FY 2022 USSOCOM Financial Statement Reporting Package

September 30, 2022

UNCLASSIFIED

FY 2022 USSOCOM Financial

Statement Reporting Package

Table of Contents

United States Special Operations Command Financial Statements and Notes as of

September 30, 2022 and 2021…...……...………………………………………………

Department of Defense Office of the Inspector General Transmittal of Independent

Auditor’s Reports…………………………………………………………………….......

Grant Thornton Audit Reports……………………………………………………….......

Management Response to the Fiscal Year 2022 United States Special Operations

Command Financial Statement Audit Report……………………………………….......

111

UNCLASSIFIED

The accompanying notes are an integral part of these statements.

($ in Thousands)

Department of Defense

Other Defense Activities - Tier 2 - US Special Operations Command

CONSOLIDATED BALANCE SHEET - UNAUDITED

As of September 30, 2022 and 2021

Intragovernmental:

Fund Balance with Treasury (Note 3)

Accounts Receivable, Net (Note 6)

Other Assets (Note 10)

Total Intragovernmental

Other Than Intragovernmental:

Accounts Receivable, Net (Note 6)

Inventory and Related Property, Net (Note 8)

General Property, Plant and Equipment, Net (Note 9)

Advances and Prepayments (Note 10)

Total Other Than Intragovernmental

Total Assets

Stewardship PP&E (Note 9)

Liabilities (Note 11)

Intragovernmental:

Accounts Payable

Advances from Others and Deferred Revenue (Note 15)

Other Liabilities (Notes 13 and 15)

Total Intragovernmental

Other Than Intragovernmental:

Accounts Payable

Federal Employee and Veteran Benefits

Payable (Note 13)

Advances from Others and Deferred Revenue (Note 15)

Other Liabilities (Notes 15, 16 and 17)

Total Other Than Intragovernmental

Total Liabilities

Commitments and Contingencies (Note 17)

Net Position:

Unexpended Appropriations - Funds Other than

Dedicated Collections

Total Unexpended Appropriations (Consolidated)

Cumulative Results of Operations - Funds Other than

Dedicated Collections

Total Cumulative Results of Operations (Consolidated)

Total Net Position

Total Liabilities and Net Position

2022 Consolidated 2021 Consolidated

11,917,505

11,382,429

49,338 19,203

11,966,888

11,401,677

1,888

2,364

2,524,723

2,509,937

3,270,150

3,576,635

123,253

360,001

5,920,014

6,448,937

17,886,902

17,850,614

48,507 113,099

7,677

16,298

4,086

5,262

60,270 134,659

737,928

1,513,611

66,614

64,181

(3,064) (1,427)

40,306

48,613

841,784

1,624,978

902,054 1,759,637

11,412,380

10,237,420

11,412,380

10,237,420

5,572,468

5,853,554

5,572,468

5,853,554

16,984,848

16,090,974

17,886,902

17,850,611

UNCLASSIFIED

Department of Defense

The accompanying notes are an integral part of these statements.

($ in Thousands)

Other Defense Activities - Tier 2 - US Special Operations Command

CONSOLIDATED STATEMENT OF CHANGES IN NET POSITION - UNAUDITED

For the periods ended September 30, 2022 and 2021

UNEXPENDED APPROPRIATIONS

Beginning Balances (Includes Funds from Dedicated

Collections - See Note 18)

Prior Period Adjustments:

Beginning Balances, as adjusted

Appropriations received

Appropriations transferred in/out

Other adjustments (+/-)

Appropriations used

Net Change in Unexpended Appropriations (Includes

Funds from Dedicated Collections - See Note 18)

Total Unexpended Appropriations, Ending Balance (Includes

Funds from Dedicated Collections - See Note 18)

CUMULATIVE RESULTS OF OPERATIONS

Beginning Balances

Prior Period Adjustments:

Beginning Balances, as adjusted (Includes Funds

from Dedicated Collections - See Note 18)

Other adjustments (+/-)

Appropriations used

Non-exchange revenue (Note 20)

Transfers in/out without reimbursement

Imputed financing

Other

Net Cost of Operations (+/-) (Includes Funds from

Dedicated Collections - See Note 18)

Net Change in Cumulative Results of Operations

Cumulative Results of Operations, Ending (Includes

Funds from Dedicated Collections - See Note 18)

Net Position

2022 Consolidated 2021 Consolidated

10,237,420

10,49

5,034

10,237,420

10,495,034

13,232,204

13,079,599

38,972

7,829

(261,582) (274,029)

(11,834,634) (13,071,013)

1,174,960

(257,614)

11,412,380

10,237,420

5,853,554

5,735,119

5,853,554

5,735,119

(2,928) (28)

11,834,634

13,071,013

(582,259) (269,270)

18,845

18,001

49,075

209

11,598,455

12,701,492

(281,086)

118,435

5,572,468

5,853,554

16,984,848

16,090,974

UNCLASSIFIED

Department of Defense

The accompanying notes are an integral part of these statements.

($ in Thousands)

Other Defense Activities - Tier 2 - US Special Operations Command

COMBINED STATEMENT OF BUDGETARY RESOURCES - UNAUDITED

For the periods ended September 30, 2022 and 2021

Budgetary Resources:

1071 Unobligated balance from prior year budget authority,

net (discretionary and mandatory) (Note 21)

1290 Appropriations (discretionary and mandatory)

1890 Spending Authority from offsetting collections

(discretionary and mandatory)

1910 Total Budgetary Resources

Status of Budgetary Resources:

2190 New obligations and upward adjustments (total)

Unobligated balance, end of year:

2204 Apportioned, unexpired accounts

2404 Unapportioned, unexpired accounts

2412 Unexpired unobligated balance, end of year

2413 Expired unobligated balance, end of year

2490 Unobligated balance, end of year (total)

2500 Total Budgetary Resources

Outlays, Net:

4190 Outlays, net (total) (discretionary and mandatory)

4210 Agency Outlays, net (discretionary and mandatory)

2022 Combined 2021 Combined

2,328,572

2,143,392

13,272,676

13,046,095

609,461

518,337

16,210,709

15,707,824

14,237,543

13,890,155

1,439,730

1,185,417

257,057

1,439,742

1,442,474

533,423

375,195

1,973,165

1,817,669

16,210,708

15,707,824

12,471,589

13,302,857

12,471,589

13,302,857

UNCLASSIFIED

The accompanying notes are an integral part of these statements.

Department of Defense

Other Defense Activities - Tier 2 - US Special Operations Command

CONSOLIDATED STATEMENT OF NET COST - UNAUDITED

For the periods ended September 30, 2022 and 2021

Program Costs (Note 19)

Gross Costs

Operations, Readiness & Support

Procurement

Research, Development, Test & Evaluation

Family Housing & Military Construction

. (Less: Earned Revenue)

Net Cost before Losses/(Gains) from Actuarial Assumption Changes

for Military Retirement Benefits

Net Program Costs Including Assumption Changes

Net Cost of Operations

2022 Consolidated 2021 Consolidated

11,986,766

13,072,581

8,516,033

9,209,366

2,717,388

2,983,299

757,130

801,166

(3,786)

78,750

(388,311) (371,089)

11,598,455

12,701,492

11,598,455 12,701,492

UNCLASSIFIED

Note 1. Summary of Significant Accounting Policies - Unaudited

1.A. Reporting Entity

The United States Special Operations Command (USSOCOM) is comprised of the following Components

and Sub-Unified Commands, whose responsibilities are to ensure their Special Operations Forces (SOF)

are highly trained, equipped and rapidly deployable to support national security interests around the world:

 U.S. Army Special Operations Command (USASOC)

The USASOC is located at Ft. Bragg, North Carolina. The mission of USASOC is to organize, train, educate,

man, equip, fund, administer, mobilize, deploy, and sustain Army SOF to successfully conduct worldwide

special operations, across the range of military operations, in support of regional combatant commanders,

American ambassadors and other agencies as directed.

 Naval Special Warfare Command (NAVSPECWARCOM or NSWC)

The NAVSPECWARCOM is located at Naval Amphibious Base, Coronado, California. NSWC provides

vision, leadership, doctrinal guidance, resources, and oversight to ensure component maritime SOF are

ready to meet the operational requirements of Combatant Commanders.

 Air Force Special Operations Command (AFSOC)

The AFSOC is located at Hurlburt Field, Florida. The AFSOC is America’s specialized air power, a step

ahead in a changing world, delivering special operations combat power anytime, anywhere.

 Marine Corps Forces Special Operations Command (MARSOC)

The MARSOC is located at Camp Lejeune, North Carolina. The MARSOC, as the U.S. Marine Corps

component of USSOCOM, trains, organizes, equips, and when directed by the Commander of USSOCOM,

deploys task organized, scalable, and responsive U.S. Marine Corps SOF worldwide in support of

Combatant Commanders and other agencies.

 Joint Special Operations Command (JSOC)

The JSOC is a Sub-Unified Command of USSOCOM. The JSOC is a joint headquarters designed to study

special operations requirements and techniques, ensure interoperability and equipment standardization,

plan and conduct joint special operations exercises and training, and develop joint special operations

tactics.

Per 10 United States Code (USC) 165, “the Secretary of a military department is responsible for the

administration and support of forces assigned by him to a Combatant Command” (i.e., USSOCOM).

Combatant Command Support Agents (CCSAs) provides administrative support to the Combatant

Command headquarters, and the subordinate unified command headquarters. Components processes,

controls, and systems, including accounting systems are aligned with their “parent” Service (Army, Navy,

Air Force, Marine Corps); USSOCOM Headquarters element and Sub-Unified Commands’ processes and

controls are aligned with their CCSAs.

USSOCOM, through additional Sub-Unified Commands or Theatre Special Operation Commands

(TSOCs), supports the Geographic Combatant Commands (GCCs). The TSOCs are responsible for

planning special operations throughout their assigned areas of responsibility, planning, and conducting

peacetime joint training exercises, and orchestrating command and control of peacetime and wartime

special operations:

UNCLASSIFIED

 Theater Special Operations Command - Africa (SOCAFRICA)

The SOCAFRICA is a Sub-Unified Command of USSOCOM under operational control of United States

Africa Command (USAFRICOM), with headquarters in Kelley Barracks, Stuttgart-Mohringen, Germany.

The SOCAFRICA’s primary responsibility is to exercise operational control over theater-assigned or

allocated Air Force, Army, Marine, or Navy SOF conducting operations, exercises, and theater security

cooperation in the USAFRICOM area of responsibility.

 Theater Special Operations Command - Central (SOCCENT)

The SOCCENT, in partnership with interagency and international partners, supports the United States

Central Command’s (CENTCOM) and USSOCOM’s objectives by employing special operations to deter

and degrade malign actors, influence relevant populations, and enhance regional partners to protect U.S.

national interests and maintain regional stability. When directed, SOCCENT employs special operations

forces for contingency and crisis response.

 Theater Special Operations Command - Europe (SOCEUR)

The SOCEUR employs SOF across the United States European Command (USEUCOM) area of

responsibility to enable deterrence, strengthen European security collective capabilities and interoperability,

and counter transnational threats to protect U.S. personnel and interests.

 Theater Special Operations Command - Korea (SOCKOR)

The SOCKOR plans and conducts special operations in support of the Commander of United States

Forces/United Nations Commander/Combined Forces Commander in armistice, crisis, and war. The

SOCKOR is a functional Component Command of United States Forces Korea, tasked to plan and conduct

special operations in the Korean theater of operations. The SOCKOR continues to be the only TSOC in

which U.S. and host nation SOF are institutionally organized for combined operations. SOCKOR and

Republic of Korea (ROK) Army Special Warfare Command (SWC) regularly train in their combined roles,

while SOCKOR’s Special Forces detachment acts as the liaison between ROK Special Forces and the U.S.

Special Forces.

 Theater Special Operations Command - North (SOCNORTH)

The SOCNORTH, in partnership with the interagency and regional SOF, synchronizes operations against

terrorist networks and their acquisition or use of weapons of mass destruction, and when directed, employs

fully capable SOF to defend the homeland in depth and respond to crisis. The SOCNORTH is responsive,

capable, and postured to provide scalable SOF options to contribute to the defense of the homeland with

emphasis on counterterrorism, counter weapons of mass destruction-terrorism, and counter transnational

organized crime in Mexico.

 Theater Special Operations Command - Pacific (SOCPAC)

The SOCPAC is a Sub-Unified Command of USSOCOM under the operational control of U.S. Indo-Pacific

Command (USINDOPACOM) and serves as the functional component for all special operations missions

deployed throughout the Indo-Asia-Pacific region. The SOCPAC coordinates, plans, and directs all special

operations in the Pacific theater supporting Commander, USINDOPACOM objectives of deterring

aggression, responding quickly to crisis, and defeating threats to the United States and its interests.

UNCLASSIFIED

 Theater Special Operations Command - South (SOCSOUTH)

The SOCSOUTH is a Sub-Unified Command of USSOCOM under the operational control of U.S. Southern

Command. The SOCSOUTH is a joint Special Operations headquarters that plans and executes special

operations in Central and South America and the Caribbean.

USSOCOM is a component reporting entity of the DoD, which is a component reporting entity and

consolidation entity of the Government-wide reporting process. For this reason, some of the assets and

liabilities reported by USSOCOM may be eliminated for the Government-wide reporting because they are

offset by assets and liabilities of another U.S. Government entity. These financial statements should be

read with the realization they are for a component of the U.S. Government.

1.B. Mission of the Reporting Entity

USSOCOM synchronizes the planning of Special Operations and provides SOF to support persistent,

networked and distributed GCCs operations to protect and advance our Nation’s interests. Each service

branch has a Special Operations Command that is unique and capable of running its own operations, but

when the different SOF need to work together for an operation, USSOCOM becomes the Joint Command

of the operation.

To achieve this mission, SOF Commanders and staff must plan and lead a full range of lethal and non-

lethal special operations missions in complex and ambiguous environments. Additionally, USSOCOM

accomplishes these missions using four service component Commands, seven TSOCs, and JSOC. SOF

personnel serve as key members of Joint, Interagency, and international teams and must be prepared to

employ all assigned authorities and apply all available elements of power to accomplish the assigned

missions. This mission makes it a unique Unified Combatant Command.

1.C. Basis of Presentation

These financial statements have been prepared to report the financial position, financial condition, and

results of operations of USSOCOM, as required by the Chief Financial Officers Act of 1990, expanded by

the Government Management Reform Act of 1994, Office of the Secretary of Defense (OSD),

Memorandum, “Internal Reporting for USSOCOM Financial Statements”, Department of Defense (DoD)

Financial Statement Audit Guide, and other appropriate legislation. The accompanying financial statements

account for all resources for which USSOCOM is responsible unless otherwise noted. Accounting standards

require all reporting entities to disclose that accounting standards allow certain presentations and

disclosures to be modified, if needed, to prevent the disclosure of classified information.

To the extent possible, the financial statements have been prepared from the accounting records of

USSOCOM using financial data obtained from the military department financial systems, Army, Navy and

Air Force, and related non-financial system data and in accordance with U.S. Generally Accepted

Accounting Principles (GAAP) for federal entities as prescribed by the Federal Accounting Standards

Advisory Board (FASAB), the Office of Management and Budget (OMB) Circular No. A-136, “Financial

Reporting Requirements”, and DoD Financial Management Regulation (FMR). USSOCOM is unable to fully

comply with all elements of GAAP and the OMB Circular No. A-136, due to limitations of financial and

nonfinancial management processes and systems that support the financial statements. USSOCOM

derives reported values and information for major asset and liability categories largely from nonfinancial

systems, such as inventory and logistic systems. These systems were designed to support reporting

requirements for maintaining accountability over assets and reporting the status of federal appropriations

rather than preparing financial statements in accordance with GAAP. USSOCOM continues to implement

process and system improvements addressing these limitations. USSOCOM’s continued effort towards full

compliance with GAAP for the accrual method of accounting is encumbered by system limitations.

USSOCOM is unable to meet all full accrual accounting requirements. This is primarily because legacy

accounting systems were not designed to collect and record financial information on the full accrual

accounting basis but were designed to record information on a budgetary basis.

UNCLASSIFIED

1.D. Basis of Accounting

USSOCOM does not have a single accounting system. Therefore, USSOCOM financial statements and

supporting trial balances are compiled from the underlying financial data and trial balances of USSOCOM

components and TSOCs. USSOCOM Service Components’ processes, controls, and systems, including

accounting systems are aligned with their "parent" Service. USSOCOM Headquarters element and Sub-

Unified Commands’ processes and controls are aligned with their CCSA. The underlying data is largely

derived from budgetary transactions (obligations, disbursements, and collections), from nonfinancial feeder

systems, and accruals made for major items such as payroll expenses and accounts payable.

USSOCOM presents the Balance Sheet, Statement of Net Cost, and Statement of Changes in Net Position

on a consolidated basis, less eliminations, with the exception of revenue eliminations due to system

limitations. The financial transactions are recorded on a proprietary accrual and a budgetary basis of

accounting, except for issues noted for the Standard Operation and Maintenance Army Research and

Development System (SOMARDS) and the Standard Financial System (STANFINS). Under the accrual

basis, revenues are recognized when earned and expenses are recognized when incurred, without regard

to the timing of receipt or payment of cash. Whereas under the budgetary basis, generally the legal

commitment or obligation of funds is recognized in advance of the proprietary accruals and in compliance

with legal requirements and controls over the use of Federal funds.

USSOCOM is continuing to evaluate the effects that will result from fully adopting recent accounting

standards and other authoritative guidance issued by FASAB. The guidance listed below has the potential

to affect the financial statements; however, USSOCOM is currently unable to determine the full impact.

1) SFFAS 48: Opening Balances for Inventory, Operating Materials and Supplies, and Stockpile Materials:

Issued on January 27, 2016; Effective for periods beginning after September 30, 2016. USSOCOM

plans to utilize deemed cost to value beginning balances for inventory and related property (I&RP), as

permitted by SFFAS 48. USSOCOM has valued some of its I&RP using deemed cost methodologies,

as described in SFFAS 48. However, systems required to account for historical cost for I&RP in

accordance with SFFAS 3: Accounting for Inventory and Related Property, are not yet fully

implemented. Therefore, USSOCOM is not making an unreserved assertion with respect to this line

item.

2) SFFAS 50: Establishing Opening Balances for General Property, Plant, and Equipment: Amending

SFFAS 6, 10, and 23, and rescinding SFFAS 35: Issued on August 4, 2016. Effective Date: For periods

beginning after September 30, 2016.

USSOCOM plans to utilize deemed cost to value beginning balances for general property, plant, and

equipment (General PP&E), as permitted by SFFAS 50. USSOCOM has valued some of its General

PP&E using deemed cost methodologies as described in SFFAS 50. However, systems required to

account for historical cost for General PP&E in accordance with SFFAS 6: Accounting for Property,

Plant and Equipment, are not yet fully implemented. Therefore, USSOCOM is not making an

unreserved assertion with respect to this line item.

3) SFFAS 53: Budget and Accrual Reconciliation: Amending SFFAS 7 and 24, and Rescinding SFFAS

22: Issued October 27, 2017; Effective for periods beginning after September 30, 2018.

4) SFFAS 54: Leases: An Amendment to SFFAS 5, Accounting for Liabilities of the Federal Government,

and SFFAS 6, Accounting for Property, Plant, and Equipment: Issued Date: April 17, 2018. The

requirements of SFFAS 54 were deferred to reporting periods beginning after September 30, 2023,

under SFFAS 58, Deferral of the Effective Date of SFFAS 54, Leases: Issued June 19, 2020. Early

adoption is not permitted.

The DoD is continuing the actions required to bring its financial and nonfinancial feeder systems and

processes into compliance with GAAP. One such action is the ongoing revision of accounting systems to

record transactions based on the U.S. Standard General Ledger (USSGL). Until all USSOCOM financial

UNCLASSIFIED

and non-financial feeder systems and processes are GAAP compliant and can collect and report financial

information as required, some of USSOCOM’s financial data will be derived from budgetary transactions or

data from nonfinancial feeder systems.

1.E. Accounting for Intragovernmental and Intergovernmental Activities

Intragovernmental Activities: Treasury Financial Manual (TFM), Volume I, Part 2, Chapter 4700 Agency

Reporting Requirements for the Financial Report of the United States Government, provides guidance for

reporting and reconciling intragovernmental balances. Accounting standards require an entity to eliminate

intragovernmental activity and balances from consolidated financial statements to prevent overstatement

caused by the inclusion of business activity between entity components. Intragovernmental cost and

exchange revenue represent transactions made between two reporting entities within the federal

government. Cost and earned revenue with the public represent exchange transactions made between the

reporting entity and a non-federal entity. USSOCOM cannot accurately identify intragovernmental

transactions by customer because the underlying accounting systems do not track buyer and seller data at

the transaction level. Generally, at the DoD level, seller entities within the DoD provide summary seller-side

balances for revenue, accounts receivable, and unearned revenue to the buyer-side internal accounting

offices. In most cases, the buyer-side records are adjusted to agree with DoD seller-side balances and are

then eliminated. USSOCOM, by way of the DoD, is implementing replacement systems and a standard

financial information structure incorporating the necessary elements to enable USSOCOM to correctly

report, reconcile, and eliminate intragovernmental balances.

While USSOCOM is unable to fully reconcile intragovernmental transactions with all federal agencies,

USSOCOM can reconcile balances pertaining to benefit program transactions with the Office of Personnel

Management (OPM). USSOCOM is taking actions to fully reconcile intragovernmental transactions with all

Federal agencies.

Intergovernmental Activities: Goods and services are received from other federal agencies at no cost or at

a cost less than the full cost to the providing federal entity. Consistent with accounting standards, certain

costs of the providing entity that are not fully reimbursed by USSOCOM are recognized as imputed cost in

the Statement of Net Cost and are offset by imputed financing in the Statement of Changes in Net Position.

Imputed financing represents the cost paid on behalf of USSOCOM by another federal entity. In accordance

with SFFAS 55: Amending Inter-entity Cost Provisions, USSOCOM recognizes the general nature of

imputed costs only for business-type activities and other costs specifically required by OMB, including

employee pension, post-retirement health, and life insurance benefits. Unreimbursed costs of goods and

services other than those identified above are not included in USSOCOM’s financial statements.

The DoD’s proportionate share of public debt and related expenses of the Federal Government is not

included. The Federal Government does not apportion debt and its related costs to federal agencies. The

DoD’s financial statements do not report any public debt, interest, or source of public financing, whether

from issuance of debt or tax revenues.

For additional information, see Note 19, Disclosures Related to the Statement of Net Cost.

1.F. Non-Entity Assets

USSOCOM classifies assets as either entity or non-entity. Non-entity assets are not available for use in

USSOCOM’s normal operations. USSOCOM has stewardship accountability and reporting responsibility

for non-entity assets. An example of a non-entity asset is non-federal accounts receivable.

For additional information, see Note 2, Non-Entity Assets.

1.G. Fund Balance with Treasury (FBwT)

The FBwT represents the aggregate amount of USSOCOM’s available budget spending authority available

to pay current liabilities and finance future authorized purchases. USSOCOM’s monetary financial

UNCLASSIFIED

resources of collections and disbursements are maintained in the Department of the Treasury (Treasury)

accounts. The disbursing offices of Defense Finance and Accounting Service (DFAS), the Military

Departments, U.S. Army Corps of Engineers (USACE), and Department of State's financial service centers

currently process the majority of USSOCOM's cash collections, disbursements, and adjustments

worldwide. Monthly, each disbursing station reports to the U.S. Treasury on checks issued, electronic fund

transfers, interagency transfers, and deposits. The model of using DoD’s disbursing systems instead of

Treasury’s system is recognized by Treasury as Non-Treasury Disbursing Office (NTDO). DoD is actively

migrating NTDO transactions to TDO under the TDO Enterprise Strategy effort. TDO is DoD’s target end

state of executing payments and collections directly between DoD and Treasury using Treasury’s systems

and Treasury as the Service Provider. This posture will allow DoD to achieve FBwT accountability and

traceability through daily reconciliation and reporting directly with Treasury.

In addition, DFAS and the USACE Finance Center submit reports to U.S. Treasury by appropriation on

interagency transfers, collections received, and disbursements issued. Treasury records these transactions

to the applicable FBwT account.

Fund Balance with Treasury and the accompanying liability for deposit funds are not reported by individual

Other Defense Organizations General Fund but are reported in the Defense-wide General Fund. As such,

USSOCOM does not report deposit fund balances on its financial statements.

For additional information, see Note 3, Fund Balance with Treasury.

1.H. Cash and Other Monetary Assets

USSOCOM does not have any cash reported on the financial statements.

1.I. Investments and Related Interest

USSOCOM does not invest in Securities.

1.J. Accounts Receivable

Accounts receivable from other federal entities or the public include accounts receivable, claims receivable,

and refunds receivable. Allowances for uncollectible accounts due from the public are based upon factors

such as aging of accounts receivable, debtor’s ability to pay, and payment history.

For additional information, see Note 6, Accounts Receivable, Net.

1.K. Loans Receivable, Net and Loan Guarantee Liabilities

For additional information, see Note 7, Loans Receivable, Net and Loan Guarantee Liabilities.

1.L. Inventories and Related Property

USSOCOM currently does not have any inventory but does have related property.

Related property includes Operating Materials and Supplies (OM&S). OM&S, including munitions not held

for sale, are valued using various valuation methods. During prior years, USSOCOM inappropriately used

the Purchase Method of Accounting for OM&S and expensed all OM&S when procured. During Fiscal Year

(FY) 2021, USSOCOM commenced the adoption of the Consumption Method of Accounting for OM&S.

These efforts are still applicable for FY 2022.

For additional information, see Note 8, Inventory and Related Property, Net

1.M. General Property, Plant and Equipment (GPP&E)

UNCLASSIFIED

USSOCOM generally records General PP&E at the estimated historical cost. When applicable, USSOCOM

will continue to adopt SFFAS 50, which permits alternative methods in establishing opening balances

effective for periods beginning after September 30, 2016.

USSOCOM’s General PP&E is comprised of General Equipment (GE) and Construction-In-Progress (CIP).

Except for real property (RP) CIP, USSOCOM does not report any RP.

General PP&E assets are capitalized at historical acquisition cost when an asset has a useful life of two or

more years and when the acquisition cost equals or exceeds USSOCOM’s capitalization threshold.

USSOCOM capitalizes improvements to existing General PP&E assets if the improvements equal or

exceed the capitalization threshold and extend the useful life or increase the size, efficiency, or capacity of

the asset. USSOCOM depreciates all GE on a straight-line basis. USSOCOM does not meet the recognition

criteria to report RP (building, structures, and land) as described in the OUSD (Comptroller (C))

Memorandum, dated September 30, 2015, Accounting Policy Update for Financial Statement Reporting for

Real Property Assets. Therefore, all completed USSOCOM-funded RP CIP projects are transferred and

financially reported by the military departments/components. When it is in the best interest of the

government, USSOCOM provides government property to contractors to complete contract work.

USSOCOM either owns or leases such property, or it is purchased directly by the contractor for the

government based on contract terms. When the value of contractor-procured General PP&E exceeds

USSOCOM’s capitalization threshold, as required by federal accounting standards, USSOCOM reports on

its Balance Sheet.

For additional information, see Note 9, General PP&E, Net.

1.N. Other Assets

USSOCOM conducts business with commercial contractors under two primary types of contracts: fixed

price and cost reimbursable. USSOCOM may provide financing payments to contractors to alleviate the

potential financial burden from long-term contracts. Contract financing payments are defined in the Federal

Acquisition Regulation (FAR), Part 32, as authorized disbursements to a contractor prior to acceptance of

supplies or services by the Government. Contract financing payment clauses are incorporated in the

contract terms and conditions and may include advance payments, performance-based payments,

commercial advances and interim payments, progress payments based on cost, and interim payments

under certain cost-reimbursement contracts.

The Defense Federal Acquisition Regulation Supplement (DFARS) authorizes progress payments based

on a percentage or stage of completion only for construction of RP, shipbuilding, and ship conversion,

alteration, or repair. Progress payments based on percentage or stage of completion are reported as CIP.

Contract financing payments do not include invoice payments, payments for partial deliveries, lease and

rental payments, or progress payments based on a percentage or stage of completion.

For additional information, see Note 10, Other Assets.

1.O. Leases

Lease payments for the rental of equipment and operating facilities are classified as either capital or

operating leases. USSOCOM reports operating leases only; USSOCOM does not hold any capital leases

and is not a lessor in any lease arrangement. An operating lease does not substantially transfer all the

benefits and risk of ownership to USSOCOM. Payments for operating leases are expensed on a straight-

line basis over the lease term.

For additional information, see Note 16, Leases.

UNCLASSIFIED

1.P. Liabilities

Liabilities represent the probable future outflow or other sacrifice of resources because of past transactions

or events. However, no liability can be paid by USSOCOM absent proper budget authority. Liabilities

covered by budgetary resources are appropriated funds for which funding is otherwise available to pay

amounts due. Budgetary resources include new budget authority, unobligated balances of budgetary

resources at the beginning of the year or net transfers of prior year balances during the year, spending

authority from offsetting collections, and recoveries of unexpired budget authority through downward

adjustments of prior year obligations. Liabilities are classified as not covered by budgetary resources when

congressional action is needed before they can be paid.

For additional information, see Note 11, Liabilities Not Covered by Budgetary Resources.

1.Q. Environmental and Disposal Liabilities

USSOCOM does not report any Environmental Liabilities.

1.R. Other Liabilities

Other liabilities include:

1) Accrued payroll consists of estimates for salaries, wages, and other compensation earned by

employees but not disbursed as of September 30, 2022, and September 30, 2021.

2) Earned annual and other vested compensatory leave is accrued as it is earned and reported on the

Balance Sheet. The liability is reduced as leave is taken. Each year, the balances in the accrued leave

accounts are adjusted to reflect the liability at current pay rates and leave balances. Sick leave and

other types of non-vested leave are expensed when used.

3) SFFAS 51, Insurance Programs, established accounting and financial reporting standards for insurance

programs. OPM administers insurance benefit programs available for coverage to USSOCOM’s Civilian

employees. The programs are available to Civilian employees, but employees do not have to

participate. These programs include life, health, and long-term care insurance.

The life insurance program, Federal Employee Group Life Insurance (FEGLI) plan is a term life

insurance benefit with varying amounts of coverage selected by the employee. The Federal Employees

Health Benefits (FEHB) program is comprised of different types of health plans that are available to

Federal employees for individual and family coverage for healthcare. Those employees meeting the

criteria for coverage under FEHB may also enroll in the Federal Employees Dental and Vision Insurance

Program (FEDVIP). FEDVIP allows for employees to have dental insurance and vision insurance to be

purchased on a group basis.

The Federal Long Term Care Insurance Program (FLTCIP) provides long term care insurance to help

pay for costs of care when enrollees need help with activities they perform every day, or have a severe

cognitive impairment, such as Alzheimer’s disease. To meet the eligibility requirements for FLTCIP,

employees must be eligible to participate in FEHB. However, employees do not have to be enrolled in

FEHB.

OPM, as the administrating agency, establishes the types of insurance plans, options for coverage, the

premium amounts to be paid by the employees and the amount and timing of the benefit received.

USSOCOM has no role in negotiating these insurance contracts and incurs no liabilities directly to the

insurance companies. Employee payroll withholding related to the insurance and employee matches

are submitted to OPM.

For additional information, see Note 15, Other Liabilities.

UNCLASSIFIED

4) Custodial Liabilities represents liabilities for collections reported as non-exchange revenues where

USSOCOM is acting on behalf of another federal entity.

For additional information, see Note 13, Federal Employee and Veteran Benefits Payable and Note 15,

Other Liabilities.

1.S. Commitments and Contingencies

USSOCOM recognizes contingent liabilities on the Consolidated Balance Sheet for those legal actions

where management considers an adverse decision to be probable and the loss amount is reasonably

estimable. These legal actions are estimated and disclosed in Note 17, Commitments and Contingencies.

However, there are cases where amounts have not been accrued or disclosed because the likelihood of an

adverse decision is considered remote, or the amount of potential loss cannot be estimated.

Financial statement reporting is limited to disclosure when conditions for liability recognition do not exist but

there is at least a reasonable possibility of incurring a loss or additional losses. USSOCOM’s risk of loss

and resultant contingent liabilities arise mostly from pending or threatened litigation or claims and

assessments due to contract disputes.

USSOCOM does not have environmental contingencies.

For additional information, see Note 17, Commitments and Contingencies.

1.T. Federal Employee and Veteran Benefits

USSOCOM does not pay military payroll. Therefore, USSOCOM does not report any military retirement

and other federal employment benefits because such liabilities/costs are recorded on the financials

statements of the individual services.

1.U. Revenues and Other Financing Sources

USSOCOM receives congressional appropriations as financing sources for general funds. USSOCOM uses

these appropriations and funds to execute its missions, and subsequently reports on resource usage.

General funds are used for collections not earmarked by law for specific purposes, the proceeds of general

borrowing, and the expenditure of these moneys. DoD general fund appropriations cover costs including

personnel, operations and maintenance, research and development, procurement, and military

construction.

These funds either expire annually or some on a multi-year basis. When authorized by legislation, these

appropriations are supplemented by revenues generated by services provided. USSOCOM recognizes

revenue because of costs incurred for goods and services provided to other federal agencies and the public.

Full-cost pricing is USSOCOM’s standard policy for services provided as required by OMB Circular A-25:

User Charges. USSOCOM recognizes revenue when earned, within the constraints of its current system

capabilities, with the exception of activity recorded within SOMARDS.

In accordance with SFFAS 7, Accounting for Revenue and Other Financing Sources and Concepts

for Reconciling Budgetary and Financial Accounting, USSOCOM recognizes non-exchange revenue

when there is a specifically identifiable, legally enforceable claim to the cash or other assets of another

party that will not directly receive value in return.

1.V. Recognition of Expenses

DoD policy requires the recognition of operating expenses in the period incurred. Estimates are made for

major items such as payroll expenses and accounts payable.

UNCLASSIFIED

In the case of OM&S, operating expenses are generally recognized when the items are purchased, but

recorded as assets later, in accordance with the consumption method. USSOCOM has been working to

input OM&S into the accountable property system of record (APSR), Defense Property Accountability

System (DPAS), and is continuing the analysis to refine the Consumption Method of Accounting.

1.W. Budgetary Resources

The purpose of federal budgetary accounting is to control, monitor, and report on funds made available to

federal agencies by law and help ensure compliance with the law.

The following budgetary terms are commonly used:

Appropriation is a provision of law (not necessarily in an appropriations act) authorizing the expenditure of

funds for a given purpose. Usually, but not always, an appropriation provides budget authority.

Budgetary resources are amounts available to incur obligations each year. Budgetary resources consist of

new budget authority and unobligated balances of budget authority provided in previous years.

Obligation is a binding agreement that will result in outlays, immediately or in the future. Budgetary

resources must be available before obligations can be incurred legally.

Offsetting Collections are payments to the Government that, by law, are credited directly to expenditure

accounts and deducted from gross budget authority and outlays of the expenditure account, rather than

added to receipts. Usually, offsetting collections are authorized to be spent for the purposes of the account

without further action by Congress. They usually result from business-like transactions with the public,

including payments from the public in exchange for goods and services, reimbursements for damages, and

gifts or donations of money to the Government and from intragovernmental transactions with other

Government accounts. The authority to spend collections is a form of budget authority.

Offsetting receipts are payments to the Government that are credited to offsetting receipt accounts and

deducted from gross budget authority and outlays, rather than added to receipts. Usually, they are deducted

at the level of the agency and sub function, but in some cases, they are deducted at the level of the

Government as a whole. They are not authorized to be credited to expenditure accounts. The legislation

that authorizes the offsetting receipts may earmark them for a specific purpose and either appropriate them

for expenditures for that purpose or require them to be appropriated in annual appropriations acts before

they can be spent. Like offsetting collections, they usually result from business-like transactions with the

public, including payments from the public in exchange for goods and services, reimbursements for

damages, and gifts or donations of money to the Government, and from intragovernmental transactions

with other Government accounts.

Outlays are the liquidation of an obligation that generally takes the form of an electronic funds transfer.

Outlays are reported both gross and net of offsetting collections and they are the measure of Government

spending.

1.X. Treaties for Use of Foreign Bases

USSOCOM does not report any treaties for use of foreign bases.

1.Y. Use of Estimates

USSOCOM’s management makes assumptions and reasonable estimates in the preparations of financial

statements based on current conditions, which may affect the reported amounts. Actual results could differ

materially from the estimated amounts. Significant estimates include such items as year-end accruals of

accounts payable.

UNCLASSIFIED

1.Z. Parent-Child Reporting

USSOCOM receives it’s funding from OSD. USSOCOM is also party to allocation transfers with other DoD

entities as a receiving (child) entity. An allocation transfer is an entity’s legal delegation of authority to

obligate budget authority and outlay funds on its behalf. A separate fund account (allocation account) is

created in the U.S. Treasury as a subset of the parent fund account for tracking and reporting purposes. All

allocation transfers of balances are credited to this account; and subsequent obligations and outlays

incurred by the child entity are charged to this allocation account as they execute the delegated activity on

behalf of the parent entity. Generally, all financial activity related to allocation transfers (e.g., budget

authority, obligations, outlays) is reported in the financial statements of the parent entity.

As of September 30, 2022, and 2021, USSOCOM received allocation transfers from the following agencies:

Defense Acquisitions University (DAU), Defense Threat Reduction Agency (DTRA) and Defense Security

Cooperation Agency (DSCA).

1.AA. Transactions with Foreign Governments and International Organizations

USSOCOM does not report any transactions with Foreign Governments and International Organizations.

1.AB. Fiduciary Activities

USSOCOM does not report any fiduciary activities.

1.AC. Tax Exempt Status

As an agency of the federal government, USSOCOM is exempt from all income taxes imposed by any

governing body whether it is a federal, state, commonwealth, local, or foreign government.

1.AD. Standardized Balance Sheet, the Statement of Changes in Net Position and Related Footnotes

– Comparative Year Presentation

The format of the Balance Sheet has changed to reflect more detail for certain line items, as required for

all significant reporting entities by OMB Circular A-136. This change does not affect totals for assets,

liabilities, or net position and is intended to allow readers of this Report to see how the amounts shown on

the DoD-wide Balance Sheet are reflected on the Government-wide Balance Sheet, thereby supporting the

preparation and audit of the Financial Report of the United States Government. The presentation of the

fiscal year 2021 Balance Sheet and the related footnotes was modified to be consistent with the fiscal year

2022 presentation. The mapping of USSGL accounts, in combination with their attributes, to particular

Balance Sheet lines and footnotes is directed by the guidance published periodically under TFM, USSGL

Bulletins, Section V. The footnotes affected by the modified presentation are Note 6, Accounts Receivable,

Net; Note 10, Other Assets; Note 15, Other Liabilities; and Note 24, Reconciliation of Net Cost to Net

Outlays.

UNCLASSIFIED

Note 2. Non-Entity Assets - Unaudited

Table 2. Non-Entity Assets

As of September 30 2022

2021

(Amounts in thousands)

1. Non-Federal Assets

A. Accounts Receivable

B. Total Non-Federal Assets $

2. Total Non-Entity Assets

3. Total Entity Assets

17,886,900

17,850,611

4. Total Assets

17,886,902

17,850,614

SFFAS 1: Accounting for Selected Assets and Liabilities, states assets available to an entity to use in its

operations are entity assets, while those assets not available to an entity but held by the entity are non-

entity assets. While both entity and non-entity assets are to be reported on the financial statements, the

standards require segregation of these asset types. In addition, a liability must be recognized in an amount

equal to non-entity assets (See Note 15, Other Liabilities). Based on this guidance, USSOCOM has

stewardship accountability and reporting responsibility for nonentity assets.

Non-federal Assets - Accounts Receivable (Public)

The primary component of nonentity accounts receivable is the public receivable data call adjustment. The

balance reports the interest, penalties, and fines as of September 30, 2022 and September 30, 2021. Each

quarter, a manual input of Treasury Report on Receivables (TROR) informs the entry through a journal

voucher into the Defense Departmental Reporting System (DDRS) to ensure the ending balance of the trial

balance reconciles to the source system. Generally, USSOCOM cannot use these proceeds and must remit

them to the U.S. Treasury unless permitted by law.

UNCLASSIFIED

Note 3. Fund Balance with Treasury - Unaudited

Table 3. Status of Fund Balance with Treasury

As of September 30 2022 2021

(Amounts in thousands)

1. Unobligated Balance:

A. Available $

1,439,730 $ 1,185,417

B. Unavailable 533,436 632,252

Total Unobligated Balance

1,973,166

$ 1,817,669

2. Obligated Balance not yet

Disbursed

10,738,536 $ 10,064,798

3. Non-FBwT Budgetary Accounts:

A. Unfilled Customer Orders without

Advance

(742,437)

(466,294)

B. Receivables and Other (51,760)

(33,744)

Total Non-FBwT Budgetary Accounts

(794,197)

$ (500,038)

5. Total FBwT

11,917,505 $ 11,382,429

Treasury records cash receipts and disbursements on USSOCOM’s behalf; funds are available only for the

purposes for which the funds were appropriated. USSOCOM FBwT consists of appropriation accounts.

The Status of FBwT reflects the reconciliation between the budgetary resources supporting FBwT (largely

consisting of Unobligated Balance and Obligated Balance Not Yet Disbursed) and those resources provided

by other means. The Total FBwT reported on the Balance Sheet reflects the budgetary authority remaining

for disbursements against current or future obligations.

Unobligated Balance is classified as available or unavailable and represents the cumulative amount of

budgetary authority set aside to cover future obligations. The available balance consists primarily of the

unexpired, unobligated balance that has been apportioned and available for new obligations. The

unavailable balance consists primarily of unobligated appropriation from prior years (expired) that are no

longer available for new obligations.

Due to Coronavirus Aid, Relief and Economic Security (CARES) Act appropriations received during FY

2020, USSOCOM reported additional FBwT over prior years. See Note 29, COVID-19 Activity.

Obligated Balance not yet disbursed represents funds obligated for goods and services but not paid.

Based on Table 3 above, Non-FBwT Budgetary Accounts, such as unfilled customer orders and other

receivables, create budget authority and unobligated balances, but do not record to FBwT as there has

been no receipt of cash or direct budget authority, such as appropriations.

UNCLASSIFIED

Unfilled Customer Orders Without Advance and Reimbursements is a receivable providing budgetary

resources when recorded. FBwT is only increased when reimbursements are collected, not when orders

are accepted or have been earned.

Total FBwT does not include funds held because of allocation transfers received from other federal

agencies. USSOCOM received allocation transfers from other federal agencies for execution on their behalf

in the amount of $33 million in FY 2022, and $36 million in FY 2021.

Material discrepancies exist between FBwT as reflected in USSOCOM general ledger and the balance per

U.S. Treasury records. FBwT reported in the financial statements has been adjusted to reflect USSOCOM’s

balance as reported by Treasury. The difference between FBwT in USSOCOM’s general ledgers and FBwT

reflected in Treasury accounts is attributable to transactions that have not been posted to the individual

detailed accounts in USSOCOM’s general ledger, because of timing differences or the inability to obtain

valid accounting information prior to the issuance of the financial statements. USSOCOM continues to work

with its service provider to determine the accurate total undistributed amount. When research is completed,

these transactions will be recorded in the appropriate individual detailed accounts in USSOCOM’s general

ledger accounts.

UNCLASSIFIED

Note 4. Cash and Other Monetary Assets - Unaudited

For more information, see, Note 1.H, Cash and Other Monetary Assets.

UNCLASSIFIED

Note 5.

Investments and Related

Interest

Unaudited

For more information, see, Note 1.I., Investments and Related Interest.

UNCLASSIFIED

Note 6. Accounts Receivable, Net - Unaudited

Table 6. Accounts Receivable, Net

As of September 30

2022

Gross Amount Due

Allowance For

Estimated

Uncollectibles

Accounts Receivable, Net

(Amounts in

thousands)

1.Intragovernmental

Receivables

$ 49,338

$ 0

$ 49,338

2. Non

Federal

Receivables

(From the Public)

$ 2,330

$ (442) $ 1,888

3. Total Accounts

Receivable

$ 51,668 $ ( 442) $ 51,226

As of September 30

2021

Gross Amount Due

Allowance For

Estimated

Uncollectibles

Accounts Receivable, Net

(Amounts in thousands)

1.Intragovernmental

Receivables

$ 19,203

2. Non-Federal

Receivables (From

the Public)

$ 2,694

$ (330) $ 2,364

3. Total Accounts

Receivable

$ 21,896 $ ( 330) $ 21,567

Gross receivables, including federal receivables, must be reduced to net realizable value by an allowance

for doubtful accounts in accordance with SFFAS 1 and Technical Bulletin 2020-1, Loss Allowance for

Intragovernmental Receivables. Loss allowance recognition for intragovernmental receivables does not

alter the statutory requirements for the debtor agency to make the payment or for the collecting agency to

seek and obtain payment. USSOCOM has opted not to include federal receivables in the calculation for the

allowance. Historically, USSOCOM’s federal aged receivables have been immaterial and have not been

delinquent greater than two years. Additionally, per SFFAS 1, Losses on receivables should be recognized

when it is more likely than not that the receivables will not be totally collected. USSOCOM’s federal

receivables have shown to be more likely to be collected timely.

Accounts receivable represents USSOCOM’s claim for payment from other entities. Claims with other

federal agencies are resolved in accordance with the business rules published in Appendix 5 of Treasury

Financial Manual, Volume I, Part 2; Chapter 4700. USSOCOM uses historical public accounts receivable

UNCLASSIFIED

data to compute the allowance for doubtful accounts. Amounts with an age greater than two years are

considered doubtful for collection; these amounts are used in the allowance calculation.

USSOCOM does not currently have any cases that have generated an order for criminal restitution.

Presentational Changes

As of September 30, 2022, ‘Other assets’ of approximately $45 thousand have been reclassified from the

Accounts Receivable balance sheet line to Other Assets, in accordance with the TFM, Bulletin No. 2022-

12. For more information, see Note 1.AD., Standardized Balance Sheet, the Statement of Changes in Net

Position and Related Footnotes – Comparative Year Presentation.

UNCLASSIFIED

Note 7. Loans Receivable, Net and Loan Guarantee Liabilities - Unaudited

For more information, see Note 1.K., Loans Receivable, Net and Loan Guarantee Liabilities.

UNCLASSIFIED

Note 8. Inventory and Related Property, Net - Unaudited

Table 8A. Inventory and Related Property

As of September 30

2022

2021

(Amounts in thousands)

1. Operating Materiel & Supplies,

Net

2,524,723

2,509,937

Total Inventory and Related

Property, Net

2,524,723

2,509,937

USSOCOM does not have seized property, forfeited property, foreclosed property, and Goods held under

price support and stabilization programs.

See Table 8C., OM&S Categories for further information.

UNCLASSIFIED

Table 8C. OM&S Categories

As of September 30

2022

OM&S,

Gross Value

Revaluation

Allowance

OM&S, Net

Valuation

Method

(Amounts in thousands)

A. Held for Use $

2,301,487

Note1

B. Held in Reserve for

Future Use

151,127

Note1

C. Held for Repair

72,109

Note1

D. Excess, Obsolete,

and Unserviceable

6,571

(6,571)

NRV

E. Total

2,531,294

(6,571)

2,524,723

As of September 30

2021

OM&S,

Gross Value

Revaluation

Allowance

OM&S, Net

Valuation

Method

(Amounts in thousands)

A. Held for Use $ 2,340,486

2,340,486

Note1

B. Held in Reserve for

Future Use 121,368

121,368

Note1

C. Held for Repair 48,083

48,083

Note1

D. Excess, Obsolete,

and Unserviceable 1,582

(1,582)

NRV

E. Total

$ 2,511,519

(1,582)

2,509,937

Legend for Valuation Methods:

Note 1: Moving Average Cost, Historical Cost, and Replacement Price

NRV = Net Realizable Value

UNCLASSIFIED

USSOCOM’s Related Property is comprised of two OM&S asset categories: munitions and Uninstalled

Aircraft Engines (UAE). USSOCOM is reporting fixed wing UAE procured with Major Force Program (MFP)-

11 funds. These assets are valued at historical cost (HC).

USSOCOM is reporting all munitions procured with MFP-11 funds. Further, with Navy concurrence,

USSOCOM reports all munitions assets at the Naval Satellite Operations Center (NAVSOC). Navy

transferred ownership of any Navy-procured MFP-2 funded munitions to USSOCOM for financial reporting.

This is consistent with the GPP&E assets currently reported for NAVSOC. These are valued by Moving

Average Cost (MAC). All remaining munitions are currently valued at Replacement Price using current

catalog pricing. USSOCOM recognizes the latter is not in compliance with SFFAS 3 in this regard and

continues to work towards developing processes to implement MAC under the Consumption Method of

Accounting.

The values of each OM&S category were determined according to asset condition codes per the DoD

4000.25-2-M, Military Transaction Reporting and Accounting Procedures. Net realizable value is the

estimated amount that can be recovered from selling or disposing of an item less the estimated costs of

completion, holding and disposal. The “net realizable value” for materials classified as Excess, Obsolete,

and Unserviceable is zero. As a result, this balance has been written down to zero with the use of the OM&S

allowance account.

Underlying economic event details pertaining to OM&S have been largely unavailable. This is primarily due

to OM&S tracking issues, and system limitations; As of FY 2022, USSOCOM can report OM&S based on

the underlying activities: acquisitions, purchases, disposals gains, or losses for the current OM&S categories:

UAE and Munitions.

Currently, USSOCOM is unaware of any restrictions on the use of OM&S.

USSOCOM is in the process of applying deemed costs methods, in accordance with SFFAS 48 and/or

SFFAS 3, to establish opening balances for OM&S. USSOCOM is currently not making its unreserved

assertion to the completeness, valuation and accuracy of the OM&S beginning balances as of September

30, 2022, and 2021. See above, for additional information related to valuation methods. USSOCOM’s

systems, and the controls related to them, are not effective to support the fair presentation of the recorded

balances in accordance with GAAP.

Both UAE and munitions are aligned to OM&S categories based on Federal Supply Condition Codes as

noted in the respective material management system.

UNCLASSIFIED

Note 9. General PP&E, Net - Unaudited

Table 9A. Major General PP&E Asset Classes

As of September 30

2022

Depreciation/

Amortization

Method

Service

Life

Acquisition

Value

(Accumulated

Depreciation/

Amortization)

Net Book

Value

(Amounts in thousands)

1. Major Asset Classes

A. General Equipment S/L Various

4,778,255

(2,846,725)

1,931,530

B. Construction-in-

Progress N/A N/A

1,338,620

N/A

1,338,620

C. Total General PP&E

6,116,876

(2,846,725)

3,270,150

As of September 30

2021

Depreciation/

Amortization

Method

Service

Life

Acquisition

Value

(Accumulated

Depreciation/

Amortization)

Net Book

Value

(Amounts in thousands)

1. Major Asset Classes

A. General Equipment S/L Various

4,741,378

(2,612,370)

2,129,008

B. Construction-in-

Progress N/A N/A

1,447,627

N/A

1,447,627

C. Total General PP&E

6,189,005

(2,612,370)

3,576,635

Legend for Valuation Methods:

S/L = Straight Line N/A = Not Applicable

USSOCOM’s current capitalization threshold is $250 thousand. USSOCOM financially reports all capital

GPP&E assets procured with MFP-11 funds for all Components/TSOCs; Plus NSWC, with Navy

concurrence, which includes MFP-2 funded assets. There are no restrictions on the use or convertibility of

GPP&E.

USSOCOM does not have acquisition values or acquisition dates for a portion of the GPP&E population and

uses deemed cost methodologies to provide GPP&E values for financial statement reporting purposes.

USSOCOM does have acquisition values and dates for GPP&E acquired after May 1, 2018.

Within FY 2022 and FY 2021, accounting adjustments were made to the USSOCOM’s GE assets to ensure

accuracy of values based on ongoing audit remediation efforts. These accounting adjustments were

recognized in gain/loss accounts when auditable data was not available to support restatement of prior period

financial statements.

UNCLASSIFIED

Throughout FY 2021, USSOCOM worked to continually improve its GE financial reporting process and

data. These efforts continued throughout FY 2022.

Table 9B. Heritage Assets

For the Period Ended

September 30

2022

(physical count)

Categories:

Beginning

Balance

Additions (Deletions)

Ending

Balance

Museum Collection Items

(Objects, Not Including

Fine Art) 8,174

(8)

8,166

Museum Collection Items

(Objects, Fine Art) 785

(11)

774

For the Period Ended

September 30

2021

(physical counts)

Categories:

Beginning

Balance

Additions (Deletions)

Ending

Balance

Museum Collection Items

(Objects, Not Including

Fine Art) 8,175

(4)

8,174

Museum Collection Items

(Objects, Fine Art) 801

(16)

785

Heritage Assets

USSOCOM’s policy focuses on the preservation of its heritage assets, which are items of historical, cultural,

educational, or artistic importance. Heritage assets consist of museum collections. The heritage assets do

not relate to USSOCOM mission and are not reported on the financial statements.

Museum Collection Items

Museum collection items are items that have historical or natural significance; cultural, educational, or

artistic (including fine art, items such as portraits and artist depictions or historical value); or significant

technical or architectural characteristics.

The three additional artifacts reflected during FY 2021 were found during routine inventory. Museum

collection deletions mostly consist of 16 commercially produced lithograph prints (e.g., Jim Dietz, etc.) of

various historical subjects that are not SOF specific removed from US Army Center of Military History

database (AHCAS) as not being considered artifacts or artwork. They are retained by the Museum on local

unit property books, to be used for office/area decoration on hand receipts. Additionally, four line items were

removed from AHCAS as being incomplete, empty, or items already deaccessioned but not removed from

AHCAS; the deletions are correcting errors found in the database.

UNCLASSIFIED

Stewardship Land

USSOCOM does not have any stewardship land.

Table 9D. General PP&E, Net ‒ Summary of Activity

For the period ended September 30

2022

2021

(Amounts in thousands)

1. General PP&E, Net beginning of year $

3,576,635

3,829,014

2. Capitalized acquisitions

560,112

492,188

3. Dispositions

(15,487)

(17,961)

4. Transfers in/(out) without reimbursement

(582,308)

(269,314)

5. Revaluations (+/-)

(34,447)

(428,530)

6. Depreciation expense

(234,355)

(28,762)

7. General PP&E, Net end of year $

3,270,150

3,576,635

UNCLASSIFIED

Note 10. Other Assets - Unaudited

Table 10. Other Assets

As of September 30

2022

2021

(Amounts in thousands)

1. Intragovernmental

A. Other Assets 45

B. Total Intragovernmental $ 45

Other than Intragovernmental

A. Outstanding Contract Financing

Payments $ 115,375

353,120

B. Advances and Prepayments 7,878

6,881

C. Subtotal 123,253

360,001

D. Less: “Outstanding Contract Financing

Payments” and “Advance and

Prepayments” totaled and presented on

the Balance Sheet as “Advances and

Prepayments” (123,253)

(360,001)

3. Total Other Assets

$ 45

Outstanding Contract Financing Payments, a separate classification of advances and prepayments,

includes contract financing payments made in contemplation of the future performance of services, receipt

of goods, incurrence of expenditures or receipt of other assets.

Contract terms and conditions for certain types of contract financing payments convey certain rights to

USSOCOM protecting the contract work from state or local taxation, liens or attachment by the contractors’

creditors, transfer of property, or disposition in bankruptcy. However, these rights should not be

misconstrued to mean that ownership of the contractor’s work has transferred to USSOCOM. USSOCOM

does not have the right to take the work, except as provided in contract clauses related to termination or

acceptance. USSOCOM is not obligated to make payment to the contractor until delivery and acceptance.

Outstanding Contract Financing Payments are estimated future payments to contractors upon delivery and

government acceptance.

Advances and Prepayments are made in contemplation of the future performance of services, receipt of

goods, incurrence of expenditures, or receipt of other assets, excluding those made as Outstanding

Contract Financing Payments.

Presentational Changes

For more information, see Note 1.AD, Standardized Balance Sheet, the Statement of Changes in Net

Position and Related Footnotes – Comparative Year Presentation and Note 6, Accounts Receivable.

UNCLASSIFIED

Note 11. Liabilities Not Covered by Budgetary Resources - Unaudited

Table 11. Liabilities Not Covered by Budgetary Resources

As of September 30

2022

2021

(Amounts in thousands)

1. Intragovernmental Liabilities

A. Accounts payable $ 640

640

B. Total Intragovernmental Liabilities

$ 640

640

2. Other than Intragovernmental Liabilities

A. Accounts payable $ 161,281

165,125

B. Federal employee and veteran benefits

payable 63,908

62,915

C. Other liabilities 200

Total Other than Intragovernmental

Liabilities

$ 225,389

228,040

3. Total Liabilities Not Covered by

Budgetary Resources

$ 226,029

228,680

4. Total Liabilities Covered by Budgetary

Resources

$ 676,024

1,530,957

5. Total Liabilities

$ 902,054

1,759,637

Liabilities Not Covered by Budgetary Resources require future congressional action whereas liabilities

covered by budgetary resources reflect prior congressional action. USSOCOM fully expects to receive the

necessary resources to cover these liabilities in future years. See Note 13, Federal Employee and Veteran

Benefits Payable, for additional information related to 2.B., Federal employee, and veteran benefits

payable, in the table above.

Non-federal accounts payable not covered by budgetary resources represent amounts that are related to

canceled appropriations. Non-federal other liabilities are related legal contingencies. These amounts will

require resources that are funded from future-year appropriations. For additional information, see Note 17,

Commitments and Contingencies.

Intragovernmental Accounts Payable primarily represent liabilities in canceled appropriations, which, if paid,

will be disbursed using current year funds.

For additional information related to Other than Intragovernmental Other Liabilities, see Note 17,

Commitments and Contingencies.

Federal Employee and Veteran Benefits Payable consists of benefits that will be paid in the future. For

additional information, see Note 13, Federal Employee and Veteran Benefits Payable.

UNCLASSIFIED

Note 12.

Debt

Unaudited

USSOCOM does not have Federal Debt and Interest Payable.

UNCLASSIFIED

Note 13. Federal Employee and Veteran Benefits Payable - Unaudited

Table 13A. Federal Employee and Veteran Benefits Liability

As of September 30

2022

Liabilities

(Assets Available to Pay

Benefits)

Unfunded Liabilities

(Amounts in thousands)

1. Federal Employee and

Veteran Benefits Payable

(presented separately on

the Balance Sheet)

66,614

(2,706)

63,908

2. Other benefit-related

payables included in

Intragovernmental Other

Liabilities on the Balance

Sheet

4,440

(4,440)

3. Total Federal Employee

and Veteran Benefits

Payable

71,054

(7,146)

63,908

As of September 30

2021

Liabilities

(Assets Available to

Pay Benefits)

Unfunded Liabilities

(Amounts in thousands)

1. Federal Employee and

Veteran Benefits Payable

(presented separately on

the Balance Sheet) 64,181 (1,266) 62,915

2. Other benefit-related

payables included in

Intragovernmental Other

Liabilities on the Balance

Sheet 5,582 (5,582) 0

3. Total Federal Employee

and Veteran Benefits

Payable

$ 69,763 $ (6,848) $ 62,915

Other Benefit-Related Payables Included in Intragovernmental Other Liabilities on the Balance

Sheet

Other Benefit-Related Payables included in Intragovernmental Other Liabilities on the Balance Sheet

includes Employer Contributions and Payroll Taxes Payable. It represents the employer portion of payroll

UNCLASSIFIED

taxes and benefit contributions for health benefits, retirement, life insurance and voluntary separation

incentive payments.

Other Benefits

Other Benefits includes Accrued Unfunded Annual Leave liabilities and are related to unfunded employee

leave. These amounts will require resources that are funded from future-year appropriations. Unfunded

civilian leave is funded as leave is taken. As of September 30, 2022, there was $63.9 million of accrued

unfunded annual leave.

Reconciliation of Beginning and Ending Liability Balances for Military Retirement and Other Federal

Employee Benefits

For additional information, see Note 1.T., Federal Employee and Veteran Benefits.

UNCLASSIFIED

Note 14. Environmental and Disposal Liabilities - Unaudited

For more additional information, see Note 1.S., Commitments and Contingencies.

UNCLASSIFIED

Note 15.

Other Liabilities

Unaudited

Table 15A. Other Liabilities

As of September 30

2022

Current

Liability

Non-Current

Liability

Total

(Amounts in thousands)

1. Intragovernmental

A. Liabilities for non-entity

assets

(8)

B. Other liabilities

(356)

C. Subtotal

(346)

(8)

(354)

D. Other Liabilities reported on

Note 13, Federal Employee

and Veteran Benefits

Payable

4,440

E. Total Intragovernmental $

4,094

(8)

4,086

Other than

Intragovernmental

A. Accrued funded payroll and

leave $

33,680

B. Withholdings payable

203

C. Contract holdbacks

5,864

D. Contingent liabilities

200

. Other liabilities with related

budgetary obligations

359

F. Total Other than

Intragovernmental $

40,106

200

40,306

3. Total Other Liabilities

44,200

191

44,391

UNCLASSIFIED

As of September 30

2021

Current

Liability

Non-Current

Liability

Total

(Amounts in thousands)

1. Intragovernmental

A. Liabilities for non-entity assets

(6)

B. Other liabilities

(323)

C. Subtotal

(314)

(6)

(320)

D. Other Liabilities reported on

Note 13, Federal Employee

and Veteran Benefits Payable

5,582

E. Total Intragovernmental $

5,268

(6)

5,262

2. Other than Intragovernmental

A. Accrued funded payroll and

leave $

40,241

B. Withholdings payable

584

C. Contract holdbacks

7,334

127

7,461

D. Other liabilities with related

budgetary obligations

327

E. Total Other than

Intragovernmental $

48,486

127

48,613

3. Total Other Liabilities

53,754

121

53,875

Table 15B. Advances from Others and Deferred Revenue (reported separately from Other

Liabilities on the Balance Sheet):

As of September 30

2022

2021

(Amounts in thousands)

A. Intragovernmental $

7,677

16,298

B. Other than Intragovernmental

(3,064)

(1,427)

Advances from Others and Deferred Revenue

Advances from Others and Deferred Revenue represent liabilities for collections received to cover future

expenses or acquisition of assets USSOCOM incurs or acquires on behalf of another organization.

UNCLASSIFIED

Liabilities for Non-Entity Assets

Intragovernmental liabilities for Non-entity assets represent liabilities for collections reported as non-

exchange revenues where USSOCOM is acting on behalf of another Federal entity. For balances reported

during FY 2022 and FY 2021, USSOCOM is reporting penalties, fines, interest as non-entity assets that

are payable to the Department of Treasury.

Intragovernmental Other Liabilities

Other Liabilities primarily consists of the liquidation of liabilities with related budgetary obligation

transactions ingested into DDRS from the Naval Sea Systems Command (NAVSEA). The balance is

abnormal due to the original invoice being reported as Non-Federal. NAVSEA is working to implement new

systems and processes that should resolve the issue in the future. This error is immaterial and does not

impact any other line items.

Presentational Changes

Intragovernmental Other Liabilities on the Balance Sheet is no longer reported on a single footnote in

accordance with the streamlined balance sheet format (see additional information in Note 1.AD,

Standardized Balance Sheet, the Statement of Changes in Net Position and Related Footnotes –

Comparative Year Presentation). Certain accounts on the Balance Sheet line “Intragovernmental Other

Liabilities” are required to be reported on Note 13, Federal Employee and Veteran Benefits Payable, while

others are reported on this Note 15. The amounts from the Balance Sheet “Intragovernmental Other

Liabilities” reported on Note 13 are aggregated and included above as Other Liabilities Reported on Note

13. This presentation maintains the tie out of total Intragovernmental Other Liabilities on the tables to the

Balance Sheet.

Accrued Funded Payroll and Benefits

Accrued Funded Payroll and Benefits consist of amount for civilian employee’s payroll and benefits that are

funded out of the current year appropriations. It includes the FEGLI, FLTCIP and FEHB.

For additional information, see Note 1.R., Other Liabilities.

Contract Holdbacks

Contract Holdbacks are amounts withheld from grantees or contractors pending completion of related

contracts. For FY 2022 and FY 2021 contract holdbacks include $5.8 and $7.4 million for contracts

authorization progress payments based on cost as defined in the FAR.

Contingent Liabilities

Contingent Liabilities for FY 2022 includes legal contingent liabilities. For additional information, see

Note 17, Commitments and Contingencies.

Non-Federal Other Liabilities

For additional information, see Intragovernmental Other Liabilities, above.

UNCLASSIFIED

Note 16. Leases - Unaudited

Entity as Lessee

Capital Leases

For additional information, see Note 1.O., Leases.

Operating Lease

Table 16D. Entity as Lessee - Future Payments Due for Non-Cancelable Operating Leases

As of September 30, 2022

Asset Category

Land and

Buildings

Equipment Other Total

(Amounts in thousands)

1. Federal

Fiscal Year

2023 $

4,716

2024

2,480

2025

2,360

2026

2,360

2027

2,360

After 5 Years

12,978

Total

Federal Future Lease

Payments

27,254

2. Non-Federal

Fiscal Year

2023 $

7,668

590

8,258

2024

6,708

486

7,194

2025

4,445

483

4,928

2026

3,802

483

4,285

2027

3,632

3,712

After 5 Years

1,895

Total

Non

Federal

Future Lease Payments

28,150

2,122

30,272

Total Future Lease

Payments

55,404

2,122

57,526

UNCLASSIFIED

Description of Lease Arrangements:

The future payments due for operating leases disclosed in the “Future Payments Due for Non-Cancelable

Operating Leases” Table are for non-cancelable leases only.

USSOCOM gathers operating lease information from all its Components and TSOCs via a data call and

uses the information to populate Note 16. With this data call, it was found that USSOCOM does not have

any leases related to the “Other” category in FY 2022 and FY 2021. USSOCOM only has leases related to

buildings, land, and equipment. Leases related to land and buildings range in date from June 1, 2006, to

March 31, 2026. Equipment leases range in date April 1, 2016, to March 31, 2023.

Specifically, USSOCOM has federal facilities leases with terms that range from June 1, 2006, to March 31,

2033.

USSOCOM currently has non-federal leases for facilities and equipment. The facilities leases include

modular and Military Information Support Operations (MISO) facilities located at MacDill, Air Force Base

(AFB), Yokota Japan Air Base, Hurlburt Field, and Cannon AFB. The dates for these leases range from

August 28, 2018, to March 31, 2026.

The non-federal equipment leases include multifunctional devices, production copiers, cell phones, and

containers. The date range for the leases is January 1, 2019, to November 30, 2026.

USSOCOM uses the escalation clauses for the future year payments. The escalation clauses are retrieved

from the FY 2023 President’s Budget. The escalation clauses are percentages that reflect the annual future

inflation rates. Each future year operating lease balance is multiplied by the percentage to calculate the

future lease payments.

Entity as Lessor

Capital Leases:

For additional information, see Note 1.O., Leases.

Operating Leases:

For additional information, see Note 1.O., Leases.

UNCLASSIFIED

Note 17. Commitments and Contingencies - Unaudited

USSOCOM is a party in various administrative proceedings, legal actions, and other claims awaiting

adjudication that may result in settlements or decisions adverse to the Federal government. These matters

arise in the normal course of operations; generally related to equal opportunity, and contractual matters;

and their ultimate disposition is unknown. In the event of an unfavorable judgment against the Government,

some of the settlements are expected to be paid from the Treasury Judgment Fund. In most cases,

USSOCOM does not have to reimburse the Judgment Fund; reimbursement is only required when the case

comes under either the Contracts Disputes Act or the No FEAR Act.

Not all claims that may involve USSOCOM in some way are reported. For example, in the case of tort

claims filed against the United States under the Federal Tort Claims Act, our lawyers do not give

substantive attention to, or represent USSOCOM in connection with, such cases. Moreover, USSOCOM

is not authorized to settle and pay tort claims, which authority is reserved to the Military Departments.

In accordance with SFFAS 5, Accounting for Liabilities of the Federal Government, as amended by

SFFAS 12, Recognition of Contingent Liabilities Arising from Litigation, an assessment is made as to

whether the likelihood of an unfavorable outcome is considered probable, reasonably possible, or remote.

USSOCOM would accrue contingent liabilities for material contingencies where an unfavorable outcome is

considered probable, and the amount of potential loss is measurable. The estimated liability may be a

specific amount or a range of amounts. If some amount within the range is a better estimate than any other

amount within the range, the amount recognized, and the range is disclosed. If no amount within the range

is a better estimate than any other amount, the minimum amount in the range is recognized. No amounts

have been accrued for contingencies where the likelihood of an unfavorable outcome is less than probable,

where the amount or range of potential loss cannot be estimated due to a lack of sufficient information, or

for immaterial contingencies. Any presented amounts accrued for legal contingent liabilities would be

included within the contingent liabilities amount reported in Note 15, Other Liabilities.

Table 17. Summary of Legal Contingent Liabilities*

As of September 30

2022

Accrued Liabilities

Estimated Range of Loss

Lower End Upper End

Legal Contingent Liabilities

Probable $

200

Reasonably Possible

7,100

9,600

As of September 30

2021

Accrued Liabilities

Estimated Range of Loss

Lower End Upper End

Legal Contingent Liabilities

Probable $

500

Reasonably Possible 0

4,700

UNCLASSIFIED

The amounts in the tables above are consistent with the information summarized on USSOCOM’s

management schedule and legal representation letter. The probable legal contingent liability, with an

estimated loss of $200 thousand, as of September 30, 2022, stems from a contract dispute regarding

changed delivery terms and a termination for convenience. USSOCOM has reported an accrued liability on

the balance sheet associated with this matter.

UNCLASSIFIED

Note 18. Funds from Dedicated Collections - Unaudited

USSOCOM does not have any funds from dedicated collections.

UNCLASSIFIED

Note 19. Disclosures Related to the Statement of Net Cost - Unaudited

Table 19. Costs and Exchange Revenue by Appropriation Category

As of September 30

2022

2021

(Amounts in thousands)

Operations, Readiness & Support

1. Gross Cost $ 8,516,033

9,209,366

2. Less: Earned Revenue (308,291)

(344,166)

Net Program Costs $ 8,207,742

8,865,200

Procurement

1. Gross Cost $ 2,717,388

2,983,299

2. Less: Earned Revenue (20,146)

(614)

Net Program Costs $ 2,697,242

2,982,685

Research, Development, Test &

Evaluation

1. Gross Cost $ 757,130

801,166

2. Less: Earned Revenue (24,813)

(26,309)

Net Program Costs $ 732,317

774,857

Family Housing & Military Construction

1. Gross Cost $ (3,786)

78,750

2. Less: Earned Revenue (35,061)

Net Program Costs $ (38,847)

78,750

Consolidated

1. Gross Cost $ 11,986,766

13,072,581

2. Less: Earned Revenue (388,311)

(371,089)

Total Net Cost $ 11,598,455

12,701,492

The Statement of Net Cost (SNC) represents the net cost of programs and organizations of USSOCOM

supported by appropriations or other means. The intent of the SNC is to provide gross and net cost

information related to the amount of output or outcome for a given program or organization administered

by a responsible reporting entity. USSOCOM’s current processes and systems capture costs based on

appropriations groups as presented in the schedule above. These appropriations are considered Major

Programs for USSOCOM. The DoD is in the process of reviewing available data and developing a more

detailed cost reporting methodology.

The abnormal balance reported under Family Housing & Military Construction, is mainly attributable to the

system migration of Navy-Wide financial systems. The migration for USSOCOM’s Military Construction

Agents’, Naval Facilities Engineering Systems Command (NAVFAC), is on-going and included a brown out

UNCLASSIFIED

period where many transactions/processes were completed manually. As a result, the reporting of CIP

related operating expenses that occurred in the prior year, was delayed. The estimated migration

completion is to be determined. The system migration generally impacts all accounts and financial

statement line items. USSOCOM currently cannot estimate the magnitude of this timing issue.

UNCLASSIFIED

Note 20. Disclosures Related to the Statement of Changes in Net Position - Unaudited

Opening Balances for Inventory, Operating Materials and Supplies, and Stockpile Materials

The FASAB issued SFFAS 48: Opening Balances for Inventory, Operating Materials and Supplies, and

Stockpile Materials and SFFAS 50: Establishing Opening Balances for General Property, Plant and

Equipment. These standards permit alternative methods in establishing opening balances and are effective

for periods beginning after September 30, 2016. With the adoption of this methodology, USSOCOM utilizes

other gains and losses to capture the adjustments within the Statement of Changes in Net Position (SCNP).

For additional information, see Note 8, Inventory and Related Property.

Miscellaneous Items primarily includes the current year authority transfers in, and current year authority

transfers out.

The Appropriations Received on the SCNP does not agree with Appropriations (Discretionary and

Mandatory) on the SBR. The difference is due to transfers of current year authority and permanent

reductions to prior year balances.

Table 20. Reconciliation of Appropriations on the SBR to Appropriations Received on the Statement

of Changes in Net Position

As of September 30 2022

2021

(dollars in thousands)

Appropriations, SBR

13,272,676

13,046,095

Permanent and Temporary Reductions $

(0)

(29,838)

Miscellaneous Items - Transfers of Current

(40,472)

(3,666)

Total Reconciling Difference

(40,472)

(33,504)

Appropriations Received, Statement of

Changes in Net Position $

13,232,204

13,079,599

UNCLASSIFIED

Note 21. Disclosures Related to the Statement of Budgetary Resources - Unaudited

Table 21B. Budgetary Resources Obligated for Undelivered Orders at the End of the Period

As of September 30

2022

2021

(Amounts in thousands)

1. Intragovernmental:

A. Unpaid

760,248

705,626

B. Prepaid/Advanced

C. Total Intragovernmental

760,248

705,626

2. Non-Federal:

A. Unpaid

9,304,786

7,828,266

B. Prepaid/Advanced

123,253

360,001

C. Total Non-Federal

9,428,039

8,188,267

3. Total Budgetary Resources Obligated for

Undelivered Orders at the End of the Period

10,188,287

8,893,893

The SBR is presented on a combined basis in accordance with OMB Circular No. A-136; thus, intra-entity

transactions have not been eliminated from the amounts presented. This presentation differs from that of

the other principal financial statements, which are presented on a consolidated basis. For additional details

on the difference between the SCNP and SBR, see Note 20, Disclosures Related to the Statement of

Changes in Net Position.

Net Adjustments to Unobligated Balance, Brought Forward, October 1

There were no material adjustments during FY 2022 to budgetary resources available at the beginning of

the year.

Explanation of Differences Between the SBR and the Budget of the U.S. Government

USSOCOM’s financial results are consolidated within the DoD General Fund financial results. As such,

USSOCOM is not presented separately in the President’s Budget but is instead a part of the DoD’s

reconciliation to the President’s Budget. The DoD 2022 AFR contains a reconciliation between the

budgetary resources, new obligations and upward adjustments, distributed offsetting receipts, and Net

Outlays to the President’s Budget. Included in that reconciliation is an adjustment to include the USSOCOM

to reconcile to the President’s Budget amounts.

Contributed Capital

There was no infusion of capital received in FY 2022, or FY 2021.

Other Disclosures

UNCLASSIFIED

USSOCOM does not have any permanent indefinite appropriations.

USSOCOM has no legal arrangements affecting the use of unobligated balances.

UNCLASSIFIED

Note 22. Disclosures Related to Incidental Custodial Collections - Unaudited

USSOCOM does not have any disclosures related to incidental custodial collections.

UNCLASSIFIED

Note 23.

Fiduciary Activities

Unaudited

For additional information, see Note 1.AB, Fiduciary Activities.

UNCLASSIFIED

Note 24. Reconciliation of Net Cost to Net Budgetary Outlays - Unaudited

Table 24. Reconciliation of the Net Operating Cost & Net Budgetary Outlays

As of September 30

2022

Federal Non-Federal Total

(Amounts in thousands)

1. Net Cost of Operations (SNC)

3,976,415

7,622,040

11,598,455

Components of Net Cost Not Part of Net

Budgetary Outlays

2. Change in General property, plant, and

equipment, net $

(306,486)

3. Change in Inventory and related

property, net

2,248,864

4. Increase/(decrease) in Assets:

a. Accounts receivable, net

17,701

(476)

17,225

b. Other assets

(236,747)

5. (Increase)/Decrease in Liabilities:

a. Accounts payable

77,028

775,683

852,711

b. Federal employee and veteran

benefits payable

(2,433)

c. Other liabilities

9,797

9,944

19,741

6. Financing Sources:

a. Imputed cost

(18,845)

7. Total Components of Net Cost Not Part

of Net Budgetary Outlays

85,681

2,488,349

2,574,030

Miscellaneous Reconciling Items

8. Transfers (in)/out without

reimbursements $

582,259

9. Other

(2,234,078)

10. Total Other Reconciling Items

582,259

(2,234,078)

(1,651,819)

11. Total Net Outlays

4,644,355

7,876,311

12,520,666

12. Budgetary Agency Outlays, Net

(Statement of Budgetary Resources)

12,471,589

13. Unreconciled Difference

49,077

UNCLASSIFIED

As of September 30

2021

Federal Non-Federal Total

(Amounts in thousands)

1. Net Cost of Operations (SNC)

1,380,780

11,320,711

12,701,491

Components of Net Cost Not Part of Net

Budgetary Outlays

2. Change in General property, plant, and

equipment, net $

(252,378)

3. Change in Inventory and related

property, net

2,509,937

4. Increase/(decrease) in Assets:

a. Accounts receivable, net

(3,639)

293

(3,346)

b. Other assets

117,727

5. (Increase)/Decrease in Liabilities:

a. Accounts payable

51,920

105,369

157,289

b. Federal employee and veteran

benefits payable

3,237

c. Other liabilities

(5,091)

57,012

51,921

6. Financing Sources:

a. Imputed cost

(18,001)

7. Total Components of Net Cost Not Part

of Net Budgetary Outlays

25,189

2,541,197

2,566,386

Miscellaneous Reconciling Items

8. Transfers (in)/out without

reimbursements $

269,270

9. Other

(2,234,388)

10. Total Other Reconciling Items

269,270

(2,234,388)

(1,965,118)

11. Total Net Outlays

1,675,239

11,627,520

13,302,759

12. Budgetary Agency Outlays, Net

(Statement of Budgetary Resources)

13,302,857

13. Unreconciled Difference

(98)

Presentational Changes

The FY 2021 reconciliation conforms to presentation changes resulting from the DoD’s continual effort to

reconcile the Net Cost of Operations with the Net Budgetary Outlays. For additional information, see Note

UNCLASSIFIED

1.AD, Standardized Balance Sheet, the Statement of Changes in Net Position and Related Footnotes –

Comparative Year Presentation.

Other Disclosures

The Reconciliation of Net Cost to Net Outlays demonstrates the relationship between the USSOCOM’s Net

Cost of Operations, reported on an accrual basis on the Statement of Net Cost, and Net Outlays, reported

on a budgetary basis on the SBR. While budgetary and financial accounting are complementary, the

reconciliation explains the inherent differences in timing and in the types of information between the two

during the reporting period. The accrual basis of financial accounting is intended to provide a picture of the

USSOCOM’s operations and financial position, including information about costs arising from the

consumption of assets and the incurrence of liabilities. Budgetary accounting reports on the management

of resources by USSOCOM. Outlays are payments to liquidate an obligation, other than the repayment to

the Treasury of debt principal.

The Reconciling Difference can be generally attributed to timing differences between the recognition of

expenses/revenues and disbursements/collections on the Statement of Net Cost and SBR. Additionally,

USSOCOM’s diverse business events may be recorded using different, but equally valid, transaction

scenarios. Research is on-going to identify and resolve residual differences.

UNCLASSIFIED

Note 25. Public-Private Partnerships - Unaudited

As of September 30, 2022, and 2021, USSOCOM completed an assessment of public-private partnerships

for which USSOCOM may be involved. Upon completion of the assessment, USSOCOM has not identified

any entities that meet the requirements for disclosures under SFFAS 49, Public/Private Partnerships.

UNCLASSIFIED

Note 26. Disclosure Entities and Related Parties - Unaudited

Under SFFAS 47 Reporting Entity, agencies are required to disclose information for disclosure entities and

related parties. USSOCOM performed an assessment of potential relationships, which may fall under the

criteria listed within SFFAS 47. Upon conclusion of the aforementioned assessment, USSOCOM did not

identify any disclosure entities or related parties for disclosure in the financial statement footnotes.

UNCLASSIFIED

Note 27. Security Assistance Accounts - Unaudited

USSOCOM does not have any Security Assistance Accounts.

UNCLASSIFIED

Note 28. Restatements - Unaudited

USSOCOM does not have any restatements.

UNCLASSIFIED

Note 29. COVID-19 Activity - Unaudited

In response to societal and economic impacts of Coronavirus Disease 2019 (COVID-19), multiple public

laws were enacted to soften the impact of this pandemic on individuals, businesses, and Federal, state,

and local government operations. In FY 2020, one of these public laws had a direct impact on USSOCOM

through the provision of $18.2 million in supplemental appropriations. Additional supplemental funding had

not been received as of September 30, 2022.

CARES Act

On March 27, 2020, the CARES Act (Public Law 116-136) was signed into law, which provided FY 2020

supplemental appropriations for USSOCOM to respond to COVID-19. The supplemental appropriations

were designated as emergency spending. In FY 2020, USSOCOM received $18.2 million of budgetary

resources because of the CARES Act. Of the $18.2 million CARES Act funding received, USSOCOM has

committed and obligated $17.6 million as of September 30, 2022. Of the $17.6 million, $17.4 million has

been obligated and disbursed towards Personal Protection Equipment (PPE) - Medical Countermeasures,

Pharmaceuticals and Medical Supplies and Cleaning Contracts and Non-Medical Supplies/Equipment; As

of September 30, 2022, there is no unobligated balances remaining for the CARES Act funding. The total

impact of the funding on USSOCOM's assets, liabilities, costs, revenues, and net position has not been

determined.

Operations and Maintenance

In FY 2022 and FY 2021, USSOCOM incurred costs related to the pandemic that are not reimbursable from

the supplemental funding. USSOCOM direct Operation and Maintenance (O&M) funding has been used

toward COVID-19 related activities.

As of September 30, 2022, the estimated year-to-date obligations used toward the COVID-19 response are

$206 thousand. Of the $206 thousand, $156 thousand has been disbursed toward the following general

program categories: Travel, Equipment, Supplies, Contracts and Other. Specifically, these resources are

being used to purchase PPE supplies and equipment, cleaning contracts, and medical countermeasures.

The total impact of the funding on USSOCOM's assets, liabilities, costs, revenues, and net position have

not been determined.

As of September 30, 2021, USSOCOM had committed and obligated an estimated cumulative total of $57M

million toward the COVID-19 response. Of the $57 million, $39 million had been disbursed toward the

following general program categories: Facilities, Travel, Equipment, Supplies, Contracts and Other.

Specifically, these resources are being used to purchase PPE supplies and equipment, pharmaceuticals,

cleaning contracts, additional medical staff, and medical countermeasures. Unpaid obligations as of

September 30, 2022, was $9.8 million. The total impact of the funding on USSOCOM's assets, liabilities,

costs, revenues, and net position have not been determined.

The amounts received and/or used toward COVID-19 related activities are as follows:

UNCLASSIFIED

Table 29C. Budgetary Resources for COVID-19 Activity Funded by COVID-19 Disaster Emergency

Fund (DEF)Codes

For the period ended September 30

(Amounts in thousands)

2022

2021

Unobligated and unexpired balance,

beginning of year

3,774

14,271

Less: Obligations

(3,150)

(10,940)

Less: Expiring funds

(624)

(3,331)

Unobligated and unexpired balance, end of

period

Outlays, Net (Total) $

272

11,534

Table 29C. Adjusted - Budgetary Resources for COVID-19 Activity Funded by COVID-19 Disaster

Emergency Fund (DEF) Codes

For the period ended September 30

(Amounts in thousands)

2022

2021

Unobligated and unexpired balance,

beginning of year

655

226

Less: Obligations

(31)

(13)

Less: Expiring funds

(624)

(213)

Unobligated and unexpired balance, end of

period 0

Outlays, Net (Total) $

272

11,534

DEF Codes included: N for Coronavirus Aid, Relief, and Economic Security Act (CARES Act) (Public Law 116-136), Emergency

Due to system limitations in FY 2020, USSOCOM began tracking funding and execution of CARES Act

Funding using special budget line item codes set up within the various accounting systems. As of FY 2021,

USSOCOM began utilizing the appropriate DEF Code to report COVID-19 Activity executed with CARES

Act funding. Table 29C, was systematically generated using DEF Code ‘N’; However, the FY 2021 balances

were overstated due to the aforementioned system limitation. This error was immaterial and does not impact

any other line items. Table 29C – Adjusted, depicts the true status of CARES Act funding for FY 2022 and

FY 2021.

Table 29D, below, is a new table as of September 30, 2022.

UNCLASSIFIED

Table 29D. Budgetary Resources for Other COVID-19 Activity, Funded by Annual and Permanent

Appropriations

For the period ended September 30

(Amounts in thousands)

2022

2021

Unpaid obligations, beginning of year

18,490

30,550

New obligations

1,910

12,313

Other changes (+/-)

(4,660)

Less: Outlays

(5,888)

(24,373)

Unpaid obligations, end of period

9,852

18,490

UNCLASSIFIED

Note 30. Subsequent Events - Unaudited

USSOCOM is currently unaware of any subsequent events or transactions that occurred after the date of

the Balance Sheet, that would require adjustments to or disclosure in the statements.

UNCLASSIFIED

Note 31. Reclassification of Financial Statement Line Items for Financial Report Compilation

Process - Unaudited

USSOCOM does not have any reclassifications.

UNCLASSIFIED

INSPECTOR GENERAL

DEPARTMENT OF DEFENSE

4800 MARK CENTER DRIVE

ALEXANDRIA, VIRGINIA 22350-1500

November 7, 2022

MEMORANDUM FOR UNDER SECRETARY OF DEFENSE (COMPTROLLER)/

CHIEF FINANCIAL OFFICER, DOD

COMMANDER, U.S. SPECIAL OPERATIONS COMMAND

DIRECTOR, DEFENSE FINANCE AND ACCOUNTING SERVICE

SUBJECT: Transmittal of the Independent Auditor’s Reports on the U.S. Special

Operations Command Financial Statements and Related Notes for FY 2022 and

FY 2021 (Project No. D2022-D000FP-0077.000, Report No. DODIG-2023-013)

We contracted with the independent public accounting firm of Grant Thornton, LLP

(Grant Thornton) to audit the U.S. Special Operations Command (USSOCOM) Financial

Statements and related notes as of and for the fiscal years ended September 30, 2022,

and 2021. The contract required Grant Thornton to provide a report on internal control

over financial reporting and compliance with provisions of applicable laws and

regulations, contracts, and grant agreements, and to report on whether the USSOCOM’S

financial management systems substantially complied with the requirements of the

Federal Financial Management Improvement Act of 1996. The contract required Grant

Thornton to conduct the audit in accordance with generally accepted government

auditing standards (GAGAS); Office of Management and Budget audit guidance; and the

Government Accountability Office/Council of the Inspectors General on Integrity and

Efficiency, “Financial Audit Manual,” June 2022, Volume 1, Volume 2 (Updated,

June 2022), and Volume 3 (Updated, June 2022). Grant Thornton’s Independent

Auditor’s Reports are attached.

Grant Thornton’s audit resulted in a disclaimer of opinion. Grant Thornton could not

obtain sufficient, appropriate audit evidence to support the reported amounts within

the USSOCOM Financial Statements. As a result, Grant Thornton could not conclude

whether the financial statements and related notes were presented fairly in accordance

with Generally Accepted Accounting Principles. Accordingly, Grant Thornton did not

express an opinion on the USSOCOM FY 2022 and FY 2021 Financial Statements and

related notes.

UNCLASSIFIED

Grant

Thornton’s additional report, “Report of Independent Certified Public

Accountants on Internal Control Over Financial Reporting and on Compliance and Other

Matters Required by Government Auditing Standards,” discusses five material

weaknesses related to the USSOCOM’s internal controls over financial reporting.*

Specifically, Grant Thornton concluded that USSOCOM did not:

• ensure the effective design and operation of the following internal control

components—control environment, risk assessment, control activities, and

monitoring activities;

• appropriately monitor the Military Departments and service organizations,

placing over reliance on them to perform processes and internal controls;

• fully implement an internal control program over financial reporting and relied

on service organizations to perform key accounting functions without fully

monitoring or reviewing their work;

• develop controls to reconcile Fund Balance with Treasury and did not monitor

its service organization’s reconciliation process; or

• accurately record General Property, Plant, and Equipment, Net on the Balance

Sheet.

This report also discusses two instances of noncompliance with provisions of applicable

laws and regulations, contracts, and grant agreements. Specifically, Grant Thornton’s

report describes instances in which USSOCOM management’s internal control program

did not substantially comply with the Federal Managers’ Financial Integrity Act of 1982

and financial management systems did not substantially comply with the Federal

Financial Management Improvement Act of 1996.

In connection with the contract, we reviewed Grant Thornton’s reports and related

documentation and discussed them with Grant Thornton’s representatives. Our review,

as differentiated from an audit of the financial statements and related notes in

accordance with GAGAS, was not intended to enable us to express, and we do not

express, an opinion on the USSOCOM FY 2022 and FY 2021 Financial Statements and

related notes. Furthermore, we do not express conclusions on the effectiveness of

A material weakness is a deficiency, or a combination of deficiencies, in internal control over financial

reporting that results in a reasonable possibility that management will not prevent, or detect and correct, a

material misstatement in the financial statements in a timely manner.

UNCLASSIFIED

inte

rnal control over financial reporting, on whether the USSOCOM’s financial systems

substantially complied with Federal Financial Management Improvement Act of 1996

requirements, or on compliance with provisions of applicable laws, regulations,

contracts, and grant agreements. Our review disclosed no instances where Grant

Thornton did not comply, in all material respects, with GAGAS. Grant Thornton is

responsible for the attached November 7, 2022, reports, and the conclusions expressed

within the reports.

We appreciate the cooperation and assistance received during the audit. Please direct

questions to me.

Lorin T. Venable, CPA

Assistant Inspector General for Audit

Financial Management and Reporting

Attachments:

As stated

UNCLASSIFIED

GT.COM

Grant Thornton LLP is the U.S. member firm of Grant Thornton International Ltd (GTIL). GTIL and each of its member firms

are separate legal entities and are not a worldwide partnership.

General Bryan P. Fenton

Commander

United States Special Operations Command

Report on the financial statements

Disclaimer of opinion

We were engaged to audit the consolidated financial statements of the United States

Special Operations Command (USSOCOM), which comprise the consolidated

balance sheets as of September 30, 2022 and 2021, and the related consolidated

statements of net cost, changes in net position, and the combined statements of

budgetary resources for the years then ended, and the related notes to the

consolidated financial statements.

We do not express an opinion on the accompanying consolidated financial statements

of USSOCOM. Because of the significance of the matters described in the Basis for

Disclaimer of Opinion section of our report, we have not been able to obtain sufficient

appropriate audit evidence to provide a basis for an audit opinion on the consolidated

financial statements.

Basis for disclaimer of opinion

USSOCOM management was unable to provide sufficient appropriate audit evidence

to support the consolidated financial statements, including the ability to:

• provide a complete universe of transactions to support balances on its financial

statements;

• provide a comprehensive listing, and explanation with sufficient appropriate audit

evidence for, systematic adjustments and reclassifications made during the

USSOCOM financial statements compilation process;

• provide an audit trail that would allow auditors to reconcile non-standard general

ledger balances to its unadjusted trial balance;

• reconcile the Fund Balance with Treasury account balance;

• assert to the valuation of General Property, Plant and Equipment, Net;

• assert to the valuation of and substantiate Inventory and Related Property, Net;

• provide adequate explanations for the nature of, and adequate audit evidence

for, certain transaction types, including Fund Balance with Treasury, Accounts

Payable, New Obligations and Upward Adjustments, and revenue;

REPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS

GRANT THORNTON LLP

1000 Wilson Boulevard, Suite 1500

Arlington, VA 22209-3904

703 847 7500

703 848 9580

UNCLASSIFIED

• provide classified evidence supporting multiple samples for testing by the audit

team.

Additionally, USSOCOM relies on accounting systems, applications, and micro-

applications owned and maintained by military departments and other defense

organizations to account for the majority of its transactions, including financial data

processed by such organizations, which do not provide sufficient appropriate audit

evidence.

As a result of the matters noted above, we are unable to conclude that the

consolidated financial statements taken as a whole are free of material

misstatements.

Responsibilities of management for the financial statements

Management is responsible for the preparation and fair presentation of the

consolidated financial statements in accordance with accounting principles generally

accepted in the United States of America, and for the design, implementation, and

maintenance of internal control relevant to the preparation and fair presentation of the

consolidated financial statements that are free from material misstatement, whether

due to fraud or error.

Auditor’s responsibilities for the audit of the financial statements

Our responsibility is to conduct an audit of USSOCOM’s consolidated financial

statements in accordance with auditing standards generally accepted in the United

States of America (US GAAS); the standards applicable to financial audits contained

in Government Auditing Standards issued by the Comptroller General of the United

States; and the Office of Management and Budget (OMB) Bulletin 22-01, Audit

Requirements for Federal Financial Statements and to issue an auditor’s report.

However, because of the matters described in the Basis for Disclaimer of Opinion

section of our report, we were not able to obtain sufficient appropriate audit evidence

to provide a basis for an audit opinion on these financial statements.

We are required to be independent of USSOCOM and to meet our other ethical

responsibilities in accordance with the relevant ethical requirements relating to our

audit.

Other reporting required by Government Auditing Standards

In accordance with Government Auditing Standards, we have also issued our report,

dated November 07, 2022, on our consideration of USSOCOM’s internal control over

financial reporting and on our tests of its compliance with certain provisions of laws,

regulations, contracts, grant agreements and other matters. The purpose of that

report is to describe the scope of our testing of internal control over financial reporting

and compliance and the results of that testing, and not to provide an opinion on the

effectiveness of the USSOCOM’s internal control over financial reporting or on

compliance. That report is an integral part of an audit performed in accordance with

Government Auditing Standards in considering USSOCOM’s internal control over

financial reporting and compliance.

UNCLASSIFIED

GRANT THORNTON LLP

Arlington, VA

November 07, 2022

UNCLASSIFIED

GT.COM

Grant Thornton LLP is the U.S. member firm of Grant Thornton International Ltd (GTIL). GTIL and each of its member firms

are separate legal entities and are not a worldwide partnership.

REPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS ON

INTERNAL CONTROL OVER FINANCIAL REPORTING AND ON

COMPLIANCE AND OTHER MATTERS REQUIRED BY GOVERNMENT

AUDITING STANDARDS

General Bryan P. Fenton

Commander

United States Special Operations Command

We were engaged to audit, in accordance with auditing standards generally accepted

in the United States of America; the standards applicable to financial audits contained

in Government Auditing Standards issued by the Comptroller General of the United

States (Government Auditing Standards); and Office of Management and Budget

(“OMB”) Bulletin No. 22-01, Audit Requirements for Federal Financial Statements, the

consolidated financial statements of the United States Special Operations Command

(USSOCOM) which comprise the consolidated balance sheet as of September 30,

2022 and 2021, and the related consolidated statements of net cost, changes in net

position, and the combined statement of budgetary resources for the year then ended,

and the related notes to the consolidated financial statements. We have issued our

report, dated November 7, 2022, on these financial statements. The report states that

because of the significance of the matters described in the Basis for Disclaimer of

Opinion paragraph, we were not able to obtain sufficient appropriate audit evidence to

provide a basis for an audit opinion.

Report on internal control over financial reporting

Results of our consideration of internal control over financial reporting

Our consideration of internal control was for the limited purpose described in the

section entitled Definition and Inherent Limitations of Internal Control over Financial

Reporting and was not designed to identify all deficiencies in internal control that

might be material weaknesses or significant deficiencies. Therefore, material

weaknesses or significant deficiencies may exist that were not identified. Due to the

matters described in the Basis for Disclaimer of Opinion paragraph included in our

financial statement audit report dated November 7, 2022, we were not able to obtain

GRANT THORNTON LLP

1000 Wilson Boulevard, Suite 1500

Arlington, VA 22209-3904

703 847 7500

703 848 9580

UNCLASSIFIED

sufficient appropriate audit evidence related to internal control, as a basis for

designing audit procedures that are appropriate in the circumstances for the purpose

of expressing our opinion on the consolidated financial statements. However, as

described in the accompanying schedule of findings and responses, we identified

certain deficiencies in internal control that we consider to be material weaknesses

and a significant deficiency in USSOCOM’s internal control.

A deficiency in internal control exists when the design or operation of a control does

not allow management or employees, in the normal course of performing their

assigned functions, to prevent, or detect and correct, misstatements on a timely

basis. A material weakness is a deficiency, or a combination of deficiencies, in

internal control, such that there is a reasonable possibility that a material

misstatement of USSOCOM’s consolidated financial statements will not be prevented,

or detected and corrected, on a timely basis. We consider the deficiencies described

in the accompanying schedule of findings and responses as items I, II, III, IV, and V to

be material weaknesses in USSOCOM’s internal control.

A significant deficiency is a deficiency, or a combination of deficiencies, in internal

control that is less severe than a material weakness, yet important enough to merit

attention by those charged with governance. We consider the deficiency described in

the accompanying schedule of findings and responses as item VI to be a significant

deficiency in USSOCOM’s internal control.

Basis for results of our consideration of internal control over financial reporting

We performed our procedures related to USSOCOM’s internal control over financial

reporting in accordance with auditing standards generally accepted in the United

States of America; Government Auditing Standards; and OMB Bulletin No. 22-01.

Responsibilities of management for internal control over financial reporting

Management is responsible for maintaining effective internal control over financial

reporting (“internal control”), including the design, implementation, and maintenance

of internal control relevant to the preparation and fair presentation of consolidated

financial statements that are free from material misstatement, whether due to fraud or

error.

Auditor’s responsibilities for internal control over financial reporting

In planning and performing our audit of the consolidated financial statements, we

considered USSOCOM’s internal control as a basis for designing audit procedures

that are appropriate in the circumstances for the purpose of expressing our opinion on

the consolidated financial statements, but not for the purpose of expressing an

opinion on the effectiveness of internal control. Accordingly, we do not express an

opinion on the effectiveness of USSOCOM’s internal control. We did not consider all

internal controls relevant to operating objectives, such as those controls relevant to

preparing performance information and ensuring efficient operations.

Definition and inherent limitations of internal control over financial reporting An

entity’s internal control over financial reporting is a process affected by those charged

with governance, management, and other personnel, designed to provide reasonable

assurance regarding the preparation of reliable financial statements in accordance

with accounting principles generally accepted in the United States of

UNCLASSIFIED

America. An entity’s internal control over financial reporting provides reasonable

assurance that (1) transactions are properly recorded, processed, and summarized to

permit the preparation of financial statements in accordance with accounting principles

generally accepted in the United States of America, and assets are safeguarded

against loss from unauthorized acquisition, use, or disposition, and

(2) transactions are executed in accordance with provisions of applicable laws,

including those governing the use of budget authority, regulations, contracts and grant

agreements, noncompliance with which could have a material effect on the

consolidated financial statements.

Because of its inherent limitations, internal control over financial reporting may not

prevent, or detect and correct, misstatements due to fraud or error.

Intended purpose of report on internal control over financial reporting

The purpose of this report is solely to describe the scope of our consideration of

internal control over financial reporting and the results of our procedures, and not to

provide an opinion on the effectiveness of USSOCOM’s internal control over financial

reporting. This report is an integral part of an audit performed in accordance with

Government Auditing Standards in considering USSOCOM’s internal control over

financial reporting. Accordingly, this report on internal control over financial reporting is

not suitable for any other purpose.

Report on compliance with laws, regulations, contracts, and

grant agreements and other matters

As part of obtaining reasonable assurance about whether USSOCOM’s consolidated

financial statements are free from material misstatement, we performed tests of its

compliance with selected provisions of applicable laws, regulations, contracts, and

grant agreements consistent with the auditor’s responsibility discussed below, in

accordance with Government Auditing Standards.

Results of our tests of compliance

Due to the matters described in the Basis for Disclaimer of Opinion paragraph

included in our financial statement audit report dated November 7, 2022, we were not

able to obtain sufficient appropriate audit evidence related to management’s

compliance with laws, regulations, contracts and grant agreements which could have

a direct and material effect on the consolidated financial statements. However, the

results of our tests disclosed instances of noncompliance, described in the

accompanying schedule of findings and responses as items VII and VIII, that are

required to be reported under Government Auditing Standards. The objective of our

tests was not to provide an opinion on compliance with laws, regulations, contracts,

and grant agreements applicable to USSOCOM. Accordingly, we do not express such

an opinion.

Under the Federal Financial Management Improvement Act (“FFMIA”), we are

required to report whether USSOCOM’s financial management systems substantially

comply with FFMIA Section 803(a) requirements. To meet this requirement, we

performed tests of compliance with the federal financial management systems

requirements, applicable federal accounting standards, and the United States

Standard General Ledger (“USSGL”) at the transaction level. However, providing an

opinion on compliance with FFMIA was not an objective of our audit, and accordingly

UNCLASSIFIED

we do not express such an opinion. Our work on FFMIA would not necessarily

disclose all instances of lack of compliance with FFMIA requirements.

The results of our tests of FFMIA Section 803(a) requirements disclosed instances,

as described in the accompanying schedule of findings and responses Section VIII, in

which USSOCOM’s financial management systems did not substantially comply with

the Federal financial management systems requirements, applicable Federal

accounting standards and the application of the USSGL at the transaction level.

Basis for results of our tests of compliance

We performed our tests of compliance in accordance with auditing standards

generally accepted in the United States of America; Government Auditing Standards;

and OMB Bulletin No. 22-01.

Responsibilities of management for compliance

Management is responsible for complying with laws, regulations, contracts, and grant

agreements applicable to USSOCOM.

Auditor’s responsibilities for tests of compliance

Our responsibility is to test compliance with selected provisions of applicable laws,

regulations, contracts, and grant agreements, noncompliance with which could have a

direct and material effect on the financial statements, and to perform certain other

limited procedures. We did not test compliance with all laws, regulations, contracts,

and grant agreements. Noncompliance may occur that is not detected by these tests.

USSOCOM’s response to findings

Government Auditing Standards requires the auditor to perform limited procedures on

USSOCOM’s response to the findings identified in our audit and described in the

accompanying schedule of findings and responses. USSOCOM’s response was not

subjected to the other auditing procedures applied in the audit of the consolidated

financial statements, and accordingly, we express no opinion on the USSOCOM’s

response.

Intended purpose of report on compliance

The purpose of this report is solely to describe the scope of our testing of compliance

with selected provisions of applicable laws, regulations, contracts, and grant

agreements, and the results of that testing, and not to provide an opinion on

compliance. This report is an integral part of an audit performed in accordance with

Government Auditing Standards in considering USSOCOM’s compliance.

Accordingly, this report is not suitable for any other purpose.

GRANT THORNTON LLP

Arlington, VA

November 7, 2022

UNCLASSIFIED

Grant Thornton LLP is the U.S. member firm of Grant Thornton International Ltd (GTIL). GTIL and each of its member firms are separate

legal entities and are not a worldwide partnership.

Schedule of Findings and Responses

I. Material Weakness - Lack of Adequate Entity-Level Controls

Department of Defense (DoD) Instruction 5010.40 requires DoD entities to comply

with the requirements of the Federal Managers’ Financial Integrity Act of 1982

(FMFIA) and Office of Management and Budget (OMB) Circular A-123 Management’s

Responsibility for Enterprise Risk Management and Internal Control (OMB Circular A-

123). FMFIA requires federal entities to establish internal controls in accordance with

the Government Accountability Office’s (GAO’s) Standards for Internal Control in the

Federal Government (the GAO Green Book). The GAO Green Book defines entity-

level controls as controls that have a pervasive effect on an entity’s internal control

system. Entity-level controls may include controls related to the entity’s risk

assessment process, control environment, service organizations, management

override, and monitoring and may apply across multiple components of internal

control. To determine if an entity’s internal control system is effective, the GAO Green

Book requires management to assess the design, implementation, and operating

effectiveness of the five components and 17 principles (as applicable) of the entity’s

internal control system. Grant Thornton’s internal controls testing covered the five

GAO Green Book components of internal control: Control Environment, Risk

Assessment, Control Activities, Information and Communication, and Monitoring. We

discuss in detail the identified deficiencies related to three GAO Green Book

components: Control Environment, Risk Assessment, and Monitoring below. We

discuss the identified deficiencies associated with the fourth component of internal

control, Control Activities, in more detail throughout the remaining sections of this

report.

1. Control Environment

The GAO Green Book defines control environment as the foundation for an

internal control system. An entity’s control environment provides the discipline

and structure to help the entity achieve its objectives. The GAO Green Book

identifies five principles associated with an entity’s control environment, two of

which are discussed below: a) Demonstrate Commitment to Integrity and Ethical

Values and b) Enforce Accountability.

a. Demonstrate Commitment to Integrity and Ethical Values

According to the GAO Green Book, management should establish standards

of conduct to communicate expectations concerning integrity and ethical

values. Management should also establish processes to evaluate

performance against the entity’s expected standards of conduct and address

any deviations in a timely manner.

UNCLASSIFIED

United States Special Operations Command (USSOCOM) has not corrected

deficiencies related to the ethics program and training for personnel.

Management has not established and implemented a process to coordinate

the standards of conduct from the Headquarters (HQ) USSOCOM-level

across its various military service components and sub-unified commands /

Theatre Special Operations Commands (TSOCs). USSOCOM leverages the

ethical standards established by the various military services, but has not

implemented a process to centrally monitor and enforce compliance across

the USSOCOM enterprise. Specifically:

i. USSOCOM has not developed a process for issuing Standards of

Conduct to newly on-boarded military members, civilians, and

contractors.

ii. USSOCOM has not developed a process to evaluate personnel

performance against expectations set forth in Standards of Conduct.

iii. USSOCOM has not coordinated with the military service departments to

understand whether ethics training is provided to military members and

civilians or whether USSOCOM can leverage military service-provided

training.

b. Enforce Accountability

USSOCOM’s financial team works closely with and relies on the work

performed by USSOCOM’s financial reporting service organization.

USSOCOM does not have a single, centralized accounting system and

instead has financial information recorded across multiple accounting and

non-accounting systems owned by various DoD components. Monthly, these

system owners submit summary financial information to the various locations

of the financial reporting service organization for data normalization and

summarization, referred to as pre-processing, within the Defense

Departmental Reporting System – Budgetary (DDRS-B). USSOCOM

management has entered into Memorandums of Understanding/

Memorandums of Agreement (MOUs/MOAs) outlining mutual responsibilities

and expectations between USSOCOM and the financial reporting service

organization. However, the MOUs/MOAs were not completed for all locations

of USSOCOM’s financial reporting service organization. USSOCOM made

progress in establishing MOUs/MOAs for their service organizations;

however, there was inconsistency in some of the MOUs/MOAs and not all

MOUs/MOAs were finalized.

2. Risk Assessment

The GAO Green Book states that management should define objectives clearly to

enable the identification of risks and define risk tolerance. The GAO Green Book

lists the following four principles that allow management to address risk

assessment internal control objectives: a) Define Objectives and Risk

Tolerances, b) Identify, Analyze, and Respond to Risks (related to achieving the

defined objectives), c) Assess Fraud Risk, and d) Identify, Analyze, and Respond

to Change.

We considered prior-year conditions and any remediation efforts surrounding the

entity-level control documentation that USSOCOM service components and sub-

UNCLASSIFIED

unified commands/TSOCs provided. We noted the risk assessment templates

completed by sampled Major Assessable Units (MAUs) continue to present the

following conditions:

a. Not all risk descriptions met the definition of a risk as stated in the GAO

Green Book.

b. Control activities were identified when the risk response provided was

Acceptance and/or Avoidance which is not consistent with the definitions of

the risks responses as outlined in the GAO Green Book.

c. For one MAU, the question of whether risk is related to fraud was not

answered.

d. MAUs submitted risk assessment templates with missing or incomplete

responses for multiple major process areas (MPAs).

e. MAUs submitted deliverables such as the Complementary User Entity

Control (CUEC) Workbook and Risk Assessment template with incomplete

or invalid responses.

3. Monitoring

According to the GAO Green Book, management should establish a baseline

understanding of the current state of the internal control system compared

against management’s design of the internal control system. Furthermore, they

should evaluate and document results of ongoing monitoring and separate

evaluations of the internal control system.

During the inspection of the USSOCOM’s monitoring and evaluation process at

various military service components and sub-unified commands/TSOCs, we

noted that there were monitoring activities in place. USSOCOM has updated

Directive 5-1, which is intended to prescribe policies, responsibilities, objectives,

standards, and procedures for an effective, compliant, and comprehensive Risk

Management and Internal Control (RMIC) Program and preparation of materials

to support the Annual Statement of Assurance. However, as a result of

USSOCOM’s delay in finalizing the update to Directive 5-1 and implementing a

standardized RMIC program in prior years, the process varied among service

components and sub-unified commands/TSOCs and we identified multiple

deficiencies. The identified deficiencies included the following:

a. Not all components / commands completed their own evaluations of controls

and instead relied on results of external inspections, such as those performed

by the USSOCOM Office of Inspector General (OIG).

b. Inadequate monitoring of the inspections performed by the USSOCOM OIG

and external auditors of the DoD military components. Specifically, one

component / command documented no deficiencies on the evaluation

template they submitted to HQ RMIC, and HQ RMIC subsequently identified

OIG inspection findings.

c. Reliance on the external inspections (such as those noted above) without

verifying or reviewing the work performed to understand and monitor

deficiencies.

UNCLASSIFIED

4. Control Activities

Grant Thornton evaluated the Control Activities Green Book component of

internal control by performing procedures over identified control activities related

to various financial statement line items. We discuss deficiencies related to

control activities throughout sections II – VIII of this report.

Statement of Assurance

The FMFIA and OMB Circular A-123 require that on an annual basis the head of the

agency issue an annual assurance statement on whether there is reasonable

assurance that the agency’s controls are achieving their intended objective, and

report identified material weaknesses. Management must conduct an evaluation of its

systems of internal control in order to form a basis for their annual Statement of

Assurance (SoA). Additionally, management must summarize its determination of

whether each principle and component is designed, implemented, and operating

effectively.

During our inspection of USSOCOM’s SoA, we noted the following deficiency in

USSOCOM management’s internal control evaluation prepared in support of the SoA:

a. Conclude on Internal Control Component and Principle Evaluation

USSOCOM included an Entity-Level Control (ELC) Matrix documenting its

determination of whether controls / attributes related to the 17 principles from the

GAO Green Book were designed, implemented, and operating effectively.

However, we noted that the results in the ELC Matrix do not align with

conclusions in the SoA – Overall Assessment and Evaluation of Internal Controls

Table. Specifically, for the Risk Assessment and Monitoring Components, the

ELC matrix indicates controls are not operating effectively, while the SoA table

indicates “Yes” for operating effectively.

As noted in the findings related to Control Environment, Risk Assessment, and

Monitoring, due to USSOCOM’s competing priorities, management has not effectively

designed, implemented, and placed into operation all components of internal control.

This lack of controls inhibits USSOCOM management’s ability to ensure accurate

financial reporting as required by Federal Accounting Standards Advisory Board and

Treasury Guidelines and represents non-compliance with the FMFIA and OMB

Circular A-123. Refer to Section VII. Material Non-Compliance - Lack of

Substantial Compliance with the Federal Managers’ Financial Integrity Act of

1982.

Recommendations

USSOCOM management should consider taking the following actions:

1. Control Environment

a. Demonstrate Commitment to Integrity and Ethical Values: Implement

and require the following:

i. Design and coordinate an integrated approach leveraging Service-level

regulations, instructions, and training programs to meet USSOCOM-

specific requirements.

UNCLASSIFIED

ii. Provide annual ethical training (or leverage existing military-service

training) to enable employees to identify and deal with ethical problems.

iii. Leverage military service ethical standards or requirements to ensure

compliance with, at minimum, onboarding or annual ethics

requirements.

b. Enforce Accountability: Review all MOUs/MOAs with the financial

reporting service organization in accordance with DoD Guidance and

document each review within the applicable agreement. These MOUs/MOAs

should include responsibilities for authorization, initiation, processing,

recording, and reporting of transactions, as well as expectations of

competence to perform responsibilities. Updates should be made timely to

MOUs/MOAs based on reviews by USSOCOM or if deficiencies are

identified by internal or external auditors. Updates to the responsibilities

should be clearly documented within the MOUs/MOAs.

2. Risk Assessment:

a. Perform a detailed review of ELC documentation and follow up with the

MAUs timely to resolve errors identified.

b. Provide training to the MAU RMIC Coordinators on the effective completion

of ELC documentation.

c. Develop quality-control and review procedures for ELC Deliverables

Package and incorporate into HQ RMIC Team Procedure Guide.

3. Monitoring Activities: Components should perform their own internal control

reviews in addition to monitoring OIG inspections and reviews performed by

military service auditors. This would enable USSOCOM to detect and correct

potential findings before they develop into more significant findings, such as

enterprise-wide deficiencies.

4. Statement of Assurance. We recommend that USSOCOM continue to design

and implement an internal control program that meets the requirements of

FMFIA, OMB Circular A-123, and the GAO Green Book, to include the following:

a. Conclude on Internal Control Component and Principle Evaluation. In

order to conclude on compliance with each of the GAO Green Book 17

principles, management should evaluate whether each principle was

designed, implemented, and operating effectively. Management should

consider the use of GAO’s Internal Control Management and Evaluation Tool

to conduct an evaluation of the GAO Green Book 17 principles. Further,

management should align results for the individual GAO Green Book

principles to the results in the Overall Assessment and Evaluation of Internal

Controls.

UNCLASSIFIED

II. Material Weakness - Inadequate Monitoring of Service Organizations

In accordance with FMFIA, management is responsible for establishing and

maintaining internal control to achieve the objectives of effective and efficient

operations, reliable financial reporting, and compliance with applicable laws and

regulations. According to the GAO Green Book, management may engage service

organizations to perform certain operational processes for the entity; however,

management remains responsible for monitoring the effectiveness of internal control

over the assigned processes performed by service organizations. Therefore,

management needs to understand the controls each service organization has

designed, implemented, and operated for the process as well as how the third-party

internal control system impacts the entity’s internal control system. According to

DoD’s Financial Improvement and Audit Readiness (FIAR) Guidance, military

services performing services for other defense organizations (such as USSOCOM)

are considered service organizations.

An entity’s ability to achieve its internal control objectives is directly impacted by the

reliability of its information systems. USSOCOM relies on feeder systems and general

ledgers owned by the military services or DoD service organizations to process the

majority of its transactions. The responsibility for the design and execution of those

systems, including internal controls and responses to risks, is held largely by the

military services and/or service organizations with minimal input or monitoring from

USSOCOM management. USSOCOM management has not:

1. Documented all MOUs outlining mutual responsibilities and expectations

between USSOCOM and the military services related to the execution of

processes and transactions through third-party systems. While there were

MOUs between USSOCOM and the military services, the agreements were not

all current and did not outline specific responsibilities for authorization, initiation,

processing, and recording of transactions as required by the FIAR guidance. This

can lead to inconsistencies between USSOCOM expectations and the actions

taken by the military services that could result in misstatements to the financial

statements. USSOCOM management stated that they did not establish a

Directorate, Division, and/or other personnel responsible for facilitating MOU

development. Further, management did not sufficiently establish procedures for

initiating MOU reviews, MOU coordination and quality control.

2. Developed a monitoring program that consistently evaluates/assesses

actions taken by service organizations on USSOCOM’s behalf. USSOCOM

management did not implement a comprehensive monitoring program to ensure

service organizations meet USSOCOM expectations and fulfill their

responsibilities as outlined within existing MOUs. For example:

a. The majority of Journal Vouchers (JVs), including systematic JVs, which

impact the USSOCOM financial statements were initiated and posted by

USSOCOM’s financial reporting service organization without direct input or

validation by USSOCOM.

b. Exclusions of feeder file activity from USSOCOM financial statements by the

USSOCOM financial reporting service organization (e.g., auto-excluded

records) were not comprehensively reviewed for validity and/or impact to the

USSOCOM financial statements by USSOCOM personnel.

UNCLASSIFIED

c. The USSOCOM financial reporting service organization lacked

comprehensive controls to reconcile between the DDRS-B data and

accounting and non-accounting summary data. Additionally, while the

financial reporting service organization performed a reconciliation between

DDRS-B and DDRS-Audited Financial Statements (AFS), the reconciliation

was performed after the quarterly financial statements were finalized. As

such, USSOCOM management was unable to demonstrate that all relevant

financial activity recorded within its general ledger and feeder systems was

appropriately included within the financial statements prepared by its

financial reporting service organization.

3. Taken action to assess the control environment and any associated risks to

USSOCOM occurring at service organizations which do not receive a

Service Organization Controls Type 1 (SOC 1) report. In most cases, service

organizations undergo examinations of internal controls over systems and

processes supporting their customers. The results of these examinations are

documented in SOC 1 reports and include the independent service auditor’s

report, the service organization’s management assertions, and identified CUECs

that users of the service organization (e.g., USSOCOM) must have in place in

order for the service organization’s internal controls to be effective and relied

upon. The SOC 1 reports are made available to the user entities for their analysis

and action. However, not all USSOCOM service organizations undergo

examinations of their controls. A lack of a SOC 1 report does not relieve

USSOCOM from its responsibility to maintain internal control over operations,

reporting, and compliance with laws and regulations, including responsibility for

actions taken by service organizations ultimately impacting the USSOCOM

control environment and USSOCOM financial statements. For those service

organizations significantly impacting USSOCOM’s internal control environment

that are not subjected to SOC 1 examination procedures, USSOCOM

management should obtain assurance regarding internal controls in place at the

service organization. USSOCOM did not develop a process to evaluate the

impact of control environments in place at service organizations which do not

receive a SOC 1 report.

4. Identified and evaluated user entity controls that must be in place for

placing reliance on third-party execution of controls. USSOCOM did not

complete a comprehensive review of relevant SOC 1 reports to include an

analysis of CUECs in place that have been validated by USSOCOM

management as operating effectively. Therefore, USSOCOM was unable to

assess whether current controls at USSOCOM HQ, service components, and

sub-unified commands/TSOCs were sufficient to mitigate financial reporting risks.

Our testing indicated that USSOCOM’s oversight body relied on the military services

and other service organizations for the performance of processes and internal

controls without having appropriate monitoring controls in place. This presents a

significant risk to the entity, especially given weaknesses identified in the past by

various auditors related to controls over the military service and service organization

systems. The lack of processes, procedures, and controls at USSOCOM to monitor

the execution by third-parties of processes and related transactions, which form the

basis for USSOCOM financial statements, could lead to misstatements in their

financial statements.

Additionally, due to the decentralized fashion in which USSOCOM financial data is

stored across multiple service organization owned accounting and non-accounting

UNCLASSIFIED

systems, USSOCOM has been unable to produce a comprehensive listing of

transactions which support the financial statements. This has hindered USSOCOM

management from identifying the nature of and providing adequate support for

activity recorded within the USSOCOM financial statements.

Recommendations

USSOCOM management should consider taking the following actions:

1. Review all MOUs with service organizations yearly and document each review

within the applicable agreement. All MOUs should include specific responsibilities

for the authorization, initiation, processing, and recording of transactions, as well

as expectations of competence to perform responsibilities. Updates should be

made timely to MOUs based on reviews by USSOCOM or if deficiencies are

identified by internal or external auditors. Updates should be clearly documented

within the MOUs.

2. Develop a monitoring program over the activities executed by service

organizations on behalf of USSOCOM. The program should be tailored to each

service organization based on the type of service provided including the

execution of routine financial transactions in military service accounting and non-

accounting systems.

3. Develop processes to gain assurance regarding control environments in place at

services organizations that do not receive a SOC 1 evaluation to determine if

control weaknesses exist that may impact USSOCOM (e.g., review of SoA, Audit

Reports, etc.).

4. Continue to develop procedures and processes surrounding review of all relevant

SOC 1 evaluations. These procedures should include a determination of the

design and implementation of user entity controls that must be in place and an

assessment of those controls on an annual or periodic basis depending on their

impact to the organization’s ability to meets its internal control objectives.

UNCLASSIFIED

III. Material Weakness - Lack of Appropriate Management Controls over

Financial Reporting

In accordance with OMB Circular A-123 issued under the authority of FMFIA and the

Government Performance and Results Act Modernization Act, management is

responsible for establishing and maintaining internal controls to achieve reliable

financial reporting. According to the GAO Green Book, management is responsible

for implementing and evaluating its internal control system to meet reporting

objectives related to the preparation of reports for use by the entity, its stakeholders,

or other external parties. USSOCOM does not own the majority of systems it uses to

process its transactions; those systems are owned by the military services or other

service organizations. According to the GAO’s Green Book, management may

engage external parties to perform certain operational processes for the entity (e.g.,

payroll processing or security services); however, management retains responsibility

for monitoring the effectiveness of internal control over the assigned processes

performed by service organizations. Given the complexity of the financial statement

compilation process, as well as the complex environment in which USSOCOM

operates, USSOCOM relies on service organizations to perform key data functions

without the necessary capability and/or capacity to fully monitor or review their work.

The lack of comprehensive guidance and oversight can result in financial statements

that are unsupported, erroneous, and do not accurately represent USSOCOM’s

financial position. The following control weaknesses were noted related to

USSOCOM’s financial reporting process:

1. Lack of Comprehensive Understanding of Information Systems and

Financial Data. USSOCOM management did not have a full understanding of

the nature of and factors impacting each of its financial statement line item

balances.

2. Lack of Validation Controls over Financial Transactions and Related Data.

USSOCOM management lacked validation controls (i.e., comprehensive control

activities and/or monitoring activities) to verify the:

a. Recording of JVs or adjustments;

b. Manual inclusion of data provided by others into the financial statement

footnotes by USSOCOM management;

c. Recording of routine transactions by USSOCOM’s components and service

organizations;

d. Completeness and accuracy of payroll transactional data;

e. Nature and cause of reconciling payroll transactions;

f. Completeness and accuracy of funding and its related status;

g. Funding distributed to USSOCOM's components were reviewed and

approved;

h. Receipt and acceptance of goods and services;

i. Completeness and accuracy of USSOCOM’s transactional financial data

used for analysis and reporting; and,

UNCLASSIFIED

j. Methodology used to record estimated obligations was sufficiently precise

once the actual amount of obligation is known.

The lack of validation controls may have contributed to misstatements, including:

a. JVs executed using improper accounting treatment;

b. Errors in the initial posting of expenses; and,

c. Recording obligations to incorrect periods.

In addition, we noted instances where internal controls were inappropriately

designed because evidence of control performance was not consistently retained

or does not exist.

3. Lack of or Inadequate Support Related to the Existence/Occurrence,

Accuracy, or Completeness of Recorded Transactions or Balances.

USSOCOM management was unable to provide sufficient and adequate

supporting documentation related to at least one of our testing attributes across

the following testing areas:

a. Obligations;

b. Gross Costs;

c. Sensitive Activities and related transactional data. Additionally,

Management’s inability to timely provide access to sensitive information

precluded its ability to substantiate the propriety of its treatment of certain

transactions;

d. Civilian Payroll;

e. General Equipment (GE);

f. Construction in Progress (CIP); and,

g. Manual JVs.

4. Control Deficiencies over Accounts Payable and Advances and

Prepayments. USSOCOM was unable to record accounts payable transactions

in an accurate, complete, and timely manner nor provide a listing of assets to

support advances and prepayments data in a consistent manner because of a

lack of appropriate business processes and certain system limitations.

Additionally, neither USSOCOM nor its financial reporting service organization

was able to generate sufficiently detailed accounts payable nor advances and

prepayments information which would allow for an effective risk analysis based

on aged invoices or abnormal balances at the invoice, voucher, or vendor level.

Furthermore, there were not comprehensive processes in place to consistently

accrue accounts payable where appropriate.

5. Improper Reporting of Revenue. The majority of the Earned Revenue balance

on the financial statements does not meet the definition of “exchange revenue”

as defined by federal accounting standards. Specifically, Earned Revenue

UNCLASSIFIED

includes activity between USSOCOM components, which is not properly

eliminated on the face of the Statement of Net Cost (SNC) in accordance

with Statements of Federal Financial Accounting Standards (SFFAS) No.7,

Accounting for Revenue and Other Financing Sources and Concepts for

Reconciling Budgetary and Financial Accounting.

6. Inappropriate Accounting Treatment of Certain Assets. USSOCOM

management was unable to support the assertion that certain assets considered

to be Operating Materials and Supplies (OM&S) were acquired as replacement

parts to be used in the normal course of operations, under the Inventory and

Related Property, Net (I&RP) line item, rather than as General Property, Plant

and Equipment (PP&E). Additionally, USSOCOM does not accumulate and

capitalize capital improvement and modification costs affecting military service

reported GE assets funded with Major Force Program (MFP) 11 dollars. As such,

USSOCOM does not financially report the accumulated costs within CIP while the

improvement/modification is ongoing nor record the transfer of the accumulated

costs to the military service financially reporting the base asset once the

improvement/modification is complete.

7. Lack of Completeness over Operating Materials and Supplies. USSOCOM

began reporting OM&S under the consumption method of accounting in Fiscal

Year (FY) 2021 under the I&RP line item on the Balance Sheet. USSOCOM

currently reports two categories of assets as OM&S: Uninstalled Aircraft Engines

(UAE) and munitions, both of which are now treated using the consumption

method of accounting. USSOCOM will ultimately report a third category of

OM&S, the Defense Property Accountability System (DPAS) Remainder which

consists of repair parts and assemblies but has not been able to identify a

population of the DPAS Remainder to report on its financial statements.

USSOCOM management has stated USSOCOM does not have a mechanism in

place to identify all the OM&S held for use across the USSOCOM enterprise.

Therefore, USSOCOM was unable to report a complete population of OM&S.

8. Lack of Valuation over Operating Materials and Supplies. USSOCOM

management was unable to make an unreserved assertion over the valuation of

OM&S reported within its Balance Sheet for I&RP, in accordance with the SFFAS

48: Opening Balances for Inventory, OM&S, and Stockpile Materials. USSOCOM

has asserted that it does not have the processes and controls in place to validate

the valuation of OM&S. USSOCOM over relies on the service organizations in

custody of the OM&S assets to perform inventory procedures and related

controls. USSOCOM did not have oversight or visibility into inventory procedures

performed by the service organizations over OM&S that is reported on the

USSOCOM financial statements, nor did USSOCOM review any documentation

resulting from inventories conducted by the service organizations.

9. Inability to Substantiate Operating Materials and Supplies. USSOCOM was

unable to support the economic events and underlying transactions related to the

OM&S, a component of I&RP on the balance sheet, specifically pertaining to the

purchases, consumptions, gains, or losses of OM&S. In prior years, USSOCOM

accounted for OM&S through the purchases method, in which OM&S assets

were expensed upon acquisition. However, as USSOCOM could not support the

selection of the purchases method, USSOCOM began accounting for OM&S

under the consumption method in FY 2021, in which OM&S assets are accounted

for under the I&RP financial statement line item upon acquisition and expensed

once consumed. In Quarter (Q) 4 FY 2021, USSOCOM posted a current year

UNCLASSIFIED

adjustment in Q4 FY 2021 to reflect FY 2021 OM&S under the consumption

method of accounting for OM&S. To calculate the FY 2021 OM&S activity,

USSOCOM subtracted the FY 2021 beginning balance from the ending FY 2021

OM&S balance, informed by the Q4 FY 2021 OM&S inventory, to determine the

related impact during the current year and recorded it via JV. This was due to

USSOCOM’s inability to account for purchases, consumptions, gains or losses

activity for OM&S. Currently, USSOCOM’s accounting systems expense OM&S

upon acquisition and manually establishes the OM&S balance through a quarterly

JV in order to account for OM&S under the consumption method. Therefore,

USSOCOM does not have data or system capabilities that can substantiate the

economic events and underlying transactions supporting the FY 2021 OM&S

adjustment and FY 2022 activity.

10. Lack of Compliance with the Accrual Basis of Accounting. Certain

USSOCOM components use legacy accounting systems for the recording of their

daily accounting transactions. These systems were designed for execution and

reporting of agency budgets but not necessarily for financial reporting in

compliance with U.S. Generally Accepted Accounting Principles, including the

accrual basis of accounting. Grant Thornton noted that two systems use certain

codes to record an obligation, expense, liability, and disbursement

simultaneously. Through our testing we noted that USSOCOM service

components and sub-unified commands/TSOCs sometimes use these codes

upon receipt of signed contracts, reimbursable work orders, or other obligating

documents, before any goods or services have been received or accepted. We

noted that recording of the expense and liability before the government has

received value in return for a promise to provide money or other resources may

materially overstate the Gross Costs and Accounts Payable line items. Through

testing of Gross Costs, Grant Thornton noted some USSOCOM feeder systems

do not post the expense and associated accounts payable when goods or

services or the vendor invoice are received. Instead, the expense entry is

recorded in conjunction with the payment made to the vendor. If the receipt of

goods or services occurs in one FY and the payment takes place in the

subsequent FY, this causes a misalignment of the expense to the incorrect FY.

USSOCOM lacks internal controls to ensure the completeness, accuracy, and

timeliness of its year-end balance of Gross Costs and Accounts Payable.

Additionally, USSOCOM’s financial reporting service organization posts JVs on

USSOCOM’s behalf based on the amount of abnormal accounts payable

occurring with the recording disbursements. In certain circumstances, these

adjustments were not based on evidence of the receipt of goods or services.

11. Lack of Controls over Financial Statement Compilation. USSOCOM

management and its financial reporting service organization lack adequate

controls over the financial statement compilation process such as:

a. Data Collection: In order to compile USSOCOM financial statements,

USSOCOM’s financial reporting service organization obtains financial data

from the various accounting and non-accounting systems used by

USSOCOM, commonly referred to as feeder systems. Although the financial

reporting service organization obtains and ingests relevant USSOCOM

financial data into DDRS-B, the data obtained and ingested is at a trial-

balance level and not at the transaction-level. USSOCOM was not able to

provide a complete population of transactional data supporting the financial

statements.

UNCLASSIFIED

b. Reconciliation: USSOCOM does not have a single centralized accounting

system and instead has financial information recorded across multiple

accounting and non-accounting systems owned by various DoD

components. Monthly, these systems owners submit summary financial

information to USSOCOM’s financial reporting service organization for data

normalization and summarization, referred to as pre-processing, within

DDRS-B. Presently, there are no comprehensive reconciliations performed

between the DDRS-B standardized data (post-processing) and the originally

obtained summarized feeder data. Furthermore, it was noted that, while a

reconciliation is performed between DDRS-B and DDRS-AFS, the

reconciliation is performed after the quarterly financial statements have been

finalized, and therefore it would not prevent, or detect and correct, errors

from being presented on the financial statements.

c. Manual Pre-Processing: Certain pre-processing actions require manual

action by financial reporting service organization personnel. For example,

DDRS-B produces a report that displays feeder file records that have been

excluded from pre-processing. Records may be excluded either manually, if

an accountant recognizes an invalid attribute, or automatically (i.e., auto-

excludes) if DDRS-B has previously been programmed to systematically

exclude the record due to an invalid attribute. Through our testing, we noted

a variety of issues with the internal controls over data exclusions, including

failure to review all instances of auto-excludes for appropriateness and

failure to review the related impact of excluded records to the USSOCOM

financial statements.

d. Unsupported Adjustments: USSOCOM’s financial reporting service

organization create JVs for a multitude of reasons (e.g., as a result of a

reconciliation, reclassification, identified errors, etc.). JVs posted within

DDRS-B and DDRS-AFS are designated as either “Supported” or

“Unsupported.” Generally, JVs are designated as supported when

transactional details or other appropriate evidence supporting the amount of

the JV is available. Alternatively, transactional details or other appropriate

supporting documentation for JVs designated as unsupported is either

unobtainable or unavailable. Grant Thornton noted that unsupported JVs

were routinely recorded within DDRS-B and DDRS-AFS for which

transactional detail is not obtainable/available. Similar to JVs, Trial Balance

Input Adjustments (TBIAs) are adjustments that can be made within DDRS-

AFS. TBIAs help to allow data from DDRS-B interface into DDRS-AFS when

the opening balances between the two systems do not agree. While a high-

level summary of the issue (e.g. interface errors) can be provided, TBIAs

cannot be connected to the underlying DDRS-B activity, whether caused by

DDRS-B JVs, accounting system information ingested, non-accounting

system information ingested, or specific interface issues.

e. Validation of Disclosures: While much of the USSOCOM financial

statement preparation process is executed by the financial reporting service

organization, USSOCOM management is responsible for the preparation and

review of certain disclosures within the financial statements. While processes

have been implemented by USSOCOM to ensure the validity of data calls

utilized to populate certain footnotes, USSOCOM was unable to fully validate

the data within the data calls. Furthermore, controls in place at USSOCOM

were absent or insufficient to prevent manual errors from causing

UNCLASSIFIED

misstatements (e.g., identify abnormal balances and/or misstated

disclosures).

12. Inability to Create a Comprehensive Universe of Transactions. USSOCOM

was unable to provide transaction-level detail supporting financial statement

impact for every accounting system and non-accounting system. Additionally,

USSOCOM was unable to provide transaction-level detail for any systems prior to

FY 2003, with the majority of systems having transactional details available

related only to FY 2013 and beyond. The inability to provide transactional-level

data for all accounting and non-accounting systems impacting USSOCOM

financial statement prevents USSOCOM from being able to comprehensively

substantiate their financial statements. Furthermore, the inability to provide

transactional data limits USSOCOM management’s ability to understand the

various types of activities supporting summarized financial statements or perform

meaningful analysis of differing types of internal and external factors impacting

operations.

13. Inadequate Controls for Information Systems used for Funds Distribution.

In accordance with the FMFIA, management is responsible for establishing and

maintaining internal controls to achieve the objectives of effective and efficient

operations, reliable financial reporting, and compliance with applicable laws and

regulations. According to GAO’s Green Book issued under the authority of the

FMFIA, management should design control activities over the information

technology infrastructure to support the completeness, accuracy, and validity of

information processing. We performed testing over systems owned by

USSOCOM’s service organizations, specifically the Program Budget Accounting

System (PBAS), and the Enterprise Funds Distribution (EFD) System, which,

among other applications, support the funds distribution process. Due to

inconsistent adherence to policies and procedures related to key information

system controls, we noted the following deficiencies during our testing:

a. Logical Access and Segregation of Duties. Access controls limit or detect

inappropriate access to computer resources, protecting them from

unauthorized modification, loss, and disclosure. Such controls include

authentication requirements, limiting access based on roles and job function,

and actions which can be executed on files and other resources. We noted

the following deficiencies during our testing:

i. PBAS

• Access reviews were not comprehensive and complete.

• User listing used for account management activities is incomplete.

ii. EFD

• Access reviews were not comprehensive and complete.

• Formalized process to monitor for suspicious activity was not

documented. Furthermore, the Security Information and Event

Management (SIEM) tool was not configured to log required audit

events.

• Provisioning documentation was not commensurate with user

access.

• Segregation of Duties Matrix was incomplete.

UNCLASSIFIED

• A system-generated listing of terminated and transferred users

could not be provided.

Unauthorized access increases the risk that users can perform activities

within the system in excess of their job responsibilities. Without a complete

and comprehensive access review, users' access may not be commensurate

with their current job duties, resulting in continued access and least privilege

and segregation of duties concerns. Without a comprehensive understanding

of user access rights, users may have access to perform incompatible

functions or have access to privileges outside of what is needed to perform

their job responsibilities. Lack of a comprehensive monitoring tool and review

process increases the risk that the threatening activity is not addressed in a

timely manner. Lastly, without a mechanism to track terminated and

transferred users, there is an increased risk that users retain unauthorized

access to the application. The issues presented above may increase the risk

of financial systems being compromised and may result in the unauthorized

use, modification, or disclosure of financially relevant transactions or data.

b. Configuration Management. Appropriate configuration management

controls provide reasonable assurance that changes to information system

resources are authorized, and systems are configured and operating

securely and as intended. Such controls include effective configuration

management policies, plans, and procedures as well as proper authorization,

testing, approval, and tracking of all configuration changes. We noted the

following deficiencies during our testing:

i. EFD

• A complete and accurate listing of changes to configurable changes

related to the application could not be provided. Furthermore,

controls to validate those changes migrated to production were

authorized and validated were not designed and implemented.

• Formalized policies and procedures to maintain and track

configuration baselines were not documented.

Well established configuration management controls prevent unauthorized

changes to the application and provide reasonable assurance that systems

are configured and operating securely and as intended. Included in these

configuration management controls is the ability to systematically track all

changes that were modified and migrated to the production environment and

validate that all changes migrated to production are authorized and valid.

Furthermore, without comprehensive policies and procedures that document

the process to maintain, scan, and track configuration baselines, there is an

increased risk that the baselines are misconfigured. These issues may

increase the risk of financial systems being compromised and may result in

the unauthorized processing, use, modification, or disclosure of financially

relevant transactions or data.

c. Security Management. Appropriate security management controls provide

reasonable assurance of the efficacy of the security of an information system

control environment. Such controls include, among others, security

management programs, periodic assessments, and validation of risks and

UNCLASSIFIED

security control policies and procedures. We noted the following deficiencies

during our testing:

i. EFD

• Formalized process to track system vulnerabilities to remediation

was not established.

Lack of remediation of vulnerabilities in a timely manner increases the risk of

systems being compromised and may result in unauthorized use,

modification, and disclosure of data. The issues presented above may

increase the risk of financial systems being compromised and may result in

the unauthorized processing, use, modification, or disclosure of financially

relevant transactions or data.

14. Inadequate Controls for Information Systems Used for the General Ledger

Accounting Purposes. In accordance with the FMFIA, management is

responsible for establishing and maintaining internal controls to achieve the

objectives of effective and efficient operations, reliable financial reporting, and

compliance with applicable laws and regulations. According to GAO’s Green

Book issued under the authority of the FMFIA, management should design

control activities over the information technology infrastructure to support the

completeness, accuracy, and validity of information processing. In FY 2021, we

performed testing over the Navy Standards Accounting, Budgeting, and

Reporting System (NSABRS) which, among other applications, supports the

general ledger accounting. NSABRS users plan to migrate to Defense Agencies

Initiative. As a result, Grant Thornton did not perform audit procedures for

NSABRS. The conditions noted below are deficiencies identified in prior years

that continue to impact the control environment in FY 2022.

a. Logical Access and Segregation of Duties.

i. Users were granted unauthorized access.

ii. Access reviews were not complete.

iii. Reviews of terminated and transferred users’ access were not

performed.

Unauthorized access increases the risk that users can perform activities

within the system in excess of their job responsibilities. Additionally, without

a comprehensive review of users’ access on periodic basis, there is risk that

users may retain inappropriate access to the application. The issues

presented above may increase the risk of financial systems being

compromised and may result in the unauthorized use, modification, or

disclosure of financially relevant transactions or data.

b. Configuration Management.

i. A complete and accurate listing of direct data changes could not be

provided.

ii. Program changes were not authorized, validated and approved in

accordance with policies.

UNCLASSIFIED

iii. Change management audit logs were not reviewed timely.

Without the ability to generate an audit log of direct data changes,

unauthorized changes to the general ledger could be made. Further, without

the ability to associate changes with change management documentation,

there is an increased risk that unauthorized, inappropriate, or untested

changes may be introduced into the application without detection. Additionally,

without a timely review of monitoring reports, unauthorized changes can be

implemented into production. These issues may increase the risk of financial

systems being compromised and may result in the unauthorized processing,

use, modification, or disclosure of financially relevant transactions or data.

c. Security Management.

i. Third-party agreements were not updated.

Lack of review of third-party contract agreements increases the risk that (a)

modifications or amendments to responsibilities and controls may go

undetected, and (b) required updates are not documented and implemented.

The issue presented above may increase the risk of financial systems being

compromised and may result in the unauthorized processing, use,

modification, or disclosure of financially relevant transactions or data.

Recommendations

USSOCOM management should consider taking the following actions:

1. Lack of Comprehensive Understanding of Information Systems and

Financial Data. USSOCOM management should formally document and

maintain documentation detailing the nature of external and internal factors

impacting all financial statement line items, perform a periodic review of these

factors, and update documentation accordingly. USSOCOM management should

also develop a formalized fluctuation analysis methodology to include analysis of

factors impacting fluctuations deemed to be significant, as well as maintain

documentation that identifies responsible accounting operation mission areas

and points of contact for all financial statement line items, Assessable Units

(AUs), and business activities/events which can be utilized when researching

financial statement line items and fluctuations.

2. Lack of Validation Controls over Financial Transactions and Related Data.

USSOCOM management should include an evaluation of all USSOCOM financial

reporting transactions from inception to reporting including reconciliations, as well

as activities executed by USSOCOM’s service organizations and USSOCOM

accountants that impact the financial statements. USSOCOM management

should obtain an understanding of existing financial reporting controls and

monitoring activities, as well as related weaknesses, and appropriately design

and implement controls to mitigate those deficiencies.

3. Lack of or Inadequate Support Related to the Existence/Occurrence,

Accuracy, or Completeness of Recorded Transactions or Balances.

USSOCOM management should continue to work with its service components,

sub-unified commands/TSOCs, and service organizations to ensure supporting

UNCLASSIFIED

documentation is readily available for inspection by management for the

purposes of performing monitoring controls as well as for audit and other

compliance-related oversight functions. Additionally, USSOCOM should further

develop monitoring controls over recorded transactions, including crosswalks to

feeder systems, to ensure sufficient supporting documentation exists. Policies

and procedures should also address establishing controls to retain evidence.

USSOCOM should implement processes for monitoring the total actual

obligations incurred when support becomes available, compare actuals to the

related estimates, set thresholds for assessing the accuracy of the estimates, and

improve its estimation methodology where the accuracy of estimates used falls

below the established thresholds. USSOCOM Management should implement

new and strengthen existing controls over the receipt and acceptance of goods

and services, timely provisioning of sensitive information and data, and Gross

Costs and New Obligations and Upward Adjustments transactions.

4. Control Deficiencies over Accounts Payable and Advances and

Prepayments. USSOCOM management should work with its financial reporting

service organization and relevant system owners to obtain USSOCOM Accounts

Payable and Advances and Prepayments data and related support for balances

represented in the USSOCOM financial statements on a timely basis. USSOCOM

should also develop a process and procedures to routinely obtain schedules of

Accounts Payable and Advances and Prepayments that can be summarized at

the vendor, voucher, and/or invoice level and develop a risk management

process. Additionally, management should develop a strategy and compensating

controls, recognizing system limitations, that will enable USSOCOM to record

Accounts Payable transactions timely, completely, and accurately.

5. Improper Reporting of Revenue. USSOCOM should develop, document and

implement processes when faced with system limitations and perform a detailed

analysis of the Earned Revenue line item balance that provides sufficient

documentation of and support for any necessary adjustments to USSOCOM’s

financial statements.

6. Inappropriate Accounting Treatment of Certain Assets. USSOCOM

management should complete an analysis that determines whether certain

assets that lose their identity through incorporation into an end-item once utilized

are appropriately categorized as materials (a component of OM&S) or as PP&E

and make related adjustments to its accounting records as appropriate.

Additionally, USSOCOM should accurately accumulate and capitalize MFP-11

funded capital improvements and modifications to GE assets, including MFP-2

funded assets that are reported by the military services. USSOCOM should

ensure that once MFP-11 funded capital improvements and modifications are

complete, procedures are in place to appropriately record the transfer and

acceptance of the cost to the military service financially reporting the base asset.

7. Lack of Completeness over Operating Materials and Supplies. USSOCOM

management should continue efforts to identify and record OM&S within

Accountable Property Systems of Record (APSRs). Additionally, USSOCOM

should develop and implement processes to ensure service components and

sub-unified commands/TSOCs account for USSOCOM OM&S within APSRs that

would allow for the identification of a complete population of USSOCOM’s OM&S

assets. USSOCOM should also perform and document an analysis over the

entire population of USSOCOM OM&S in accordance with the DoD Financial

Management Regulation (FMR).

UNCLASSIFIED

8. Lack of Valuation over Operating Materials and Supplies. USSOCOM

management should develop a comprehensive plan, including milestones, to

implement SFFAS guidance. USSOCOM management should develop,

document, and implement controls over the valuation of OM&S. Additionally,

USSOCOM should develop and document an understanding of the inventory

procedures performed by service organizations over OM&S held outside of

USSOCOM and perform oversight to ensure inventory procedures over OM&S

held outside of USSOCOM are effectively performed.

9. Inability to Substantiate Operating Materials and Supplies. USSOCOM

management should develop, document, and implement procedures and system

capabilities to substantiate the purchases, consumption, gains, or losses of

OM&S in the year the activity occurs to support the OM&S balance. Additionally,

USSOCOM management should ensure JVs appropriately reflect the underlying

economic events and develop a comprehensive plan to implement SFFAS

guidance.

10. Lack of Compliance with the Accrual Basis of Accounting. USSOCOM

management should adopt policies and procedures to recognize expenses and

liabilities only upon receipt and acceptance of goods and/or services.

Additionally, USSOCOM should adopt general ledger systems designed to

comply at the transaction level with U.S. generally accepted accounting

principles, including the accrual basis of accounting. Furthermore, until compliant

systems can be adopted, USSOCOM should evaluate whether legacy systems

can be used without modification or modified to comply with the accrual basis of

accounting. USSOCOM management should work with system owners to

establish processes that ensure appropriate recording of economic events in a

timely manner after they occur. USSOCOM should establish cut-off procedures to

minimize the volume of transactions that are not recorded in the proper period

and perform an analysis to determine which business processes result in a

misalignment of receipt and acceptance of goods or services and recordation of

the related expense and payable. Management should use the analysis to

perform a cost/benefit determination over the possible variances across FYs.

Finally, USSOCOM should implement a control to estimate the amount of

unrecorded expenses at year-end and post an accrual entry to ensure the

alignment of expenses to the proper FY.

11. Lack of Controls over Financial Statement Compilation. USSOCOM

management should continue to work with its financial reporting service

organization to obtain an understanding of all actions taken by the organization

for the compilation and preparation of USSOCOM financial statements.

USSOCOM management should identify related risks and design monitoring

activities, which would allow them to perform appropriate oversight over the

service organization’s actions. Additionally, USSOCOM management should

design and implement controls that validate the accuracy of information manually

included within the financial statements and related notes by USSOCOM

personnel.

12. Inability to Create a Comprehensive Universe of Transactions. USSOCOM

management should develop processes and procedures to obtain a full

transactional population, or alternative documentation, which substantiates

balances presented in the USSOCOM financial statements. USSOCOM should

UNCLASSIFIED

additionally develop and document a detailed understanding of the various types

of activities supporting summarized financial statement balances, as well as

perform an analysis of differing types of internal and external factors impacting

operations.

13. Inadequate Controls for Information Systems used for Funds Distribution.

USSOCOM management, including USSOCOM’s Chief Information Officer (CIO)

and system service organizations, should work to enforce and monitor the

implementation of corrective actions as follows:

a. Logical Access and Segregation of Duties

i. PBAS

• Review all users and associated account details as a part of the

comprehensive periodic recertification.

• Develop new code to include all privileges and account details

within user listing.

ii. EFD

• Implement a process to review all access for users on a periodic

basis.

• Implement audit logging and monitoring controls in accordance with

formal policies and procedures. Furthermore, review and document

security logs on a periodic basis.

• Document access roles within access request forms.

• Document all systematic roles within the segregation of duties

matrix conflicts.

• Establish a mechanism to track terminated and transferred users for

the application.

b. Configuration Management

i. EFD

• Establish a mechanism to systematically track all configuration

items that are migrated to production in order to produce a

complete and accurate listing of all configuration items. Further,

develop, document, implement, and enforce requirements and

processes to periodically validate that all configuration items

migrated to production are authorized and valid.

• Establish a process to maintain, track, and remediate configuration

baselines.

c. Security Management

i. EFD

• Identify resources to prioritize the remediation of vulnerabilities.

14. Inadequate Controls for Information Systems Used for the General Ledger

Accounting Purposes. USSOCOM management, including USSOCOM’s CIO

UNCLASSIFIED

and system service organizations, should work to enforce and monitor the

implementation of corrective actions as follows:

a. Logical Access and Segregation of Duties

i. Enforce access provisioning policies and procedures.

ii. Perform complete periodic recertification of user access for continued

appropriateness of access.

iii. Develop a mechanism to track all users that have been terminated or

transferred.

b. Configuration Management

i. Implement a method to demonstrate that all direct data changes are

authorized.

ii. Provide change management documentation that supports the

traceability of the changes.

iii. Enforce procedures to perform a timely review of the monitoring reports.

c. Security Management

i. Validate that the review of Service Level Agreement occurs in

accordance with the agreement requirements.

UNCLASSIFIED

IV. Material Weakness – Lack of Adequate Controls over the Fund Balance with

Treasury Reconciliation Process

Fund Balance with Treasury (FBwT) represents the aggregate amount of funds on

deposit with the U.S. Department of the Treasury (Treasury). Treasury maintains

agencies’ FBwT account balances in its Central Accounting Reporting System

(CARS). Reconciliation of agencies FBwT general ledger accounts to the balances

held by Treasury is a key internal control process, which ensures the accuracy of the

government’s receipt and disbursement data. Therefore, Treasury Financial Manual

(TFM) Chapter 5100, Section 5125, requires agencies to implement effective and

efficient reconciliation processes and perform timely reconciliations between their

FBwT general ledger accounts and Treasury’s CARS Account Statement.

USSOCOM is considered an Other Defense Organization (ODO). ODOs are entities

authorized by the Secretary of Defense to perform select consolidated support and

service functions to the DoD on a Department-wide basis. Office of the Under

Secretary of Defense, Comptroller allots funds from appropriations to USSOCOM and

other ODOs including: Operations and Maintenance; Procurement; and Research,

Development, Test, and Evaluation, among others. Similarly, Treasury aggregates

the FBwT information for ODOs at a summary level in a single Treasury account, U.S.

Treasury Index (TI) 97. The Treasury account does not provide identification and

account balances of the separate ODOs sharing the U.S. Treasury account.

Disbursing offices across DoD are responsible for processing disbursements and

collections on behalf of the ODOs. The disbursements and collections processed by

each disbursing office are compiled each month by USSOCOM’s financial reporting

service organization. The service organization’s HQ Accounting and Reporting

System (HQARS) consolidates the disbursement and collection information received

from disbursing offices for each ODO FBwT account. HQARS then reports the

disbursement and collection to Treasury’s CARS. Because Treasury only identifies

the ODOs at the aggregate TI-97-level, the information sent to Treasury is provided at

an aggregated level and does not identify the specific ODO responsible for the

disbursements and collections.

To assist ODOs in performing the monthly-required FBwT reconciliation between their

general ledger FBwT accounts and the information in CARS, the financial reporting

service organization developed the Cash Management Report (CMR). This report is

an output of the CMR Tool, which takes information gathered from HQARS to

generate the CMR. The CMR is comprised of consolidated disbursement and

collection data from HQARS as well as ODO funding data from the PBAS, EFD, and

various DoD disbursing offices. The CMR identifies FBwT balances for each ODO at

the limit-level. Limits are four-character codes that help identify, manage, and report

the financial activity of each ODO.

Finally, the financial reporting service organization performs a series of reconciliations

of the CMR to identify and resolve variances between the general ledger accounting

systems and the Treasury records for each ODO. These reconciliations were

performed using the Department 97 Reconciliation and Reporting Tool (DRRT) and

Consolidated Cash Accountability System (CCAS). During FY 2022, USSOCOM

transitioned from DRRT and CCAS to Advancing Analytics (Advana) as the source

system for reconciling FBwT. Given the transitionary period, the Advana FBwT

reconciliation tool, processes, and related controls were continuing to evolve during

the FY 2022 audit cycle.

UNCLASSIFIED

Evaluation of FBwT Reconciliation Results

During our testing of the results of the USSOCOM FBwT reconciliation process, we

identified the following weaknesses:

1. Unidentified Differences. USSOCOM’s financial reporting service organization

uses an Access database to prepare the TI-97 General Fund FBwT Workbook

(TI-97 Audit Workbook), which displays TI-97 expenditure data and the partially

reconciled FBwT balance for each ODO accounting system detail and the CMR.

The TI-97 Audit Workbooks also display unidentified differences/reconciling items

and variance balances for each ODO. The financial reporting service organization

uses a number of different terms to distinguish among the various types of

unidentified differences (e.g., Unallocated Funds, Processing and Subhead

Errors, Unvouchered Intragovernmental Payment and Collection, Treasury

variances, and exclusions). USSOCOM’s financial reporting service organization

is unable to produce a universe of transactions and supporting documentation for

certain different types of FBwT variances.

As of September 30, 2022, unidentified differences between the CMR and

USSOCOM accounting system detail included within the TI-97 Audit Workbook

amounted to $35.7 Billion. This represents the absolute value of transactions that

could not be reconciled between the CMR, which reflects balances at Treasury,

and USSOCOM accounting system detail. In addition, the TI-97 Audit Workbook,

as of September 30, 2022, included an amount of $101 Billion; this amount is

noted as attributable to all ODOs, and therefore it could, at least partially, be

attributable to USSOCOM. .

2. Unreconciled Differences. A significant portion of the USSOCOM FBwT

account balance is attributable to appropriated funds prior to FY 2013 or FY

2015, depending on the type of appropriation. Given long-standing issues in

reconciling this data, management has discontinued any attempts to reconcile

this data and excludes these amounts from their reconciliation. For FY 2022,

Grant Thornton did not receive the FBwT Beginning Balance Analysis to calculate

the FBwT differences or perform controls walkthrough in the area.

3. Out-of-Scope Appropriations. USSOCOM management was unable to provide

support validating USSOCOM’s right to the Out-of-Scope Appropriations. For FY

2022, Grant Thornton did not receive the FBwT Beginning Balance Analysis to

calculate the FBwT differences or perform internal controls walkthroughs in the

area.

In addition to not receiving the FBwT Beginning Balance Analysis, Grant Thornton did

not receive the documentation necessary to complete the FBwT aging analysis. FBwT

reconciliations for ODOs are complex due to multiple individual ODOs comprising TI-

97; each ODO fund balance in the U.S. Treasury accounts is indistinguishable from

the fund balances of the other ODOs. This has resulted in the identification of

unsupported FBwT transactions. Grant Thornton identified that USSOCOM lacks

monitoring over its financial reporting service organization as it relates to FBwT and

that controls and documentation around the process were insufficient. Grant Thornton

was unable to perform testing over DRRT and CCAS reconciliations due to processes

being migrated to Advana. Significant FBwT variances may continue to age over 60

business days. Through our testing of the FBwT suspense and CMR differences,

Grant Thornton was unable to conclude rights and obligations of these differences as

UNCLASSIFIED

a result of insufficient and/or lack of supporting documentation. Furthermore, Grant

Thornton noted through suspense testing that samples with USSOCOM economic

events were erroneously included in other DoD agency financial data. The existence

of material unidentified differences between USSOCOM’s FBwT balance and

balances reported by Treasury, as well as material unsupported aged balances,

increases the risk that USSOCOM’s FBwT is misstated.

Evaluation of Information Systems used to Perform the FBwT Reconciliation. In

accordance with FMFIA, management is responsible for establishing and maintaining

internal controls to achieve the objectives of effective and efficient operations, reliable

financial reporting, and compliance with applicable laws and regulations. According to

GAO’s Green Book issued under the authority of FMFIA, management should design

control activities over the information technology infrastructure to support the

completeness, accuracy, and validity of information processing. We performed testing

over HQARS and the CMR Tool, which is owned by USSOCOM’s financial reporting

service organization.

We noted the following weaknesses related to the HQARS and CMR Tool

applications:

1. Logical Access and Segregation of Duties.

a. HQARS

i. Periodic access reviews were not complete and comprehensive.

b. CMR Tool

i. Access Control policies and procedures were not updated to reflect

current operating conditions.

ii. Periodic access reviews were not complete and comprehensive.

Further, evidence of the review was not retained.

iii. Audit logging and monitoring of user activity was not performed.

Without formalized and comprehensive access control policies and procedures,

management is not able to adequately monitor that only authorized individuals

maintain appropriate access to the application. Lack of a comprehensive

recertification presents the risk that individuals maintain unsupported and/or

unauthorized access to the application. Users with the ability to perform functions

outside of their job responsibilities increases the risk of inaccurate, invalid and/or

unauthorized transactions being processed by the system. Furthermore, the lack

of audit logging and monitoring controls increases the risk that suspicious activity

is not detected or addressed in a timely manner. The issues presented above

may increase the risk of financial systems being compromised and may result in

the unauthorized processing, use, modification, or disclosure of financially

relevant transactions or data.

2. Configuration Management.

a. CMR Tool

UNCLASSIFIED

i. Periodic change monitoring was not performed and documented.

The lack of change monitoring controls presents the risk that unauthorized

changes could be implemented to production. The issue presented above may

increase the risk of financial systems being compromised and may result in the

unauthorized processing, use, modification, or disclosure of financially relevant

transactions or data.

3. Security Management.

a. CMR Tool

i. Security policies and procedures were not updated to reflect current

operating conditions.

Without formalized and comprehensive security management policies and

procedures, management is unable to adequately monitor the system’s security

posture or identify vulnerabilities in the environment. The issue presented above

may increase the risk of financial systems being compromised and may result in

the unauthorized processing, use, modification, or disclosure of financially

relevant transactions or data.

Recommendations

USSOCOM management should consider taking the following actions:

1. Evaluation of FBwT Reconciliation Results.

USSOCOM management should continue to work with its financial reporting

service organization and other relevant organizations to:

a. Further investigate and resolve unidentified and unreconciled differences

resulting from the FBwT reconciliation process.

b. Design and implement controls over the FBwT reconciliation process

including timely resolution of FBwT differences.

c. Obtain and maintain adequate support for amounts recorded as funding

transactions within the USSOCOM FBwT account.

Recommendations for Information Systems used to Perform the FBwT

Reconciliation

USSOCOM management should work with its service organizations to enforce and

monitor the implementation of corrective actions as follows:

1. Logical Access and Segregation of Duties

a. HQARS

i. Review all users as a part of the comprehensive periodic recertification.

b. CMR Tool

UNCLASSIFIED

i. Update, implement and disseminate access control policies and

procedures in accordance with National Institute of Standards and

Technology (NIST) standards.

ii. Establish a process to conduct and document periodic reviews to

determine the appropriateness of access.

iii. Establish a process to perform and review audit logs of user activities.

2. Configuration Management

a. CMR Tool

i. Establish a process to perform periodic reviews of configuration

baselines.

3. Security Management

a. CMR Tool

i. Update, implement and disseminate security management policies and

procedures in accordance with NIST standards.

UNCLASSIFIED

V. Material Weakness – Lack of Adequate Controls over General Equipment and

Construction in Progress

In accordance with OMB Circular A-123 issued under the authority of FMFIA,

management is responsible for establishing and maintaining internal control to

achieve the objectives of effective and efficient operations, reliable financial reporting,

and compliance with applicable laws and regulations. A subset of the categories of

objectives is the safeguarding of all assets. Management designs an internal control

system to provide reasonable assurance regarding the prevention or prompt detection

and correction of unauthorized acquisition, use, or disposition of an entity’s assets.

USSOCOM reported on its September 30,

2022, Balance Sheet a total of $3.2 Billion

in PP&E, Net. The balance represents GE and CIP. USSOCOM is in the process of

implementing SFFAS 50, Establishing Opening Balances for General Property, Plant,

and Equipment. However, USSOCOM management had not yet completed the

necessary steps to make an unreserved assertion over its balance of PP&E within the

Balance Sheet.

In addition, during our testing related to existence and completeness of USSOCOM

GE, and existence testing for CIP, we noted the following internal control

weaknesses:

General Equipment

1. Incomplete Recording of Accountable Assets. USSOCOM’s acquisition office

did not complete the recording of all of its accountable property within their

APSRs by the end of FY 2022.

2. Inability to Support Historical Acquisition Cost. As originally designed, the

Global Combat Support System-Army (GCSS-Army), one of the APSRs used by

USSOCOM, does not track historical acquisition cost. Instead, the system

assigns current sales price as noted within the current asset catalog. Additionally,

USSOCOM management was unable to provide sufficient documentation to

support the recorded acquisition cost for certain assets inspected during our

testing.

3. Lack of Adequate Controls over Existence, Completeness, and Valuation.

During our testing, we identified errors related to the existence, completeness,

and valuation of GE sampled that included incomplete financial reporting of GE,

inadequate evidence to support existence of the asset, as well as acquisition

cost, acquisition date, and useful life not supported by documentation.

Additionally, we identified errors related to the improper inclusion of certain GE

assets that were not procured by USSOCOM or were not USSOCOM GE assets.

We also noted a lack of timeliness in recording GE assets acquired/transferred-in

and dispositioned/transferred-out of the APSR. Furthermore, USSOCOM

management did not produce a detailed listing of GE that separately displays

transfers in, transfers out, additions, and disposals (all of which have a financial

statement impact) from internal transfers (which are non-impactful to the financial

statements) for all GE assets. As a result, USSOCOM management could not

conduct appropriate reviews of the changes in composition of GE balances.

Finally, recurring controls were not in place at a USSOCOM component to ensure

all GE assets were inventoried.

UNCLASSIFIED

Construction in Progress

1. Inability to Support Capitalized Construction Costs. During our testing, we

noted USSOCOM’s inability to provide documentation for sampled CIP projects

to validate the proper inclusion or exclusion of capitalized construction costs

within the CIP balance.

The decentralized nature of USSOCOM operations and long-standing use of property

accountability systems that were not designed for financial reporting purposes,

coupled with USSOCOM management’s reliance on its components without proper

monitoring controls in place, and inadequate property controls at USSOCOM has led

to the control weaknesses noted. These weaknesses could further delay USSOCOM

management’s efforts to assert to the value of PP&E, Net as reported on the Balance

Sheet.

The above noted internal control issues could lead to material misstatements to

USSOCOM’s financial statements.

Recommendations

USSOCOM management should consider taking the following actions:

General Equipment

1. Incomplete Recording of Accountable Assets. USSOCOM management

should enforce controls that ensure its acquisition office maintains its APSRs up-

to-date with accurate counts and develops milestones which ensure all

accountable assets are added to the APSRs.

2. Inability to Support Historical Acquisition Cost. USSOCOM management

should continue efforts towards preparing to assert to its balance of PP&E, Net

for its eventual implementation of SFFAS 50, to include establishing a reliable

method to maintain the acquisition cost data for all USSOCOM GE.

3. Lack of Adequate Controls over Existence, Completeness, and Valuation.

USSOCOM management should continue to develop and revise its internal

controls to ensure accurate recording of the GE and Accumulated Depreciation

account balances. USSOCOM should also develop, document, and implement

policies and procedures that ensure GE data, including acquisition date and

useful life in the APSR, is up to date and changes are made in a timely manner;

continue efforts to obtain historical acquisition cost documentation for assets and

complete alternative processes to establish acquisition cost and date when

historical documentation is not available. USSOCOM management should

enforce controls to ensure acquisitions/transfers-in and disposals/transfers-out of

GE assets are recorded in the APSR in the period in which the transaction

occurs. Additionally, USSOCOM management should develop processes and

procedures to prepare a listing of GE that separately identifies transfers in/out,

additions, and disposals from internal transfers to support analysis of GE.

Furthermore, USSOCOM management should implement procedures to ensure

all assets are subject to inventory controls at regular intervals.

Construction in Progress

UNCLASSIFIED

100

Inability to Support Capitalized Construction Costs. USSOCOM management

should design and implement controls to ensure accumulated CIP project costs

have appropriate supporting documentation, which is retained and readily available

for review. USSOCOM management should also design and implement controls to

ensure the validation of removal of asset values upon acceptance of the transfers by

the military services.

UNCLASSIFIED

101

VI. Significant Deficiency - Lack of Adequate Controls over Information Systems

Related to Sensitive Activities

In accordance with the FMFIA, management is responsible for establishing and

maintaining internal controls to achieve the objectives of effective and efficient

operations, reliable financial reporting, and compliance with applicable laws and

regulations. According to GAO’s Green Book issued under the authority of the FMFIA,

management should design control activities over the information technology

infrastructure to support the completeness, accuracy, and validity of information

processing. Grant Thornton evaluated two systems that are used to process

transactions relating to sensitive activities. One of the systems is General Fund

Enterprise Business System – Sensitive Activities (GFEBS-SA), which Grant

Thornton assessed in FY 2022. The other system is owned by a USSOCOM

component, who plans to migrate to GFEBS-SA in future years, and thus the

component has no plans to enhance its current legacy system. As a result, Grant

Thornton did not perform additional audit procedures over their current legacy

environment and the conditions noted below relating to this system were identified in

prior years and continue to impact the control environment in FY 2022.

For systems that process sensitive activities, we noted the following deficiencies:

1. Logical Access and Segregation of Duties.

a. USSOCOM Component System

i. Comprehensive access control policies and procedures were not

documented and formalized.

ii. Comprehensive recertification of users was not conducted to determine

appropriateness of access.

iii. Configurations to disable/remove accounts after a period of inactivity

were not implemented.

iv. Users have write access to audit logs.

v. Reviews of audit logs were not documented.

b. GFEBS-SA

i. Access provisioning procedures for users were not followed.

ii. Reaffirmation process for privileged users was not documented and

implemented.

iii. A complete listing of privileged users that were deprovisioned could not

be generated.

iv. ArcSight tool was not configured to monitor and log user activity within

the database.

UNCLASSIFIED

102

v. Timely review and closure of ArcSight tool cases was not performed.

Furthermore, the ArcSight tool has limited data retention.

vi. Processes to validate that inactive end users were revoked were not

performed.

Policies and procedures that are not formalized and disseminated present the

risk that personnel do not adhere to required controls. Unauthorized access

increases the risk that users can perform activities within the system in excess of

their job responsibilities. Further, lack of a comprehensive recertification, lack of

complete deprovisioned user listing, and the untimely removal of access present

the risk that individuals maintain unauthorized access to the application.

Uncomprehensive audit logs, the ability to “write” to audit logs, and lack of review

and retention of audit logs, presents the risk that individuals perform unauthorized

actions within the application without investigation and recourse. The issues

presented above may increase the risk of financial systems being compromised

and may result in the unauthorized use, modification, or disclosure of financially

relevant transactions or data.

2. Configuration Management.

a. USSOCOM Component System

i. Comprehensive configuration management policies and procedures

were not documented and formalized.

b. GFEBS-SA

i. Changes were not made in accordance with policy.

ii. A process for validating transports was not implemented.

iii. Documented approval did not occur prior to implementing a patch to

production.

iv. System settings / security technical implementation guides (STIGS)

were outdated.

Policies and procedures that are not formalized and disseminated present the

risk that personnel do not adhere to required controls. Without appropriate

controls to document, validate and authorize changes, there is an increased risk

that unauthorized, inappropriate, or untested changes may be introduced into the

application without detection. If unauthorized or erroneous changes to the

application are not identified, there is an increased risk that changes could have

a negative impact to the system. Without receiving appropriate approvals,

patches migrated into production may negatively impact the application

functionality. Without reviewing and implementing the latest system security

settings, application settings may not be enforced or secure. This may increase

the risk of financial systems being compromised and may result in the

UNCLASSIFIED

103

unauthorized processing, use, modification, or disclosure of financially relevant

transactions or data.

3. Security Management

a. GFEBS-SA

i. Policies and procedures were not updated to reflect current operating

conditions.

ii. Supporting documentation relating to various areas of testing was not

provided.

iii. Automated vulnerability tools not configured to scan all system

components.

iv. Vulnerabilities were not tracked to remediation.

v. A process for extending Plan of Actions and Milestones (POA&Ms) that

exceed remediation timeframes was not documented or implemented.

Without formalized and comprehensive policies and procedures, management is

not able to help ensure personnel are operating and supporting the system as

designed. Incomplete scanning of the application for vulnerabilities increases the

risk that critical vulnerabilities go undetected and unresolved which in turn

increases the risk of systems being compromised. The inability to track and

monitor vulnerabilities to remediation in accordance with timelines increases the

risk of that known weaknesses are not addressed and further increases the risk

to confidentiality, integrity, and availability of data. Insufficient evidence to support

the design and operating effectiveness of controls inhibits the ability to conclude

on whether controls have been appropriately designed and whether those

controls were operating effectively during the audit period. This may increase the

risk of financial systems being compromised and may result in the unauthorized

processing, use, modification, or disclosure of financially relevant transactions or

data.

4. Backups

a. GFEBS-SA

i. Backup logs are not retained for the duration of the audit period.

If application data is not retained for archival purposes, there is an increased risk that

the application would not be restored in the event of a data loss or outage. This may

increase the risk of financial systems being compromised and may result in

unavailability of data.

Recommendations

USSOCOM management should consider taking the following actions :

1. Logical Access and Segregation of Duties

UNCLASSIFIED

104

a. USSOCOM Component System

i. Finalize and implement comprehensive access control policies and

procedures.

ii. Conduct reviews to determine the appropriateness of access.

iii. Implement configurations to disable / remove accounts after a period of

inactivity.

iv. Remove the ability for users to have write access to audit log.

v. Document the reviews of audit logs. Furthermore, retain evidence of the

review.

b. GFEBS-SA

i. Implement a process to ensure all systematic user roles provisioned

within the application are documented and approved.

ii. Develop a process to perform a comprehensive review of privileged

access on a periodic basis.

iii. Develop the capability to systematically generate and retain a listing of

privileged users deprovisioned access.

iv. Configure the ArcSight tool to monitor and log user activity and review

resulting logs.

v. Design and implement timeframes for when ArcSight cases must be

reviewed and closed and establish a mechanism to retain ArcSight case

data for archival purposes.

vi. Implement a process to validate those inactive users are removed.

2. Configuration Management

a. USSOCOM Component System

i. Finalize and implement comprehensive configuration management

policies and procedures.

b. GFEBS-SA

i. Implement a control to ensure that each configuration item is requested,

developed, tested, approved prior to implementation into production.

ii. Implement a process to validate that only authorized changes move to

production.

UNCLASSIFIED

105

iii. Implement a process to ensure that all patch releases are properly

reviewed and approved prior to migration into production.

iv. Design and implement a process to ensure the latest security settings

are reviewed and applied to the system.

3. Security Management

a. GFEBS-SA

i. Design and implement policies and procedures to be reflective of current

processes.

ii. Implement a process to provide supporting documentation.

iii. Configure the automated vulnerability tool to scan all system

components for vulnerabilities.

iv. Implement a process to validate identified vulnerabilities are tracked and

remediated in accordance with policies and procedures.

v. Establish a process to obtaining signature approval and documenting

risk acceptance.

4. Backups

a. GFEBS-SA

i. Configure the backup utility to retain data for a longer period.

UNCLASSIFIED

106

VII. Material Non-Compliance - Lack of Substantial Compliance with the Federal

Managers’ Financial Integrity Act of 1982

DoD Instruction 5010.40 requires DoD entities to comply with the requirements of the

FMFIA and the requirements of OMB Circular A-123. The FMFIA and OMB Circular

A-123 require federal entities to establish internal controls in accordance with the

GAO Green Book, conduct evaluations of their internal controls, and annually prepare

a SoA regarding the agency’s systems of internal accounting and administrative

controls.

Although we have noted some progress, USSOCOM has not yet fully implemented a

formal internal control program that would allow it to substantially comply with the

FMFIA and the related OMB Circular A-123 requirements. Specifically, USSOCOM

documented its determination about whether its controls were designed, implemented,

and operating effectively in accordance with the 17 GAO Green Book principles. We

noted that the results in the ELC Matrix do not align with conclusions in SoA – Overall

Assessment and Evaluation of Internal Controls Table. Specifically, for the Risk

Assessment and Monitoring components, the ELC matrix indicates controls are not

operating effectively, while the SoA table indicates “Yes” for operating effectively.

As a result, USSOCOM management did not ensure substantial compliance with the

FMFIA. Specific examples of USSOCOM’s non-compliance with the FMFIA are

included in material weaknesses noted in Sections I through V of this report.

In addition to those control deficiencies that were noted as part of the material

weaknesses referenced above, we identified additional deficiencies that impacted

USSOCOM’s compliance with the FMFIA:

a. USSOCOM did not provide process documentation supporting the

implementation of controls.

b. USSOCOM’s (buyer-side) data is adjusted, or replaced, using seller-side

data submitted from other organizations due to USSOCOM’s inability to

reconcile.

Recommendations

USSOCOM management should continue to design and fully implement a formal

internal control program that meets FMFIA, GAO Green Book, and OMB Circular A-

123 requirements. This program should ensure that:

1. In order to conclude on compliance with each of the GAO Green Book 17

principles, management should consider the use of GAO’s Internal Control

Management and Evaluation Tool to evaluate whether each principle was

designed, implemented, and operating effectively. Further, management should

align results for the individual GAO Green Book principles to the results in the

Overall Assessment and Evaluation of Internal Controls.

UNCLASSIFIED

107

VIII. Material Non-Compliance - Lack of Substantial Compliance with the Federal

Financial Management Improvement Act of 1996

The Federal Financial Management Improvement Act of 1996 (FFMIA) requires that

agencies establish and maintain financial management systems that substantially

comply with the following three FFMIA Section 803 (a) requirements: Federal

Financial Management System requirements, applicable Federal accounting

standards, and the United States Standard General Ledger (USSGL) at the

transaction level. USSOCOM management has acknowledged that they do not

comply with the requirements of the FFMIA.

Because of matters described in the Basis for Disclaimer of Opinion paragraphs

included in our financial statement audit report dated November 7, 2022, we were not

able to obtain sufficient appropriate audit evidence related to USSOCOM

management’s substantial compliance with FFMIA Section 803 (a) requirements.

USSOCOM owns systems that are unique to its operations; however, the majority of

USSOCOM’s transactions are processed through and reside in each of the military

services' components' and/or service organization financial systems, depending on

the Combatant Command Support Agent of the USSOCOM service component or

sub-unified command. Based on our inspection of the Department of the Air Force,

Department of the Army, Department of the Navy, and United States Marine Corps FY

2021 annual financial reports, we noted that each of the departments and the United

States Marine Corps are not in compliance with the requirements of FFMIA. We

anticipate these results will not significantly change in FY 2022. In turn, this affects

USSOCOM’s ability to substantially comply with the requirements of the FFMIA. In

addition, we noted the following instances of non-compliance through the execution of

our audit procedures:

1. Federal Financial Management System requirements. Due to issues with

internal controls over security management, logical access, configuration

management, and backups, financial systems did not meet Federal Financial

Management System requirements.

2. Applicable Federal Accounting Standards. USSOCOM did not comply with

applicable federal accounting standards in multiple instances such as:

a. USSOCOM management has asserted that, currently, it does not have

adequate controls in place to validate the completeness and accuracy of the

value reported within its Balance Sheet for PP&E.

b. Intra-entity revenue was recorded as exchange revenue within certain

accounting systems.

c. No reports could be generated which would allow for the assessment of risk

related to aged invoices and abnormal balances at the invoice, voucher, or

vendor level.

d. Processes were not in place to consistently accrue accounts payable in all

instances.

e. USSOCOM could not attest to the completeness of the OM&S balance on the

financial statements and full application of the consumption method of

accounting of the OM&S.

UNCLASSIFIED

108

f. USSOCOM management has asserted that it does not have the processes

and controls in place to validate the valuation of OM&S and therefore could

not make an unreserved assertion over the value reported within its balance

sheet for I&RP.

g. Certain USSOCOM information systems were not designed for compliance

with the accrual basis of accounting (e.g., Standard Operation and

Maintenance Army Research and Development System) and USSOCOM

lacks the policies and controls to ensure compliance with the accrual basis of

accounting.

h. USSOCOM management was unable to support classification of certain Class

2 component item assets as OM&S, rather than classifying the Class 2

component item assets as PP&E.

i. There were certain Military Standard Requisitioning and Issue Procedures

supply bulk transactions and summary transactions recorded within the

General Accounting and Finance System for which underlying support was

unavailable.

j. USSOCOM management could not provide a listing of assets supporting the

balance for the Advances and Prepayments line item.

3. USSGL at the Transaction Level. USSOCOM data is recorded across multiple

accounting and non-accounting systems, some of which are not USSGL

compliant at the transaction level. Monthly, systems owners submit summary

financial information to USSOCOM’s financial reporting service organization for

data normalization and summarization, referred to as pre-processing, within

DDRS-B. During pre-processing, non-USSGL compliant summary information is

converted so that it complies with USSGL requirements. However, the resulting

USSGL compliant information cannot be reconciled to original source information.

As a result, USSOCOM management is unable to validate the adequacy of the

conversion and compliance with this requirement.

Recommendations

USSOCOM management should consider taking the following actions:

1. Consider transitioning to a stand-alone general ledger accounting system that

complies with the requirements of the FFMIA. A transition to a modern and

compliant system would eliminate USSOCOM’s dependency on service

organization systems that are non-compliant with federal financial system

requirements, federal accounting standards, and the USSGL at the transaction-

level. The transition would also eliminate the need for extensive and complex

adjustments/reclassifications of financial data that are prone to errors.

USSOCOM management should also continue to work with the Office of the

Under Secretary of Defense, Comptroller to develop alternative methods of

producing the USSOCOM financial statements.

2. Alternatively, USSOCOM management should work with their service

organizations to develop corrective actions for long-standing system control

weaknesses and to ensure that internal controls are in place for every step of the

UNCLASSIFIED

109

compilation process executed by its financial reporting service organization,

including:

a. Develop and implement comprehensive reconciliation controls/processes to

ensure that all USSOCOM data ingested into DDRS-B is ingested at the

accurate amount and to the appropriate accounts;

b. Develop processes/procedures to obtain a full transactional population;

c. Conduct assessments to ensure compliance with:

i. TFM USSGL at the transaction level; and,

ii. Applicable federal accounting standards.

d. Develop, implement, and monitor the effectiveness of security controls to

ensure compliance with NIST and DoD Instruction requirements; and,

e. Develop a comprehensive plan, including milestones, to implement both

SFFAS and DoD Guidance in a timely manner.

3. Further design and implement adequate controls and monitoring activities over

USSOCOM’s compliance with the FFMIA according to OMB Circular A-123,

Appendix D, Compliance with the Federal Financial Management Improvement

Act of 1996.

UNCLASSIFIED

110

UNCLASSIFIED

111