We analyzed over 1,200 state auditor reports across North Carolina, Connecticut, Virginia, Texas, and Florida. The patterns that emerged paint a clear picture of systemic challenges in post-award contract oversight - and point toward where technology can make the biggest difference.
The Scale of the Problem
Government agencies across the United States process billions of dollars in vendor payments annually. Each payment originates from a contract with specific terms: negotiated rates, approved scope, invoicing requirements, and acceptance criteria. The gap between what a contract authorizes and what an invoice claims is where payment integrity risk lives.
To understand the scope of this challenge, we built automated extraction pipelines that process published audit reports from state auditors of public accounts. Across five states - North Carolina, Connecticut, Virginia, Texas, and Florida - we analyzed more than 1,200 reports spanning fiscal years 2022 through 2025.
What We Found
Three categories of findings dominate the landscape:
Rate and billing discrepancies account for roughly 35% of all material findings. These are cases where the amount billed does not match the amount authorized by the contract. The root causes vary: outdated rate schedules applied after amendments changed pricing, unit-of-measure confusion (hourly vs. daily rates), and escalation clauses applied incorrectly. What makes these particularly challenging is that verifying rates often requires tracing changes across multiple contract modifications - a task that can involve reading hundreds of pages of legal text.
Scope and authorization failures represent about 28% of findings. Work was performed and billed, but either the scope was never formally authorized, the work occurred outside the approved period of performance, or the deliverables billed don't match what the contract defines. In many cases, the underlying work was legitimate and valuable. The failure is procedural: the authorization chain wasn't followed, which creates audit exposure regardless of whether the work was appropriate.
Acceptance and documentation gaps make up the remaining significant portion at approximately 22%. Invoices were paid without documented evidence that the government received and accepted the goods or services. This doesn't necessarily mean the deliverables were deficient - it means the paper trail was incomplete, leaving auditors unable to verify that payment was warranted.
Why These Patterns Persist
The structural explanation is straightforward. A single procurement officer may manage 20 to 50 active contracts simultaneously. Each contract has its own rate schedule, modification history, invoicing instructions, and acceptance criteria. When a new invoice arrives, the officer must mentally reconstruct the current state of that specific contract - which rates are in effect after the latest amendment, what scope is authorized, whether prior deliverables were accepted - and verify every line item against those terms.
This is a task that takes deep concentration, access to the right documents, and often 30 to 60 minutes per invoice. When caseloads are high, shortcuts are inevitable. The most common shortcut: relying on the vendor's representation rather than independently verifying against the contract.
Auditors consistently note this staffing-to-workload mismatch in their recommendations. But the reality of government budgets means that simply hiring more staff is rarely feasible.
The Technology Opportunity
What makes these findings particularly relevant for technology intervention is their regularity. These are not exotic edge cases. The same categories of discrepancies appear across every state we analyzed, in every department type, in every contract structure. The checks required are definable, the source documents are structured (even if lengthy), and the verification logic is deterministic for approximately 70% of cases.
The remaining 30% - contextual judgments about reasonableness, scope interpretation disputes, and acceptance determinations - still benefit from technology that surfaces the relevant evidence. Rather than requiring the officer to find the relevant clause in a 200-page contract, the system can present it alongside the invoice line in question.
Implications for Agencies
For procurement and finance leaders, these findings suggest three priorities:
First, rate verification is the highest-value automated check. It catches the most dollars at risk and requires the least subjective judgment. Any contract management system that doesn't automatically flag rate discrepancies against the current amendment schedule is leaving significant exposure unaddressed.
Second, scope authorization workflows need to be tightened at the point of invoice submission, not during annual audit. By the time an auditor identifies an unauthorized scope charge, the work has been completed and paid for. Recovery is difficult and politically costly.
Third, acceptance documentation should be a prerequisite for payment, not a box checked after the fact. Digital acceptance workflows tied to contract deliverable schedules can eliminate this category of finding almost entirely.
Looking Forward
We are continuing to expand this analysis. Our automated extraction pipeline now runs continuously against new audit publications, building an increasingly detailed picture of where payment integrity challenges concentrate - by state, by agency type, by contract structure, and by finding category.
The goal is not to score or rank states, but to help agencies understand their own risk profile relative to the broader landscape, and to direct oversight resources where they will have the greatest impact.
The data is clear: the problem is systemic, the patterns are predictable, and the tools to address them are now within reach.