The Office of Management and Budget (OMB) has issued updated guidance directing federal agencies to take greater ownership of internal controls and risk assessment, with OMB Director Russell Vought arguing that prior policy relied too heavily on outside watchdogs such as the Government Accountability Office (GAO).
In a policy update released Tuesday, Vought said overreliance on federal watchdogs such as GAO has “failed to prioritize agency internal control processes to adequately protect American taxpayer dollars,” and has contributed to “documented examples of widespread abuse.”
The revised guidance sets requirements agencies must follow to comply with the Federal Managers’ Financial Integrity Act, which requires annual agency reporting to OMB.
The move specifically made clear that GAO’s Standards for Internal Control in the Federal Government – known as the Green Book – remains a reference point, but not binding guidance.
OMB said the revised policy is intended to align agencies’ internal control work with an executive order issued last year to protect government finances from misuse, while placing more responsibility on agency heads to identify, manage, and remediate operational risks.
Under the revised circular, agencies must maintain robust internal control systems to ensure efficient operations, reliable reporting, and compliance with laws and regulations. Agency heads must also conduct annual assessments of internal controls and report any material weaknesses – along with corrective plans – in official financial or accountability reports to Congress and the president.
The updated guidance organizes agency responsibilities around five components: control environment, risk assessment, control activities, information and communication, and monitoring. OMB said the framework is meant to strengthen governance, clarify accountability across staff levels, and expand the use of risk management practices to address threats, including fraud, cybersecurity vulnerabilities, and improper payments.
Vought said earlier policy updates had “overly deferred to direction and priorities” from watchdogs such as GAO, and said the new approach is meant to refocus responsibility inside executive branch agencies.
The revision took effect immediately upon issuance.
GAO pushed back on Vought’s criticism. In a statement shared with MeriTalk, a GAO spokesperson said the agency’s work has produced about $1.5 trillion in financial benefits since 2002.
“We stand by our work for the Congress on fraud, improper payments, and ensuring the taxpayers’ dollars are efficiently and effectively spent,” the spokesperson said. “By law, GAO and OMB are responsible for establishing internal controls for federal agencies in consultation with each other. This is critical to preventing fraud and other improper payments.”