On February 25, the House Oversight and Government Reform Committee held a hearing on the Government Accountability Office’s (GAO) 2025 High Risk List. U.S. Comptroller General Gene L. Dodaro, who heads the GAO, testified before the committee. The GAO, an independent and nonpartisan agency, works for Congress to monitor how taxpayer dollars are spent and recommend ways to improve government efficiency. In FY2024, the GAO identified $67.5 billion in financial benefits and 1,232 other benefits with unquantifiable financial impact.

Since 1990, the GAO has published a biennial “High Risk List,” identifying programs and operations vulnerable to waste, fraud, abuse, and mismanagement—or in need of transformation. The 2025 report, spanning more than 300 pages, highlights 38 high-risk areas, including long-standing concerns like federal property management, Medicaid, and management of federal oil and gas resources. It also includes 5 new areas of concern:

• Delivery of Federal Disaster Assistance
• Funding the Nation’s Surface Transportation System
• HHS Leadership and Coordination of Public Health Emergencies
• Strengthening Management of the Federal Prison System
• Unemployment Insurance System­

Debate during the House Oversight and Government Reform Committee hearing covered a variety of issues on and off the GAO’s High Risk list, including:

Improper Payments

The GAO reports that improper payments—payments disbursed incorrectly or in the wrong amounts—remain a major concern. Federal agencies have reported over $150 billion in improper payments annually for the past seven years, though the true amount is likely higher due to underreporting.

The GAO’s recommendations include:

• Granting the U.S. Treasury permanent access to the Social Security Administration’s Full Death Master File to prevent payments to deceased individuals.
• Extending the statute of limitations for fraud in the unemployment insurance program to improve enforcement.
• Strengthening incentives at the state level to minimize improper payments.

TCS has long documented how improper payments and fraud have plagued federal programs. Given our nation’s current fiscal challenges, $150 billion in improper payments annually is unacceptable. Federal agencies must act swiftly to implement the GAO’s recommendations to close these costly loopholes.

Federal Workforce

Concerns with the federal workforce across multiple agencies are a recurring theme in the GAO’s High Risk List. Addressing issues such as capacity building, career development, and retention is essential to strengthening oversight in high-risk areas, including Protecting Public Health Through Enhanced Oversight of Medical Products and Managing Risks and Improving VA Health Care, among others. During the hearing, GAO staff testified to the value of having the “right numbers of staff with the right skills” across the federal government.

In light of recent mass firings initiated by Elon Musk’s Department of Government Efficiency (DOGE), Comptroller Dodaro testified that he thinks the federal government “can be more efficient but you have to approach it in a more thoughtful, deliberative process.” Reflecting on his 50 years of experience auditing the federal bureaucracy, he noted: “you need to find out what’s the reason why things are the way they are, before you change… you need to know the answer to that question before you start making changes. Otherwise you have unintended consequences.”

Mass firings create chaos for both the government and taxpayers. Policymakers should instead follow the lead of past successes—such as the Clinton administration’s reduction of the federal workforce by 20 percent, which was achieved through targeted buyouts rather than hasty layoffs.

Federal Disaster Assistance

As natural disasters grow in frequency and severity, federal disaster assistance spending has surged. Annual appropriations to the Disaster Relief Fund (DRF), the federal government’s primary account for disaster assistance, almost tripled from just over $7 billion in FY2013 to almost $19 billion in FY2022, totaling $109 billion over the past decade. Congress has also had to appropriate an additional $48 billion (excluding COVID-19 response) in supplemental appropriations to refill DRF reserves.

Federal disaster assistance, primarily managed by the Federal Emergency Management Agency (FEMA), faces serious operational challenges. According to Comptroller Dodaro, FEMA is “stretched way too thin,” currently managing over 600 active disasters. Additionally, federal disaster response is fragmented across at least 30 federal agencies and marred by “confusion, overlapping regulations.” Members of Congress and representative from the GAO underscored how disaster aid recipients must “undergo a very complicated process that’s often fragmented across multiple agencies,” creating additional obstacles and delaying assistance.

The GAO provides multiple recommendations for improvement, such as streamlining assistance for survivors, improving coordination across federal agencies, increasing FEMA workforce capacity, and investing in resilience to mitigate future disaster costs. Disasters are inevitable, and budgeting for them should reflect this reality. Better forecasting of future costs could lead to smarter budgeting, which can result in more effective investments in mitigation to reduce those risks and costs. Additionally, simplifying the funding process will ensure FEMA is prepared to meet the growing demands of disaster response in a fiscally responsible manner.

Federal Cost of Climate Change Risks

Climate change presents a significant fiscal risk to taxpayers. As Comptroller Dodaro testified, taxpayers face growing climate liabilities through federal insurance programs like the National Flood Insurance Program (NFIP)—which has its own place on the High Risk list— and federal crop insurance, as well as direct impacts on federal facilities. A Taxpayers for Common Sense analysis found that taxpayers have borne an average annual cost of approximately $62 billion over the past five years, a 35 percent increase over the previous five-year average, for various programs aimed at combating and mitigating climate impacts.

The GAO’s recommendations emphasize the importance of climate resilience—helping communities withstand future disasters to save lives, property, and tax dollars. A 2019 study by the National Institute of Building Sciences (NIBS) found that every $1 invested in disaster mitigation grants saves society $6 or more in post-disaster response costs. Strengthening climate resilience requirements—such as tying federal crop insurance or disaster recovery funding to mitigation measures—could benefit both recipients and taxpayers.

Department of Defense

The Department of Defense (DOD) holds multiple high-risk areas—DOD Approach to Business Transformation, DOD Business Systems Modernization, DOD Contract Management, DOD Weapon Systems Acquisition, and DOD Financial Management—some of which have been on the list since 1995. The GAO lists “Achieving Greater Financial Management Discipline at DOD” as one of the five areas critical for better managing the cost of the government.

For decades, the Pentagon has struggled with transparency and accountability. It remains the only major federal agency that has never received an unmodified “clean” opinion on its financial statements, failing its seventh consecutive audit last November. While Congress has mandated that the DOD pass a clean audit by 2028, it did not establish any accountability mechanisms for the Pentagon should it fail.

During the hearing, Rep. Andy Biggs (R-AZ) highlighted the Audit the Pentagon Act, a bipartisan proposal first introduced in 2023, which would impose financial consequences for failed audits. The bill would require each component of the Pentagon to receive a clean audit opinion or else forfeit between 0.5 and 1 percent of its budget to the Treasury Department for deficit reduction. TCS strongly supports holding the Pentagon accountable for tracking all of its assets, which will yield immeasurable fiscal and national security benefits

Cybersecurity and Critical Infrastructure Protection

Cybersecurity has been designated a high-risk area since 1997 and was expanded to include critical infrastructure protection in 2003. However, the Comptroller Dodaro reported that risks to our technology systems are only increasing. Cybersecurity concerns touch all aspects of government, from intellectual property and national security, to systems that support everyday energy and water systems. The GAO emphasizes the time-sensitive nature of these risks, reporting that “the federal government is not yet acting with a sense of urgency commensurate with the grave and rapidly evolving threats.”

According to the GAO, some of these risks are derived from our reliance on outdated technology. GAO experts testified that of the roughly $100 billion information technology (IT) budget across the federal government, 80 percent goes towards sustaining old systems that carry cybersecurity vulnerabilities as well as staffing challenges and increased maintenance costs.