The Investigative Journal’s weekly survey of oversight reports, audits, and document releases from watchdog organizations across the ideological spectrum. Findings are summarized for context; readers are encouraged to consult the underlying records.
1. GAO: Federal Electronic Health Record Cybersecurity Lacks Goals and Measures
The U.S. Government Accountability Office, a nonpartisan legislative-branch auditor that reports to Congress, on June 2 publicly released GAO-26-107673, an examination of cybersecurity coordination across the federal Electronic Health Record (EHR) system used by the Department of Veterans Affairs, the Department of Defense (now styled the Department of War in current administration usage), the U.S. Coast Guard, and the National Oceanic and Atmospheric Administration. The system, once fully deployed, is expected to serve more than 500,000 clinical users and over 18 million service members, veterans, and their families — making it among the largest EHR deployments in the country.
Auditors found that the Federal Electronic Health Record Modernization (FEHRM) office, which is tasked with coordinating interagency cybersecurity for the program, “has not fully articulated specific short- or long-term goals or intended outcomes related to the cybersecurity of the federal EHR or the privacy of health data within it.” FEHRM officials told GAO in January 2026 that they were still developing fiscal-year 2026 cybersecurity goals. The report flags the absence of common performance measures across participating agencies as a material weakness in interagency oversight.
GAO recommends FEHRM document concrete goals, define performance measures, and formalize information-sharing arrangements with each partner agency. Records indicate the agencies generally concurred. Given the scale of the user population and the rising frequency of healthcare cyber incidents documented elsewhere in federal reporting, the gap warrants close legislative attention.
2. GAO: Improper Payments Hit $186 Billion in FY 2025
In a separate report — GAO-26-108694, released in late April and still rippling through congressional offices — GAO reported that 15 federal agencies estimated approximately $186 billion in improper payments across 64 programs in fiscal year 2025, an increase of about $24 billion year-over-year. The bulk of the errors were overpayments, and health-care programs accounted for a disproportionate share: Medicare contributed roughly $57 billion and Medicaid roughly $37 billion to the total.
The cumulative federal improper-payments tally since fiscal year 2003 now stands at approximately $3 trillion, according to GAO’s data series. Agency inspectors general also reported uneven compliance with the Payment Integrity Information Act of 2019, with half of 24 reviewed agencies failing at least one statutory criterion in the most recent compliance cycle. Common deficiencies included inadequate risk assessments and unreliable improper-payment estimates.
The figures provide an empirical baseline for ongoing legislative proposals to tighten data-matching, pre-payment verification, and recovery audit authorities. The findings cut across administrations and program areas, and are best read as a measure of systemic control weaknesses rather than a partisan indictment.
3. CRS: Improper Payments — Ongoing Challenges and Legislative Proposals
On the same day GAO’s EHR report dropped, the Congressional Research Service — the Library of Congress’s nonpartisan analytical arm serving members and committees of Congress — published R48296, “Improper Payments: Ongoing Challenges and Recent Legislative Proposals.” CRS reports are written for a congressional audience and avoid policy recommendations, but they are the closest thing Washington has to a neutral reference work on technical subjects.
The report catalogs PIIA’s compliance regime, summarizes recent improper-payment trends including the FY 2025 spike, and surveys pending bills that would expand the Treasury Department’s Do Not Pay portal, lengthen recovery-audit lookback windows, and create a government-wide standard for verifying death records against benefit rolls. Pairing CRS R48296 with GAO-26-108694 gives readers both the trendline and the policy menu in two short documents.
Read it: CRS R48296 at crsreports.congress.gov.
4. DOJ Inspector General: Inspection of USP Canaan
The Department of Justice Office of the Inspector General — a statutorily independent oversight body within DOJ — on May 21 released an inspection of the U.S. Penitentiary at Canaan, a high-security facility in Waymart, Pennsylvania, operated by the Federal Bureau of Prisons. The DOJ OIG’s BOP inspection series, launched in the wake of the 2022 death of Jeffrey Epstein and a string of subsequent inmate-death reports, has produced facility-by-facility findings that consistently surface staffing shortfalls, contraband-control gaps, and aging infrastructure.
The Canaan inspection follows a separate May 14 OIG investigative summary documenting misconduct by a former BOP Office Chief who violated policy regarding pilot initiatives. Together with the OIG’s earlier evaluation of the Bureau’s use of $1.23 billion in First Step Act funds appropriated for fiscal years 2022 through 2024, the recent releases suggest a sustained oversight focus on BOP management controls — an area where findings tend to be operational rather than political.
Read it: DOJ OIG: Federal Bureau of Prisons reports.
5. POGO: GEO Group’s $250,000 “Dark Money” Donation to a Group Tied to a Sitting Committee Chair
The Project On Government Oversight — a nonpartisan investigative nonprofit founded in 1981, with funding from a mix of foundations including the David and Lucile Packard Foundation — published “GEO Group’s ‘Dark Money’ Donation to a Group Tied to a Top Lawmaker.” Records reviewed by POGO show that GEO Group, U.S. Immigration and Customs Enforcement’s largest detention contractor, made a $250,000 contribution on July 15, 2025, to the American Liberty Foundation, a super PAC aligned with Representative Jim Jordan (R-OH), who chairs the House Judiciary Committee with jurisdiction over ICE.
POGO notes that the donation arrived eleven days after President Trump signed the One Big Beautiful Bill Act, a statute that materially expanded ICE’s budget and detention capacity. The American Liberty Foundation is run by Ray Yonkura, a former Jordan chief of staff. Federal contractors are generally barred from making political contributions; GEO has previously argued that subsidiaries without direct federal contracts may donate. The Federal Election Commission deadlocked 3-3 on a related question in 2021 and closed the matter without a violation finding.
POGO’s report is a factual presentation drawn from FEC filings and corporate records; nothing in it constitutes a finding of illegality, and Representative Jordan’s office is entitled to a right of reply on any characterization. The donation pattern, however, is a documented public record and is squarely within the kind of contractor-to-overseer financial relationship that contracting-integrity statutes were designed to surface.
Read it: POGO Investigates: GEO Group’s “Dark Money” Donation.
6. ProPublica: Alaska Telecom Subsidies and an Obsolete Service Tier
ProPublica — a Pulitzer-winning investigative nonprofit funded primarily by the Sandler Foundation and a broad base of individual donors — published “This Convicted Felon Gets $1 Million a Year to Sell Obsolete Internet Service. You Pay for It.” The investigation traces federal Universal Service Fund disbursements to Summit Telephone, a small Alaska carrier operated by Roger Shoffstall, a businessman with a prior federal tax-evasion conviction. ProPublica reports that Summit receives approximately $1 million annually under the FCC’s Alaska Plan, equivalent to roughly $800 per customer per month.
The broader dataset is the more consequential finding: since 2016, the FCC has channeled approximately $4.6 billion in Universal Service Fund subsidies to Alaska carriers — more than $600 per Alaskan per year — yet statewide internet speeds remain the slowest in the nation, and retail prices for service that falls below the FCC’s own broadband threshold often run to several hundred dollars per month. Records indicate the program lacks performance-tied disbursement standards that would tie continued funding to measurable service-quality improvements.
The Universal Service Fund itself is supported by a surcharge on consumer telecommunications bills and is administered through several discrete programs. ProPublica’s reporting has already prompted reform discussion at the FCC. The investigation is a textbook example of why direct links to source data matter: the agency’s own disbursement tables make the case.
Read it: ProPublica: Alaska Telecom Subsidies and Summit Telephone.
7. Judicial Watch: 1.9 Million FBI Records Found in a “Hidden Room”
Judicial Watch — a conservative public-interest legal foundation that funds itself primarily through direct mail and grassroots donations, and that pursues an aggressive Freedom of Information Act litigation docket — disclosed that DOJ filings in one of its long-running FOIA cases acknowledge the FBI has located approximately 1.9 million pages of records responsive to outstanding requests. The records were reportedly stored in a previously undisclosed location at FBI headquarters and surfaced after former Deputy Director Dan Bongino publicly referenced them. A federal court ordered the Bureau to disclose, by a May 11 filing, what internal communications exist about the handling of the materials.
Separately, on May 20, Judicial Watch filed a FOIA lawsuit seeking records related to a 2012 incident involving U.S. Secret Service personnel. As with any pending litigation, the underlying allegations have not been adjudicated, and the volume of responsive records does not by itself indicate misconduct. The discovery is, however, materially relevant to congressional and inspector-general oversight of FBI records-management practices and to ongoing debates about FOIA processing times.
Read it: Judicial Watch: FBI Records in “Hidden Room”.
8. OpenTheBooks: $3.85 Million in Federal Funds Linked to a Single Nonprofit
OpenTheBooks, a transparency nonprofit that aggregates federal, state, and local spending into a searchable public database and is generally aligned with the center-right, identified approximately $3.85 million in federal disbursements tied to the Southern Poverty Law Center, including a $2.5 million National Institutes of Health grant supporting curriculum integration projects. The disclosure is sourced to USAspending.gov records and grant award documents, which OpenTheBooks publishes in full.
OpenTheBooks’s larger spring 2026 series — “The Cost of Fraud” — has documented at least $21 million in Medicaid losses to autism-services fraud schemes between November 2019 and December 2024, and an exhaustive multi-agency map plotting outlays against headcount over multiple decades. The latter analysis shows that across major federal agencies, spending growth has outpaced employment growth — an empirical observation that, depending on the reader’s priors, can be read as evidence of productivity gains, of contractor reliance, or of weakening internal accountability.
Read it: OpenTheBooks Oversight Reports and Investigations.
What TIJ Will Be Watching
Three threads from this week warrant deeper investigative follow-up. First, the convergence of GAO and CRS findings on improper payments — together with the OIG-reported PIIA noncompliance — points to a structural breakdown in pre-payment verification that no single agency owns. TIJ will examine which programs are driving the $24 billion year-over-year increase, and whether the Do Not Pay portal expansions under consideration would meaningfully change the trajectory.
Second, the FEHRM cybersecurity gap is unusually consequential because it cuts across DOD, VA, and two civilian agencies, each with different procurement authorities and different IG regimes. The absence of common performance measures is the kind of governance vacuum that historically precedes a high-impact breach. TIJ will track whether FEHRM publishes its fiscal-year 2026 goals on time and what they actually require.
Third, the Universal Service Fund’s disbursement structure — uncovered in ProPublica’s Alaska reporting — is a near-perfect case study in the disconnect between subsidy outlays and measurable consumer outcomes. The data is public and the FCC’s own filings make the empirical case; the policy question is whether the agency will move to performance-tied disbursements before Congress does it for them.
As always, readers are encouraged to consult the linked source documents directly. Where allegations are pending or characterizations are contested, the underlying records — not the summaries — are the authoritative reference.
The Investigative Journal practices accountability journalism grounded in the public record. Tips, document leads, and corrections: editor@tij.news.