This is historical material, "frozen in time."
The web site is no longer updated and links to external web sites and some internal pages will not work.
The A-102 Common Rule and OMB Circular A-110 require that non-Federal entities receiving Federal awards (e.g., auditee management) establish and maintain internal control designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. OMB Circular A-133 requires auditors to obtain an understanding of the non-Federal entity's internal control over Federal programs sufficient to plan the audit to support a low assessed level of control risk for major programs, plan the testing of internal control over major programs to support a low assessed level of control risk for the assertions relevant to the compliance requirements for each major program, and, unless internal control is likely to be ineffective, perform testing of internal control as planned.
This Part 6 is intended to assist non-Federal entities and their auditors in complying with these requirements by describing for each type of compliance requirement, the objectives of internal control, and certain characteristics of internal control that when present and operating effectively may ensure compliance with program requirements. However, the categorizations reflected in this Part 6 may not necessarily reflect how an entity considers and implements internal control. Also, this part is not a checklist of required internal control characteristics. Non-Federal entities could have adequate internal control even though some or all of the characteristics included in Part 6 are not present. Further, non-Federal entities could have other appropriate internal controls operating effectively that have not been included in this Part 6. Non-Federal entities and their auditors will need to exercise judgment in determining the most appropriate and cost effective internal control in a given environment or circumstance to provide reasonable assurance for compliance with Federal program requirements.
The objectives of internal control pertaining to the compliance requirements for Federal programs (Internal control over Federal Programs), as found in '____.105 of OMB Circular A-133, are as follows:
(1) Transactions are properly recorded and accounted for to:
(i) Permit the preparation of reliable financial statements and Federal reports;
(ii) Maintain accountability over assets; and
(iii) Demonstrate compliance with laws, regulations, and other compliance requirements;
(2) Transactions are executed in compliance with:
(i) Laws, regulations, and the provisions of contracts or grant agreements that could have a direct and material effect on a Federal program; and
(ii) Any other laws and regulations that are identified in the compliance supplements; and
(3) Funds, property, and other assets are safeguarded against loss from unauthorized use or disposition.
The characteristics of internal control are presented in the context of the components of internal control discussed in Internal Control-Integrated Framework (COSO Report), published by the Committee of Sponsoring Organizations of the Treadway Commission. The COSO Report provides a framework for organizations to design, implement, and evaluate control that will facilitate compliance with the requirements of Federal laws, regulations, and program compliance requirements. Statement on Auditing Standards No. 78 (SAS 78), Consideration of Internal Control in a Financial Statement Audit, issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) and a related AICPA audit guide, Consideration of Internal Control in a Financial Statement Audit, incorporate the components of internal control presented in the COSO Report.
This Part 6 describes characteristics of internal control relating to each of the five components of internal control that should reasonably assure compliance with the requirements of Federal laws, regulations, and program compliance requirements. A description of the components of internal control and examples of characteristics common to the 14 types of compliance requirements are listed below. Objectives of internal control and examples of characteristics specific to each of 13 of the 14 types of compliance requirements follow this introduction. (Because Special Tests and Provisions are unique for each program, we could not provide specific control objectives and characteristics for this type of compliance requirement.)
Control Environment sets the tone of an organization influencing the control consciousness of its people. It is the foundation for all other components of internal control, providing discipline and structure.
Sense of conducting operations ethically, as evidenced by a code of conduct or other verbal or written directive.
If there is a governing Board, the Board has established an Audit Committee or equivalent that is responsible for engaging the auditor, receiving all reports and communications from the auditor, and ensuring that audit findings and recommendations are adequately addressed.
Management's positive responsiveness to prior questioned costs and control recommendation.
Management's respect for and adherence to program compliance requirements.
Key managers' responsibilities clearly defined.
Key managers' have adequate knowledge and experience to discharge their responsibilities.
Staff knowledgeable about compliance requirements and being given responsibility to communicate all instances of noncompliance to management.
Management's commitment to competence ensures that staff receive adequate training to perform their duties.
Management's support of adequate information and reporting system.
Risk Assessment is the entity's identification and analysis of relevant risks to achievement of its objectives, forming a basis for determining how the risks should be managed.
Program managers and staff understand and have identified key compliance objectives.
Organizational structure provides identification of risks of noncompliance:
- Key managers have been given responsibility to identify and communicate changes.
- Employees who require close supervision (e.g. inexperienced) are identified.
- Management has identified and assessed complex operations, programs, or projects.
- Management is aware of results of monitoring, audits, and reviews and considers related risk of noncompliance.
Process established to implement changes in program objectives and procedures.
Control Activities are the policies and procedures that help ensure that management's directives are carried out.
Operating policies and procedures clearly written and communicated.
Procedures in place to implement changes in laws, regulations, guidance, and funding agreements affecting Federal awards.
Management prohibition against intervention or overriding established controls.
Adequate segregation of duties provided between performance, review, and recordkeeping of a task.
Computer and program controls should include:
- Data entry controls, e.g., edit checks.
- Exception reporting.
- Access controls.
- Reviews of input and output data.
- Computer general controls and security controls.
Supervision of employees commensurate with their level of competence.
Personnel with adequate knowledge and experience to discharge responsibilities.
Equipment, inventories, cash, and other assets secured physically and periodically counted and compared to recorded amounts.
If there is a governing Board, the Board conducts regular meetings where financial information is reviewed and the results of program activities and accomplishments are discussed. Written documentation is maintained of the matters addressed at such meetings.
Information and Communication are the identification, capture, and exchange of information in a form and time frame that enable people to carry out their responsibilities.
Accounting system provides for separate identification of Federal and non-Federal transactions and allocation of transactions applicable to both.
Adequate source documentation exists to support amounts and items reported.
Recordkeeping system is established to ensure that accounting records and documentation retained for the time period required by applicable requirements; such as the A-102 Common Rule ('____.42), OMB Circular A-110 ('____.53), and the provisions of laws, regulations, contracts or grant agreements applicable to the program.
Reports provided timely to managers for review and appropriate action.
Accurate information is accessible to those who need it.
Reconciliations and reviews ensure accuracy of reports.
Established internal and external communication channels.
- Staff meetings.
- Bulletin boards.
- Memos, circulation files, e-mail.
- Surveys, suggestion box.
Employees= duties and control responsibilities effectively communicated.
Channels of communication for people to report suspected improprieties established.
Actions taken as a result of communications received.
Established channels of communication between pass-through entity and subrecipients.
Monitoring is a process that assesses the quality of internal control performance over time.
Ongoing monitoring built-in through independent reconciliations, staff meeting feed back, rotating staff, supervisory review, and management review of reports.
Periodic site visits performed at decentralized locations (including subrecipients) and checks performed to determine whether procedures are being followed as intended.
Follow up on irregularities and deficiencies to determine the cause.
Internal quality control reviews performed.
Management meets with program monitors, auditors, and reviewers to evaluate the condition of the program and controls.
Internal audit routinely tests for compliance with Federal requirements.
If there is a governing Board, the Board reviews the results of all monitoring or audit reports and periodically assess the adequacy of corrective action.
A. ACTIVITIES ALLOWED OR UNALLOWED
and
B. ALLOWABLE COSTS/COST PRINCIPLES
Control Objectives
To provide reasonable assurance that Federal awards are expended only for allowable activities and that the costs of goods and services charged to Federal awards are allowable and in accordance with the applicable cost principles.
Control Environment
Management sets reasonable budgets for Federal and non-Federal programs so that no incentive exists to miscode expenditures.
Management enforces appropriate penalties for misappropriation or misuse of funds.
Organization-wide cognizance of need for separate identification of allowable Federal costs.
Management provides personnel approving and pre-auditing expenditures with a list of allowable and unallowable expenditures.
Risk Assessment
Process for assessing risks resulting from changes to cost accounting systems.
Key manager has a sufficient understanding of staff, processes, and controls to identify where unallowable activities or costs could be charged to a Federal program and not be detected.
Control Activities
Accountability provided for charges and costs between Federal and non-Federal activities.
Process in place for timely updating of procedures for changes in activities allowed and cost principles.
Computations checked for accuracy.
Supporting documentation compared to list of allowable and unallowable expenditures.
Adjustments to unallowable costs made where appropriate and follow-up action taken to determine the cause.
Adequate segregation of duties in review and authorization of costs.
Accountability for authorization is fixed in an individual who is knowledgeable of the requirements for determining activities allowed and allowable costs.
Information and Communication
Reports, such as a comparison of budget to actual provided to appropriate management for review on a timely basis.
Establishment of internal and external communication channels on activities and costs allowed.
Training programs, both formal and informal, provide knowledge and skills necessary to determine activities and costs allowed.
Interaction between management and staff regarding questionable costs.
Grant agreements (including referenced program laws, regulations, handbooks, etc.) and cost principles circulars available to staff responsible for determining activities allowed and allowable costs under Federal awards.
Monitoring
Management reviews supporting documentation of allowable cost information.
Flow of information from Federal agency to appropriate management personnel.
Comparisons made with budget and expectations of allowable costs.
Analytic reviews (e.g., comparison of budget to actual or prior year to current year) and audits performed.
C. CASH MANAGEMENT
Control Objectives
To provide reasonable assurance that the draw down of Federal cash is only for immediate needs, States comply with applicable Treasury agreements, and recipients limit payments to subrecipients to immediate cash needs.
Control Environment
Appropriate assignment of responsibility for approval of cash draw downs and payments to subrecipients.
Budgets for draw downs are consistent with realistic cash needs.
Risk Assessment
Mechanisms exist to anticipate, identify, and react to routine events that affect cash needs.
Routine assessment of adequacy of subrecipient cash needs.
Management has identified programs which receive cash advances and is aware of cash management requirements.
Control Activities
Cash flow statements by program are prepared to determine essential cash flow needs.
Accounting system is capable of scheduling payments for accounts payable and requests for funds from Treasury to avoid time lapse between draw down of funds and actual disbursements of funds.
Appropriate level of supervisory review of cash management activities.
Written policy that provides:
- Procedures for requesting cash advances as close as is administratively possible to actual cash outlays;
- Monitoring of cash management activities;
- Repayment of excess interest earnings where required.
For State programs subject to a Treasury-State agreement, a written policy exists which includes:
- Programs covered by the agreement;
- Methods of funding to be used;
- Method used to calculate interest; and,
- Procedures for determining check clearing patterns (if applicable for the funding method).
Information and Communication
Variance reporting of expected versus actual cash disbursements of Federal awards and draw downs of Federal funds.
Established channel of communication between pass-through entity and subrecipients regarding cash needs.
Monitoring
Periodic independent evaluation (e.g. by internal audit, top management) of entity cash management, budget and actual results, repayment of excess interest earnings, and Federal draw down activities.
Subrecipients requests for Federal funds are evaluated.
Review of compliance with Treasury-State agreements.
D. DAVIS-BACON ACT
Control Objectives
To provide reasonable assurance that contractors and subcontractors paid prevailing wage rates for projects covered by the Davis-Bacon Act.
Control Environment
Management understands and communicates to staff, contractors, and subcontractors the requirements to pay wages in accordance with the Davis-Bacon Act.
Management understands its responsibility for monitoring compliance.
Risk Assessment
Mechanisms in place to identify contractors and subcontractors most at risk of not paying the prevailing wage rates.
Management identified how compliance will be monitored and the related risks of failure to monitor for compliance with Davis-Bacon Act.
Control Activities
Contractors informed in the procurement documents of the requirements for prevailing wage rates.
Contractors and subcontractors required to submit certifications and copies of payrolls which meet the requirements to pay prevailing wage rates.
Contractors= and subcontractors= payrolls monitored for compliance with prevailing wage rates.
Information and Communication
Prevailing wage rates are appropriately communicated.
Reports provide sufficient information to determine if requirements are being met.
Channels are established for staff, contractors, and workers to report misclassifications or failure to pay prevailing wages.
Monitoring
Management reviews to ensure that contractors and subcontractors are being required to pay prevailing wage rates.
On-site visits are performed to monitor classifications and wage rates.
Monitoring reports from contractors are compared to independent checks.
E. ELIGIBILITY
Control Objectives
To provide reasonable assurance that only eligible individuals and organizations receive assistance under Federal award programs, that subawards are made only to eligible subrecipients, and that amounts provided to or on behalf of eligibles were calculated in accordance with program requirements.
Control Environment
Staff size and competence provides for proper making of eligibility determinations.
Realistic caseload/performance targets established for eligibility determinations.
Lines of authority clear for determining eligibility.
Risk Assessment
Identification of risk that eligibility information prepared internally or received from external sources could be incorrect.
Conflict-of-interest statements are maintained for individuals who determine eligibility.
Process for assessing risks resulting from changes to eligibility determination systems.
Control Activities
Written policies provide direction for making and documenting eligibility determinations.
Procedures to calculate eligibility amounts consistent with program requirements.
Eligibility objectives and procedures clearly communicated to employees.
Authorized signatures (manual or electronic) on eligibility documents periodically reviewed.
Access to eligibility records limited to appropriate persons.
Manual criteria checklists or automated process used in making eligibility determinations.
Process for periodic eligibility re-determinations in accordance with program requirements.
Verification of accuracy of information used in eligibility determinations.
Procedures to ensure the accuracy and completeness of data used to determine eligibility requirements.
Information and Communication
Information system meets needs of eligibility decisionmakers and program management.
Processing of eligibility information subject to edit checks and balancing procedures.
Training programs inform employees of eligibility requirements.
Channels of communication exist for people to report suspected eligibility improprieties.
Management receptive to suggestions to strengthen eligibility determination process.
Documentation of eligibility determinations in accordance with program requirements.
Monitoring
Periodic analytical reviews of eligibility determinations performed by management.
Program quality control procedures performed.
Periodic audits of detailed transactions.
F. EQUIPMENT AND REAL PROPERTY MANAGEMENT
Control Objectives
To provide reasonable assurance that proper records are maintained for equipment acquired with Federal awards, equipment is adequately safeguarded and maintained, disposition or encumbrance of any equipment or real property is in accordance with Federal requirements, and the Federal awarding agency is appropriately compensated for its share of any property sold or converted to non-Federal use.
Control Environment
Management committed to providing proper stewardship for property acquired with Federal awards.
No incentives exist to under-value assets at time of disposition.
Sufficient accountability exists to discourage temptation of misuse of Federal assets.
Risk Assessment
Procedures to identify risk of misappropriation or improper disposition of property acquired with Federal awards.
Management understands requirements and operations sufficiently to identify potential areas of noncompliance (e.g., decentralized locations, departments with budget constraints, transfers of assets between departments).
Control Activities
Accurate records maintained on all acquisitions and dispositions of property acquired with Federal awards.
Property tags are placed on equipment.
A physical inventory of equipment is periodically taken and compared to property records.
Property records contain description (including serial number or other identification number), source, who holds title, acquisition date and cost, percentage of Federal participation in the cost, location, condition, and disposition data.
Procedures established to ensure that the Federal awarding agency is appropriately reimbursed for dispositions of property acquired with Federal awards.
Policies and procedures in place for responsibilities of recordkeeping and authorities for disposition.
Information and Communication
Accounting system provides for separate identification of property acquired wholly or partly with Federal funds and with non-Federal funds.
A channel of communication exists for people to report suspected improprieties in the use or disposition of equipment.
Program managers are provided with applicable requirements and guidelines.
Monitoring
Management reviews the results of periodic inventories and follows up on inventory discrepancies.
Management reviews dispositions of property to ensure appropriate valuation and reimbursement to Federal awarding agencies.
G. MATCHING, LEVEL OF EFFORT, EARMARKING
Control Objectives
To provide reasonable assurance that matching, level of effort, or earmarking requirements are met using only allowable funds or costs which are properly calculated and valued.
Control Environment
Commitment from management to meet matching, level of effort, and earmarking requirements (e.g., adequate budget resources to meet a specified matching requirement or maintain a required level of effort).
Budgeting process addresses/provides adequate resources to meet matching, level of effort, or earmarking goals.
Official written policy exists outlining:
- Responsibilities for determining required amounts or limits for matching, level of effort, or earmarking.
- Methods of valuing matching requirements, e.g., "in-kind" contributions of property and services, calculations of levels of effort.
- Allowable costs that may be claimed for matching, level of effort, or earmarking.
- Methods of accounting for and documenting amounts used to calculate amounts claimed for matching, level of effort, or earmarking.
Risk Assessment
Identification of areas where estimated values will be used for matching, level of effort, or earmarking.
Management has sufficient understanding of the accounting system to identify potential recording problems.
Control Activities
Evidence obtained such as a certification from the donor, or other procedures performed to identify whether matching contributions:
- Are from non-Federal sources.
- Involve Federal funding, directly or indirectly.
- Were used for another federally-assisted program.
Note: Generally, matching contributions must be from a non-Federal source and may not involve Federal funding or be used for another federally-assisted program.
Adequate review of monthly cost reports and adjusting entries.
Information and Communication
Accounting system capable of:
- Separately accounting for data used to support matching, level of effort, or earmarking amounts or limits or calculations.
- Ensuring that expenditures or expenses, refunds, and cash receipts or revenues are properly classified and recorded only once as to their effect on matching, level of effort, or earmarking.
- Documenting the value of "in-kind" contributions of property or services, including:
-- Basis for local labor market rates for valuing volunteer services.
-- Payroll records or confirmation from other organizations for services provided by their employees.
-- Quotes, published prices, or independent appraisals used as the basis for donated equipment, supplies, land, buildings, or use of space.
Monitoring
Supervisory review of matching, level of effort, or earmarking activities performed to assess the accuracy and allowability of transactions and determinations, e.g., at the time reports on Federal awards are prepared.
H. PERIOD OF AVAILABILITY OF FEDERAL FUNDS
Control Objectives
To provide reasonable assurance that Federal funds are used only during the authorized period of availability.
Control Environment
Management understands and is committed to complying with period of availability requirements.
Entity's operations are such that it is unlikely there will be Federal funds remaining at the end of the period of availability.
Risk Assessment
The budgetary process considers period of availability of Federal funds as to both obligation and disbursement.
Identification and communication of period of availability cut-off requirements as to both obligation and disbursement.
Control Activities
Accounting system prevents obligation or expenditure of Federal funds outside of the period of availability.
Review of disbursements by person knowledgeable of period of availability of funds.
End of grant period cut-offs are met by such mechanisms as advising program managers of impending cut-off dates and review of expenditures just before and after cut-off date.
Cancellation of unliquidated commitments at the end of the period of availability.
Information and Communication
Timely communication of period of availability requirements and expenditure deadlines to individuals responsible for program expenditure, including automated notifications of pending deadlines.
Periodic reporting of unliquidated balances to appropriate levels of management and follow up.
Monitoring
Periodic review of expenditures before and after cut-off date to ensure compliance with period of availability requirements.
Review by management of reports showing budget and actual for period.
I. PROCUREMENT AND SUSPENSION DEBARMENT
Control Objectives
To provide reasonable assurance that procurement of goods and services are made in compliance with the provisions of the A-102 Common Rule or OMB Circular A-110, as applicable, and that no subaward, contract, or agreement for purchases of goods or services is made with any debarred or suspended party.
Control Environment
Existence and implementation of codes of conduct and other policies regarding acceptable practice, conflicts-of-interest, or expected standards of ethical and moral behavior for making procurements.
Procurement manual that incorporated Federal requirements.
Absence of pressure to meet unrealistic procurement performance targets.
Management=s prohibition against intervention or overriding established procurement controls.
Board or governing body oversight required for high dollar, lengthy, or other sensitive procurement contracts.
Adequate knowledge and experience of key procurement managers in light of responsibilities for procurements for Federal awards.
Clear assignment of authority for issuing purchasing orders and contracting for goods and services.
Risk Assessment
Procedures to identify risks arising from vendor inadequacy, e.g., quality of goods and services, delivery schedules, warranty assurances, user support.
Procedures established to identify risks arising from conflicts-of-interest, e.g., kickbacks, related party transactions, bribery.
Management understands the requirements for procurement and suspension and debarment, and, given the organization's staff, departments, and processes, has identified where noncompliance could likely occur.
Conflict-of-interest statements are maintained for individuals with responsibility for procurement of goods or services.
Control Activities
Job descriptions or other means of defining tasks that comprise particular procurement jobs.
Contractor's performance with the terms, conditions, and specifications of the contract is monitored and documented.
Establish segregation of duties between employees responsible for contracting and accounts payable and cash disbursing.
Procurement actions appropriately documented in the procurement files.
Supervisors review procurement and contracting decisions for compliance with Federal procurement policies.
Procedures established to verify that vendors providing goods and services under the award have not been suspended or debarred by the Federal Government.
Official written policy for procurement and contracts establishing:
- Contract files that document significant procurement history.
- Methods of procurement, authorized including selection of contract type, contractor selection or rejection, and the basis of contract price.
- Verification that procurements provide full and open competition.
- Requirements for cost or price analysis, including for contract modifications.
- Obtaining and reacting to suspension and debarment certifications.
- Other applicable requirements for procurements under Federal awards are followed.
Official written policy for suspension and debarments that:
- Contains or references the Federal requirements;
- Prohibits the award of a subaward, covered contract, or any other covered agreement for program administration, goods, services, or any other program purpose with any suspended or debarred party; and
- Requires staff to obtain certifications from entities receiving subawards (contract and subcontract) over $100,000, certifying that the organization and its principals are not suspended or debarred.
Information and Communication
A system in place to assure that procurement documentation is retained for the time period required by the A-102 Common Rule, OMB Circular A-110, award agreements, contracts, and program regulations. Documentation includes:
- The basis for contractor selection;
- Justification for lack of competition when competitive bids or offers are not obtained; and
- The basis for award cost or price.
Employees= procurement duties and control responsibilities are effectively communicated.
Procurement staff are provided a current List of Parties Excluded from Federal Procurement or Nonprocurement Programs, issued by the General Services Administration, or have on-line access.
Channels of communication are provided for people to report suspected procurement and contracting improprieties.
Monitoring
Management periodically conducts independent reviews of procurements and contracting activities to determine whether policies and procedures are being followed as intended.
J. PROGRAM INCOME
Control Objectives
To provide reasonable assurance that program income is correctly earned, recorded, and used in accordance with the program requirements.
Control Environment
Management recognizes its responsibilities for program income.
Management's prohibition against intervention or overriding controls over program income.
Realistic performance targets for the generation of program income.
Risk Assessment
Mechanisms in place to identify the risk of unrecorded or mis-coded program income.
Variances between expected and actual income analyzed.
Control Activities
Pricing and collection policies procedures clearly communicated to personnel responsible for program income.
Mechanism in place to ensure that program income is properly recorded as earned and deposited in the bank as collected.
Policies and procedures provide for correct use of program income in accordance with Federal program requirements.
Information and Communication
Information systems identify program income collections and usage.
A channel of communication for people to report suspected improprieties in the collection or use of program income.
Monitoring
Internal audit of program income.
Management compares program income to budget and investigates significant differences.
K. REAL PROPERTY ACQUISITION AND
RELOCATION ASSISTANCE
Control Objectives
To provide reasonable assurance of compliance with the real property acquisition, appraisal, negotiation, and relocation requirements.
Control Environment
Management committed to ensuring compliance with the Uniform Relocation Assistance and Real Property Acquisition Policies Act of 1970, as amended (URA).
Written policies exist for handling relocation assistance and real property acquisition.
Risk Assessment
Identification of risk that relocation will not be conducted in accordance with the URA, e.g., improper payments will be made to individuals or businesses that relocate.
Control Activities
Employees handling relocation assistance and real property acquisition have been trained in the requirements of the URA.
Review of expenditures pertaining to real property acquisition and relocation assistance by employees knowledgeable in the URA.
Information and Communication
A system is in place to adequately document relocation assistance and real property acquisition.
Monitoring
Management monitors relocation assistance and real property acquisition for compliance with the URA.
L. REPORTING
Control Objectives
To provide reasonable assurance that reports of Federal awards submitted to the Federal awarding agency or pass-through entity include all activity of the reporting period, are supported by underlying accounting or performance records, and are fairly presented in accordance with program requirements.
Control Environment
Persons preparing, reviewing, and approving the reports possess the required knowledge, skills, and abilities.
Management's attitude toward reporting promotes accurate and fair presentation.
Appropriate assignment of responsibility and delegation of authority for reporting decisions.
Risk Management
Mechanisms exist to identify risks of faulty reporting caused by such items as lack of current knowledge of, inconsistent application of, or carelessness or disregard for standards and reporting requirements of Federal awards.
Identification of underlying source data or analysis for performance or special reporting that may not be reliable.
Control Activities
Written policy exists that establishes responsibility and provides the procedures for periodic monitoring, verification, and reporting of program progress and accomplishments.
Tracking system which reminds staff when reports are due.
The general ledger or other reliable records are the basis for the reports.
Supervisory review of reports performed to assure accuracy and completeness of data and information included in the reports.
The required accounting method is used (e.g., cash or accrual).
Information and Communication
An accounting or information system that provides for the reliable processing of financial and performance information for Federal awards.
Monitoring
Communications from external parties corroborate information included in the reports for Federal awards.
Periodic comparison of reports to supporting records.
M. SUBRECIPIENT MONITORING
Control Objectives
To provide reasonable assurance that Federal award information and compliance requirements are identified to subrecipients, subrecipient activities are monitored, subrecipient audit findings are resolved, and the impact of any subrecipient noncompliance on the pass-through entity is evaluated. Also, the pass-through entity should perform procedures to provide reasonable assurance that the subrecipient obtained required audits and takes appropriate corrective action on audit findings.
Control Environment
Establishment of "tone at the top" of management=s commitment to monitoring subrecipients.
Management=s intolerance of overriding established procedures to monitor subrecipients.
Entity=s organizational structure and its ability to provide the necessary information flow to monitor subrecipients is adequate.
Sufficient resources dedicated to subrecipient monitoring.
Knowledge, skills, and abilities needed to accomplish subrecipient monitoring tasks defined.
Individuals performing subrecipient monitoring possess knowledge skills and abilities required.
Subrecipients demonstrate that:
- They are willing and able to comply with the requirements of the award and
- They have accounting systems, including the use of applicable cost principles, and internal control systems adequate to administer the award.
Appropriate sanctions taken for subrecipient noncompliance.
Risk Assessment
Key managers understand the subrecipient's environment, systems, and controls sufficient to identify the level and methods of monitoring required.
Mechanisms exist to identify risks arising from external sources affecting subrecipients, such as risks related to:
- Economic conditions.
- Political conditions.
- Regulatory changes.
- Unreliable information.
Mechanisms exist to identify and react to changes in subrecipients, such as:
- Financial problems that could lead to diversion of grant funds.
- Loss of essential personnel.
- Loss of license or accreditation to operate program.
- Rapid growth.
- New activities, products, or services.
- Organizational restructuring.
Control Activities
Identify to subrecipients the Federal award information (e.g., CFDA title and number, award name, name of Federal agency, amount of award) and applicable compliance requirements.
Include in agreements with subrecipients the requirement to comply with the compliance requirements applicable to the Federal program including the audit requirements of OMB Circular A-133.
Subrecipient's compliance with audit requirements monitored using techniques such as the following:
- Determining by inquiry and discussions whether subrecipient met thresholds requiring an audit under OMB Circular A-133.
- If an audit is required, assuring that the subrecipient submits the report, report package or the documents required by OMB circulars and/or recipient's requirements.
- If a subrecipient was required to obtain an audit in accordance with OMB Circular A-133 but did not do so, following up with the subrecipient until the audit is completed. Taking appropriate actions such as withholding further funding until the subrecipient meets the audit requirements.
Subrecipient's compliance with Federal program requirements monitored using such techniques as the following:
- Issuing timely management decisions for audit and monitoring findings to inform the subrecipient whether the corrective action planned is acceptable.
- Maintain a system to track and following-up on reported deficiencies related to programs funded by the recipient and ensure that timely corrective action is taken.
- Regular contacts with subecipients and appropriate inquiries concerning the Federal program
- Reviewing subrecipient reports and following-up on areas of concern.
- Monitoring subrecipient budgets.
- Performing site visits to subrecipient to review financial and programmatic records and observe operations.
- Offering subrecipients technical assistance where needed.
Official written policies and procedures exist establishing:
- Communication of Federal award requirements to subrecipients.
- Responsibilities for monitoring subrecipients.
- Process and procedures for monitoring.
- Methodology for resolving findings of subrecipient noncompliance or weaknesses in internal control.
- Requirements for and processing of subrecipient audits, including appropriate adjustment of pass-through entity=s accounts.
Information and Communication
Standard award documents used by the non-Federal entity contain:
- A listing of Federal requirements that the subrecipient must follow. Items can be specifically listed in the award document, attached as an exhibit to the document, or incorporated by reference to specific criteria.
- The description and program number for each program as stated in the Catalog of Federal Domestic Assistance (CFDA). If the program funds include pass-through funds from another recipient, the pass-through program information should also be identified.
- A statement signed by an official of the subrecipient, stating that the subrecipient was informed of, understands, and agrees to comply with the applicable compliance requirements.
A recordkeeping system is in place to assure that documentation is retained for the time period required by the recipient.
Procedures are in place to provide channels for subrecipients to communicate concerns to the pass-through entity.
Monitoring
Establish a tracking system to assure timely submission of required reporting, such as: financial reports, performance reports, audit reports, on-site monitoring reviews of subrecipients, and timely resolution of audit findings.
Supervisory reviews performed to determine the adequacy of subrecipient monitoring.