FINDING NO: 2023-006 (Repeat Finding 2022-018) STATE AGENCY: Oklahoma Department of Human Services FEDERAL AGENCY: Department of Health and Human Services ALN: 93.658 FEDERAL PROGRAM NAME: Foster Care – Title IV-E FEDERAL AWARD NUMBER: 2201OKFOST and 2301OKFOST FEDERAL AWARD YEAR: 2022 and 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 45 CFR §75.303(a) states in part “The Non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).” Per 2 CFR §200.1 Definitions, “Subaward means an award provided by a pass-through entity to a subrecipient for the subrecipient to carry out part of a federal award received by the pass-through entity. It does not include payments to a contractor or payments to an individual that is a beneficiary of a federal program. A subaward may be provided through any form of legal agreement, including an agreement that the pass-through entity considers a contract [emphasis added].” 2 CFR §200.332 Requirements for pass-through entities states in part “All pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes: (1) Federal award identification. (i) Subrecipient name (which must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date (see the definition of Federal award date in § 200.1 of this part) of award to the recipient by the Federal agency; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; (xii) Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement; (xiii) Identification of whether the award is R&D; and (xiv) Indirect cost rate for the Federal award (including if the de minimis rate is charged) per § 200.414. (2) All requirements imposed by the pass-through entity on the subrecipient so that the Federal award is used in accordance with Federal statutes, regulations and the terms and conditions of the Federal award; (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a federal awarding agency).” Condition and Context: We tested 10 of the 10 subrecipient contracts and we noted the following exceptions: • Two of ten (20%) subawards, did not contain the subrecipient’s unique entity identifier, federal award identification number, and federal award date. • One of 10 (10%) subawards, did not include the period of performance in the subaward contract. • One of 10 (10%) subawards, did not include the AL# on the contract. • Ten of ten (100%) subawards did not include the indirect cost rate, or if the indirect cost rate was federally recognized. • Ten of Ten (100%) subawards, did not contain all the information required in accordance with 2CFR section 200.332(a) (1) & (2). For a sample of 2 of the 10 subrecipients, management confirmed the subrecipient risk assessments were not completed until after the end of the fiscal year and thus were not utilized to determine the appropriate subrecipient monitoring to be performed during the fiscal year for those subrecipients. Cause: This is a prior audit finding dating back to SFY2017; DHS Management showed some corrective action has been implemented to address identifying the award and applicable requirements or monitoring as required in 2 CFR 200.332. Management does not properly understand the program requirements. Effect: OKDHS is not in compliance with the monitoring requirements for this program. Therefore, subrecipients may not be spending federal funds in accordance with program requirements. Recommendation: We recommend OKDHS further modify its subrecipient agreements and related documentation to ensure all required award identification is provided. Additionally, we recommend OKDHS perform risk assessments on all subrecipients at the start of the fiscal year to determine the level of monitoring necessary. Views of Responsible Official(s) Contact Person: Kevin Haddock Anticipated Completion Date: February 2025 Corrective Action Planned: The Department of Human Services partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: During audit work, program personnel informed SAI staff, that risk assessments are completed at the fiscal year end when they have final draw amounts. There is no date on the risk assessment so we had to rely on the information provided by program personnel.
FINDING NO: 2023-006 (Repeat Finding 2022-018) STATE AGENCY: Oklahoma Department of Human Services FEDERAL AGENCY: Department of Health and Human Services ALN: 93.658 FEDERAL PROGRAM NAME: Foster Care – Title IV-E FEDERAL AWARD NUMBER: 2201OKFOST and 2301OKFOST FEDERAL AWARD YEAR: 2022 and 2023 CONTROL CATEGORY: Subrecipient Monitoring QUESTIONED COSTS: $0 Criteria: 45 CFR §75.303(a) states in part “The Non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).” Per 2 CFR §200.1 Definitions, “Subaward means an award provided by a pass-through entity to a subrecipient for the subrecipient to carry out part of a federal award received by the pass-through entity. It does not include payments to a contractor or payments to an individual that is a beneficiary of a federal program. A subaward may be provided through any form of legal agreement, including an agreement that the pass-through entity considers a contract [emphasis added].” 2 CFR §200.332 Requirements for pass-through entities states in part “All pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward and if any of these data elements change, include the changes in subsequent subaward modification. When some of this information is not available, the pass-through entity must provide the best information available to describe the Federal award and subaward. Required information includes: (1) Federal award identification. (i) Subrecipient name (which must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date (see the definition of Federal award date in § 200.1 of this part) of award to the recipient by the Federal agency; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the pass-through entity including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the pass-through entity; (x) Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; (xii) Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement; (xiii) Identification of whether the award is R&D; and (xiv) Indirect cost rate for the Federal award (including if the de minimis rate is charged) per § 200.414. (2) All requirements imposed by the pass-through entity on the subrecipient so that the Federal award is used in accordance with Federal statutes, regulations and the terms and conditions of the Federal award; (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a federal awarding agency).” Condition and Context: We tested 10 of the 10 subrecipient contracts and we noted the following exceptions: • Two of ten (20%) subawards, did not contain the subrecipient’s unique entity identifier, federal award identification number, and federal award date. • One of 10 (10%) subawards, did not include the period of performance in the subaward contract. • One of 10 (10%) subawards, did not include the AL# on the contract. • Ten of ten (100%) subawards did not include the indirect cost rate, or if the indirect cost rate was federally recognized. • Ten of Ten (100%) subawards, did not contain all the information required in accordance with 2CFR section 200.332(a) (1) & (2). For a sample of 2 of the 10 subrecipients, management confirmed the subrecipient risk assessments were not completed until after the end of the fiscal year and thus were not utilized to determine the appropriate subrecipient monitoring to be performed during the fiscal year for those subrecipients. Cause: This is a prior audit finding dating back to SFY2017; DHS Management showed some corrective action has been implemented to address identifying the award and applicable requirements or monitoring as required in 2 CFR 200.332. Management does not properly understand the program requirements. Effect: OKDHS is not in compliance with the monitoring requirements for this program. Therefore, subrecipients may not be spending federal funds in accordance with program requirements. Recommendation: We recommend OKDHS further modify its subrecipient agreements and related documentation to ensure all required award identification is provided. Additionally, we recommend OKDHS perform risk assessments on all subrecipients at the start of the fiscal year to determine the level of monitoring necessary. Views of Responsible Official(s) Contact Person: Kevin Haddock Anticipated Completion Date: February 2025 Corrective Action Planned: The Department of Human Services partially agrees with the finding. Please see the corrective action plan located in the corrective action plan section of this report. Auditor Response: During audit work, program personnel informed SAI staff, that risk assessments are completed at the fiscal year end when they have final draw amounts. There is no date on the risk assessment so we had to rely on the information provided by program personnel.
Federal Agency: U.S. Department of Homeland Security Pass-Through Agency: Central Office of Recovery, Reconstruction and Resiliency of Puerto Rico (COR3) Program: Disaster Grants – Public Assistance (Presidentially-Declared Disaster) (ALN 97.036) Compliance Requirement: Reporting (L) Type of Finding: Significant Deficiency in Internal Control (SD), Instance of Noncompliance (NC) Statement of Condition In our Reporting Test, we evaluated the Quarterly Progress Reports of a total of five (5) projects for two quarters of fiscal year 2022-2023. Our audit procedures revealed that Quarterly Progress Reports were not submitted for one of the quarters for four of the five projects evaluated. Criteria 2 CFR 200.328 (c) states that the recipient or subrecipient must submit financial reports as required by the Federal award. […] Reports submitted quarterly or semiannually must be due no later than 30 calendar days after the reporting period. 2 CFR 200.329 (c) (1) states that the recipient or subrecipient must submit performance reports as required by the Federal award. […] Reports submitted quarterly or semiannually must be due no later than 30 calendar days after the reporting period. […] 2 CFR 200.332 (b) (3) states that any additional requirements that the pass-through entity imposes on the subrecipient for the pass-through entity to meet its responsibilities under the Federal award. This includes information and certifications […] required for submitting financial and performance reports that the pass-through entity must provide to the Federal agency. 44 CFR 206.204 (f) states that progress reports will be submitted by the recipient to the Regional Administrator quarterly. […] COR3, as a pass-through entity, requires Subrecipients to complete and submit a quarterly progress report for each Project Worksheet (“PW”) through the Disaster Recovery Solution (“DRS”) Platform. This information is then submitted to the Federal Emergency Management Agency (FEMA). Quarterly Progress Reports cannot be edited or submitted after the deadline. Cause of Condition The Municipality did not manage time effectively to complete the Quarterly Progress Reports as required by the Federal award. Effect of Condition The Municipality failed in the submission of Quarterly Progress Reports as required by the Federal award. Recommendation We recommend the Program Administrators manage time effectively to complete the Quarterly Progress Reports timely. Questioned Costs None. Views of Responsible Officials and Planned Corrective Action We will give instructions to the accounting staff in charge of the preparation of the quarterly progress reports of the Program, in order to comply with the FEMA reporting requirements. Responsible Official: Mrs. Irma M. Vargas Aguirre, Finance and Budget Director Implementation Date: December 31, 2025
Criteria: Internal Control: Per 2 CFR section 200.303(a), a non-Federal entity must: Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non- Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework,” issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Compliance: Monitoring the activities of the subrecipients is necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). Condition: The County did not have a process for monitoring subrecipients and did not provide documentation to support subrecipient monitoring for all subawards issued during fiscal year 2023. Cause: The County’s Finance Office was unaware of subrecipient monitoring requirements for all federally funded subawards. Internal controls were not properly designed and the County was not in compliance with requirements. Questioned Costs: None noted. Effect: Federal funds may be used for purposes that are not in accordance with the terms of the grant agreement. Recommendation: We recommend the County review and enhance internal controls and procedures to ensure that all subrecipients are monitored and reviewed. Identification of Repeat Finding: This is a repeat finding. Views of Responsible Officials: Management agrees with the finding.
Applicable federal program: U. S. Department of Health and Human Services, Family Planning Services (Title X), Assistance Listing #93.217, Contract Number: FPHPA006521-01-00, Contract Year: 04/01/22 – 03/31/23 Criteria: Subrecipient monitoring – 2 CFR §200.332(d) requires that the activities of subrecipients be monitored to ensure that subawards are used for authorized purposes, in compliance with federal statutes, regulations, and the terms and conditions of the subaward, and that subaward performance goals are achieved. Part of the required monitoring activities include following-up and ensuring that the subrecipient takes timely and appropriate action on Single Audit findings. Condition and context: Of the four subrecipients tested, we found that WHFPT did not obtain and review the Single Audit reports for one subrecipient. Effect: Without sufficient policies in place to review the single audits for each subrecipient, WHFPT has no way to ensure that findings, if any, are appropriately and timely addressed to ensure compliance with federal statutes, regulations, and the terms and conditions of the subaward. Recommendation: Implement policies to obtain the single audit reports for all subrecipients to ensure compliance with federal requirements and, where findings are reported, ensure that the subrecipient has taken appropriate actions to remedy the finding. Views of responsible officials and planned corrective actions: Management agrees with the finding. See Corrective Action Plan.
Applicable federal program: U. S. Department of Health and Human Services, Family Planning Services (Title X), Assistance Listing #93.217, Contract Number: FPHPA006521-01-00, Contract Year: 04/01/22 – 03/31/23 Criteria: Subrecipient monitoring – 2 CFR §200.332(d) requires that the activities of subrecipients be monitored to ensure that subawards are used for authorized purposes, in compliance with federal statutes, regulations, and the terms and conditions of the subaward, and that subaward performance goals are achieved. Part of the required monitoring activities include following-up and ensuring that the subrecipient takes timely and appropriate action on Single Audit findings. Condition and context: Of the four subrecipients tested, we found that WHFPT did not obtain and review the Single Audit reports for one subrecipient. Effect: Without sufficient policies in place to review the single audits for each subrecipient, WHFPT has no way to ensure that findings, if any, are appropriately and timely addressed to ensure compliance with federal statutes, regulations, and the terms and conditions of the subaward. Recommendation: Implement policies to obtain the single audit reports for all subrecipients to ensure compliance with federal requirements and, where findings are reported, ensure that the subrecipient has taken appropriate actions to remedy the finding. Views of responsible officials and planned corrective actions: Management agrees with the finding. See Corrective Action Plan.
Federal Agency: U.S. Department of the Treasury Federal Program Title: COVID-19 Coronavirus State and Local Fiscal Recovery Funds Federal Program: COVID-19 Coronavirus State and Local Fiscal Recovery Funds Assistance Listing Number 21.027 Fedearl Award Program Year: January 1, 2022 - December 31, 2022 Pass-through Agency: Indiana Finance Authority Pass-through Number: Unknown Type of finding: significant deficiency in internal control over compliance, other matter. Criteria or Specific Requirement - Subrecipient Monitoring: Pursuant to 2 CFR § 200.331, non-Federal entities can award subawards for the purpose of carrying out a portion of a Federal award and creates a Federal assistance relationship with the subrecipient. In addition, pursuant to 2 CFR 200.332, the non-Federal entity must identify to the subrecipient as a subaward and includes the Federal award identification. The non-Federal entity must monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Fedderal statutes, regulations, and the terms and conditions of the subaward. Condition: The County could not provide support that it had sufficient review of the subrecipient during the year on a consistent basis. The County had not properly designed or implemented a system of internal controls that would likely be effective in preventing, detecting, and correcting, noncompliance. Question Costs: None Context: It was noted that the file selected for testing did not have documented evidence supporting that the County had sufficient monitoring and communication of the subrecipient. The file selected had a qualified opinion relating to their single audit that the County was wnaware. From a population of ten files, one was selected for testing. Our sample was not intended to be statistically valid. Effec: The County was unable to support that the subrecipients were being monitored. Cause: Failue to maintain sufficient monitoring of the subrecipient. Identification as a repeat finding: No Recommendation: We recommend that the County maintain adequate communication and documentation with the subrecipients to ensure compliance with the subrecipients requirement. This documentation could include a quarterly communication and receipt of the audited financial statements and single audit report, if applicable. Views of responsible officials and planned corrective action: The County is aware of the compliance requirement and has implemented additional procedures, including certain of those identified in the recommendation above, to be able to support subrecipient monitoring processes are in place. Person responsible for implementing: Abby Doyle, Chief Deputy Auditor Anticipated completion date: Completed.
Federal Agency: U.S. Department of the Treasury Federal Program Title: COVID-19 Coronavirus State and Local Fiscal Recovery Funds Federal Program: COVID-19 Coronavirus State and Local Fiscal Recovery Funds Assistance Listing Number 21.027 Fedearl Award Program Year: January 1, 2022 - December 31, 2022 Pass-through Agency: Indiana Finance Authority Pass-through Number: Unknown Type of finding: significant deficiency in internal control over compliance, other matter. Criteria or Specific Requirement - Subrecipient Monitoring: Pursuant to 2 CFR § 200.331, non-Federal entities can award subawards for the purpose of carrying out a portion of a Federal award and creates a Federal assistance relationship with the subrecipient. In addition, pursuant to 2 CFR 200.332, the non-Federal entity must identify to the subrecipient as a subaward and includes the Federal award identification. The non-Federal entity must monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Fedderal statutes, regulations, and the terms and conditions of the subaward. Condition: The County could not provide support that it had sufficient review of the subrecipient during the year on a consistent basis. The County had not properly designed or implemented a system of internal controls that would likely be effective in preventing, detecting, and correcting, noncompliance. Question Costs: None Context: It was noted that the file selected for testing did not have documented evidence supporting that the County had sufficient monitoring and communication of the subrecipient. The file selected had a qualified opinion relating to their single audit that the County was wnaware. From a population of ten files, one was selected for testing. Our sample was not intended to be statistically valid. Effec: The County was unable to support that the subrecipients were being monitored. Cause: Failue to maintain sufficient monitoring of the subrecipient. Identification as a repeat finding: No Recommendation: We recommend that the County maintain adequate communication and documentation with the subrecipients to ensure compliance with the subrecipients requirement. This documentation could include a quarterly communication and receipt of the audited financial statements and single audit report, if applicable. Views of responsible officials and planned corrective action: The County is aware of the compliance requirement and has implemented additional procedures, including certain of those identified in the recommendation above, to be able to support subrecipient monitoring processes are in place. Person responsible for implementing: Abby Doyle, Chief Deputy Auditor Anticipated completion date: Completed.
Criteria or Specific Requirement: The Uniform Guidance in 2 CFR Section 200.303, Internal Controls, requires that non-Federal entities receiving Federal awards (i.e., auditee management) establish and maintain internal control designed to reasonably ensure compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. The Uniform Guidance in 2 CFR Section 200.332 states- All pass-through entities must ensure that every subaward is clearly identified to the subrecipient and includes the following information at the time of the subaward as follows: (1) Federal award identification, (2) All requirements imposed by the pass-through entity on the subrecipient so that the Federal award is used in accordance with Federal statutes, regulations and terms and conditions of the Federal award; (3) Any additional requirements that the pass-through entity imposes on the subrecipient in order for the pass-through entity to meet its own responsibility to the Federal awarding agency including identification of any required financial and performance reports, (4) A requirement that the subrecipient permit the pass-through entity and auditors to have access to the subrecipient?s records and financial statements as necessary for the pass-through entity to meet the requirements of this part; and (5) Appropriate terms and conditions concerning the closeout of the subaward. Condition: We noted that, for all five subrecipients tested, subaward agreements did not include the award information required under 2 CFR 200.332. Cause: Subaward agreements were not properly written and appropriately reviewed to ensure all required award information was included. Effect or Potential Effect: Denver Department of Public Health and Environment (DDPHE) was not in compliance with subrecipient requirements outlined in 2 CFR Section 200.332. Furthermore, not communicating proper compliance requirements and other information may increase the likelihood of noncompliance on the part of the subrecipient and non-fulfillment of program goals and objectives. In addition, this also increases the risk the subrecipient may not understand they are receiving Federal funds, which could result in subrecipients failing to comply with the Uniform Guidance or pass-through entity requirements for the award. Questioned Costs: None Context: BDO selected five subawards totaling to $875,589 to test from a population of 11 subawards totaling to $1,084,199. BDO noted that all five subawards tested did not include the required Federal award identification or applicability of audit requirements. This is a condition identified per review of the City?s compliance with specified requirements using a sample that was not statistically valid. Identification as a Repeat Finding: N/A Recommendation: DDPHE should revise subaward agreements to include specific Federal award identification information and language clearly stating applicable audit requirements subrecipients must comply with to ensure all agreements are in compliance with the requirements in 2 CFR Section 200.332. Views of Responsible Officials: The City agrees with the finding and DDPHE will consult with the City?s Federal Grants Manager and other parties to review the current standard contract provisions and will modify those provisions accordingly. For additional information, see the City?s separate report for planned corrective actions.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
Finding 2022-001: Failure to Establish Subrecipient Monitoring Procedures Federal Agency: U.S. Department of Health and Human Services (HHS) Program Name: Research and Development Programs ALN and Program Expenditures: Various ($2,585,762) Federal Award Numbers: Various ? See schedule of award numbers Federal Award Year: Various ? See schedule of award numbers Questioned Costs: None Compliance Requirement: Subrecipient Monitoring Type of Finding: Significant Deficiency and Material Noncompliance Condition Found: The Carle Foundation did not perform a risk assessment or subrecipient monitoring procedures for subrecipients of Research and Development Programs for the year end December 31, 2022. Carle designated Vanderbilt University and the University of Illinois Urbana-Champaign as subrecipients for the programs. As a pass-through entity, Carle was responsible for: ? Identifying the award and applicable requirements, ? Evaluating the subrecipient?s risk of noncompliance for purposes of determining the appropriate monitoring procedures related to the subaward, ? Monitoring the activities of the subrecipient as necessary to ensure the subaward is used for authorized purposes, that the subrecipient complies with the terms and conditions of the subaward, that the subrecipient achieves performance goals, and ? Issuing a management decision for single audit findings pertaining to the federal award provided to the subrecipient, if applicable. During our testing, we noted Carle did not perform any subrecipient monitoring procedures over subrecipients with respect to the Research and Development Programs during the year ended December 31, 2022. Amounts passed through to subrecipients totaled $115,061 for the year ended December 31, 2022. Criteria or Requirement: Per 2 CFR 200.332(b), a pass-through entity must evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. According to 2 CFR 200.332(d), a pass-through entity is required to monitor the activities of subrecipients as necessary to ensure that federal awards are used for authorized purposes in compliance with laws, regulations, and the provisions of contracts or grant agreements and that performance goals are achieved. 2 CFR 200.332(d)(3) requires pass-through entities to issue management decisions for applicable audit findings pertaining to the federal awards provided to the subrecipient and 2 CFR 200.332(d)(4) requires pass through entities to resolve audit findings through corrective action plans (CAP). In addition, 2 CFR 200.303 requires non-Federal entities receiving Federal awards to establish and maintain internal controls designed to reasonably ensure compliance with Federal laws, regulations, and program compliance requirements. Effective internal controls should include establishing and performing monitoring procedures in accordance with Uniform Guidance and program requirements. Cause: The Grants Administration Office engaged with Clifton Larson Allen Consulting in the fall of 2022 to compose multiple, essential policies (including Sub-Recipient Monitoring) required to manage Carle?s growing grants portfolio and maintain compliance with per the terms and conditions of the awards, the awarding agencies? regulations, and 2 CFR Part 200, The Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. The draft policies were circulated, reviewed, and discussed by the Grants Administration Office and leadership in Research, Accounting, Capital, and Compliance prior to finalizing, but were not able to be published prior to initiating subawards on an NIH R01 transfer for our new Director of Clinical Imaging Research, Dr. Bruce Damon. The Grants Administration Office had to accept Dr. Damon?s transfer from Vanderbilt when he joined Carle and initiate the subawards so that his grant activity kept pace with sponsor milestones and deliverables as required by the award. Possible Asserted Effect: Failure to perform required risk assessments and to adequately monitor subrecipients may result in the subrecipient not properly administering the federal program in accordance with laws, regulations, and the grant agreement. Repeat Finding: A similar finding was not reported in the prior year audit. Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Recommendation: We recommend The Carle Foundation implement subrecipient monitoring procedures in accordance with federal regulations. Views of Management: Carle did perform informal risk assessments of both sub-recipients prior to issuance in order to support Dr. Damon?s incoming NIH award and engage with both critical sub-recipient collaborators promptly. Activities at the University of Illinois and Vanderbilt had to continue on the planned research effort for his transferred NIH award even though our related policy was in final draft form and not yet published. In making the decision to proceed, the Grants Administration Office confirmed that the final draft of the Sub-Recipient Monitoring policy, as well as the Risk Assessment Matrix tool, attached to the policy, had been circulated with leadership and key stakeholders in Research, Accounting, Finance, and Compliance, and resulted in no material edits. Additionally, the Grants Administration Office judged both prospective institutions as viable recipients of federal funding based on their current and active SAM.gov registrations at the time of issuance, the integrity of these well-established academic institutions, as well as Carle?s longstanding relationship with the University of Illinois (with multiple types of agreements already in place). To ensure appropriate safeguards, Carle issued its subawards using a standard FDP Clearinghouse template, compliant with federal regulations. Included in the subaward terms and conditions were all of the required attestations that both institutions signed, regarding Conflict of Interest, Lobbying, Debarment, Audit, 2CFR 200, FFATA, Data Sharing, Copyrights, and Human Subjects Protection. All invoices from our sub-recipients were received monthly as per the agreement and reviewed by both the Grants Administration Office and Dr. Damon for allowability prior to payment.
FINDING 2022-004 Subject: Formula Grants for Rural Areas and Tribal Transit Program - Subrecipient Monitoring Federal Agency: Department of Transportation Federal Programs: COVID-19 - Formula Grants for Rural Areas and Tribal Transit Program, Formula Grants for Rural Areas and Tribal Transit Program Assistance Listings Number: 20.509 Federal Award Numbers and Years (or Other Identifying Numbers): EDS#A249-20-G20032, EDS#A249-22-G210088, EDS#A249-22-G210124 Pass-Through Entity: Indiana Department of Transportation Compliance Requirement: Subrecipient Monitoring Audit Findings: Material Weakness, Modified Opinion Condition and Context The County had not properly designed or implemented a system of internal controls, which would include appropriate segregation of duties, that would likely be effective in preventing, or detecting and correcting, material noncompliance related to the Formula Grants for Rural Areas and Tribal Transit Program funds (Transit program) passed through to a subrecipient. The County received and passed through to a subrecipient $664,071 in Transit program funds. The County is to clearly identify the award and applicable requirements to the subrecipient, evaluate the risk of noncompliance related to the subrecipient to determine appropriate monitoring of the subaward, and monitor the activities of the subrecipient to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. As part of managing the award, the County is to evaluate the subrecipients risk of noncompliance to determine the extent of monitoring. Such factors to consider would include the subrecipients prior experience with the award or similar awards, results of previous audits, any personnel or system changes at the subrecipient, and the extent and results of federal reviews. Based on the results of the County's risk of noncompliance evaluation, the extent of monitoring can be determined. Monitoring activities include, but are not limited to, reviewing financial and performance reports, ensuring audits are obtained as required, follow-up to ensure appropriate action was taken on deficiencies identified during an audit, issuing management decisions for applicable findings related to the federal award, and ensuring audit findings related to the subaward are resolved. The County did not have any policies or procedures in place to evaluate the subrecipient's risk of noncompliance or to monitor the activity of the subrecipient. Per inquiry of the County, it was determined an evaluation of the risk of noncompliance for the subrecipient was not completed, nor did the subrecipient's files support any such evaluation. In addition, while the subrecipient provided reimbursement requests, the requests did not include sufficient evidence for the County to ascertain if the subrecipient was complying with the grant requirements. The County also did not request or review the subrecipient's audit or monitoring reports to identify any potential noncompliance, determine if management decisions were needed, or if any issues identified were properly resolved. The lack of internal controls and noncompliance were systemic issues throughout the audit period. Criteria 2 CFR 200.303 states in part: "The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in 'Standards for Internal Control in the Federal Government' issued by the Comptroller General of the United States or the 'Internal Control Integrated Framework', issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). . . ." 2 CFR 200.332 Requirements for pass-through entities. (Revised Uniform Guidance) states in part: "All pass-through entities must: . . . (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency). (c) Consider imposing specific subaward conditions upon a subrecipient if appropriate as described in ? 200.208. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit Findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ? 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving cross-cutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section ? 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Cause A proper system of internal controls was not designed by management of the County. Embedded within a properly designed and implemented internal control system should be internal controls consisting of policies and procedures. Policies reflect the County's management statements of what should be done to effect internal controls, and procedures should consist of actions that would implement these policies. Effect Without the proper implementation of an effectively designed system of internal controls, the internal control system cannot be capable of effectively preventing, or detecting and correcting, material noncompliance. As a result, the County did not properly evaluate the subrecipients risk of noncompliance or adequately monitor the subrecipient. Noncompliance with the provisions of federal statutes, regulations, and the terms and conditions of the federal award could result in the loss of future federal funding to the County. Questioned Costs There were no questioned costs identified. Recommendation We recommended that management of the County implement a proper system of internal controls, including segregation of duties, to evaluate the subrecipients risk of noncompliance and adequately monitor the subrecipient. Additionally, policies and procedures should be implemented to ensure appropriate reviews, approvals, and oversight are taking place, as needed, to evaluate and monitor its subrecipient. Views of Responsible Officials For the views of responsible officials, refer to the Corrective Action Plan that is part of this report.
FINDING 2022-004 Subject: Formula Grants for Rural Areas and Tribal Transit Program - Subrecipient Monitoring Federal Agency: Department of Transportation Federal Programs: COVID-19 - Formula Grants for Rural Areas and Tribal Transit Program, Formula Grants for Rural Areas and Tribal Transit Program Assistance Listings Number: 20.509 Federal Award Numbers and Years (or Other Identifying Numbers): EDS#A249-20-G20032, EDS#A249-22-G210088, EDS#A249-22-G210124 Pass-Through Entity: Indiana Department of Transportation Compliance Requirement: Subrecipient Monitoring Audit Findings: Material Weakness, Modified Opinion Condition and Context The County had not properly designed or implemented a system of internal controls, which would include appropriate segregation of duties, that would likely be effective in preventing, or detecting and correcting, material noncompliance related to the Formula Grants for Rural Areas and Tribal Transit Program funds (Transit program) passed through to a subrecipient. The County received and passed through to a subrecipient $664,071 in Transit program funds. The County is to clearly identify the award and applicable requirements to the subrecipient, evaluate the risk of noncompliance related to the subrecipient to determine appropriate monitoring of the subaward, and monitor the activities of the subrecipient to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals. As part of managing the award, the County is to evaluate the subrecipients risk of noncompliance to determine the extent of monitoring. Such factors to consider would include the subrecipients prior experience with the award or similar awards, results of previous audits, any personnel or system changes at the subrecipient, and the extent and results of federal reviews. Based on the results of the County's risk of noncompliance evaluation, the extent of monitoring can be determined. Monitoring activities include, but are not limited to, reviewing financial and performance reports, ensuring audits are obtained as required, follow-up to ensure appropriate action was taken on deficiencies identified during an audit, issuing management decisions for applicable findings related to the federal award, and ensuring audit findings related to the subaward are resolved. The County did not have any policies or procedures in place to evaluate the subrecipient's risk of noncompliance or to monitor the activity of the subrecipient. Per inquiry of the County, it was determined an evaluation of the risk of noncompliance for the subrecipient was not completed, nor did the subrecipient's files support any such evaluation. In addition, while the subrecipient provided reimbursement requests, the requests did not include sufficient evidence for the County to ascertain if the subrecipient was complying with the grant requirements. The County also did not request or review the subrecipient's audit or monitoring reports to identify any potential noncompliance, determine if management decisions were needed, or if any issues identified were properly resolved. The lack of internal controls and noncompliance were systemic issues throughout the audit period. Criteria 2 CFR 200.303 states in part: "The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in 'Standards for Internal Control in the Federal Government' issued by the Comptroller General of the United States or the 'Internal Control Integrated Framework', issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). . . ." 2 CFR 200.332 Requirements for pass-through entities. (Revised Uniform Guidance) states in part: "All pass-through entities must: . . . (b) Evaluate each subrecipient's risk of noncompliance with Federal statutes, regulations, and the terms and conditions of the subaward for purposes of determining the appropriate subrecipient monitoring described in paragraphs (d) and (e) of this section, which may include consideration of such factors as: (1) The subrecipient's prior experience with the same or similar subawards; (2) The results of previous audits including whether or not the subrecipient receives a Single Audit in accordance with Subpart F of this part, and the extent to which the same or similar subaward has been audited as a major program; (3) Whether the subrecipient has new personnel or new or substantially changed systems; and (4) The extent and results of Federal awarding agency monitoring (e.g., if the subrecipient also receives Federal awards directly from a Federal awarding agency). (c) Consider imposing specific subaward conditions upon a subrecipient if appropriate as described in ? 200.208. (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit Findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining to the Federal award provided to the subrecipient from the pass-through entity as required by ? 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving cross-cutting findings. If a subrecipient has a current Single Audit report posted in the Federal Audit Clearinghouse and has not otherwise been excluded from receipt of Federal funding (e.g., has been debarred or suspended), the pass-through entity may rely on the subrecipient's cognizant audit agency or cognizant oversight agency to perform audit follow-up and make management decisions related to cross-cutting findings in accordance with section ? 200.513(a)(3)(vii). Such reliance does not eliminate the responsibility of the pass-through entity to issue subawards that conform to agency and award-specific requirements, to manage risk through ongoing subaward monitoring, and to monitor the status of the findings that are specifically related to the subaward. Cause A proper system of internal controls was not designed by management of the County. Embedded within a properly designed and implemented internal control system should be internal controls consisting of policies and procedures. Policies reflect the County's management statements of what should be done to effect internal controls, and procedures should consist of actions that would implement these policies. Effect Without the proper implementation of an effectively designed system of internal controls, the internal control system cannot be capable of effectively preventing, or detecting and correcting, material noncompliance. As a result, the County did not properly evaluate the subrecipients risk of noncompliance or adequately monitor the subrecipient. Noncompliance with the provisions of federal statutes, regulations, and the terms and conditions of the federal award could result in the loss of future federal funding to the County. Questioned Costs There were no questioned costs identified. Recommendation We recommended that management of the County implement a proper system of internal controls, including segregation of duties, to evaluate the subrecipients risk of noncompliance and adequately monitor the subrecipient. Additionally, policies and procedures should be implemented to ensure appropriate reviews, approvals, and oversight are taking place, as needed, to evaluate and monitor its subrecipient. Views of Responsible Officials For the views of responsible officials, refer to the Corrective Action Plan that is part of this report.
FINDING 2022-004 Assistance Listing Numbers 97.024 Emergency Food and Shelter National Board Program Federal Agency U.S. Department of Homeland Security Pass-through Agency Not Applicable Award Numbers / Years 2022 City Departments Office of Budget and Management Criteria: According to 2 CFR 200.332, all pass-through entities must ensure that every subaward is clearly identified to the subrecipient as a subaward and include specific award identification data as detailed in the Uniform Guidance. Condition/Context: Both of the subaward agreements tested did not contain the assistance listing number, federal award identification number, federal award date, and unique entity identifier in the original agreement. The grant agreement said that information would be forthcoming, however, no additional communications were provided to the subrecipients with this information. Our sample was not statistically valid. Effect: Subrecipients may not receive the appropriate subaward information. Questioned Costs: None noted. Cause: At the time the subawards were awarded to the subrecipeints, the missing award information was not known by the City. Subsequently, there was not a process to ensure the required information was provided once it became available. Recommendation: We recommend that the City provide the subrecipients with the appropriate award identification information. In addition, the City should consider whether a procedure is needed to revisit awards periodically to ensure that all required information has been provided to its subrecipients. Views of Responsible Officials: See Corrective Action Plan.
FINDING 2022-005 Subject: COVID-19 - Coronavirus State and Local Fiscal Recovery Funds - Subrecipient Monitoring Federal Agency: Department of the Treasury Federal Program: COVID-19 - Coronavirus State and Local Fiscal Recovery Funds Assistance Listings Number: 21.027 Federal Award Number and Year (or Other Identifying Number): FY 2022 Compliance Requirement: Subrecipient Monitoring Audit Findings: Material Weakness, Modified Opinion Condition and Context The County received a total State and Local Fiscal Recovery Funds (SLFRF) allocation of $13,177,707. During the audit period, the County provided subawards of SLFRF funds to other entities. As a pass-through entity, the County must: 1. Identify the award and the applicable requirements to each subrecipient. 2. Evaluate each subrecipient's risk of noncompliance for purposes of determining the appropriate subrecipient monitoring related to the subaward. 3. Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purpose, complies with the terms and conditions of the subaward, and achieves performance goals. Subawards, totaling $2,503,400, were provided to four different entities. Three of the subrecipient agreements associated with the subawards were selected for testing. For the three agreements tested, the following information was incomplete or missing: 1. The subrecipients unique entity identifier. 2. The federal award identification number (FAIN). 3. The federal award date of award to the recipient by the federal agency. 4. The name of the federal awarding agency, pass-through entity (auditee), and contact information for awarding official of the pass-through entity (auditee). 5. The Assistance Listings Number and Title; the pass-through entity must identify the dollar amount made available under each federal award and the Assistance Listings Number at time of disbursement. Furthermore, the County did not have an evaluation of the subrecipients' risk of noncompliance or monitoring activities demonstrating compliance with the subrecipient monitoring requirement. The lack of internal controls and noncompliance were systemic issues throughout the audit period. Criteria 2 CFR 200.303 states in part: "The non-Federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in 'Standards for Internal Control in the Federal Government' issued by the Comptroller General of the United States or the 'Internal Control Integrated Framework', issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). . . ." 2 CFR 200.331(a) states: "Subrecipients. A subaward is for the purpose of carrying out a portion of a Federal award and creates a Federal assistance relationship with the subrecipient. See definition for Subaward in ? 200.1 of this part. Characteristics which support the classification of the non-Federal entity as a subrecipient include when the non-Federal entity: (1) Determines who is eligible to receive what Federal assistance; (2) Has its performance measured in relation to whether objectives of a Federal program were met; (3) Has responsibility for programmatic decision-making; (4) Is responsible for adherence to applicable Federal program requirements specified in the Federal award; and (5) In accordance with its agreement, uses the Federal funds to carry out a program for a public purpose specified in authorizing statute, as opposed to providing goods or services for the benefit of the pass-through entity." 2 CFR 200.332 states in part: "All pass-through entities must: (a) Ensure that every subaward is clearly identified to the subrecipient as a subaward and includes the following information at the time of the subaward . . . (1) Federal award identification. (i) Subrecipient name (which must match the name associated with its unique entity identifier); (ii) Subrecipient's unique entity identifier; (iii) Federal Award Identification Number (FAIN); (iv) Federal Award Date (see the definition of Federal award date in ? 200.1 of this part) of award to the recipient by the Federal agency; (v) Subaward Period of Performance Start and End Date; (vi) Subaward Budget Period Start and End Date; (vii) Amount of Federal Funds Obligated by this action by the pass-through entity to the subrecipient; (viii) Total Amount of Federal Funds Obligated to the subrecipient by the passthrough entity including the current financial obligation; (ix) Total Amount of the Federal Award committed to the subrecipient by the passthrough entity; (x) Federal award project description, as required to be responsive to the Federal Funding Accountability and Transparency Act (FFATA); (xi) Name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity; (xii) Assistance Listings number and Title; the pass-through entity must identify the dollar amount made available under each Federal award and the Assistance Listings Number at time of disbursement; (xiii) Identification of whether the award is R&D; and (xiv) Indirect cost rate for the Federal award (including if the de minimis rate is charged) per ? 200.414. (2) All requirements imposed by the pass-through entity on the subrecipient so that the Federal award is used in accordance with Federal statutes, regulations and the terms and conditions of the Federal award; (3) Any additional requirements that the pass-through entity imposes on the subrecipient in order for the pass-through entity to meet its own responsibility to the Federal awarding agency including identification of any required financial and performance reports; (4) (i) An approved federally recognized indirect cost rate negotiated between the subrecipient and the Federal Government. If no approved rate exists, the passthrough entity must determine the appropriate rate in collaboration with the subrecipient, which is either: (A) The negotiated indirect cost rate between the pass-through entity and the subrecipient; which can be based on a prior negotiated rate between a different PTE and the same subrecipient. If basing the rate on a previously negotiated rate, the pass-through entity is not required to collect information justifying this rate, but may elect to do so; (B) The de minimis indirect cost rate. (iii) The pass-through entity must not require use of a de minimis indirect cost rate if the subrecipient has a Federally approved rate. Subrecipients can elect to use the cost allocation method to account for indirect costs in accordance with ? 200.405(d). (5) A requirement that the subrecipient permit the pass-through entity and auditors to have access to the subrecipient's records and financial statements as necessary for the pass-through entity to meet the requirements of this part; and (6) Appropriate terms and conditions concerning closeout of the subaward. (b) Evaluate each subrecipient's risk of noncompliance with Federal statues, regulations, and the terms and conditions of the subaward for purposes of determined the appropriate subrecipient monitoring . . . (d) Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, in compliance with Federal statutes, regulations, and the terms and conditions of the subaward; and that subaward performance goals are achieved. Pass-through entity monitoring of the subrecipient must include: (1) Reviewing financial and performance reports required by the pass-through entity. (2) Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. (3) Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by ? 200.521. (4) The pass-through entity is responsible for resolving audit findings specifically related to the subaward and not responsible for resolving crosscutting findings. . . ." Cause The system of internal controls as established by management of the County was not properly designed, nor implemented. Embedded within a properly designed and implemented internal control system should be internal controls consisting of policies and procedures. Policies reflect the County's management statements of what should be done to effect internal controls, and procedures should consist of actions that would implement these policies. Effect Without the proper implementation of an effectively designed system of internal controls, the internal control system cannot be capable of effectively preventing, or detecting and correcting, material noncompliance. The County was responsible for providing a subaward agreement, with all required elements, and monitoring the non-profit. Noncompliance with the provisions of federal statutes, regulations, and the terms and conditions of the federal award could result in the loss of future federal funding to the County. Questioned Costs There were no questioned costs identified. Recommendation We recommended that management of the County design and implement a proper system of internal controls and develop policies and procedures to ensure subrecipients are provided with an adequate subaward agreement and monitored as appropriate. Views of Responsible Officials For the views of responsible officials, refer to the Corrective Action Plan that is part of this report.
Finding 2022-003 Criteria or Specific Requirement: The Code of Federal Regulations Section 200.322(b) states that the pass-through entity must evaluate the subrecipient's risk of noncompliance with Federal statutes and Section 200.332(d) states that the pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subawards is used for authorized purposes. Condition: During our review of subrecipient monitoring, it was noted that no formal written policy is maintained. Cause: The Organization does not have written policies and procedures to monitor subrecipient's activities in accordance with the Uniform Guidance requirements. Effect or Potential Effect: The deficiency increases the risk that subawards could be spent for purposes other than those outlined in the grant agreements. Context: The Organization provides subawards to grant recipients. Its monitoring procedures consist of approvals over the expenditures but lack the requirements set forth by 2 CFR 200.332. Questioned costs: None noted. Repeat finding: No. Recommendation: We recommend the Organization's subrecipient monitoring policies and procedures be reviewed and updated for compliance with the Uniform Guidance requirements. Additionally, we recommend the Organization review all policies and procedures annually, or more frequently, if necessary, to reflect changes to laws, regulations, personnel, and/or internal procedures. Views of Responsible Officials: Management agrees with the finding and will implement a process to documents its policies and ensure they meet the subrecipient monitoring requirements.
Finding 2022-003 Criteria or Specific Requirement: The Code of Federal Regulations Section 200.322(b) states that the pass-through entity must evaluate the subrecipient's risk of noncompliance with Federal statutes and Section 200.332(d) states that the pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subawards is used for authorized purposes. Condition: During our review of subrecipient monitoring, it was noted that no formal written policy is maintained. Cause: The Organization does not have written policies and procedures to monitor subrecipient's activities in accordance with the Uniform Guidance requirements. Effect or Potential Effect: The deficiency increases the risk that subawards could be spent for purposes other than those outlined in the grant agreements. Context: The Organization provides subawards to grant recipients. Its monitoring procedures consist of approvals over the expenditures but lack the requirements set forth by 2 CFR 200.332. Questioned costs: None noted. Repeat finding: No. Recommendation: We recommend the Organization's subrecipient monitoring policies and procedures be reviewed and updated for compliance with the Uniform Guidance requirements. Additionally, we recommend the Organization review all policies and procedures annually, or more frequently, if necessary, to reflect changes to laws, regulations, personnel, and/or internal procedures. Views of Responsible Officials: Management agrees with the finding and will implement a process to documents its policies and ensure they meet the subrecipient monitoring requirements.
Finding 2022-003 Criteria or Specific Requirement: The Code of Federal Regulations Section 200.322(b) states that the pass-through entity must evaluate the subrecipient's risk of noncompliance with Federal statutes and Section 200.332(d) states that the pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subawards is used for authorized purposes. Condition: During our review of subrecipient monitoring, it was noted that no formal written policy is maintained. Cause: The Organization does not have written policies and procedures to monitor subrecipient's activities in accordance with the Uniform Guidance requirements. Effect or Potential Effect: The deficiency increases the risk that subawards could be spent for purposes other than those outlined in the grant agreements. Context: The Organization provides subawards to grant recipients. Its monitoring procedures consist of approvals over the expenditures but lack the requirements set forth by 2 CFR 200.332. Questioned costs: None noted. Repeat finding: No. Recommendation: We recommend the Organization's subrecipient monitoring policies and procedures be reviewed and updated for compliance with the Uniform Guidance requirements. Additionally, we recommend the Organization review all policies and procedures annually, or more frequently, if necessary, to reflect changes to laws, regulations, personnel, and/or internal procedures. Views of Responsible Officials: Management agrees with the finding and will implement a process to documents its policies and ensure they meet the subrecipient monitoring requirements.
Finding 2022-003 Criteria or Specific Requirement: The Code of Federal Regulations Section 200.322(b) states that the pass-through entity must evaluate the subrecipient's risk of noncompliance with Federal statutes and Section 200.332(d) states that the pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subawards is used for authorized purposes. Condition: During our review of subrecipient monitoring, it was noted that no formal written policy is maintained. Cause: The Organization does not have written policies and procedures to monitor subrecipient's activities in accordance with the Uniform Guidance requirements. Effect or Potential Effect: The deficiency increases the risk that subawards could be spent for purposes other than those outlined in the grant agreements. Context: The Organization provides subawards to grant recipients. Its monitoring procedures consist of approvals over the expenditures but lack the requirements set forth by 2 CFR 200.332. Questioned costs: None noted. Repeat finding: No. Recommendation: We recommend the Organization's subrecipient monitoring policies and procedures be reviewed and updated for compliance with the Uniform Guidance requirements. Additionally, we recommend the Organization review all policies and procedures annually, or more frequently, if necessary, to reflect changes to laws, regulations, personnel, and/or internal procedures. Views of Responsible Officials: Management agrees with the finding and will implement a process to documents its policies and ensure they meet the subrecipient monitoring requirements.
Finding 2022-003 Criteria or Specific Requirement: The Code of Federal Regulations Section 200.322(b) states that the pass-through entity must evaluate the subrecipient's risk of noncompliance with Federal statutes and Section 200.332(d) states that the pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subawards is used for authorized purposes. Condition: During our review of subrecipient monitoring, it was noted that no formal written policy is maintained. Cause: The Organization does not have written policies and procedures to monitor subrecipient's activities in accordance with the Uniform Guidance requirements. Effect or Potential Effect: The deficiency increases the risk that subawards could be spent for purposes other than those outlined in the grant agreements. Context: The Organization provides subawards to grant recipients. Its monitoring procedures consist of approvals over the expenditures but lack the requirements set forth by 2 CFR 200.332. Questioned costs: None noted. Repeat finding: No. Recommendation: We recommend the Organization's subrecipient monitoring policies and procedures be reviewed and updated for compliance with the Uniform Guidance requirements. Additionally, we recommend the Organization review all policies and procedures annually, or more frequently, if necessary, to reflect changes to laws, regulations, personnel, and/or internal procedures. Views of Responsible Officials: Management agrees with the finding and will implement a process to documents its policies and ensure they meet the subrecipient monitoring requirements.
Finding 2022-003 Criteria or Specific Requirement: The Code of Federal Regulations Section 200.322(b) states that the pass-through entity must evaluate the subrecipient's risk of noncompliance with Federal statutes and Section 200.332(d) states that the pass-through entity must monitor the activities of the subrecipient as necessary to ensure that the subawards is used for authorized purposes. Condition: During our review of subrecipient monitoring, it was noted that no formal written policy is maintained. Cause: The Organization does not have written policies and procedures to monitor subrecipient's activities in accordance with the Uniform Guidance requirements. Effect or Potential Effect: The deficiency increases the risk that subawards could be spent for purposes other than those outlined in the grant agreements. Context: The Organization provides subawards to grant recipients. Its monitoring procedures consist of approvals over the expenditures but lack the requirements set forth by 2 CFR 200.332. Questioned costs: None noted. Repeat finding: No. Recommendation: We recommend the Organization's subrecipient monitoring policies and procedures be reviewed and updated for compliance with the Uniform Guidance requirements. Additionally, we recommend the Organization review all policies and procedures annually, or more frequently, if necessary, to reflect changes to laws, regulations, personnel, and/or internal procedures. Views of Responsible Officials: Management agrees with the finding and will implement a process to documents its policies and ensure they meet the subrecipient monitoring requirements.
2022-002 ? CORONAVIRUS STATE AND LOCAL FISCAL RECOVERY FUNDS ? NONCOMPLIANCE WITH SUBRECIPIENT GRANT AGREEMENT REQUIREMENTS ? ALN 21.027 ? OTHER NONCOMPLIANCE FINDING TYPE: Other Noncompliance Finding 2022-002 Federal Program: Coronavirus State and Local Fiscal Recovery Funds ALN: 21.027 Federal Award Number(s) and Year(s): SLFRP1964, 2022 Federal Agency: U.S. Department of Treasury Questioned Cost: $0 Condition Burleigh County did not communicate and document all of the elements as outlined in 2 CFR 200.332(a) for the subrecipients of the Coronavirus State and Local Fiscal Recovery Funds program. During testing, we noted the following elements were not included: ? subrecipient's unique entity identifier ? federal award identification number ? federal award date (see definition of Federal award date ? 200.1) of award to the recipient by the Federal agency ? subaward period of performance start and end date ? name of Federal awarding agency, pass-through entity, and contact information for awarding official of the Pass-through entity ? Assistance Listings number and Title ? identification of whether the award is Research and Development ? indirect cost rate for the Federal award (including if the de minimis rate is charged) per ?200.414 ? a requirement that the subrecipient permit the pass-through entity and auditors to have access to the subrecipient's records and financial statements as necessary for the pass-through entity to meet the requirements of this part, and appropriate terms and conditions concerning closeout of the subaward Effect Burleigh County did not comply with all elements of 2 CFR 200.332(a). Therefore, subrecipients may not have been aware of all necessary grant information and requirements. Cause Burleigh County was not aware of the requirements set forth in 2 CFR 200.332(a) that needed to be included in the grant agreements. Criteria 31 U.S.C 7502(f)(2)(A) states that each pass-through entity shall provide subrecipient the Federal requirements which govern the use of such awards. 2 CFR 200.332(a) states the required information that pass-through entities must disclose. This includes information related to federal award identification and period of performance, approved federally recognized indirect cost rate, requirement that the subrecipient allow access to records, and appropriate terms and conditions concerning closeout of the subaward. Repeat Finding Yes. Recommendation We recommend Burleigh County ensure that all elements as outlined in 2 CFR 200.332(a) are communicated and documented to the subrecipients of the Coronavirus State and Local Fiscal Recovery Funds program. Burleigh County?s Response See Corrective Action Plan
Finding 2022-001 Significant deficiency in internal controls over compliance and instances of noncompliance related to subrecipient monitoring. Federal Agency: Department of the Treasury Program Title: Coronavirus State and Local Fiscal Recovery Fund Assistance Listing: 21.027 Award Number: DA21-2000 Award Period: October 1, 2021 - December 31, 2022 Criteria 2 U.S. Code of Federal Regulations (CFR) 200 Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance) Subpart D (as codified by the Department of Treasury in CFR OPEN) require a pass-through entity to adopt compliance policies, include certain provisions in subaward agreements, and evaluate each subrecipient?s risk of noncompliance with Federal statutes, regulations, and the terms and conditions of such agreements for the purposes of determining appropriate subrecipient monitoring. Condition/Context for Evaluation In a population of three subrecipients, the subaward agreements did not include all required provisions outlined in 2 CFR 200.332. Additionally, the Organization?s subrecipient monitoring policy did not include a provision requiring a formal documented risk assessment, and as such no documentation was available showing an assessment of the risk of noncompliance of the subrecipients. Monitoring was performed over all subrecipients as noted in the Organization?s policy. Effect or Potential Effect The Organization did not fully comply with the requirements regarding subaward agreements and evaluating each subrecipients risk of noncompliance for the purposes of determining the appropriate subrecipient monitoring. Questioned Costs Not Applicable Cause Internal controls were not effective in ensuring that the Organization?s subrecipient monitoring policies were in compliance with the Uniform Guidance requirements. Repeat Finding No Recommendation We recommend that the Organization update the subrecipient monitoring policy to ensure subaward agreements include all necessary provisions and documentation of risk assessment is retained. Views of Responsible Officials of Auditee Management agrees with the finding and has provided the accompanying corrective action plan.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Federal Agency: Department of Health and Human Services Federal Program: Research and Development Cluster Assistance Listing Number: 93.847 & 93.867 Federal Award Identification Number and Year: Various Award Period: January 1, 2022, through December 31, 2022 Type of Finding: Other Matters Finding related to Compliance within Uniform Guidance and Material Weakness in Internal Control Over Compliance Criteria or Specific Requirement: According to 2 CFR Part 200, Subpart D, Section 200.332, pass-through entities are required to perform certain subrecipient monitoring procedures. These procedures include providing the subrecipient necessary award information so that the federal award is used in accordance with federal regulations, evaluating risks of noncompliance of subrecipients, implementing monitoring procedures based upon identified risks, and obtaining a copy of the subrecipients? annual audit and taking appropriate action on deficiencies detected through the audits, just to name a few. Lastly, in accordance with 2 CFR Title 2, Subtitle A, Chapter 2, Part 200, Subpart D, 200.303, the non-federal entity must establish and maintain effective internal controls over the federal award to provide reasonable assurance that the non-federal entity is managing the award in compliance with federal regulations. Condition: The Organization did not verify whether the subject subrecipients received a required annual audit under 2 CFR Part 200. By not verifying and obtaining a copy of the most recent audit of the subrecipients, the Organization was unaware if any enforcement actions against noncompliant subrecipients had occurred. Context: During our testing, it was noted that the Organization did not have any procedures in place to monitor their subrecipients and did not secure the required annual report for any of the subrecipients tested. Cause: Prior to 2022, the Organization was unaware of this federal requirement. Effect: The Organization did not comply with subrecipient monitoring requirements relative to obtaining the annual audit reports and performing the appropriate follow-up procedures (if necessary). By not securing the required annual report of subrecipients, there is a risk that subrecipients could have instances of deficiencies or noncompliance that directly impacts the award, but the Organization is unable to respond accordingly, given it would not be aware of the issues identified. Recommendation: We recommend the Organization implement a comprehensive process (and relevant internal controls) to ensure all elements of 2 CFR Part 200, Subpart D, Section 200.332 are being met, including obtaining a copy of the subject subrecipients? annual audits and taking appropriate action on deficiencies detected through the audits. Tools, such as checklists or electronic workflows, can assist in ensuring all required elements are being met. Repeat Finding: No. Questioned Costs: None Views of Responsible Officials: There is no disagreement with the audit finding. See Corrective Action Plan prepared by the Organization.
Criteria: Title 2 U.S. Code of Federal Regulations (CFR) Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance) requires that pass-through entities clearly identify to each subrecipient significant Federal subaward information, including identifying award numbers, subaward period dates and budget dates, Federal Assistance Listings number and Title, and appropriate terms and conditions concerning closeout of the subaward. Typically this requirement is satisfied by utilizing a subrecipient contract, reflecting all necessary information, and requiring execution showing acknowledgement of the terms by both parties. Condition: Internal controls should be in place to ensure the County is in compliance with all requirements of the federal award program. In place of utilizing a subrecipient contract, the County opted to attach a document of program information to its standard purchase order provided to each subrecipient engaged for the program. This document did not contain all of the information required by CFR ?200.332 to be clearly communicated to all subrecipients. Context/cause: The County did not have adequate internal controls to ensure compliance with subrecipient monitoring requirements. Testing was performed over each requirement for the County. Out of a total population of sixty (60) subrecipients, six (6) were selected for testing. For three (3) of the six (6) sampled subrecipients, the County did not clearly communicate all required subaward information. Examples of this omitted information include the date of the federal award, the subrecipient?s Unique Entity Identifier (UEI) or DUNS number, program title and assistance listing numbers, and federal award project description. Effect: Noncompliance at the subrecipient level may occur due to the subrecipient being unaware of all requirements. Questioned Costs: None. Recommendation: We recommend the County enhances internal controls to ensure compliance with subrecipient monitoring requirements.
Criteria: Title 2 U.S. Code of Federal Regulations (CFR) Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance) requires that pass-through entities clearly identify to each subrecipient significant Federal subaward information, including identifying award numbers, subaward period dates and budget dates, Federal Assistance Listings number and Title, and appropriate terms and conditions concerning closeout of the subaward. Typically this requirement is satisfied by utilizing a subrecipient contract, reflecting all necessary information, and requiring execution showing acknowledgement of the terms by both parties. Condition: Internal controls should be in place to ensure the County is in compliance with all requirements of the federal award program. In place of utilizing a subrecipient contract, the County opted to attach a document of program information to its standard purchase order provided to each subrecipient engaged for the program. This document did not contain all of the information required by CFR ?200.332 to be clearly communicated to all subrecipients. Context/cause: The County did not have adequate internal controls to ensure compliance with subrecipient monitoring requirements. Testing was performed over each requirement for the County. Out of a total population of sixty (60) subrecipients, six (6) were selected for testing. For three (3) of the six (6) sampled subrecipients, the County did not clearly communicate all required subaward information. Examples of this omitted information include the date of the federal award, the subrecipient?s Unique Entity Identifier (UEI) or DUNS number, program title and assistance listing numbers, and federal award project description. Effect: Noncompliance at the subrecipient level may occur due to the subrecipient being unaware of all requirements. Questioned Costs: None. Recommendation: We recommend the County enhances internal controls to ensure compliance with subrecipient monitoring requirements.
2022-001 ? Subrecipient Monitoring Cluster: Research and Development Agency: Department of Commerce and Department of Health and Human Services Award Names: Standards/Guidance for Rapid Qualification of Metal-Based Additive Manufacturing and Development and Testing a Field-based Hazard/Near-Miss Sharing System for Commercial Fishing Vessels Award Numbers: 70NANB21H038 and U01OH012288 Assistance Listing Title: Measurement and Engineering Research and Standards and Occupational Safety and Health Program Assistance Listing Number: 11.609 and 93.262 Award Year: FY 2022 Criteria 2 CFR 200.332(d) notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. 2 CFR 200.332(f) notes that a pass-through entity must verify that every subrecipient is audited as required by the Uniform Guidance when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in 2 CFR 200.501. Condition Through our testing of 4 subrecipients out of a population of 10, we were able to obtain a documented initial risk assessment for each subrecipient selected and other evidence of monitoring such as meetings with the subrecipients. However, we were unable to obtain evidence that the Company obtained and reviewed the annual Uniform Guidance report or annual audited financial statements (if the entity was not subject to a Uniform Guidance audit) for each subrecipient selected for testing. Cause The Company performed an initial risk assessment but did not understand that obtaining the Uniform Guidance reports or financial statements needed to be completed annually as part of their subrecipient monitoring procedures. Effect The lack of an annual review of subrecipient audits may result in ineligible subrecipients receiving federal awards, subrecipient findings not being fully remediated and other monitoring procedures (based on risk level) not being performed. Questioned Costs None noted. Recommendation We recommend the Company implement a policy to review Uniform Guidance reports (or audited financial statements to the extent Uniform Guidance reports are not available) on an annual basis. When reviewing the reports, they should understand the type of opinion(s) expressed and whether there were any findings associated with their awards, document their review and assess whether there is any change in the risk assessment and subsequent monitoring needed of each subrecipient. Management? Views and Corrective Action Plan Management?s Views and Corrective Action Plan are included at the end of this report.
2022-001 ? Subrecipient Monitoring Cluster: Research and Development Agency: Department of Commerce and Department of Health and Human Services Award Names: Standards/Guidance for Rapid Qualification of Metal-Based Additive Manufacturing and Development and Testing a Field-based Hazard/Near-Miss Sharing System for Commercial Fishing Vessels Award Numbers: 70NANB21H038 and U01OH012288 Assistance Listing Title: Measurement and Engineering Research and Standards and Occupational Safety and Health Program Assistance Listing Number: 11.609 and 93.262 Award Year: FY 2022 Criteria 2 CFR 200.332(d) notes that pass-through entity monitoring of the subrecipient must include: 1. Reviewing financial and performance reports required by the pass-through entity. 2. Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the Federal award provided to the subrecipient from the pass-through entity detected through audits, on-site reviews, and written confirmation from the subrecipient, highlighting the status of actions planned or taken to address Single Audit findings related to the particular subaward. 3. Issuing a management decision for applicable audit findings pertaining only to the Federal award provided to the subrecipient from the pass-through entity as required by 2 CFR 200.521. 2 CFR 200.332(f) notes that a pass-through entity must verify that every subrecipient is audited as required by the Uniform Guidance when it is expected that the subrecipient?s Federal awards expended during the respective fiscal year equaled or exceeded the threshold set forth in 2 CFR 200.501. Condition Through our testing of 4 subrecipients out of a population of 10, we were able to obtain a documented initial risk assessment for each subrecipient selected and other evidence of monitoring such as meetings with the subrecipients. However, we were unable to obtain evidence that the Company obtained and reviewed the annual Uniform Guidance report or annual audited financial statements (if the entity was not subject to a Uniform Guidance audit) for each subrecipient selected for testing. Cause The Company performed an initial risk assessment but did not understand that obtaining the Uniform Guidance reports or financial statements needed to be completed annually as part of their subrecipient monitoring procedures. Effect The lack of an annual review of subrecipient audits may result in ineligible subrecipients receiving federal awards, subrecipient findings not being fully remediated and other monitoring procedures (based on risk level) not being performed. Questioned Costs None noted. Recommendation We recommend the Company implement a policy to review Uniform Guidance reports (or audited financial statements to the extent Uniform Guidance reports are not available) on an annual basis. When reviewing the reports, they should understand the type of opinion(s) expressed and whether there were any findings associated with their awards, document their review and assess whether there is any change in the risk assessment and subsequent monitoring needed of each subrecipient. Management? Views and Corrective Action Plan Management?s Views and Corrective Action Plan are included at the end of this report.
Repeat of Prior Audit Finding 2021-005 Federal Program: Trans-National Crime Federal Agencies: United States Department of State- United States Bureau of International Narcotics and Law Enforcement Affairs Federal Assistance Listing Number: 19.705 Federal Award Year: December 31, 2022 Criteria: 2 CFR Part 200, Subpart D Section 200.332 of the Uniform Guidance require all non-Federal entities to assess subrecipients' risk, as well as monitor sub-awards passed through. All requirements imposed by the pass-through entity on the subrecipient are to ensure that the Federal award is used in accordance with Federal statutes, regulations and the terms and conditions of the Federal award. Condition/Context: For the selection of 2 subrecipients, we were unable to verify that the respective subaward agreements contained accurate award information, such as the identification of the funding being U.S. federal funds, the federal Assistance Listing Number and the requirements that the subrecipients would need to comply with the Uniform Guidance. In addition, for 2 other subrecipients, we could not determine the quarterly programmatic and financial reports were reviewed or approved by Panthera Corporation as there was no evidence of formal review and approval. There was also no evidence that those subrecipients had been audited or monitored under appropriate local government regulations. This was not a statistically valid sample. Questioned Costs: Not determinable Cause: Panthera Corporation's procedures did not ensure the required written subrecipient monitoring policies were implemented in accordance with the Uniform Guidance. Effect: Panthera Corporation's control design and operation does not provide reasonable assurance that Panthera Corporation is managing the subrecipient monitoring requirements of the Uniform Guidance. Recommendation: We recommend that Panthera Corporation clearly identify in each agreement with subrecipients the reference to the applicable federal Assistance Listing Number and request audited reports from subrecipients when applicable. We further recommend that Panthera Corporation follow its policies and procedures by ensuring that subrecipient quarterly reports are subject to the appropriate process as well as maintaining documentation to allow for an audit trail. View of Responsible Officials: Management acknowledges the finding and will be retaining support and updating subrecipient agreements to include the relevant award information and the Uniform Guidance compliance requirements for subrecipients.
Please see table on page 16 of the Single Audit.Finding 2022-001 ? Subrecipient Monitoring Condition: The County did not have a documented risk assessment process for evaluating subrecipient?s risk of non-compliance. Additionally, as part of the monitoring process, the County did not have controls in place to obtain and review the annual audit reports of all subrecipients in a timely manner with documentation of such review. Criteria: The Pennsylvania Department of Human Services (PA DHS) and 2 CFR section 200.332(b) requires pass-through entities to evaluate subrecipient risks of noncompliance as part of their subrecipient monitoring procedures. In addition, 2 CFR section 200.332(d) indicates as part of the monitoring process, the pass-through entity should ensure subrecipients take follow-up action on audit deficiencies, which would be identified as part of the review of the annual audit reports of subrecipients. Cause: There were no procedures in place to document the County?s assessment of risk for subrecipients. In addition, the County does not have procedures in place to adequately review the subrecipient audits received. Effect: The deficiencies in subrecipient monitoring could result in the County not identifying unallowable expenses being incurred by County subrecipients. Repeat Finding: This is not a repeat finding. Recommendation: We recommend implementation of procedures to formally document and complete a risk assessment of subrecipients. Based on the risk assessment performed, the County should develop monitoring procedures to address the risks noted, which should include a documented review of subrecipient audits and deficiencies be followed up on, if applicable. Questioned Costs: Unknown Views of Responsible Official and Planned Corrective Action: Management agrees with the finding. See separate correction action plan.
2022 ? 003 Federal Agency: Department of Health and Human Services Federal Program Name: Immunization Research, Demonstration, Public Information and Education, Training and Clinical Skills Improvement Projects Assistance Listing Number: 93.185 Pass-Through Agency: Michigan State University Award Period: July 31, 2021 ? July 30, 2023 Type of Finding: ? Material Weakness in Internal Control over Compliance ? Other Matters Criteria or specific requirement: 2 CFR 200.332(f) requires that the pass through entity verify that subrecipients expected to be audited as required by 2 CFR Part 200, Subpart F, met this requirement. This verification may be performed as part of the required monitoring under 2 CFR section 200.332(d)(2) to ensure that the subrecipient takes timely and appropriate action on deficiencies detected though audits. Condition: Annual audit reports of subrecipients were not obtained or reviewed by the Foundation. Questioned costs: None Context: Three of the five subrecipients tested were required to have an annual audit report, but these were not obtained or reviewed by the Foundation. Cause: Management was not aware of this requirement. Effect: The subrecipient may have deficiencies detected though audits that could impact monitoring by the Foundation. Recommendation: We recommend the Foundation attend training, review federal requirements, and fully understand the requirements of subrecipient monitoring. Views of responsible officials: There is no disagreement with the audit finding. See the Corrective Action Plan for further details.
Criteria: Monitor the activities of the subrecipient as necessary to ensure that the subaward is used for authorized purposes, complies with the terms and conditions of the subaward, and achieves performance goals (2 CFR sections 200.332(d) through (f)). Following-up and ensuring that the subrecipient takes timely and appropriate action on all deficiencies pertaining to the federal award provided to the subrecipient detected through audits, on-site reviews, and other means. Condition/Context: For five of the five providers monitored during the program?s fiscal year, the County Child and Youth Services department?s results and findings were communicated to the providers at the conclusion of the review procedures, however providers did not submit a written corrective action plan. Cause: Providers on-site monitoring was completed and the results were communicated to the providers in writing. Notice that a corrective action plan was needed in response was not given to the providers. Effect: Lack of written corrective action plan limits the County Child and Youth Services department?s ability to monitor that the providers takes timely and appropriate action to address deficiencies pertaining to the federal award. Questioned Costs: There are no questioned costs associated with this finding. This is not a statistically valid sample. Recommendation: Providers that receive findings as a result of their on-site monitoring should submit a corrective action plan to the County. Views of Responsible Officials and Planned Corrective Actions: The County Child and Youth Services department will require a corrective action plan for all subrecipients with findings as a result of their on-site monitoring in 2023, and thereafter, that will include the entity?s plan to correct the errors noted, individual responsible and timeline for corrections to be implemented.