Much of the news that has surrounded the Office of Personnel Management data breach has included information about the recommendations made by OPM’s Inspector General, Patrick McFarland. Mr. McFarland has made many recommendations over the years (he has been OPM’s IG since August 1990) regarding OPM’s data security, its funding, and more. Former OPM Director Katherine Archuleta was severely criticized by members of Congress for failure to aggressively implement IG recommendations.
I’m not going weigh in on who did what at OPM, but the OPM situation raises the question of the role of an Inspector General. When there is a disagreement between the IG and the agency head or agency officials, who wins? To examine that question, we need to start at the beginning, with the Inspector General Act of 1978. The IG Act was intended “to create independent and objective units—
(1) to conduct and supervise audits and investigations relating to the programs and operations of the establishments listed in section 12(2);
(2) to provide leadership and coordination and recommend policies for activities designed (A) to promote economy, efficiency, and effectiveness in the administration of, and (B) to prevent and detect fraud and abuse in, such programs and operations; and
(3) to provide a means for keeping the head of the establishment and the Congress fully and currently informed about problems and deficiencies relating to the administration of such programs and operations and the necessity for and progress of corrective action”
The Council of the Inspectors General on Integrity and Efficiency has an excellent description of the role of IGs. For the most part, there is little disagreement that IGs play a critical role in government. They can be particularly effective in identifying criminal wrongdoing. Their broad authority and requirement to report their findings to the President and the Congress enable IGs to uncover and speak out about their findings. The website for the OPM IG, for example, identifies a number of recent findings that have nothing to do with the breach. They include healthcare and insurance fraud, annuitant fraud, kickbacks schemes, and other wrongdoing.
The independence of IGs is a critical component of their ability to do their jobs. If an agency head is able to simply shut down an IG investigation that s/he does not like, no IG would be able to carry out their statutory mission. That is the reason IGs operate their own HR offices, budget processes, and other support functions, and zealously guard their independence from the agencies they are a part of.
So what is the problem? The problem is that IGs also make recommendations about agency management. It is part of their statutory responsibility to “promote economy, efficiency, and effectiveness in the administration of…programs and operations. Their statutory mandate is to make policy recommendations, not policy decisions. Sometimes agencies adopt their recommendations – sometimes they do not. When they choose to go another way and something goes wrong, they get grief from the Congress, the press, and the public because they did not do what their IG recommended.
It is easy to beat on agency officials for rejecting an IG recommendation, but most often that is done in the bright sunshine of hindsight. The IG said to do X, the agency chose to do Y, and it ended badly. Does that mean agencies should always do what their IG recommends? Of course not. There are a lot of reasons agency officials may reject an IG recommendation. The IG, like other auditors and investigators, is not always right. The people who are running programs (should) have more understanding of their programs and priorities than their IG. Agency heads are generally trying to carry out the policy direction of the Administration in which they serve. That policy direction and the direction the IG wants are not always aligned. The IG may have been appointed by a prior Administration that had a completely different policy agenda, or perhaps just has a different point of view.
In my own experience, I have had an IG tell me he was not making policy recommendations, he was making “good government” recommendations. Good government, like many other things, is in the eye of the beholder. His idea of good government was my idea of a bad policy. I respected the IG’s authority, but I did not agree with his ideas about policy. He was free to make recommendations and I was free to make policy decisions based on what I thought was best. That’s the way it works. If agency officials always did exactly what their IG recommended, there would be little need for the agency officials and the IG would become the de facto agency head. That was never the intent of the IG Act. But – agency officials who reject IG recommendations do so knowing they will be beat up for it if things go wrong.
After 38 years of have Inspectors General, I believe it is safe to say they have made government more accountable, more effective, and more efficient. It is also safe to say that some IGs are better than others. Some want to uncover wrongdoing and mismanagement, while others want to run the agency. Some have great relationships with agency heads, and some (maybe through no fault of their own) have toxic relationships with agency leaders. All of that is to say that simply choosing to do something other than what the IG recommends is not a sign of bad management or malfeasance. Sometimes it is simply a difference of opinion about how things should be done. When it goes badly, we hear about it. When it goes well, which is probably most of the time, we never hear about it. Keep that in mind the next time you see an agency official being beat up for exercising their best judgment. How many times were they right that you will never know about?