Subrecipient Monitoring Federal Program: Department of Health and Human Services Federal Assistance Listing No. 93.044, 93.045, and 93.053 - Aging Cluster Criteria: Uniform Guidance requires pass-through entities to oversee the activities of service providers with respect to provision of services, reporting, voluntary contributions, and coordination of services under 2 CFR 200.332. Condition: The Agency Board did not comply with the Uniform Guidance requirement to evaluate each subrecipient's risk of non-compliance and to monitor activities to ensure the federal award is used for authorized purposes. Questioned Costs: $0 Cause: The Agency's internal control did not effectively identify policies and procedures for monitoring subrecipients, and the Agency did not comply with federal requirements regarding subrecipient monitoring. The Agency experienced significant key employee turnover during the year. Effect: The Agency was not in compliance with Uniform Guidance 2 CFR 200.332. Recommendation: We recommend the Agency monitors its subrecipients regularly. View of Responsible Officials and Planned Corrective Action: Management agrees with the finding and in March 2023, the Agency hired a new Executive Director and in August 2023, a new Fiscal Officer. The new management team has implemented policies and procedures to comply with subrecipient monitoring requirements.
Subrecipient Monitoring Federal Program: Department of Health and Human Services Federal Assistance Listing No. 93.044, 93.045, and 93.053 - Aging Cluster Criteria: Uniform Guidance requires pass-through entities to oversee the activities of service providers with respect to provision of services, reporting, voluntary contributions, and coordination of services under 2 CFR 200.332. Condition: The Agency Board did not comply with the Uniform Guidance requirement to evaluate each subrecipient's risk of non-compliance and to monitor activities to ensure the federal award is used for authorized purposes. Questioned Costs: $0 Cause: The Agency's internal control did not effectively identify policies and procedures for monitoring subrecipients, and the Agency did not comply with federal requirements regarding subrecipient monitoring. The Agency experienced significant key employee turnover during the year. Effect: The Agency was not in compliance with Uniform Guidance 2 CFR 200.332. Recommendation: We recommend the Agency monitors its subrecipients regularly. View of Responsible Officials and Planned Corrective Action: Management agrees with the finding and in March 2023, the Agency hired a new Executive Director and in August 2023, a new Fiscal Officer. The new management team has implemented policies and procedures to comply with subrecipient monitoring requirements.
Subrecipient Monitoring Federal Program: Department of Health and Human Services Federal Assistance Listing No. 93.044, 93.045, and 93.053 - Aging Cluster Criteria: Uniform Guidance requires pass-through entities to oversee the activities of service providers with respect to provision of services, reporting, voluntary contributions, and coordination of services under 2 CFR 200.332. Condition: The Agency Board did not comply with the Uniform Guidance requirement to evaluate each subrecipient's risk of non-compliance and to monitor activities to ensure the federal award is used for authorized purposes. Questioned Costs: $0 Cause: The Agency's internal control did not effectively identify policies and procedures for monitoring subrecipients, and the Agency did not comply with federal requirements regarding subrecipient monitoring. The Agency experienced significant key employee turnover during the year. Effect: The Agency was not in compliance with Uniform Guidance 2 CFR 200.332. Recommendation: We recommend the Agency monitors its subrecipients regularly. View of Responsible Officials and Planned Corrective Action: Management agrees with the finding and in March 2023, the Agency hired a new Executive Director and in August 2023, a new Fiscal Officer. The new management team has implemented policies and procedures to comply with subrecipient monitoring requirements.
Subrecipient Monitoring Federal Program: Department of Health and Human Services Federal Assistance Listing No. 93.044, 93.045, and 93.053 - Aging Cluster Criteria: Uniform Guidance requires pass-through entities to oversee the activities of service providers with respect to provision of services, reporting, voluntary contributions, and coordination of services under 2 CFR 200.332. Condition: The Agency Board did not comply with the Uniform Guidance requirement to evaluate each subrecipient's risk of non-compliance and to monitor activities to ensure the federal award is used for authorized purposes. Questioned Costs: $0 Cause: The Agency's internal control did not effectively identify policies and procedures for monitoring subrecipients, and the Agency did not comply with federal requirements regarding subrecipient monitoring. The Agency experienced significant key employee turnover during the year. Effect: The Agency was not in compliance with Uniform Guidance 2 CFR 200.332. Recommendation: We recommend the Agency monitors its subrecipients regularly. View of Responsible Officials and Planned Corrective Action: Management agrees with the finding and in March 2023, the Agency hired a new Executive Director and in August 2023, a new Fiscal Officer. The new management team has implemented policies and procedures to comply with subrecipient monitoring requirements.
2 CFR § 3474.1 provides the Department of Education (DOE) adopts the Office of Management and Budget (OMB) Guidance in 2 CFR part 200, except for 2 CFR § 200.102(a) and 2 CFR § 200.207(a). Thus, this part gives regulatory effect to the OMB guidance and supplements the guidance as needed for the DOE. 2 CFR § 200.329(a) provides that the non-Federal entity is responsible for oversight of the operations of the Federal award supported activities. The non-Federal entity must monitor its activities under Federal awards to assure compliance with applicable Federal requirements and performance expectations are being achieved. Monitoring by the non-Federal entity must cover each program, function or activity. See also § 200.332. 2 CFR § 200.302(b)(2) provides, in part, that the financial management system of each non-Federal entity must provide for accurate, current, and complete disclosure of the financial results of each Federal award or program in accordance with the reporting requirements set forth in §§ 200.328 and 200.329. 2 CFR § 200.332(d) provides, in part, that a pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) reviewing financial and performance reports required by the pass-through entity. The Ohio Department of Education requires school districts to file a Final Expenditure Report each year by September 30, unless stated otherwise in the grant application. ODE further requires subgrantees to obligate funds within the approved project period as set forth in the approved application and to liquidate said obligations not later than 90 days after the end of the project period for electronic applications for grants, with obligations having the same meaning as in 2 CFR §§ 200.343 and 200.1. ODE also requires all allowable grant expenditures obligated by the project end date as designated in the grant agreement to be reported in the FER. The District did file the Final Expenditure Report with ODE before the required reporting deadline, however, due to deficiencies in the internal policies and procedures over Federal compliance, the District did not exclude the prior grant year expenditures obligated during the prior fiscal year, but not paid until after June 30, 2022. This resulted in expenditures being overreported in the amount of $78,795; however, this oversight did not result in additional federal funding. Failure to file accurate financial information in the Final Expenditure Report could lead to material misstatements and could impact future grant funding. The District should review the Final Expenditure Report before submission to help ensure all required amounts are included.
2 CFR § 3474.1 provides the Department of Education (DOE) adopts the Office of Management and Budget (OMB) Guidance in 2 CFR part 200, except for 2 CFR § 200.102(a) and 2 CFR § 200.207(a). Thus, this part gives regulatory effect to the OMB guidance and supplements the guidance as needed for the DOE. 2 CFR § 200.329(a) provides that the non-Federal entity is responsible for oversight of the operations of the Federal award supported activities. The non-Federal entity must monitor its activities under Federal awards to assure compliance with applicable Federal requirements and performance expectations are being achieved. Monitoring by the non-Federal entity must cover each program, function or activity. See also § 200.332. 2 CFR § 200.302(b)(2) provides, in part, that the financial management system of each non-Federal entity must provide for accurate, current, and complete disclosure of the financial results of each Federal award or program in accordance with the reporting requirements set forth in §§ 200.328 and 200.329. 2 CFR § 200.332(d) provides, in part, that a pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) reviewing financial and performance reports required by the pass-through entity. The Ohio Department of Education requires school districts to file a Final Expenditure Report each year by September 30, unless stated otherwise in the grant application. ODE further requires subgrantees to obligate funds within the approved project period as set forth in the approved application and to liquidate said obligations not later than 90 days after the end of the project period for electronic applications for grants, with obligations having the same meaning as in 2 CFR §§ 200.343 and 200.1. ODE also requires all allowable grant expenditures obligated by the project end date as designated in the grant agreement to be reported in the FER. The District did file the Final Expenditure Report with ODE before the required reporting deadline, however, due to deficiencies in the internal policies and procedures over Federal compliance, the District did not exclude the prior grant year expenditures obligated during the prior fiscal year, but not paid until after June 30, 2022. This resulted in expenditures being overreported in the amount of $78,795; however, this oversight did not result in additional federal funding. Failure to file accurate financial information in the Final Expenditure Report could lead to material misstatements and could impact future grant funding. The District should review the Final Expenditure Report before submission to help ensure all required amounts are included.
Program: Emergency Solutions Grant Program (ESG) ALN #: 14.231 Federal Agency: Housing and Urban Development Federal Award Numbers: E-20-MC-25-005, E-21-MC-25-0005, E-22-MC-25-0005, E-20-MW-25-005, and E-20-MW-35-005 Award Year: July 1, 2022–June 30, 2023 Subrecipient Monitoring Type of finding: Material weakness and noncompliance Prior-year finding: Yes Statistically valid sample: No Criteria The 2 CFR sections 200.332(d) through (f) provide the principles to be applied to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. According to 2 CFR 200.303, the nonfederal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the nonfederal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition The City does not have properly designed controls and documented procedures in place to ensure compliance with the following requirements: • Each subrecipients risk of noncompliance is appropriately evaluated. • Verification that subrecipients are audited as required when they are expected to exceed the threshold for having a single audit. During our audit, we noted that audited financial statements were obtained for the four subrecipients selected for testing, but there was no documentation to evidence the nature and extent of the City’s review of the audit reports obtained. Additionally, a documented risk assessment was not performed by the City over the four subrecipients selected for testing prior to entering into a contract. Cause The City requires that audited financial statements are obtained for subrecipients, but there is no checklist or formal documentation required to indicate what should be reviewed when reviewing the audit reports to ensure compliance with subrecipient monitoring requirements. Additionally, the City requires a risk assessment be completed over each subrecipient. However, due to time constraints, a risk assessment was not completed. Effect Lack of effective controls and written policies and procedures over subrecipient monitoring could result in the City’s noncompliance with program requirements. Questioned Costs None Recommendation We recommend the City establish a checklist or formal documentation requirements for both risk assessments and review of single audit report procedures. Employees can complete these checklists when obtaining subrecipient audit reports to ensure required monitoring procedures are performed and well documented. Views of Responsible Officials and Corrective Actions The City has established an Audit Review Certification form that is completed by employees to formally document review of subrecipient agencies' audit reports. Implementation Date The City implemented use of the Audit Review Certification form starting in Spring 2023 as part of the ESG subrecipient application process for the FY24 program year beginning July 1, 2023, and will continue use of the form for the FY25 program year beginning on July 1, 2024. Responsible Officials Anthony Woods, Planner and Contract Manager, and Liz Mengers, Planning and Development Manager
Program: Emergency Solutions Grant Program (ESG) ALN #: 14.231 Federal Agency: Housing and Urban Development Federal Award Numbers: E-20-MC-25-005, E-21-MC-25-0005, E-22-MC-25-0005, E-20-MW-25-005, and E-20-MW-35-005 Award Year: July 1, 2022–June 30, 2023 Subrecipient Monitoring Type of finding: Material weakness and noncompliance Prior-year finding: Yes Statistically valid sample: No Criteria The 2 CFR sections 200.332(d) through (f) provide the principles to be applied to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. According to 2 CFR 200.303, the nonfederal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the nonfederal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition The City does not have properly designed controls and documented procedures in place to ensure compliance with the following requirements: • Each subrecipients risk of noncompliance is appropriately evaluated. • Verification that subrecipients are audited as required when they are expected to exceed the threshold for having a single audit. During our audit, we noted that audited financial statements were obtained for the four subrecipients selected for testing, but there was no documentation to evidence the nature and extent of the City’s review of the audit reports obtained. Additionally, a documented risk assessment was not performed by the City over the four subrecipients selected for testing prior to entering into a contract. Cause The City requires that audited financial statements are obtained for subrecipients, but there is no checklist or formal documentation required to indicate what should be reviewed when reviewing the audit reports to ensure compliance with subrecipient monitoring requirements. Additionally, the City requires a risk assessment be completed over each subrecipient. However, due to time constraints, a risk assessment was not completed. Effect Lack of effective controls and written policies and procedures over subrecipient monitoring could result in the City’s noncompliance with program requirements. Questioned Costs None Recommendation We recommend the City establish a checklist or formal documentation requirements for both risk assessments and review of single audit report procedures. Employees can complete these checklists when obtaining subrecipient audit reports to ensure required monitoring procedures are performed and well documented. Views of Responsible Officials and Corrective Actions The City has established an Audit Review Certification form that is completed by employees to formally document review of subrecipient agencies' audit reports. Implementation Date The City implemented use of the Audit Review Certification form starting in Spring 2023 as part of the ESG subrecipient application process for the FY24 program year beginning July 1, 2023, and will continue use of the form for the FY25 program year beginning on July 1, 2024. Responsible Officials Anthony Woods, Planner and Contract Manager, and Liz Mengers, Planning and Development Manager
Program: HOME Investment Partnerships Program (HOME) ALN #: 14.239 Federal Agency: Department of Housing and Urban Development Federal Award Number: M22-MC250202 Award Year: July 1, 2022–June 30, 2023 Eligibility/Subrecipient Monitoring Type of finding: Noncompliance Prior-year finding: No Statistically valid sample: No Criteria 24 CFR 92.252, Qualification as affordable housing: Rental housing (e) Periods of affordability. The HOME-assisted units must meet the affordability requirements for not less than the applicable period specified in the following table, beginning after project completion. (1) The affordability requirements: (i) Apply without regard to the term of any loan or mortgage, repayment of the HOME investment, or the transfer of ownership (ii) Must be imposed by a deed restriction, a covenant running with the land, an agreement restricting the use of the property, or other mechanisms approved by HUD and must give the participating jurisdiction the right to require specific performance (except that the participating jurisdiction may provide that the affordability restrictions may terminate upon foreclosure or transfer in lieu of foreclosure) (iii) Must be recorded in accordance with State recordation laws. (2) The participating jurisdiction may use purchase options, rights of first refusal, or other preemptive rights to purchase the housing before foreclosure or deed in lieu of foreclosure in order to preserve affordability. (3) The affordability restrictions shall be revived according to the original terms if, during the original affordability period, the owner of record before the foreclosure, or deed in lieu of foreclosure, or any entity that includes the former owner or those with whom the former owner has or had family or business ties obtains an ownership interest in the project or property. 4) The termination of the restrictions on the project does not terminate the participating jurisdiction’s repayment obligation under § 92.503(b). (h) Tenant income. The income of each tenant must be determined initially in accordance with § 92.203(a)(1)(i). In addition, each year during the period of affordability the project owner must reexamine each tenant’s annual income in accordance with one of the options in § 92.203 selected by the participating jurisdiction. 24 CFR92.203 Income determinations (a) The HOME program has income-targeting requirements for the HOME program and for HOME projects. Therefore, the participating jurisdiction must determine each family is income eligible by determining the family’s annual income. (1) For families who are tenants in HOME-assisted housing and not receiving HOME tenant-based rental assistance, the participating jurisdiction must initially determine annual income using the method in paragraph (a)(1)(i) of this section. For subsequent income determinations during the period of affordability, the participating jurisdiction may use any one of the following methods in accordance with § 92.252(h): (ii) Obtain from the family a written statement of the amount of the family’s annual income and family size, along with a certification that the information is complete and accurate. The certification must state that the family will provide source documents upon request. Title 45 US Code of Federal Regulations Part 75 (45 CFR part 75), Uniform Administrative Requirements, Cost Principles, and Audit Requirements for HHS Awards, section 75.303 also states that nonfederal entities must establish and maintain effective internal control over the federal award that provides reasonable assurance that the nonfederal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Additionally, the 2 CFR sections 200.332(d) through (f) provide the principles to be applied to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. Condition During our testwork, we noted there were two individuals residing in a facility financed with a City HOME loan who did not meet the low-income requirements and were therefore determined not to be eligible. Cause The City’s property manager failed to ensure that another unit, or the next available unit, within the building would be designated as a HOME-floating unit as required in its loan agreement with the City. Effect Ineligible recipients could potentially cause the City to not be in compliance with HUD requirements. Questioned Costs Not determinable Recommendation We recommend the City work collaboratively with its property managers to ensure that the correct number of units are being designated as HOME-assisted units. Views of Responsible Officials and Corrective Actions The two individuals determined to have incomes in excess of HOME Program limits were noted in our FY23 monitoring of properties assisted with HOME funds. The HOME Program allows for a unit to be occupied by a household who was initially eligible and whose income later increases, but requires that a comparable unit be designated as a HOME unit and leased to an eligible household when one is available. Owners of each property were made aware of the circumstance when City monitoring was completed. Each will designate comparable units to be HOME units when available and lease them to eligible households. Implementation Date Dependent on when residents move and/or appropriate units are available. Responsible Officials Chris Cotter, Housing Director & Judith Tumusiime, Federal Grants Manager, Cambridge Community Development Department
Program: Housing Opportunities for Persons with AIDS (HOPWA) ALN #: 14.241 Federal Agency: Housing and Urban Development Federal Award Numbers: MAH22-F005, MAH20-F005, and MAH21-F005 Award Year: July 1, 2022–June 30, 2023 Subrecipient Monitoring Type of finding: Material weakness and noncompliance Prior-year finding: No Statistically valid sample: No Criteria The 2 CFR sections 200.332(d) through (f) provide the principles to be applied to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. According to 2 CFR 200.303, the nonfederal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the nonfederal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition The City does not have properly designed controls and documented procedures in place to ensure compliance with the following requirements: • Each subrecipients risk of noncompliance is appropriately evaluated. • Verification that subrecipients are audited as required when they are expected to exceed the threshold for having a single audit. During our audit, we noted that audited financial statements were obtained for the four subrecipients selected for testing, but there was no documentation to evidence the nature and extent of the City’s review of the reports obtained. Additionally, a documented risk assessment was not performed by the City over the four subrecipients selected for testing prior to entering into a contract. Cause The City requires that audited financial statements are obtained for subrecipients, but there is no checklist or formal documentation required to indicate what should be reviewed when reviewing the audit reports to ensure compliance with subrecipient monitoring requirements. Additionally, the City requires a risk assessment be completed over each subrecipient. However, due to time constraints, a risk assessment was not completed. Effect Lack of effective controls and written policies and procedures over subrecipient monitoring could result in the City’s noncompliance with program requirements. Questioned Costs None Recommendation We recommend the City establish a checklist or formal documentation requirements for both risk assessments and review of single audit report procedures. Employees can complete these checklists when obtaining subrecipient audit reports to ensure required monitoring procedures are performed and well documented. Views of Responsible Officials and Corrective Actions The City will incorporate a more formal review of financial audits of subrecipients in conjunction with new contracts moving forward. These audits, and City staff’s verification of assessment will be included in each subrecipient file. Implementation Date FY2025 Contracts Responsible Officials Robert Keller, Project Planner, Cambridge Community Development Department, and Judith Tumusiime, Federal Grants Manager, Cambridge Community Development Department
Program: Housing Opportunities for Persons with AIDS (HOPWA) ALN #: 14.241 Federal Agency: Housing and Urban Development Federal Award Numbers: MAH22-F005, MAH20-F005, and MAH21-F005 Award Year: July 1, 2022–June 30, 2023 Subrecipient Monitoring Type of finding: Material weakness and noncompliance Prior-year finding: No Statistically valid sample: No Criteria The 2 CFR sections 200.332(d) through (f) provide the principles to be applied to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. According to 2 CFR 200.303, the nonfederal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the nonfederal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition The City does not have properly designed controls and documented procedures in place to ensure compliance with the following requirements: • Each subrecipients risk of noncompliance is appropriately evaluated. • Verification that subrecipients are audited as required when they are expected to exceed the threshold for having a single audit. During our audit, we noted that audited financial statements were obtained for the four subrecipients selected for testing, but there was no documentation to evidence the nature and extent of the City’s review of the reports obtained. Additionally, a documented risk assessment was not performed by the City over the four subrecipients selected for testing prior to entering into a contract. Cause The City requires that audited financial statements are obtained for subrecipients, but there is no checklist or formal documentation required to indicate what should be reviewed when reviewing the audit reports to ensure compliance with subrecipient monitoring requirements. Additionally, the City requires a risk assessment be completed over each subrecipient. However, due to time constraints, a risk assessment was not completed. Effect Lack of effective controls and written policies and procedures over subrecipient monitoring could result in the City’s noncompliance with program requirements. Questioned Costs None Recommendation We recommend the City establish a checklist or formal documentation requirements for both risk assessments and review of single audit report procedures. Employees can complete these checklists when obtaining subrecipient audit reports to ensure required monitoring procedures are performed and well documented. Views of Responsible Officials and Corrective Actions The City will incorporate a more formal review of financial audits of subrecipients in conjunction with new contracts moving forward. These audits, and City staff’s verification of assessment will be included in each subrecipient file. Implementation Date FY2025 Contracts Responsible Officials Robert Keller, Project Planner, Cambridge Community Development Department, and Judith Tumusiime, Federal Grants Manager, Cambridge Community Development Department
Program: Coronavirus State and Local Fiscal Recovery Funds ALN #: 21.027 Federal Agency: U.S. Department of Treasury Federal Award Number: NA Award Year: July 1, 2022–June 30, 2023 Subrecipient Monitoring Type of finding: Material weakness and noncompliance Prior-year finding: Yes Statistically valid sample: No Criteria The 2 CFR sections 200.332(d) through (f) provide the principles to be applied to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. According to 2 CFR 200.303, the non-federal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the nonfederal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition The City does not have properly designed controls and documented procedures in place to ensure compliance with the following requirements: • Each subrecipients risk of noncompliance is appropriately evaluated. • Verification that subrecipients are audited as required when they are expected to exceed the threshold for having a single audit. During our audit, we noted that audited financial statements were obtained for the four subrecipients selected for testing, but there was no documentation to evidence the nature and extent of the City’s review of the audit reports obtained. Additionally, a documented risk assessment was not performed by the City over the four subrecipients selected for testing prior to entering into a contract. Cause The City requires that audited financial statements are obtained for subrecipients, but there is no checklist or formal documentation required to indicate what should be reviewed when reviewing the audit reports to ensure compliance with subrecipient monitoring requirements. Additionally, the City requires a risk assessment be completed over each subrecipient. However, due to time constraints, a risk assessment was not completed or documented. Effect Lack of effective controls and written policies and procedures over subrecipient monitoring could result in the City’s noncompliance with program requirements. Questioned Costs None Recommendation We recommend the City establish a checklist or formal documentation requirements for both risk assessments and review of single audit report procedures. Employees can complete these checklists when obtaining subrecipient audit reports to ensure required monitoring procedures are performed and well documented. Views of Responsible Officials and Corrective Actions The City will use a subrecipient audit certification form and a subrecipient risk assessment questionnaire to evaluate a subrecipient's risk/experience with federal funds as well as assess their federal funding threshold for having a single audit. Implementation Date FY25 Contracts (7/1/2024) Responsible Officials Michele Kincaid, Assistant Finance Director, and Sharon Pu, Grants Management
Program: Coronavirus State and Local Fiscal Recovery Funds ALN #: 21.027 Federal Agency: U.S. Department of Treasury Federal Award Number: NA Award Year: July 1, 2022–June 30, 2023 Subrecipient Monitoring Type of finding: Material weakness and noncompliance Prior-year finding: Yes Statistically valid sample: No Criteria The 2 CFR sections 200.332(d) through (f) provide the principles to be applied to monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. According to 2 CFR 200.303, the non-federal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the nonfederal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition The City does not have properly designed controls and documented procedures in place to ensure compliance with the following requirements: • Each subrecipients risk of noncompliance is appropriately evaluated. • Verification that subrecipients are audited as required when they are expected to exceed the threshold for having a single audit. During our audit, we noted that audited financial statements were obtained for the four subrecipients selected for testing, but there was no documentation to evidence the nature and extent of the City’s review of the audit reports obtained. Additionally, a documented risk assessment was not performed by the City over the four subrecipients selected for testing prior to entering into a contract. Cause The City requires that audited financial statements are obtained for subrecipients, but there is no checklist or formal documentation required to indicate what should be reviewed when reviewing the audit reports to ensure compliance with subrecipient monitoring requirements. Additionally, the City requires a risk assessment be completed over each subrecipient. However, due to time constraints, a risk assessment was not completed or documented. Effect Lack of effective controls and written policies and procedures over subrecipient monitoring could result in the City’s noncompliance with program requirements. Questioned Costs None Recommendation We recommend the City establish a checklist or formal documentation requirements for both risk assessments and review of single audit report procedures. Employees can complete these checklists when obtaining subrecipient audit reports to ensure required monitoring procedures are performed and well documented. Views of Responsible Officials and Corrective Actions The City will use a subrecipient audit certification form and a subrecipient risk assessment questionnaire to evaluate a subrecipient's risk/experience with federal funds as well as assess their federal funding threshold for having a single audit. Implementation Date FY25 Contracts (7/1/2024) Responsible Officials Michele Kincaid, Assistant Finance Director, and Sharon Pu, Grants Management
Reference Number: 2023-007 Federal Agency: U.S. Department of Treasury Federal Program: COVID-19 – Coronavirus State and Local Fiscal Recovery Funds Assistance Listing Number: 21.027 Award Number and Year: 2021 Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Controls over Compliance, Other Matters Criteria or Specific Requirement: Compliance - 2 CFR Section 200.332 – Requirements for Pass-Through Entities states in part, that all pass-through entities must: (a) Verify that every subrecipient is audited as required by Subpart F – Audit Requirements of this part when it is expected that the subrecipient’s Federal award expended during the respective fiscal year equaled or exceeded the threshold set forth in section 200.501 Audit requirements. Control - Per 2 CDF 200.303(a), a non-Federal entity must: Establish a maintain effective internal control over the federal award that provides reasonable assurance that the non-Federal entity is managing the federal award in compliance with federal statues, regulations, and the terms and conditions of the federal awards. These internal controls should comply with guidance in "Standards for Internal Control in the Federal Government" issued by the Comptroller General of the United States or the "Internal Control Integrated Framework", issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The County was not able to provide support to show it ensured its subrecipients were audited as required by 2 CFR Part 200 Subpart F – Audit Requirements (Subpart F). Context: Exceptions were noted for 8 of 8 subrecipients selected for testing: • The County was unable to provide support that it ensured the subrecipient was audited as required by Subpart F. The County could not produce evidence of verification that the subrecipient’s Federal awards expended during the fiscal year were below the threshold set forth in section 200.501 Audit Requirements. Cause: The County did not establish effective internal controls and procedures over subrecipient monitoring. Effect: Without ensuring subrecipients have obtained audits as required by Subpart F, there is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple years, and these discrepancies may not be properly monitored, detected, and corrected by the County personnel on a timely basis. Questioned Costs: Undetermined. Recommendation: The County should review and enhance internal controls and procedures to ensure that evaluation of independent audits is performed. Views of Responsible Officials: The County agrees with this finding. See separate Correction Action Plan related to this finding.
Reference Number: 2023-007 Federal Agency: U.S. Department of Treasury Federal Program: COVID-19 – Coronavirus State and Local Fiscal Recovery Funds Assistance Listing Number: 21.027 Award Number and Year: 2021 Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Controls over Compliance, Other Matters Criteria or Specific Requirement: Compliance - 2 CFR Section 200.332 – Requirements for Pass-Through Entities states in part, that all pass-through entities must: (a) Verify that every subrecipient is audited as required by Subpart F – Audit Requirements of this part when it is expected that the subrecipient’s Federal award expended during the respective fiscal year equaled or exceeded the threshold set forth in section 200.501 Audit requirements. Control - Per 2 CDF 200.303(a), a non-Federal entity must: Establish a maintain effective internal control over the federal award that provides reasonable assurance that the non-Federal entity is managing the federal award in compliance with federal statues, regulations, and the terms and conditions of the federal awards. These internal controls should comply with guidance in "Standards for Internal Control in the Federal Government" issued by the Comptroller General of the United States or the "Internal Control Integrated Framework", issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The County was not able to provide support to show it ensured its subrecipients were audited as required by 2 CFR Part 200 Subpart F – Audit Requirements (Subpart F). Context: Exceptions were noted for 8 of 8 subrecipients selected for testing: • The County was unable to provide support that it ensured the subrecipient was audited as required by Subpart F. The County could not produce evidence of verification that the subrecipient’s Federal awards expended during the fiscal year were below the threshold set forth in section 200.501 Audit Requirements. Cause: The County did not establish effective internal controls and procedures over subrecipient monitoring. Effect: Without ensuring subrecipients have obtained audits as required by Subpart F, there is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple years, and these discrepancies may not be properly monitored, detected, and corrected by the County personnel on a timely basis. Questioned Costs: Undetermined. Recommendation: The County should review and enhance internal controls and procedures to ensure that evaluation of independent audits is performed. Views of Responsible Officials: The County agrees with this finding. See separate Correction Action Plan related to this finding.
Reference Number: 2023-007 Federal Agency: U.S. Department of Treasury Federal Program: COVID-19 – Coronavirus State and Local Fiscal Recovery Funds Assistance Listing Number: 21.027 Award Number and Year: 2021 Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Controls over Compliance, Other Matters Criteria or Specific Requirement: Compliance - 2 CFR Section 200.332 – Requirements for Pass-Through Entities states in part, that all pass-through entities must: (a) Verify that every subrecipient is audited as required by Subpart F – Audit Requirements of this part when it is expected that the subrecipient’s Federal award expended during the respective fiscal year equaled or exceeded the threshold set forth in section 200.501 Audit requirements. Control - Per 2 CDF 200.303(a), a non-Federal entity must: Establish a maintain effective internal control over the federal award that provides reasonable assurance that the non-Federal entity is managing the federal award in compliance with federal statues, regulations, and the terms and conditions of the federal awards. These internal controls should comply with guidance in "Standards for Internal Control in the Federal Government" issued by the Comptroller General of the United States or the "Internal Control Integrated Framework", issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The County was not able to provide support to show it ensured its subrecipients were audited as required by 2 CFR Part 200 Subpart F – Audit Requirements (Subpart F). Context: Exceptions were noted for 8 of 8 subrecipients selected for testing: • The County was unable to provide support that it ensured the subrecipient was audited as required by Subpart F. The County could not produce evidence of verification that the subrecipient’s Federal awards expended during the fiscal year were below the threshold set forth in section 200.501 Audit Requirements. Cause: The County did not establish effective internal controls and procedures over subrecipient monitoring. Effect: Without ensuring subrecipients have obtained audits as required by Subpart F, there is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple years, and these discrepancies may not be properly monitored, detected, and corrected by the County personnel on a timely basis. Questioned Costs: Undetermined. Recommendation: The County should review and enhance internal controls and procedures to ensure that evaluation of independent audits is performed. Views of Responsible Officials: The County agrees with this finding. See separate Correction Action Plan related to this finding.
Reference Number: 2023-004 Prior Year Finding: No Federal Agency: U.S. Department of Agriculture State Agency: Department of Public Health Federal Program: WIC Special Supplemental Nutrition Program for Women, Infants, and Children Assistance Listing Number: 10.557 Award Number and Year: 224MA702W1003 (10/1/2021 – 9/30/2022) 234MA702W1003 (10/1/2022 – 9/30/2023) Compliance Requirement: Eligibility- Subrecipient Agreements Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or specific requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The subaward agreements issued to eligible subrecipients was did not contain all of the required data. The subaward agreements did not contain the federal award identification number (FAIN) or federal award date. Context: For 8 of 8 subawards selected for testing, the Federal Award Identification Number (FAIN) and Federal Award Date were not included in the agreement provided to the subrecipient. Questioned costs: None Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: The exclusion of required federal grant award information may cause subrecipients to be uninformed about specific program and regulatory information. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subawards and that proper subrecipient monitoring is conducted. Views of responsible officials: Management agrees with the finding.
Reference Number: 2023-005 Prior Year Finding: 2022-004 Federal Agency: U.S. Department of Agriculture State Agency: Department of Elementary and Secondary Education Federal Program: Child and Adult Care Food Program Assistance Listing Number: 10.558 Award Number and Year: 202222N202044 (10/1/2021 – 9/30/2022), 202323N202044 (10/1/2022 – 9/30/2023), 202323N119944 (1/1/2022 – 9/30/2023), 202323N202044 (10/1/2022 – 9/30/2023), 202323N119944 (10/1/2022 – 9/30/2023) Compliance Requirement: Eligibility, Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control Over Compliance, Material Noncompliance Criteria or Specific Requirement: Compliance: Eligibility – Per 7 CFR section 226.2, subrecipients must meet the definition of “independent center” or “sponsoring organization”. In addition, all institutions must also meet the eligibility requirements stated in 7 CFR section 226.15 and 42 USC 1766(a)(6) and (d)(l). Definitions include: 1) Independent center means a child care center, at-risk afterschool care center, emergency shelter, outside-school-hours care center or adult day care center which enters into an agreement with the state agency to assume final administrative and financial responsibility for program operations. 2) Sponsoring organization means a public or nonprofit private organization that is entirely responsible for the administration of the food program. 3) For-profit center means a child care center, outside-school-hours care center, or adult day care center providing nonresidential care to adults or children that does not qualify for tax-exempt status under the Internal Revenue Code of 1986. For-profit centers serving adults must meet the criteria described in paragraph (a) of this definition. For-profit centers serving children must meet the criteria described in paragraphs (b )(1) or (b )(2) of this definition, except that children who only participate in the at-risk afterschool snack and/or meal component of the program must not be considered in determining the percentages under paragraphs (b )( 1) or (b)(2) of this definition. Subrecipient Monitoring – Per 2 CFR section 200.332(a), all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes: i. Subrecipient name (which must match the name associated with its unique entity identifier); ii. Subrecipient's unique entity identifier; iii. Federal Award Identification Number (FAIN); iv. Federal Award Date (see the definition of Federal award date in § 200.1 of this part) of award to the recipient by the Federal agency; v. Subaward Period of Performance Start and End Date; vi. Subaward Budget Period Start and End Date; vii. Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; viii. Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; ix. Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; x. Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); xi. Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; xii. Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement; xiii. Identification of whether the award is R&D; and xiv. Indirect cost rate for the Federal award (including if the de minimis rate is charged) per section 200.414. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Elementary and Secondary Education (Department) was unable to provide documentation that it issued subawards in compliance with federal regulations. Context: Sixty subawards were selected for testing. The Department documents subrecipient eligibility in a permanent agreement with each subrecipient. The following exceptions were noted: • For one of sixty subawards selected for testing, the Department could not provide documentation that it had obtained the subrecipient’s Unique Entity Identifier prior to the issuance of the subaward. • For six of sixty subrecipients selected for testing, the Department did not have an approved permanent agreement on file prior to the start date of the contract. Therefore, the Department was unable to provide documentation that it had determined subrecipient eligibility prior to the start date of the contract. Questioned costs: Undetermined. Cause: The Department’s procedures and controls were not sufficient to ensure that subawards were issued in compliance with federal regulations and that subrecipient eligibility was determined prior to issuance of contracts. Effect: Failure to ensure subrecipients are eligible to receive program funding and failure to ensure subrecipients have a registered unique entity identification number could result in unauthorized entities receiving program funding. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all subrecipients are eligible to receive program funds and that required information is obtained prior to entering into a subrecipient agreement. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-005 Prior Year Finding: 2022-004 Federal Agency: U.S. Department of Agriculture State Agency: Department of Elementary and Secondary Education Federal Program: Child and Adult Care Food Program Assistance Listing Number: 10.558 Award Number and Year: 202222N202044 (10/1/2021 – 9/30/2022), 202323N202044 (10/1/2022 – 9/30/2023), 202323N119944 (1/1/2022 – 9/30/2023), 202323N202044 (10/1/2022 – 9/30/2023), 202323N119944 (10/1/2022 – 9/30/2023) Compliance Requirement: Eligibility, Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control Over Compliance, Material Noncompliance Criteria or Specific Requirement: Compliance: Eligibility – Per 7 CFR section 226.2, subrecipients must meet the definition of “independent center” or “sponsoring organization”. In addition, all institutions must also meet the eligibility requirements stated in 7 CFR section 226.15 and 42 USC 1766(a)(6) and (d)(l). Definitions include: 1) Independent center means a child care center, at-risk afterschool care center, emergency shelter, outside-school-hours care center or adult day care center which enters into an agreement with the state agency to assume final administrative and financial responsibility for program operations. 2) Sponsoring organization means a public or nonprofit private organization that is entirely responsible for the administration of the food program. 3) For-profit center means a child care center, outside-school-hours care center, or adult day care center providing nonresidential care to adults or children that does not qualify for tax-exempt status under the Internal Revenue Code of 1986. For-profit centers serving adults must meet the criteria described in paragraph (a) of this definition. For-profit centers serving children must meet the criteria described in paragraphs (b )(1) or (b )(2) of this definition, except that children who only participate in the at-risk afterschool snack and/or meal component of the program must not be considered in determining the percentages under paragraphs (b )( 1) or (b)(2) of this definition. Subrecipient Monitoring – Per 2 CFR section 200.332(a), all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes: i. Subrecipient name (which must match the name associated with its unique entity identifier); ii. Subrecipient's unique entity identifier; iii. Federal Award Identification Number (FAIN); iv. Federal Award Date (see the definition of Federal award date in § 200.1 of this part) of award to the recipient by the Federal agency; v. Subaward Period of Performance Start and End Date; vi. Subaward Budget Period Start and End Date; vii. Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; viii. Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; ix. Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; x. Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); xi. Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; xii. Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement; xiii. Identification of whether the award is R&D; and xiv. Indirect cost rate for the Federal award (including if the de minimis rate is charged) per section 200.414. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Elementary and Secondary Education (Department) was unable to provide documentation that it issued subawards in compliance with federal regulations. Context: Sixty subawards were selected for testing. The Department documents subrecipient eligibility in a permanent agreement with each subrecipient. The following exceptions were noted: • For one of sixty subawards selected for testing, the Department could not provide documentation that it had obtained the subrecipient’s Unique Entity Identifier prior to the issuance of the subaward. • For six of sixty subrecipients selected for testing, the Department did not have an approved permanent agreement on file prior to the start date of the contract. Therefore, the Department was unable to provide documentation that it had determined subrecipient eligibility prior to the start date of the contract. Questioned costs: Undetermined. Cause: The Department’s procedures and controls were not sufficient to ensure that subawards were issued in compliance with federal regulations and that subrecipient eligibility was determined prior to issuance of contracts. Effect: Failure to ensure subrecipients are eligible to receive program funding and failure to ensure subrecipients have a registered unique entity identification number could result in unauthorized entities receiving program funding. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all subrecipients are eligible to receive program funds and that required information is obtained prior to entering into a subrecipient agreement. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-012 Prior Year Finding: 2022-013 Federal Agency: U.S. Department of Labor State Agency: Executive Office of Labor and Workforce Development Federal Program: WIOA Cluster, Employment Service Cluster Assistance Listing Number: 17.258, 17.259, 17.278, 17.207, 17.801 Award Number and Year: AA-38535-22-55-A-25 (7/1/2022 – 6/30/2025), AA-36325-21-55-A-25 (4/1/2021 – 6/30/2024), AA-34774-20-55-A-25 (4/1/2020 – 6/30/2023) ES333991955A25 (7/1/2019 – 9/30/2022), ES353492055A25 (7/1/2020 – 9/30/2023), ES367612155A25 (7/1/2021 – 9/30/2024), ES387362255A25 (7/1/2022 – 9/30/2025) DV-35786-21-55-5-25 (10/1/2020 – 12/31/2022), DV-37859-22-55-5-25 (10/1/2021 – 12/31/2023), 23555DV000008 (10/1/2022 – 12/31/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: Per 2 CFR section 200.332 - Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by §200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Per 2 CFR section 200.331 - Subrecipient and contractor determinations states, in part, that a pass-through entity must make case-by-case determinations whether each agreement it makes for the disbursement of Federal program funds casts the party receiving the funds in the role of a subrecipient or a contractor. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Labor and Workforce Development (Department) omitted required federal award information from subawards it issued from the programs and did not adequately monitor subrecipients. Context: WIOA Cluster: Six out of eighteen subrecipients were selected for testing. The following exceptions were noted: • For 6 of 6 subawards issued, the Federal Award Identification Number (FAIN) and Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. • For 1 of 6 subrecipients selected for testing, no subaward monitoring was performed during the audit period. • For 1 of 6 subrecipients selected for testing, subaward monitoring was not completed in accordance with the Department’s policy. • For 1 of 6 subrecipients selected for testing, a determination on whether the entity was a subrecipient was unable to be made based on the documentation provided. • One subrecipient was excluded from subrecipient testing based on auditor analysis that the entity did not meet the definition of a subrecipient. The Schedule of Expenditures of Federal Awards was not adjusted to reflect the classification change. Employment Service Cluster: Five out of sixteen subrecipients were selected for testing. The following exceptions were noted: • For 5 of 5 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information nor that subrecipient monitoring was completed in accordance with the requirements of the federal programs. Effect: Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Failure to conduct adequate subrecipient monitoring may result in a failure of the Department to detect that subawards were used for unauthorized purposes, were managed in violation of the terms and conditions of the subawards, or that subaward performance goals were not achieved. There is an increased risk that subrecipients could be inappropriately spending and/or inaccurately tracking and reporting federal funds over multiple year periods, and these discrepancies may not be properly monitored, detected, and corrected by Department personnel on a timely basis. Questioned costs: WIOA Cluster: Undetermined Employment Service Cluster: None Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. We also recommend the Department review and enhance its internal controls and procedures to ensure subrecipient monitoring is performed in compliance with the requirements of the federal programs. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-015 Prior Year Finding: No Federal Agency: U.S. Department of the Treasury State Agency: Executive Office of Housing and Livable Communities Federal Program: COVID-19 – Emergency Rental Assistance Program Assistance Listing Number: 21.023 Award Number and Year: ERA-1 (12/27/2020 – 9/30/2022), ERA-2 (5/1/2021 – 9/30/2025) Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness in Internal Control Over Compliance, Material Noncompliance Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) - Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Housing and Livable Communities (Department) omitted required federal award information from subawards it issued from the program. Context: Eight subawards were selected for testing and the following exceptions were noted: • For 8 of 8 subawards issued, the Federal Award Identification Number (FAIN) and the Federal award date of award to the recipient by the Federal agency were not included on the subaward agreements. • For 7 of 8 subawards issued, the name of the Federal awarding agency, pass-through entity, and contact information for the awarding official of the pass-through entity were not included on the subaward agreements. • For 3 of 8 subawards issued, the assistance listing number and program title were not included on the subaward agreements. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information. Internal controls did not detect or prevent the errors. Effect: The Commonwealth was not in compliance with 2 CFR section 200.332(a). Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None. Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-019 Prior Year Finding: No Federal Agency: U.S. Department of Education State Agency: Massachusetts Executive Office of Education Federal Program: COVID-19 – Governor’s Emergency Education Relief (GEER) Fund Assistance Listing Number: 84.425C Award Number and Year: S425C200005 (5/4/2020 – 9/30/2021) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Elementary and Secondary Education (Department) was unable to provide documentation that subawards it issued contained all required federal information. Context: One of sixty subawards selected for testing did not include the following required information: • Federal Award Identification Number (FAIN), • Federal Award Date of award to the recipient by the Federal agency, • Subaward Period of Performance Start and End Date, • Subaward Budget Period Start and End Date, • Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity, • Assistance Listing number and Title. Cause: The Department’s procedures and controls were not sufficient to ensure that it issued subawards in compliance with federal requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None noted. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subawards. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-019 Prior Year Finding: No Federal Agency: U.S. Department of Education State Agency: Massachusetts Executive Office of Education Federal Program: COVID-19 – Governor’s Emergency Education Relief (GEER) Fund Assistance Listing Number: 84.425C Award Number and Year: S425C200005 (5/4/2020 – 9/30/2021) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Elementary and Secondary Education (Department) was unable to provide documentation that subawards it issued contained all required federal information. Context: One of sixty subawards selected for testing did not include the following required information: • Federal Award Identification Number (FAIN), • Federal Award Date of award to the recipient by the Federal agency, • Subaward Period of Performance Start and End Date, • Subaward Budget Period Start and End Date, • Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity, • Assistance Listing number and Title. Cause: The Department’s procedures and controls were not sufficient to ensure that it issued subawards in compliance with federal requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None noted. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subawards. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-019 Prior Year Finding: No Federal Agency: U.S. Department of Education State Agency: Massachusetts Executive Office of Education Federal Program: COVID-19 – Governor’s Emergency Education Relief (GEER) Fund Assistance Listing Number: 84.425C Award Number and Year: S425C200005 (5/4/2020 – 9/30/2021) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Elementary and Secondary Education (Department) was unable to provide documentation that subawards it issued contained all required federal information. Context: One of sixty subawards selected for testing did not include the following required information: • Federal Award Identification Number (FAIN), • Federal Award Date of award to the recipient by the Federal agency, • Subaward Period of Performance Start and End Date, • Subaward Budget Period Start and End Date, • Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity, • Assistance Listing number and Title. Cause: The Department’s procedures and controls were not sufficient to ensure that it issued subawards in compliance with federal requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None noted. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subawards. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-019 Prior Year Finding: No Federal Agency: U.S. Department of Education State Agency: Massachusetts Executive Office of Education Federal Program: COVID-19 – Governor’s Emergency Education Relief (GEER) Fund Assistance Listing Number: 84.425C Award Number and Year: S425C200005 (5/4/2020 – 9/30/2021) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Elementary and Secondary Education (Department) was unable to provide documentation that subawards it issued contained all required federal information. Context: One of sixty subawards selected for testing did not include the following required information: • Federal Award Identification Number (FAIN), • Federal Award Date of award to the recipient by the Federal agency, • Subaward Period of Performance Start and End Date, • Subaward Budget Period Start and End Date, • Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity, • Assistance Listing number and Title. Cause: The Department’s procedures and controls were not sufficient to ensure that it issued subawards in compliance with federal requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None noted. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subawards. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-019 Prior Year Finding: No Federal Agency: U.S. Department of Education State Agency: Massachusetts Executive Office of Education Federal Program: COVID-19 – Governor’s Emergency Education Relief (GEER) Fund Assistance Listing Number: 84.425C Award Number and Year: S425C200005 (5/4/2020 – 9/30/2021) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Elementary and Secondary Education (Department) was unable to provide documentation that subawards it issued contained all required federal information. Context: One of sixty subawards selected for testing did not include the following required information: • Federal Award Identification Number (FAIN), • Federal Award Date of award to the recipient by the Federal agency, • Subaward Period of Performance Start and End Date, • Subaward Budget Period Start and End Date, • Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity, • Assistance Listing number and Title. Cause: The Department’s procedures and controls were not sufficient to ensure that it issued subawards in compliance with federal requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None noted. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subawards. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-019 Prior Year Finding: No Federal Agency: U.S. Department of Education State Agency: Massachusetts Executive Office of Education Federal Program: COVID-19 – Governor’s Emergency Education Relief (GEER) Fund Assistance Listing Number: 84.425C Award Number and Year: S425C200005 (5/4/2020 – 9/30/2021) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Elementary and Secondary Education (Department) was unable to provide documentation that subawards it issued contained all required federal information. Context: One of sixty subawards selected for testing did not include the following required information: • Federal Award Identification Number (FAIN), • Federal Award Date of award to the recipient by the Federal agency, • Subaward Period of Performance Start and End Date, • Subaward Budget Period Start and End Date, • Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity, • Assistance Listing number and Title. Cause: The Department’s procedures and controls were not sufficient to ensure that it issued subawards in compliance with federal requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None noted. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subawards. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-022 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Executive Office of Elders Affairs Federal Program: Aging Cluster Assistance Listing Number: 93.044, 93.045, 93.053 Award Number and Year: 2101MASSC6, 2101MACMC6, 2101MAHDC6 and 2021 (COVID-19) 2001MAHDC3, 2001MASSC3 and 2020 (COVID-19) 2201MAOANS-03 and 2022 2301MAOANS-03 and 2023 2201MAOASS and 2022 2301MAOASS and 2023 2201MAOACM and 2022 2301MAOACM and 2023 2201MAOAHD and 2022 2301MAOAHD and 2023 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Elders Affairs’ (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award dates were not provided to the subrecipients. Context: Seven of the seven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None noted. Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-022 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Executive Office of Elders Affairs Federal Program: Aging Cluster Assistance Listing Number: 93.044, 93.045, 93.053 Award Number and Year: 2101MASSC6, 2101MACMC6, 2101MAHDC6 and 2021 (COVID-19) 2001MAHDC3, 2001MASSC3 and 2020 (COVID-19) 2201MAOANS-03 and 2022 2301MAOANS-03 and 2023 2201MAOASS and 2022 2301MAOASS and 2023 2201MAOACM and 2022 2301MAOACM and 2023 2201MAOAHD and 2022 2301MAOAHD and 2023 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Elders Affairs’ (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award dates were not provided to the subrecipients. Context: Seven of the seven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None noted. Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-022 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Executive Office of Elders Affairs Federal Program: Aging Cluster Assistance Listing Number: 93.044, 93.045, 93.053 Award Number and Year: 2101MASSC6, 2101MACMC6, 2101MAHDC6 and 2021 (COVID-19) 2001MAHDC3, 2001MASSC3 and 2020 (COVID-19) 2201MAOANS-03 and 2022 2301MAOANS-03 and 2023 2201MAOASS and 2022 2301MAOASS and 2023 2201MAOACM and 2022 2301MAOACM and 2023 2201MAOAHD and 2022 2301MAOAHD and 2023 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Elders Affairs’ (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award dates were not provided to the subrecipients. Context: Seven of the seven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None noted. Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-022 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Executive Office of Elders Affairs Federal Program: Aging Cluster Assistance Listing Number: 93.044, 93.045, 93.053 Award Number and Year: 2101MASSC6, 2101MACMC6, 2101MAHDC6 and 2021 (COVID-19) 2001MAHDC3, 2001MASSC3 and 2020 (COVID-19) 2201MAOANS-03 and 2022 2301MAOANS-03 and 2023 2201MAOASS and 2022 2301MAOASS and 2023 2201MAOACM and 2022 2301MAOACM and 2023 2201MAOAHD and 2022 2301MAOAHD and 2023 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Elders Affairs’ (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award dates were not provided to the subrecipients. Context: Seven of the seven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None noted. Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-022 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Executive Office of Elders Affairs Federal Program: Aging Cluster Assistance Listing Number: 93.044, 93.045, 93.053 Award Number and Year: 2101MASSC6, 2101MACMC6, 2101MAHDC6 and 2021 (COVID-19) 2001MAHDC3, 2001MASSC3 and 2020 (COVID-19) 2201MAOANS-03 and 2022 2301MAOANS-03 and 2023 2201MAOASS and 2022 2301MAOASS and 2023 2201MAOACM and 2022 2301MAOACM and 2023 2201MAOAHD and 2022 2301MAOAHD and 2023 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Elders Affairs’ (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award dates were not provided to the subrecipients. Context: Seven of the seven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None noted. Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-024 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Office for Refugees and Immigrants (ORI) Federal Program: Refugee and Entrant Assistance State Administered Programs Assistance Listing Number: 93.566 Award Number and Year: 2301MARCMA 00-02 and 10/1/2022-9/30/2023 2303MARCSSS 00-04 and 10/1/2022-9/30/2024 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Office for Refugees and Immigrants (ORI) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) was not provided to the subrecipients. Context: Ten of the ten subawards selected for testing did not contain the Federal Award Identification Number (FAIN). Questioned costs: Undetermined. Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-025 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Department of Public Health (DPH) Federal Program: Refugee and Entrant Assistance State Administered Programs (Refugee) Opioid-STR Block Grants for Prevention and Treatment of Substance Abuse, COVID-19 - Block Grants for Prevention and Treatment of Substance Abuse (SABG) Assistance Listing Number: 93.566, 93.788, 93.959 Award Number and Year: Refugee: ISAORIRHAP0826DPH22D and 10/1/2021-9/30/22 ISAORIRHAP0826DPH23B and 10/1/2021-9/30/22 ISAORIRHAP0826DPH23C and 10/1/2021-6/30/23 ISAORIRHAP0826DPH23D and 12/4/2023-6/30/23 Opioid: 1H79TI083328 (9/30/2020 – 9/29/2021) 5H79TI083328 (9/30/2021 – 9/29/2022) 6H79TI083328 (9/30/2021 – 9/29/2023) 1H79TI085778 (9/30/2021 – 9/29/2023) SABG: 1B08TI083946-01 and 9/1/2021-9/30/2025 08TI08350200-01 and 3/15/2021-3/14/2024 1B08TI084650-01 and 10/1/2021-9/30/2023 1B08TI085812-01 and 10/1/2021-9/30/2024 1B08TI083455-01 and 10/1/2020-9/30/2022 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or specific requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Public Health (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award date were not provided to the subrecipient. Context: Refugee: Five of the five subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Opioid: Twelve of the twelve subawards selected for testing were missing the Federal Award Identification Number (FAIN) and the Federal Award Date. SABG: Eleven of the eleven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of responsible officials: Management agrees with the finding.
Reference Number: 2023-025 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Department of Public Health (DPH) Federal Program: Refugee and Entrant Assistance State Administered Programs (Refugee) Opioid-STR Block Grants for Prevention and Treatment of Substance Abuse, COVID-19 - Block Grants for Prevention and Treatment of Substance Abuse (SABG) Assistance Listing Number: 93.566, 93.788, 93.959 Award Number and Year: Refugee: ISAORIRHAP0826DPH22D and 10/1/2021-9/30/22 ISAORIRHAP0826DPH23B and 10/1/2021-9/30/22 ISAORIRHAP0826DPH23C and 10/1/2021-6/30/23 ISAORIRHAP0826DPH23D and 12/4/2023-6/30/23 Opioid: 1H79TI083328 (9/30/2020 – 9/29/2021) 5H79TI083328 (9/30/2021 – 9/29/2022) 6H79TI083328 (9/30/2021 – 9/29/2023) 1H79TI085778 (9/30/2021 – 9/29/2023) SABG: 1B08TI083946-01 and 9/1/2021-9/30/2025 08TI08350200-01 and 3/15/2021-3/14/2024 1B08TI084650-01 and 10/1/2021-9/30/2023 1B08TI085812-01 and 10/1/2021-9/30/2024 1B08TI083455-01 and 10/1/2020-9/30/2022 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or specific requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Public Health (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award date were not provided to the subrecipient. Context: Refugee: Five of the five subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Opioid: Twelve of the twelve subawards selected for testing were missing the Federal Award Identification Number (FAIN) and the Federal Award Date. SABG: Eleven of the eleven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of responsible officials: Management agrees with the finding.
Reference Number: 2023-025 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Department of Public Health (DPH) Federal Program: Refugee and Entrant Assistance State Administered Programs (Refugee) Opioid-STR Block Grants for Prevention and Treatment of Substance Abuse, COVID-19 - Block Grants for Prevention and Treatment of Substance Abuse (SABG) Assistance Listing Number: 93.566, 93.788, 93.959 Award Number and Year: Refugee: ISAORIRHAP0826DPH22D and 10/1/2021-9/30/22 ISAORIRHAP0826DPH23B and 10/1/2021-9/30/22 ISAORIRHAP0826DPH23C and 10/1/2021-6/30/23 ISAORIRHAP0826DPH23D and 12/4/2023-6/30/23 Opioid: 1H79TI083328 (9/30/2020 – 9/29/2021) 5H79TI083328 (9/30/2021 – 9/29/2022) 6H79TI083328 (9/30/2021 – 9/29/2023) 1H79TI085778 (9/30/2021 – 9/29/2023) SABG: 1B08TI083946-01 and 9/1/2021-9/30/2025 08TI08350200-01 and 3/15/2021-3/14/2024 1B08TI084650-01 and 10/1/2021-9/30/2023 1B08TI085812-01 and 10/1/2021-9/30/2024 1B08TI083455-01 and 10/1/2020-9/30/2022 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or specific requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Public Health (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award date were not provided to the subrecipient. Context: Refugee: Five of the five subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Opioid: Twelve of the twelve subawards selected for testing were missing the Federal Award Identification Number (FAIN) and the Federal Award Date. SABG: Eleven of the eleven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of responsible officials: Management agrees with the finding.
Reference Number: 2023-025 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Department of Public Health (DPH) Federal Program: Refugee and Entrant Assistance State Administered Programs (Refugee) Opioid-STR Block Grants for Prevention and Treatment of Substance Abuse, COVID-19 - Block Grants for Prevention and Treatment of Substance Abuse (SABG) Assistance Listing Number: 93.566, 93.788, 93.959 Award Number and Year: Refugee: ISAORIRHAP0826DPH22D and 10/1/2021-9/30/22 ISAORIRHAP0826DPH23B and 10/1/2021-9/30/22 ISAORIRHAP0826DPH23C and 10/1/2021-6/30/23 ISAORIRHAP0826DPH23D and 12/4/2023-6/30/23 Opioid: 1H79TI083328 (9/30/2020 – 9/29/2021) 5H79TI083328 (9/30/2021 – 9/29/2022) 6H79TI083328 (9/30/2021 – 9/29/2023) 1H79TI085778 (9/30/2021 – 9/29/2023) SABG: 1B08TI083946-01 and 9/1/2021-9/30/2025 08TI08350200-01 and 3/15/2021-3/14/2024 1B08TI084650-01 and 10/1/2021-9/30/2023 1B08TI085812-01 and 10/1/2021-9/30/2024 1B08TI083455-01 and 10/1/2020-9/30/2022 Compliance Requirement: Subrecipient Monitoring- Subaward Agreement Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or specific requirement: Compliance: 2 CFR section 200.332-Requirements for Pass-Through Entities states, in part, that all pass-through entities must: (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means. (3) Issuing a management decision for audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521 Management decision. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Department of Public Health (Department) subawards did not contain all required federal information. We noted that the Federal Award Identification Number (FAIN) and federal award date were not provided to the subrecipient. Context: Refugee: Five of the five subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Opioid: Twelve of the twelve subawards selected for testing were missing the Federal Award Identification Number (FAIN) and the Federal Award Date. SABG: Eleven of the eleven subawards selected for testing did not contain the Federal Award Identification Number (FAIN) and Federal Award Date. Questioned costs: None Cause: The Department utilizes a standard subaward that was not updated to include all federal subaward requirements. Effect: Excluding the required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. Recommendation: The Department should review and enhance internal controls and procedures to ensure that all required information is included in all subaward agreements. Views of responsible officials: Management agrees with the finding.
Reference Number: 2023-028 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Executive Office of Housing and Livable Communities Federal Program: Low-Income Home Energy Assistance, COVID-19 – Low-Income Home Energy Assistance Assistance Listing Number: 93.568 Award Number and Year: 2201MALIE4 (10/1/2021 – 9/30/2023) 2201MALIEA (10/1/2021 – 9/30/2023) 2201MALIEI (10/1/2021 – 9/30/2023) 2301MALIEA (10/1/2022 – 9/30/2024) 2301MALIEE (10/1/2022 – 9/30/2024) 2301MALIEI (10/1/12022 – 9/30/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) - Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Housing and Livable Communities (Department) omitted required federal award information from subawards it issued from the program. Context: Nine subawards were selected for testing and the following exceptions were noted: • For 9 of 9 subawards issued, the Federal award date of award to the recipient by the Federal agency was not included on the subaward agreement. • For 4 of 9 subawards issued, the Federal Award Identification Number (FAIN) was not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information. Internal controls did not detect or prevent the errors. Effect: The Commonwealth was not in compliance with 2 CFR section 200.332(a). Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None. Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. Views of Responsible Officials: Management agrees with the finding.
Reference Number: 2023-028 Prior Year Finding: No Federal Agency: U.S. Department of Health and Human Services State Agency: Executive Office of Housing and Livable Communities Federal Program: Low-Income Home Energy Assistance, COVID-19 – Low-Income Home Energy Assistance Assistance Listing Number: 93.568 Award Number and Year: 2201MALIE4 (10/1/2021 – 9/30/2023) 2201MALIEA (10/1/2021 – 9/30/2023) 2201MALIEI (10/1/2021 – 9/30/2023) 2301MALIEA (10/1/2022 – 9/30/2024) 2301MALIEE (10/1/2022 – 9/30/2024) 2301MALIEI (10/1/12022 – 9/30/2024) Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency in Internal Control Over Compliance, Other Matters Criteria or Specific Requirement: Compliance: 2 CFR section 200.332(a) - Requirements for Pass-Through Entities states, in part, that all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and includes information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should comply with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: The Executive Office of Housing and Livable Communities (Department) omitted required federal award information from subawards it issued from the program. Context: Nine subawards were selected for testing and the following exceptions were noted: • For 9 of 9 subawards issued, the Federal award date of award to the recipient by the Federal agency was not included on the subaward agreement. • For 4 of 9 subawards issued, the Federal Award Identification Number (FAIN) was not included on the subaward agreement. Cause: The Department’s procedures were not sufficient to ensure that subawards included all required information. Internal controls did not detect or prevent the errors. Effect: The Commonwealth was not in compliance with 2 CFR section 200.332(a). Excluding required federal grant award information at the time of the subaward may cause subrecipients and their auditors to be uninformed about specific program and other regulations that apply to the funds they receive. There is also the potential for subrecipients to have incomplete Schedules of Expenditures of Federal Awards (SEFA) in their Single Audit reports, and federal funds may not be properly audited at the subrecipient level in accordance with the Uniform Guidance. Questioned costs: None. Recommendation: We recommend the Department review and enhance internal controls and procedures to ensure that required information is included in its subawards. Views of Responsible Officials: Management agrees with the finding.
Finding Reference Number: 2023-005 NH Department of Justice NH Department of Health and Human Services NH Department of Environmental Services NH Department of Business and Economic Affairs COVID-19 Coronavirus State and Local Fiscal Recovery Funds (Assistance Listing #21.027) Federal Award Numbers: SLFRP0145 Federal Award Year: 2021 U.S. Department of Treasury Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2022-008 Statistically Valid Sample: No Criteria A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.332(a); 2. Evaluate each subrecipient’s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.332(b)); 3. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorization purposes, complies with the terms and conditions of the subaward 4. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, per 2 CFR section 200.303, non-federal entities must establish and maintain effective internal control over federal awards that provide reasonable assurance that the non-federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition As part of the Coronavirus State and Local Fiscal Recovery Funds program, the State of New Hampshire (the State) entered into grant agreements with local entities to support allowable activities under the federal program. During the year ended June 30, 2022, the State passed through $73,337,682 to subrecipients. As part of our testwork over the subrecipient monitoring process, we identified the following breakdown of internal controls: A. As part of our testwork over subrecipient monitoring, we selected a sample of 49 items from the listing of subrecipients provided by the State that reconciled to the amount reported on the Schedule of Expenditures of Federal Awards. Of the 49 items selected for testwork, 6 items were contracts and were not subrecipient agreements. As such, we were unable to determine the completeness and accuracy of the subrecipient population. As a result of our audit, the State identified that this error resulted in the amount reported on the Schedule of Expenditures of Federal Awards as pass-through expenditures to be overstated by $7,261,684. The State has corrected the Schedule of Expenditures of Federal Awards so that the amount reported is accurate. B. The State communicates award information to subrecipients through the approved grant agreement. For 19 of the 43 remaining subrecipients selected for testwork, the State did not communicate all the required award information as outlined in 2 CFR section 200.332. Specifically, the following elements were not communicated: a. Indirect cost rate for federal awards (including if the deminimus rate is charged per 2 CFR section 200.414) was not communicated for 19 of the 43 remaining subrecipients selected for testwork. b. Identification of whether the award is R&D was not communicated for 17 of the remaining 43 subrecipients selected for testwork. C. As part of our testwork over during the award monitoring, it was identified that subrecipient monitoring activities include the review and approval of invoices submitted for reimbursement from the subrecipient. During our testwork over the invoice review we identified the following: a. For 6 of the remaining 43 subrecipients selected for testwork, we were unable to obtain the invoices paid by the State to verify that they were reviewed and approved. While the invoices were not provided to us, we noted that other monitoring procedures were performed for 4 of the 6 subrecipients. b. For 10 of the remaining 43 subrecipients selected for testwork, while we were able to obtain the invoices paid by the State, we were unable to properly identify who the appropriate reviewer was for the invoice to ensure that the individual who approved the invoice had the appropriate knowledge and competency to perform the review process. As a result, we were unable to verify if the invoice was appropriately reviewed. While we were unable to verify this, we noted that other monitoring procedures were performed for 9 of the 10 subrecipients. D. As part of our testwork over during the award monitoring, for 9 of the 43 remaining subrecipients selected for testwork, no documentation was provided to support that during the award monitoring procedures had been performed during the audit period. As such, we could not verify that appropriate monitoring procedures were performed as outlined by the subrecipient’s risk assessment. E. As part of our testwork over the review of Uniform Guidance Reports, we identified the following: a. For 6 of the remaining 43 subrecipients selected for testwork, the State provided the subrecipients Uniform Guidance report, however there was no evidence that the reports were reviewed to determine if a management decision letter needed to be issued. As part of our audit, we reviewed the 6 uniform guidance reports and did not identify any findings that would have required to be followed up on by the State. b. For 7 of the remaining 43 subrecipients selected for testwork, the subrecipient’s uniform guidance report was not provided. We reviewed the FAC to determine if a report was submitted during the audit period and identified that all 7 subrecipients had submitted a uniform guidance report. Of the 7 subrecipients, 1 report contained findings reported within Section III of the report. There was no evidence provided that the State had issued a management decision related to this subrecipient. Cause The cause of the condition found is primarily due to insufficient internal controls and procedures to ensure that award identification information is communicated, that appropriate during the award monitoring is performed based on the risk assessments and that all subrecipients are reviewed to determine if a uniform guidance audit was issued regardless of amount awarded to the subrecipient. Given the nature of this program, several Departments within the State entered into subrecipient grants resulting in a decentralized process. Not all Departments within the State are experienced with subrecipient relationships and may not have had developed policies to comply with subrecipient monitoring requirements. Finally, the State does not have sufficient internal controls in place to properly classify contracts and subrecipient relationships. Effect The effect of the condition found is that the State may not have properly monitored subrecipients in accordance with State policies and federal requirements. In addition, improper identification of contracts and subrecipients could lead to noncompliance with the State’s procurement policy or the proper monitoring of subrecipients. Questioned Costs None. Recommendation We recommend that the State review its existing internal controls, policies, and procedures to ensure that the State complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(d through (f), and 2 CFR section 200.251. This would include ensuring that: 1. All required award information is communicated to subrecipients; 2. Ensure that appropriate during the award monitoring is performed as outlined within the subrecipient’s risk assessment; and 3. All subrecipients are reviewed regardless of the amount awarded to determine if a uniform guidance report was issued and if a management decision letter should be issued. In addition, the State should continue to review its vendor determination policy to ensure that the policy is consistently applied across all Department’s within the State. View of Responsible Officials: Management concurs with the finding above.
Finding Reference Number: 2023-011 NH Department of Health and Human Services Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) and COVID-19 Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) (Assistance Listing #93.323) Federal Award Numbers: NUK50CK000522 Federal Award Year: 2019 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2022-018 Statistically Valid Sample: No Criteria A pass-through entity (PTE) must: 1. Evaluate Risk – Evaluate each subrecipient’s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 200.332(b)). 2. Monitor – Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, subaward monitoring must include the following: a. Reviewing financial and programmatic (performance and special reports) required by the PTE. b. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the PTE detected through audits, on-site reviews, and other means. c. Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the PTE as required by 2 CFR section 200.521. Additionally, 45 CFR section 75 303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award Condition During the year ended June 30, 2023, the New Hampshire Department of Health and Human Services (the Department) passed through $5,070,789 of federal funding to subrecipient. As part of our testing related subrecipient monitoring, we noted the following: A. As part of our during the award monitoring testwork, we were unable to obtain documentation to support that that the Department had performed the suggested monitoring procedures for 3 of the 4 subrecipients selected for testwork based upon the subrecipients most recent risk assessment performed. For the remaining 1 subrecipient, the risk assessment form did not indicate the required frequency of the suggested type of monitoring. As a result, we were not able to verify that the Department had performed the appropriate monitoring procedures as outlined by the risk assessment performed for each subrecipient. B. The Department’s during the award monitoring for each of the 4 subrecipients selected for testwork consisted of the review and approval of subrecipient invoices. Per review of the invoices, the invoice contained a summary of costs incurred by the subrecipient by category of expense that it was seeking reimbursement for. The Department did not perform any other monitoring procedures to ensure the accuracy of the request made by the subrecipient through either a desk review or an on-site monitoring visit. We further noted that no other monitoring was performed by the Department to ensure that the subrecipient was complying with the terms and conditions of its subrecipient grant agreement. Per review of the risk assessment for each of the 4 subrecipients, the risk assessment did not provide for specific monitoring procedures that would address compliance with the subrecipients grant agreement beyond the period review of expenditure data. Taking into consideration that for each of the 4 subrecipients selected the testwork, if an Uniform Guidance report was issued for the subrecipient, this program was not audited as a major program, it does not appear that either the procedures suggested within the risk assessment or the procedures performed by the Department would be able to identify noncompliance incurred at the subrecipient level. C. During our review over the Department’s review over the subrecipients Uniform Guidance reports, we identified the following: • For 1 of 3 subrecipients selected for testwork which had a Uniform Guidance audit, the subrecipients uniform guidance audit was not issued within 9 months of the subrecipients year end. We were unable to obtain any correspondence between the Department or the subrecipient to inquire about the uniform guidance report or when it would be issued. Upon receipt of the report, the Department did issue a management decision letter upon receipt of the report. • For 1 of 3 subrecipients selected for testwork which had a Uniform Guidance audit, the Department did not issue a management decision letter within 6 months of receipt of the report. We noted however there were no findings identified within the uniform guidance report that would have required corrective action. Cause The cause of the condition found was primarily due to a lack of formal policies and internal controls to ensure that all required subrecipient monitoring compliance procedures are being performed by the Department. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.501(h). Questioned Costs None. Recommendation We recommend the Department develop policies and procedures and implement internal controls to ensure that the Department complies with 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.501(h). This would ensure that the risk assessment is routinely updated for multiyear grants and that the prescribed monitoring procedures take into consideration any additional monitoring procedures that might need to be performed, such as a desk review or on-site visit, if the program is not audited as part of the subrecipient’s uniform guidance audit. In addition, policies and procedures should be established to ensure that if the risk assessment has suggested a particular monitoring procedure be performed, that the Department is adequately documenting its monitoring procedures to ensure that it has performed the required procedures. View of Responsible Officials: Management partially concurs with the finding above. Rejoinder As it relates to Bullet B above, for each of the 4 subrecipients selected for testwork consisted of the review and approval of subrecipient invoices. Per review of the invoices, the invoice contained a summary of costs incurred by the subrecipient by category of expense that it was seeking reimbursement for. The Department did not perform any other monitoring procedures to ensure the accuracy of the request made by the subrecipient through either a desk review or an on-site monitoring visit. We further noted that no other monitoring was performed by the Department to ensure that the subrecipient was complying with the terms and conditions of its subrecipient grant agreement. As it relates to Bullet C above, we were unable to obtain any correspondence between the Department or the subrecipient to inquire about the uniform guidance report or when it would be issued for 1 of 3 items selected for testwork. Upon receipt of the report, the Department did issue a management decision letter upon receipt of the report. In addition, for 1 of 3 subrecipients selected for testwork which had a Uniform Guidance audit, the Department did not issue a management decision letter within 6 months of receipt of the report.
Finding Reference Number: 2023-011 NH Department of Health and Human Services Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) and COVID-19 Epidemiology and Laboratory Capacity for Infectious Diseases (ELC) (Assistance Listing #93.323) Federal Award Numbers: NUK50CK000522 Federal Award Year: 2019 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2022-018 Statistically Valid Sample: No Criteria A pass-through entity (PTE) must: 1. Evaluate Risk – Evaluate each subrecipient’s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 200.332(b)). 2. Monitor – Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, subaward monitoring must include the following: a. Reviewing financial and programmatic (performance and special reports) required by the PTE. b. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the PTE detected through audits, on-site reviews, and other means. c. Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the PTE as required by 2 CFR section 200.521. Additionally, 45 CFR section 75 303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award Condition During the year ended June 30, 2023, the New Hampshire Department of Health and Human Services (the Department) passed through $5,070,789 of federal funding to subrecipient. As part of our testing related subrecipient monitoring, we noted the following: A. As part of our during the award monitoring testwork, we were unable to obtain documentation to support that that the Department had performed the suggested monitoring procedures for 3 of the 4 subrecipients selected for testwork based upon the subrecipients most recent risk assessment performed. For the remaining 1 subrecipient, the risk assessment form did not indicate the required frequency of the suggested type of monitoring. As a result, we were not able to verify that the Department had performed the appropriate monitoring procedures as outlined by the risk assessment performed for each subrecipient. B. The Department’s during the award monitoring for each of the 4 subrecipients selected for testwork consisted of the review and approval of subrecipient invoices. Per review of the invoices, the invoice contained a summary of costs incurred by the subrecipient by category of expense that it was seeking reimbursement for. The Department did not perform any other monitoring procedures to ensure the accuracy of the request made by the subrecipient through either a desk review or an on-site monitoring visit. We further noted that no other monitoring was performed by the Department to ensure that the subrecipient was complying with the terms and conditions of its subrecipient grant agreement. Per review of the risk assessment for each of the 4 subrecipients, the risk assessment did not provide for specific monitoring procedures that would address compliance with the subrecipients grant agreement beyond the period review of expenditure data. Taking into consideration that for each of the 4 subrecipients selected the testwork, if an Uniform Guidance report was issued for the subrecipient, this program was not audited as a major program, it does not appear that either the procedures suggested within the risk assessment or the procedures performed by the Department would be able to identify noncompliance incurred at the subrecipient level. C. During our review over the Department’s review over the subrecipients Uniform Guidance reports, we identified the following: • For 1 of 3 subrecipients selected for testwork which had a Uniform Guidance audit, the subrecipients uniform guidance audit was not issued within 9 months of the subrecipients year end. We were unable to obtain any correspondence between the Department or the subrecipient to inquire about the uniform guidance report or when it would be issued. Upon receipt of the report, the Department did issue a management decision letter upon receipt of the report. • For 1 of 3 subrecipients selected for testwork which had a Uniform Guidance audit, the Department did not issue a management decision letter within 6 months of receipt of the report. We noted however there were no findings identified within the uniform guidance report that would have required corrective action. Cause The cause of the condition found was primarily due to a lack of formal policies and internal controls to ensure that all required subrecipient monitoring compliance procedures are being performed by the Department. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.501(h). Questioned Costs None. Recommendation We recommend the Department develop policies and procedures and implement internal controls to ensure that the Department complies with 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.501(h). This would ensure that the risk assessment is routinely updated for multiyear grants and that the prescribed monitoring procedures take into consideration any additional monitoring procedures that might need to be performed, such as a desk review or on-site visit, if the program is not audited as part of the subrecipient’s uniform guidance audit. In addition, policies and procedures should be established to ensure that if the risk assessment has suggested a particular monitoring procedure be performed, that the Department is adequately documenting its monitoring procedures to ensure that it has performed the required procedures. View of Responsible Officials: Management partially concurs with the finding above. Rejoinder As it relates to Bullet B above, for each of the 4 subrecipients selected for testwork consisted of the review and approval of subrecipient invoices. Per review of the invoices, the invoice contained a summary of costs incurred by the subrecipient by category of expense that it was seeking reimbursement for. The Department did not perform any other monitoring procedures to ensure the accuracy of the request made by the subrecipient through either a desk review or an on-site monitoring visit. We further noted that no other monitoring was performed by the Department to ensure that the subrecipient was complying with the terms and conditions of its subrecipient grant agreement. As it relates to Bullet C above, we were unable to obtain any correspondence between the Department or the subrecipient to inquire about the uniform guidance report or when it would be issued for 1 of 3 items selected for testwork. Upon receipt of the report, the Department did issue a management decision letter upon receipt of the report. In addition, for 1 of 3 subrecipients selected for testwork which had a Uniform Guidance audit, the Department did not issue a management decision letter within 6 months of receipt of the report.
Finding Reference Number: 2023-015 NH Department of Energy Low Income Home Energy Assistance and COVID-19 Low Income Home Energy Assistance (Assistance Listing #93.568) Federal Award Numbers: 2001NHLEA, 2001NHLIE4, 2001NH5C3, 2101NHLIEA, 2101NHE5C6, 2201NHLIEA, 2101NHLIE4, 2201NHLIEE, 2201NHLIEI, 2301NHLIEA, 2301NHLIEE, 2301NHLIEI Federal Award Year: 2020, 2021, 2022, 2023 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2022-025 Statistically Valid Sample: No Criteria A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.332(a); 2. Evaluate each subrecipient’s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.332(b)); 3. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required through the terms and conditions of the award, subaward monitoring must include following up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means; and 4. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, Title 45 U.S. Code of Federal Regulation Part 75 (45 CFR section 75), Uniform Administrative Requirements, Cost Principles, and Audit Requirements for HS Awards, section 75.303(a), Internal Controls, states the non-Federal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the non-Federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition As part of the Low-Income Home Energy Assistance program (LIHEAP), the New Hampshire Department of Energy (the Department) enters into grant agreements with local entities to provide services related to the eligibility determination process for the LIHEAP program (including the calculation of participant benefits) and payment of benefits to fuel providers. During the year ended June 30, 2023, $52,485,098 was passed through to subrecipients. As part of our testwork over the subrecipient monitoring process, we noted the following as of the year ending June 30, 2023: A. The Department communicates award information to subrecipients through the approved grant agreement. Per review of the grant agreement, for each of the 3 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332. Specifically, the following elements were not communicated: a. Federal Award Identification Number (FAIN) b. Federal award date c. Indirect cost rate for federal awards (including if the deminimus rate is charged per 2 CFR section 200.414) d. Identification of whether the award is R&D B. For the 1 programmatic monitoring review completed by the Department during the period under audit, the Department did not issue its programmatic monitoring report to the subrecipient timely after the monitoring review was completed. As a result, there was a delay in the subrecipient implementing its corrective action plan to address the findings identified during the programmatic monitoring review. Specifically, we noted the following: a. For the 1 programmatic monitoring review, the monitoring review took place on May 4, 2023, but the report to the subrecipient was not issued until September 23, 2023. Per review of the report that was issued, there were findings identified by the Department that warranted corrective action. Due to the delay in issuing the report, a corrective action plan was not obtained from the subrecipient until almost 5 months after the date of that the monitoring review took place. C. For 3 of 3 subrecipients selected for testwork, the Department did not complete its annual fiscal monitoring review during the audit period as required by their monitoring policy. D. During our testwork over the Department’s review of subrecipient uniform guidance reports, we noted the following: a. The Department does not track the receipt of uniform guidance reports. As a result, we were unable to determine when the uniform guidance reports were received by the Department to ensure they are reviewed timely. Specifically, we noted: i. For all 3 subrecipients selected, the subrecipient’s uniform guidance appeared to have been reviewed, but as the Department does not track the receipt of uniform guidance reports, it was unclear if it was reviewed timely. We did note based on the date that the uniform guidance report was issued, the management decision letter was not issued within 6 months of the date of the report being issued as required by 2 CRF 200.521 (d). ii. For 1 subrecipient in which the UG report had a finding, we were unable to obtain evidence to support that the Department had obtained and reviewed the subrecipient’s uniform guidance report, including management’s response to findings letter as well as the related Corrective Action Plan, as this subrecipient’s uniform guidance report noted a material weakness. E. The Annual Report on Households Assisted by LIHEAP contains data that is specific to benefits paid to eligible participants. The data that is used to compile the annual report is obtained from case data that is reported to the New Hampshire Department of Energy (the Department) from its subrecipients as the Department has entered into grant agreements with third parties who are responsible for the eligibility determination and benefit payment process. As part of our subrecipient monitoring testwork, we were unable to verify that the Department had performed any monitoring procedures over the data provided by each subrecipient to ensure that the data reported within the annual report was complete and accurate. Cause The cause of the condition found was primarily due to insufficient documented subrecipient policies and procedures to ensure that adequate monitoring is performed over subrecipients to align with the risk assessments performed. The monitoring procedures that are in place do not include the completeness and accuracy of the data submitted by the subrecipient utilized to compile federal reports. Further, the Department does not have sufficient internal controls and procedures to ensure results of monitoring visits are performed and results communicated timely to subrecipient or to ensure that subrecipient uniform guidance reports are obtained and reviewed timely. In addition, there are insufficient internal controls in place to review the grant agreements to ensure that all required data elements are communicated to the subrecipient in accordance with 2 CFR section 300.332(b). Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a), section 200.332(b) and 2 CFR section 200.521. Questioned Costs None. Recommendation We recommend that the Department formalize, policies and procedures and implement the necessary internal controls to ensure that the Department complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(b) and 2 CFR section 200.251. This would include ensuring that: 1. All required award information is communicated to subrecipients; 2. As a result of the risk assessment performed, monitoring activities are performed over subrecipients to ensure compliance with the terms and conditions of its subrecipient grant agreement. The results of all monitoring reviews should be timely communicated in accordance with the Department’s policies to the subrecipient and actions requiring corrective action plan should be followed up on to ensure that the matter is resolved; and 3. Ensure that all uniform guidance reports are collected and reviewed timely so that a management decision letter can be issued within the time period required by federal regulations. Retain evidence of Department review of uniform guidance reports and management letters issued as a result of their review. View of Responsible Officials: Management partially concurs with the finding above Rejoinder As it relates to Bullet C above, for 3 of 3 subrecipients selected for testwork, the Department did not complete its annual fiscal monitoring review during the audit period as required by their monitoring policy
Finding Reference Number: 2023-015 NH Department of Energy Low Income Home Energy Assistance and COVID-19 Low Income Home Energy Assistance (Assistance Listing #93.568) Federal Award Numbers: 2001NHLEA, 2001NHLIE4, 2001NH5C3, 2101NHLIEA, 2101NHE5C6, 2201NHLIEA, 2101NHLIE4, 2201NHLIEE, 2201NHLIEI, 2301NHLIEA, 2301NHLIEE, 2301NHLIEI Federal Award Year: 2020, 2021, 2022, 2023 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: 2022-025 Statistically Valid Sample: No Criteria A pass-through entity must: 1. Clearly identify to the subrecipient required award information and applicable requirements described in 2 CFR section 200.332(a); 2. Evaluate each subrecipient’s risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 300.332(b)); 3. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required through the terms and conditions of the award, subaward monitoring must include following up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means; and 4. Issuing a management decision for audit findings pertaining to federal award provided to the subrecipient from the subrecipient as required by 2 CFR section 200.521. Additionally, Title 45 U.S. Code of Federal Regulation Part 75 (45 CFR section 75), Uniform Administrative Requirements, Cost Principles, and Audit Requirements for HS Awards, section 75.303(a), Internal Controls, states the non-Federal entity must establish and maintain effective internal control over the federal award that provides reasonable assurance that the non-Federal entity is managing the federal award in compliance with federal statutes, regulations, and the terms and conditions of the federal award. Condition As part of the Low-Income Home Energy Assistance program (LIHEAP), the New Hampshire Department of Energy (the Department) enters into grant agreements with local entities to provide services related to the eligibility determination process for the LIHEAP program (including the calculation of participant benefits) and payment of benefits to fuel providers. During the year ended June 30, 2023, $52,485,098 was passed through to subrecipients. As part of our testwork over the subrecipient monitoring process, we noted the following as of the year ending June 30, 2023: A. The Department communicates award information to subrecipients through the approved grant agreement. Per review of the grant agreement, for each of the 3 subrecipients selected for testwork, the Department did not communicate all the required award information as outlined in 2 CFR section 200.332. Specifically, the following elements were not communicated: a. Federal Award Identification Number (FAIN) b. Federal award date c. Indirect cost rate for federal awards (including if the deminimus rate is charged per 2 CFR section 200.414) d. Identification of whether the award is R&D B. For the 1 programmatic monitoring review completed by the Department during the period under audit, the Department did not issue its programmatic monitoring report to the subrecipient timely after the monitoring review was completed. As a result, there was a delay in the subrecipient implementing its corrective action plan to address the findings identified during the programmatic monitoring review. Specifically, we noted the following: a. For the 1 programmatic monitoring review, the monitoring review took place on May 4, 2023, but the report to the subrecipient was not issued until September 23, 2023. Per review of the report that was issued, there were findings identified by the Department that warranted corrective action. Due to the delay in issuing the report, a corrective action plan was not obtained from the subrecipient until almost 5 months after the date of that the monitoring review took place. C. For 3 of 3 subrecipients selected for testwork, the Department did not complete its annual fiscal monitoring review during the audit period as required by their monitoring policy. D. During our testwork over the Department’s review of subrecipient uniform guidance reports, we noted the following: a. The Department does not track the receipt of uniform guidance reports. As a result, we were unable to determine when the uniform guidance reports were received by the Department to ensure they are reviewed timely. Specifically, we noted: i. For all 3 subrecipients selected, the subrecipient’s uniform guidance appeared to have been reviewed, but as the Department does not track the receipt of uniform guidance reports, it was unclear if it was reviewed timely. We did note based on the date that the uniform guidance report was issued, the management decision letter was not issued within 6 months of the date of the report being issued as required by 2 CRF 200.521 (d). ii. For 1 subrecipient in which the UG report had a finding, we were unable to obtain evidence to support that the Department had obtained and reviewed the subrecipient’s uniform guidance report, including management’s response to findings letter as well as the related Corrective Action Plan, as this subrecipient’s uniform guidance report noted a material weakness. E. The Annual Report on Households Assisted by LIHEAP contains data that is specific to benefits paid to eligible participants. The data that is used to compile the annual report is obtained from case data that is reported to the New Hampshire Department of Energy (the Department) from its subrecipients as the Department has entered into grant agreements with third parties who are responsible for the eligibility determination and benefit payment process. As part of our subrecipient monitoring testwork, we were unable to verify that the Department had performed any monitoring procedures over the data provided by each subrecipient to ensure that the data reported within the annual report was complete and accurate. Cause The cause of the condition found was primarily due to insufficient documented subrecipient policies and procedures to ensure that adequate monitoring is performed over subrecipients to align with the risk assessments performed. The monitoring procedures that are in place do not include the completeness and accuracy of the data submitted by the subrecipient utilized to compile federal reports. Further, the Department does not have sufficient internal controls and procedures to ensure results of monitoring visits are performed and results communicated timely to subrecipient or to ensure that subrecipient uniform guidance reports are obtained and reviewed timely. In addition, there are insufficient internal controls in place to review the grant agreements to ensure that all required data elements are communicated to the subrecipient in accordance with 2 CFR section 300.332(b). Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(a), section 200.332(b) and 2 CFR section 200.521. Questioned Costs None. Recommendation We recommend that the Department formalize, policies and procedures and implement the necessary internal controls to ensure that the Department complies with the provisions of 2 CFR section 200.332(a), 2 CFR section 200.332(b) and 2 CFR section 200.251. This would include ensuring that: 1. All required award information is communicated to subrecipients; 2. As a result of the risk assessment performed, monitoring activities are performed over subrecipients to ensure compliance with the terms and conditions of its subrecipient grant agreement. The results of all monitoring reviews should be timely communicated in accordance with the Department’s policies to the subrecipient and actions requiring corrective action plan should be followed up on to ensure that the matter is resolved; and 3. Ensure that all uniform guidance reports are collected and reviewed timely so that a management decision letter can be issued within the time period required by federal regulations. Retain evidence of Department review of uniform guidance reports and management letters issued as a result of their review. View of Responsible Officials: Management partially concurs with the finding above Rejoinder As it relates to Bullet C above, for 3 of 3 subrecipients selected for testwork, the Department did not complete its annual fiscal monitoring review during the audit period as required by their monitoring policy
Finding Reference Number: 2023-017 NH Department of Health and Human Services Substance Abuse Prevention and Treatment Block Grant (ALN #93.959) and COVID-19 Substance Abuse Prevention and Treatment Block Grant (ALN #93.959) Federal Award Numbers: 1B08Ti084659-01, 1B08TI085821-01 Federal Award Year: 2022, 2023 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: None Statistically Valid Sample: No Criteria A pass-through entity (PTE) must: 1. Evaluate Risk – Evaluate each subrecipient’s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 200.332(b)). 2. Monitor – Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, subaward monitoring must include the following: a. Reviewing financial and programmatic (performance and special reports) required by the PTE. b. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the PTE detected through audits, on-site reviews, and other means. c. Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the PTE as required by 2 CFR section 200.521. Additionally, 45 CFR section 75 303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award Condition During the year ended June 30, 2023, the New Hampshire Department of Health and Human Services (the Department) passed through $7,720,172 of federal funding to subrecipients. As part of our testing related subrecipient monitoring, we identified the following: A. The Department provided the most recent risk assessment performed for each of the 7 subrecipients selected for testwork. Per review of the risk assessments provided, we identified the following: 1. For 5 of the subrecipients, the risk assessment indicated that the subrecipients expenditure detail should be examined monthly to ensure compliance with contract requirements and applicable laws and rules. We were unable to determine if this procedure had been performed as part of the Department’s subrecipient monitoring process. 2. For the remaining 2 subrecipients the recommended monitoring procedures was left blank on the risk assessment and as such we are unable to verify what type of monitoring procedures should have been performed. B. The Department’s during the award monitoring for of the 4 of the 7 subrecipients selected for testwork consisted of the review and approval of subrecipient invoices. Per review of the invoices, the invoice contained a summary of costs incurred by the subrecipient by category of expense that it was seeking reimbursement for. It was evident through the invoice review that the Department often followed up on inconsistencies on hours worked with the subrecipient to help ensure the accuracy of the invoice reviewed. While this detailed review was performed, the Department did not perform any other monitoring procedures related to these 4 subrecipients to ensure the accuracy of the request made by the subrecipient through either a desk review or an on-site monitoring visit. As such, it is unclear if the monitoring performed was sufficient to ensure that the subrecipient was complying with the terms and conditions of its subrecipient grant agreement. C. During our review over the Department’s review over the subrecipients Uniform Guidance reports, we identified that for 2 of 7 subrecipients selected for testwork, the subrecipients uniform guidance audit was not issued within 9 months of the subrecipients year end. We were unable to obtain any correspondence between the Department or the subrecipient to inquire about the uniform guidance report or when it would be issued. Upon receipt of the report, the Department did issue a management decision letter upon receipt of the report. Cause The cause of the condition found was primarily due to a lack of formal policies and internal controls to ensure that all required subrecipient monitoring compliance procedures are being performed by the Department. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.501(h). Questioned Costs None. Recommendation We recommend the Department review its existing policies and procedures and implement internal controls to ensure that the Department complies with 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.501(h). This would ensure that the risk assessment is routinely updated for multiyear grants and that the prescribed monitoring procedures take into consideration any additional monitoring procedures that might need to be performed, such as a desk review or on-site visit, if the program is not audited as part of the subrecipient’s uniform guidance audit. In addition, policies and procedures should be established to ensure that if the risk assessment has suggested a particular monitoring procedure be performed, that the Department is adequately documenting its monitoring procedures to ensure that it has performed the required procedures. View of Responsible Officials Management partially concurs with the finding above. Rejoinder As it relates to Bullet A above, we were not able to obtain documentation to support that the suggested procedures outlined within the risk assessment was performed. As it relates to Bullet B above, for of the 4 of the 7 subrecipients selected for testwork consisted of the review and approval of subrecipient invoices. Per review of the invoices, the invoice contained a summary of costs incurred by the subrecipient by category of expense that it was seeking reimbursement for. It was evident through the invoice review that the Department often followed up on inconsistencies on hours worked with the subrecipient to help ensure the accuracy of the invoice reviewed. While this detailed review was performed, the Department did not perform any other monitoring procedures related to these 4 subrecipients to ensure the accuracy of the request made by the subrecipient through either a desk review or an on-site monitoring visit. As such, it is unclear if the monitoring performed was sufficient to ensure that the subrecipient was complying with the terms and conditions of its subrecipient grant agreement.
Finding Reference Number: 2023-017 NH Department of Health and Human Services Substance Abuse Prevention and Treatment Block Grant (ALN #93.959) and COVID-19 Substance Abuse Prevention and Treatment Block Grant (ALN #93.959) Federal Award Numbers: 1B08Ti084659-01, 1B08TI085821-01 Federal Award Year: 2022, 2023 U.S. Department of Health and Human Services Compliance Requirement: Subrecipient Monitoring Type of Finding: Material Weakness and Material Noncompliance Prior Year Finding: None Statistically Valid Sample: No Criteria A pass-through entity (PTE) must: 1. Evaluate Risk – Evaluate each subrecipient’s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward (2 CFR section 200.332(b)). 2. Monitor – Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). In addition to procedures identified as necessary based upon the evaluation of subrecipient risk or specifically required by the terms and conditions of the award, subaward monitoring must include the following: a. Reviewing financial and programmatic (performance and special reports) required by the PTE. b. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient from the PTE detected through audits, on-site reviews, and other means. c. Issuing a management decision for audit findings pertaining to the federal award provided to the subrecipient from the PTE as required by 2 CFR section 200.521. Additionally, 45 CFR section 75 303(a) states the non Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award Condition During the year ended June 30, 2023, the New Hampshire Department of Health and Human Services (the Department) passed through $7,720,172 of federal funding to subrecipients. As part of our testing related subrecipient monitoring, we identified the following: A. The Department provided the most recent risk assessment performed for each of the 7 subrecipients selected for testwork. Per review of the risk assessments provided, we identified the following: 1. For 5 of the subrecipients, the risk assessment indicated that the subrecipients expenditure detail should be examined monthly to ensure compliance with contract requirements and applicable laws and rules. We were unable to determine if this procedure had been performed as part of the Department’s subrecipient monitoring process. 2. For the remaining 2 subrecipients the recommended monitoring procedures was left blank on the risk assessment and as such we are unable to verify what type of monitoring procedures should have been performed. B. The Department’s during the award monitoring for of the 4 of the 7 subrecipients selected for testwork consisted of the review and approval of subrecipient invoices. Per review of the invoices, the invoice contained a summary of costs incurred by the subrecipient by category of expense that it was seeking reimbursement for. It was evident through the invoice review that the Department often followed up on inconsistencies on hours worked with the subrecipient to help ensure the accuracy of the invoice reviewed. While this detailed review was performed, the Department did not perform any other monitoring procedures related to these 4 subrecipients to ensure the accuracy of the request made by the subrecipient through either a desk review or an on-site monitoring visit. As such, it is unclear if the monitoring performed was sufficient to ensure that the subrecipient was complying with the terms and conditions of its subrecipient grant agreement. C. During our review over the Department’s review over the subrecipients Uniform Guidance reports, we identified that for 2 of 7 subrecipients selected for testwork, the subrecipients uniform guidance audit was not issued within 9 months of the subrecipients year end. We were unable to obtain any correspondence between the Department or the subrecipient to inquire about the uniform guidance report or when it would be issued. Upon receipt of the report, the Department did issue a management decision letter upon receipt of the report. Cause The cause of the condition found was primarily due to a lack of formal policies and internal controls to ensure that all required subrecipient monitoring compliance procedures are being performed by the Department. Effect The effect of the condition found is that the Department did not comply with 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.501(h). Questioned Costs None. Recommendation We recommend the Department review its existing policies and procedures and implement internal controls to ensure that the Department complies with 2 CFR section 200.332(b), 2 CFR sections 200.332(d) through (f), and 2 CFR section 200.501(h). This would ensure that the risk assessment is routinely updated for multiyear grants and that the prescribed monitoring procedures take into consideration any additional monitoring procedures that might need to be performed, such as a desk review or on-site visit, if the program is not audited as part of the subrecipient’s uniform guidance audit. In addition, policies and procedures should be established to ensure that if the risk assessment has suggested a particular monitoring procedure be performed, that the Department is adequately documenting its monitoring procedures to ensure that it has performed the required procedures. View of Responsible Officials Management partially concurs with the finding above. Rejoinder As it relates to Bullet A above, we were not able to obtain documentation to support that the suggested procedures outlined within the risk assessment was performed. As it relates to Bullet B above, for of the 4 of the 7 subrecipients selected for testwork consisted of the review and approval of subrecipient invoices. Per review of the invoices, the invoice contained a summary of costs incurred by the subrecipient by category of expense that it was seeking reimbursement for. It was evident through the invoice review that the Department often followed up on inconsistencies on hours worked with the subrecipient to help ensure the accuracy of the invoice reviewed. While this detailed review was performed, the Department did not perform any other monitoring procedures related to these 4 subrecipients to ensure the accuracy of the request made by the subrecipient through either a desk review or an on-site monitoring visit. As such, it is unclear if the monitoring performed was sufficient to ensure that the subrecipient was complying with the terms and conditions of its subrecipient grant agreement.