EPA OIG flags gaps in tracking drinking water security investments

A new report from the U.S. Environmental Protection Agency Office of Inspector General (EPA OIG) finds that the U.S. Environmental Protection Agency lacks sufficient oversight to track how federal infrastructure funds are being used to strengthen drinking water system security.

The evaluation reviewed use of supplemental funding from the Infrastructure Investment and Jobs Act distributed through the Drinking Water State Revolving Fund, focusing on whether funds are supporting projects that improve resilience to physical and cyber threats.

According to the report, while some states described projects aimed at improving system security, EPA does not currently require consistent reporting or tracking of those efforts. As a result, the agency cannot determine how much of the $3.8 billion allocated in fiscal years 2022 and 2023 is being used for resilience-related projects.

The OIG found that identification of such projects depends largely on how states describe them in Intended Use Plans or database entries, which vary widely and often lack standardized terminology. In many cases, project descriptions did not clearly indicate whether funds were supporting cybersecurity or physical security improvements.

“Without investments in resilience-related projects, U.S. water systems remain at risk from physical and cyber threats and hazards,” the report states.

To address these gaps, the OIG recommended that EPA develop a method to better track resilience-focused projects and work with states to establish clearer guidance for reporting in Intended Use Plans. The agency agreed with both recommendations, though one remains unresolved pending further action.

The full report can be found here.