State legislation would curtail auditor’s discretion

DES MOINES — A bill passed by the Iowa State Senate March 7 but not yet voted on in the house would curtail the power of the state auditor’s office, in a move proponents have called common sense policy despite party-line votes.

Senate File 478 was approved by senators with an amendment that clarifies the auditing process and expands a list of records that the office cannot acquire — including income tax returns, criminal identification files and medical records — unless the audited entity, “Agrees that the information is necessary for the purposes of the audit,” among other requirements.

Sen. Dawn Driscoll, a Republican from Williamsburg, said the legislation would protect citizens’ privacy.

“Through this legislation citizens across the state can be confident that their personal information is protected from inspection by the State Auditor,” she said in an email. “No official should have access to medical records, academic records, or other personal information that is irrelevant to an audit. This is a common-sense measure to protect Iowans’ privacy rights and ensures that no one person or entity can abuse the scope of their power.”

State House Rep. Heather Hora, another Republican whose district overlaps with much of Driscoll’s, including the entirety of Washington County, said she had not yet read the bill, but expected to reach the same conclusions when the house votes.

"Anything that protects people’s privacy from overreach of government is great with me,“ she said at a legislative forum in Washington on Friday.

The bill is far from uncontested. Its senate passage came after a 33-16 vote, in which every Democrat in the chamber voted against the bill.

One clause of the three-page legislation expands Iowa Code Chapter 679, which prevents government agencies in the state from suing one another, and instead sends their disputes to a panel of delegated representatives from each side and a third from the governor’s office. If enacted, SF 478 would extend that process to the state’s executive branch offices, preventing the auditor from prosecuting for illegally withheld records, as it did in 2021 against the University of Iowa, receiving a unanimous Iowa Supreme Court decision against the school.

Opponents, including State Auditor Rob Sand who is a Democrat, said that clause would insulate needed information from inspection, as the tiebreaking vote would effectively be controlled by the governor’s office. The arbitration panel has no appeals process, its decisions are final under state law.

“If the agency plus whoever the governor chooses says, ‘No, you can’t have that,’ we’re done,“ Sand said. ”What this means, effectively is, anyone who’s responsible for waste, fraud and abuse can hide it from us, as long as they get other people who are responsible for the same waste fraud and abuse to agree. And common sense says, yeah, that’s going to happen … it encourages people to steal money because they know it can remain hidden, no matter what.“

Sand said he also had concerns about the bill’s expansion of inaccessible records and the requirement that audited entities sign off before disclosing certain information.

He said that hurdle would remove checks and balances on billions of taxpayer dollars, as discretion in the auditing process fell to actors with an incentive to prevent oversight.

“If you deny an auditor access to information, they can’t issue an opinion,” Sand said. “If they can’t issue a clean opinion, you’re jeopardizing the funding that’s related to that information. We totaled it up, that’s $4.9 billion annually that, if we had a scope limitation, we might not be able to audit.”

Sand said Republican’s privacy concerns could be met by codifying current practices, rather than restricting the auditor’s office, which recently received the highest possible peer review rating for privacy from the National State Auditors Association (NSAA.)

“We have never, never had a violation of a privacy issue,” Sand said. “They’re making this up.”

The bill has set off alarm bills across the country. In a letter from the NSAA, Connecticut State Auditor John Geragosian — one of two in his state — said privacy protections in the bill were redundant, as uniform federal auditing standards already limit the agency’s ability to disclose irrelevant info from sensitive documents, anonymize its data as much as possible, and require that the office act independently.

The letter, signed by auditors from 26 states — including Republican strongholds like Alaska, South Carolina, Montana and Mississippi — said the restrictions would imperil the state’s financial opportunities.

“These limitations are so severe that the auditor is unable to issue an opinion,” the letter said. “This should not be the desired outcome of any audit, and would lead to significant concerns for the federal grant-winning agencies and could result in a loss of federal funds. A disclaimer on the financial statements could also negatively impact the state’s bond rating.”

David Walker, a Republican and former Comptroller of the U.S. Government Accountability Office, said it would rig audits in favor of the state’s ruling party.

“It would effectively undercut the independence of, and non-partisan approach needed for the Iowa State Auditor’s Office,” he said in a statement. “Certain provisions in the file are also inconsistent with the Generally Accepted Government Auditing Standards, as promulgated by the U.S. Government Accountability Office.”

Comments: Kalen.McCain@southeastiowaunion.com