The title of a March 24 report of the Housing and Urban Development Office of the Inspector General lays out the document’s premise in stark terms: “The U.S. Virgin Islands Housing Finance Authority's Fraud Risk Management Practices Are At or Below The Lowest Desired Level.”
The findings come from an audit of the agency’s framework for preventing, detecting, and responding to fraud as it administers almost $2 billion in block grant funding. The high level conclusion? “VIHFA does not have fraud risk management processes to prevent and detect fraud risks,” the report states, referring to fraud prevention practices at the agency as “ad hoc” or worse. The audit, conducted between April and June 2025, covered the agency’s operations from September 2018 through March 2025.
According to the HUD OIG report, while anti-fraud efforts at VIHFA do exist, they are “unstructured and reactive.” On a holistic level, the agency “has not effectively established a program to combat fraud,” the report says. The internal divisions within the agency “appear to operate in silos which hinder communication and the effective management of fraud risks,” it continues. The friction in internal communication has led to the established policies against fraud, waste, and abuse not being adequately implemented across the agency, the OIG found.
The report notes that of ten VIHFA officials interviewed during the audit, eight of them “did not know what types of fraud schemes their programs are susceptible to.” At least one official told the audit team that they wished for more fraud training, but felt that they could not voice that desire to management "because fraud is a sensitive subject at VIHFA and around the island now.” The agency has been accused of faking bids and fabricating records in a procurement dispute set for trial later this year. Last month, former agency COO Darrin Richardson was sentenced to prison last month for his role in a $4 million fraud scheme involving HUD funds. Even after his conviction in 2025, “interviewed officials did not know or have a clear understanding of the process to follow when reporting instances of fraud or suspected fraud,” the audit found.
The report slams VIFHA’s internal auditors for not sharing the results of a fraud risk questionnaire administered to staffers in the agency’s procurement division and disaster recovery finance unit. The data gathering exercise found that employees know of fraud allegations made by “employees, vendors, customers, or other people.” Some staffers said they had personal knowledge of fraud or suspected fraud. They told auditors of “instances where management have overridden controls,” and disclosed that there are “motives, pressures, and/or incentives within the organization that would make someone susceptible to committing fraud.” VIHFA, the respondents said, “does not have a culture that supports ethical behavior in the workplace.”
The HUD OIG report says that the internal audit team never mentioned the questionnaire results to VIHFA management. Instead, the data was shared only with the directors of the two units where the questionnaire was administered. These individuals subsequently left the agency, “and appear to have taken no action to elevate or address the matter.” Because senior management had no idea that the questionnaire was even being conducted, far less of its results, “no actions were implemented by VIHFA to respond to or mitigate the reported fraud risk red flags.”
VIFHA management was also criticized for failing to “set an anti-fraud tone for its disaster recovery and mitigation programs.” The report points out that after a major fraud event, organizations usually “commit to making substantive changes and implementing control activities to ensure that it protects itself from additional or future frauds.” VIHFA did none of that, the HUD OIG report says. The agency “did not take appropriate action after learning that potential fraud occurred in its programs, nor act a year later when its former COO was convicted of fraud.” In fact, high-ranking agency officials did not seem to understand what comprehensive fraud risk management entailed. Several to whom OIG auditors spoke mistakenly believed that the recovery risk management officer hired last February was responsible for fraud risk management at the agency. “This person’s responsibilities do not include the development and implementation of the fraud risk management framework,” the report stated.
VIHFA’s lax approach, the audit report says, “reinforces a permissive culture where anti-fraud efforts are not prioritized.” It concluded with several recommendations, all tailored towards ensuring the VIFHA develops and implements a robust fraud risk management program that impacts the agency at all levels of operation.
In response to the report’s findings and recommendations, the VIHFA acknowledged that its anti-fraud efforts “represent initial steps, and that further work is required to align its current practices with GAO standards.” Management said that a “full implementation and comprehensive fraud risk management program” is expected by the second quarter of 2026, which began at the beginning of this month.
Advertisements
