Modernization Mandates, AI Guardrails, and the Fraud Prevention Challenge

Original broadcast 7/27/25

Presented by ServiceNow

This week on Fed Gov Today with Francis Rose, government leaders and industry experts address three major challenges confronting federal agencies: modernizing legacy IT systems, governing the growing use of artificial intelligence, and combatting sophisticated fraud schemes draining agency budgets. Francis Rose talks with Kevin Walsh from the GAO about the slow pace of IT modernization across critical systems, ServiceNow's Jonathan Alboum about how agencies can govern AI usage effectively, and Linda Miller and Jordan Burris about the urgent need for stronger identity verification to fight fraud. It’s a fast-paced look at the technical, strategic, and security demands facing federal agencies today.

$100 Billion Problem: Why Legacy Modernization Still Lags

Kevin Walsh, Director of IT and Cybersecurity at the Government Accountability Office, returns to Fed Gov Today to discuss GAO’s latest findings on the federal government’s most outdated legacy systems. In a repeat of their 2019 review, GAO identifies 11 critical legacy systems that require modernization. Alarmingly, eight of those systems still lack a complete modernization plan. Walsh explains why this slow progress is happening—including funding challenges, changing agency priorities, and systemic uncertainty—and calls on Congress to mandate plans from agencies still without them.

He emphasizes that GAO is setting a low bar: agencies just need a basic plan with milestones and a defined shutdown strategy for the old systems. He cites troubling statistics, like the FAA relying on systems whose manufacturers are out of business, and the IRS running hundreds of legacy platforms without a roadmap for modernization. Walsh also warns that these aging systems increase cybersecurity vulnerabilities and operational risk.

• Only 3 of 11 critical federal legacy systems have a full modernization plan in place

• Many systems continue to use obsolete programming languages like COBOL and are vulnerable to cyber threats

• GAO recommends congressional action to compel agencies to create and document basic modernization strategies

AI Everywhere: Time for Governance to Catch Up

Jonathan Alboum, Federal CTO at ServiceNow and former USDA CIO, outlines the importance of strong AI governance as usage expands across government. With agencies like GSA reporting near-daily use of internal AI tools by nearly half their workforce, the lack of uniform oversight raises serious concerns. Alboum points to the NIST AI Risk Management Framework as a solid starting point, but stresses the need for a cross-functional, agency-wide approach that includes CIOs, CDOs, cybersecurity leads, and frontline users.

He lays out a comprehensive vision for responsible AI management: create inventories of AI use cases, align AI outcomes with agency mission goals, measure success through risk and performance metrics, and ensure compliance with law and privacy standards. Alboum frames AI governance as not only a technical necessity, but a way to build public trust in government innovation.

• Governance should span across agency leadership—not just CIOs or AI officers—to include data, cybersecurity, and risk management

• The NIST AI Risk Management Framework offers a solid, collaborative foundation

• Agencies must track use cases, measure risk, and demonstrate alignment with strategy and public trust goals

Fraud Fighting in the AI Era: Identity is the Front Line

Linda Miller, CEO of The Audient Group, and Jordan Burris, Head of Public Sector at Socure, break down why government agencies are struggling to combat fraud—and what needs to change. Miller explains that fraud, unlike waste or abuse, involves intentional deception, and that agencies must shift from “trust but don’t verify” to “trust and verify,” especially as nation-state actors exploit systemic vulnerabilities.

Burris warns that legacy identity infrastructure and a reliance on post-payment “pay and chase” tactics are no longer sustainable. He calls for modern, preventative controls and real-time identity verification. Both panelists highlight how fraud exploded during the pandemic and continues to evolve. Agencies like SBA and GSA are making strides, but widespread change is still needed. They argue that investing in anti-fraud technologies is not just a necessity—it delivers measurable ROI.

• Identity verification is the top vulnerability exploited by fraudsters, including nation-state actors

• Agencies must move from reactive to proactive fraud prevention through modern controls and technology

• Programs at SBA and HHS demonstrate how investment in fraud prevention can save significant taxpayer dollars