to review the Puerto Rico resident investor and export service business tax incentives. This report (1) describes the population receiving tax incentives, (2) describes selected economic effects of these tax incentives on Puerto Rico’s economy, and (3) assesses IRS efforts to ensure compliance among U.S. persons relocating to Puerto Rico and claiming residency. GAO analyzed IRS and Puerto Rico documentation and data and interviewed relevant officials. GAO also interviewed local officials, economic development firms, and stakeholder groups.

Why This Matters The Food and Drug Administration (FDA) oversees recalls of medical devices that may present a risk to the health of users. The ramifications of using recalled devices—such as defective ventilators or pacemakers—include the potential for serious injury or death. FDA’s oversight of medical products, including devices, has been on GAO’s high-risk list since 2009. GAO Key Takeaways From fiscal years 2020 to 2024, FDA oversaw the recall of 3,934 medical devices. All were voluntarily recalled by manufacturers. FDA can mandate a recall, although it rarely does so. Insufficient staff limit FDA’s ability to conduct oversight activities, according to officials. For example, from fiscal years 2020 to 2024, FDA couldn’t meet its 3-month goal of terminating recalls (meaning FDA determines all reasonable efforts were made by the manufacturer to remove or correct the device) due to resource constraints. Some stakeholders said delays can affect patient care. The Department of Health and Human Services (HHS) oversees FDA and is currently undergoing reforms. Conducting workforce planning to determine the staffing and skills FDA needs for oversight would help HHS keep unsafe devices from continued use. According to officials, FDA cannot require manufacturers to adopt its recommendations for how to carry out certain recalls. Some stakeholders said manufacturers and FDA communicating different information can be confusing. FDA officials said it can also result in inefficient use of resources. By working with FDA to assess if additional authorities are needed, and seeking them if beneficial, HHS may be better positioned to address current recall process inefficiencies. Medical Device Recalls that Exceeded FDA’s 3-Month Termination Goal Note: Termination means FDA determines all reasonable efforts were made by the manufacturer to remove or correct the device. How GAO Did This Study We reviewed FDA policies and guidance on the recall process and analyzed data from FDA’s Recall Enterprise System. We also interviewed FDA officials and 10 stakeholder groups representing providers, patients, and the medical device industry to get their perspectives on challenges FDA faces in overseeing recalls.

What GAO Found After three unsuccessful attempts over two decades, the Department of Veterans Affairs (VA) undertook a fourth effort in 2017—the Electronic Health Record Modernization (EHRM) program—to modernize its legacy health information system. GAO has previously reported on the challenges VA has experienced with this effort. In these reports, GAO made 18 recommendations to improve cost estimating, schedule, program management, user adoption and satisfaction, and operational testing. GAO deemed 12 of these as priority recommendations because of their criticality to successful future deployments. VA has not yet fully implemented 16 of the 18 recommendations. Implementation Status of GAO Electronic Health Record System-Related Recommendations to the Department of Veterans Affairs as of December 2025 Report Total number of recommendations Number of priority recommendations Implementation status of recommendations GAO-25-106874 (March 2025) 3 2 2 priority open (not implemented) 1 closed (implemented) GAO-23-106731 (May 2023) 10 10 9 priority open (not implemented) 1 priority open (partially implemented) GAO-22-103718 (February 2022) 2 0 1 open (not implemented) 1 closed (implemented) GAO-21-224 (February 2021) 2 0 2 open (not implemented) GAO-20-473 (June 2020) 1 0 1 open (not implemented) Source: GAO reports. I GAO-26-108812 In March 2025, GAO reported that VA had made improvements at five initial sites but noted that the department’s actions to address challenges had impacted the program’s total cost estimate and schedule. Accordingly, GAO made two priority recommendations to update the cost estimate and schedule. Senate and House Authorizing and Appropriations Committees subsequently sent a letter to VA requesting a detailed cost estimate and schedule before September 30, 2025. While VA has delivered a notional schedule to congressional committees, it has not provided a cost estimate or detailed documentation of its schedule necessary to determine the extent to which it is consistent with leading practices. In May 2023, GAO reported that users expressed dissatisfaction with the new system and VA did not adequately identify and address system issues. GAO made 10 priority recommendations to address change management, user satisfaction, system trouble ticket, and independent operational assessment deficiencies. VA has not yet fully implemented the 10 recommendations. Until VA fully implements the priority recommendations, future deployments risk prolonging management challenges like those experienced in the initial deployments and users will likely not be positioned to achieve optimal usage of the new electronic health record (EHR) system. Why GAO Did This Study VA depends on its EHR system to manage health care for its patients. Since 2017, the department’s EHRM program has undertaken efforts to replace its legacy EHR system with a modernized, commercial system. VA first deployed its new EHR system in October 2020 and followed up with further deployments to four additional sites in 2022. However, in 2023, it halted future system deployments due to feedback from veterans and clinicians that the new system was not meeting expectations. In December 2024, VA announced plans to restart deployments beginning with four facilities in Michigan. The department plans for nine additional site deployments in 2026. VA plans to accelerate deployments to complete approximately 170 sites by 2031. GAO has previously designated VA health care as a high-risk area for the federal government, in part due to its challenges implementing EHRM initiatives. GAO was asked to testify on its key prior reports and related recommendations to improve VA’s EHRM program. GAO summarized the results of five prior reports and followed up with VA on actions to implement recommendations.