Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter I – Office of Management and Budget Government-Wide Guidance for Federal Financial Assistance. Part 170 – Reporting Subaward and Executive Compensation Information. Subpart A – General. § 170.100 Purpose of this part This part provides guidance to Federal agencies on establishing requirements for recipients of Federal awards to report information on subawards and executive total compensation, as required by the Federal Funding Accountability and Transparency Act of 2006 (Pub. L. 109-282), as amended by the Digital Accountability and Transparency Act of 2014 (Pub. L. 113-101) and other Public Laws, hereafter referred to as the “Transparency Act.” § 170.105 Applicability. (a) Applicability in general. This part applies to a Federal agency’s Federal financial assistance as defined in § 170.300. This part applies to all recipients and subrecipients of Federal awards who meet the reporting requirements of paragraph (c) of this section, unless exempt under Federal statute or by paragraph (d) of this section. (b) Non-applicability to individuals. This part does not apply to an individual who applies for or receives Federal financial assistance as a natural person (that is, unrelated to any business or nonprofit organization an individual owns or operates). (c) Reporting Requirements. 1) The names and total compensation of an entity’s five most highly compensated executives must be reported if: a) In the entity’s preceding fiscal year, it received: i) 80 percent or more of its annual gross revenue in Federal procurement contracts (and subcontracts) and Federal awards (and subawards) subject to the Transparency Act, as defined at §170.300; and ii) $25,000,000 or more in annual gross revenue from Federal procurement contracts (and subcontracts) and Federal awards (and subawards) subject to the Transparency Act, as defined at §170.300; and b) The public does not have access to information about the compensation of senior executives of the entity through periodic reports filed under section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C. 78m(a), 78o(d)) or section 6104 of the Internal Revenue Code of 1986. Appendix A to Part 170 — Award Term. I. Reporting Subawards and Executive Compensation (2 CFR 170): (a)(2) Reporting Requirements. (i) The recipient must report each subaward described in paragraph (a)(1) of this award term to the Federal Funding Accountability and Transparency Act Subaward Reporting System (FSRS) at http://www.fsrs.gov. (ii) For subaward information, report no later than the end of the month following the month in which the subaward was issued. (b)(2) Reporting Requirements. (i) As part of the recipient’s registration profile at https://www.sam.gov. (ii) No later than the month following the month in which this Federal award is made, and annually after that. Condition: Audit procedures included a review of 60 FFATA reporting submissions associated with subrecipients. During this review, we assessed compliance with federal reporting requirements and evaluated the adequacy of internal controls over the FFATA reporting process. Of the 60 subrecipients examined, we identified that FFATA reporting was not performed for 59 subrecipients. The audit procedures also identified a lack of effective internal controls to ensure timely and accurate reporting, as there were no documented procedures or monitoring mechanisms in place to verify that subrecipient data was submitted in accordance with federal guidelines. Questioned costs: None Context: See “Condition.” Cause: Procedures to perform the required FFATA reporting were not established by the Department. The absence of documented policies, assigned responsibilities, and monitoring mechanisms create an environment which may result in noncompliance with federal reporting. Effect: The lack of established procedures and internal controls for FFATA reporting resulted in noncompliance, with 59 out of 60 subrecipients not reported as required. Repeat Finding: This is not a repeat finding. Recommendation: The Department should implement and robust process and related internal controls to ensure timely and accurate FFATA reporting. These controls should include developing written policies and procedures that outline the steps for collecting subrecipient data, preparing reports, and submitting them within required timelines; assigning accountability by designating specific personnel responsible for compliance; and implementing a monitoring and review process to verify completion and accuracy of reporting. Additionally, training programs should be established to ensure staff understand reporting requirements, and automated tracking tools or checklists should be utilized to provide transparency and reduce the risk of missed submissions. By introducing these internal controls, the Department can strengthen its compliance framework, mitigate the risk of federal funding repercussions, and enhance overall operational integrity. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: Audit procedures included a review of 54 Form 9130 reports for administrative expenses and noted that none of the reports agreed to the Administrative Fund (870) general ledger. The total variance observed was $126,353,070. The audit procedures also identified a lack of effective internal controls to ensure timely and accurate reporting, as there were no documented procedures or monitoring mechanisms in place to verify that subrecipient data was submitted in accordance with federal guidelines. Questioned costs: None Context: See “Condition.” Cause: The discrepancy occurred because there is no formal reconciliation process between Form 9130 administrative expense reports and the Administrative Fund (870) general ledger. Additionally, roles and responsibilities for validating report accuracy are not clearly defined. Effect: The lack of a reconciliation process between Form 9130 reports and the Administrative Fund (870) general ledger may lead to inaccurate reporting. Repeat Finding: This is not a repeat finding. Recommendation: Management should establish a formal reconciliation process to ensure that Form 9130 administrative expense reports align with the Administrative Fund (870) general ledger. This process should include assigning responsibility to a designated finance team member for performing and documenting reconciliations, implementing a monthly reconciliation schedule, and promptly investigating and resolving any variances with documented approvals. Additionally, financial reporting policies should be updated to incorporate reconciliation requirements, and staff should receive training on compliance and reconciliation procedures to strengthen internal controls and reduce the risk of reporting inaccuracies. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 20 – Employees’ Benefits. Chapter V – Employment and Training Administration, Department of Labor. Part 614 – Extended Benefits in the Federal-State Unemployment Compensation Program. Subpart B – Administration of Extended Benefits Program. § 614.11 Determinations of eligibility; notices to individuals (20 CFR 614.11): (f) Application of State law. (1) Except as indicated in paragraph (a) of this section, any provision of State law that may be applied for the recovery of overpayments or prosecution for fraud, and any provision of State law authorizing waiver of recovery of overpayments of unemployment compensation, shall be applicable to UCX. (2) In the case of any finding of false statement of representation under the Act and paragraph (a) of this section, or prosecution for fraud under 18 U.S.C. 1919 or pursuant to paragraph (f)(1) of this section, the individual shall be disqualified or penalized in accordance with the provision of the applicable State law relating to fraud in connection with a claim for State unemployment compensation. Condition: Audit procedures included a review of 60 beneficiary overpayments. Of the sample examined, we identified that one claimant voluntarily quit employment and did not demonstrate that the separation was necessary or that all reasonable alternatives were explored prior to quitting. Under applicable regulations, this disqualifies the claimant from receiving unemployment benefits and a penalty should have been assessed. However, no disqualification penalty was applied to the claimant’s benefits. The audit procedures also identified a lack of effective internal controls to ensure timely and accurate reporting, as there were no documented procedures or monitoring mechanisms in place to verify that subrecipient data was submitted in accordance with federal guidelines. Questioned costs: None Context: See “Condition.” Cause: Procedures to ensure that all applicable penalties and assessments are applied were not sufficiently detailed or comprehensive to guarantee consistent enforcement of program requirements. Effect: The lack of established procedures and internal controls overpayment penalties resulted in noncompliance, with one out of 60 overpayments lacking appropriate penalties. Repeat Finding: This is not a repeat finding. Recommendation: We recommend that the Department implement and strengthen internal controls over the application of penalties. This includes enhancing current procedures to outline the steps for reviewing claimant eligibility and applying disqualification penalties. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR 200.303(a), California Department of Transportation (Caltrans) must establish and maintain effective internal control over the Federal award that provides reasonable assurance that it is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in the “Internal Control Integrated Framework” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The process for establishing funding priorities in the financial system lacks sufficient controls to ensure accurate application of required federal and state match percentages. During testing, we noted that when a new funding priority was created, the state match requirement was not properly carried forward, resulting in the federal share being incorrectly set at 100%. Questioned costs: None Context: See “Condition.” Cause: The error occurred due to insufficient validation procedures and system checks during the setup of new funding priorities. Effect: Failure to meet matching requirements may result in a reduction in federal funding. Furthermore, failure to calculate, review, and approve final matching expenditures may lead to noncompliance with the terms of the grant and questioned costs. Repeat Finding: This is not a repeat finding. Recommendation: We recommend management strengthen internal controls over funding priority setup by implementing system validations and requiring independent review to confirm that federal and state match percentages are accurately applied before finalizing funding configurations. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR 200.303(a), California Department of Transportation (Caltrans) must establish and maintain effective internal control over the Federal award that provides reasonable assurance that it is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in the “Internal Control Integrated Framework” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Per 2 CFR section 200.332(a), all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes certain information at the time of the subaward and if any of these data elements change, include the changes in the subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes identification of the (ii) Subrecipient's unique entity identifier. (iii) Federal Award Identification Number (FAIN) (xiii) Identification of whether the Federal award is for research and development. Condition: Audit procedures included a review of a sample of subrecipient contracts for required information with the following results noted. For 60 of 60 samples, the contract did not include neither Subrecipients unique entity identifier, Federal Award Identification Number (FAIN), nor the identification of whether the Federal award is for research and development. Questioned costs: None Context: See “Condition.” Cause: Current internal controls in place to ensure a review of subaward agreements is taking place to verify that all required elements are included per 2 CFR 200 §200.332 are not being done correctly. Effect: Providing incomplete information to subrecipients may result in inaccurate reporting by the subrecipients and ultimately by Caltrans. Repeat Finding: This was reported in the previous year as finding 2023-006. Recommendation: We recommend management enhance existing controls around the review of all subaward agreements to ensure that all pass-through agreements include each of the required elements by 2 CFR §200.332. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR section 200.303(a), California Department of Technology (CDT) and State Water Resources Control Board (SWRCB) must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The California Department of Finance (CDOF) is the prime recipient of federal funds awarded from the Department of Treasury for this program. Each quarter, CDOF requires all state agencies that received pass-through awards to report their obligations and expenditures through a dedicated portal. These reported amounts are then compiled into the Statewide Project and Expenditure Report, which CDOF submits to the Department of the Treasury. The reconcilers include key line items with critical information as follows: • Current period obligations • Cumulative obligations • Current period expenditures • Cumulative expenditures Condition: Audit procedures included testing of two quarters of the Project and Expenditure Report for each Department that were submitted for expenditures for the fiscal year. During our testing, we noted the following: • There was no evidence of review and approval of the reported amounts prior to submission to the Department of Finance at CDT for both quarters reviewed. • There was no evidence of review and approval of the reported amounts prior to submission to CDOF for quarter two ending December 2023 for SWRCB Questioned costs: None Context: See “Condition.” Cause: Employees who were responsible for the approvals are no longer employed at CDT. Management was unable to locate documentation that would support the review and approval of reports. During the reporting period, SWRCB used an informal, verbal process to approve report amounts prior to submission in the CDOF portal. Effect: Improperly designed internal controls over reporting may result in a misstatement of amounts reported on federal reports. In addition, failure to maintain adequate documentation pertinent to a federal award may result in noncompliance with grant terms and conditions. Repeat Finding: This is not a repeat finding. Recommendation: We recommend CDT and SWRCB enforce establish document retention processes to ensure it has access to documentation for review in the event of management turnover. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter I – Office of Management and Budget Government-Wide Guidance for Grants and Agreements. Part 180 – OMB Guidelines to Agencies on Government-Wide Debarment and Suspension (Non-procurement). Subpart C – Responsibilities of Participants Regarding Transactions Doing Business With Other Persons §180.300 (2 CFR 180.300): When you enter into a covered transaction with another person at the next lower tier, you must verify that the person with whom you intend to do business is not excluded or disqualified. You may do this by: (a) Checking SAM Exclusions; or (b) Collecting a certification from that person; or (c) Adding a clause or a condition to the covered transactions with that person. Condition: We noted that 25 out of the 32 vendor contract agreements reviewed did not include a suspension and debarment certification clause indicating the contractor was not suspended or debarred from participation in federally funded contracts. There was no other documentation available to demonstrate that the verification of suspension and debarment was performed prior to entering into the covered transactions. Based on the subsequent review of the System for Award Management (SAM) exclusions, these contractors were not suspended or debarred. Questioned costs: None Context: See “Condition.” Cause: The ELC program personnel responsible for administering these federal funds were unaware of the suspension and debarment requirements. Effect: Failure to verify suspension and debarment results in noncompliance with 2 CFR §180.300, as well as a risk that federal funds could be used to pay vendors that are suspended or debarred. Repeat Finding: This was reported in the previous year as finding 2023-008. Recommendation: Public Health should review and strengthen its procedures for verifying the suspension and debarment status of vendors before entering into any agreement involving federal funds and ensure that the verification documentation is maintained. Alternatively, incorporate a clause in vendor contracts requiring vendors to certify their suspension or debarment status. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR section 200.303(a), the Department must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. §200.332 Requirements for pass-through entities (2 CFR 200.332): All pass-through entities must: (a) Verify that the subrecipient is not excluded or disqualified in accordance with §180.300. Verification methods are provided in §180.300, which include confirming in SAM.gov that a potential subrecipient is not suspended, debarred, or otherwise excluded from receiving Federal funds. (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. 1) Federal award identification. a) Subrecipient name (which must match the name associated with its unique entity identifier); b) Subrecipient’s unique entity identifier; c) Federal Award Identification Number (FAIN); d) Federal Award Date (see the definition of Federal award date in § 200.1 of this part) of award to the recipient by the Federal agency; e) Subaward Period of Performance Start and End Date; f) Subaward Budget Period Start and End Date; g) Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; h) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; i) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; j) Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); k) Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; l) Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement; m) Identification of whether the award is R&D; and n) Indirect cost rate for the Federal award (including if the de minimis rate is charged) per §200.414. (c) Evaluate each subrecipient’s fraud risk and risk of noncompliance with a subaward to determine the appropriate subrecipient monitoring described in paragraphs (f) of this section. When evaluating a subrecipient’s risk, a passthrough entity should consider the following: 1) The subrecipient’s prior experience with the same or similar subawards: 2) The results of previous audits. This includes considering whether or not the subrecipient receives a Single Audit in accordance with Subpart F and the extent to which the same or similar subawards have been audited as a major program; 3) Whether the subrecipient has new personnel or new or substantially changed systems; and 4) The extent and results of Federal agency monitoring (for example, if the subrecipient also receives Federal awards directly from the Federal agency). Condition: Public Health established a formal risk assessment process over its subrecipients of federal awards by which to determine the frequency and extent of subrecipient monitoring to be performed, however the process was established after the period under audit and applied prospectively. In addition, Public Health used a Department Allocation Letter (DAL) for the COVID-19 program instead of an agreement or contract for the subaward to subrecipients. Certain required information for the subaward federal award information such as Assistance Listings number and Title and Federal Award Identification Number (FAIN) were not clearly identified in the DAL. Questioned costs: None Context: See “Condition.” Cause: Procedures to ensure that all relevant information is included in the grant agreements and risk assessments are performed were not in place at the time of the agreements which resulted in the oversight. Effect: By not properly evaluating the risk of noncompliance, Public Health may inadvertently award grant funds to subrecipients who lack the necessary mechanisms or understanding to comply with federal statutes. This increases the likelihood of noncompliance arising during the performance of the grant-funded activities. Furthermore, failure to provide the necessary documentation to subrecipients may result in misuse or misreporting of funding. Repeat Finding: This was reported in the previous year as finding 2023-009. Recommendation: Public Health should ensure every subaward includes all requirements imposed on the subrecipient so that the federal award is used in accordance with Federal statutes, regulations and the terms and conditions of the federal award. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR 200.303(a), California Department of Health Care Services (CDHCS) must establish and maintain effective internal control over the Federal award that provides reasonable assurance that it is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in the “Internal Control Integrated Framework” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: Audit procedures included a review of 40 CHIP beneficiaries associated with current eligible participants. Of the 40 participants, we identified one beneficiary coded erroneously to an obsolete aid code. Although participation appears to meet the criteria for eligibility, the aid code is used in the determination of the rates paid and therefore payments for this participant were paid at an incorrect rate. Questioned costs: $15,524,158 (known costs $332.64) Context: See “Condition.” Cause: The exceptions noted were due to a lack of system interface issue between CalSAWS and MEDS for aid codes that have been discontinued and a subsequent review was not completed. Effect: Failure to properly terminate benefits in the eligibility system resulted in individuals receiving improper benefit payments and noncompliance with grant award terms and conditions. Repeat Finding: This was reported in the previous year as finding 2023-015. Recommendation: CDHCS should enforce existing application processing procedures to ensure all applications are reviewed and an eligibility determination is made within the required timeline. Additionally, DHCS should conduct periodic reviews of aid code usage to ensure obsolete codes are not being applied. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR 200.303(a), California Department of Health Care Services (CDHCS) must establish and maintain effective internal control over the Federal award that provides reasonable assurance that it is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in the “Internal Control Integrated Framework” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Per 42 CFR 435.912, state Medicaid agencies must establish and adhere to timeliness and performance standards for determining and redetermining eligibility. These standards are intended to ensure that eligibility decisions are made promptly and accurately, and that benefits are not continued beyond the period of eligibility. Condition: Audit procedures included a review of 60 Medicaid beneficiaries associated with current eligible participants. Of the 60 participants, we identified two beneficiaries for which were considered eligible based on a pregnancy aid code, however the participants were no longer pregnant at the time of testing. Questioned costs: None. Context: See “Condition.” Cause: The exceptions noted were due to a system interface issue between CalSAWS and MEDS. The termination of Medicaid benefits was not properly registered in MEDS after the case was closed in CalSAWS for failure to complete the annual redetermination. Effect: Failure to properly terminate benefits in the eligibility system may result in individuals receiving improper benefit payments and noncompliance with grant award terms and conditions. Repeat Finding: This is not a repeat finding. Recommendation: CDHCS should enhance its procedures for monitoring and resolving MEDS alerts, ensuring timely review and action on system-generated discrepancies. Additionally, staff should receive ongoing training on the importance of accurately updating pregnancy end dates in CalSAWS to ensure proper aid code closure and prevent inappropriate continuation of benefits. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR 200.303(a), Health and Human Services Commission (HHSC) must establish and maintain effective internal control over the Federal award that provides reasonable assurance that it is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in the “Internal Control Integrated Framework” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: During our audit procedures, we reviewed 60 CMS Form 1539 documents related to provider recertification under the Medicaid program. We identified that three forms were not reviewed or signed by Public Health, indicating a breakdown in internal control processes. Questioned costs: None. Context: See “Condition.” Cause: Public Health did not review these forms because the surveys were conducted by Accrediting Organizations. However, CMS Form 1539 must still be completed and reviewed for all recertified providers, regardless of the agency conducting the survey. Effect: Failure to review CMS Form 1539 may result in noncompliance with federal grant provisions and oversight of provider eligibility for Medicaid participation. Repeat Finding: This was reported in the previous year as finding 2023-016. Recommendation: Public Health should strengthen internal controls to ensure that CMS Form 1539 is reviewed and signed for all provider recertifications, including those surveyed by Accrediting Organizations. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter I – Office of Management and Budget Government-Wide Guidance for Federal Financial Assistance. Part 170 – Reporting Subaward and Executive Compensation Information. Subpart A – General. § 170.100 Purpose of this part This part provides guidance to Federal agencies on establishing requirements for recipients of Federal awards to report information on subawards and executive total compensation, as required by the Federal Funding Accountability and Transparency Act of 2006 (Pub. L. 109-282), as amended by the Digital Accountability and Transparency Act of 2014 (Pub. L. 113-101) and other Public Laws, hereafter referred to as the “Transparency Act.” § 170.105 Applicability. (a) Applicability in general. This part applies to a Federal agency’s Federal financial assistance as defined in § 170.300. This part applies to all recipients and subrecipients of Federal awards who meet the reporting requirements of paragraph (c) of this section, unless exempt under Federal statute or by paragraph (d) of this section. (b) Non-applicability to individuals. This part does not apply to an individual who applies for or receives Federal financial assistance as a natural person (that is, unrelated to any business or nonprofit organization an individual owns or operates). (c) Reporting Requirements. 1) The names and total compensation of an entity’s five most highly compensated executives must be reported if: a) In the entity’s preceding fiscal year, it received: i) 80 percent or more of its annual gross revenue in Federal procurement contracts (and subcontracts) and Federal awards (and subawards) subject to the Transparency Act, as defined at §170.300; and ii) $25,000,000 or more in annual gross revenue from Federal procurement contracts (and subcontracts) and Federal awards (and subawards) subject to the Transparency Act, as defined at §170.300; and b) The public does not have access to information about the compensation of senior executives of the entity through periodic reports filed under section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C. 78m(a), 78o(d)) or section 6104 of the Internal Revenue Code of 1986. Appendix A to Part 170 — Award Term. I. Reporting Subawards and Executive Compensation (2 CFR 170): (a)(2) Reporting Requirements. (i) The recipient must report each subaward described in paragraph (a)(1) of this award term to the Federal Funding Accountability and Transparency Act Subaward Reporting System (FSRS) at http://www.fsrs.gov. (ii) For subaward information, report no later than the end of the month following the month in which the subaward was issued. (b)(2) Reporting Requirements. (i) As part of the recipient’s registration profile at https://www.sam.gov. (ii) No later than the month following the month in which this Federal award is made, and annually after that. Condition: Audit procedures included a review of 60 FFATA reporting submissions associated with subrecipients. During this review, we assessed compliance with federal reporting requirements and evaluated the adequacy of internal controls over the FFATA reporting process. Of the 60 subrecipients examined, we identified that FFATA reporting was not performed for 60 subrecipients. The audit procedures also identified a lack of effective internal controls to ensure timely and accurate reporting, as there were no documented procedures or monitoring mechanisms in place to verify that subrecipient data was submitted in accordance with federal guidelines. Questioned costs: None Context: See “Condition.” Cause: Procedures to perform the required FFATA reporting were not established by the Department. The absence of documented policies, assigned responsibilities, and monitoring mechanisms create an environment which may result in noncompliance with federal reporting. Effect: The lack of established procedures and internal controls for FFATA reporting resulted in noncompliance, with 39 out of 40 subrecipients not reported as required. Repeat Finding: This is not a repeat finding. Recommendation: The Department should implement and robust process and related internal controls to ensure timely and accurate FFATA reporting. These controls should include developing written policies and procedures that outline the steps for collecting subrecipient data, preparing reports, and submitting them within required timelines; assigning accountability by designating specific personnel responsible for compliance; and implementing a monitoring and review process to verify completion and accuracy of reporting. Additionally, training programs should be established to ensure staff understand reporting requirements, and automated tracking tools or checklists should be utilized to provide transparency and reduce the risk of missed submissions. By introducing these internal controls, the Department can strengthen its compliance framework, mitigate the risk of federal funding repercussions, and enhance overall operational integrity. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter I – Office of Management and Budget Government-Wide Guidance for Federal Financial Assistance. Part 170 – Reporting Subaward and Executive Compensation Information. Subpart A – General. § 170.100 Purpose of this part This part provides guidance to Federal agencies on establishing requirements for recipients of Federal awards to report information on subawards and executive total compensation, as required by the Federal Funding Accountability and Transparency Act of 2006 (Pub. L. 109-282), as amended by the Digital Accountability and Transparency Act of 2014 (Pub. L. 113-101) and other Public Laws, hereafter referred to as the “Transparency Act.” § 170.105 Applicability. (a) Applicability in general. This part applies to a Federal agency’s Federal financial assistance as defined in § 170.300. This part applies to all recipients and subrecipients of Federal awards who meet the reporting requirements of paragraph (c) of this section, unless exempt under Federal statute or by paragraph (d) of this section. (b) Non-applicability to individuals. This part does not apply to an individual who applies for or receives Federal financial assistance as a natural person (that is, unrelated to any business or nonprofit organization an individual owns or operates). (c) Reporting Requirements. 2) The names and total compensation of an entity’s five most highly compensated executives must be reported if: a) In the entity’s preceding fiscal year, it received: i) 80 percent or more of its annual gross revenue in Federal procurement contracts (and subcontracts) and Federal awards (and subawards) subject to the Transparency Act, as defined at §170.300; and ii) $25,000,000 or more in annual gross revenue from Federal procurement contracts (and subcontracts) and Federal awards (and subawards) subject to the Transparency Act, as defined at §170.300; and b) The public does not have access to information about the compensation of senior executives of the entity through periodic reports filed under section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C. 78m(a), 78o(d)) or section 6104 of the Internal Revenue Code of 1986. Appendix A to Part 170 — Award Term. I. Reporting Subawards and Executive Compensation (2 CFR 170): (a)(2) Reporting Requirements. (i) The recipient must report each subaward described in paragraph (a)(1) of this award term to the Federal Funding Accountability and Transparency Act Subaward Reporting System (FSRS) at http://www.fsrs.gov. (ii) For subaward information, report no later than the end of the month following the month in which the subaward was issued. (b)(2) Reporting Requirements. (i) As part of the recipient’s registration profile at https://www.sam.gov. (ii) No later than the month following the month in which this Federal award is made, and annually after that. Condition: CDSS did not submit its Federal Funding Accountability and Transparency Act (FFATA) reports timely for the fiscal years ended June 30, 2024 Questioned costs: None Context: See “Condition.” Cause: CDSS has had turnover in positions responsible for filing the required FFATA reports. In addition, when CDSS assumed responsibilities over the CCDF Cluster, this function and responsibility was not clearly identified. Effect: CDSS is not in compliance with 2 CFR Part 170. Repeat Finding: This was reported in the previous year as finding 2023-010. Recommendation: We recommend that CDSS compile a report tracking process and identify all fiscal and compliance reports to be submitted with clear position responsibilities and workflow to ensure reports include accurate information and are timely prepared. CDSS should have a centralized tracking mechanism and assign and document a responsible position instead of a responsible individual person, which will reduce the risk of reports not being filed if turnover occurs. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 45 – Public Welfare. Subtitle A – Department of Health and Human Services. Subchapter A – General Administration. Part 98 – Child Care and Development Fund. Subpart G – Financial Management. § 98.65 Audits and financial reporting. (45 CFR 98.65) (d) Lead Agencies shall submit financial reports, in a manner specified by ACF, quarterly for each fiscal year until funds are expended OMB #0970-0510 – Instructions for Completion of Form ACF-696 Financial Reporting Form for the Child Care and Development Fund (CCDF) State & Territory Lead Agencies Pursuant to CCDF regulations at 45 CFR 98.65(g), and as part of the terms and conditions of the grant award, States and Territories are required to complete and submit a quarterly financial status report (ACF-696) in accordance with these instructions on behalf of the CCDF Lead Agency. Condition: For the fiscal year ended June 30, 2024, $2,864,939,555 was reported on the schedule of expenditures of federal awards (Schedule) for the CCDF Cluster; however, CDSS is unable to reconcile the ACF-696 reports submitted to the amount reported on the Schedule. The Schedule is $366,953,250 greater than the cumulative quarterly reports which totaled $2,497,986,305 for the fiscal year ended June 30, 2024. The audit procedures also identified a lack of effective internal controls to ensure timely and accurate reporting. Questioned costs: None Context: See “Condition.” Cause: The expenditures tracked and recorded by CDSS and CDE are reported together on the ACF-696 quarterly reports. CDSS, the department responsible for filing the reports for the fiscal year ended June 30, 2024, cannot identify the expenditures at the department level and therefore is unable to reconcile the discrepancy. Effect: CCDF Cluster expenditures were not accurately reported in the quarterly ACF-696 reports submitted. Repeat Finding: This was reported in the previous year as finding 2023-011. Recommendation: We recommend that CDSS review its procedures for capturing and reporting quarterly information in the AC-696 reports to ensure information is complete and accurate and maintain documentation supporting the amounts reported. Furthermore, we recommend that CDSS perform a year-end reconciliation of the ACF-696 reports to the amount reported in the Schedule and enhance internal control procedures related to the review of the reports. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 42 – Public Welfare. Subtitle A – Department of Health and Human Services. Subchapter A – General Administration. Part 98 – Child Care and Development Fund. Subpart E – Program Operations (Child Care Services)—Lead Agency and Provider Requirements. §98.41 Health and safety requirements: (a) Each Lead Agency shall certify that there are in effect, within the State (or other area served by the Lead Agency), under State, local or tribal law, requirements (appropriate to provider setting and age of children served) that are designed, implemented, and enforced to protect the health and safety of children. Such requirements must be applicable to child care providers of services for which assistance is provided under this part. Such requirements, which are subject to monitoring pursuant to §98.42, shall: (1) Include health and safety topics consisting of, at a minimum: (i) The prevention and control of infectious diseases (including immunizations); with respect to immunizations, [et. al.] (ii) Prevention of sudden infant death syndrome and use of safe sleeping practices; (iii) Administration of medication, consistent with standards for parental consent; (iv) Prevention and response to emergencies due to food and allergic reactions; (v) Building and physical premises safety, including identification of and protection from hazards, bodies of water, and vehicular traffic; (vi) Prevention of shaken baby syndrome, abusive head trauma, and child maltreatment; (vii) Emergency preparedness and response planning for emergencies resulting from a natural disaster, or a man-caused event (such as violence at a child care facility), within the meaning of those terms under section 602(a)(1) of the Robert T. Stafford Disaster Relief and Emergency Assistance Act (42 U.S.C. 5195a(a)(1)) that shall include procedures for evacuation, relocation, shelter-in-place and lock down, staff and volunteer emergency preparedness training and practice drills, communication and reunification with families, continuity of operations, and accommodation of infants and toddlers, children with disabilities, and children with chronic medical conditions; (viii) Handling and storage of hazardous materials and the appropriate disposal of biocontaminants; (ix) Appropriate precautions in transporting children, if applicable; (x) Pediatric first aid and cardiopulmonary resuscitation; (xi) Recognition and reporting of child abuse and neglect, in accordance with the requirement in paragraph (e) of this section; and (xii) May include requirements relating to: 1. Nutrition (including age-appropriate feeding); 2. Access to physical activity; 3. Caring for children with special needs; or 4. Any other subject area determined by the Lead Agency to be necessary to promote child development or to protect children’s health and safety. 2) Include minimum health and safety training on the topics above, as described in §98.44. Condition: The CDSS has not established health and safety monitoring procedures to ensure licensed-exempt providers serving children who receive subsidies comply with all applicable health and safety requirements. Accordingly, no monitoring procedures were performed on licensed-exempt providers during the fiscal year ended June 30, 2024. Questioned costs: None Context: See “Condition.” Cause: Although CDSS is in process of developing a health and safety monitoring process for licensed-exempt contractors, finalization and implementation is subject to statutory and budget actions which delay the process Effect: The CDSS is not in compliance with 45 CFR §98.41. Repeat Finding: This was reported in the previous year as finding 2023-014. Recommendation: We recommend CDSS complete its development and implementation of a monitoring process over the health and safety standards and develop a mechanism to identify and track all contracts requiring health and safety compliance monitoring. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Subrecipient Monitoring and Management. §200.332 Requirements for pass-through entities (2 CFR 200.332): A pass-through entity must: (c) Evaluate each subrecipient’s fraud risk and risk of noncompliance with a subaward to determine the appropriate subrecipient monitoring described in paragraph (f) of this section. When evaluating a subrecipient’s risk, a passthrough entity should consider the following: (1) The subrecipient’s prior experience with the same or similar subawards; (2) The results of previous audits. This includes considering whether or not the subrecipient receives a Single Audit in accordance with subpart F and the extent to which the same or similar subawards have been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of any Federal agency monitoring (for example, if the subrecipient also receives Federal awards directly from the Federal agency). (e) Monitor the activities of a subrecipient as necessary to ensure that the subrecipient complies with Federal statutes, regulations, and the terms and conditions of the subaward. The pass-through entity is responsible for monitoring the overall performance of a subrecipient to ensure that the goals and objectives of the subaward are achieved. In monitoring a subrecipient, a pass-through entity must: (1) Review financial and performance reports. (2) Ensure that the subrecipient takes corrective action on all significant developments that negatively affect the subaward. Significant developments include Single Audit findings related to the subaward, other audit findings, site visits, and written notifications from a subrecipient of adverse conditions which will impact their ability to meet the milestones or the objectives of a subaward. When significant developments negatively impact the subaward, a subrecipient must provide the pass-through entity with information on their plan for corrective action and any assistance needed to resolve the situation. (3) Issue a management decision for audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) Resolve audit findings specifically related to the subaward. However, the pass-through entity is not responsible for resolving cross-cutting audit findings that apply to the subaward and other Federal awards or subawards. If a subrecipient has a current Single Audit report and has not been excluded from receiving Federal funding (meaning, has not been debarred or suspended), the pass-through entity may rely on the subrecipient’s cognizant agency for audit or oversight agency for audit to perform audit follow-up and make management decisions related to crosscutting audit findings in accordance with section §200.513(a)(4)(viii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. California Code of Regulations. Title 5 Education. § 18023. Compliance Reviews of Contractors. (b) At least once every three (3) years and as resources permit, the California Department of Education shall conduct reviews at the contractor's office(s) and operating facility(ies) to determine the contractor's compliance with applicable laws, regulations or contractual provisions. Child Care and Development Fund (CCDF) Plan for State/Territory California FFY 2022-24, Amendment 4. Chapter 8 Ensure Grantee Program Integrity and Accountability. 8.1 Internal Controls and Accountability Measures to Help Ensure Program Integrity. 8.1.1 Process to train about CCDF requirements and program integrity. States and territories are required to describe effective internal controls that are in place to ensure program integrity and accountability (98.68(a)), including processes to train child care providers and staff of the Lead Agency and other agencies engaged in the administration of CCDF about program requirements and integrity. v. Monitor and assess policy implementation on an ongoing basis. The Lead Agency conducts announced Categorical Program Monitoring (CPM)/Contract Monitoring Reviews (CMRs) for each contractor on a three- or four-year cycle for non-LEAs and LEAs respectively. The Lead Agency’s Governance and Administration Unit (GAU) conducts ongoing review of individual contractors by sampling the eligibility and need documentation in family files to estimate and reduce error rates. Additionally, the Lead Agency provides ongoing training and technical assistance to contractors in regional sessions, in one-on-one sessions, and/or in cluster with webinars or during face to-face presentations. These sessions address CCDF program administration, requirements, and integrity Condition: We selected 60 subrecipient contracts (21 local educational agency (LEA) contracts and 39 non-LEA contracts) from 60 subrecipient entities and tested compliance with subrecipient monitoring requirements. We noted the following: LEA • 2 LEA contracts/contractors had no record of on-site monitoring over five years. Non-LEA • 3 non-LEA contracts/contractors had no records available to demonstrate risk assessment of the contractor. • 11 non-LEA contracts/contractors had no record of on-site monitoring over five years. Questioned costs: None Context: See “Condition.” Cause: In fiscal year 2021, the administration of the CCDF Cluster program was transitioned from the California Department of Education (CDE) to CDSS. CDSS has been in the process of revising certain policies and procedures, including contractor monitoring. In addition, certain records related to CDE monitoring activities for the contracts selected were unavailable for review. Effect: CDSS is at risk for contractor noncompliance if monitoring procedures are not properly designed or executed, and/or documents demonstrating monitoring are not maintained. Repeat Finding: This was reported in the previous year as finding 2023-012. Recommendation: To enhance the effectiveness of the annual risk assessment process, we recommend a thorough evaluation that focuses on the identification and inclusion of all subrecipients and defined risk criteria as mandated in 2 CFR 200.332. Furthermore, it is crucial to establish and document a transparent basis for risk profiling that directly correlates such profiles with compliance monitoring activities across fiscal, program, and single audit requirements. Furthermore, we recommend CDSS perform a comprehensive post-transition review to ensure all monitoring responsibilities transferred from CDE have been fully identified and assigned. This review should validate robust mechanisms are in place for the accurate documentation and proper retention of records. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR 200.303(a), California Department of Fish and Wildlife (CDFW) must establish and maintain effective internal control over the Federal award that provides reasonable assurance that it is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in the “Internal Control Integrated Framework” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Per 2 CFR section 200.332(a), all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes certain information at the time of the subaward and if any of these data elements change, include the changes in the subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes identification of the (xii) Assistance Listing Number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings number at time of disbursement. (xiii) Identification of whether the award is R&D. Per 2 CFR §200.332(f), pass-through entities must verify that subrecipients expected to be audited as required by Subpart F have met this requirement. This verification may be performed as part of the monitoring required under §200.332(d)(2), which includes ensuring subrecipients take timely and appropriate action on deficiencies detected through audits. Condition: Audit procedures included a review of a sample of subrecipient contracts for required information with the following results noted. For 10 of 10 samples, the contract did not include neither the Assistance Listing Number nor the identification of whether the award is R&D. Furthermore, the agency did not perform required monitoring to verify that subrecipients subject to the Single Audit requirement (2 CFR Part 200, Subpart F) completed their audits and addressed any findings. Specifically, the agency did not obtain or review subrecipient audit reports for the fiscal year under audit. Questioned costs: None. Context: See “Condition.” Cause: Current internal controls in place to ensure a review of subaward agreements is taking place to verify that all required elements are included per 2 CFR 200 §200.332 are not being done correctly. The agency lacked formal procedures and internal controls to ensure timely collection and review of subrecipient audit reports. CDFW was not performing requirements to document verification of audit completion and corrective actions. Effect: Providing incomplete information to subrecipients may result in inaccurate reporting by the subrecipients and ultimately by CDFW. Without proper monitoring, the agency cannot ensure that subrecipients comply with federal audit requirements or that corrective actions are taken on identified deficiencies. This increases the risk of noncompliance and potential misuse of federal funds. Repeat Finding: This is not a repeat finding. Recommendation: We recommend management enhance existing controls around the review of all subaward agreements to ensure that all pass-through agreements include each of the required elements by 2 CFR §200.332. We recommend that management establish and implement comprehensive procedures to ensure compliance with subrecipient monitoring requirements. These procedures should include identifying which subrecipients are subject to Single Audit requirements, obtaining and reviewing their audit reports on an annual basis, documenting verification of compliance, and ensuring timely follow-up on any corrective actions related to audit findings. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter II – Office of Management and Budget Guidance. Part 200 – Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. Subpart D – Post Federal Award Requirements. Standards for Financial and Program Management. §200.303 Internal controls (2 CFR 200.303): The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Title 2 – Grants and Agreements. Subtitle A – Office of Management and Budget Guidance for Grants and Agreements. Chapter I – Office of Management and Budget Government-Wide Guidance for Federal Financial Assistance. Part 170 – Reporting Subaward and Executive Compensation Information. Subpart A – General. § 170.100 Purpose of this part This part provides guidance to Federal agencies on establishing requirements for recipients of Federal awards to report information on subawards and executive total compensation, as required by the Federal Funding Accountability and Transparency Act of 2006 (Pub. L. 109-282), as amended by the Digital Accountability and Transparency Act of 2014 (Pub. L. 113-101) and other Public Laws, hereafter referred to as the “Transparency Act.” § 170.105 Applicability. (a) Applicability in general. This part applies to a Federal agency’s Federal financial assistance as defined in § 170.300. This part applies to all recipients and subrecipients of Federal awards who meet the reporting requirements of paragraph (c) of this section, unless exempt under Federal statute or by paragraph (d) of this section. (b) Non-applicability to individuals. This part does not apply to an individual who applies for or receives Federal financial assistance as a natural person (that is, unrelated to any business or nonprofit organization an individual owns or operates). (c) Reporting Requirements. 1) The names and total compensation of an entity’s five most highly compensated executives must be reported if: a) In the entity’s preceding fiscal year, it received: i) 80 percent or more of its annual gross revenue in Federal procurement contracts (and subcontracts) and Federal awards (and subawards) subject to the Transparency Act, as defined at §170.300; and ii) $25,000,000 or more in annual gross revenue from Federal procurement contracts (and subcontracts) and Federal awards (and subawards) subject to the Transparency Act, as defined at §170.300; and b) The public does not have access to information about the compensation of senior executives of the entity through periodic reports filed under section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C. 78m(a), 78o(d)) or section 6104 of the Internal Revenue Code of 1986. Appendix A to Part 170 — Award Term. I. Reporting Subawards and Executive Compensation (2 CFR 170): (a)(2) Reporting Requirements. (i) The recipient must report each subaward described in paragraph (a)(1) of this award term to the Federal Funding Accountability and Transparency Act Subaward Reporting System (FSRS) at http://www.fsrs.gov. (ii) For subaward information, report no later than the end of the month following the month in which the subaward was issued. (b)(2) Reporting Requirements. (i) As part of the recipient’s registration profile at https://www.sam.gov. (ii) No later than the month following the month in which this Federal award is made, and annually after that. Condition: Audit procedures included a review of 60 FFATA reporting submissions associated with subrecipients. During this review, we assessed compliance with federal reporting requirements and evaluated the adequacy of internal controls over the FFATA reporting process. Of the 60 subrecipients examined, we identified that FFATA reporting was not performed for 18 subrecipients. The audit procedures also identified a lack of effective internal controls to ensure timely and accurate reporting, as there were no documented procedures or monitoring mechanisms in place to verify that subrecipient data was submitted in accordance with federal guidelines. Questioned costs: None Context: See “Condition.” Cause: Procedures to perform the required FFATA reporting were not established by the Department. The absence of documented policies, assigned responsibilities, and monitoring mechanisms create an environment which may result in noncompliance with federal reporting. Effect: The lack of established procedures and internal controls for FFATA reporting resulted in noncompliance, with 18 out of 60 subrecipients not reported as required. Repeat Finding: This is not a repeat finding. Recommendation: The Department should implement and robust process and related internal controls to ensure timely and accurate FFATA reporting. These controls should include developing written policies and procedures that outline the steps for collecting subrecipient data, preparing reports, and submitting them within required timelines; assigning accountability by designating specific personnel responsible for compliance; and implementing a monitoring and review process to verify completion and accuracy of reporting. Additionally, training programs should be established to ensure staff understand reporting requirements, and automated tracking tools or checklists should be utilized to provide transparency and reduce the risk of missed submissions. By introducing these internal controls, the Department can strengthen its compliance framework, mitigate the risk of federal funding repercussions, and enhance overall operational integrity. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.
Criteria or specific requirement: Per 2 CFR 200.303(a), the State Administering Departments must establish and maintain effective internal control over the Federal award that provides reasonable assurance that it is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in the “Internal Control Integrated Framework” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For awards with period of performance beginning dates and ending dates during the fiscal year, audit procedures included testing transactions posted to the general ledger during the first and last month of the award. We noted the following instances of noncompliance: Pacific Coast Salmon Recovery Pacific Salmon Treaty Program- R&D Audit procedures included testing 5 sampled transactions from projects with period of performance ending dates during the fiscal year totaling $122,346. One of the expenditures, totaling $18,915, was related to costs incurred after the period of performance end date. The Project Period End Date for the grant award was August 31, 2023, however costs were incurred through September 30, 2023. Wildlife Restoration and Basic Hunter Education and Safety- R&D Audit procedures included testing 40 sampled transactions from projects with period of performance ending dates during the fiscal year totaling $540,319. One of the expenditures, totaling $2,784, was related to costs incurred after the period of performance end date. The Project Period End Date for the grant award was June 30, 2024, however costs were incurred on July 11, 2024. Highway Planning- R&D Audit procedures included testing 3 sampled transactions from projects with period of performance beginning dates during the fiscal year totaling $5,089. One of the expenditures, totaling $107, was related to costs incurred prior to the period of performance begin date. The Project Period Start Date for the grant award was July 1, 2023, however costs were incurred on June 8, 2023. Questioned costs: $21,699 Context: See “Condition.” Cause: Management failed to code the expenditure to the correct grant. Effect: Ineffective internal controls may result in questioned costs and noncompliance with the terms of the grant. Repeat Finding: This is not a repeat finding. Recommendation: The Departments should provide additional training over its review process to ensure that reviewers are verifying that transactions are posted to the proper grant. Views of responsible officials: Management’s response is reported in “Management’s Response and Corrective Action Plan” included in a separate section at the end of this report.