Corrective Action Plans

Recommendation: The Department of Children and Families should develop procedures to monitor payments to Youth Service Bureaus and strengthen internal controls to ensure compliance with the federal regulations for monitoring subrecipients of the Temporary Assistance for Needy Families program. As the lead agency for TANF, the Department of Social Services should strengthen procedures to ensure that supporting state agencies fulfill their responsibilities in their memorandum of understanding and comply with all federal TANF requirements. Corrective Action Plan as Reported by the Department of Children and Families: DCF agrees with this finding and will improve its internal review process to include Youth Services Bureaus and capture all subrecipients' federal single audits. Department of Children and Families Anticipated Completion Date: June 30, 2026 Department of Children and Families Contact Person: Theodore Sandfod, Director of Program Monitoring & Fiscal Review (860) 218-8905 Corrective Action Plan as Reported by the Department of Social Services: The Department agrees with this finding. As the lead agency for TANF, DSS will strengthen procedures by requiring DCF to complete and share activities that verify subrecipients meet their audit requirements each fiscal year. DSS worked with an outside agency to review and enhance its subrecipient monitoring procedures. The outcome of this collaboration included training for DSS staff on subrecipient monitoring requirements, communicating expectations to subrecipients about monitoring expectations, a standardized data request, and the creation of a subrecipient monitoring toolkit to be utilized by DSS and its partners. Department of Social Services Anticipated Completion Date: December 31, 2026 Department of Social Services Contact Person: Dan Giacomi, Program Division Director (860) 424-5080

Recommendation: The Judicial Branch should strengthen internal controls to ensure it complies with federal subrecipient monitoring requirements for the Crime Victim Assistance program. Corrective Action Plan as Reported by the Judicial Branch: The Judicial Branch Office of Victim Services (OVS) agrees to strengthen its internal controls as described below to comply with federal subrecipient monitoring requirements for the Victims of Crime Act Assistance (VOCA) Program. In 2025, OVS performed site visits for four VOCA-funded programs and completed financial-desk reviews of monthly or quarterly financial reports for all programs. That year, OVS experienced personnel turnover in its three-employee Fiscal Services Unit, notably the separation from state service of a Program Manager and a Court Planner, who together performed OVS’ programmatic site visits of VOCA-funded programs. Also, there was a significant increase in workload resulting from OVS’ contributions to the 2024-2025 VOCA request-for-proposal process. In response, staff outside the unit contributed while managing other assigned duties, a Program Manager and Grants and Contract Specialist were hired to restore the unit to its three-employee configuration, the new employees received training on subrecipient monitoring policies and procedures, and a revised subrecipient site visit plan was developed and has begun being implemented. To strengthen internal controls, OVS has developed a revised site visit plan for the remaining VOCA-funded programs scheduled to receive site visits in 2025. April 15, 2026, is the anticipated date for OVS to complete the site visits. OVS has completed sending letters to the subrecipients operating the VOCA-funded programs. The letters request supporting documentation, which is programmatic and financial in nature, in accordance with OVS administrative policy and procedure. Also, the letters inform subrecipients that site visits will commence in accordance with a revised site visit plan. Anticipated Completion Date: April 15, 2026 Judicial Branch Contact Person: Marc Pelka, Office of Victim Services Director marc.pelka@jud.ct.gov (860) 263-2760

The NetSuite implementation and optimization, overseen by Joan Hayner, Interim Finance and Operation Lead, has been in process throughout 2025, which has allowed for the streamlining of many processes. As of July 2025, the schedule of federal expenditures was automatically produced in NetSuite using expenditure data within the accounting system, rather than being prepared manually. In order to ensure that the SEFA is being produced accurately and completely, the Accounting Manager, who joined the Alliance in April 2025, will become thoroughly familiar with the reporting requirements for the Alliance’s federal awards and work with NetSuite to ensure the data is accurately reflected in the system. As of March 2026, the Alliance is caught up on payments to vendors and their system now has information about the date a program service or item was for and the Alliance is better able to identify what period an expense belongs to.

2025-004 – Subrecipient Monitoring: Lack of Supporting Documentation for Subrecipient Monitoring Activities Cluster: Not applicable Sponsoring Agency: United States Agency for International Development (USAID) Award Name: USAID Foreign Assistance for Programs Overseas Award Number: 7200AA19CA00018, 7200AA21LE00003 Assistance Listing Title: USAID Foreign Assistance for Programs Overseas Assistance Listing Number: ALN 98.001 Award Year: 2024-2025 Pass-through entity: Not applicable Compliance Requirement: Subrecipient Monitoring Formal supporting documentation of subrecipient monitoring procedures performed by the department was not available due to the termination of the federal awards and the resulting reduction or termination of departmental administrative staff. Quarterly financial reports archived by the central office were available and provided. The Office of Research/Sponsored Programs is responsible for subrecipient monitoring as it relates to 2 CFR 200.332, while certain monitoring activities under 2 CFR 200.332(e), particularly those that are programmatic in nature, are generally performed by departmental staff. Due to staff terminations, documentation supporting these activities was not available for testing. To address the documentation gap identified under these circumstances, the central office will implement corrective actions to ensure the preservation and accessibility of all subrecipient monitoring records. Regarding future award terminations, upon receiving notice of award termination, the central office will request the archiving and central accessibility of departmental subrecipient monitoring documentation. All record retention and archiving will continue to follow the University’s established record retention requirements as outlined in University policy. Implementation of this process will occur immediately upon notification of any future award terminations. For inquiries regarding this finding, please contact Mario Reina-Guerra at mreinaguerra@ucdavis.edu.

2025-002 – Subrecipient Monitoring Cluster: Research and Development Cluster (“R&D”) Sponsoring Agency: Various – All R&D awards with subrecipients from 1 campus Award Name: Various - All R&D awards with subrecipients from 1 campus Award Number: Various Assistance Listing Title: Various – All R&D awards with subrecipients from 1 campus Assistance Listing Number: Various - All R&D awards with subrecipients from 1 campus Award Year: 2024-2025 Pass-through entity: All pass-through awards for 1 campus with subrecipients The Sponsored Programs Office will implement a new process to ensure all Uniform Guidance reports for all subrecipients of federal funding are reviewed annually to ensure findings affecting our awards are appropriately addressed and that we issue a management decision to the extent applicable. The process will involve setting event reminders on all active subrecipients under federally funded projects to trigger review every 10-11 months regardless of any upcoming amendments. The targeted implementation date is August 1, 2026. For inquiries regarding this finding, please contact Patrick Woods at pjwoods@ucdavis.edu.

Corrective Actions: Staff will ensure that the Monitoring Policy will be fully implemented as recommended. In addition , changes in staffing will be addressed by additional training to ensure that consistent processes are maintained. Name of Responsible Person: Okina Dor, Director of Community Development Ryan Mulligan, Housing Manager Rose Tam, Director of Finance

Department: Defense, Veterans and Emergency Management Title: Internal control over DG – PA program subrecipient audit procedures needs improvement Questioned Costs: None Status: Corrective action in progress Corrective Action: The Department will publish revised subrecipient monitoring procedures. The Department will cross-train relevant agency staff on the procedures. The Department will implement a quarterly FAC review cycle with revised procedures. Completion Date: April 30, 2026, June 30, 2026, and July 1, 2026, respectively Agency Contact: Sunny Cyr, MEMA Business Office Director, DVEM, 207-707-2507

Department: Health and Human Services Title: Internal control over CCDF subrecipient risk evaluation procedures needs improvement Questioned Costs: None Status: Management’s opinion is that corrective action is not required Corrective Action: The Department disagrees with this finding. The Department evaluates risk on its subrecipients for the purpose of determining the appropriate subrecipient monitoring in multiple ways. The first assessment of risk is when a subaward is competitively bid. The second assessment of risk is built into the Maine Uniform Accounting and Auditing Practices for Community Agencies (MAAP) in which higher risk subrecipients undergo a higher level of testing by Independent Public Accountants. Finally, the Social Service Unit of the Division of Audit performs a risk assessment and tests transactions for those subrecipients that have been determined to be higher risk. Completion Date: N/A Agency Contact: John Feeney, Chief Operating Officer, DHHS, 207-626-8614

Department: Health and Human Services Title: Internal control over TANF subrecipient monitoring procedures needs improvement Questioned Costs: None Status: Corrective action in progress Corrective Action: The Department will create a process to ensure the documentation of the review of sub-recipient performance reports. Completion Date: June 30,2026 Agency Contact: Ian Yaffe, Director, Office for Family Independence, DHHS, 207-592-1481

Department: Health and Human Services Title: Internal control over TANF subrecipient risk evaluation procedures needs improvement Questioned Costs: None Status: Management’s opinion is that corrective action is not required Corrective Action: The Department disagrees with this finding. The Department evaluates risk on its subrecipients for the purpose of determining the appropriate subrecipient monitoring in multiple ways. The first assessment of risk is when a subaward is competitively bid. The second assessment of risk is built into the Maine Uniform Accounting and Auditing Practices for Community Agencies (MAAP) in which higher risk subrecipients undergo a higher level of testing by Independent Public Accountants. Finally, the Social Service Unit of the Division of Audit performs a risk assessment and tests transactions for those subrecipients that have been determined to be higher risk. Completion Date: N/A Agency Contact: Ian Yaffe, Director, Office for Family Independence, DHHS, 207-592-1481

Department: Health and Human Services Education Title: Internal control over PDG subrecipient monitoring procedures needs improvement Questioned Costs: Known: $128,333 Likely: Undeterminable Status: Corrective action in progress Corrective Action: The OCFS procurement staff and DHHS DCM will ensure that all contracts issued by OCFS include the Federal award identification number or the grant award number, as applicable. The DOE procurement staff will ensure that all contracts issued by DO include the Federal award identification number, the Federal award date, the assistance listing title and number, the indirect cost rate for the Federal award, name of Federal agency, assistance listing title and number, identification of whether the Federal award is for research and development, and the indirect cost rate for the federal award. Completion Date: March 31, 2026 Agency Contact: Tara Williams, Associate Director of Early Care & Education, DHHS, 207-557-2342

Department: Health and Human Services Public Safety Title: Internal control over Health Disparities program subrecipient monitoring procedures needs improvement Questioned Costs: None Status: Corrective action in progress Corrective Action: Department of Health and Human Services (DHHS): The Department will revise the internal control document designed to ensure the inclusion of required Federal Award Identification information in subrecipient contracts. The Department will revise the internal control document designed to ensure all required subrecipient monitoring activities are performed. Department of Public Safety (DPS): All Bureau Directors were notified of the finding in the most recent Leadership meeting and guidance was provided on how to ensure it doesn't occur again in the future. All Bureau Directors will receive the policies and procedures used by the Contract/Grant Team. All Bureau Directors will receive training from the Contract/Grant Team on subrecipient monitoring. All contracts using federal funds will be reviewed and amended to include the appropriate language. Completion Date: DHHS: April 10, 2026 DPS: March 17, 2026, April 1, 2026, May 1, 2026, and July 1, 2026, respectively Agency Contact: DHHS: Eden Hale, Associate Director, Division of Population Health Equity, Maine CDC, 207-441-1090 DPS: Derek Gorneau, Assistant to the Commissioner, DPS, 207-530-3531

Department: Education Title: Internal control over CNC subrecipient audit monitoring needs improvement Questioned Costs: None Status: Corrective action in progress Corrective Action: Fiscal Review and Compliance Consultant: The Policy and Procedure manual will be updated to include regular monthly notifications in a system (such as Microsoft Outlook) to update the audit tracking spreadsheet for accuracy. Regionalization and Compliance Coordinator: The Policy and Procedure manual will be updated to add a step to set up regular monthly notifications in a system (such as Microsoft Outlook) for the supervisor to review the audit tracking spreadsheet for accuracy and completion. Completion Date: April 30, 2026 Agency Contact: Nicole Denis, Director of Finance, DOE, 207-530-2161

Department: Education Title: Internal control over CNC subrecipient monitoring procedures needs improvement Questioned Costs: None Status: Corrective action in progress Corrective Action: The Department will review and monitor the tracking spreadsheet monthly. The Department will hold monthly meetings to ensure CNP web questions and tools are completed, and documents are saved in the appropriate location. The Department will conduct training with NSLP reviewers on expectations for saving documentation Conduct training with NSLP reviewers on how to answer SFSP procurement questions for schools. The Department will update the Special Provision 2 base year review and validation procedure to include where to save documents and show the completion in CNP web. The Special Provision 2 base year reviews will be included in Step 2, starting SFY 2027. Completion Date: May 1, 2026 (first to third items), June 15, 2026 (fourth item), June 30, 2026 (fifth item), and October 30, 2026 (sixth item) Agency Contact: Jane McLucas, Director of Child Nutrition, DOE, 207-624-6880

Department: Health and Human Services Title: Internal control over SNAP subrecipient monitoring procedures needs improvement Questioned Costs: None Status: Corrective action in progress Corrective Action: The SNAP team currently prepares the Rider A (Scope of Work) and Payment Rider for contracts and submits them to the Division of Contract Management, which assembles all other riders, including those documenting federal Award Identification numbers and Assistance Listing titles and numbers, in a final agreement. The SNAP team will meet with DCM and request that a final draft of all contracts be sent to the SNAP team for review so that we can assure that all required information has been included in the contract. Completion Date: June 1, 2026 Agency Contact: Patricia Dushuttle, Special Projects Manager - SNAP, DHHS, 207-215-0995

Corrective Action Plan: The Department developed and re-evaluated its internal control procedures to ensure that all subprograms and subrecipients will be adequately monitored for program compliance. The Department also evaluated its existing control procedures to reasonably ensure that the quarterly program reports submitted through the Salesforce System will be timely, accurate, and complete. Anticipated Completion Date for Corrective Action: Completed April 2025 Contact Person Responsible for Corrective Action: Name: Thomas Fitz Gibbon Title: Deputy Chief, Office of Division Support Address: 77 South High Street, Columbus, Ohio 43220 Phone Number: 614-466-0043 E-Mail Address: thomas.fitzgibbon@development.ohio.gov

2025-001 Monitoring of Subrecipients Agency: National Aeronautics & Space Administration Program Titles: Surviving a mass extinction: Lessons from the post K-Pg fern spike Grant Numbers: 80NSSC23K1013 Contact Person: Emily Schwarz, Chief Financial Officer (718) 817-8730 Corrective Action: Subsequent to year end, the Garden obtained and reviewed Single Audit filings for all its Subrecipients from the Federal Audit Clearinghouse. In the Garden’s review of the Subrecipient Single Audit Reports, it did not note any findings related to its Federal programs. The Garden has implemented a control to continue to obtain and review the Single Audit filings for its Subrecipients on an annual basis. Anticipated Completion Date: Plan implemented immediately, and then continues on an ongoing basis.

The South Carolina Department of Social Services (SCDSS) respectfully submits the following corrective action plan for the year ended June 30, 2025, on behalf of the State of South Carolina. The findings from the schedule of findings and questioned costs are discussed below. The findings are numbered consistently with the numbers assigned in the schedule. FINDINGS—FEDERAL AWARD PROGRAM AUDIT U.S. Department of Health and Human Services Refugee and Entrant Assistance – Assistance Listing No. 93.566 Disposition of Audit Finding: The SCDSS concurs with the audit finding. Corrective Action: The Refugee Resettlement Program (RRP) will implement a semiannual subrecipient monitoring process conducted by the State Refugee Coordinator and Refugee Contract Monitor. Monitoring activities will utilize standardized checklists aligned with the Code of Federal Regulations governing the Refugee Support Services (RSS) Program, including requirements under Assistance Listing 93.566. All documentation and follow-up actions will be maintained to ensure compliance with federal and state requirements and to support ongoing program integrity. Anticipated Completion Date: May 1, 2026 Names of the contact persons responsible for corrective action: • Ambrea Jones, State Refugee Coordinator at 803-898-7303

Federal Agency: U.S. Department of Health and Human Services State Department/Agency: Kansas Department of Education and Kansas Department of Children and Families Federal Program Name: Temporary Assistance for Needy Families Assistance Listing Number: 93.558 Award Number: 2301KSTANF, 2401KSTANF, and 2501KSTANF Period: October 1, 2023 – September 30, 2025 Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Condition: Subawards issued by the Kansas Department of Education and Kansas Department of Children and Families (Departments) did not include all required subaward information. Subawards underwent suspension and debarment verification from sam.gov but this process was not formally documented. Recommendation: We recommend that the Departments develop a subaward template that includes all required federal award information and update its procedures and internal controls to ensure that all required federal award information is included in subawards at the time of issuance. We recommend that management enhance its procurement procedures to require and retain documented evidence that vendors are verified as not suspended or debarred prior to the award of contracts or payment of federal funds. Maintaining this documentation will help ensure compliance with federal requirements and support the government’s assurance that federal funds are expended only with eligible vendors. Views of responsible officials: There is no disagreement with the audit finding. Action taken in response to finding: The Kansas State Department of Education does have a subaward template for use by agency staff that includes space for all required federal award information. Staff managing the Preschool Pilot Program grants to subrecipients will now use this template when awarding funds from TANF. KSDE staff will also contact the Department for Children and Families to ensure KSDE has the appropriate federal award information to include in the grant award notification. Once grant award notifications are issued, KSDE program staff will notify the Department for Children and Families to ensure they have the appropriate information for FFATA reporting. KSDE staff making the subawards will also retain documentation that each vendor was verified as not suspended or debarred prior to issuing the grant award notification. This documentation will include the following: a tracking spreadsheet that will log when the verification took place and by whom, along with taking a screenshot of the webpage when the verification takes place. Additionally, beginning in school year 2026-2027 the assurances signed by subrecipients will have language that require the subrecipient to certify that they are not suspended or debarred. Name(s) of the contact person(s) responsible for corrective action: Amanda Petersen, Director of Early Childhood, and John Hess, Director of Fiscal Services and Operations Planned completion date for corrective action plan: June 30, 2026

Federal Agency: U.S. Department of Health and Human Services State Department/Agency: Kansas Department of Health and Environment Federal Program Name: Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) Assistance Listing Number: 93.323 Award Number and Period: NU50CK000549 (7/1/2019 – 7/31/2027) & NU51CK000384 (8/1/2024 – 7/31/2029) Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control Over Compliance, Material Noncompliance (Modified Opinion) Condition: Subawards issued by the Kansas Department of Health and Environment (Department) did not include all required subaward information and failed to obtain the Unique Identity ID for all subawards. The Department did not obtain the required audit information (Single Audit or another applicable audit) from its subrecipient during the audit period. Recommendation: We recommend that the Department develop a subaward template that includes all required federal award information and update its procedures and internal controls to ensure that all required federal award information is included in subawards at the time of issuance. Views of responsible officials: There is no disagreement with the audit finding. Action taken in response to finding: A subaward template has been created and the ELC program director will ensure that all sub-recipient agreements contain the needed information prior to the start of the budget period. Name(s) of the contact person(s) responsible for corrective action: Sheri Tubach, Deputy State Epidemiologist Planned completion date for corrective action plan: March 9, 2026

Federal Agency: U.S. Department of Homeland Security State Department/Agency: Kansas Division of Emergency Management Federal Program Name: Disaster Grants – Public Assistance (Presidentially Declared Disasters) Assistance Listing Numbers: 97.036 Award Period: July 1, 2024 through June 30, 2025 Award Number: Various Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control over Compliance, Other Matters Condition: During our testing of subrecipient monitoring, we noted that for certain subawards the Kansas Division of Emergency Management (KDEM) did not timely issue the subaward letter to the subrecipients, which should have been communicated within 30 days of subaward being obligated or before subaward payments were made. Recommendation: We recommend that KDEM continues to implement its corrective action plan from prior year and continue to enhance its internal controls and procedures to ensure that the subaward letter is issued to subrecipients timely to ensure all required federal award information is communicated to the subrecipient at the time of the subaward. Views of responsible officials: There is no disagreement with the audit finding. Action taken in response to finding: KDEM Fiscal and Compliance office will continue to implement corrective action plan from SFY24. A report will be downloaded of newly obligated projects from Grants Portal every two weeks to ensure project award letters are created and dropped into the Grants Portal for the applicant within 30 days of obligation. Currently fiscal staff is completing this within days to one week of obligation. Name(s) of the contact person(s) responsible for corrective action: Jennifer Deal, Fiscal & Grants Management Section Chief and Lupe Olaya, Grants Compliance Coordinator Planned completion date for corrective action plan: Currently in place.

AL 21.027, COVID-19 Coronavirus State and Local Fiscal Recovery Funds Finding: Evidence was not retained of monitoring subrecipients’ financial and single audit reporting or of any follow up actions as a result of monitoring. Auditor Recommendation: The County should develop and implement policies and procedures to ensure that all subrecipient monitoring is performed and retained. Corrective Actions Taken or Planned: The County agrees and concurs. The County anticipates providing more training to grant program managers and additional reviews during FY26 as the program closes out. Point of Contact for corrective actions: Sarah Keane, Deputy CFO sarah_keane@washingtoncountyor.gov

The Center will review required communications and update agreements with subreceipients accordingly.

Finding No. 2025-003: Subrecipient Monitoring AL No.: 11.029 Program Title: Tribal Broadband Connectivity Program Grant Award Number: NT23TBC0290054 Condition Subaward agreements did not include certain required federal award information. A risk assessment was not performed for the subrecipient prior to execution of the subaward agreement. No evidence of pass-through entity verifying that subrecipients are audited as required by 2 CFR Section 200, Subpart F. DHHL failed to communicate five required pieces of award information to the subrecipient (UH) as mandated by 2 CFR 200.332(a)(1), including: Subrecipient’s unique entity identifier, Subaward Budget Period Start and End Date, Assistance Listing Number (12.017), Identification of whether the award is R&D, Indirect cost rate information (including de minimis rate status). Corrective Action Plan DHHL will implement the following corrective actions to address the identified issues to align subrecipient monitoring in compliance with 2 CFR 200. Subaward and Documentation Corrections: DHHL will review the original federal award and UH agreement, then prepare subaward amendments incorporating all required elements under 2 CFR 200.332(a)(1). DHHL will also obtain UH’s UEI and confirm and document the subaward budget period and assistance listing number. DHHL will also assure all amendments and documents obtain NTIA/NIST approval for any required federal documentation. Risk Assessment and Monitoring: DHHL will conduct and document risk assessment for UH in accordance with 2 CFR 200.332(b). DHHL will then use the risk assessment to determine the appropriate level of subrecipient monitoring. Moving forward, DHHL will integrate the risk assessment requirement prior to any subaward execution. Audit Verification and Compliance: DHHL will verify UH’s single audit status, review and document UH’s Single Audit Report to assess and establish annual monitoring/management procedures. DHHL will implement the same processes for future subrecipients moving forward. Systematic Improvements and Training: DHHL will develop a subaward checklist and standardized subaward template aligned with 2 CFR 200.332 requirements. DHHL plans to implement mandatory compliance and legal review prior to subaward execution. Person Responsible Jaren Tengan, Broadband Coordinator And/or Aislen Bacalso, Broadband Coordination Assistant Anticipated Date of Completion The updated documentation is subject to the completion and approval of Federal Budget Amendments. DHHL is hopeful that NTIA and NIST will provide feedback and approval by June 2026, and DHHL will immediately prepare and submit any additional subaward documentation for the UH Subaward. (Please note this is the first fiscal year DHHL is working with NIST. It is unsure how long budget amendment processes will take.)

We agree with the auditor's comments. The HCEDA has engaged a temporary project manager that is coordinating the collection of quarterly expenses and reports from the subrecipients. Our office of law has drafted an amendment to the agreement that details that the grants were ARPA funds and notes that the subrecipient certifies that they have not been suspended or debarred. This amendment will include an attachment with the complete supplementary conditions applicable to ARPA funded grants. We will have each subrecipient sign the amendment. We anticipate completion of this by March 31, 2026.