State Agency: Illinois State Board of Education (ISBE) Federal Agency: U.S. Department of Education Program Name: Twenty-First Century Community Learning Centers (21st Century) ALN and Program Expenditures: 84.287 ($77,436,583) Award Numbers: Various – see table of award numbers Federal Award Year: Various – see table of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Finding 2023-045: Inadequate Monitoring of 21st Century Subrecipients Condition Found: ISBE did not adequately monitor and document program monitoring procedures performed over subrecipients of the Twenty-First Century Community Learning Centers (21st Century) program. The 21st Century program operates to provide State educational agencies and local educational agencies with funding specific to rural and inner-city public schools. To monitor the 21st Century program activities performed by Illinois elementary and secondary schools, ISBE has established Tier I, Tier II, and Tier III monitoring activities which are applied to each subrecipient depending upon the annual risk score determined by ISBE. ISBE’s 21st Century program subrecipient monitoring manual outlines the risk assessment procedures to determine the tier of monitoring required, the methods used for tier determination, and documentation required for each tier of monitoring. Tier I subrecipient monitoring procedures apply to all subrecipients, with no consideration of the risk assessment score they have received, and consist of a twice-a-year call in which ISBE personnel discuss enrollment and registration statistics, progression towards goals specific to the district, and budgetary changes. A notification email is sent twice a year, alerting the subrecipient that a call is required to be scheduled. Once the call is scheduled, a call form detailing the responses to the discussion points is completed by ISBE personnel during the call to document the call was conducted and any matters for follow up. Tier II applies to the subrecipients who receive a moderate risk assessment score. These procedures consist of a desk review over program compliance, goal attainability specific to the subrecipient, and quality programming. Similar to Tier I, a notification email is initially sent, alerting the subrecipient that a desktop review is going to occur. During the review, a standardized checklist is completed, outlining the documentation provided by the subrecipient to address each portion of review. ISBE documents the completion of its desk review procedures with a letter to the subrecipient communicating any noncompliance and requesting corrective action, if applicable. Any required corrective action plans are reviewed and formally accepted by ISBE in a letter to the subrecipient. Tier III applies to subrecipients who receive a high risk assessment score and consists of an on-site review including interviews with the project director and site coordinators, and observations of the academics and academic enrichment taking place at each site. ISBE personnel complete monitoring checklists to document the completion of its on-site procedures and a summary checklist is completed after the on-site visit to summarize all areas of noncompliance. A letter is sent to the subrecipient communicating the completion of the on-site review and any noncompliance identified, and requesting corrective action, if applicable. Any required corrective action plans are reviewed and formally accepted by ISBE in a letter to the subrecipient. During the year ended June 30, 2023, ISBE passed through 21st Century program funding (totaling $75,983,860) to 139 subrecipients. During our testing of 21st Century program monitoring, we noted ISBE did not follow its subrecipient monitoring procedures during the year ended June 30, 2023. In several instances, documentation supporting monitoring procedures or conclusions was not retained or prepared. In other instances, monitoring documentation was missing required checklists, reports, corrective action plans, or evidence of supervisory review procedures. The following is a summary of the exceptions identified in our testing: "See Table in the Audit Report". We also noted that ISBE’s controls for monitoring are not designed at an appropriate level of precision to ensure monitoring of subrecipients is completed as required. Criteria or Requirement: According to 2 CFR 200.332(d), a pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations and the terms and conditions of the subaward, and that the subaward performance goals are achieved. According to 2 CFR section 200.332(b), a pass-through entity must evaluate each subrecipient’s risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. Additionally, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing supervisory procedures at an appropriate level of precision to ensure adequate monitoring is performed and documentation is maintained. Cause: In discussing these conditions with ISBE officials, they stated the inability to provide required documentation is attributable to staff turnover as those responsible for these monitoring activities have since left ISBE. Possible Asserted Effect: Failure to perform required monitoring procedures and maintain documentation may result in subrecipients not properly administering the Federal programs in accordance with laws, regulations, and grant agreements. Repeat Finding: A similar finding was not reported in the prior year audit. (Finding Code 2023-045) Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend ISBE establish policies and procedures to ensure programmatic monitoring is performed and appropriately documented. Views of ISBE Officials: Management agrees with the finding and has begun to develop processes and structures to correct it.
FINDING NO: 2023-013 (Repeat 2022-017, 2021-024) STATE AGENCY: Oklahoma Department of Transportation FEDERAL AGENCY: Federal Transit Authority ALN: 20.509 FEDERAL PROGRAM NAME: Formula Grants for Rural Areas FEDERAL AWARD NUMBER: OK-2017-023-05, OK-2018-023-03, OK-2019-025-03, OK-2020-021-02, OK- 2021-018-00, OK-2022-016-00, OK-2022-025-00, OK-2022-027-00, OK-2023-026-00 FEDERAL AWARD YEAR: 2017, 2018, 2019, 2020, 2021, 2022, 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR 1201.1 states, “Except as otherwise provided in this part, the Department of Transportation adopts the Office of Management and Budget Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (2 CFR part 200). This part supersedes and repeals the requirements of the Department of Transportation Common Rules (49 CFR part 18 - Uniform Administrative Requirements for Grants and Cooperative Agreements to State and Local Governments and 49 CFR part 19 - Uniform Administrative Requirements - Uniform Administrative Requirements for Grants and Agreements with Institutions of Higher Education, Hospitals, and other Non-Profit Organizations), except that grants and cooperative agreements executed prior to December 26, 2014 shall continue to be subject to 49 CFR parts 18 and 19 as in effect on the date of such grants or agreements. New parts with terminology specific to the Department of Transportation follow.” 2 CFR 200.332 states in part, “All pass-through entities must: … (c) Evaluate each subrecipient's fraud risk and risk of noncompliance with a subaward to determine the appropriate subrecipient monitoring described in paragraph (f) of this section.” 2 CFR 200.332 states in part, “All pass-through entities must: … (e) Monitor the activities of a subrecipient as necessary to ensure that the subrecipient complies with Federal statutes, regulations, and the terms and conditions of the subaward. The pass-through entity is responsible for monitoring the overall performance of a subrecipient to ensure that the goals and objectives of the subaward are achieved. In monitoring a subrecipient, a pass-through entity must: (1) Review financial and performance reports. (2) Ensure that the subrecipient takes corrective action on all significant developments that negatively affect the subaward. Significant developments include Single Audit findings related to the subaward, other audit findings, site visits, and written notifications from a subrecipient of adverse conditions which will impact their ability to meet the milestones or the objectives of a subaward. When significant developments negatively impact the subaward, a subrecipient must provide the pass-through entity with information on their plan for corrective action and any assistance needed to resolve the situation. (3) Issue a management decision for audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) Resolve audit findings specifically related to the subaward. ...” 2 CFR 200.332 states in part, “All pass-through entities must: … (g) Verify that a subrecipient is audited as required by subpart F of this part.” 2 CFR 200.332 states in part, “All pass-through entities must: … (i) Consider taking enforcement action against noncompliant subrecipients as described in § 200.339 and in program regulations.” 2 CFR 200.521 states in part, “(a) General. The management decision must clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments or take other action. If the auditee has not completed corrective action, a timetable for follow- up should be given. … While not required, the Federal agency or pass-through entity may also issue a management decision on findings relating to the financial statements, which are required to be reported in accordance with GAGAS.” 2 CFR 200.521 states in part, “(d) Time requirements. The Federal agency or pass-through entity responsible for issuing a management decision must do so within six months of the FAC's acceptance of the audit report. The auditee must initiate and proceed with corrective action as rapidly as possible and corrective action should begin no later than upon receipt of the audit report.” Condition and Context: The Office of Mobility and Public Transit (OMPT) at the Oklahoma Department of Transportation (Department) is responsible for monitoring of subrecipients. Project managers at OMPT monitor specific subrecipients assigned to them. As part of this process, the project managers obtain subrecipients’ audit reports and forward them to the Department’s Cabinet-Wide Audit Office (CWO) for review. OMPT relies on responses received from CWO subsequent to review for identification of findings to monitor and assess the risk related to subrecipients’ compliance with Federal statutes, regulations, and the terms and conditions of the subaward. OMPT uses an audit tracking spreadsheet as a control to ensure the requirements described in 2 CFR 200.332 are met. OMPT’s program managers are required to update the audit tracking spreadsheet for those subrecipients assigned to them. Based on our review of the tracking spreadsheet and supporting documentation, we determined that the control process was designed but not properly implemented. Based on inquiry and review of documentation related to financial and performance audits applicable to 23 subrecipients, we noted: • For 10 (43.48%) of 23 subrecipients, the OMPT did not obtain an audit report. • For 11 (47.83%) of 23 subrecipients, the OMPT was unable to provide documentation to support that a review of the subrecipients’ financial or performance audit was performed by CWO. • The OMPT did not take timely and appropriate action on deficiencies detected through audits and did not issue a management decision on audit findings within six months of acceptance of the audit report by the Federal Audit Clearinghouse. • The Department does not have an adequate process in place to determine whether subrecipients expended $750,000 or more in Federal awards for the year and are, therefore, subject to a single audit. • The OMPT does not have an established process to evaluate the risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subawards. Cause: Internal controls have not been designed and implemented to ensure compliance with all subrecipient monitoring requirements. The Department does not have a process in place to determine the type of audit required for each subrecipient. Each program manager is responsible for updating the information for their assigned subrecipients; however there is no oversight or mechanism in place to ensure that all subrecipients’ are accurately tracked. Effect: The Department is not in compliance with the requirements of 2 CFR 200.332. Because the OMPT is not performing adequate risk assessments, monitoring of subrecipients is not designed to account for the level of noncompliance risk the subrecipient poses. If audits are not adequately tracked, the Department cannot meet the imposed deadlines for follow-up. In addition, because information regarding Federal expenditures is not sought, subrecipients may not obtain a required Single Audit. Lastly, because documentation supporting the review of subrecipients’ audit reports was not maintained by CWO, we were unable to determine that a review of these audits took place. Recommendation: We recommend that the OMPT develop and implement procedures to ensure subrecipient risk assessments are performed annually and then incorporate the assessed risk in the design of its monitoring activities. We recommend the OMPT inquire after the subrecipients’ year-end as to the total Federal expenditures during the preceding fiscal year and update the Single Audit Tracking Sheet with the type of audit required. Further, we recommend the Single Audit Tracking Sheet be updated monthly to ensure all review/follow-up deadlines are met. Lastly, we recommend CWO implement a process to ensure that the review of subrecipients’ audit reports is adequately documented, and results are communicated to OMPT in a timely manner. Views of Responsible Official(s) Contact Person: OMPT - Eric Rose/Bobby Parkinson & Anne Antonelli, Internal Audit – Holly Lowe Anticipated Completion Date: 7/1/2025 Corrective Action Planned: The Oklahoma Department of Transportation agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-013 (Repeat 2022-017, 2021-024) STATE AGENCY: Oklahoma Department of Transportation FEDERAL AGENCY: Federal Transit Authority ALN: 20.509 FEDERAL PROGRAM NAME: Formula Grants for Rural Areas FEDERAL AWARD NUMBER: OK-2017-023-05, OK-2018-023-03, OK-2019-025-03, OK-2020-021-02, OK- 2021-018-00, OK-2022-016-00, OK-2022-025-00, OK-2022-027-00, OK-2023-026-00 FEDERAL AWARD YEAR: 2017, 2018, 2019, 2020, 2021, 2022, 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR 1201.1 states, “Except as otherwise provided in this part, the Department of Transportation adopts the Office of Management and Budget Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (2 CFR part 200). This part supersedes and repeals the requirements of the Department of Transportation Common Rules (49 CFR part 18 - Uniform Administrative Requirements for Grants and Cooperative Agreements to State and Local Governments and 49 CFR part 19 - Uniform Administrative Requirements - Uniform Administrative Requirements for Grants and Agreements with Institutions of Higher Education, Hospitals, and other Non-Profit Organizations), except that grants and cooperative agreements executed prior to December 26, 2014 shall continue to be subject to 49 CFR parts 18 and 19 as in effect on the date of such grants or agreements. New parts with terminology specific to the Department of Transportation follow.” 2 CFR 200.332 states in part, “All pass-through entities must: … (c) Evaluate each subrecipient's fraud risk and risk of noncompliance with a subaward to determine the appropriate subrecipient monitoring described in paragraph (f) of this section.” 2 CFR 200.332 states in part, “All pass-through entities must: … (e) Monitor the activities of a subrecipient as necessary to ensure that the subrecipient complies with Federal statutes, regulations, and the terms and conditions of the subaward. The pass-through entity is responsible for monitoring the overall performance of a subrecipient to ensure that the goals and objectives of the subaward are achieved. In monitoring a subrecipient, a pass-through entity must: (1) Review financial and performance reports. (2) Ensure that the subrecipient takes corrective action on all significant developments that negatively affect the subaward. Significant developments include Single Audit findings related to the subaward, other audit findings, site visits, and written notifications from a subrecipient of adverse conditions which will impact their ability to meet the milestones or the objectives of a subaward. When significant developments negatively impact the subaward, a subrecipient must provide the pass-through entity with information on their plan for corrective action and any assistance needed to resolve the situation. (3) Issue a management decision for audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) Resolve audit findings specifically related to the subaward. ...” 2 CFR 200.332 states in part, “All pass-through entities must: … (g) Verify that a subrecipient is audited as required by subpart F of this part.” 2 CFR 200.332 states in part, “All pass-through entities must: … (i) Consider taking enforcement action against noncompliant subrecipients as described in § 200.339 and in program regulations.” 2 CFR 200.521 states in part, “(a) General. The management decision must clearly state whether or not the audit finding is sustained, the reasons for the decision, and the expected auditee action to repay disallowed costs, make financial adjustments or take other action. If the auditee has not completed corrective action, a timetable for follow- up should be given. … While not required, the Federal agency or pass-through entity may also issue a management decision on findings relating to the financial statements, which are required to be reported in accordance with GAGAS.” 2 CFR 200.521 states in part, “(d) Time requirements. The Federal agency or pass-through entity responsible for issuing a management decision must do so within six months of the FAC's acceptance of the audit report. The auditee must initiate and proceed with corrective action as rapidly as possible and corrective action should begin no later than upon receipt of the audit report.” Condition and Context: The Office of Mobility and Public Transit (OMPT) at the Oklahoma Department of Transportation (Department) is responsible for monitoring of subrecipients. Project managers at OMPT monitor specific subrecipients assigned to them. As part of this process, the project managers obtain subrecipients’ audit reports and forward them to the Department’s Cabinet-Wide Audit Office (CWO) for review. OMPT relies on responses received from CWO subsequent to review for identification of findings to monitor and assess the risk related to subrecipients’ compliance with Federal statutes, regulations, and the terms and conditions of the subaward. OMPT uses an audit tracking spreadsheet as a control to ensure the requirements described in 2 CFR 200.332 are met. OMPT’s program managers are required to update the audit tracking spreadsheet for those subrecipients assigned to them. Based on our review of the tracking spreadsheet and supporting documentation, we determined that the control process was designed but not properly implemented. Based on inquiry and review of documentation related to financial and performance audits applicable to 23 subrecipients, we noted: • For 10 (43.48%) of 23 subrecipients, the OMPT did not obtain an audit report. • For 11 (47.83%) of 23 subrecipients, the OMPT was unable to provide documentation to support that a review of the subrecipients’ financial or performance audit was performed by CWO. • The OMPT did not take timely and appropriate action on deficiencies detected through audits and did not issue a management decision on audit findings within six months of acceptance of the audit report by the Federal Audit Clearinghouse. • The Department does not have an adequate process in place to determine whether subrecipients expended $750,000 or more in Federal awards for the year and are, therefore, subject to a single audit. • The OMPT does not have an established process to evaluate the risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subawards. Cause: Internal controls have not been designed and implemented to ensure compliance with all subrecipient monitoring requirements. The Department does not have a process in place to determine the type of audit required for each subrecipient. Each program manager is responsible for updating the information for their assigned subrecipients; however there is no oversight or mechanism in place to ensure that all subrecipients’ are accurately tracked. Effect: The Department is not in compliance with the requirements of 2 CFR 200.332. Because the OMPT is not performing adequate risk assessments, monitoring of subrecipients is not designed to account for the level of noncompliance risk the subrecipient poses. If audits are not adequately tracked, the Department cannot meet the imposed deadlines for follow-up. In addition, because information regarding Federal expenditures is not sought, subrecipients may not obtain a required Single Audit. Lastly, because documentation supporting the review of subrecipients’ audit reports was not maintained by CWO, we were unable to determine that a review of these audits took place. Recommendation: We recommend that the OMPT develop and implement procedures to ensure subrecipient risk assessments are performed annually and then incorporate the assessed risk in the design of its monitoring activities. We recommend the OMPT inquire after the subrecipients’ year-end as to the total Federal expenditures during the preceding fiscal year and update the Single Audit Tracking Sheet with the type of audit required. Further, we recommend the Single Audit Tracking Sheet be updated monthly to ensure all review/follow-up deadlines are met. Lastly, we recommend CWO implement a process to ensure that the review of subrecipients’ audit reports is adequately documented, and results are communicated to OMPT in a timely manner. Views of Responsible Official(s) Contact Person: OMPT - Eric Rose/Bobby Parkinson & Anne Antonelli, Internal Audit – Holly Lowe Anticipated Completion Date: 7/1/2025 Corrective Action Planned: The Oklahoma Department of Transportation agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-096 (Repeat finding 2022-071) STATE AGENCY: State of Oklahoma FEDERAL AGENCY: US Department of the Treasury ALN: 21.019 FEDERAL PROGRAM NAME: Coronavirus Relief Fund (CRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $248,779 Criteria: 2 CFR § 200.303 - Internal controls states in part, “The Non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” 2 CFR § 200.332 - Requirements for pass-through entities states in part, “All pass-through entities must: … (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the information provided below. A pass-through entity must provide the best available information when some of the information below is unavailable. A pass-through entity must provide the unavailable information when it is obtained. Required information includes: (1) Federal award identification. (i) Subrecipient's name (must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated in the subaward; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity, including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required by the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of the Federal agency, pass-through entity, and contact information for awarding official of the pass-through entity; (xii) Assistance Listings title and number; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at the time of disbursement; (xiii) Identification of whether the Federal award is for research and development; and (xiv) Indirect cost rate for the Federal award (including if the de minimis rate is used in accordance with § 200.414). (2) All requirements of the subaward, including requirements imposed by Federal statutes, regulations, and the terms and conditions of the Federal award; (3) Any additional requirements that the pass-through entity imposes on the subrecipient for the pass-through entity to meet its responsibilities under the Federal award. This includes information and certifications (see § 200.415) required for submitting financial and performance reports that the pass-through entity must provide to the Federal agency; … (c) Evaluate each subrecipient's fraud risk and risk of noncompliance with a subaward to determine the appropriate subrecipient monitoring described in paragraph (f) of this section. When evaluating a subrecipient's risk, a passthrough entity should consider the following: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits. This includes considering whether or not the subrecipient receives a Single Audit in accordance with subpart F and the extent to which the same or similar subawards have been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of any Federal agency monitoring (for example, if the subrecipient also receives Federal awards directly from the Federal agency). (d) If appropriate, consider implementing specific conditions in a subaward as described in § 200.208 and notify the Federal agency of the specific conditions. (e) Monitor the activities of a subrecipient as necessary to ensure that the subrecipient complies with Federal statutes, regulations, and the terms and conditions of the subaward. The pass-through entity is responsible for monitoring the overall performance of a subrecipient to ensure that the goals and objectives of the subaward are achieved. In monitoring a subrecipient, a pass-through entity must: (1) Review financial and performance reports. (2) Ensure that the subrecipient takes corrective action on all significant developments that negatively affect the subaward. Significant developments include Single Audit findings related to the subaward, other audit findings, site visits, and written notifications from a subrecipient of adverse conditions which will impact their ability to meet the milestones or the objectives of a subaward. When significant developments negatively impact the subaward, a subrecipient must provide the pass-through entity with information on their plan for corrective action and any assistance needed to resolve the situation. (3) Issue a management decision for audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. … .” The Department of the Treasury Federal Register, Vol. 86, No. 10 from January 15, 2021 states in part, “The CARES [Coronavirus Aid, Relief, & Economic Security Act] Act provides that payments from the Fund may only be used to cover costs that— 1. are necessary expenditures incurred due to the public health emergency with respect to the Coronavirus Disease 2019 (COVID–19); 2. were not accounted for in the budget most recently approved as of March 27, 2020 (the date of enactment of the CARES Act) for the State or government; and 3. were incurred during the period that begins on March 1, 2020 and ends on December 31, 2021. … This guidance applies in a like manner to costs of subrecipients. Thus, a grant or loan, for example, provided by a recipient using payments from the Fund must be used by the subrecipient only to purchase (or reimburse a purchase of) goods or services for which receipt both is needed within the covered period and occurs within the covered period. The direct recipient of payments from the Fund is ultimately responsible for compliance with this limitation on use of payments from the Fund. Condition and Context: Per the GAAP Package Z - Schedule of Expenditures of Federal Awards (SEFA), the State of Oklahoma reported $249,660.69 in CRF cash basis expenditures reimbursed to subrecipients by the CARES FORWARD1 team. We tested all five (5) reimbursement transactions for one subrecipient and noted the following: • One (20%) of the five (5) transactions totaling $4,594.40 contained no supporting documentation. • Four (80%) of the five (5) transactions totaling $245,066.29 contained costs totaling $244,184.29 that were incurred by the subrecipient after 12/31/2021 (covered period). The State of Oklahoma – CARES FORWARD team failed to perform an adequate review to ensure the subrecipient purchased (or reimbursed a purchase of) goods or services for which receipt both is needed within the covered period and occurs within the covered period. Further, we noted Award documents provided to the subrecipient did not include the terms and conditions of the subaward. Also, the CARES FORWARD team did not perform a risk assessment on subrecipients receiving continued funding during SFY 2023. Lastly, while performing Single Audit monitoring testwork on three (3) subrecipients for SFY 2022, we determined that the State of Oklahoma - CARES FORWARD team did not perform tracking on two (2) of the subrecipients that received CRF funds. For the two subrecipients, there is no documentation to show that OMES received the SFY 2022 Single Audit, evaluated whether the subrecipient took corrective action on all significant developments that affect the subaward, and issued a management decision for any audit findings pertaining to the federal award. Cause: Adequate controls were not in place to ensure the monitoring process utilized by the CARES FORWARD team considered the Department of Treasury guidance when determining whether the financial activities of the subrecipients complied with Federal statutes, regulations, and the terms and conditions of the Federal award prior to payment. Also, the State of Oklahoma – CARES FORWARD2 team did not have sufficient internal controls in place to ensure subrecipient award documentation included the terms and conditions of the subaward in accordance with 2 CFR § 200.332. Further, the State of Oklahoma – CARES FORWARD team did not have sufficient internal controls in place to ensure subrecipients are assessed for risk in accordance with 2 CFR § 200.332. Lastly, the State of Oklahoma – CARES Forward team did not have sufficient internal controls in place to ensure subrecipients are monitored for a Single Audit in accordance with 2 CFR § 200.332. Effect: These deficiencies resulted in questioned costs of $248,779 goods or services for which receipt both was needed and occurred within the covered period. The $248,779 in questioned costs related to subrecipient expenses is included in Finding 2023-108 (Activities Allowed or Unallowed, Allowable Costs/Cost Principles, Period of Performance) as well, as the same transactions failed to meet requirements under all these compliance areas. The amount should not be considered cumulative. The State of Oklahoma – CARES FORWARD team did not comply with 2 CFR § 200.332. Recommendation: We recommend for future grants that the State of Oklahoma strengthen their control process related to subrecipients to ensure compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Views of Responsible Official(s) Contact Person: Brandy Manek Anticipated Completion Date: September 2022 Corrective Action Planned: The State of Oklahoma/Office of Management and Enterprise Services partially agrees with this finding. See corrective action plan located in the corrective action plan section of the report. Auditor Response: The State Auditor & Inspector’s Office questioned $248,779 to one subrecipient for SFY 2023 based on the expenditures for goods or services both needing to be within the covered period and occurring within the covered period. Therefore, since the subrecipient payments were after the covered period (December 31, 2021), the finding will stand. Further, since there was not a risk assessment performed during the year and the Single Audit tracking was not performed for SFY 2022 for 2 of the 3 subrecipients, the finding will stand.
FINDING NO: 2023-096 (Repeat finding 2022-071) STATE AGENCY: State of Oklahoma FEDERAL AGENCY: US Department of the Treasury ALN: 21.019 FEDERAL PROGRAM NAME: Coronavirus Relief Fund (CRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $248,779 Criteria: 2 CFR § 200.303 - Internal controls states in part, “The Non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” 2 CFR § 200.332 - Requirements for pass-through entities states in part, “All pass-through entities must: … (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the information provided below. A pass-through entity must provide the best available information when some of the information below is unavailable. A pass-through entity must provide the unavailable information when it is obtained. Required information includes: (1) Federal award identification. (i) Subrecipient's name (must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated in the subaward; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity, including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required by the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of the Federal agency, pass-through entity, and contact information for awarding official of the pass-through entity; (xii) Assistance Listings title and number; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at the time of disbursement; (xiii) Identification of whether the Federal award is for research and development; and (xiv) Indirect cost rate for the Federal award (including if the de minimis rate is used in accordance with § 200.414). (2) All requirements of the subaward, including requirements imposed by Federal statutes, regulations, and the terms and conditions of the Federal award; (3) Any additional requirements that the pass-through entity imposes on the subrecipient for the pass-through entity to meet its responsibilities under the Federal award. This includes information and certifications (see § 200.415) required for submitting financial and performance reports that the pass-through entity must provide to the Federal agency; … (c) Evaluate each subrecipient's fraud risk and risk of noncompliance with a subaward to determine the appropriate subrecipient monitoring described in paragraph (f) of this section. When evaluating a subrecipient's risk, a passthrough entity should consider the following: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits. This includes considering whether or not the subrecipient receives a Single Audit in accordance with subpart F and the extent to which the same or similar subawards have been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of any Federal agency monitoring (for example, if the subrecipient also receives Federal awards directly from the Federal agency). (d) If appropriate, consider implementing specific conditions in a subaward as described in § 200.208 and notify the Federal agency of the specific conditions. (e) Monitor the activities of a subrecipient as necessary to ensure that the subrecipient complies with Federal statutes, regulations, and the terms and conditions of the subaward. The pass-through entity is responsible for monitoring the overall performance of a subrecipient to ensure that the goals and objectives of the subaward are achieved. In monitoring a subrecipient, a pass-through entity must: (1) Review financial and performance reports. (2) Ensure that the subrecipient takes corrective action on all significant developments that negatively affect the subaward. Significant developments include Single Audit findings related to the subaward, other audit findings, site visits, and written notifications from a subrecipient of adverse conditions which will impact their ability to meet the milestones or the objectives of a subaward. When significant developments negatively impact the subaward, a subrecipient must provide the pass-through entity with information on their plan for corrective action and any assistance needed to resolve the situation. (3) Issue a management decision for audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. … .” The Department of the Treasury Federal Register, Vol. 86, No. 10 from January 15, 2021 states in part, “The CARES [Coronavirus Aid, Relief, & Economic Security Act] Act provides that payments from the Fund may only be used to cover costs that— 1. are necessary expenditures incurred due to the public health emergency with respect to the Coronavirus Disease 2019 (COVID–19); 2. were not accounted for in the budget most recently approved as of March 27, 2020 (the date of enactment of the CARES Act) for the State or government; and 3. were incurred during the period that begins on March 1, 2020 and ends on December 31, 2021. … This guidance applies in a like manner to costs of subrecipients. Thus, a grant or loan, for example, provided by a recipient using payments from the Fund must be used by the subrecipient only to purchase (or reimburse a purchase of) goods or services for which receipt both is needed within the covered period and occurs within the covered period. The direct recipient of payments from the Fund is ultimately responsible for compliance with this limitation on use of payments from the Fund. Condition and Context: Per the GAAP Package Z - Schedule of Expenditures of Federal Awards (SEFA), the State of Oklahoma reported $249,660.69 in CRF cash basis expenditures reimbursed to subrecipients by the CARES FORWARD1 team. We tested all five (5) reimbursement transactions for one subrecipient and noted the following: • One (20%) of the five (5) transactions totaling $4,594.40 contained no supporting documentation. • Four (80%) of the five (5) transactions totaling $245,066.29 contained costs totaling $244,184.29 that were incurred by the subrecipient after 12/31/2021 (covered period). The State of Oklahoma – CARES FORWARD team failed to perform an adequate review to ensure the subrecipient purchased (or reimbursed a purchase of) goods or services for which receipt both is needed within the covered period and occurs within the covered period. Further, we noted Award documents provided to the subrecipient did not include the terms and conditions of the subaward. Also, the CARES FORWARD team did not perform a risk assessment on subrecipients receiving continued funding during SFY 2023. Lastly, while performing Single Audit monitoring testwork on three (3) subrecipients for SFY 2022, we determined that the State of Oklahoma - CARES FORWARD team did not perform tracking on two (2) of the subrecipients that received CRF funds. For the two subrecipients, there is no documentation to show that OMES received the SFY 2022 Single Audit, evaluated whether the subrecipient took corrective action on all significant developments that affect the subaward, and issued a management decision for any audit findings pertaining to the federal award. Cause: Adequate controls were not in place to ensure the monitoring process utilized by the CARES FORWARD team considered the Department of Treasury guidance when determining whether the financial activities of the subrecipients complied with Federal statutes, regulations, and the terms and conditions of the Federal award prior to payment. Also, the State of Oklahoma – CARES FORWARD2 team did not have sufficient internal controls in place to ensure subrecipient award documentation included the terms and conditions of the subaward in accordance with 2 CFR § 200.332. Further, the State of Oklahoma – CARES FORWARD team did not have sufficient internal controls in place to ensure subrecipients are assessed for risk in accordance with 2 CFR § 200.332. Lastly, the State of Oklahoma – CARES Forward team did not have sufficient internal controls in place to ensure subrecipients are monitored for a Single Audit in accordance with 2 CFR § 200.332. Effect: These deficiencies resulted in questioned costs of $248,779 goods or services for which receipt both was needed and occurred within the covered period. The $248,779 in questioned costs related to subrecipient expenses is included in Finding 2023-108 (Activities Allowed or Unallowed, Allowable Costs/Cost Principles, Period of Performance) as well, as the same transactions failed to meet requirements under all these compliance areas. The amount should not be considered cumulative. The State of Oklahoma – CARES FORWARD team did not comply with 2 CFR § 200.332. Recommendation: We recommend for future grants that the State of Oklahoma strengthen their control process related to subrecipients to ensure compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Views of Responsible Official(s) Contact Person: Brandy Manek Anticipated Completion Date: September 2022 Corrective Action Planned: The State of Oklahoma/Office of Management and Enterprise Services partially agrees with this finding. See corrective action plan located in the corrective action plan section of the report. Auditor Response: The State Auditor & Inspector’s Office questioned $248,779 to one subrecipient for SFY 2023 based on the expenditures for goods or services both needing to be within the covered period and occurring within the covered period. Therefore, since the subrecipient payments were after the covered period (December 31, 2021), the finding will stand. Further, since there was not a risk assessment performed during the year and the Single Audit tracking was not performed for SFY 2022 for 2 of the 3 subrecipients, the finding will stand.
FINDING NO: 2023-096 (Repeat finding 2022-071) STATE AGENCY: State of Oklahoma FEDERAL AGENCY: US Department of the Treasury ALN: 21.019 FEDERAL PROGRAM NAME: Coronavirus Relief Fund (CRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $248,779 Criteria: 2 CFR § 200.303 - Internal controls states in part, “The Non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” 2 CFR § 200.332 - Requirements for pass-through entities states in part, “All pass-through entities must: … (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the information provided below. A pass-through entity must provide the best available information when some of the information below is unavailable. A pass-through entity must provide the unavailable information when it is obtained. Required information includes: (1) Federal award identification. (i) Subrecipient's name (must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated in the subaward; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity, including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required by the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of the Federal agency, pass-through entity, and contact information for awarding official of the pass-through entity; (xii) Assistance Listings title and number; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at the time of disbursement; (xiii) Identification of whether the Federal award is for research and development; and (xiv) Indirect cost rate for the Federal award (including if the de minimis rate is used in accordance with § 200.414). (2) All requirements of the subaward, including requirements imposed by Federal statutes, regulations, and the terms and conditions of the Federal award; (3) Any additional requirements that the pass-through entity imposes on the subrecipient for the pass-through entity to meet its responsibilities under the Federal award. This includes information and certifications (see § 200.415) required for submitting financial and performance reports that the pass-through entity must provide to the Federal agency; … (c) Evaluate each subrecipient's fraud risk and risk of noncompliance with a subaward to determine the appropriate subrecipient monitoring described in paragraph (f) of this section. When evaluating a subrecipient's risk, a passthrough entity should consider the following: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits. This includes considering whether or not the subrecipient receives a Single Audit in accordance with subpart F and the extent to which the same or similar subawards have been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of any Federal agency monitoring (for example, if the subrecipient also receives Federal awards directly from the Federal agency). (d) If appropriate, consider implementing specific conditions in a subaward as described in § 200.208 and notify the Federal agency of the specific conditions. (e) Monitor the activities of a subrecipient as necessary to ensure that the subrecipient complies with Federal statutes, regulations, and the terms and conditions of the subaward. The pass-through entity is responsible for monitoring the overall performance of a subrecipient to ensure that the goals and objectives of the subaward are achieved. In monitoring a subrecipient, a pass-through entity must: (1) Review financial and performance reports. (2) Ensure that the subrecipient takes corrective action on all significant developments that negatively affect the subaward. Significant developments include Single Audit findings related to the subaward, other audit findings, site visits, and written notifications from a subrecipient of adverse conditions which will impact their ability to meet the milestones or the objectives of a subaward. When significant developments negatively impact the subaward, a subrecipient must provide the pass-through entity with information on their plan for corrective action and any assistance needed to resolve the situation. (3) Issue a management decision for audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. … .” The Department of the Treasury Federal Register, Vol. 86, No. 10 from January 15, 2021 states in part, “The CARES [Coronavirus Aid, Relief, & Economic Security Act] Act provides that payments from the Fund may only be used to cover costs that— 1. are necessary expenditures incurred due to the public health emergency with respect to the Coronavirus Disease 2019 (COVID–19); 2. were not accounted for in the budget most recently approved as of March 27, 2020 (the date of enactment of the CARES Act) for the State or government; and 3. were incurred during the period that begins on March 1, 2020 and ends on December 31, 2021. … This guidance applies in a like manner to costs of subrecipients. Thus, a grant or loan, for example, provided by a recipient using payments from the Fund must be used by the subrecipient only to purchase (or reimburse a purchase of) goods or services for which receipt both is needed within the covered period and occurs within the covered period. The direct recipient of payments from the Fund is ultimately responsible for compliance with this limitation on use of payments from the Fund. Condition and Context: Per the GAAP Package Z - Schedule of Expenditures of Federal Awards (SEFA), the State of Oklahoma reported $249,660.69 in CRF cash basis expenditures reimbursed to subrecipients by the CARES FORWARD1 team. We tested all five (5) reimbursement transactions for one subrecipient and noted the following: • One (20%) of the five (5) transactions totaling $4,594.40 contained no supporting documentation. • Four (80%) of the five (5) transactions totaling $245,066.29 contained costs totaling $244,184.29 that were incurred by the subrecipient after 12/31/2021 (covered period). The State of Oklahoma – CARES FORWARD team failed to perform an adequate review to ensure the subrecipient purchased (or reimbursed a purchase of) goods or services for which receipt both is needed within the covered period and occurs within the covered period. Further, we noted Award documents provided to the subrecipient did not include the terms and conditions of the subaward. Also, the CARES FORWARD team did not perform a risk assessment on subrecipients receiving continued funding during SFY 2023. Lastly, while performing Single Audit monitoring testwork on three (3) subrecipients for SFY 2022, we determined that the State of Oklahoma - CARES FORWARD team did not perform tracking on two (2) of the subrecipients that received CRF funds. For the two subrecipients, there is no documentation to show that OMES received the SFY 2022 Single Audit, evaluated whether the subrecipient took corrective action on all significant developments that affect the subaward, and issued a management decision for any audit findings pertaining to the federal award. Cause: Adequate controls were not in place to ensure the monitoring process utilized by the CARES FORWARD team considered the Department of Treasury guidance when determining whether the financial activities of the subrecipients complied with Federal statutes, regulations, and the terms and conditions of the Federal award prior to payment. Also, the State of Oklahoma – CARES FORWARD2 team did not have sufficient internal controls in place to ensure subrecipient award documentation included the terms and conditions of the subaward in accordance with 2 CFR § 200.332. Further, the State of Oklahoma – CARES FORWARD team did not have sufficient internal controls in place to ensure subrecipients are assessed for risk in accordance with 2 CFR § 200.332. Lastly, the State of Oklahoma – CARES Forward team did not have sufficient internal controls in place to ensure subrecipients are monitored for a Single Audit in accordance with 2 CFR § 200.332. Effect: These deficiencies resulted in questioned costs of $248,779 goods or services for which receipt both was needed and occurred within the covered period. The $248,779 in questioned costs related to subrecipient expenses is included in Finding 2023-108 (Activities Allowed or Unallowed, Allowable Costs/Cost Principles, Period of Performance) as well, as the same transactions failed to meet requirements under all these compliance areas. The amount should not be considered cumulative. The State of Oklahoma – CARES FORWARD team did not comply with 2 CFR § 200.332. Recommendation: We recommend for future grants that the State of Oklahoma strengthen their control process related to subrecipients to ensure compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Views of Responsible Official(s) Contact Person: Brandy Manek Anticipated Completion Date: September 2022 Corrective Action Planned: The State of Oklahoma/Office of Management and Enterprise Services partially agrees with this finding. See corrective action plan located in the corrective action plan section of the report. Auditor Response: The State Auditor & Inspector’s Office questioned $248,779 to one subrecipient for SFY 2023 based on the expenditures for goods or services both needing to be within the covered period and occurring within the covered period. Therefore, since the subrecipient payments were after the covered period (December 31, 2021), the finding will stand. Further, since there was not a risk assessment performed during the year and the Single Audit tracking was not performed for SFY 2022 for 2 of the 3 subrecipients, the finding will stand.
FINDING NO: 2023-096 (Repeat finding 2022-071) STATE AGENCY: State of Oklahoma FEDERAL AGENCY: US Department of the Treasury ALN: 21.019 FEDERAL PROGRAM NAME: Coronavirus Relief Fund (CRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $248,779 Criteria: 2 CFR § 200.303 - Internal controls states in part, “The Non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” 2 CFR § 200.332 - Requirements for pass-through entities states in part, “All pass-through entities must: … (b) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the information provided below. A pass-through entity must provide the best available information when some of the information below is unavailable. A pass-through entity must provide the unavailable information when it is obtained. Required information includes: (1) Federal award identification. (i) Subrecipient's name (must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated in the subaward; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity, including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required by the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of the Federal agency, pass-through entity, and contact information for awarding official of the pass-through entity; (xii) Assistance Listings title and number; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at the time of disbursement; (xiii) Identification of whether the Federal award is for research and development; and (xiv) Indirect cost rate for the Federal award (including if the de minimis rate is used in accordance with § 200.414). (2) All requirements of the subaward, including requirements imposed by Federal statutes, regulations, and the terms and conditions of the Federal award; (3) Any additional requirements that the pass-through entity imposes on the subrecipient for the pass-through entity to meet its responsibilities under the Federal award. This includes information and certifications (see § 200.415) required for submitting financial and performance reports that the pass-through entity must provide to the Federal agency; … (c) Evaluate each subrecipient's fraud risk and risk of noncompliance with a subaward to determine the appropriate subrecipient monitoring described in paragraph (f) of this section. When evaluating a subrecipient's risk, a passthrough entity should consider the following: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits. This includes considering whether or not the subrecipient receives a Single Audit in accordance with subpart F and the extent to which the same or similar subawards have been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of any Federal agency monitoring (for example, if the subrecipient also receives Federal awards directly from the Federal agency). (d) If appropriate, consider implementing specific conditions in a subaward as described in § 200.208 and notify the Federal agency of the specific conditions. (e) Monitor the activities of a subrecipient as necessary to ensure that the subrecipient complies with Federal statutes, regulations, and the terms and conditions of the subaward. The pass-through entity is responsible for monitoring the overall performance of a subrecipient to ensure that the goals and objectives of the subaward are achieved. In monitoring a subrecipient, a pass-through entity must: (1) Review financial and performance reports. (2) Ensure that the subrecipient takes corrective action on all significant developments that negatively affect the subaward. Significant developments include Single Audit findings related to the subaward, other audit findings, site visits, and written notifications from a subrecipient of adverse conditions which will impact their ability to meet the milestones or the objectives of a subaward. When significant developments negatively impact the subaward, a subrecipient must provide the pass-through entity with information on their plan for corrective action and any assistance needed to resolve the situation. (3) Issue a management decision for audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. … .” The Department of the Treasury Federal Register, Vol. 86, No. 10 from January 15, 2021 states in part, “The CARES [Coronavirus Aid, Relief, & Economic Security Act] Act provides that payments from the Fund may only be used to cover costs that— 1. are necessary expenditures incurred due to the public health emergency with respect to the Coronavirus Disease 2019 (COVID–19); 2. were not accounted for in the budget most recently approved as of March 27, 2020 (the date of enactment of the CARES Act) for the State or government; and 3. were incurred during the period that begins on March 1, 2020 and ends on December 31, 2021. … This guidance applies in a like manner to costs of subrecipients. Thus, a grant or loan, for example, provided by a recipient using payments from the Fund must be used by the subrecipient only to purchase (or reimburse a purchase of) goods or services for which receipt both is needed within the covered period and occurs within the covered period. The direct recipient of payments from the Fund is ultimately responsible for compliance with this limitation on use of payments from the Fund. Condition and Context: Per the GAAP Package Z - Schedule of Expenditures of Federal Awards (SEFA), the State of Oklahoma reported $249,660.69 in CRF cash basis expenditures reimbursed to subrecipients by the CARES FORWARD1 team. We tested all five (5) reimbursement transactions for one subrecipient and noted the following: • One (20%) of the five (5) transactions totaling $4,594.40 contained no supporting documentation. • Four (80%) of the five (5) transactions totaling $245,066.29 contained costs totaling $244,184.29 that were incurred by the subrecipient after 12/31/2021 (covered period). The State of Oklahoma – CARES FORWARD team failed to perform an adequate review to ensure the subrecipient purchased (or reimbursed a purchase of) goods or services for which receipt both is needed within the covered period and occurs within the covered period. Further, we noted Award documents provided to the subrecipient did not include the terms and conditions of the subaward. Also, the CARES FORWARD team did not perform a risk assessment on subrecipients receiving continued funding during SFY 2023. Lastly, while performing Single Audit monitoring testwork on three (3) subrecipients for SFY 2022, we determined that the State of Oklahoma - CARES FORWARD team did not perform tracking on two (2) of the subrecipients that received CRF funds. For the two subrecipients, there is no documentation to show that OMES received the SFY 2022 Single Audit, evaluated whether the subrecipient took corrective action on all significant developments that affect the subaward, and issued a management decision for any audit findings pertaining to the federal award. Cause: Adequate controls were not in place to ensure the monitoring process utilized by the CARES FORWARD team considered the Department of Treasury guidance when determining whether the financial activities of the subrecipients complied with Federal statutes, regulations, and the terms and conditions of the Federal award prior to payment. Also, the State of Oklahoma – CARES FORWARD2 team did not have sufficient internal controls in place to ensure subrecipient award documentation included the terms and conditions of the subaward in accordance with 2 CFR § 200.332. Further, the State of Oklahoma – CARES FORWARD team did not have sufficient internal controls in place to ensure subrecipients are assessed for risk in accordance with 2 CFR § 200.332. Lastly, the State of Oklahoma – CARES Forward team did not have sufficient internal controls in place to ensure subrecipients are monitored for a Single Audit in accordance with 2 CFR § 200.332. Effect: These deficiencies resulted in questioned costs of $248,779 goods or services for which receipt both was needed and occurred within the covered period. The $248,779 in questioned costs related to subrecipient expenses is included in Finding 2023-108 (Activities Allowed or Unallowed, Allowable Costs/Cost Principles, Period of Performance) as well, as the same transactions failed to meet requirements under all these compliance areas. The amount should not be considered cumulative. The State of Oklahoma – CARES FORWARD team did not comply with 2 CFR § 200.332. Recommendation: We recommend for future grants that the State of Oklahoma strengthen their control process related to subrecipients to ensure compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Views of Responsible Official(s) Contact Person: Brandy Manek Anticipated Completion Date: September 2022 Corrective Action Planned: The State of Oklahoma/Office of Management and Enterprise Services partially agrees with this finding. See corrective action plan located in the corrective action plan section of the report. Auditor Response: The State Auditor & Inspector’s Office questioned $248,779 to one subrecipient for SFY 2023 based on the expenditures for goods or services both needing to be within the covered period and occurring within the covered period. Therefore, since the subrecipient payments were after the covered period (December 31, 2021), the finding will stand. Further, since there was not a risk assessment performed during the year and the Single Audit tracking was not performed for SFY 2022 for 2 of the 3 subrecipients, the finding will stand.
FINDING NO: 2023-026 (Repeat 2022-032, 2022-033, 2022-034) STATE AGENCY: State of Oklahoma, Office of Management and Enterprise Services (OMES) FEDERAL AGENCY: US Department of Treasury ALN: 21.023 FEDERAL PROGRAM NAME: Emergency Rental Assistance (ERA 1 and ERA 2) FEDERAL AWARD NUMBER: ERA028 and ERAE0259 FEDERAL AWARD YEAR: 2022 and 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: U.S Department of the Treasury Emergency Rental Assistance Grantee Award Form (8) (a-b) Compliance with Applicable Law and Regulations, states in part, “ a. Recipient agrees to comply with the requirements of Section 501 and Treasury interpretive guidance regarding such requirements. Recipient also agrees to comply with all other applicable federal statutes, regulations, and executive orders, and Recipient shall provide for such compliance in any agreements it enters into with other parties relating to this award. b. Federal regulations applicable to this award include, without limitation, the following: i. Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, 2 C.F.R. Part 200, other than such provisions as Treasury may determine are inapplicable to this Award and subject to such exceptions as may be otherwise provided by Treasury. Subpart F -Audit Requirements of the Uniform Guidance, implementing the Single Audit Act, shall apply to this award… iii. Reporting Subaward and Executive Compensation Information, 2 C.F.R. Part 170, pursuant to which the award term set forth in Appendix A to 2 C.F.R. Part 170 is hereby incorporated by reference. 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” 2 CFR § 200.332 Requirements for pass-through entities states in part, “All pass-through entities must: … (b) evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F - Audit Requirements of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency). … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” 2 CFR § 200.334 – Retention requirements for records states in part, “Financial records, supporting documents, statistical records, and all other non-Federal entity records pertinent to a Federal award must be retained for a period of three years from the date of submission of the final expenditure report or, for Federal awards that are renewed quarterly or annually, from the date of the submission of the quarterly or annual financial report, respectively, as reported to the Federal awarding agency or pass-through entity in the case of a subrecipient.” 2 CFR § 200.337 Access to records states in part, “(a) Records of non-Federal entities. The Federal awarding agency, Inspectors General, the Comptroller General of the United States, and the pass-through entity, or any of their authorized representatives, must have the right of access to any documents, papers, or other records of the non-Federal entity which are pertinent to the Federal award, in order to make audits, examinations, excerpts, and transcripts. The right also includes timely and reasonable access to the non-Federal entity's personnel for the purpose of interview and discussion related to such documents.” Condition and Context: The State of Oklahoma entered into agreements with two non-profit entities, Restore Hope Ministries and Communities Foundation of Oklahoma (RHM and CFO), to administer the ERA program for the State of Oklahoma. SAI reviewed the agreements for these two entities and determined that both agreements constituted a subrecipient relationship that would be subject to Part M Subrecipient Monitoring requirements. The Office of Management Enterprise Services (OMES) did not perform any subrecipient monitoring procedures during State Fiscal Year (SFY) 2023. In addition, the agreements with both subrecipients to administer the ERA 1 program ended on March 31, 2022, and stated funds were “to be used for necessary expenditures/obligations that were or will be incurred through March 31, 2022.” The State did not obtain a new agreement to cover fiscal year 2023 when they advanced ERA 1 payments totaling $25,878,270.13, of which the subrecipients expended $9,459,407.08. OMES provided these subrecipients advance payments based on expected program rental and utility expenditures for the month and administrative costs on a set percentage, 9.3% for RHM for ERA 1; and 10 % and 15% for CFO for ERA 1 and ERA 2 respectively. The subrecipients did not submit, and OMES did not review, any supporting documentation for program expenditures incurred by the subrecipients. While OMES did obtain summary information related to rental and utility payments and housing stability payments made for reporting purposes, OMES did not obtain or review any support for administrative costs to ensure that the costs were attributable to providing financial assistance and housing stability services to eligible households. OMES did not have a process in place to review potential fraud identified by the subrecipients and ensure that the agency’s response was adequate. OMES also did not have a process in place to ensure subrecipients were adequately evaluating for the types of fraud that may occur or identifying fraud risk factors applicable to the ERA program. OMES was unable to provide documentation to support that a risk assessment was performed in which each subrecipient would have been verified to have maintained an active status in the SAM.gov system, and that subrecipients were not suspended or disbarred. Cause: OMES did not establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Adequate subrecipient monitoring policies and procedures were not established by the State prior to entering into agreements with subrecipients. OMES personnel responsible for oversight of the ERA grant do not normally oversee Federal grant programs, and do not have an adequate understanding or experience with administering Federal grant funds and understanding the types of activities that may be supported by the ERA grant. Effect: Failure to ensure subrecipient agreements are appropriately updated to cover the Federal grant period could result in inappropriate use of federal funds past the expiration date of the agreement. The OMES did not comply with 2 CFR § 200.332. In addition, without proper monitoring the subrecipients may not comply with the award terms and there is an increased risk of mismanagement and fraud by the subrecipients. Recommendation: We recommend that OMES develop and implement internal controls to ensure: • Each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward is appropriately evaluated for monitoring purposes. • Current and future ERA grant funds are administered in accordance with applicable Federal laws and grant requirements, including ensuring that grant subrecipients are provided the proper award documentation. • Adequate supporting documentation for actual program and administrative expenditures incurred is obtained, reviewed, and maintained by the State in order to ensure subrecipients are only expending ERA funds for allowable costs. • Fraud identified by subrecipients is appropriately reviewed and response is adequate. • Subrecipients adequately evaluate types of fraud that may occur and identify fraud risk factors applicable to ERA program. • Subrecipients are reimbursed for administrative costs based on supporting documentation for actual costs incurred rather than making advanced payments for a set percentage of program funds advanced. • Subrecipient records are available for inspection for monitoring and other audit purposes as required by OMES. • Subrecipient agreements are reviewed and updated regularly so the subrecipient is not operating under an expired agreement. Views of Responsible Official(s) Contact Person: Brandy Manek Anticipated Completion Date: Ongoing throughout the life of the grant Corrective Action Planned: The Office of Management and Enterprise Services agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: The attached risk assessments were completed in 2020 by another agency, and SAI would have no way of knowing if they were used by OMES. In addition, a risk assessment needs to be performed annually by OMES.
FINDING NO: 2023-026 (Repeat 2022-032, 2022-033, 2022-034) STATE AGENCY: State of Oklahoma, Office of Management and Enterprise Services (OMES) FEDERAL AGENCY: US Department of Treasury ALN: 21.023 FEDERAL PROGRAM NAME: Emergency Rental Assistance (ERA 1 and ERA 2) FEDERAL AWARD NUMBER: ERA028 and ERAE0259 FEDERAL AWARD YEAR: 2022 and 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: U.S Department of the Treasury Emergency Rental Assistance Grantee Award Form (8) (a-b) Compliance with Applicable Law and Regulations, states in part, “ a. Recipient agrees to comply with the requirements of Section 501 and Treasury interpretive guidance regarding such requirements. Recipient also agrees to comply with all other applicable federal statutes, regulations, and executive orders, and Recipient shall provide for such compliance in any agreements it enters into with other parties relating to this award. b. Federal regulations applicable to this award include, without limitation, the following: i. Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, 2 C.F.R. Part 200, other than such provisions as Treasury may determine are inapplicable to this Award and subject to such exceptions as may be otherwise provided by Treasury. Subpart F -Audit Requirements of the Uniform Guidance, implementing the Single Audit Act, shall apply to this award… iii. Reporting Subaward and Executive Compensation Information, 2 C.F.R. Part 170, pursuant to which the award term set forth in Appendix A to 2 C.F.R. Part 170 is hereby incorporated by reference. 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” 2 CFR § 200.332 Requirements for pass-through entities states in part, “All pass-through entities must: … (b) evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F - Audit Requirements of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency). … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” 2 CFR § 200.334 – Retention requirements for records states in part, “Financial records, supporting documents, statistical records, and all other non-Federal entity records pertinent to a Federal award must be retained for a period of three years from the date of submission of the final expenditure report or, for Federal awards that are renewed quarterly or annually, from the date of the submission of the quarterly or annual financial report, respectively, as reported to the Federal awarding agency or pass-through entity in the case of a subrecipient.” 2 CFR § 200.337 Access to records states in part, “(a) Records of non-Federal entities. The Federal awarding agency, Inspectors General, the Comptroller General of the United States, and the pass-through entity, or any of their authorized representatives, must have the right of access to any documents, papers, or other records of the non-Federal entity which are pertinent to the Federal award, in order to make audits, examinations, excerpts, and transcripts. The right also includes timely and reasonable access to the non-Federal entity's personnel for the purpose of interview and discussion related to such documents.” Condition and Context: The State of Oklahoma entered into agreements with two non-profit entities, Restore Hope Ministries and Communities Foundation of Oklahoma (RHM and CFO), to administer the ERA program for the State of Oklahoma. SAI reviewed the agreements for these two entities and determined that both agreements constituted a subrecipient relationship that would be subject to Part M Subrecipient Monitoring requirements. The Office of Management Enterprise Services (OMES) did not perform any subrecipient monitoring procedures during State Fiscal Year (SFY) 2023. In addition, the agreements with both subrecipients to administer the ERA 1 program ended on March 31, 2022, and stated funds were “to be used for necessary expenditures/obligations that were or will be incurred through March 31, 2022.” The State did not obtain a new agreement to cover fiscal year 2023 when they advanced ERA 1 payments totaling $25,878,270.13, of which the subrecipients expended $9,459,407.08. OMES provided these subrecipients advance payments based on expected program rental and utility expenditures for the month and administrative costs on a set percentage, 9.3% for RHM for ERA 1; and 10 % and 15% for CFO for ERA 1 and ERA 2 respectively. The subrecipients did not submit, and OMES did not review, any supporting documentation for program expenditures incurred by the subrecipients. While OMES did obtain summary information related to rental and utility payments and housing stability payments made for reporting purposes, OMES did not obtain or review any support for administrative costs to ensure that the costs were attributable to providing financial assistance and housing stability services to eligible households. OMES did not have a process in place to review potential fraud identified by the subrecipients and ensure that the agency’s response was adequate. OMES also did not have a process in place to ensure subrecipients were adequately evaluating for the types of fraud that may occur or identifying fraud risk factors applicable to the ERA program. OMES was unable to provide documentation to support that a risk assessment was performed in which each subrecipient would have been verified to have maintained an active status in the SAM.gov system, and that subrecipients were not suspended or disbarred. Cause: OMES did not establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. Adequate subrecipient monitoring policies and procedures were not established by the State prior to entering into agreements with subrecipients. OMES personnel responsible for oversight of the ERA grant do not normally oversee Federal grant programs, and do not have an adequate understanding or experience with administering Federal grant funds and understanding the types of activities that may be supported by the ERA grant. Effect: Failure to ensure subrecipient agreements are appropriately updated to cover the Federal grant period could result in inappropriate use of federal funds past the expiration date of the agreement. The OMES did not comply with 2 CFR § 200.332. In addition, without proper monitoring the subrecipients may not comply with the award terms and there is an increased risk of mismanagement and fraud by the subrecipients. Recommendation: We recommend that OMES develop and implement internal controls to ensure: • Each subrecipient’s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward is appropriately evaluated for monitoring purposes. • Current and future ERA grant funds are administered in accordance with applicable Federal laws and grant requirements, including ensuring that grant subrecipients are provided the proper award documentation. • Adequate supporting documentation for actual program and administrative expenditures incurred is obtained, reviewed, and maintained by the State in order to ensure subrecipients are only expending ERA funds for allowable costs. • Fraud identified by subrecipients is appropriately reviewed and response is adequate. • Subrecipients adequately evaluate types of fraud that may occur and identify fraud risk factors applicable to ERA program. • Subrecipients are reimbursed for administrative costs based on supporting documentation for actual costs incurred rather than making advanced payments for a set percentage of program funds advanced. • Subrecipient records are available for inspection for monitoring and other audit purposes as required by OMES. • Subrecipient agreements are reviewed and updated regularly so the subrecipient is not operating under an expired agreement. Views of Responsible Official(s) Contact Person: Brandy Manek Anticipated Completion Date: Ongoing throughout the life of the grant Corrective Action Planned: The Office of Management and Enterprise Services agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: The attached risk assessments were completed in 2020 by another agency, and SAI would have no way of knowing if they were used by OMES. In addition, a risk assessment needs to be performed annually by OMES.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-014 STATE AGENCY: State of Oklahoma FEDERAL AGENCY: U.S. Department of the Treasury ALN: 21.027 FEDERAL PROGRAM NAME: Coronavirus State and Local Fiscal Recovery Funds (CSLFRF) FEDERAL AWARD NUMBER: N/A FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by § 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section § 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the passthrough entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited as required by Subpart F of this part when it is expected that the subrecipient's Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in § 200.501.” Condition and Context: The State of Oklahoma transferred all CSLFRF funds (except for administrative funds used by OMES-Grants Management Office (GMO) and the Legislative Service Bureau) to state agencies for them to execute projects they are charged with administering. The Oklahoma State Department of Health (agency #340), Health Care Workforce Training Commission (agency #619), and Department of Human Services (agency #830) had the material subrecipient monitoring activity for SFY 2023. These three state agencies notified their subrecipients of $750,000 federal expenditure threshold requiring a Single Audit per 2 CFR § 200.501 - Audit Requirements; however, they failed to track subrecipients that expended federal expenditures for CSLFRF, or in combination with other federal programs, to ensure that every subrecipient expending over $750,000 obtained a Single Audit. Cause: State agencies 340, 619, and 830 did not have sufficient processes or internal controls in place to ensure subrecipient Single Audits were tracked in accordance with 2 CFR § 200.332(d) and (f). Effect: State agencies 340, 619, and 830 may not be aware of potential subrecipient Single Audits with noncompliance issues related to the CSLFRF program. In addition, the agencies may fail to ensure that the subrecipient took appropriate corrective action on findings within the required timeframe. Recommendation: We recommend state agencies 340, 619, and 830 develop policies and procedures and internal controls to ensure that all CSLFRF subrecipients are tracked to determine if the subrecipient had $750,000 in total federal expenditures for the year. In addition, we recommend state agencies utilize a track sheet that documents the following: • Subrecipient SFY CSLFRF expenditures • If subrecipient is subject to single audit (y/n) • If subrecipient had CSLFRF findings (y/n) • Concerns with CSLFRF findings • Date single audit is received from subrecipient or obtained from the federal audit clearing house • Single Audit Report period (period covered by the single audit) • Whether the state agency received a copy of the required audit from the subrecipient within 9 months of the subrecipient's fiscal year end • Dates of follow-ups made to the subrecipient requesting single audits • Notes to document additional information such as delays in audit reports • Whether the state agency issued a management decision on audit findings within 6 months after receipt of the subrecipient's audit report • Whether the state agency ensured that subrecipients took appropriate and timely corrective action on all CSLFRF audit findings Views of Responsible Official(s) Contact Person: OMES: Parker Wise 619: Sara Librandi, Kami Fullingim 340: Diane Brown, Danielle Smith, Tracey Douglas 830: Jaretta Murphy, Lindsey Kanaly, Danielle Durkee, Katey Campbell Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Office of Management Enterprise Services – Grants Management Office partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: State agency 830 states “a process is already in place through the Office of Inspector General (OIG) to identify subrecipients exceeding the $750,000 threshold”; however, subrecipients with expenditures below the threshold must also be tracked to ensure total federal expenditures from all federal awards obtain a Single Audit. 2 CFR 200.332 states in part, “All pass-through entities must: … (f) Verify that every subrecipient is audited”. Therefore, state agency 830 acting as the pass-through entity must verify every subrecipient is audited. In addition, contractual language requiring the subrecipient submit a single audit if the threshold is met does not release the passthrough entity of ensuring the subrecipient’s total federal expenditures are tracked. We have encountered instances where subrecipients fail to provide single audits to pass-through entities; therefore, increasing the chances of the passthrough entity not issuing a management decision for applicable audit findings pertaining only to the federal award provided.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-046 STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.425 –84.425D; 84.425R; 84.425V FEDERAL PROGRAM NAME: Elementary and Secondary School Emergency Relief (ESSER) Fund; Coronavirus Response and Relief Supplemental Appropriations Act, 2021 – Emergency Assistance for Non-Public Schools (CRRSA EANS) American Rescue Plan – Emergency Assistance to Non-Public Schools (ARP EANS) FEDERAL AWARD NUMBER: S425D210024; S425R210007; S425V210007 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Activities Allowed or Unallowed; Subrecipient Monitoring; Special Tests and Provisions – Participation of Private School Children QUESTIONED COSTS: $1,460,995 Criteria: 2 CFR § 200.332 - Requirements for pass-through entities states, “All pass-through entities must: (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” CARES ACT SEC. 18005 (a) states, “In General.— A local educational agency receiving funds under sections 18002 or 18003 of this title shall provide equitable services in the same manner as provided under section 1117 of the ESEA of 1965 to students and teachers in non-public schools, as determined in consultation with representatives of non-public schools.” ESEA SEC. 1117 (a) (4) (A) Determination, states, “(i) In General.—Expenditures for educational services and other benefits to eligible private school children shall be equal to the proportion of funds allocated to participating school attendance areas based on the number of children from low-income families who attend private schools. (ii) Proportional Share.—The proportional share of funds shall be determined based on the total amount of funds received by the local educational agency under this part prior to any allowable expenditures or transfers by the local educational agency.” 86 FR 36648 – American Rescue Plan Act Emergency Assistance to Non-Public Schools Program states in part, “Under the ARP EANS program, consistent with section 312(d)(1) of division M of the CRRSA Act, the Department will allot funds by formula to each Governor with an approved application based on the State's relative share of children aged 5 through 17 who are from families at or below 185 percent of the 2020 Federal poverty level and enrolled in non-public schools, as determined by the Department on the basis of non-public school enrollment data from the U.S. Census Bureau's American Community Survey (ACS) Public Use Microdata Sample (PUMS) for 2015- 2019.” U.S. Department of Education Application for Funding – Emergency Assistance to Non-Public Schools (EANS) under the American Rescue Plan Act of 2021 (ARP Act) states in part, “Determining Low-Income Counts - To be counted as a student from a low-income family for purposes of the ARP EANS program, a student must be aged 5 through 17 from a family whose income does not exceed 185 percent of the 2020 Federal poverty threshold.” Condition and Context: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency. OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. We reviewed 100 % of ARP EANS claims (238 claims totaling $4,179,555.98) and noted the following: • For 58 of 238 claims (24.37%) totaling $802,414.82, the claim was for a non-public school that used unallowable proportionality data in their ARP EANS application, therefore, the expenditures are unallowable and will result in questioned costs. • For 25 or 238 claims (10.50%) totaling $633,303.03, the claim was for a non-public school that used a low income count in their ARP EANS application which was significantly higher than the low-income count the private schools’ submitted for participation in Title I activities and, it appears that these schools were not eligible for ARP EANS because their actual low-income count did not exceed 40%. Therefore, the expenditures are unallowable and will result in questioned costs. • For 23 of 238 claims (9.66%) totaling $155,588.43, no supporting documentation or, insufficient documentation was available in Peoplesoft and we were unable to identify what non-public school the claim was for and, whether the expenditure was allowable. While performing duplicate testing on miscellaneous expenditure claims processed through the Statewide Accounting System during our ACFR audit, we found one duplicate payment, totaling $25,277.44, related to one CRRSA EANS claim paid for educational materials provided for a non-public school. This will result in questioned costs. Cause: OSDE does not have internal control processes in place to ensure the following are performed appropriately: • Risk Assessments • Contractor Monitoring • Non-public LEA expenditure and claims tracking • ARP EANS claims review and processing Effect: Failure to perform adequate risk assessments and monitoring for non-public LEAs resulted in noncompliance with Federal statutes, regulations. Failure to ensure ARP EANS allocations are revised correctly and based on allowable and correct data resulted in $1,435,717.85 in questioned costs and continued payment of program funds for unallowable services or assistance in the future. The claim review error resulted in a $25,277.44 overpayment to the vendor. Lack of supporting documentation for claims may have resulted in unallowable claims being approved. Recommendation: We recommend that OSDE strengthen their policies and procedures to ensure non-LEA subrecipients are included in the Risk assessment process and monitoring activities. We recommend that OSDE develop and implement policies and procedures to ensure contractor administered services are appropriately monitored and, all non-public LEA expenditures for the CRRSA EANS and ARP EANS programs are adequately tracked by individual non-public LEA and, claims are appropriately supported and reviewed. We recommend OSDE ensure ARP EANS funds paid to or on behalf of non-public LEAs that used an unallowable methodology or incorrect low-income count on their original ARP EANS application are either returned to USDOE or, charged against a different allowable ESF program is possible. Views of Responsible Official(s) Contact Person: Amber Polach Anticipated Completion Date: August 2025 Corrective Action Planned: The Oklahoma State Department of Education partially agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: EANS Proportionality Issue: SAI is aware that USDOE accepted OSDE’s corrective action effective February 5, 2025, however, this does not change the finding condition for this audit period. The payment of $802,414.82 in claims for non-public schools that used unallowable proportionality data in their ARP EANS application is a condition that both existed and was uncorrected as of as of June 30, 2023. In addition, OSDE was aware of the issue prior to the start of the SFY 23 audit period but failed to start implementing corrective action until after the end of SFY 24. The US Department of Education published the following prior to the start of the SFY 23 audit period: • USDOE webinar dated February 24, 2022, that states in part, “Under the ARP EANS final requirements, the source of data must be an actual measure of family income. Methodologies, such as proportionality, may not be used to determine the eligibility of non-public schools for ARP EANS services or assistance.” • USDOE Letter dated July 29, 2022, states in part, “Because proportionality is a methodology to derive an estimate and is not based on actual income data from the families of students enrolled in a non-public school, it cannot be used to determine school eligibility for ARP EANS.” In addition, OSDE received a prior year finding (#2022-070) related to the inappropriate use of the proportionality data. Unsupported ARP EANS Claims Issue: OSDE was provided with a list of the 23 claims totaling $155,588.43, with no supporting documentation or, insufficient documentation to identify what non-public school the claim was for and, whether the expenditure was allowable. This issue is closely related to the following condition also included in this finding: OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. SAI noted that, as part of their corrective action provided to USDOE, OSDE performed a reconciliation of ARP EANS expenditures, however, OSDE did not include adequate corrective action in their response to ensure services performed by outside contractors are adequately monitored and non-public school expenditures are properly tracked in the future. Risk Assessment of Non-LEA Subrecipients: OSDE did not include adequate corrective action in their response for the following condition also included in this finding: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-046 STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.425 –84.425D; 84.425R; 84.425V FEDERAL PROGRAM NAME: Elementary and Secondary School Emergency Relief (ESSER) Fund; Coronavirus Response and Relief Supplemental Appropriations Act, 2021 – Emergency Assistance for Non-Public Schools (CRRSA EANS) American Rescue Plan – Emergency Assistance to Non-Public Schools (ARP EANS) FEDERAL AWARD NUMBER: S425D210024; S425R210007; S425V210007 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Activities Allowed or Unallowed; Subrecipient Monitoring; Special Tests and Provisions – Participation of Private School Children QUESTIONED COSTS: $1,460,995 Criteria: 2 CFR § 200.332 - Requirements for pass-through entities states, “All pass-through entities must: (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” CARES ACT SEC. 18005 (a) states, “In General.— A local educational agency receiving funds under sections 18002 or 18003 of this title shall provide equitable services in the same manner as provided under section 1117 of the ESEA of 1965 to students and teachers in non-public schools, as determined in consultation with representatives of non-public schools.” ESEA SEC. 1117 (a) (4) (A) Determination, states, “(i) In General.—Expenditures for educational services and other benefits to eligible private school children shall be equal to the proportion of funds allocated to participating school attendance areas based on the number of children from low-income families who attend private schools. (ii) Proportional Share.—The proportional share of funds shall be determined based on the total amount of funds received by the local educational agency under this part prior to any allowable expenditures or transfers by the local educational agency.” 86 FR 36648 – American Rescue Plan Act Emergency Assistance to Non-Public Schools Program states in part, “Under the ARP EANS program, consistent with section 312(d)(1) of division M of the CRRSA Act, the Department will allot funds by formula to each Governor with an approved application based on the State's relative share of children aged 5 through 17 who are from families at or below 185 percent of the 2020 Federal poverty level and enrolled in non-public schools, as determined by the Department on the basis of non-public school enrollment data from the U.S. Census Bureau's American Community Survey (ACS) Public Use Microdata Sample (PUMS) for 2015- 2019.” U.S. Department of Education Application for Funding – Emergency Assistance to Non-Public Schools (EANS) under the American Rescue Plan Act of 2021 (ARP Act) states in part, “Determining Low-Income Counts - To be counted as a student from a low-income family for purposes of the ARP EANS program, a student must be aged 5 through 17 from a family whose income does not exceed 185 percent of the 2020 Federal poverty threshold.” Condition and Context: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency. OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. We reviewed 100 % of ARP EANS claims (238 claims totaling $4,179,555.98) and noted the following: • For 58 of 238 claims (24.37%) totaling $802,414.82, the claim was for a non-public school that used unallowable proportionality data in their ARP EANS application, therefore, the expenditures are unallowable and will result in questioned costs. • For 25 or 238 claims (10.50%) totaling $633,303.03, the claim was for a non-public school that used a low income count in their ARP EANS application which was significantly higher than the low-income count the private schools’ submitted for participation in Title I activities and, it appears that these schools were not eligible for ARP EANS because their actual low-income count did not exceed 40%. Therefore, the expenditures are unallowable and will result in questioned costs. • For 23 of 238 claims (9.66%) totaling $155,588.43, no supporting documentation or, insufficient documentation was available in Peoplesoft and we were unable to identify what non-public school the claim was for and, whether the expenditure was allowable. While performing duplicate testing on miscellaneous expenditure claims processed through the Statewide Accounting System during our ACFR audit, we found one duplicate payment, totaling $25,277.44, related to one CRRSA EANS claim paid for educational materials provided for a non-public school. This will result in questioned costs. Cause: OSDE does not have internal control processes in place to ensure the following are performed appropriately: • Risk Assessments • Contractor Monitoring • Non-public LEA expenditure and claims tracking • ARP EANS claims review and processing Effect: Failure to perform adequate risk assessments and monitoring for non-public LEAs resulted in noncompliance with Federal statutes, regulations. Failure to ensure ARP EANS allocations are revised correctly and based on allowable and correct data resulted in $1,435,717.85 in questioned costs and continued payment of program funds for unallowable services or assistance in the future. The claim review error resulted in a $25,277.44 overpayment to the vendor. Lack of supporting documentation for claims may have resulted in unallowable claims being approved. Recommendation: We recommend that OSDE strengthen their policies and procedures to ensure non-LEA subrecipients are included in the Risk assessment process and monitoring activities. We recommend that OSDE develop and implement policies and procedures to ensure contractor administered services are appropriately monitored and, all non-public LEA expenditures for the CRRSA EANS and ARP EANS programs are adequately tracked by individual non-public LEA and, claims are appropriately supported and reviewed. We recommend OSDE ensure ARP EANS funds paid to or on behalf of non-public LEAs that used an unallowable methodology or incorrect low-income count on their original ARP EANS application are either returned to USDOE or, charged against a different allowable ESF program is possible. Views of Responsible Official(s) Contact Person: Amber Polach Anticipated Completion Date: August 2025 Corrective Action Planned: The Oklahoma State Department of Education partially agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: EANS Proportionality Issue: SAI is aware that USDOE accepted OSDE’s corrective action effective February 5, 2025, however, this does not change the finding condition for this audit period. The payment of $802,414.82 in claims for non-public schools that used unallowable proportionality data in their ARP EANS application is a condition that both existed and was uncorrected as of as of June 30, 2023. In addition, OSDE was aware of the issue prior to the start of the SFY 23 audit period but failed to start implementing corrective action until after the end of SFY 24. The US Department of Education published the following prior to the start of the SFY 23 audit period: • USDOE webinar dated February 24, 2022, that states in part, “Under the ARP EANS final requirements, the source of data must be an actual measure of family income. Methodologies, such as proportionality, may not be used to determine the eligibility of non-public schools for ARP EANS services or assistance.” • USDOE Letter dated July 29, 2022, states in part, “Because proportionality is a methodology to derive an estimate and is not based on actual income data from the families of students enrolled in a non-public school, it cannot be used to determine school eligibility for ARP EANS.” In addition, OSDE received a prior year finding (#2022-070) related to the inappropriate use of the proportionality data. Unsupported ARP EANS Claims Issue: OSDE was provided with a list of the 23 claims totaling $155,588.43, with no supporting documentation or, insufficient documentation to identify what non-public school the claim was for and, whether the expenditure was allowable. This issue is closely related to the following condition also included in this finding: OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. SAI noted that, as part of their corrective action provided to USDOE, OSDE performed a reconciliation of ARP EANS expenditures, however, OSDE did not include adequate corrective action in their response to ensure services performed by outside contractors are adequately monitored and non-public school expenditures are properly tracked in the future. Risk Assessment of Non-LEA Subrecipients: OSDE did not include adequate corrective action in their response for the following condition also included in this finding: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-046 STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.425 –84.425D; 84.425R; 84.425V FEDERAL PROGRAM NAME: Elementary and Secondary School Emergency Relief (ESSER) Fund; Coronavirus Response and Relief Supplemental Appropriations Act, 2021 – Emergency Assistance for Non-Public Schools (CRRSA EANS) American Rescue Plan – Emergency Assistance to Non-Public Schools (ARP EANS) FEDERAL AWARD NUMBER: S425D210024; S425R210007; S425V210007 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Activities Allowed or Unallowed; Subrecipient Monitoring; Special Tests and Provisions – Participation of Private School Children QUESTIONED COSTS: $1,460,995 Criteria: 2 CFR § 200.332 - Requirements for pass-through entities states, “All pass-through entities must: (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” CARES ACT SEC. 18005 (a) states, “In General.— A local educational agency receiving funds under sections 18002 or 18003 of this title shall provide equitable services in the same manner as provided under section 1117 of the ESEA of 1965 to students and teachers in non-public schools, as determined in consultation with representatives of non-public schools.” ESEA SEC. 1117 (a) (4) (A) Determination, states, “(i) In General.—Expenditures for educational services and other benefits to eligible private school children shall be equal to the proportion of funds allocated to participating school attendance areas based on the number of children from low-income families who attend private schools. (ii) Proportional Share.—The proportional share of funds shall be determined based on the total amount of funds received by the local educational agency under this part prior to any allowable expenditures or transfers by the local educational agency.” 86 FR 36648 – American Rescue Plan Act Emergency Assistance to Non-Public Schools Program states in part, “Under the ARP EANS program, consistent with section 312(d)(1) of division M of the CRRSA Act, the Department will allot funds by formula to each Governor with an approved application based on the State's relative share of children aged 5 through 17 who are from families at or below 185 percent of the 2020 Federal poverty level and enrolled in non-public schools, as determined by the Department on the basis of non-public school enrollment data from the U.S. Census Bureau's American Community Survey (ACS) Public Use Microdata Sample (PUMS) for 2015- 2019.” U.S. Department of Education Application for Funding – Emergency Assistance to Non-Public Schools (EANS) under the American Rescue Plan Act of 2021 (ARP Act) states in part, “Determining Low-Income Counts - To be counted as a student from a low-income family for purposes of the ARP EANS program, a student must be aged 5 through 17 from a family whose income does not exceed 185 percent of the 2020 Federal poverty threshold.” Condition and Context: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency. OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. We reviewed 100 % of ARP EANS claims (238 claims totaling $4,179,555.98) and noted the following: • For 58 of 238 claims (24.37%) totaling $802,414.82, the claim was for a non-public school that used unallowable proportionality data in their ARP EANS application, therefore, the expenditures are unallowable and will result in questioned costs. • For 25 or 238 claims (10.50%) totaling $633,303.03, the claim was for a non-public school that used a low income count in their ARP EANS application which was significantly higher than the low-income count the private schools’ submitted for participation in Title I activities and, it appears that these schools were not eligible for ARP EANS because their actual low-income count did not exceed 40%. Therefore, the expenditures are unallowable and will result in questioned costs. • For 23 of 238 claims (9.66%) totaling $155,588.43, no supporting documentation or, insufficient documentation was available in Peoplesoft and we were unable to identify what non-public school the claim was for and, whether the expenditure was allowable. While performing duplicate testing on miscellaneous expenditure claims processed through the Statewide Accounting System during our ACFR audit, we found one duplicate payment, totaling $25,277.44, related to one CRRSA EANS claim paid for educational materials provided for a non-public school. This will result in questioned costs. Cause: OSDE does not have internal control processes in place to ensure the following are performed appropriately: • Risk Assessments • Contractor Monitoring • Non-public LEA expenditure and claims tracking • ARP EANS claims review and processing Effect: Failure to perform adequate risk assessments and monitoring for non-public LEAs resulted in noncompliance with Federal statutes, regulations. Failure to ensure ARP EANS allocations are revised correctly and based on allowable and correct data resulted in $1,435,717.85 in questioned costs and continued payment of program funds for unallowable services or assistance in the future. The claim review error resulted in a $25,277.44 overpayment to the vendor. Lack of supporting documentation for claims may have resulted in unallowable claims being approved. Recommendation: We recommend that OSDE strengthen their policies and procedures to ensure non-LEA subrecipients are included in the Risk assessment process and monitoring activities. We recommend that OSDE develop and implement policies and procedures to ensure contractor administered services are appropriately monitored and, all non-public LEA expenditures for the CRRSA EANS and ARP EANS programs are adequately tracked by individual non-public LEA and, claims are appropriately supported and reviewed. We recommend OSDE ensure ARP EANS funds paid to or on behalf of non-public LEAs that used an unallowable methodology or incorrect low-income count on their original ARP EANS application are either returned to USDOE or, charged against a different allowable ESF program is possible. Views of Responsible Official(s) Contact Person: Amber Polach Anticipated Completion Date: August 2025 Corrective Action Planned: The Oklahoma State Department of Education partially agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: EANS Proportionality Issue: SAI is aware that USDOE accepted OSDE’s corrective action effective February 5, 2025, however, this does not change the finding condition for this audit period. The payment of $802,414.82 in claims for non-public schools that used unallowable proportionality data in their ARP EANS application is a condition that both existed and was uncorrected as of as of June 30, 2023. In addition, OSDE was aware of the issue prior to the start of the SFY 23 audit period but failed to start implementing corrective action until after the end of SFY 24. The US Department of Education published the following prior to the start of the SFY 23 audit period: • USDOE webinar dated February 24, 2022, that states in part, “Under the ARP EANS final requirements, the source of data must be an actual measure of family income. Methodologies, such as proportionality, may not be used to determine the eligibility of non-public schools for ARP EANS services or assistance.” • USDOE Letter dated July 29, 2022, states in part, “Because proportionality is a methodology to derive an estimate and is not based on actual income data from the families of students enrolled in a non-public school, it cannot be used to determine school eligibility for ARP EANS.” In addition, OSDE received a prior year finding (#2022-070) related to the inappropriate use of the proportionality data. Unsupported ARP EANS Claims Issue: OSDE was provided with a list of the 23 claims totaling $155,588.43, with no supporting documentation or, insufficient documentation to identify what non-public school the claim was for and, whether the expenditure was allowable. This issue is closely related to the following condition also included in this finding: OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. SAI noted that, as part of their corrective action provided to USDOE, OSDE performed a reconciliation of ARP EANS expenditures, however, OSDE did not include adequate corrective action in their response to ensure services performed by outside contractors are adequately monitored and non-public school expenditures are properly tracked in the future. Risk Assessment of Non-LEA Subrecipients: OSDE did not include adequate corrective action in their response for the following condition also included in this finding: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-046 STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.425 –84.425D; 84.425R; 84.425V FEDERAL PROGRAM NAME: Elementary and Secondary School Emergency Relief (ESSER) Fund; Coronavirus Response and Relief Supplemental Appropriations Act, 2021 – Emergency Assistance for Non-Public Schools (CRRSA EANS) American Rescue Plan – Emergency Assistance to Non-Public Schools (ARP EANS) FEDERAL AWARD NUMBER: S425D210024; S425R210007; S425V210007 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Activities Allowed or Unallowed; Subrecipient Monitoring; Special Tests and Provisions – Participation of Private School Children QUESTIONED COSTS: $1,460,995 Criteria: 2 CFR § 200.332 - Requirements for pass-through entities states, “All pass-through entities must: (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” CARES ACT SEC. 18005 (a) states, “In General.— A local educational agency receiving funds under sections 18002 or 18003 of this title shall provide equitable services in the same manner as provided under section 1117 of the ESEA of 1965 to students and teachers in non-public schools, as determined in consultation with representatives of non-public schools.” ESEA SEC. 1117 (a) (4) (A) Determination, states, “(i) In General.—Expenditures for educational services and other benefits to eligible private school children shall be equal to the proportion of funds allocated to participating school attendance areas based on the number of children from low-income families who attend private schools. (ii) Proportional Share.—The proportional share of funds shall be determined based on the total amount of funds received by the local educational agency under this part prior to any allowable expenditures or transfers by the local educational agency.” 86 FR 36648 – American Rescue Plan Act Emergency Assistance to Non-Public Schools Program states in part, “Under the ARP EANS program, consistent with section 312(d)(1) of division M of the CRRSA Act, the Department will allot funds by formula to each Governor with an approved application based on the State's relative share of children aged 5 through 17 who are from families at or below 185 percent of the 2020 Federal poverty level and enrolled in non-public schools, as determined by the Department on the basis of non-public school enrollment data from the U.S. Census Bureau's American Community Survey (ACS) Public Use Microdata Sample (PUMS) for 2015- 2019.” U.S. Department of Education Application for Funding – Emergency Assistance to Non-Public Schools (EANS) under the American Rescue Plan Act of 2021 (ARP Act) states in part, “Determining Low-Income Counts - To be counted as a student from a low-income family for purposes of the ARP EANS program, a student must be aged 5 through 17 from a family whose income does not exceed 185 percent of the 2020 Federal poverty threshold.” Condition and Context: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency. OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. We reviewed 100 % of ARP EANS claims (238 claims totaling $4,179,555.98) and noted the following: • For 58 of 238 claims (24.37%) totaling $802,414.82, the claim was for a non-public school that used unallowable proportionality data in their ARP EANS application, therefore, the expenditures are unallowable and will result in questioned costs. • For 25 or 238 claims (10.50%) totaling $633,303.03, the claim was for a non-public school that used a low income count in their ARP EANS application which was significantly higher than the low-income count the private schools’ submitted for participation in Title I activities and, it appears that these schools were not eligible for ARP EANS because their actual low-income count did not exceed 40%. Therefore, the expenditures are unallowable and will result in questioned costs. • For 23 of 238 claims (9.66%) totaling $155,588.43, no supporting documentation or, insufficient documentation was available in Peoplesoft and we were unable to identify what non-public school the claim was for and, whether the expenditure was allowable. While performing duplicate testing on miscellaneous expenditure claims processed through the Statewide Accounting System during our ACFR audit, we found one duplicate payment, totaling $25,277.44, related to one CRRSA EANS claim paid for educational materials provided for a non-public school. This will result in questioned costs. Cause: OSDE does not have internal control processes in place to ensure the following are performed appropriately: • Risk Assessments • Contractor Monitoring • Non-public LEA expenditure and claims tracking • ARP EANS claims review and processing Effect: Failure to perform adequate risk assessments and monitoring for non-public LEAs resulted in noncompliance with Federal statutes, regulations. Failure to ensure ARP EANS allocations are revised correctly and based on allowable and correct data resulted in $1,435,717.85 in questioned costs and continued payment of program funds for unallowable services or assistance in the future. The claim review error resulted in a $25,277.44 overpayment to the vendor. Lack of supporting documentation for claims may have resulted in unallowable claims being approved. Recommendation: We recommend that OSDE strengthen their policies and procedures to ensure non-LEA subrecipients are included in the Risk assessment process and monitoring activities. We recommend that OSDE develop and implement policies and procedures to ensure contractor administered services are appropriately monitored and, all non-public LEA expenditures for the CRRSA EANS and ARP EANS programs are adequately tracked by individual non-public LEA and, claims are appropriately supported and reviewed. We recommend OSDE ensure ARP EANS funds paid to or on behalf of non-public LEAs that used an unallowable methodology or incorrect low-income count on their original ARP EANS application are either returned to USDOE or, charged against a different allowable ESF program is possible. Views of Responsible Official(s) Contact Person: Amber Polach Anticipated Completion Date: August 2025 Corrective Action Planned: The Oklahoma State Department of Education partially agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: EANS Proportionality Issue: SAI is aware that USDOE accepted OSDE’s corrective action effective February 5, 2025, however, this does not change the finding condition for this audit period. The payment of $802,414.82 in claims for non-public schools that used unallowable proportionality data in their ARP EANS application is a condition that both existed and was uncorrected as of as of June 30, 2023. In addition, OSDE was aware of the issue prior to the start of the SFY 23 audit period but failed to start implementing corrective action until after the end of SFY 24. The US Department of Education published the following prior to the start of the SFY 23 audit period: • USDOE webinar dated February 24, 2022, that states in part, “Under the ARP EANS final requirements, the source of data must be an actual measure of family income. Methodologies, such as proportionality, may not be used to determine the eligibility of non-public schools for ARP EANS services or assistance.” • USDOE Letter dated July 29, 2022, states in part, “Because proportionality is a methodology to derive an estimate and is not based on actual income data from the families of students enrolled in a non-public school, it cannot be used to determine school eligibility for ARP EANS.” In addition, OSDE received a prior year finding (#2022-070) related to the inappropriate use of the proportionality data. Unsupported ARP EANS Claims Issue: OSDE was provided with a list of the 23 claims totaling $155,588.43, with no supporting documentation or, insufficient documentation to identify what non-public school the claim was for and, whether the expenditure was allowable. This issue is closely related to the following condition also included in this finding: OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. SAI noted that, as part of their corrective action provided to USDOE, OSDE performed a reconciliation of ARP EANS expenditures, however, OSDE did not include adequate corrective action in their response to ensure services performed by outside contractors are adequately monitored and non-public school expenditures are properly tracked in the future. Risk Assessment of Non-LEA Subrecipients: OSDE did not include adequate corrective action in their response for the following condition also included in this finding: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-046 STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.425 –84.425D; 84.425R; 84.425V FEDERAL PROGRAM NAME: Elementary and Secondary School Emergency Relief (ESSER) Fund; Coronavirus Response and Relief Supplemental Appropriations Act, 2021 – Emergency Assistance for Non-Public Schools (CRRSA EANS) American Rescue Plan – Emergency Assistance to Non-Public Schools (ARP EANS) FEDERAL AWARD NUMBER: S425D210024; S425R210007; S425V210007 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Activities Allowed or Unallowed; Subrecipient Monitoring; Special Tests and Provisions – Participation of Private School Children QUESTIONED COSTS: $1,460,995 Criteria: 2 CFR § 200.332 - Requirements for pass-through entities states, “All pass-through entities must: (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” CARES ACT SEC. 18005 (a) states, “In General.— A local educational agency receiving funds under sections 18002 or 18003 of this title shall provide equitable services in the same manner as provided under section 1117 of the ESEA of 1965 to students and teachers in non-public schools, as determined in consultation with representatives of non-public schools.” ESEA SEC. 1117 (a) (4) (A) Determination, states, “(i) In General.—Expenditures for educational services and other benefits to eligible private school children shall be equal to the proportion of funds allocated to participating school attendance areas based on the number of children from low-income families who attend private schools. (ii) Proportional Share.—The proportional share of funds shall be determined based on the total amount of funds received by the local educational agency under this part prior to any allowable expenditures or transfers by the local educational agency.” 86 FR 36648 – American Rescue Plan Act Emergency Assistance to Non-Public Schools Program states in part, “Under the ARP EANS program, consistent with section 312(d)(1) of division M of the CRRSA Act, the Department will allot funds by formula to each Governor with an approved application based on the State's relative share of children aged 5 through 17 who are from families at or below 185 percent of the 2020 Federal poverty level and enrolled in non-public schools, as determined by the Department on the basis of non-public school enrollment data from the U.S. Census Bureau's American Community Survey (ACS) Public Use Microdata Sample (PUMS) for 2015- 2019.” U.S. Department of Education Application for Funding – Emergency Assistance to Non-Public Schools (EANS) under the American Rescue Plan Act of 2021 (ARP Act) states in part, “Determining Low-Income Counts - To be counted as a student from a low-income family for purposes of the ARP EANS program, a student must be aged 5 through 17 from a family whose income does not exceed 185 percent of the 2020 Federal poverty threshold.” Condition and Context: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency. OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. We reviewed 100 % of ARP EANS claims (238 claims totaling $4,179,555.98) and noted the following: • For 58 of 238 claims (24.37%) totaling $802,414.82, the claim was for a non-public school that used unallowable proportionality data in their ARP EANS application, therefore, the expenditures are unallowable and will result in questioned costs. • For 25 or 238 claims (10.50%) totaling $633,303.03, the claim was for a non-public school that used a low income count in their ARP EANS application which was significantly higher than the low-income count the private schools’ submitted for participation in Title I activities and, it appears that these schools were not eligible for ARP EANS because their actual low-income count did not exceed 40%. Therefore, the expenditures are unallowable and will result in questioned costs. • For 23 of 238 claims (9.66%) totaling $155,588.43, no supporting documentation or, insufficient documentation was available in Peoplesoft and we were unable to identify what non-public school the claim was for and, whether the expenditure was allowable. While performing duplicate testing on miscellaneous expenditure claims processed through the Statewide Accounting System during our ACFR audit, we found one duplicate payment, totaling $25,277.44, related to one CRRSA EANS claim paid for educational materials provided for a non-public school. This will result in questioned costs. Cause: OSDE does not have internal control processes in place to ensure the following are performed appropriately: • Risk Assessments • Contractor Monitoring • Non-public LEA expenditure and claims tracking • ARP EANS claims review and processing Effect: Failure to perform adequate risk assessments and monitoring for non-public LEAs resulted in noncompliance with Federal statutes, regulations. Failure to ensure ARP EANS allocations are revised correctly and based on allowable and correct data resulted in $1,435,717.85 in questioned costs and continued payment of program funds for unallowable services or assistance in the future. The claim review error resulted in a $25,277.44 overpayment to the vendor. Lack of supporting documentation for claims may have resulted in unallowable claims being approved. Recommendation: We recommend that OSDE strengthen their policies and procedures to ensure non-LEA subrecipients are included in the Risk assessment process and monitoring activities. We recommend that OSDE develop and implement policies and procedures to ensure contractor administered services are appropriately monitored and, all non-public LEA expenditures for the CRRSA EANS and ARP EANS programs are adequately tracked by individual non-public LEA and, claims are appropriately supported and reviewed. We recommend OSDE ensure ARP EANS funds paid to or on behalf of non-public LEAs that used an unallowable methodology or incorrect low-income count on their original ARP EANS application are either returned to USDOE or, charged against a different allowable ESF program is possible. Views of Responsible Official(s) Contact Person: Amber Polach Anticipated Completion Date: August 2025 Corrective Action Planned: The Oklahoma State Department of Education partially agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: EANS Proportionality Issue: SAI is aware that USDOE accepted OSDE’s corrective action effective February 5, 2025, however, this does not change the finding condition for this audit period. The payment of $802,414.82 in claims for non-public schools that used unallowable proportionality data in their ARP EANS application is a condition that both existed and was uncorrected as of as of June 30, 2023. In addition, OSDE was aware of the issue prior to the start of the SFY 23 audit period but failed to start implementing corrective action until after the end of SFY 24. The US Department of Education published the following prior to the start of the SFY 23 audit period: • USDOE webinar dated February 24, 2022, that states in part, “Under the ARP EANS final requirements, the source of data must be an actual measure of family income. Methodologies, such as proportionality, may not be used to determine the eligibility of non-public schools for ARP EANS services or assistance.” • USDOE Letter dated July 29, 2022, states in part, “Because proportionality is a methodology to derive an estimate and is not based on actual income data from the families of students enrolled in a non-public school, it cannot be used to determine school eligibility for ARP EANS.” In addition, OSDE received a prior year finding (#2022-070) related to the inappropriate use of the proportionality data. Unsupported ARP EANS Claims Issue: OSDE was provided with a list of the 23 claims totaling $155,588.43, with no supporting documentation or, insufficient documentation to identify what non-public school the claim was for and, whether the expenditure was allowable. This issue is closely related to the following condition also included in this finding: OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. SAI noted that, as part of their corrective action provided to USDOE, OSDE performed a reconciliation of ARP EANS expenditures, however, OSDE did not include adequate corrective action in their response to ensure services performed by outside contractors are adequately monitored and non-public school expenditures are properly tracked in the future. Risk Assessment of Non-LEA Subrecipients: OSDE did not include adequate corrective action in their response for the following condition also included in this finding: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-046 STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.425 –84.425D; 84.425R; 84.425V FEDERAL PROGRAM NAME: Elementary and Secondary School Emergency Relief (ESSER) Fund; Coronavirus Response and Relief Supplemental Appropriations Act, 2021 – Emergency Assistance for Non-Public Schools (CRRSA EANS) American Rescue Plan – Emergency Assistance to Non-Public Schools (ARP EANS) FEDERAL AWARD NUMBER: S425D210024; S425R210007; S425V210007 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Activities Allowed or Unallowed; Subrecipient Monitoring; Special Tests and Provisions – Participation of Private School Children QUESTIONED COSTS: $1,460,995 Criteria: 2 CFR § 200.332 - Requirements for pass-through entities states, “All pass-through entities must: (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” CARES ACT SEC. 18005 (a) states, “In General.— A local educational agency receiving funds under sections 18002 or 18003 of this title shall provide equitable services in the same manner as provided under section 1117 of the ESEA of 1965 to students and teachers in non-public schools, as determined in consultation with representatives of non-public schools.” ESEA SEC. 1117 (a) (4) (A) Determination, states, “(i) In General.—Expenditures for educational services and other benefits to eligible private school children shall be equal to the proportion of funds allocated to participating school attendance areas based on the number of children from low-income families who attend private schools. (ii) Proportional Share.—The proportional share of funds shall be determined based on the total amount of funds received by the local educational agency under this part prior to any allowable expenditures or transfers by the local educational agency.” 86 FR 36648 – American Rescue Plan Act Emergency Assistance to Non-Public Schools Program states in part, “Under the ARP EANS program, consistent with section 312(d)(1) of division M of the CRRSA Act, the Department will allot funds by formula to each Governor with an approved application based on the State's relative share of children aged 5 through 17 who are from families at or below 185 percent of the 2020 Federal poverty level and enrolled in non-public schools, as determined by the Department on the basis of non-public school enrollment data from the U.S. Census Bureau's American Community Survey (ACS) Public Use Microdata Sample (PUMS) for 2015- 2019.” U.S. Department of Education Application for Funding – Emergency Assistance to Non-Public Schools (EANS) under the American Rescue Plan Act of 2021 (ARP Act) states in part, “Determining Low-Income Counts - To be counted as a student from a low-income family for purposes of the ARP EANS program, a student must be aged 5 through 17 from a family whose income does not exceed 185 percent of the 2020 Federal poverty threshold.” Condition and Context: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency. OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. We reviewed 100 % of ARP EANS claims (238 claims totaling $4,179,555.98) and noted the following: • For 58 of 238 claims (24.37%) totaling $802,414.82, the claim was for a non-public school that used unallowable proportionality data in their ARP EANS application, therefore, the expenditures are unallowable and will result in questioned costs. • For 25 or 238 claims (10.50%) totaling $633,303.03, the claim was for a non-public school that used a low income count in their ARP EANS application which was significantly higher than the low-income count the private schools’ submitted for participation in Title I activities and, it appears that these schools were not eligible for ARP EANS because their actual low-income count did not exceed 40%. Therefore, the expenditures are unallowable and will result in questioned costs. • For 23 of 238 claims (9.66%) totaling $155,588.43, no supporting documentation or, insufficient documentation was available in Peoplesoft and we were unable to identify what non-public school the claim was for and, whether the expenditure was allowable. While performing duplicate testing on miscellaneous expenditure claims processed through the Statewide Accounting System during our ACFR audit, we found one duplicate payment, totaling $25,277.44, related to one CRRSA EANS claim paid for educational materials provided for a non-public school. This will result in questioned costs. Cause: OSDE does not have internal control processes in place to ensure the following are performed appropriately: • Risk Assessments • Contractor Monitoring • Non-public LEA expenditure and claims tracking • ARP EANS claims review and processing Effect: Failure to perform adequate risk assessments and monitoring for non-public LEAs resulted in noncompliance with Federal statutes, regulations. Failure to ensure ARP EANS allocations are revised correctly and based on allowable and correct data resulted in $1,435,717.85 in questioned costs and continued payment of program funds for unallowable services or assistance in the future. The claim review error resulted in a $25,277.44 overpayment to the vendor. Lack of supporting documentation for claims may have resulted in unallowable claims being approved. Recommendation: We recommend that OSDE strengthen their policies and procedures to ensure non-LEA subrecipients are included in the Risk assessment process and monitoring activities. We recommend that OSDE develop and implement policies and procedures to ensure contractor administered services are appropriately monitored and, all non-public LEA expenditures for the CRRSA EANS and ARP EANS programs are adequately tracked by individual non-public LEA and, claims are appropriately supported and reviewed. We recommend OSDE ensure ARP EANS funds paid to or on behalf of non-public LEAs that used an unallowable methodology or incorrect low-income count on their original ARP EANS application are either returned to USDOE or, charged against a different allowable ESF program is possible. Views of Responsible Official(s) Contact Person: Amber Polach Anticipated Completion Date: August 2025 Corrective Action Planned: The Oklahoma State Department of Education partially agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: EANS Proportionality Issue: SAI is aware that USDOE accepted OSDE’s corrective action effective February 5, 2025, however, this does not change the finding condition for this audit period. The payment of $802,414.82 in claims for non-public schools that used unallowable proportionality data in their ARP EANS application is a condition that both existed and was uncorrected as of as of June 30, 2023. In addition, OSDE was aware of the issue prior to the start of the SFY 23 audit period but failed to start implementing corrective action until after the end of SFY 24. The US Department of Education published the following prior to the start of the SFY 23 audit period: • USDOE webinar dated February 24, 2022, that states in part, “Under the ARP EANS final requirements, the source of data must be an actual measure of family income. Methodologies, such as proportionality, may not be used to determine the eligibility of non-public schools for ARP EANS services or assistance.” • USDOE Letter dated July 29, 2022, states in part, “Because proportionality is a methodology to derive an estimate and is not based on actual income data from the families of students enrolled in a non-public school, it cannot be used to determine school eligibility for ARP EANS.” In addition, OSDE received a prior year finding (#2022-070) related to the inappropriate use of the proportionality data. Unsupported ARP EANS Claims Issue: OSDE was provided with a list of the 23 claims totaling $155,588.43, with no supporting documentation or, insufficient documentation to identify what non-public school the claim was for and, whether the expenditure was allowable. This issue is closely related to the following condition also included in this finding: OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. SAI noted that, as part of their corrective action provided to USDOE, OSDE performed a reconciliation of ARP EANS expenditures, however, OSDE did not include adequate corrective action in their response to ensure services performed by outside contractors are adequately monitored and non-public school expenditures are properly tracked in the future. Risk Assessment of Non-LEA Subrecipients: OSDE did not include adequate corrective action in their response for the following condition also included in this finding: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-046 STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.425 –84.425D; 84.425R; 84.425V FEDERAL PROGRAM NAME: Elementary and Secondary School Emergency Relief (ESSER) Fund; Coronavirus Response and Relief Supplemental Appropriations Act, 2021 – Emergency Assistance for Non-Public Schools (CRRSA EANS) American Rescue Plan – Emergency Assistance to Non-Public Schools (ARP EANS) FEDERAL AWARD NUMBER: S425D210024; S425R210007; S425V210007 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Activities Allowed or Unallowed; Subrecipient Monitoring; Special Tests and Provisions – Participation of Private School Children QUESTIONED COSTS: $1,460,995 Criteria: 2 CFR § 200.332 - Requirements for pass-through entities states, “All pass-through entities must: (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” CARES ACT SEC. 18005 (a) states, “In General.— A local educational agency receiving funds under sections 18002 or 18003 of this title shall provide equitable services in the same manner as provided under section 1117 of the ESEA of 1965 to students and teachers in non-public schools, as determined in consultation with representatives of non-public schools.” ESEA SEC. 1117 (a) (4) (A) Determination, states, “(i) In General.—Expenditures for educational services and other benefits to eligible private school children shall be equal to the proportion of funds allocated to participating school attendance areas based on the number of children from low-income families who attend private schools. (ii) Proportional Share.—The proportional share of funds shall be determined based on the total amount of funds received by the local educational agency under this part prior to any allowable expenditures or transfers by the local educational agency.” 86 FR 36648 – American Rescue Plan Act Emergency Assistance to Non-Public Schools Program states in part, “Under the ARP EANS program, consistent with section 312(d)(1) of division M of the CRRSA Act, the Department will allot funds by formula to each Governor with an approved application based on the State's relative share of children aged 5 through 17 who are from families at or below 185 percent of the 2020 Federal poverty level and enrolled in non-public schools, as determined by the Department on the basis of non-public school enrollment data from the U.S. Census Bureau's American Community Survey (ACS) Public Use Microdata Sample (PUMS) for 2015- 2019.” U.S. Department of Education Application for Funding – Emergency Assistance to Non-Public Schools (EANS) under the American Rescue Plan Act of 2021 (ARP Act) states in part, “Determining Low-Income Counts - To be counted as a student from a low-income family for purposes of the ARP EANS program, a student must be aged 5 through 17 from a family whose income does not exceed 185 percent of the 2020 Federal poverty threshold.” Condition and Context: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency. OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. We reviewed 100 % of ARP EANS claims (238 claims totaling $4,179,555.98) and noted the following: • For 58 of 238 claims (24.37%) totaling $802,414.82, the claim was for a non-public school that used unallowable proportionality data in their ARP EANS application, therefore, the expenditures are unallowable and will result in questioned costs. • For 25 or 238 claims (10.50%) totaling $633,303.03, the claim was for a non-public school that used a low income count in their ARP EANS application which was significantly higher than the low-income count the private schools’ submitted for participation in Title I activities and, it appears that these schools were not eligible for ARP EANS because their actual low-income count did not exceed 40%. Therefore, the expenditures are unallowable and will result in questioned costs. • For 23 of 238 claims (9.66%) totaling $155,588.43, no supporting documentation or, insufficient documentation was available in Peoplesoft and we were unable to identify what non-public school the claim was for and, whether the expenditure was allowable. While performing duplicate testing on miscellaneous expenditure claims processed through the Statewide Accounting System during our ACFR audit, we found one duplicate payment, totaling $25,277.44, related to one CRRSA EANS claim paid for educational materials provided for a non-public school. This will result in questioned costs. Cause: OSDE does not have internal control processes in place to ensure the following are performed appropriately: • Risk Assessments • Contractor Monitoring • Non-public LEA expenditure and claims tracking • ARP EANS claims review and processing Effect: Failure to perform adequate risk assessments and monitoring for non-public LEAs resulted in noncompliance with Federal statutes, regulations. Failure to ensure ARP EANS allocations are revised correctly and based on allowable and correct data resulted in $1,435,717.85 in questioned costs and continued payment of program funds for unallowable services or assistance in the future. The claim review error resulted in a $25,277.44 overpayment to the vendor. Lack of supporting documentation for claims may have resulted in unallowable claims being approved. Recommendation: We recommend that OSDE strengthen their policies and procedures to ensure non-LEA subrecipients are included in the Risk assessment process and monitoring activities. We recommend that OSDE develop and implement policies and procedures to ensure contractor administered services are appropriately monitored and, all non-public LEA expenditures for the CRRSA EANS and ARP EANS programs are adequately tracked by individual non-public LEA and, claims are appropriately supported and reviewed. We recommend OSDE ensure ARP EANS funds paid to or on behalf of non-public LEAs that used an unallowable methodology or incorrect low-income count on their original ARP EANS application are either returned to USDOE or, charged against a different allowable ESF program is possible. Views of Responsible Official(s) Contact Person: Amber Polach Anticipated Completion Date: August 2025 Corrective Action Planned: The Oklahoma State Department of Education partially agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: EANS Proportionality Issue: SAI is aware that USDOE accepted OSDE’s corrective action effective February 5, 2025, however, this does not change the finding condition for this audit period. The payment of $802,414.82 in claims for non-public schools that used unallowable proportionality data in their ARP EANS application is a condition that both existed and was uncorrected as of as of June 30, 2023. In addition, OSDE was aware of the issue prior to the start of the SFY 23 audit period but failed to start implementing corrective action until after the end of SFY 24. The US Department of Education published the following prior to the start of the SFY 23 audit period: • USDOE webinar dated February 24, 2022, that states in part, “Under the ARP EANS final requirements, the source of data must be an actual measure of family income. Methodologies, such as proportionality, may not be used to determine the eligibility of non-public schools for ARP EANS services or assistance.” • USDOE Letter dated July 29, 2022, states in part, “Because proportionality is a methodology to derive an estimate and is not based on actual income data from the families of students enrolled in a non-public school, it cannot be used to determine school eligibility for ARP EANS.” In addition, OSDE received a prior year finding (#2022-070) related to the inappropriate use of the proportionality data. Unsupported ARP EANS Claims Issue: OSDE was provided with a list of the 23 claims totaling $155,588.43, with no supporting documentation or, insufficient documentation to identify what non-public school the claim was for and, whether the expenditure was allowable. This issue is closely related to the following condition also included in this finding: OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. SAI noted that, as part of their corrective action provided to USDOE, OSDE performed a reconciliation of ARP EANS expenditures, however, OSDE did not include adequate corrective action in their response to ensure services performed by outside contractors are adequately monitored and non-public school expenditures are properly tracked in the future. Risk Assessment of Non-LEA Subrecipients: OSDE did not include adequate corrective action in their response for the following condition also included in this finding: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-046 STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.425 –84.425D; 84.425R; 84.425V FEDERAL PROGRAM NAME: Elementary and Secondary School Emergency Relief (ESSER) Fund; Coronavirus Response and Relief Supplemental Appropriations Act, 2021 – Emergency Assistance for Non-Public Schools (CRRSA EANS) American Rescue Plan – Emergency Assistance to Non-Public Schools (ARP EANS) FEDERAL AWARD NUMBER: S425D210024; S425R210007; S425V210007 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Activities Allowed or Unallowed; Subrecipient Monitoring; Special Tests and Provisions – Participation of Private School Children QUESTIONED COSTS: $1,460,995 Criteria: 2 CFR § 200.332 - Requirements for pass-through entities states, “All pass-through entities must: (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” CARES ACT SEC. 18005 (a) states, “In General.— A local educational agency receiving funds under sections 18002 or 18003 of this title shall provide equitable services in the same manner as provided under section 1117 of the ESEA of 1965 to students and teachers in non-public schools, as determined in consultation with representatives of non-public schools.” ESEA SEC. 1117 (a) (4) (A) Determination, states, “(i) In General.—Expenditures for educational services and other benefits to eligible private school children shall be equal to the proportion of funds allocated to participating school attendance areas based on the number of children from low-income families who attend private schools. (ii) Proportional Share.—The proportional share of funds shall be determined based on the total amount of funds received by the local educational agency under this part prior to any allowable expenditures or transfers by the local educational agency.” 86 FR 36648 – American Rescue Plan Act Emergency Assistance to Non-Public Schools Program states in part, “Under the ARP EANS program, consistent with section 312(d)(1) of division M of the CRRSA Act, the Department will allot funds by formula to each Governor with an approved application based on the State's relative share of children aged 5 through 17 who are from families at or below 185 percent of the 2020 Federal poverty level and enrolled in non-public schools, as determined by the Department on the basis of non-public school enrollment data from the U.S. Census Bureau's American Community Survey (ACS) Public Use Microdata Sample (PUMS) for 2015- 2019.” U.S. Department of Education Application for Funding – Emergency Assistance to Non-Public Schools (EANS) under the American Rescue Plan Act of 2021 (ARP Act) states in part, “Determining Low-Income Counts - To be counted as a student from a low-income family for purposes of the ARP EANS program, a student must be aged 5 through 17 from a family whose income does not exceed 185 percent of the 2020 Federal poverty threshold.” Condition and Context: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency. OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. We reviewed 100 % of ARP EANS claims (238 claims totaling $4,179,555.98) and noted the following: • For 58 of 238 claims (24.37%) totaling $802,414.82, the claim was for a non-public school that used unallowable proportionality data in their ARP EANS application, therefore, the expenditures are unallowable and will result in questioned costs. • For 25 or 238 claims (10.50%) totaling $633,303.03, the claim was for a non-public school that used a low income count in their ARP EANS application which was significantly higher than the low-income count the private schools’ submitted for participation in Title I activities and, it appears that these schools were not eligible for ARP EANS because their actual low-income count did not exceed 40%. Therefore, the expenditures are unallowable and will result in questioned costs. • For 23 of 238 claims (9.66%) totaling $155,588.43, no supporting documentation or, insufficient documentation was available in Peoplesoft and we were unable to identify what non-public school the claim was for and, whether the expenditure was allowable. While performing duplicate testing on miscellaneous expenditure claims processed through the Statewide Accounting System during our ACFR audit, we found one duplicate payment, totaling $25,277.44, related to one CRRSA EANS claim paid for educational materials provided for a non-public school. This will result in questioned costs. Cause: OSDE does not have internal control processes in place to ensure the following are performed appropriately: • Risk Assessments • Contractor Monitoring • Non-public LEA expenditure and claims tracking • ARP EANS claims review and processing Effect: Failure to perform adequate risk assessments and monitoring for non-public LEAs resulted in noncompliance with Federal statutes, regulations. Failure to ensure ARP EANS allocations are revised correctly and based on allowable and correct data resulted in $1,435,717.85 in questioned costs and continued payment of program funds for unallowable services or assistance in the future. The claim review error resulted in a $25,277.44 overpayment to the vendor. Lack of supporting documentation for claims may have resulted in unallowable claims being approved. Recommendation: We recommend that OSDE strengthen their policies and procedures to ensure non-LEA subrecipients are included in the Risk assessment process and monitoring activities. We recommend that OSDE develop and implement policies and procedures to ensure contractor administered services are appropriately monitored and, all non-public LEA expenditures for the CRRSA EANS and ARP EANS programs are adequately tracked by individual non-public LEA and, claims are appropriately supported and reviewed. We recommend OSDE ensure ARP EANS funds paid to or on behalf of non-public LEAs that used an unallowable methodology or incorrect low-income count on their original ARP EANS application are either returned to USDOE or, charged against a different allowable ESF program is possible. Views of Responsible Official(s) Contact Person: Amber Polach Anticipated Completion Date: August 2025 Corrective Action Planned: The Oklahoma State Department of Education partially agrees with the finding. See corrective action plan located in the corrective action plan section of this report. Auditor Response: EANS Proportionality Issue: SAI is aware that USDOE accepted OSDE’s corrective action effective February 5, 2025, however, this does not change the finding condition for this audit period. The payment of $802,414.82 in claims for non-public schools that used unallowable proportionality data in their ARP EANS application is a condition that both existed and was uncorrected as of as of June 30, 2023. In addition, OSDE was aware of the issue prior to the start of the SFY 23 audit period but failed to start implementing corrective action until after the end of SFY 24. The US Department of Education published the following prior to the start of the SFY 23 audit period: • USDOE webinar dated February 24, 2022, that states in part, “Under the ARP EANS final requirements, the source of data must be an actual measure of family income. Methodologies, such as proportionality, may not be used to determine the eligibility of non-public schools for ARP EANS services or assistance.” • USDOE Letter dated July 29, 2022, states in part, “Because proportionality is a methodology to derive an estimate and is not based on actual income data from the families of students enrolled in a non-public school, it cannot be used to determine school eligibility for ARP EANS.” In addition, OSDE received a prior year finding (#2022-070) related to the inappropriate use of the proportionality data. Unsupported ARP EANS Claims Issue: OSDE was provided with a list of the 23 claims totaling $155,588.43, with no supporting documentation or, insufficient documentation to identify what non-public school the claim was for and, whether the expenditure was allowable. This issue is closely related to the following condition also included in this finding: OSDE contracted with an outside vendor to oversee and administer non-public services for the CRRSA EANS and ARP EANS programs. However, OSDE failed to properly review, track and monitor these expenditures and, was unable to provide SAI with data showing how much was expended on behalf of each non-public school for either the CRRSA EANS or ARP EANS program. SAI noted that, as part of their corrective action provided to USDOE, OSDE performed a reconciliation of ARP EANS expenditures, however, OSDE did not include adequate corrective action in their response to ensure services performed by outside contractors are adequately monitored and non-public school expenditures are properly tracked in the future. Risk Assessment of Non-LEA Subrecipients: OSDE did not include adequate corrective action in their response for the following condition also included in this finding: OSDE did not properly include non-LEA subrecipients (i.e., non-public schools, contractors) in their evaluation of each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for the purpose of determining the subrecipient monitoring to be performed by the agency.
FINDING NO: 2023-053 (Partial repeat 2022-022 84.425D & 84.425U) STATE AGENCY: Oklahoma State Department of Education (OSDE) FEDERAL AGENCY: United States Department of Education (USDE) ALN: 84.010; 84.425 – 84.425D, 84.425U FEDERAL PROGRAM NAME: Title I Grants to Local Educational Agencies; Education Stabilization Fund (ESF) - Elementary and Secondary Schools Emergency Relief Fund (ESSER II); American Rescue Plan – Elementary and Secondary Schools Emergency Relief Fund (ARP ESSER III). FEDERAL AWARD NUMBER: S010A220036; S425D210024; S425U210024 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.332(d) – Requirements for Pass-through Entities states in part, “All pass-through entities must: … (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: … (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and other means.” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.” Condition and Context: While testing 40 of 540 LEAs on the Risk Assessment Ranking Tool, we noted the following issues: • For 18 of 40 (45%) LEAs tested, OSDE did not appropriately and/or consistently assign points in the risk assessment based on the established procedures which denotes an inadequate review. However, the LEAs risk category would not have changed or would have been lowered. • For two of 40 (5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated. • For one of 40 (2.5%) LEAs tested, the LEA’s risk of noncompliance was inappropriately evaluated and, the LEA was not monitored as high risk appropriately. In addition, while performing testwork on 15 prior year monitored non-compliant sites to see if appropriate follow-up procedures were performed, we noted the following: • For two of 15 (13.33%) LEAs tested, we determined that two LEAs were found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment. • For one of 15 (6.67%) LEAs tested, we determined that one LEA was found to be non-compliant during FY22 monitoring and did not receive points on the FY23 Risk Assessment which would have required the site to be re-monitored as high risk. • While determining our population of the prior year non-compliant LEAs, we noted 32 LEAs were not marked as compliant or non-compliant on the monitoring log. SAI received confirmation from OSDE that three LEAs received a non-compliant status; however, OSDE failed to provide a completed monitoring log as requested; therefore, SAI was unable to determine the status of the remaining 29 LEAs. Cause: OSDE does not have an appropriate tracking system to ensure subrecipient LEAs are accurately evaluated on the Risk Assessment Ranking Tool or to ensure the monitoring logs are completed appropriately. Effect: Failure to adequately distribute risk assessment points could result in inadequate monitoring of subrecipient LEAs. Failure to accurately identify an LEAs compliance status on the monitoring logs could result in inadequate follow-up procedures being performed for non-compliant sites. Recommendation: We recommend OSDE strengthen their policies and procedures related to risk assessment scoring and monitoring logs to ensure all subrecipients are appropriately evaluated and monitored. Views of Responsible Official(s) Contact Person: Tammy Smith, Senior Director of Federal Programs | Office of Title Services Anticipated Completion Date: July 2025 Corrective Action Planned: The Oklahoma State Department of Education agrees with the finding. See corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-212 STATE AGENCY: Oklahoma Department of Education FEDERAL AGENCY: United States Department of Health and Human Services ALN: 93.323 FEDERAL PROGRAM NAME: Epidemiology and Laboratory Capacity for Infectious Diseases, passed through the Oklahoma State Department of Health FEDERAL AWARD NUMBER: NU50CK000535 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: Unknown Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must:… (b) Evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) Subrecipient’s prior experience with the same or similar awards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g. if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and terms and conditions of the Federal award.” Condition and Context: The Oklahoma State Department of Education (“OSDE) awarded subgrants of Epidemiology Laboratory Capacity (“ELC”) funding through the Reopening Schools grant on an application basis to school districts throughout the state, without performing a required risk assessment of individual Local Education Agencies (“LEA”). Awarded funds were based on LEA self-certification and budgeted use of funds, with funding being disbursed upon approval of the application based on prior school year’s October 1 enrollment counts. As such, 27 of 60 selections tested (45%) did not have an appropriate risk assessment score, or risk of noncompliance was inappropriately evaluated. 7 of 60 selections tested (12%) did not have an initial risk assessment, but did provide a mid-year evaluation subsequent to OSDE making the award to the LEA. Additionally, a central repository of documentation was lacking and the underlying source documents and records were missing or incomplete. Reimbursements were made to subrecipients without obtaining sufficient underlying details to support the total expenditure claimed by the LEAs. As such, 3 of 60 selections tested (5%) of claim reimbursements totaling approximately $162,500 paid did not have sufficient underlying details to support the claim paid to the LEAs. Cause and Effect: By awarding subgrants to LEAs solely based on an application process and a set dollar figure per student enrollments, OSDE has not adequately followed 2 CFR § 200.332 to distribute subawards based on LEAs individual risk. As a result of improper monitoring of subrecipients, OSDE has increased the risk that a LEA could inappropriately spend the ELC funds awarded and be noncompliant with AL# 93.323. Additionally, reimbursing LEAs based on requested amounts without a thorough system of internal controls to inspect all underlying source documentation comprising the total expenditures requested increases the risk of noncompliance as unallowable expenditures could be contained within the batch total requested by the LEA. Recommendation: We recommend OSDE implements a thorough risk assessment of each LEA to factor into its application and subaward process for Assistance Listing 93.323, catering the award amount and approvals based on individual LEAs risk. Furthermore, we recommend a complete reconciliation of requested reimbursement is performed to the underlying detailed supporting documentation and that these reconciliations are maintained in a central repository for evidence of through reviews of LEAs claimed costs. Views of Responsible Official(s) Contact Person: Shawn Richmond, Comptroller Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Oklahoma Department of Education agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-212 STATE AGENCY: Oklahoma Department of Education FEDERAL AGENCY: United States Department of Health and Human Services ALN: 93.323 FEDERAL PROGRAM NAME: Epidemiology and Laboratory Capacity for Infectious Diseases, passed through the Oklahoma State Department of Health FEDERAL AWARD NUMBER: NU50CK000535 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: Unknown Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must:… (b) Evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) Subrecipient’s prior experience with the same or similar awards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g. if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and terms and conditions of the Federal award.” Condition and Context: The Oklahoma State Department of Education (“OSDE) awarded subgrants of Epidemiology Laboratory Capacity (“ELC”) funding through the Reopening Schools grant on an application basis to school districts throughout the state, without performing a required risk assessment of individual Local Education Agencies (“LEA”). Awarded funds were based on LEA self-certification and budgeted use of funds, with funding being disbursed upon approval of the application based on prior school year’s October 1 enrollment counts. As such, 27 of 60 selections tested (45%) did not have an appropriate risk assessment score, or risk of noncompliance was inappropriately evaluated. 7 of 60 selections tested (12%) did not have an initial risk assessment, but did provide a mid-year evaluation subsequent to OSDE making the award to the LEA. Additionally, a central repository of documentation was lacking and the underlying source documents and records were missing or incomplete. Reimbursements were made to subrecipients without obtaining sufficient underlying details to support the total expenditure claimed by the LEAs. As such, 3 of 60 selections tested (5%) of claim reimbursements totaling approximately $162,500 paid did not have sufficient underlying details to support the claim paid to the LEAs. Cause and Effect: By awarding subgrants to LEAs solely based on an application process and a set dollar figure per student enrollments, OSDE has not adequately followed 2 CFR § 200.332 to distribute subawards based on LEAs individual risk. As a result of improper monitoring of subrecipients, OSDE has increased the risk that a LEA could inappropriately spend the ELC funds awarded and be noncompliant with AL# 93.323. Additionally, reimbursing LEAs based on requested amounts without a thorough system of internal controls to inspect all underlying source documentation comprising the total expenditures requested increases the risk of noncompliance as unallowable expenditures could be contained within the batch total requested by the LEA. Recommendation: We recommend OSDE implements a thorough risk assessment of each LEA to factor into its application and subaward process for Assistance Listing 93.323, catering the award amount and approvals based on individual LEAs risk. Furthermore, we recommend a complete reconciliation of requested reimbursement is performed to the underlying detailed supporting documentation and that these reconciliations are maintained in a central repository for evidence of through reviews of LEAs claimed costs. Views of Responsible Official(s) Contact Person: Shawn Richmond, Comptroller Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Oklahoma Department of Education agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-212 STATE AGENCY: Oklahoma Department of Education FEDERAL AGENCY: United States Department of Health and Human Services ALN: 93.323 FEDERAL PROGRAM NAME: Epidemiology and Laboratory Capacity for Infectious Diseases, passed through the Oklahoma State Department of Health FEDERAL AWARD NUMBER: NU50CK000535 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: Unknown Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must:… (b) Evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) Subrecipient’s prior experience with the same or similar awards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g. if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and terms and conditions of the Federal award.” Condition and Context: The Oklahoma State Department of Education (“OSDE) awarded subgrants of Epidemiology Laboratory Capacity (“ELC”) funding through the Reopening Schools grant on an application basis to school districts throughout the state, without performing a required risk assessment of individual Local Education Agencies (“LEA”). Awarded funds were based on LEA self-certification and budgeted use of funds, with funding being disbursed upon approval of the application based on prior school year’s October 1 enrollment counts. As such, 27 of 60 selections tested (45%) did not have an appropriate risk assessment score, or risk of noncompliance was inappropriately evaluated. 7 of 60 selections tested (12%) did not have an initial risk assessment, but did provide a mid-year evaluation subsequent to OSDE making the award to the LEA. Additionally, a central repository of documentation was lacking and the underlying source documents and records were missing or incomplete. Reimbursements were made to subrecipients without obtaining sufficient underlying details to support the total expenditure claimed by the LEAs. As such, 3 of 60 selections tested (5%) of claim reimbursements totaling approximately $162,500 paid did not have sufficient underlying details to support the claim paid to the LEAs. Cause and Effect: By awarding subgrants to LEAs solely based on an application process and a set dollar figure per student enrollments, OSDE has not adequately followed 2 CFR § 200.332 to distribute subawards based on LEAs individual risk. As a result of improper monitoring of subrecipients, OSDE has increased the risk that a LEA could inappropriately spend the ELC funds awarded and be noncompliant with AL# 93.323. Additionally, reimbursing LEAs based on requested amounts without a thorough system of internal controls to inspect all underlying source documentation comprising the total expenditures requested increases the risk of noncompliance as unallowable expenditures could be contained within the batch total requested by the LEA. Recommendation: We recommend OSDE implements a thorough risk assessment of each LEA to factor into its application and subaward process for Assistance Listing 93.323, catering the award amount and approvals based on individual LEAs risk. Furthermore, we recommend a complete reconciliation of requested reimbursement is performed to the underlying detailed supporting documentation and that these reconciliations are maintained in a central repository for evidence of through reviews of LEAs claimed costs. Views of Responsible Official(s) Contact Person: Shawn Richmond, Comptroller Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Oklahoma Department of Education agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-212 STATE AGENCY: Oklahoma Department of Education FEDERAL AGENCY: United States Department of Health and Human Services ALN: 93.323 FEDERAL PROGRAM NAME: Epidemiology and Laboratory Capacity for Infectious Diseases, passed through the Oklahoma State Department of Health FEDERAL AWARD NUMBER: NU50CK000535 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: Unknown Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must:… (b) Evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) Subrecipient’s prior experience with the same or similar awards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g. if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and terms and conditions of the Federal award.” Condition and Context: The Oklahoma State Department of Education (“OSDE) awarded subgrants of Epidemiology Laboratory Capacity (“ELC”) funding through the Reopening Schools grant on an application basis to school districts throughout the state, without performing a required risk assessment of individual Local Education Agencies (“LEA”). Awarded funds were based on LEA self-certification and budgeted use of funds, with funding being disbursed upon approval of the application based on prior school year’s October 1 enrollment counts. As such, 27 of 60 selections tested (45%) did not have an appropriate risk assessment score, or risk of noncompliance was inappropriately evaluated. 7 of 60 selections tested (12%) did not have an initial risk assessment, but did provide a mid-year evaluation subsequent to OSDE making the award to the LEA. Additionally, a central repository of documentation was lacking and the underlying source documents and records were missing or incomplete. Reimbursements were made to subrecipients without obtaining sufficient underlying details to support the total expenditure claimed by the LEAs. As such, 3 of 60 selections tested (5%) of claim reimbursements totaling approximately $162,500 paid did not have sufficient underlying details to support the claim paid to the LEAs. Cause and Effect: By awarding subgrants to LEAs solely based on an application process and a set dollar figure per student enrollments, OSDE has not adequately followed 2 CFR § 200.332 to distribute subawards based on LEAs individual risk. As a result of improper monitoring of subrecipients, OSDE has increased the risk that a LEA could inappropriately spend the ELC funds awarded and be noncompliant with AL# 93.323. Additionally, reimbursing LEAs based on requested amounts without a thorough system of internal controls to inspect all underlying source documentation comprising the total expenditures requested increases the risk of noncompliance as unallowable expenditures could be contained within the batch total requested by the LEA. Recommendation: We recommend OSDE implements a thorough risk assessment of each LEA to factor into its application and subaward process for Assistance Listing 93.323, catering the award amount and approvals based on individual LEAs risk. Furthermore, we recommend a complete reconciliation of requested reimbursement is performed to the underlying detailed supporting documentation and that these reconciliations are maintained in a central repository for evidence of through reviews of LEAs claimed costs. Views of Responsible Official(s) Contact Person: Shawn Richmond, Comptroller Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Oklahoma Department of Education agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-212 STATE AGENCY: Oklahoma Department of Education FEDERAL AGENCY: United States Department of Health and Human Services ALN: 93.323 FEDERAL PROGRAM NAME: Epidemiology and Laboratory Capacity for Infectious Diseases, passed through the Oklahoma State Department of Health FEDERAL AWARD NUMBER: NU50CK000535 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: Unknown Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must:… (b) Evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) Subrecipient’s prior experience with the same or similar awards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g. if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and terms and conditions of the Federal award.” Condition and Context: The Oklahoma State Department of Education (“OSDE) awarded subgrants of Epidemiology Laboratory Capacity (“ELC”) funding through the Reopening Schools grant on an application basis to school districts throughout the state, without performing a required risk assessment of individual Local Education Agencies (“LEA”). Awarded funds were based on LEA self-certification and budgeted use of funds, with funding being disbursed upon approval of the application based on prior school year’s October 1 enrollment counts. As such, 27 of 60 selections tested (45%) did not have an appropriate risk assessment score, or risk of noncompliance was inappropriately evaluated. 7 of 60 selections tested (12%) did not have an initial risk assessment, but did provide a mid-year evaluation subsequent to OSDE making the award to the LEA. Additionally, a central repository of documentation was lacking and the underlying source documents and records were missing or incomplete. Reimbursements were made to subrecipients without obtaining sufficient underlying details to support the total expenditure claimed by the LEAs. As such, 3 of 60 selections tested (5%) of claim reimbursements totaling approximately $162,500 paid did not have sufficient underlying details to support the claim paid to the LEAs. Cause and Effect: By awarding subgrants to LEAs solely based on an application process and a set dollar figure per student enrollments, OSDE has not adequately followed 2 CFR § 200.332 to distribute subawards based on LEAs individual risk. As a result of improper monitoring of subrecipients, OSDE has increased the risk that a LEA could inappropriately spend the ELC funds awarded and be noncompliant with AL# 93.323. Additionally, reimbursing LEAs based on requested amounts without a thorough system of internal controls to inspect all underlying source documentation comprising the total expenditures requested increases the risk of noncompliance as unallowable expenditures could be contained within the batch total requested by the LEA. Recommendation: We recommend OSDE implements a thorough risk assessment of each LEA to factor into its application and subaward process for Assistance Listing 93.323, catering the award amount and approvals based on individual LEAs risk. Furthermore, we recommend a complete reconciliation of requested reimbursement is performed to the underlying detailed supporting documentation and that these reconciliations are maintained in a central repository for evidence of through reviews of LEAs claimed costs. Views of Responsible Official(s) Contact Person: Shawn Richmond, Comptroller Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Oklahoma Department of Education agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-212 STATE AGENCY: Oklahoma Department of Education FEDERAL AGENCY: United States Department of Health and Human Services ALN: 93.323 FEDERAL PROGRAM NAME: Epidemiology and Laboratory Capacity for Infectious Diseases, passed through the Oklahoma State Department of Health FEDERAL AWARD NUMBER: NU50CK000535 FEDERAL AWARD YEAR: 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: Unknown Criteria: 2 CFR § 200.332(b) – Requirements for Pass-through Entities states in part, “All pass-through entities must:… (b) Evaluate each subrecipient’s risk of noncompliance with Federal statutes, regulations, and terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) Subrecipient’s prior experience with the same or similar awards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g. if the subrecipient also receives Federal awards directly from a Federal awarding agency).” 2 CFR § 200.303(a) – Internal Controls states in part, “The Non-Federal entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and terms and conditions of the Federal award.” Condition and Context: The Oklahoma State Department of Education (“OSDE) awarded subgrants of Epidemiology Laboratory Capacity (“ELC”) funding through the Reopening Schools grant on an application basis to school districts throughout the state, without performing a required risk assessment of individual Local Education Agencies (“LEA”). Awarded funds were based on LEA self-certification and budgeted use of funds, with funding being disbursed upon approval of the application based on prior school year’s October 1 enrollment counts. As such, 27 of 60 selections tested (45%) did not have an appropriate risk assessment score, or risk of noncompliance was inappropriately evaluated. 7 of 60 selections tested (12%) did not have an initial risk assessment, but did provide a mid-year evaluation subsequent to OSDE making the award to the LEA. Additionally, a central repository of documentation was lacking and the underlying source documents and records were missing or incomplete. Reimbursements were made to subrecipients without obtaining sufficient underlying details to support the total expenditure claimed by the LEAs. As such, 3 of 60 selections tested (5%) of claim reimbursements totaling approximately $162,500 paid did not have sufficient underlying details to support the claim paid to the LEAs. Cause and Effect: By awarding subgrants to LEAs solely based on an application process and a set dollar figure per student enrollments, OSDE has not adequately followed 2 CFR § 200.332 to distribute subawards based on LEAs individual risk. As a result of improper monitoring of subrecipients, OSDE has increased the risk that a LEA could inappropriately spend the ELC funds awarded and be noncompliant with AL# 93.323. Additionally, reimbursing LEAs based on requested amounts without a thorough system of internal controls to inspect all underlying source documentation comprising the total expenditures requested increases the risk of noncompliance as unallowable expenditures could be contained within the batch total requested by the LEA. Recommendation: We recommend OSDE implements a thorough risk assessment of each LEA to factor into its application and subaward process for Assistance Listing 93.323, catering the award amount and approvals based on individual LEAs risk. Furthermore, we recommend a complete reconciliation of requested reimbursement is performed to the underlying detailed supporting documentation and that these reconciliations are maintained in a central repository for evidence of through reviews of LEAs claimed costs. Views of Responsible Official(s) Contact Person: Shawn Richmond, Comptroller Anticipated Completion Date: 6/30/2025 Corrective Action Planned: The Oklahoma Department of Education agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report.
FINDING NO: 2023-006 (Repeat Finding 2022-018) STATE AGENCY: Oklahoma Department of Human Services FEDERAL AGENCY: Department of Health and Human Services ALN: 93.658 FEDERAL PROGRAM NAME: Foster Care – Title IV-E FEDERAL AWARD NUMBER: 2201OKFOST and 2301OKFOST FEDERAL AWARD YEAR: 2022 and 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 45 CFR §75.303(a) states in part “The Non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).” Per 2 CFR §200.1 Definitions, “Subaward means an award provided by a pass-through entity to a subrecipient for the subrecipient to carry out part of a federal award received by the pass-through entity. It does not include payments to a contractor or payments to an individual that is a beneficiary of a federal program. A subaward may be provided through any form of legal agreement, including an agreement that the pass-through entity considers a contract [emphasis added].” 2 CFR §200.332 Requirements for pass-through entities states in part “All pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes: (1) Federal award identification. (i) Subrecipient name (which must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date (see the definition of Federal award date in § 200.1 of this part) of award to the recipient by the Federal agency; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; (xii) Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement; (xiii) Identification of whether the award is R&D; and (xiv) Indirect cost rate for the Federal award (including if the de minimis rate is charged) per § 200.414. (2) All requirements imposed by the pass-through entity on the subrecipient so that the Federal award is used in accordance with Federal statutes, regulations and the terms and conditions of the Federal award; (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a federal awarding agency).” Condition and Context: We tested 10 of the 10 subrecipient contracts and we noted the following exceptions: • Two of ten (20%) subawards, did not contain the subrecipient’s unique entity identifier, federal award identification number, and federal award date. • One of 10 (10%) subawards, did not include the period of performance in the subaward contract. • One of 10 (10%) subawards, did not include the AL# on the contract. • Ten of ten (100%) subawards did not include the indirect cost rate, or if the indirect cost rate was federally recognized. • Ten of Ten (100%) subawards, did not contain all the information required in accordance with 2CFR section 200.332(a) (1) & (2). For a sample of 2 of the 10 subrecipients, management confirmed the subrecipient risk assessments were not completed until after the end of the fiscal year and thus were not utilized to determine the appropriate subrecipient monitoring to be performed during the fiscal year for those subrecipients. Cause: This is a prior audit finding dating back to SFY2017; DHS Management showed some corrective action has been implemented to address identifying the award and applicable requirements or monitoring as required in 2 CFR 200.332. Management does not properly understand the program requirements. Effect: OKDHS is not in compliance with the monitoring requirements for this program. Therefore, subrecipients may not be spending federal funds in accordance with program requirements. Recommendation: We recommend OKDHS further modify its subrecipient agreements and related documentation to ensure all required award identification is provided. Additionally, we recommend OKDHS perform risk assessments on all subrecipients at the start of the fiscal year to determine the level of monitoring necessary. Views of Responsible Official(s) Contact Person: Kevin Haddock Anticipated Completion Date: February 2025 Corrective Action Planned: The Department of Human Services partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: During audit work, program personnel informed SAI staff, that risk assessments are completed at the fiscal year end when they have final draw amounts. There is no date on the risk assessment so we had to rely on the information provided by program personnel.