Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Finding number: 2023 005 Federal agency: U.S. Department of Treasury Pass through agency: N/A - Direct Program: COVID-19 Emergency Rental Assistance Program ALN #: 21.023 Award number: N/A Award year: January 1, 2021 to September 30, 2025 Finding: Internal Control and Compliance over Subrecipient Monitoring Prior Year Finding: No Type of Finding: Material Weakness Criteria According to 2 CFR 200.331 (b), a pass through entity must evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring, which may include consideration of such factors as: • The subrecipient’s prior experience with the same or similar subawards; • The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F Audit Requirements of this part, and the extent to which the same or similar subaward has been audited as a major program; • Whether the subrecipient has new personnel or new or substantially changed systems; and • The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency). Also, according to 2 CFR 200.331 (d), a pass through entity must: • Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. • Follow up and ensure that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass through entity detected through audits, on site reviews, and other means. Additionally, 2 CFR 200.303 indicates that non Federal entities receiving Federal awards must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Condition During our testing of subrecipient monitoring for a sample of 2 out of the population of 5 subrecipients, the Mayor's Office of Housing (MOH) was unable to provide documentation for either of the subrecipients showing that a formal risk evaluation had been performed. Cause This appears to be due to inadequate policies and procedures surrounding the initial risk assessment of the subrecipients. Effect The MOH does not have adequate controls over evaluating each subrecipient’s risk of noncompliance for purposes of determining appropriate subrecipient monitoring. Whether Sampling was Statistically Valid The sample was not intended to be, and was not, a statistically valid sample. Questioned Costs: None Recommendation We recommend that the MOH implement control procedures to ensure that each subrecipient is evaluated for risk of noncompliance to ensure appropriate subrecipient monitoring. View of Responsible Officials from the Auditee The City and the Mayor’s Office of Housing has reinforced all documented policies and procedures with staff to ensure all areas of compliance have appropriate backup documentation to demonstrate that pre-award risk has been assessed.
2023-010 SLFRF Program Subrecipient Monitoring The OA has not established policies and procedures regarding monitoring subrecipients of the Coronavirus State and Local Fiscal Recovery Funds (SLFRF) program. As a result, the OA did not comply with the Uniform Guidance (UG) requirements regarding identifying and monitoring subrecipients of the SLFRF program. The OA is the lead agency responsible for administering the SLFRF program. The purpose of the SLFRF program is to provide funding to respond to the COVID-19 public health emergency (PHE) or its negative impacts; respond to workers performing essential work during the PHE; provide government services, to the extent of the reduction in revenue due to the PHE (revenue replacement); and make necessary investments in water, sewer, or broadband infrastructure. The OA and various state agencies designed projects within the allowable SLFRF program categories, and are responsible for administering the projects. The OA developed the American Rescue Plan Act Grant Portal (portal) to serve as the official repository of information and documentation supporting each SLFRF program project. The state agencies upload supporting documentation to the portal, including contracts, payment requests, and other supporting documentation. Most payments are made on a reimbursement basis. The OA reviews each payment request and processes the payments. Some SLFRF program projects are administered through subawards. The OA establishes contracts with each subrecipient that outline various SLFRF program requirements, terms, and conditions. In the Schedule of Expenditures of Federal Awards (SEFA), the OA reported approximately $86 million was passed through to subrecipients of the SLFRF program during the year ended June 30, 2023. This amount represents approximately 50 percent of the SLFRF program expenditures. These awards were administered through the OA and 7 other state agencies. However, as noted in finding A., the amount is not accurate due to subrecipient determination errors. Of the 8 state agencies that administered subawards reported in the SEFA during the year ended June 30, 2023, 3 administered the majority of the subawards, with payments totaling approximately $72.7 million, or 85 percent of the total subrecipient payments reported in the SEFA. Our review and testing of subrecipient monitoring procedures focused on the OA and the 3 state agencies. For the 3 state agencies, a total of 55 recipients were identified as subrecipients in the SEFA. However, as noted in finding A., some of these recipients were not truly subrecipients. To understand the OA and agency procedures, and to test compliance with subrecipient monitoring requirements, we randomly selected a sample of payments to 9 subrecipients for the 3 state agencies. The 9 subrecipients were awarded nearly $166 million in SLFRF program funding and were paid a total of approximately $36.5 million during the year ended June 30, 2023. We reviewed records in the portal supporting the subaward and 1 payment for each of the 9 subrecipients. We reviewed payments totaling approximately $8 million. A. Subrecipient Determination The OA has not established policies and procedures to determine whether recipients of SLFRF program funds are subrecipients or contractors. As a result, some recipients were incorrectly classified as subrecipients, and the OA lacks a complete and accurate listing of subrecipients. Subrecipient monitoring requirements are outlined in the UG. Regulation 2 CFR Section 200.331 states a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. The classification of a subrecipient is dependent on whether the entity is responsible for making eligibility determinations for assistance, has its performance measured in relation to whether the objectives of the federal program were met, has responsibility for programmatic decision-making, is responsible for adherence to federal program requirements, and uses the federal funds to carry out a program for its public purpose. The OA did not evaluate each SLFRF program recipient for the UG criteria, and make a determination whether the entity was a subrecipient or contractor. OA officials assigned responsibility for making these determinations and identifying subrecipients to the applicable state agencies, but did not provide clear guidance to the state agencies or ensure the state agencies properly performed and documented the determinations. Two of the 3 state agencies had not documented their determination for any of their sampled subrecipients and the other state agency had not documented their determinations for 1 of 3 sampled subrecipients. Our analysis and review of the population of 55 subrecipients identified in the SEFA for the 3 state agencies revealed 2 of the state agencies had incorrectly recorded several recipients as subrecipients. For example, 1 agency incorrectly reported 8 revenue replacement project subawards, with payments totaling approximately $18.1 million and another agency incorrectly reported a revenue replacement project subaward, with payments totaling approximately $89,000, as subrecipients, during the year ended June 30, 2023. The Treasury SLFRF FAQ 13.14 says recipients of revenue replacement funds are not subrecipients. One of the agencies also incorrectly reported a software contractor, with payments totaling approximately $295,000, as a subrecipient. Without adequate procedures over subrecipient or contractor determinations, the OA lacks assurance that its subrecipients have been identified for subrecipient monitoring purposes. B. Subrecipient Monitoring The OA did not implement an effective subrecipient monitoring program to monitor the SLFRF program subrecipients. As a result, some subrecipient monitoring procedures were not performed as required by the UG. Regulation 2 CFR Section 200.332(b) states that pass-through entities must evaluate each subrecipient's risk of noncompliance with federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring. Risk assessments may consider factors such as the subrecipient's prior experience with the same or similar subawards, the results of previous audits, whether the subrecipient has new personnel or new or substantially-changed systems, and the extent and results of federal awarding agency monitoring. Regulation 2 CFR Section 200.332(d) requires pass-through entities to monitor the activities of the subrecipient as necessary to ensure that the subrecipient is in compliance with federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity; (2) following up and ensuring the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address single audit findings related to the particular subaward; and (3) issuing a management decision for applicable findings pertaining only to the federal award provided to the subrecipient from the pass-through entity. Regulation 2 CFR Section 200.332(f) requires pass-through entities to verify that every subrecipient had a single audit when it is expected that the subrecipient spent $750,000 or more during the subrecipient's fiscal year. To monitor subrecipients of the SLFRF program, the OA relies on its pre-payment monitoring process and does not perform any post-payment monitoring procedures. The OA did not establish policies and procedures over the pre-payment review process and these reviews were not always clearly documented. In addition, the OA did not formally communicate with the state agencies regarding subrecipient monitoring responsibilities or ensure the state agencies performed monitoring reviews. The information communicated to the state agencies in memos and emails and during periodic meetings with state agency officials were not formalized in a policy and did not cover all relevant compliance requirements. In addition, the OA did not perform risk assessments or ensure subrecipients received single audits as required by the UG. Risk assessments The OA did not perform required risk assessments for subrecipients of the SLFRF program to determine the nature, timing, and extent of monitoring procedures necessary. None of the 3 state agencies performed risk assessments for the sampled subrecipients. OA officials indicated they did not believe risk assessment procedures were necessary because extensive pre-payment monitoring procedures are performed for all payments. In addition to complying with federal requirements, risk assessments are necessary to ensure monitoring reviews are conducted with adequate frequency to help ensure subrecipient compliance with program requirements. OA pre-payment monitoring procedures The OA has not developed policies and procedures outlining its pre-payment monitoring procedures and did not always clearly document monitoring performed prior to making payments. In their review and approval of each SLFRF subrecipient payment request, OA officials stated they thoroughly review supporting documentation uploaded to the portal by the state agencies, including contracts, bid documentation, invoices, and other supporting documentation. OA officials further stated they review for compliance with certain types of SLFRF program compliance requirements, including allowable activities and allowable costs, procurement, and period of performance. However, the OA does not clearly document review procedures performed. For each of the 9 subrecipients sampled, the portal included documentation pertaining to some, but not all of the applicable compliance requirements. For example, for all 9 subrecipient payments reviewed, the portal lacked any documentation the subrecipient used a competitive procurement process to obtain the applicable items or services. Also, for 3 of the 9 payments reviewed, the portal included summary invoices, but did not include sufficiently detailed documentation showing compliance with the allowable activities and allowable costs and period of performance compliance requirements. Without documented policies and procedures and documentation of pre-payment monitoring procedures performed, the OA cannot demonstrate subrecipient monitoring procedures were performed. Additional monitoring procedures The OA does not monitor subrecipients beyond the pre-payment monitoring process previously described. In addition, the OA did not formally communicate with the state agencies regarding subrecipient monitoring responsibilities or ensure the state agencies performed monitoring reviews. Subrecipient contracts outline various federal requirements and terms and conditions that subrecipients must comply with both before and after receiving payments. For example, the purpose of a contract with a subrecipient is "Preparing and Credentialing Employees for Tomorrow." In addition to complying with various requirements prior to requesting reimbursement, the subrecipient is also required to comply with various requirements, terms, and conditions post-payment, such as ensuring performance goals are achieved. OA officials indicated post-payment monitoring procedures are not necessary because extensive pre-payment monitoring procedures are performed for all payments. However, the pre-payment procedures alone are not sufficient to fully comply with the OA's subrecipient monitoring responsibilities to evaluate whether subrecipients complied with federal requirements and subaward terms and conditions, and subaward performance goals are achieved. Additionally, the OA did not formally communicate subrecipient monitoring responsibilities to the state agencies or ensure the state agencies performed monitoring reviews. Our review of subrecipient monitoring procedures at the 3 state agencies noted none of the agencies had developed written policies or procedures regarding subrecipient monitoring, and review procedures did not cover all significant compliance requirements or were not always documented. While officials of 2 state agencies indicated they perform detailed pre-payment reviews for compliance with allowable activities and allowable costs, period of performance, and local match requirements, officials of the other agency explained they and the OA review only summary invoices from the subrecipients prior to payment. Officials of the other state agency stated they review the supporting documentation during their annual monitoring process; however, such reviews had not been performed for the sampled items. While officials of 1 state agency indicated they review compliance with procurement requirements, officials of 2 agencies indicated they do not review compliance with procurement requirements. Additionally, while officials of 2 state agencies described various post-payment review procedures including reviews for compliance with certain requirements, reviews of documentation supporting expenditures of funds advanced to the subrecipient, billing reviews of documentation supporting summary invoices, and reviews of the final work product; officials of the other agency indicated post-payment reviews are not performed. In addition to noncompliance with subrecipient monitoring requirements, the failure to ensure sufficient monitoring procedures were performed and documented increases the risk that subrecipient noncompliance will not be prevented or detected timely. Subrecipient audits The OA did not conduct the required review of single audit reports for applicable SLFRF program subrecipients. The OA does not have procedures to verify every subrecipient had a single audit when required. Our review of subrecipient monitoring procedures at the 3 state agencies noted 1 agency had not established a process to monitor and follow up on single audit reports. Officials from the OA and the agency stated they were not aware of the requirement to verify that single audits were obtained. Each subrecipient that spent in excess of $750,000 in federal awards during its fiscal year must obtain a single audit in accordance with the UG within 9 months after the end of the fiscal year. In addition to noncompliance with subrecipient monitoring requirements, the failure to ensure subrecipients received required audits and to review and follow up on the related audit reports, increases the risk that subrecipient noncompliance will not be identified and addressed. Conclusions OA officials stated they believe their pre-payment review procedures satisfy most of their subrecipient monitoring requirements. However, as noted throughout the finding, these procedures alone do not substitute for, or remove, the OA's comprehensive subrecipient monitoring responsibilities which include performing risk assessments; monitoring for compliance with federal requirements and subaward terms and conditions, and ensuring subaward performance goals are achieved; and reviewing subrecipient single audit reports. OA officials further indicated the state agencies were responsible for some of the subrecipient monitoring requirements. However, without clear communication and monitoring of these responsibilities, the OA lacks assurance of compliance with all subrecipient monitoring requirements. Without an established subrecipient monitoring program, the OA cannot provide assurance subrecipients are complying with SLFRF program requirements and there is increased risk that noncompliance with program requirements or subaward terms and conditions will go undetected, or that subaward performance goals will not be achieved. In addition, a subrecipient monitoring program is necessary to demonstrate adequate internal controls over compliance with subrecipient monitoring requirements. Regulation 2 CFR Section 200.303(a) requires the non-federal entity to "[e]stablish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in Standards for Internal Control in the Federal Government, issued by the Comptroller General of the United States or the Internal Control Integrated Framework, issued by the Committee of Sponsoring Organizations of the Treadway Commission." Paragraph 3.10 of the Standards for Internal Control in the Federal Government, also known as the Green Book, states "[e]ffective documentation assists in management’s design of internal control by establishing and communicating the who, what, when, where, and why of internal control execution to personnel. Documentation also provides a means to retain organizational knowledge and mitigate the risk of having that knowledge limited to a few personnel, as well as a means to communicate that knowledge as needed to external parties, such as external auditors." Paragraph 12.01 states "[m]anagement should implement control activities through policies." Recommendations The OA: A. Develop policies and procedures to determine whether recipients of SLFRF program funds are subrecipients or contractors. Work with the state agencies to ensure accurate and documented determinations are prepared for all recipients, and modify subrecipient records as needed. B. Develop a subrecipient monitoring program in accordance with the Uniform Guidance, that includes performing risk assessments for each subrecipient for the purposes of determining the appropriate subrecipient monitoring procedures; monitoring for compliance with federal requirements and subaward terms and conditions, and ensuring subaward performance goals are achieved; and reviewing subrecipient single audit reports. Ensure tasks delegated to state agencies are adequately communicated and establish procedures to ensure those tasks are appropriately completed. Auditee's Response A. We partially agree with the auditor's finding. Our Corrective Action Plan includes an explanation and specific reasons for our disagreement and any planned actions to address the finding. B. We agree with the auditor's finding. Our Corrective Action Plan includes our planned actions to address the finding. Auditor's Comment Finding A. The OA Corrective Action Plan (CAP) states the OA disagrees with the recommendation to develop policies and procedures since the requirements are already stated in the Uniform Guidance and SLFRF program regulations. The CAP states the OA believes improved communication with the state agencies and ensuring compliance with federal regulations can be performed in lieu of developing policies and procedures. Because effective internal controls include documented policies and procedures that clearly communicate responsibilities and prevent misunderstandings, this finding is valid.
2023-005 – Subrecipient Monitoring – Community Services Block Grant, ALN 93.569 Criteria - 2 CFR Part 200.331 contains the requirements for pass-through entities. Organizations are required to evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring. Condition - The County did not follow the documented policy or procedure for evaluating potential subgrantees’ risk of noncompliance prior to award of subgrants for purposes of determining the appropriate subrecipient monitoring. Cause - The County was not aware of their own policy and the requirements of Uniform Guidance related to pass-through entities’ responsibility to perform and retain written risk assessment as part of subrecipient monitoring. Effect - The County has failed to comply with their own policy and therefore Uniform Guidance requirements with respect to evaluating the risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for each recipient. Therefore, the subrecipient monitoring performed during the year was not tailored to the risks present in their subrecipient entities. Context - The County does have a policy in place in conformity with the Federal Uniform Guidance criteria relating to evaluating the risk of noncompliance prior to awarding subgrants. However, the policy was not followed during the fiscal year under audit. Recommendation - We recommend that the County follow their policy to perform risk assessment procedures as part of the subgrant process so that subrecipients can be monitored as required by 2 CFR 200.331. Written documentation of the subrecipient’s risk of noncompliance should be completed and maintained prior to award approval. Views of Responsible Officials and Planned Corrective Actions - See Exhibit I.
2023-005 – Subrecipient Monitoring – Community Services Block Grant, ALN 93.569 Criteria - 2 CFR Part 200.331 contains the requirements for pass-through entities. Organizations are required to evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring. Condition - The County did not follow the documented policy or procedure for evaluating potential subgrantees’ risk of noncompliance prior to award of subgrants for purposes of determining the appropriate subrecipient monitoring. Cause - The County was not aware of their own policy and the requirements of Uniform Guidance related to pass-through entities’ responsibility to perform and retain written risk assessment as part of subrecipient monitoring. Effect - The County has failed to comply with their own policy and therefore Uniform Guidance requirements with respect to evaluating the risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for each recipient. Therefore, the subrecipient monitoring performed during the year was not tailored to the risks present in their subrecipient entities. Context - The County does have a policy in place in conformity with the Federal Uniform Guidance criteria relating to evaluating the risk of noncompliance prior to awarding subgrants. However, the policy was not followed during the fiscal year under audit. Recommendation - We recommend that the County follow their policy to perform risk assessment procedures as part of the subgrant process so that subrecipients can be monitored as required by 2 CFR 200.331. Written documentation of the subrecipient’s risk of noncompliance should be completed and maintained prior to award approval. Views of Responsible Officials and Planned Corrective Actions - See Exhibit I.
2023-005 – Subrecipient Monitoring – Community Services Block Grant, ALN 93.569 Criteria - 2 CFR Part 200.331 contains the requirements for pass-through entities. Organizations are required to evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring. Condition - The County did not follow the documented policy or procedure for evaluating potential subgrantees’ risk of noncompliance prior to award of subgrants for purposes of determining the appropriate subrecipient monitoring. Cause - The County was not aware of their own policy and the requirements of Uniform Guidance related to pass-through entities’ responsibility to perform and retain written risk assessment as part of subrecipient monitoring. Effect - The County has failed to comply with their own policy and therefore Uniform Guidance requirements with respect to evaluating the risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for each recipient. Therefore, the subrecipient monitoring performed during the year was not tailored to the risks present in their subrecipient entities. Context - The County does have a policy in place in conformity with the Federal Uniform Guidance criteria relating to evaluating the risk of noncompliance prior to awarding subgrants. However, the policy was not followed during the fiscal year under audit. Recommendation - We recommend that the County follow their policy to perform risk assessment procedures as part of the subgrant process so that subrecipients can be monitored as required by 2 CFR 200.331. Written documentation of the subrecipient’s risk of noncompliance should be completed and maintained prior to award approval. Views of Responsible Officials and Planned Corrective Actions - See Exhibit I.
2023-005 – Subrecipient Monitoring – Community Services Block Grant, ALN 93.569 Criteria - 2 CFR Part 200.331 contains the requirements for pass-through entities. Organizations are required to evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring. Condition - The County did not follow the documented policy or procedure for evaluating potential subgrantees’ risk of noncompliance prior to award of subgrants for purposes of determining the appropriate subrecipient monitoring. Cause - The County was not aware of their own policy and the requirements of Uniform Guidance related to pass-through entities’ responsibility to perform and retain written risk assessment as part of subrecipient monitoring. Effect - The County has failed to comply with their own policy and therefore Uniform Guidance requirements with respect to evaluating the risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for each recipient. Therefore, the subrecipient monitoring performed during the year was not tailored to the risks present in their subrecipient entities. Context - The County does have a policy in place in conformity with the Federal Uniform Guidance criteria relating to evaluating the risk of noncompliance prior to awarding subgrants. However, the policy was not followed during the fiscal year under audit. Recommendation - We recommend that the County follow their policy to perform risk assessment procedures as part of the subgrant process so that subrecipients can be monitored as required by 2 CFR 200.331. Written documentation of the subrecipient’s risk of noncompliance should be completed and maintained prior to award approval. Views of Responsible Officials and Planned Corrective Actions - See Exhibit I.
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Housing and Urban Development (HUD) AL No. 14.241 Housing Opportunities for Persons with AIDS Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: Yes; 2022-010 Condition: For 3 out of 3 selections, the Federal award identification number (FAIN) and the subrecipient's unique entity identifier (UEI) were not disclosed on the subaward. For 3 out of 3 selections, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Pursuant to 31 USC 7502(f)(2) (Single Audit Act Amendments of 1996 (Pub. L. No. 104-156)), 2 CFR sections 200.330, .331, and .501(h), a pass-through entity must identify the award and applicable requirements, evaluate risk, monitor, and ensure accountability of subrecipients. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit. (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Mayor’s Office of Homeless Services (MOHS) did not maintain adequate documentation of the requirements included in Uniform Guidance related to procedures required for subrecipient monitoring. Effect: MOHS was not in compliance with Uniform Guidance. Questioned Costs: Unknown. Recommendation: We recommend that MOHS establish and implement controls for the program and prepare and maintain a written plan to perform risk assessments on potential subrecipients. Additionally, we recommend that MOHS provides training on the Uniform Guidance requirements related to subrecipient monitoring. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated
U.S. Department of Health and Human Services AL No. 93.686 Ending the HIV Epidemic: A Plan for America Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 1 out of 1 selection, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with accounting requirements. For 1 out of 1 selection, we were unable to verify the subrecipient 's active registration on SAM.gov. For 1 out of 1 selection, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR 200.303: Internal Control, The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (f) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD was not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.686 Ending the HIV Epidemic: A Plan for America Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 1 out of 1 selection, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with accounting requirements. For 1 out of 1 selection, we were unable to verify the subrecipient 's active registration on SAM.gov. For 1 out of 1 selection, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR 200.303: Internal Control, The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (f) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD was not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.686 Ending the HIV Epidemic: A Plan for America Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 1 out of 1 selection, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with accounting requirements. For 1 out of 1 selection, we were unable to verify the subrecipient 's active registration on SAM.gov. For 1 out of 1 selection, there was no evidence that the prior year Single Audit Report was reviewed. Criteria: In accordance with 2 CFR 200.303: Internal Control, The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (f) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD was not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.914 HIV Emergency Relief Project Grants Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 7 out of 7 selections, we were unable to verify the subrecipient's active registration on SAM.gov. For 7 out of 7 selections, there was no evidence that subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR 200.303: Internal Control, The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: BCHD did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD was not in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains
U.S. Department of Health and Human Services AL No. 93.914 HIV Emergency Relief Project Grants Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 7 out of 7 selections, we were unable to verify the subrecipient's active registration on SAM.gov. For 7 out of 7 selections, there was no evidence that subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR 200.303: Internal Control, The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: BCHD did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD was not in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains
U.S. Department of Health and Human Services AL No. 93.914 HIV Emergency Relief Project Grants Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 7 out of 7 selections, we were unable to verify the subrecipient's active registration on SAM.gov. For 7 out of 7 selections, there was no evidence that subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR 200.303: Internal Control, The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: BCHD did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD was not in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains
U.S. Department of Health and Human Services AL No. 93.914 HIV Emergency Relief Project Grants Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 7 out of 7 selections, we were unable to verify the subrecipient's active registration on SAM.gov. For 7 out of 7 selections, there was no evidence that subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR 200.303: Internal Control, The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: BCHD did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD was not in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains
U.S. Department of Health and Human Services AL No. 93.914 HIV Emergency Relief Project Grants Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 7 out of 7 selections, we were unable to verify the subrecipient's active registration on SAM.gov. For 7 out of 7 selections, there was no evidence that subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR 200.303: Internal Control, The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: BCHD did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD was not in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains
U.S. Department of Health and Human Services AL No. 93.940 HIV Prevention Activities Health Department Based Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 2 out of 4 selections, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with Federal requirements. For 1 out of 4 selections, there was no approval on the subrecipient monitoring report. For 4 out of 4 selections, we were unable to verify the subrecipient’s active registration on SAM.gov. For 4 out of 4 selections, there was no evidence that the subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD may not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.940 HIV Prevention Activities Health Department Based Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 2 out of 4 selections, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with Federal requirements. For 1 out of 4 selections, there was no approval on the subrecipient monitoring report. For 4 out of 4 selections, we were unable to verify the subrecipient’s active registration on SAM.gov. For 4 out of 4 selections, there was no evidence that the subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD may not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.940 HIV Prevention Activities Health Department Based Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 2 out of 4 selections, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with Federal requirements. For 1 out of 4 selections, there was no approval on the subrecipient monitoring report. For 4 out of 4 selections, we were unable to verify the subrecipient’s active registration on SAM.gov. For 4 out of 4 selections, there was no evidence that the subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD may not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.940 HIV Prevention Activities Health Department Based Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 2 out of 4 selections, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with Federal requirements. For 1 out of 4 selections, there was no approval on the subrecipient monitoring report. For 4 out of 4 selections, we were unable to verify the subrecipient’s active registration on SAM.gov. For 4 out of 4 selections, there was no evidence that the subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD may not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.940 HIV Prevention Activities Health Department Based Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 2 out of 4 selections, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with Federal requirements. For 1 out of 4 selections, there was no approval on the subrecipient monitoring report. For 4 out of 4 selections, we were unable to verify the subrecipient’s active registration on SAM.gov. For 4 out of 4 selections, there was no evidence that the subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD may not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.940 HIV Prevention Activities Health Department Based Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 2 out of 4 selections, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with Federal requirements. For 1 out of 4 selections, there was no approval on the subrecipient monitoring report. For 4 out of 4 selections, we were unable to verify the subrecipient’s active registration on SAM.gov. For 4 out of 4 selections, there was no evidence that the subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD may not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
U.S. Department of Health and Human Services AL No. 93.940 HIV Prevention Activities Health Department Based Material Weakness in Internal Controls and Noncompliance over Subrecipient Monitoring Repeat Finding: No Condition: For 2 out of 4 selections, management was unable to provide evidence that subrecipient monitoring was performed to ensure compliance with Federal requirements. For 1 out of 4 selections, there was no approval on the subrecipient monitoring report. For 4 out of 4 selections, we were unable to verify the subrecipient’s active registration on SAM.gov. For 4 out of 4 selections, there was no evidence that the subrecipients’ Single Audit Report was reviewed. Criteria: In accordance with 2 CFR §200.303: The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. In accordance with 2 CFR §25.300: (a) A recipient may not make a subaward to a subrecipient unless that subrecipient has obtained and provided to the recipient a unique entity identifier. Subrecipients are not required to complete full SAM registration to obtain a unique entity identifier. (b) A recipient must notify any potential subrecipients that the recipient cannot make a subaward unless the subrecipient has obtained a unique entity identifier as described in paragraph (a) of this section. According to 2 CFR §200.332, all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the Federal award identification including the subrecipient's unique entity identifier, Federal Award Identification Number (FAIN), identification of whether the award is R&D and indirect cost rate for the Federal award. (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) the results of previous audits including whether or not the subrecipient receives a Single Audit (c) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. (e) Verify that every subrecipient is audited as required by 2 CFR § 200.331 when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501. Cause: The Baltimore City Health Department (BCHD) did not have proper controls in place to ensure the subrecipient monitoring requirements of the grant were met. Effect: BCHD may not be in compliance with the subrecipient monitoring requirements of the grant. Questioned Costs: Unknown. Recommendation: We recommend the City establish and implement controls to maintain compliance with subrecipient monitoring requirements. Auditee Response and Corrective Action Plan: Management agrees with the finding. Refer to the corrective action plan on current findings in Part V of this report. Auditor’s Conclusion: Finding remains as stated.
Assistance Listing 14.239 Home Investment Partnerships Program Assistance Listing 93.569 Community Services Block Grant Condition: The Office of Homeless Services (OHS) contracted with one subrecipient to provide services for both the Home Investment Partnerships Program (HOME) and Community Services Block Grant (CSBG). OHS did not perform a risk assessment to determine the appropriate monitoring of this subrecipient as required under 2 CFR §200.331(b). Funding for HOME is received from the U.S. Department of Housing and Urban Development. Funding for CSBG is received from the U.S. Department of Health and Human Services and passed through the PA Department of Community and Economic Development. Criteria: OMB’s Uniform Guidance 2 CFR §200.331(b) states that all pass-through entities must evaluate each subrecipient’s risk of noncompliance with federal statutes, regulations and the terms and conditions of the subaward for the purpose of determining the appropriate subrecipient monitoring to ensure proper accountability and compliance with program requirements. Effect:Without a risk assessment, OHS may not know how to properly plan subrecipient monitoring. They may over-monitor a subrecipient that should be considered low risk or under-monitor a subrecipient that should be considered high risk. Cause: OHS had not implemented policies and procedures to ensure the performance of risk assessments for all subrecipients. Recommendation: OHS should implement policies and procedures to ensure the performance of risk assessments for all subrecipients to determine the appropriate level of subrecipient monitoring. Views of the Responsible Officials and Corrective Action Plan: OHS is in the process of finalizing a risk assessment and a RA policy and procedure to ensure that the RAs are completed timely and inform our monitoring plan. Both will be in compliance with OMB’s Uniform Guidance 2 CFR §200.331(b). PHMC will be the first subrecipient that will be tested. We will provide that risk assessment to your office and our partners at DHCD when it is completed. It is the goal to have this RA finalized and all grant funded program providers assessed for risk by 12/31/2024. Contact Person: Jerome R. Hill, Director of Compliance, Office of Homeless Services, 215-686-0371, 215-520-3556
Assistance Listing 14.239 Home Investment Partnerships Program Assistance Listing 93.569 Community Services Block Grant Condition: The Office of Homeless Services (OHS) contracted with one subrecipient to provide services for both the Home Investment Partnerships Program (HOME) and Community Services Block Grant (CSBG). OHS did not perform a risk assessment to determine the appropriate monitoring of this subrecipient as required under 2 CFR §200.331(b). Funding for HOME is received from the U.S. Department of Housing and Urban Development. Funding for CSBG is received from the U.S. Department of Health and Human Services and passed through the PA Department of Community and Economic Development. Criteria: OMB’s Uniform Guidance 2 CFR §200.331(b) states that all pass-through entities must evaluate each subrecipient’s risk of noncompliance with federal statutes, regulations and the terms and conditions of the subaward for the purpose of determining the appropriate subrecipient monitoring to ensure proper accountability and compliance with program requirements. Effect:Without a risk assessment, OHS may not know how to properly plan subrecipient monitoring. They may over-monitor a subrecipient that should be considered low risk or under-monitor a subrecipient that should be considered high risk. Cause: OHS had not implemented policies and procedures to ensure the performance of risk assessments for all subrecipients. Recommendation: OHS should implement policies and procedures to ensure the performance of risk assessments for all subrecipients to determine the appropriate level of subrecipient monitoring. Views of the Responsible Officials and Corrective Action Plan: OHS is in the process of finalizing a risk assessment and a RA policy and procedure to ensure that the RAs are completed timely and inform our monitoring plan. Both will be in compliance with OMB’s Uniform Guidance 2 CFR §200.331(b). PHMC will be the first subrecipient that will be tested. We will provide that risk assessment to your office and our partners at DHCD when it is completed. It is the goal to have this RA finalized and all grant funded program providers assessed for risk by 12/31/2024. Contact Person: Jerome R. Hill, Director of Compliance, Office of Homeless Services, 215-686-0371, 215-520-3556
Name of Federal Agency and Pass-Through Agency: U.S. Department of the Treasury Compliance Requirements: Reporting Type of Finding: Significant Deficiency Amount of Questioned Costs: None Identification of Questioned Costs and How Computed: None identified COVID Related: Yes Repeat Finding: Repeat finding of 2022-004. When submitting required quarterly project and expenditure reports, the county improperly identified two entities as being subrecipients instead of contractors. Those responsible for the federal awards did not have a clear understanding of the difference between a subrecipient and a contractor. The reporting guidance was not clear on the definition of a subrecipient versus a contractor and resulted in a misunderstanding. Two entities could potentially be identified as subrecipients and therefore be subject to a single audit when they should not be. Per 2 CFR § 200.331, “a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursements of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor.” We recommend the county review the requirements for determining whether a disbursement qualifies as a payment to a subrecipient or a contractor and ensure all of those that administer federal funding have an understanding of the terms.
Assistance Listings number and name: 14.267 Continuum of Care Program Award number and year: AZ9999U9T002101, February 1, 2022 through June 30, 2023 Federal agency: U.S. Department of Housing and Urban Development Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Arizona Department of Housing (Department) awarded $4.5 million to 15 subrecipients during fiscal year 2023, or 90 percent of the Department’s $5.0 million total federal expenditures for this federal program, but did not perform all the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Specifically, the Department’s only monitoring procedure during the year consisted of reviewing and approving the subrecipients’ invoices of program expenditures for reimbursement, which we also found to be deficient during a review of 1 nonprofit subrecipient’s reimbursement requests. See financial statement finding 2023-06 and federal award finding 2023-116 for specific issues noted and related recommendations. Further, that procedure alone was insufficient to evaluate whether the subrecipients used program monies in accordance with the award terms and program requirements. Effect—The Department’s failure to perform all required monitoring increased the risk that the $4.5 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program requirements. If monies are spent inconsistent with program requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Consequently, the Department may be required to return any misspent monies to the federal agency in accordance with federal requirements.1 Cause—The Department did not perform all required monitoring procedures and did not have sufficient policies and procedures. Specifically, the Department did not develop and implement procedures to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Department should monitor until near the end of the grant period in May 2023. Prior to that, the Department had an informal process to identify subrecipients. Also, the Department did not develop and implement procedures to perform subrecipient risk assessments until March 2023 and had not yet resumed other subrecipient monitoring activities during fiscal year 2023, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities starting in fiscal year 2020 due to the COVID-19 pandemic. Additionally, the Department’s written policies and procedures lacked procedures for performing risk assessments; designing monitoring procedures, training, or technical assistance based upon the assessed risk; and verifying that a subrecipient received a single audit if it was expected to meet or exceed the federal expenditure threshold of $750,000 for requiring a single audit. Criteria—Federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the County should monitor (2 Code of Federal Regulation [CFR] §200.331). Additionally, federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. This federal regulation also provides that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §§200.332[b] and [d–f]). Further, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Update and follow written policies and procedures to: a. Evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Department should monitor. b. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. c. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. d. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 14.267 Continuum of Care Program Award number and year: AZ9999U9T002101, February 1, 2022 through June 30, 2023 Federal agency: U.S. Department of Housing and Urban Development Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Arizona Department of Housing (Department) awarded $4.5 million to 15 subrecipients during fiscal year 2023, or 90 percent of the Department’s $5.0 million total federal expenditures for this federal program, but did not perform all the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Specifically, the Department’s only monitoring procedure during the year consisted of reviewing and approving the subrecipients’ invoices of program expenditures for reimbursement, which we also found to be deficient during a review of 1 nonprofit subrecipient’s reimbursement requests. See financial statement finding 2023-06 and federal award finding 2023-116 for specific issues noted and related recommendations. Further, that procedure alone was insufficient to evaluate whether the subrecipients used program monies in accordance with the award terms and program requirements. Effect—The Department’s failure to perform all required monitoring increased the risk that the $4.5 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program requirements. If monies are spent inconsistent with program requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Consequently, the Department may be required to return any misspent monies to the federal agency in accordance with federal requirements.1 Cause—The Department did not perform all required monitoring procedures and did not have sufficient policies and procedures. Specifically, the Department did not develop and implement procedures to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Department should monitor until near the end of the grant period in May 2023. Prior to that, the Department had an informal process to identify subrecipients. Also, the Department did not develop and implement procedures to perform subrecipient risk assessments until March 2023 and had not yet resumed other subrecipient monitoring activities during fiscal year 2023, such as conducting on-site reviews and providing training and technical assistance, since suspending these activities starting in fiscal year 2020 due to the COVID-19 pandemic. Additionally, the Department’s written policies and procedures lacked procedures for performing risk assessments; designing monitoring procedures, training, or technical assistance based upon the assessed risk; and verifying that a subrecipient received a single audit if it was expected to meet or exceed the federal expenditure threshold of $750,000 for requiring a single audit. Criteria—Federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the County should monitor (2 Code of Federal Regulation [CFR] §200.331). Additionally, federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. This federal regulation also provides that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §§200.332[b] and [d–f]). Further, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that federal programs are being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Update and follow written policies and procedures to: a. Evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Department should monitor. b. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. c. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. d. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy. 1 Federal Uniform Guidance requires federal awarding agencies to follow up on audit findings and issue a management decision to ensure the recipient takes appropriate and timely corrective action (2 CFR §200.513[c]). Further, it requires that federal awarding agencies’ management decisions clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments, or take other action, as directed by the federal awarding agencies (2 CFR §200.521).
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.
Assistance Listings number and name: 21.027 COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Award number and year: None Federal agency: U.S. Department of the Treasury Compliance requirement: Subrecipient monitoring Questioned costs: Unknown Condition—The Department of Economic Security (Department) awarded $3.3 million to 11 subrecipients during fiscal year 2023, or 8.3 percent of the Department’s $40.2 million of total federal expenditures for this federal program, but did not perform the required monitoring of the subrecipients’ activities or compliance with the award terms and program requirements. Further, the Department improperly classified $2.4 million of contractor expenditures, or 6 percent of the program’s total federal expenditures, as subrecipient expenditures on the State’s initial schedule of expenditures of federal awards (SEFA). Effect—The Department’s failure to perform required monitoring increased the risk that the $3.3 million of program monies the Department awarded to subrecipients may not have been spent in accordance with the award terms and program or contract requirements. Further, the Department’s not properly reporting contractor versus subrecipient expenditures on the SEFA increased the risk that subrecipients are not properly identified and monitored by the Department. If monies are spent inconsistent with program and contract requirements, those who were intended to benefit from the program may not receive all the services or other benefits they otherwise would have received. Further, although the Department corrected the subrecipient misclassification error before the State issued its Single Audit Report, there is an increased risk that the State’s SEFA could contain significant errors and misinform those who are relying on the information. Cause—The Department lacked entity-wide subrecipient-monitoring policies and procedures for its divisions to follow and instead relied on each division administering the program to design and implement its own subrecipient-monitoring procedures. However, of the 2 Department divisions administering the program, 1 was not aware of the subrecipient-monitoring requirements, and the other did not follow its subrecipient-monitoring policies and procedures, as follows: • The Child and Community Services Division (CCSD) personnel responsible for monitoring 5 subrecipients reported that they were not aware of the program’s subrecipient-monitoring requirements because of the program manager being on extended leave, turnover in staff knowledgeable of these requirements, and lack of established policies and procedures over monitoring the program’s subrecipients’ activities. Further, neither the Department nor the CCSD personnel responsible for identifying subrecipients provided guidance to CCSD personnel responsible for subrecipient monitoring. • The CCSD personnel responsible for monitoring 6 subrecipients reported that they did not follow CCSD’s procedures for monitoring the program’s subrecipients’ activities because they were short-staffed and prioritized monitoring other federal and State grants’ subrecipients’ activities. Further, the incorrect determination and reporting of a subrecipient relationship on the initial SEFA resulted from the Department’s entity-wide form used to determine whether other parties receiving program monies had the role of a subrecipient or contractor lacking detailed guidance for determining the characteristics that support a subrecipient versus a contractor relationship. Criteria—Federal regulation requires the Department to monitor subrecipients, which includes required monitoring procedures for assessing the risk of each subrecipient’s noncompliance and monitoring activities based on those risk assessments; reviewing financial and performance reports, verifying single audits were conducted timely; following up on and ensuring corrective action is taken on audit findings that could potentially affect the program; and issuing a management decision for audit findings pertaining to the federal award. Those federal regulations also provide that monitoring procedures may include providing training or technical assistance on program-related matters and performing on-site reviews, selective audits, and/or other monitoring procedures (2 CFR §200.332[b] and [d–e]). Further, federal regulation requires the Department to evaluate the substance of its federal award agreements with other parties to determine whether each of the other parties receiving the monies have the role of a subrecipient or contractor and whether they are required to comply with any of the federal program’s requirements that the Division should monitor (2 CFR §200.331). Finally, federal regulation requires establishing and maintaining effective internal control over federal awards that provides reasonable assurance that the federal program is being managed in compliance with all applicable laws, regulations, and award terms (2 CFR §200.303). Recommendations—The Department should: 1. Perform required monitoring of its subrecipients and their compliance with the award terms and program requirements. 2. Properly classify and report subrecipient expenditures on the State’s SEFA. 3. Develop, implement, and train all divisions on entity-wide written subrecipient-monitoring policies and procedures requiring all divisions to: a. Assess the risk of each subrecipient’s noncompliance and carry out monitoring activities based on those risk assessments such as reviewing financial and performance reports, providing training or technical assistance on program-related matters, and performing on-site reviews, selective audits, and/or other monitoring procedures. b. Verify subrecipients receive timely single audits, if required; follow up on and ensure that corrective action is taken on any audit findings that could potentially affect the program; and issue management decisions for any audit findings pertaining to the federal award. c. Maintain documentation of monitoring procedures demonstrating they were performed, including the monitoring procedures’ results and any Department actions taken, if appropriate. 4. Allocate sufficient resources, such as staffing, to comply with the award terms and program requirements, and designate individuals within each division to perform necessary subrecipient-monitoring procedures. 5. Update the form it uses to determine whether other parties receiving program monies have the role of a subrecipient or contractor to include guidance for how to determine each characteristic of a subrecipient and contractor relationship and require a conclusion to be documented. In addition, train staff to properly complete the form and perform supervisory reviews of it. The State’s corrective action plan at the end of this report includes the views and planned corrective action of its responsible officials. We are not required to audit and have not audited these responses and planned corrective actions and therefore provide no assurances as to their accuracy.